Start:: CreateRestorePoint: CloseProcesses:...

Posté le 23 mai 2019
Télécharger | Reposter | Largeur fixe

Start::
CreateRestorePoint:
CloseProcesses:

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58584 2018-01-23] (Raptr, Inc -> Raptr, Inc)
GroupPolicy: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
ShortcutTarget: key.lnk -> C:\Program Files\key.exe (Fred's Software Company) [Fichier non signé]
Task: {2225ECFD-3375-45EC-B171-BAE8AB6D1CEB} - System32\Tasks\{EE4B98C6-CFF7-4966-8352-319081EC991C} => C:\Windows\system32\pcalua.exe -a C:\Users\Papa\AppData\Local\Temp\jre-8u121-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== ATTENTION
Task: {29C5CEA5-E9EC-46EF-868A-21D0FA4E787D} - System32\Tasks\{2B176897-6311-4086-A776-7FED781BC579} => C:\Windows\system32\pcalua.exe -a C:\Users\Papa\AppData\Local\Temp\jre-8u101-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== ATTENTION
Task: {ABB0B502-254C-4395-9691-070C08CE70E3} - System32\Tasks\{1D026925-936A-403D-A021-BCCCF2B1E5FD} => C:\Windows\system32\pcalua.exe -a C:\Temp\Epson1250\Setup.exe -d C:\Temp\Epson1250 <==== ATTENTION
Task: {ED8583FA-511D-4206-87FA-530BC3E80C83} - \SidebarExecute -> Pas de fichier <==== ATTENTION
2019-05-22 23:12 - 2019-05-22 23:12 - 000000000 ____H C:\Users\Papa\AppData\Local\BIT5AB0.tmp
2019-05-22 23:11 - 2019-05-22 23:11 - 000000000 _____ C:\Users\Papa\AppData\Local\{647276C7-2EAF-433D-9A2C-8DA8483BC534}
2019-05-22 23:09 - 2019-05-22 23:09 - 000000000 ____H C:\ProgramData\cm-lock
2019-05-22 23:09 - 2019-05-22 23:09 - 000000000 _____ C:\Users\Papa\tmpvzei2o
2019-05-22 20:16 - 2019-05-22 20:16 - 000000000 _____ C:\Users\Papa\tmp6b5hqq
2019-05-22 19:57 - 2019-05-22 19:57 - 000000000 _____ C:\Users\Papa\tmpmhjzrq
2019-05-22 19:54 - 2019-05-22 19:54 - 000000000 _____ C:\Users\Papa\tmp3cw4pi
2019-05-22 19:41 - 2019-05-22 19:43 - 000000000 ____D C:\ProgramData\RogueKiller
2019-05-22 16:47 - 2019-05-22 16:47 - 000000000 _____ C:\Users\Papa\tmpdcgylu
2019-05-22 15:17 - 2019-05-22 15:17 - 000000000 _____ C:\Users\Papa\tmpywlh4m
2019-05-22 14:32 - 2019-05-22 14:32 - 000000000 _____ C:\Users\Papa\tmpiwikoa
2019-05-22 14:14 - 2019-05-22 14:14 - 000000000 _____ C:\Users\Papa\tmpauirch
2019-05-20 17:05 - 2019-05-20 17:05 - 000000000 _____ C:\Users\Papa\tmpzlet7u
2019-05-17 16:06 - 2019-05-17 16:06 - 000000000 _____ C:\Users\Papa\tmp8h7wke
2019-05-17 15:34 - 2019-05-17 15:34 - 000000000 _____ C:\Users\Papa\tmpd7nskh
2019-05-17 09:33 - 2019-05-17 09:33 - 000000000 _____ C:\Users\Papa\tmpliigby
2019-05-16 10:38 - 2019-05-16 10:38 - 000000000 _____ C:\Users\Papa\tmpvytojh
2019-05-14 08:13 - 2019-05-14 08:13 - 000000000 _____ C:\Users\Papa\tmpimrlxj
2019-05-13 13:15 - 2019-05-13 13:15 - 000000000 _____ C:\Users\Papa\tmp3vwnuw
2019-05-13 10:36 - 2019-05-13 10:36 - 000000000 _____ C:\Users\Papa\tmprzcqrl
2019-05-11 07:19 - 2019-05-11 07:19 - 000000000 _____ C:\Users\Papa\tmpzy3mbt
2019-05-10 23:32 - 2019-05-10 23:32 - 000000000 _____ C:\Users\Papa\tmpzy8hvh
2019-05-10 18:57 - 2019-05-10 18:57 - 000000000 _____ C:\Users\Papa\tmpx5vncb
2019-05-10 13:51 - 2019-05-10 19:10 - 000000000 ____D C:\Users\Papa\VirtualBox VMs
2019-05-10 12:40 - 2019-05-10 12:40 - 000000000 _____ C:\Users\Papa\tmprbelpu
2019-05-10 12:38 - 2019-05-16 23:59 - 000003156 _____ C:\Windows\System32\Tasks\{111D9327-920B-453F-B9C9-43B899795086}
2019-05-10 10:38 - 2019-05-10 10:38 - 000000000 _____ C:\Users\Papa\tmp1dw8w2
2019-05-09 18:19 - 2019-05-09 18:19 - 000000000 _____ C:\Users\Papa\tmpxbwiub
2019-05-09 12:35 - 2019-05-09 12:35 - 000000000 _____ C:\Users\Papa\tmpjevvlv
2019-05-07 16:06 - 2019-05-07 16:06 - 000387826 __RSH C:\WIPDN
2019-05-07 15:42 - 2019-05-07 15:42 - 000000000 _____ C:\Users\Papa\tmpuoppah
2019-05-07 14:20 - 2019-05-07 14:20 - 000000000 _____ C:\Users\Papa\tmp0psn6f
2019-05-02 12:29 - 2019-05-02 12:29 - 000000000 _____ C:\Users\Papa\tmpedbhfe
2019-04-30 12:05 - 2019-04-30 12:05 - 000000000 _____ C:\Users\Papa\tmpbqpnck
