CreateRestorePoint: CloseProcesses: Task: {1DDC86FA-9FC2-421F-ABB2-CD45B6678710} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (Pas de fichier) Task: {5EDCBFE2-9841-4132-BBE3-69E369485FC4} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe [492032 2023-05-10] (Microsoft Windows -> Microsoft Corporation) -> -ExecutionPolicy Bypass -WindowStyle Hidden -File C:\WINDOWS\mid.ps1 Task: {2BEC5814-5C4D-4262-A619-9A6AB28DC77F} - System32\Tasks\MSI Task Host - Detect_Monitor => C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe [492032 2023-05-10] (Microsoft Windows -> Microsoft Corporation) -> -ExecutionPolicy ByPass -WindowStyle Hidden C:\Users\ledou\AppData\Roaming\Winsoft\core.ps1 Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)] Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)] Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)] Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)] S3 cpuz148; \??\C:\WINDOWS\temp\cpuz148\cpuz148_x64.sys [X] 2023-09-03 18:38 - 2023-09-08 15:03 - 000000000 ____D C:\Users\ledou\Downloads\FRST-OlderVersion 2023-08-22 18:18 - 2023-07-03 07:59 - 008251392 _____ (www.xmrig.com) C:\WINDOWS\DlHost.exe 2023-08-22 18:18 - 2023-06-09 21:26 - 000000821 _____ C:\WINDOWS\mid.ps1 C:\Users\ledou\AppData\Roaming\Winsoft\core.ps1 ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Pas de fichier AlternateDataStreams: C:\ProgramData\TEMP:6DAA43DB [204] SearchScopes: HKU\S-1-5-21-2004802613-415574345-268722864-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2004802613-415574345-268722864-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = CMD: netsh int ipv4 reset all CMD: netsh int ipv6 reset all CMD: netsh int ip reset c:\tcp.txt CMD: netsh winsock reset CMD: netsh int ip reset all CMD: ipconfig /flushdns CMD: sfc /scannow CMD: DISM /Online /Cleanup-image /Restorehealth CMD: bitsadmin /reset RemoveProxy: cmd: powercfg /requests CMD: Winmgmt /verifyrepository Reg: REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Dfrg\BootOptimizeFunction" /V Enable /T REG_SZ /D n /f Reg: REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Dfrg\BootOptimizeFunction" /V OptimizeComplete /T REG_SZ /D no /f Reg: REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /V PowerdownAfterShutdown /T REG_SZ /D 1 /f Reg: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /V ClearPageFileAtShutdown /T REG_DWORD /D 0 /f Reg: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /V LargeSystemCache /T REG_DWORD /D 1 /f Reg: REG ADD "HKEY_CURRENT_USER\Control Panel\Desktop" /V MenuShowDelay /T REG_SZ /D 20 /f Reg: REG ADD "HKEY_CURRENT_USER\Control Panel\Desktop" /V WaitToKillAppTimeout /T REG_SZ /D 1000 /f Reg: REG ADD "HKEY_CURRENT_USER\Control Panel\Desktop" /V HungAppTimeout /T REG_SZ /D 1000 /f Reg: REG ADD "HKEY_CURRENT_USER\Control Panel\Desktop" /V AutoEndTasks /T REG_SZ /D 1 /f Reg: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control" /V WaitToKillServiceTimeout /T REG_SZ /D 1000 /f Reg: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control" /V WaitToKillAppTimeout /T REG_SZ /D 1000 /f Reg: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters" /V TcpMaxPortExhausted /T REG_DWORD /D 1 /f Reg: REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer" /V AlwaysUnloadDll /T REG_DWORD /D 1 /f Reg: REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer" /V AlwaysUnloadDll /T REG_DWORD /D 1 /f C:\windows\temp\*.* C:\Users\CurrentUserName\AppData\Local\Temp\*.* C:\Windows\SoftwareDistribution\Download\* C:\WINDOWS\system32\*.tmp C:\WINDOWS\syswow64\*.tmp C:\Windows\System32\config\systemprofile\AppData\Local\*.tmp EmptyTemp: