CreateRestorePoint:
CloseProcesses:
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3110098909-1101332020-947144772-1001\...\Run: [] => [X]
HKU\S-1-5-21-3110098909-1101332020-947144772-1001\...\Run: [cacaoweb] => C:\Users\yo\AppData\Roaming\cacaoweb\cacaoweb.exe [567192 2021-02-14] (CACAOWEB Ltd -> )
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Task: {8D5208E1-103F-4D9A-81D7-8D245822207D} - \weDownload Manager-codedownloader -> Pas de fichier <==== ATTENTION
Task: {9832C37F-5BEC-4E14-A253-E86D1A713927} - System32\Tasks\weDownload Manager-chromeinstaller => C:\Program Files (x86)\weDownload Manager\weDownload Manager-chromeinstaller.exe -> /installcrx /agentregpath='weDownload Manager' /extensionfilepath='C:\Program Files (x86)\weDownload Manager\34344.crx' /appid=34344 /srcid='000138' /subid='0' /zdata='0' /bic=35AFE567C9E149DBAE44027F8E62F603IE /verifier=a5576b0a6b6f403aa7b01d9c881dd486 /installerversion=1_28_153 /installerfullversion=1.28.153.1 /installationtime=1380441536 /statsdomain=http://stats.ourstatssrv.com /errorsdomain=http://errors.ourstatssrv.com /waitforbrowser=300 /extensionid=oifomnalkciipmgkfgdjkepdocgiipjg /extensionversion=1.24.94 /extensionpublickey=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDsmxxcZ3TSfQyL/HTvv7DYZRUmstBOz82F8oPoGxRpuEwEY2vlW2l++ot4kGq/5cIIatdYK49YhGesm7K2fvTK3MmOMt62s2L0rfvY/IyHzdpe/d6w2PnBpYF09HheI1of3HuFFLbgH1dJNm4HU7LMJwhahzvVx/2rf/k577PaiQIDAQAB /allusers /allprofiles /externallog='' <==== ATTENTION
Task: {9AD45B74-FE11-4524-A79D-78C2CCDCF650} - System32\Tasks\weDownload Manager-updater => C:\Program Files (x86)\weDownload Manager\weDownload Manager-updater.exe <==== ATTENTION
Task: {C9049E5C-4661-4DB7-92CA-B04AF47FA36D} - System32\Tasks\weDownload Manager-enabler => C:\Program Files (x86)\weDownload Manager\weDownload Manager-enabler.exe <==== ATTENTION
Task: {F30A9DEF-9FB5-411D-B345-FAB98716B9C2} - \CCleanerSkipUAC -> Pas de fichier <==== ATTENTION
Task: C:\WINDOWS\Tasks\weDownload Manager-chromeinstaller.job => C:\Program Files (x86)\weDownload Manager\weDownload Manager-chromeinstaller.exe/installcrx /agentregpath='weDownload Manager' /extensionfilepath C:\Program Files (x86)\weDownload Manager\34344.crx' /appid=34344 /srcid='000138' /subid='0' /zdata='0' /bic=35AFE567C9E149DBAE44027F8E62F603IE /verifier=a5576b0a6b6f403aa7b01d9c881dd486 /installerversion=1_28_153 /installerfullversion=1.28.153.1 /installationtime=1380441536 /statsdomain=hxxp:/stats.ourstatssrv.com /errorsdomain=hxxp:/errors.ourstatssrv.com
Task: C:\WINDOWS\Tasks\weDownload Manager-codedownloader.job => C:\Program Files (x86)\weDownload Manager\weDownload Manager-codedownloader.exeƵ/reinstallapp /agentregpath='weDownload Manager' /appid=34344 /srcid='000138' /subid='0' /zdata='0' /bic=35AFE567C9E149DBAE44027F8E62F603IE /verifier=a5576b0a6b6f403aa7b01d9c881dd486 /installerversion=1_28_153 /installerfullversion=1.28.153.1 /installationtime=1380441536 /statsdomain=hxxp:/stats.ourstatssrv.com /errorsdomain=hxxp:/errors.ourstatssrv.com /codedownloaddomain=hxxp:/app-static.crossrider.com
Task: C:\WINDOWS\Tasks\weDownload Manager-enabler.job => C:\Program Files (x86)\weDownload Manager\weDownload Manager-enabler.exeƊ/enablebho /agentregpath='weDownload Manager' /appid=34344 /srcid='000138' /subid='0' /zdata='0' /bic=35AFE567C9E149DBAE44027F8E62F603IE /verifier=a5576b0a6b6f403aa7b01d9c881dd486 /installerversion=1_28_153 /installationtime=1380441536 /statsdomain=hxxp:/stats.ourstatssrv.com /errorsdomain=hxxp:/errors.ourstatssrv.com
