start:: CreateRestorePoint: CloseProcesses:...

Posté le 22 mars 2019
Télécharger | Reposter | Largeur fixe

start::
CreateRestorePoint:
CloseProcesses:
Hosts:
RemoveProxy:
EmptyTemp:
HKLM-x32\...\Run: [QuickTime Task] => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-105600349-4156005832-2157593286-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKLM -> DefaultScope {147D77B1-F0C1-46C8-9368-9AE8392C8DDF} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Toolbar: HKLM - Pas de nom - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - Pas de fichier
Toolbar: HKU\S-1-5-21-105600349-4156005832-2157593286-1001 -> Pas de nom - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - Pas de fichier
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Pas de fichier
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
S4 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
S2 Crypkey License; C:\Windows\SysWOW64\crypserv.exe [61440 2003-11-26]
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-06-17]
2019-03-22 09:57 - 2019-03-22 09:57 - 000000000 ____D C:\Windows\System32\Tasks\Apple
2019-03-14 09:40 - 2019-03-14 09:40 - 000000000 ____D C:\Program Files\Bonjour
2019-03-14 09:40 - 2019-03-14 09:40 - 000000000 ____D C:\Program Files (x86)\Bonjour
2019-03-11 14:33 - 2019-03-11 14:33 - 268767048 _____ (Apple Inc.) C:\Users\Frasson\Downloads\iTunes64Setup.exe
2019-03-10 18:09 - 2019-03-10 18:09 - 000002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2019-03-10 17:54 - 2019-03-10 18:01 - 000000000 ____D C:\Program Files (x86)\TunesCare
2019-03-17 11:58 - 2014-01-31 19:23 - 000000000 ____D C:\ProgramData\Apple
2019-03-12 09:58 - 2019-03-12 09:58 - 000000000 ____D C:\Users\Frasson\AppData\LocalLow\Apple Computer
2014-01-31 18:42 - 2011-11-24 17:29 - 000000118 _____ () C:\Users\Default\879-2.js
2014-01-31 18:42 - 2011-11-24 17:20 - 000000118 _____ () C:\Users\Default\879.js
2014-01-31 18:42 - 2011-09-23 17:44 - 000986641 _____ () C:\Users\Default\143frec2.exe
2014-01-31 11:00 - 2014-01-31 11:00 - 004435328 _____ (AVG Technologies) C:\Users\Default\avg_avct_stb_all_2014_4158_futuretest4.exe
2014-01-31 18:45 - 2012-01-24 16:01 - 002002424 _____ (Trend Micro Inc.) C:\Users\Default\HousecallLauncher(1).exe
2014-02-02 11:35 - 2014-02-02 11:41 - 148904784 _____ (Apple Inc.) C:\Users\Default\iTunes64Setup.exe
2014-01-31 18:46 - 2012-06-06 08:29 - 000892360 _____ (Oracle Corporation) C:\Users\Default\JavaSetup7u4.exe
2014-05-09 16:53 - 2014-05-09 16:55 - 131557792 _____ (Oracle Corporation) C:\Users\Default\jdk-7u51-windows-x64.exe
2014-01-31 18:46 - 2013-10-19 21:20 - 029040552 _____ (Oracle Corporation) C:\Users\Default\jre-7u45-windows-i586.exe
2014-05-09 17:04 - 2014-05-09 17:04 - 000921512 _____ (Oracle Corporation) C:\Users\Default\jre-7u51-windows-i586-iftw.exe
2014-01-31 18:46 - 2012-01-24 16:26 - 002226922 _____ () C:\Users\Default\jv16pt_setup1.3.0.195.exe
2014-02-03 08:50 - 2014-02-03 08:50 - 009866200 _____ (Microsoft Corporation) C:\Users\Default\Office2010-kb2598245-fullfile-x64-glb.exe
2014-01-31 18:48 - 2012-09-30 22:21 - 039483256 _____ (Apple Inc.) C:\Users\Default\QuickTimeInstaller.exe
2014-01-31 18:48 - 2013-10-28 15:59 - 000272664 _____ (Trusteer Ltd.) C:\Users\Default\RapportSetup(1).exe
