start::
CreateRestorePoint:
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
IFEO\DisplaySwitch.exe: [Debugger] 
IFEO\taskmgr.exe: [Debugger] 
GroupPolicy: Restriction ?
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll Pas de fichier
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll Pas de fichier
CHR DefaultSearchURL: Default -> hxxp://www.ourluckysites.com/search/?type=ds&ts=1492594467&z=23cf2edbed53f05665baf36g4z6tco4w4tbzaz3m6m&from=che0812&uid=TOSHIBAXDT01ACA100_852S7VHNSXX852S7VHNSX&q={searchTerms}
CHR DefaultSearchKeyword: Default -> ourluckysites
R2 Ds3Service; C:\Users\yodal\AppData\Local\Temp\Rar$EXa0.434\ScpServer\bin\ScpService.exe [381952 2014-03-13] (Scarlet.Crush Productions) [Fichier non signé]
S3 panda_url_filteringd; \??\C:\Program Files\Panda Security URL Filtering\panda_url_filteringd.sys [X]
S3 VBAudioVMVAIOMME; \SystemRoot\system32\DRIVERS\vbaudio_vmvaio64_win7.sys [X]
S3 XPADFL02; \SystemRoot\system32\DRIVERS\xpadfl02.sys [X]
DeleteValue: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|CanonSolutionMenu
DeleteValue: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce|Uninstall C:\Users\yodal\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64
DeleteValue: HKU\S-1-5-21-942526991-4030069821-1807050003-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce|Uninstall C:\Users\yodal\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64
C:\Users\yodal\AppData\Roaming\Mozilla\Firefox\Profiles\47qxwaqt.default\pandasecuritytb
C:\ProgramData\panda_url_filtering
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{77410316-1B1E-4BBC-8559-CF5223FA9771}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{12140AD2-CF8A-4B06-83D7-3B265D2E919D}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{451AF485-A90A-498F-BB58-47AA26451CB8}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{F9344699-50A1-4314-BCB3-77DF60A200CC}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{C2C63887-A14A-4BC8-900C-1BFE17E18067}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{E1BEAC05-FE6A-4FB7-8304-271FD6121F8B}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{E8BB9390-B997-4608-87BE-B740986C221B}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{92F6D16A-DC50-49DB-9C19-38E374964C5E}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{1224226B-DAF6-4AD4-80F3-EF8AE69EFE83}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{BB963830-8E94-4561-8D72-9D899A174393}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{A006F4A9-60E1-4606-8D1C-A0A8F08C8FF0}D:\program files (x86)\diablo iii\x64\diablo iii64.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{A8B1913B-B8A0-42D1-AF63-8CC0C999AB38}D:\program files (x86)\diablo iii\x64\diablo iii64.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{5483115D-96EA-40D4-851F-4C26A29D220D}D:\program files (x86)\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{B3E1642D-8770-4C45-A320-8C7BFCCCDDC0}D:\program files (x86)\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{FAF34572-E098-471C-AD88-2EC5A4F4111F}D:\program files (x86)\rads\projects\league_client\releases\0.0.0.164\deploy\leagueclient.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{25EDDBB7-E788-4C7B-8F73-C15CD99F6BD1}D:\program files (x86)\rads\projects\league_client\releases\0.0.0.164\deploy\leagueclient.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{887F87F5-889E-4C4B-A377-A644718C5283}D:\program files (x86)\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{6E6D50F4-4411-4F5F-87DC-79057C103A39}D:\program files (x86)\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{65659745-BE7A-4F3B-959A-056C644FAFB5}D:\program files (x86)\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{B90A4D5A-4B12-4C7C-81A2-68BC638B0AED}D:\program files (x86)\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{FCEB9FF8-1FED-4D08-828C-E5480BF1128E}D:\program files (x86)\rads\projects\league_client\releases\0.0.0.167\deploy\leagueclient.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{C861172E-D0A0-40C9-A822-194F9D567C89}D:\program files (x86)\rads\projects\league_client\releases\0.0.0.167\deploy\leagueclient.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{6B486464-85FB-4AE5-84D9-6442482238FE}D:\program files (x86)\rads\projects\league_client\releases\0.0.0.168\deploy\leagueclient.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{65CE3C44-A139-4374-BAE3-8023E64524EC}D:\program files (x86)\rads\projects\league_client\releases\0.0.0.168\deploy\leagueclient.