Posté le 1 octobre 2020
Télécharger | Reposter | Largeur fixe

Start::
CloseProcesses:
CreateRestorePoint:
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2020-02-28] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2020-02-28] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2020-02-28] (Glarysoft LTD -> Glarysoft Ltd)
HKU\S-1-5-21-976858337-835815652-199551154-1001\...\Run: [GUDelayStartup]
C:\Windows\System32\drivers\GUBootStartup.sys
C:\Users\Genjiru\Downloads\gu5setup(53).exe
FirewallRules: [{312A9984-4006-4DD9-81EE-EA90DE4995C5}] => (Allow) c:\program files (x86)\glary utilities 5\autoupdate.exe (Glarysoft LTD -> Glarysoft Ltd)
FirewallRules: [{F0CA60E2-776F-4DBC-9A59-67ABB1ADA740}] => (Allow) c:\program files (x86)\glary utilities 5\autoupdate.exe (Glarysoft LTD -> Glarysoft Ltd)
FirewallRules: [{6EA25405-034C-451F-B6A3-99EA9E8B7C41}] => (Allow) c:\program files (x86)\glary utilities 5\upgrade.exe (Glarysoft LTD -> Glarysoft Ltd)
FirewallRules: [{833D0B11-1BE2-4CCF-ADA1-6C360057B5D4}] => (Allow) c:\program files (x86)\glary utilities 5\upgrade.exe (Glarysoft LTD -> Glarysoft Ltd)
FirewallRules: [{26A67786-73D4-42D2-AC64-E2700161F4C0}] => (Allow) c:\program files (x86)\glary utilities 5\integrator.exe (Glarysoft LTD -> Glarysoft Ltd)
FirewallRules: [{139F688F-7A75-4A5F-9A40-271A4F703083}] => (Allow) c:\program files (x86)\glary utilities 5\integrator.exe (Glarysoft LTD -> Glarysoft Ltd)
FirewallRules: [{A05D2A41-609F-4902-A1BA-623ADAB27447}] => (Allow) c:\program files (x86)\glary utilities 5\softwareupdate.exe (Glarysoft LTD -> Glarysoft Ltd)
FirewallRules: [{CD100C2F-274C-47A0-BEC6-25C6200725E9}] => (Allow) c:\program files (x86)\glary utilities 5\softwareupdate.exe (Glarysoft LTD -> Glarysoft Ltd)
c:\program files (x86)\glary utilities 5
FirewallRules: [{BFECBB99-FF7E-4CE1-A396-3BDDE8B53A7E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GlassWire\GWLauncher.exe (GlassWire -> SecureMix LLC)
FirewallRules: [{4CDFCDB4-3DA0-4E56-8A5C-006D78D3D341}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GlassWire\GWLauncher.exe (GlassWire -> SecureMix LLC)
FirewallRules: [{92958378-B137-41DC-B6BC-C37DDC80DC0B}] => (Allow) c:\program files (x86)\steam\steamapps\common\glasswire\app\gwctlsrv.exe (GlassWire -> SecureMix LLC)
FirewallRules: [{ECCDAF23-1B71-43D3-9F22-EBF5A3E1DB22}] => (Allow) c:\program files (x86)\steam\steamapps\common\glasswire\app\gwctlsrv.exe (GlassWire -> SecureMix LLC)
FirewallRules: [{B723FDC4-23A0-4486-99AA-82AFF16CA488}] => (Allow) c:\program files (x86)\steam\steamapps\common\glasswire\app\glasswire.exe (GlassWire -> SecureMix LLC)
FirewallRules: [{71198180-AD26-4938-9D81-9D0068F93F80}] => (Allow) c:\program files (x86)\steam\steamapps\common\glasswire\app\glasswire.exe (GlassWire -> SecureMix LLC)
FirewallRules: [{179A6202-9E59-4490-9596-ADFA8252B8D4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GlassWire\app\GWCtlSrv.exe (GlassWire -> SecureMix LLC)
FirewallRules: [{BD5D9C97-AA4E-4DE4-9D20-B3A5030872E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GlassWire\app\GWCtlSrv.exe (GlassWire -> SecureMix LLC)
HKU\S-1-5-21-976858337-835815652-199551154-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [45488 2020-09-18] (Glarysoft LTD -> Glarysoft Ltd)
HKU\S-1-5-21-976858337-835815652-199551154-1001\...\Run: [GlassWire]
C:\Program Files (x86)\Steam
FF Notifications: Mozilla\Firefox\Profiles\h92wwip7.default-release -> hxxps://web.whatsapp.com
C:\Users\Genjiru\AppData\Roaming\WhatsApp
C:\Users\Genjiru\AppData\Local\WhatsApp
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
StartRegEdit:
Windows Registry Editor Version 5.00
[-HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains
[-HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains
[-HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\P3P
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\P3P]
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains]
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains]
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\P3P]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\P3P]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\microsoft.com\*.update]
"http"=dword:00000002
"https"=dword:00000002
EndRegEdit:
cmd: netsh advfirewall reset
cmd: netsh advfirewall set allprofiles state on
cmd: netsh winsock reset
Emptytemp:
End::

x
Éditer le texte

Merci d'entrer le mot de passe que vous avez indiqué à la création du texte.

x
Télécharger le texte

Merci de choisir le format du fichier à télécharger.