cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ÿþstart::
CreateRestorePoint:
CloseProcesses:
HKU\S-1-5-21-21128804-2355724476-3099136345-1001\...\Run: [Chromium] => "c:\users\calvi\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
HKU\S-1-5-21-21128804-2355724476-3099136345-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.116\Installer\chrmstp.exe [2020-06-24] (Google LLC -> Google LLC)
GroupPolicy-x32: Restriction ?
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction
DeleteValue: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Chromium
DeleteValue: HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Synapse3
DeleteValue: HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Synapse3
DeleteValue: HKU\S-1-5-21-21128804-2355724476-3099136345-1001\\Software\Microsoft\Windows\CurrentVersion\Run|Chromium]
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{C448A766-1D67-4A6D-BF0B-4547B0860652}"
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{1CE55006-F8EF-4279-902C-22C89CE90D56}D:\riot games\league of legends\game\game\league of legends.exe"
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{488D80EB-19C7-48AC-9121-545A113B34CB}D:\riot games\league of legends\game\game\league of legends.exe"
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{264D4F4A-CB1F-481F-9401-5BA75660E432}"
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{36AD1FC1-BAB5-4794-AB3C-22DD1EC0CC7E}"
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{F3EF0FEF-0781-47BB-AD49-DD94CA6539E6}D:\bnet\hearthstone\hearthstone.exe"
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{51F7519A-1A57-414B-9799-3BA5CCC81721}D:\bnet\hearthstone\hearthstone.exe"
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{14C22BF1-CA3C-4741-9018-B210CCA76BDD}D:\bnet\starcraft ii\versions\base77379\sc2_x64.exe"
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{309AAE4F-15A7-4E32-86D1-F386BE93CC4B}D:\bnet\starcraft ii\versions\base77379\sc2_x64.exe"
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{861DD4A7-F395-4E95-9DA7-7246980AD27B}D:\subnautica\subnautica\subnautica.exe"
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{FE9A0F7D-579E-4BEE-83CC-FB9F010CEBA3}D:\subnautica\subnautica\subnautica.exe"
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{0B142A1B-AC57-48D3-AC94-80778C128038}D:\gtav\borderlands2\binaries\win32\borderlands2.exe"
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{D3B6E92F-60D1-4404-BF81-149F65BCDFFA}D:\gtav\borderlands2\binaries\win32\borderlands2.exe"
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{BC74DB04-DC5B-45D2-A2E4-F7DEFB8279CA}D:\gtav\gtav\gta5.exe"
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{A732B905-1DB8-40E6-BAF6-34671522487B}D:\gtav\gtav\gta5.exe"
DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BtSendToMenuEx
C:\Users\calvi\AppData\Local\Google\Chrome\User Data\Default\File System\000
C:\Users\calvi\AppData\Local\Google\Chrome\User Data\Default\File System\001
C:\Users\calvi\AppData\Local\Google\Chrome\User Data\Default\File System\002
C:\Users\calvi\AppData\Local\Google\Chrome\User Data\Default\File System\003
C:\Users\calvi\AppData\Local\Google\Chrome\User Data\Default\File System\004
C:\Users\calvi\AppData\Local\Google\Chrome\User Data\Default\File System\005
C:\Users\calvi\AppData\Local\Google\Chrome\User Data\Default\File System\006
C:\Users\calvi\AppData\Local\Google\Chrome\User Data\Default\File System\007
C:\Users\calvi\AppData\Local\Google\Chrome\User Data\Default\File System\008
C:\Users\calvi\AppData\Local\Google\Chrome\User Data\Default\File System\009
C:\Users\calvi\AppData\Local\Google\Chrome\User Data\Default\File System\010
C:\Users\calvi\AppData\Local\Google\Chrome\User Data\Default\File System\011
C:\Users\calvi\AppData\Local\Google\Chrome\User Data\Default\File System\012
C:\Users\calvi\AppData\Local\Google\Chrome\User Data\Default\File System\013
C:\Users\calvi\AppData\Local\Google\Chrome\User Data\Default\File System\014
C:\Users\calvi\AppData\Local\Google\Chrome\User Data\Default\File System\015
C:\Users\calvi\AppData\Local\Google\Chrome\User Data\Default\File System\016