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{76B1EF8B-858B-4AF1-8192-0090A0FA9D08}D:\program files (x86)\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{C976527D-003F-458F-8394-B07BA4D6800F}D:\program files (x86)\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{DF7A90A4-46D6-4C65-8C12-F2E78C78CC2D}D:\program files (x86)\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{BFB64395-305F-4F1F-A803-F9F237D8F5F5}D:\program files (x86)\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{38521D4C-700E-4E06-B602-52AD5B37CE1D}D:\program files (x86)\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{4163A2B9-232D-4A1C-82F2-17F22FD551DD}D:\program files (x86)\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{5CDD2136-812E-4F05-A8A0-80DB6AF2B037}D:\program files (x86)\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{3F4A886C-9681-4CA5-BA71-65CEFFF5DDD1}D:\program files (x86)\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{8C161553-9E12-4939-8575-D6B99298C8B7}D:\program files (x86)\rads\projects\league_client\releases\0.0.0.175\deploy\leagueclient.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{68391EE6-8ECE-4D32-8C50-450CBB627887}D:\program files (x86)\rads\projects\league_client\releases\0.0.0.175\deploy\leagueclient.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{B29EC2E9-94EA-4E7D-BFB7-90F4C6583A54}D:\program files (x86)\rads\projects\league_client\releases\0.0.0.176\deploy\leagueclient.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{D1578A1D-EBFE-4209-AB9D-E5079DCD7EBC}D:\program files (x86)\rads\projects\league_client\releases\0.0.0.176\deploy\leagueclient.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{F613D9D8-38F2-4327-A25E-BFDBE2E19CD0}D:\binaries\ut3.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{85024E60-9C45-4FD8-8B41-19D382A5BEBF}D:\binaries\ut3.exe
2018-09-15 21:25 - 2018-12-16 17:39 - 062928040 ____C (Skype Technologies S.A.) C:\Users\yodal\AppData\Local\Temp\SkypeSetup.exe
ShellIconOverlayIdentifiers: [
 MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\yodal\AppData\Local\MEGAsync\ShellExtX64.dll -> Pas de fichier
ShellIconOverlayIdentifiers: [
 MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\yodal\AppData\Local\MEGAsync\ShellExtX64.dll -> Pas de fichier
ShellIconOverlayIdentifiers: [
 MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\yodal\AppData\Local\MEGAsync\ShellExtX64.dll -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [
 MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\yodal\AppData\Local\MEGAsync\ShellExtX64.dll -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [
 MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\yodal\AppData\Local\MEGAsync\ShellExtX64.dll -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [
 MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\yodal\AppData\Local\MEGAsync\ShellExtX64.dll -> Pas de fichier
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\yodal\AppData\Local\MEGAsync\ShellExtX64.dll -> Pas de fichier
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\yodal\AppData\Local\MEGAsync\ShellExtX64.dll -> Pas de fichier
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Pas de fichier
"C:\Windows\System32\Tasks\McAfee\McAfee Idle Detection Task" a été déverrouillé.
Task: {4615016B-8B76-40DF-B7D4-6D3D0C13FE32} - pas de chemin du fichier
Task: {46B3B9A7-840A-4039-9A61-554780D04769} - pas de chemin du fichier
Task: {6BAE5F06-A7EE-47D8-8D4B-D45A51522F99} - System32\Tasks\ASUS\ASUS AiCharger_Desktop Execute => C:\Program Files (x86)\InstallShield Installation Information\{9AF45D7C-34F1-4BA0-B799-825C8C04494C}\AiChargerDT.exe [2013-04-03] (ASUSTek Computer Inc.)
Task: {A073F325-C886-4CAF-AFD8-BB15E2686DA4} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Pas de fichier
AlternateDataStreams: C:\Users\Public\AppData:CSM [462]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [478]
FirewallRules: [{6267D15E-26D8-4616-97BB-28704297DA19}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe Pas de fichier
FirewallRules: [{B11441D7-27BC-4CCF-AC46-F9678A9539CF}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe Pas de fichier
FirewallRules: [{8448980E-F0D7-4B07-BB0A-C1535C158F73}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe Pas de fichier
FirewallRules: [{65072431-74DB-4DF7-8640-4C9A5AA4C8FB}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe Pas de fichier
FirewallRules: [{F656C599-2259-494D-A582-90ADB67D2F84}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe Pas de fichier
FirewallRules: [{2DA5A393-714B-46E6-BFEC-CD48B879CE46}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe Pas de fichier
FirewallRules: [{12EDEFCE-FC5A-4147-BBAB-8F89273D0B41}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe Pas de fichier
FirewallRules: [{B5D4F43F-25C0-4F8F-BF6F-67B06DC85BD4}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe Pas de fichier
FirewallRules: [{813CAD2A-1024-4CB8-8226-7981160422E3}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe Pas de fichier
FirewallRules: [{D1328D27-5CAE-4FF6-9A32-F2461F06EAD3}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe Pas de fichier
FirewallRules: [{FC842A4A-6771-454D-BE82-B988AE7D877B}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe Pas de fichier
FirewallRules: [{EA5BBDDA-7F64-4D42-A535-A701EA2C857A}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe Pas de fichier
EmptyTemp:
end::