Start::
Closeprocesses:
Createrestorepoint:
HKU\S-1-5-21-1375900704-2189307533-964791039-1001\...\MountPoints2: {c08bf4b5-bdee-11e5-8262-40e230f2920a} - "F:\AutoRun.exe"
HKU\S-1-5-21-1375900704-2189307533-964791039-1004\...\MountPoints2: {026d6db6-9de7-11ec-8fd3-12e230f2920b} - "D:\LaunchU3.exe"
HKU\S-1-5-21-1375900704-2189307533-964791039-1004\...\MountPoints2: {c08bf4b5-bdee-11e5-8262-40e230f2920a} - "D:\AutoRun.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
2015-11-09 16:15 - 2022-01-25 10:52 - 000000165 _____ () C:\Users\Marc\AppData\Roaming\sp_data.sys
StartRegEdit:
Windows Registry Editor Version 5.00
[-HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains
[-HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains
[-HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\P3P
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\P3P]
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains]
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains]
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\P3P]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\P3P]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\microsoft.com\*.update]
"http"=dword:00000002
"https"=dword:00000002
EndRegEdit:
cmd: ipconfig /flushdns
cmd: netsh advfirewall reset
cmd: netsh advfirewall set allprofiles state on
cmd: netsh winsock reset
Emptytemp:
End::