start:: closeprocesses: createrestorepoint:...

Posté le 4 juin 2019
Télécharger | Reposter | Largeur fixe

start::
closeprocesses:
createrestorepoint:
CustomCLSID: HKU\S-1-5-21-477712276-1049361145-1916053213-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\IdaXion\AppData\Local\Microsoft\OneDrive\19.043.0304.0007\amd64\FileSyncShell64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-477712276-1049361145-1916053213-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\IdaXion\AppData\Local\Microsoft\OneDrive\19.043.0304.0007\amd64\FileSyncShell64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-477712276-1049361145-1916053213-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\IdaXion\AppData\Local\Microsoft\OneDrive\19.043.0304.0007\amd64\FileSyncShell64.dll => Pas de fichier
AlternateDataStreams: C:\Users\IdaXion\Application Data:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\IdaXion\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [484]
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\...\StartupApproved\Run: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
FirewallRules: [{4CC96A22-4720-4879-95B8-24182649E171}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16040.10730.20103.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe Pas de fichier
FirewallRules: [{F7E16B9A-0575-4A9E-8A10-87B59B36F868}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe Pas de fichier
FirewallRules: [{3A752D37-1AFC-4EC1-BFEB-80AAD14D1E7C}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe Pas de fichier
FirewallRules: [{66B70376-0667-45D1-8B6C-5A0359A69C07}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe Pas de fichier
FirewallRules: [{0855D15F-71DD-497D-BD34-CB96747A9B22}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe Pas de fichier
FirewallRules: [{CF803645-7938-4712-AEAB-7E20BFB37522}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe Pas de fichier
FirewallRules: [{5100AF63-7770-4F17-929B-EEC196AFD5C7}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe Pas de fichier
FirewallRules: [{597AF790-4444-461E-AC13-E29ECC3EEE76}] => (Allow) D:\Programmes (x86)\Steam.exe Pas de fichier
FirewallRules: [{00351615-F8E1-427B-86A1-9779B4A50AEE}] => (Allow) D:\Programmes (x86)\Steam.exe Pas de fichier
FirewallRules: [{8A0DDA88-41C7-44CE-B2C4-82D631327E46}] => (Allow) D:\Programmes (x86)\bin\cef\cef.win7\steamwebhelper.exe Pas de fichier
FirewallRules: [{47AC5618-B5C1-4CF0-AFAC-032D64A94F60}] => (Allow) D:\Programmes (x86)\bin\cef\cef.win7\steamwebhelper.exe Pas de fichier
FirewallRules: [{7DB49F3C-325D-42F8-B506-2F80B0A4E245}] => (Allow) D:\Programmes (x86)\steamapps\common\Counter-Strike Global Offensive\csgo.exe Pas de fichier
FirewallRules: [{A37F6165-5233-4574-8813-DE30D34CBE97}] => (Allow) D:\Programmes (x86)\steamapps\common\Counter-Strike Global Offensive\csgo.exe Pas de fichier
FirewallRules: [{FBC0E317-F8DC-418A-98F0-2473237D858E}] => (Allow) D:\Programmes (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe Pas de fichier
FirewallRules: [{E7F56B75-F252-47D6-8FBE-4209272B4E34}] => (Allow) D:\Programmes (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe Pas de fichier
FirewallRules: [TCP Query User{2FDDE9B8-C24D-4F2D-BCA4-60108E7BE069}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe Pas de fichier
FirewallRules: [UDP Query User{CE0E0FD1-69F3-4234-87FA-02CB04B63C7A}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe Pas de fichier
FirewallRules: [TCP Query User{6A481A38-6657-4F57-BAF2-1F0BBF81ADC1}D:\programmes (x86)\sonyvegas\vegas150.exe] => (Allow) D:\programmes (x86)\sonyvegas\vegas150.exe Pas de fichier
FirewallRules: [UDP Query User{68F05F17-F798-4D6E-A44F-1792307BAB89}D:\programmes (x86)\sonyvegas\vegas150.exe] => (Allow) D:\programmes (x86)\sonyvegas\vegas150.exe Pas de fichier
FirewallRules: [{215738C3-27E1-4540-851C-A3E5076EA11C}] => (Block) D:\programmes (x86)\sonyvegas\vegas150.exe Pas de fichier