Task: C:\WINDOWS\Tasks\weDownload Manager-updater.job => C:\Program Files (x86)\weDownload Manager\weDownload Manager-updater.exeǬ/runupdater /agentregpath='weDownload Manager' /appid=34344 /srcid='000138' /subid='0' /zdata='0' /bic=35AFE567C9E149DBAE44027F8E62F603IE /verifier=a5576b0a6b6f403aa7b01d9c881dd486 /installerversion=1_28_153 /installationtime=1380441536 /statsdomain=hxxp:/stats.ourstatssrv.com /errorsdomain=hxxp:/errors.ourstatssrv.com /monetizationdomain=hxxp:/stats.syncstatsdata.com /geoserviceurl=hxxp:/ipgeoapi.com/ /updatejsondomain=hxxp:/update.ourstatssrv.com
FF Notifications: Mozilla\Firefox\Profiles\vjc8ebqy.default -> hxxps://tinder.com
FF Extension: (cacaoweb) - C:\Users\yo\AppData\Roaming\Mozilla\Firefox\Profiles\vjc8ebqy.default\Extensions\cacaoweb@cacaoweb.org [2021-08-30] [] [non signé]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_314.dll [Pas de fichier]
FF Plugin HKU\S-1-5-21-3110098909-1101332020-947144772-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [Pas de fichier]
C:\Program Files (x86)\Ubisoft
CHR Notifications: Default -> hxxp://www.ouestfrance-emploi.com; hxxps://badoo.com; hxxps://www.hexabim.com; hxxps://www.ptitchef.com
CHR HKU\S-1-5-21-3110098909-1101332020-947144772-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl]
S2 GFNEXSrv; C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe [X]
S2 HuaweiHiSuiteService64.exe; "C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe" -/service [X]
S3 TemproMonitoringService; "C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe" [X]
S3 TPCHSrv; "C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe" [X]
S2 PEGAGFN; \??\C:\Program Files (x86)\TOSHIBA\Password Utility\PEGAGFN.sys [X]
2021-09-02 10:26 - 2021-02-14 17:11 - 000567192 _____ C:\Users\yo\Desktop\cacaoweb.exe
AV: Avira Antivirus (Enabled - Up to date) {8A154ED8-4428-DB2D-0E3F-BD82C448FD94}
AlternateDataStreams: C:\Users\Public\AppData:CSM [470]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [478]
SearchScopes: HKU\S-1-5-21-3110098909-1101332020-947144772-1001 -> {02218B9E-A6B3-41CB-B040-106E268D99D0} URL = 
BHO: weDownload Manager -> {11111111-1111-1111-1111-110311431144} -> C:\Program Files (x86)\weDownload Manager\weDownload Manager-bho64.dll => Pas de fichier
HKU\S-1-5-21-3110098909-1101332020-947144772-1001\...\StartupApproved\Run: => "Badoo Desktop"
FirewallRules: [UDP Query User{316EF77E-C114-4D70-9704-76B435E3F1C7}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe => Pas de fichier
FirewallRules: [TCP Query User{BD3C9327-C41A-452A-8C07-FA94B1F37612}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe => Pas de fichier
FirewallRules: [UDP Query User{3F5E586D-C2B6-4248-9D6C-DDE32D655B22}C:\program files\pactify launcher\pactify.exe] => (Allow) C:\program files\pactify launcher\pactify.exe => Pas de fichier
FirewallRules: [TCP Query User{85B76086-F893-4EF7-8031-124C7DD73672}C:\program files\pactify launcher\pactify.exe] => (Allow) C:\program files\pactify launcher\pactify.exe => Pas de fichier
FirewallRules: [{4518926B-F9B7-466D-B607-A31D98E3DAF5}] => (Allow) C:\Program Files (x86)\Nox\bin\Nox.exe => Pas de fichier
FirewallRules: [UDP Query User{27A38105-ABDD-403D-ABA5-19B12F83010F}C:\program files (x86)\steam\steamapps\common\warface\warface\bin64release\game.exe] => (Block) C:\program files (x86)\steam\steamapps\common\warface\warface\bin64release\game.exe => Pas de fichier
FirewallRules: [TCP Query User{E92F0171-083A-4DD2-B639-6ABE04ACA87C}C:\program files (x86)\steam\steamapps\common\warface\warface\bin64release\game.exe] => (Block) C:\program files (x86)\steam\steamapps\common\warface\warface\bin64release\game.exe => Pas de fichier
FirewallRules: [UDP Query User{FEE144C0-E94E-40E7-B15F-CE389F176A13}C:\program files (x86)\steam\steamapps\common\warface\gamecenter\gamecenter.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\warface\gamecenter\gamecenter.exe => Pas de fichier