C:\Users\calvi\AppData\Local\Google\Chrome\User Data\Default\File System\017
C:\Users\calvi\AppData\Local\Google\Chrome\User Data\Default\File System\Plugins
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\calvi\Desktop\ModOrganizer\nxmhandler.exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files (x86)\Java\jre1.8.0_241\bin\javaw.exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files (x86)\Java\jre1.8.0_241\bin\javaw.exe.ApplicationCompany
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\calvi\Desktop\Bordel pour le pc\AdobePhotoshopCS6Portable\PhotoshopCS6Portable - Copie - Copie.exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\calvi\Desktop\Bordel pour le pc\AdobePhotoshopCS6Portable\PhotoshopCS6Portable - Copie - Copie.exe.ApplicationCompany
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\calvi\Desktop\Lolskin\8qJbzJ.exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\calvi\Desktop\Lolskin\Inn2c.exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\calvi\Desktop\Rockstar-Games-Launcher.exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\calvi\Desktop\Rockstar-Games-Launcher.exe.ApplicationCompany
DeleteValue: HKU\S-1-5-21-21128804-2355724476-3099136345-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\calvi\Desktop\ModOrganizer\nxmhandler.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-21128804-2355724476-3099136345-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files (x86)\Java\jre1.8.0_241\bin\javaw.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-21128804-2355724476-3099136345-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files (x86)\Java\jre1.8.0_241\bin\javaw.exe.ApplicationCompany
DeleteValue: HKU\S-1-5-21-21128804-2355724476-3099136345-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\calvi\Desktop\Bordel pour le pc\AdobePhotoshopCS6Portable\PhotoshopCS6Portable - Copie - Copie.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-21128804-2355724476-3099136345-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\calvi\Desktop\Bordel pour le pc\AdobePhotoshopCS6Portable\PhotoshopCS6Portable - Copie - Copie.exe.ApplicationCompany
DeleteValue: HKU\S-1-5-21-21128804-2355724476-3099136345-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\calvi\Desktop\Lolskin\8qJbzJ.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-21128804-2355724476-3099136345-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\calvi\Desktop\Lolskin\Inn2c.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-21128804-2355724476-3099136345-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\calvi\Desktop\Rockstar-Games-Launcher.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-21128804-2355724476-3099136345-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\calvi\Desktop\Rockstar-Games-Launcher.exe.ApplicationCompany
DeleteKey: HKLM\SOFTWARE\1de14785-dd8c-5cd2-aae8-d4a376f81d78
DeleteKey: HKLM\SOFTWARE\57979c68-f490-55b8-8fed-8b017a5af2fe
DeleteKey: HKCU\SOFTWARE\410fcd79-1be8-5bf1-986e-ea09c55f7edf
DeleteKey: HKU\S-1-5-21-21128804-2355724476-3099136345-1001\SOFTWARE\410fcd79-1be8-5bf1-986e-ea09c55f7edf
C:\Program Files (x86)\SCREENSHOT
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
CustomCLSID: HKU\S-1-5-21-21128804-2355724476-3099136345-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\calvi\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-21128804-2355724476-3099136345-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\calvi\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-21128804-2355724476-3099136345-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\calvi\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\amd64\FileSyncShell64.dll => No File
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => -> No File
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll -> No File
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [BtSendToMenuEx] -> {CF24E6B8-F148-4BCB-9108-ADF313966E80} => -> No File
AlternateDataStreams: C:\Users\calvi\AppData\Local\Temp:$DATA [16]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [472]
EmptyTemp:
end::

Publicité


Signaler le contenu de ce document

Publicité