Start:: CreateRestorePoint: CloseProcesses: HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58584 2018-01-23] (Raptr, Inc -> Raptr, Inc) GroupPolicy: Restriction ? <==== ATTENTION FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION ShortcutTarget: key.lnk -> C:\Program Files\key.exe (Fred's Software Company) [Fichier non signé] Task: {2225ECFD-3375-45EC-B171-BAE8AB6D1CEB} - System32\Tasks\{EE4B98C6-CFF7-4966-8352-319081EC991C} => C:\Windows\system32\pcalua.exe -a C:\Users\Papa\AppData\Local\Temp\jre-8u121-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== ATTENTION Task: {29C5CEA5-E9EC-46EF-868A-21D0FA4E787D} - System32\Tasks\{2B176897-6311-4086-A776-7FED781BC579} => C:\Windows\system32\pcalua.exe -a C:\Users\Papa\AppData\Local\Temp\jre-8u101-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== ATTENTION Task: {ABB0B502-254C-4395-9691-070C08CE70E3} - System32\Tasks\{1D026925-936A-403D-A021-BCCCF2B1E5FD} => C:\Windows\system32\pcalua.exe -a C:\Temp\Epson1250\Setup.exe -d C:\Temp\Epson1250 <==== ATTENTION Task: {ED8583FA-511D-4206-87FA-530BC3E80C83} - \SidebarExecute -> Pas de fichier <==== ATTENTION 2019-05-22 23:12 - 2019-05-22 23:12 - 000000000 ____H C:\Users\Papa\AppData\Local\BIT5AB0.tmp 2019-05-22 23:11 - 2019-05-22 23:11 - 000000000 _____ C:\Users\Papa\AppData\Local\{647276C7-2EAF-433D-9A2C-8DA8483BC534} 2019-05-22 23:09 - 2019-05-22 23:09 - 000000000 ____H C:\ProgramData\cm-lock 2019-05-22 23:09 - 2019-05-22 23:09 - 000000000 _____ C:\Users\Papa\tmpvzei2o 2019-05-22 20:16 - 2019-05-22 20:16 - 000000000 _____ C:\Users\Papa\tmp6b5hqq 2019-05-22 19:57 - 2019-05-22 19:57 - 000000000 _____ C:\Users\Papa\tmpmhjzrq 2019-05-22 19:54 - 2019-05-22 19:54 - 000000000 _____ C:\Users\Papa\tmp3cw4pi 2019-05-22 19:41 - 2019-05-22 19:43 - 000000000 ____D C:\ProgramData\RogueKiller 2019-05-22 16:47 - 2019-05-22 16:47 - 000000000 _____ C:\Users\Papa\tmpdcgylu 2019-05-22 15:17 - 2019-05-22 15:17 - 000000000 _____ C:\Users\Papa\tmpywlh4m 2019-05-22 14:32 - 2019-05-22 14:32 - 000000000 _____ C:\Users\Papa\tmpiwikoa 2019-05-22 14:14 - 2019-05-22 14:14 - 000000000 _____ C:\Users\Papa\tmpauirch 2019-05-20 17:05 - 2019-05-20 17:05 - 000000000 _____ C:\Users\Papa\tmpzlet7u 2019-05-17 16:06 - 2019-05-17 16:06 - 000000000 _____ C:\Users\Papa\tmp8h7wke 2019-05-17 15:34 - 2019-05-17 15:34 - 000000000 _____ C:\Users\Papa\tmpd7nskh 2019-05-17 09:33 - 2019-05-17 09:33 - 000000000 _____ C:\Users\Papa\tmpliigby 2019-05-16 10:38 - 2019-05-16 10:38 - 000000000 _____ C:\Users\Papa\tmpvytojh 2019-05-14 08:13 - 2019-05-14 08:13 - 000000000 _____ C:\Users\Papa\tmpimrlxj 2019-05-13 13:15 - 2019-05-13 13:15 - 000000000 _____ C:\Users\Papa\tmp3vwnuw 2019-05-13 10:36 - 2019-05-13 10:36 - 000000000 _____ C:\Users\Papa\tmprzcqrl 2019-05-11 07:19 - 2019-05-11 07:19 - 000000000 _____ C:\Users\Papa\tmpzy3mbt 2019-05-10 23:32 - 2019-05-10 23:32 - 000000000 _____ C:\Users\Papa\tmpzy8hvh 2019-05-10 18:57 - 2019-05-10 18:57 - 000000000 _____ C:\Users\Papa\tmpx5vncb 2019-05-10 13:51 - 2019-05-10 19:10 - 000000000 ____D C:\Users\Papa\VirtualBox VMs 2019-05-10 12:40 - 2019-05-10 12:40 - 000000000 _____ C:\Users\Papa\tmprbelpu 2019-05-10 12:38 - 2019-05-16 23:59 - 000003156 _____ C:\Windows\System32\Tasks\{111D9327-920B-453F-B9C9-43B899795086} 2019-05-10 10:38 - 2019-05-10 10:38 - 000000000 _____ C:\Users\Papa\tmp1dw8w2 2019-05-09 18:19 - 2019-05-09 18:19 - 000000000 _____ C:\Users\Papa\tmpxbwiub 2019-05-09 12:35 - 2019-05-09 12:35 - 000000000 _____ C:\Users\Papa\tmpjevvlv 2019-05-07 16:06 - 2019-05-07 16:06 - 000387826 __RSH C:\WIPDN 2019-05-07 15:42 - 2019-05-07 15:42 - 000000000 _____ C:\Users\Papa\tmpuoppah 2019-05-07 14:20 - 2019-05-07 14:20 - 000000000 _____ C:\Users\Papa\tmp0psn6f 2019-05-02 12:29 - 2019-05-02 12:29 - 000000000 _____ C:\Users\Papa\tmpedbhfe 2019-04-30 12:05 - 2019-04-30 12:05 - 000000000 _____ C:\Users\Papa\tmpbqpnck 2019-04-29 18:37 - 2019-04-29 18:37 - 000000000 _____ C:\Users\Papa\tmpyzxbjr 2019-04-27 08:40 - 2019-04-27 08:40 - 000000000 _____ C:\Users\Papa\tmpafymai 2019-04-26 10:50 - 2019-04-26 10:50 - 000000000 _____ C:\Users\Papa\tmpc0ljbh 2019-04-25 10:01 - 2019-04-25 10:01 - 000000000 _____ C:\Users\Papa\tmpryqhrc 2019-04-24 22:13 - 2019-04-24 22:13 - 000000000 _____ C:\Users\Papa\tmpebflco 2019-04-24 08:31 - 2019-04-24 08:31 - 000000000 _____ C:\Users\Papa\tmpavzwpj 2019-04-23 10:27 - 2019-04-23 10:27 - 000000000 _____ C:\Users\Papa\tmprmpstg 2019-05-16 23:59 - 2018-08-09 11:35 - 000003496 _____ C:\Windows\System32\Tasks\BlueStacksHelper Task: {68000B23-7D46-41F9-8443-FBA2EA6BB78B} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe 2019-05-22 23:12 - 2019-05-22 23:12 - 000000000 ____H () C:\Users\Papa\AppData\Local\BIT5AB0.tmp AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0] AlternateDataStreams: C:\ProgramData\TEMP:2738F84D [134] AlternateDataStreams: C:\ProgramData\TEMP:40C12C39 [130] AlternateDataStreams: C:\ProgramData\TEMP:69E87FA2 [118] AlternateDataStreams: C:\ProgramData\TEMP:7CB86D39 [102] AlternateDataStreams: C:\ProgramData\TEMP:8A5B0737 [124] AlternateDataStreams: C:\ProgramData\TEMP:E8956AB5 [604] AlternateDataStreams: C:\ProgramData\TEMP:EFB09287 [162] AlternateDataStreams: C:\Users\Public\DRM:احتضان [48] ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> Pas de fichier ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> Pas de fichier ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier ContextMenuHandlers4: [MSSE] -> {0365FE2C-F183-4091-AC82-BFC39FB75C49} => -> Pas de fichier ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> Pas de fichier ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> Pas de fichier FirewallRules: [TCP Query User{73744589-3355-4528-A583-21FD9305EFB3}E:\ultimaker cura 3.2\cura.exe] => (Allow) E:\ultimaker cura 3.2\cura.exe Pas de fichier FirewallRules: [UDP Query User{05A1BFD2-CD99-4ABE-BBA2-CC132746F1BC}E:\ultimaker cura 3.2\cura.exe] => (Allow) E:\ultimaker cura 3.2\cura.exe Pas de fichier FirewallRules: [{DA62E553-6328-4626-AAA3-6962C2C9F99F}] => (Block) %ProgramFiles%\CyberGhost 6\wyUpdate.exe Pas de fichier FirewallRules: [{E91583EF-C8DE-49C7-838D-DC90036B76F9}] => (Block) %ProgramFiles%\CyberGhost 6\wyUpdate.exe Pas de fichier FirewallRules: [TCP Query User{57F34CE7-10B1-4307-AB7B-FB7B618EAE50}J:\arduino-1.8.0\java\bin\javaw.exe] => (Allow) J:\arduino-1.8.0\java\bin\javaw.exe Pas de fichier FirewallRules: [UDP Query User{64908006-B8D0-43A3-869F-1997972E8E7D}J:\arduino-1.8.0\java\bin\javaw.exe] => (Allow) J:\arduino-1.8.0\java\bin\javaw.exe Pas de fichier FirewallRules: [TCP Query User{25090AED-E872-442B-9AA2-2A06E9D19CAC}C:2\er 3d\arduino-1.8.0\java\bin\javaw.exe] => (Allow) C:2\er 3d\arduino-1.8.0\java\bin\javaw.exe Pas de fichier FirewallRules: [UDP Query User{3816FF81-03AA-41E7-8407-03391DDDDBA0}C:2\er 3d\arduino-1.8.0\java\bin\javaw.exe] => (Allow) C:2\er 3d\arduino-1.8.0\java\bin\javaw.exe Pas de fichier Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => Pas de fichier Winsock: Catalog5-x64 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => Pas de fichier BHO: Pas de nom -> {8664889D-ED18-4713-918F-E2BB69D8452B} -> Pas de fichier BHO-x32: Pas de nom -> {8664889D-ED18-4713-918F-E2BB69D8452B} -> Pas de fichier Toolbar: HKLM - Pas de nom - {8664889D-ED18-4713-918F-E2BB69D8452B} - Pas de fichier Toolbar: HKLM-x32 - Pas de nom - {8664889D-ED18-4713-918F-E2BB69D8452B} - Pas de fichier RemoveProxy: Hosts: cmd: netsh winsock reset cmd: ipconfig /flushdns cmd: netsh advfirewall reset cmd: netsh advfirewall set allprofiles state on Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f CMD: bitsadmin /reset /allusers CMD: netsh int ip reset c:\resetlog.txt CMD: ipconfig /release CMD: ipconfig /renew CMD: netsh int ipv4 reset CMD: netsh int ipv6 reset EmptyTemp: End::