2014-01-31 18:48 - 2011-04-01 13:26 - 000231224 _____ (Trusteer Ltd.) C:\Users\Default\RapportSetup.exe
2014-04-09 22:56 - 2014-04-09 22:56 - 002836032 _____ (SafeNet, Inc. ) C:\Users\Default\Sentinel System Driver Installer 7.5.1.exe
2014-01-31 18:48 - 2011-10-17 13:02 - 016409960 _____ (Safer Networking Limited ) C:\Users\Default\spybotsd162.exe
2014-01-31 18:48 - 2011-10-17 13:15 - 003194296 _____ (Javacool Software LLC ) C:\Users\Default\spywareblastersetup44.exe
2014-01-31 18:48 - 2011-11-30 10:17 - 003243768 _____ (Javacool Software LLC ) C:\Users\Default\spywareblastersetup45.exe
2014-01-31 18:48 - 2012-02-28 01:46 - 003255248 _____ (Javacool Software LLC ) C:\Users\Default\spywareblastersetup46.exe
2014-01-31 18:48 - 2011-10-17 13:15 - 002062665 _____ () C:\Users\Default\spywareguardsetup.exe
2014-01-31 18:49 - 2011-10-17 13:12 - 000432052 _____ () C:\Users\Default\xp-AntiSpy_setup-french.exe
2014-01-31 18:49 - 2010-02-10 21:48 - 001089840 _____ () C:\Users\Default\yahoomailuploader_0.5(2).exe
2014-01-31 18:49 - 2010-02-06 17:16 - 001089840 _____ () C:\Users\Default\yahoomailuploader_0.5.exe
2014-01-31 18:49 - 2011-09-06 10:13 - 014065768 _____ (Mozilla) C:\Users\Default\yahoo_firefox_5.0_setup_fr.exe
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll
ContextMenuHandlers1: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:\Program Files\LockHunter\LHShellExt64.dll
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll
ContextMenuHandlers2: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:\Program Files\LockHunter\LHShellExt64.dll
ContextMenuHandlers4: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:\Program Files\LockHunter\LHShellExt64.dll
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll -> Pas de fichier
Task: {980FCD3C-C542-4326-9E20-D3AF6730C63E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
AlternateDataStreams: C:\Windows:nlsPreferences [386]
AlternateDataStreams: C:\Users\Default\avast_free_antivirus_setup.exe:BDU
AlternateDataStreams: C:\Users\Default\flashplayer21_xa_install.exe:BDU
AlternateDataStreams: C:\Users\Default\ipscan24.exe:BDU
AlternateDataStreams: C:\Users\Default\PinnacleStudio_Patch_17_6_0.exe:BDU
AlternateDataStreams: C:\Users\Default\readerdc_fr_xa_install.exe:BDU
AlternateDataStreams: C:\Users\Frasson\Documents\autorun.exe:BDU
AlternateDataStreams: C:\Users\Frasson\Documents\canonImpManuel.exe:BDU
AlternateDataStreams: C:\Users\Frasson\Documents\captvty-2.3.10-autoextract.exe:BDU
AlternateDataStreams: C:\Users\Frasson\Documents\captvty-2.3.10.1-autoextract.exe:BDU
AlternateDataStreams: C:\Users\Frasson\Documents\captvty-2.3.4-autoextract.exe:BDU
AlternateDataStreams: C:\Users\Public\Desktop\avast_free_antivirus_setup.exe:BDU
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ServicepointService20 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ServicepointService20 => ""="Service"
HKLM\...\batfile\DefaultIcon: %SystemRoot%\SysWow64\imageres.dll,-68 <==== ATTENTION
HKLM\...\cmdfile\DefaultIcon: %SystemRoot%\SysWow64\imageres.dll,-68 <==== ATTENTION
HKLM\...\comfile\DefaultIcon: %SystemRoot%\SysWow64\shell32.dll,2 <==== ATTENTION
MSCONFIG\Services: Bonjour Service => 2
cmd: ipconfig /flushdns
end::