2019-04-29 18:37 - 2019-04-29 18:37 - 000000000 _____ C:\Users\Papa\tmpyzxbjr
2019-04-27 08:40 - 2019-04-27 08:40 - 000000000 _____ C:\Users\Papa\tmpafymai
2019-04-26 10:50 - 2019-04-26 10:50 - 000000000 _____ C:\Users\Papa\tmpc0ljbh
2019-04-25 10:01 - 2019-04-25 10:01 - 000000000 _____ C:\Users\Papa\tmpryqhrc
2019-04-24 22:13 - 2019-04-24 22:13 - 000000000 _____ C:\Users\Papa\tmpebflco
2019-04-24 08:31 - 2019-04-24 08:31 - 000000000 _____ C:\Users\Papa\tmpavzwpj
2019-04-23 10:27 - 2019-04-23 10:27 - 000000000 _____ C:\Users\Papa\tmprmpstg
2019-05-16 23:59 - 2018-08-09 11:35 - 000003496 _____ C:\Windows\System32\Tasks\BlueStacksHelper
Task: {68000B23-7D46-41F9-8443-FBA2EA6BB78B} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe
2019-05-22 23:12 - 2019-05-22 23:12 - 000000000 ____H () C:\Users\Papa\AppData\Local\BIT5AB0.tmp
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
AlternateDataStreams: C:\ProgramData\TEMP:2738F84D [134]
AlternateDataStreams: C:\ProgramData\TEMP:40C12C39 [130]
AlternateDataStreams: C:\ProgramData\TEMP:69E87FA2 [118]
AlternateDataStreams: C:\ProgramData\TEMP:7CB86D39 [102]
AlternateDataStreams: C:\ProgramData\TEMP:8A5B0737 [124]
AlternateDataStreams: C:\ProgramData\TEMP:E8956AB5 [604]
AlternateDataStreams: C:\ProgramData\TEMP:EFB09287 [162]
AlternateDataStreams: C:\Users\Public\DRM:احتضان [48]
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> Pas de fichier
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> Pas de fichier
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier
ContextMenuHandlers4: [MSSE] -> {0365FE2C-F183-4091-AC82-BFC39FB75C49} => -> Pas de fichier
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> Pas de fichier
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> Pas de fichier
FirewallRules: [TCP Query User{73744589-3355-4528-A583-21FD9305EFB3}E:\ultimaker cura 3.2\cura.exe] => (Allow) E:\ultimaker cura 3.2\cura.exe Pas de fichier
FirewallRules: [UDP Query User{05A1BFD2-CD99-4ABE-BBA2-CC132746F1BC}E:\ultimaker cura 3.2\cura.exe] => (Allow) E:\ultimaker cura 3.2\cura.exe Pas de fichier
FirewallRules: [{DA62E553-6328-4626-AAA3-6962C2C9F99F}] => (Block) %ProgramFiles%\CyberGhost 6\wyUpdate.exe Pas de fichier
FirewallRules: [{E91583EF-C8DE-49C7-838D-DC90036B76F9}] => (Block) %ProgramFiles%\CyberGhost 6\wyUpdate.exe Pas de fichier
FirewallRules: [TCP Query User{57F34CE7-10B1-4307-AB7B-FB7B618EAE50}J:\arduino-1.8.0\java\bin\javaw.exe] => (Allow) J:\arduino-1.8.0\java\bin\javaw.exe Pas de fichier
FirewallRules: [UDP Query User{64908006-B8D0-43A3-869F-1997972E8E7D}J:\arduino-1.8.0\java\bin\javaw.exe] => (Allow) J:\arduino-1.8.0\java\bin\javaw.exe Pas de fichier
FirewallRules: [TCP Query User{25090AED-E872-442B-9AA2-2A06E9D19CAC}C:2\er 3d\arduino-1.8.0\java\bin\javaw.exe] => (Allow) C:2\er 3d\arduino-1.8.0\java\bin\javaw.exe Pas de fichier
FirewallRules: [UDP Query User{3816FF81-03AA-41E7-8407-03391DDDDBA0}C:2\er 3d\arduino-1.8.0\java\bin\javaw.exe] => (Allow) C:2\er 3d\arduino-1.8.0\java\bin\javaw.exe Pas de fichier
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => Pas de fichier
Winsock: Catalog5-x64 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => Pas de fichier
BHO: Pas de nom -> {8664889D-ED18-4713-918F-E2BB69D8452B} -> Pas de fichier
BHO-x32: Pas de nom -> {8664889D-ED18-4713-918F-E2BB69D8452B} -> Pas de fichier
Toolbar: HKLM - Pas de nom - {8664889D-ED18-4713-918F-E2BB69D8452B} - Pas de fichier
Toolbar: HKLM-x32 - Pas de nom - {8664889D-ED18-4713-918F-E2BB69D8452B} - Pas de fichier
RemoveProxy:
Hosts:
cmd: netsh winsock reset
cmd: ipconfig /flushdns
cmd: netsh advfirewall reset
cmd: netsh advfirewall set allprofiles state on
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
CMD: bitsadmin /reset /allusers
CMD: netsh int ip reset c:\resetlog.txt
CMD: ipconfig /release
CMD: ipconfig /renew
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset

EmptyTemp:
End::