FirewallRules: [{CEC0DAB0-9013-4ACB-8EEF-AD1BC671744E}] => (Block) D:\programmes (x86)\sonyvegas\vegas150.exe Pas de fichier
FirewallRules: [TCP Query User{703BF998-33AB-4A8C-AB2B-7FD4C0A9426A}D:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) D:\program files (x86)\origin games\apex\r5apex.exe Pas de fichier
FirewallRules: [UDP Query User{58890FF7-28A3-4AAF-9A8A-B0D91BBADD3D}D:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) D:\program files (x86)\origin games\apex\r5apex.exe Pas de fichier
FirewallRules: [{F1092A01-5BF7-4436-B0E9-69C8D2529DFA}] => (Allow) D:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe Pas de fichier
FirewallRules: [{6B570440-52E8-43E0-851E-9E21B0E09158}] => (Allow) D:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe Pas de fichier
FirewallRules: [TCP Query User{B3F22A39-DAB0-47A3-8AF5-19D906E5CF49}D:\programmes (x86)\origin games\apex\r5apex.exe] => (Allow) D:\programmes (x86)\origin games\apex\r5apex.exe Pas de fichier
FirewallRules: [UDP Query User{FBB277EC-C185-4A49-8B3A-0D27A109650A}D:\programmes (x86)\origin games\apex\r5apex.exe] => (Allow) D:\programmes (x86)\origin games\apex\r5apex.exe Pas de fichier
FirewallRules: [TCP Query User{C6FC0101-7541-4936-84D2-3BA275D10CE7}D:\programmes (x86)\java\bin\java.exe] => (Allow) D:\programmes (x86)\java\bin\java.exe Pas de fichier
FirewallRules: [UDP Query User{A763CDCB-9D51-4B48-868C-5AB915EB42BE}D:\programmes (x86)\java\bin\java.exe] => (Allow) D:\programmes (x86)\java\bin\java.exe Pas de fichier
FirewallRules: [TCP Query User{80AEEEAA-9323-4B4E-8EA9-BF89D0E3155C}C:\program files\java\jre1.8.0_201\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_201\bin\java.exe Pas de fichier
FirewallRules: [UDP Query User{BAEEA360-9BB9-4D5E-8509-5941F48611EF}C:\program files\java\jre1.8.0_201\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_201\bin\java.exe Pas de fichier
FirewallRules: [TCP Query User{841AD394-C69E-4CFC-AA63-E8728D42E56A}D:\programmes (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\programmes (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe Pas de fichier
FirewallRules: [UDP Query User{1630D934-A49E-4E10-9290-166483ABE57E}D:\programmes (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\programmes (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe Pas de fichier
FirewallRules: [TCP Query User{8DB0E4A9-BA31-40BB-AB6D-654F78C403D9}C:\program files\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_201\bin\javaw.exe Pas de fichier
FirewallRules: [UDP Query User{E34DCC55-6FDC-42D2-9001-51571AC743A6}C:\program files\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_201\bin\javaw.exe Pas de fichier
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-477712276-1049361145-1916053213-1001\...\MountPoints2: {e520f7a7-2219-11e9-ac20-806e6f6e6963} - "E:\autorun.exe"
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
C:\Program Files (x86)\Common Files\Wondershare
ProxyServer: [S-1-5-21-477712276-1049361145-1916053213-1001] => http=127.0.0.1:8888;https=127.0.0.1:8888
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll => Pas de fichier
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll => Pas de fichier
S4 0050131549226549mcinstcleanup; C:\ProgramData\McInstTemp0050131549226549\mcinst.exe [939944 2018-11-13] (McAfee, Inc. -> McAfee, Inc.)
C:\ProgramData\McInstTemp0050131549226549
S4 AGMService; "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe" [X]
S4 AGSService; "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe" [X]
S3 Origin Client Service; "C:\Program Files (x86)\Origin\OriginClientService.exe" [X]
S2 Origin Web Helper Service; "C:\Program Files (x86)\Origin\OriginWebHelperService.exe" [X]
2019-06-04 17:09 - 2019-01-27 04:22 - 000000000 ____D C:\Users\IdaXion\AppData\Roaming\IObit
2019-06-04 17:09 - 2019-01-27 04:22 - 000000000 ____D C:\ProgramData\IObit
virustotal: C:\windows\system32\SshdPinAuthLsa.dll
removeproxy:
emptytemp:
end::