FirewallRules: [TCP Query User{ACC4E70C-43B0-47E9-AD6D-EA258C45D937}C:\program files (x86)\steam\steamapps\common\warface\gamecenter\gamecenter.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\warface\gamecenter\gamecenter.exe => Pas de fichier
FirewallRules: [UDP Query User{65CAC5D4-509D-4B6F-AA67-2294C6EF38AA}C:\games\world_of_tanks_eu\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\worldoftanks.exe => Pas de fichier
FirewallRules: [TCP Query User{F78077F6-8864-4565-B013-D7B2D120EFEE}C:\games\world_of_tanks_eu\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\worldoftanks.exe => Pas de fichier
FirewallRules: [UDP Query User{3F5B826E-286B-4557-9F4C-15EAF7AA99CA}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe => Pas de fichier
FirewallRules: [TCP Query User{5CB49AA8-9EAA-4683-964B-57018AADD330}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe => Pas de fichier
FirewallRules: [UDP Query User{67C87025-FF55-4DE1-B459-7306FD89BFEC}C:\users\yo\appdata\local\warthunder\win64\aces.exe] => (Block) C:\users\yo\appdata\local\warthunder\win64\aces.exe => Pas de fichier
FirewallRules: [TCP Query User{7149EBBC-F4CE-4A25-B957-C60193B86E53}C:\users\yo\appdata\local\warthunder\win64\aces.exe] => (Block) C:\users\yo\appdata\local\warthunder\win64\aces.exe => Pas de fichier
FirewallRules: [UDP Query User{722FF434-A683-419F-B26D-6DEFE905A4C7}C:\users\yo\appdata\local\warthunder\launcher.exe] => (Allow) C:\users\yo\appdata\local\warthunder\launcher.exe => Pas de fichier
FirewallRules: [TCP Query User{76ECA01E-2EE6-4D8E-B167-3FDDF875B916}C:\users\yo\appdata\local\warthunder\launcher.exe] => (Allow) C:\users\yo\appdata\local\warthunder\launcher.exe => Pas de fichier
FirewallRules: [UDP Query User{7F5EC536-CC11-4DBA-9F18-B43764323641}C:\program files (x86)\kylotonn entertainment\bet on soldier trilogie\bos_sahara\bos.exe] => (Block) C:\program files (x86)\kylotonn entertainment\bet on soldier trilogie\bos_sahara\bos.exe => Pas de fichier
FirewallRules: [TCP Query User{872908A8-5335-4324-8A57-0162F4BFF677}C:\program files (x86)\kylotonn entertainment\bet on soldier trilogie\bos_sahara\bos.exe] => (Block) C:\program files (x86)\kylotonn entertainment\bet on soldier trilogie\bos_sahara\bos.exe => Pas de fichier
FirewallRules: [UDP Query User{C6B29875-B750-4653-A4E5-F8BEC101EF7A}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => Pas de fichier
FirewallRules: [TCP Query User{ECEA0B09-8127-4790-A3C6-978A7DB505E5}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => Pas de fichier
FirewallRules: [UDP Query User{2B79284B-5906-4569-A9C2-F16B12666385}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe => Pas de fichier
FirewallRules: [TCP Query User{AF7F029A-11A9-48D4-A5CF-00E616A4C43E}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe => Pas de fichier
FirewallRules: [UDP Query User{9007AA2B-3520-40BD-B9A1-8328F29FB88D}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe => Pas de fichier
FirewallRules: [TCP Query User{99C9BA73-48BC-46AC-9449-35D5B86E5111}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe => Pas de fichier
FirewallRules: [UDP Query User{4E5E2117-B75A-4FF8-B333-AD8BBD1C6DDF}C:\games\world_of_tanks\wotlauncher.exe] => (Block) C:\games\world_of_tanks\wotlauncher.exe => Pas de fichier
FirewallRules: [TCP Query User{9719A44C-8DE5-488D-973F-C554EEB8AC3D}C:\games\world_of_tanks\wotlauncher.exe] => (Block) C:\games\world_of_tanks\wotlauncher.exe => Pas de fichier
FirewallRules: [UDP Query User{944F4562-AAB5-489F-B829-664CDC9DBE64}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe => Pas de fichier
FirewallRules: [TCP Query User{97014667-3EF3-40D5-B81F-AE9079CB9605}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe => Pas de fichier
FirewallRules: [UDP Query User{0CA2241E-802C-4C34-9C82-BE3E9E2F133D}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe => Pas de fichier
FirewallRules: [TCP Query User{4A4EF286-9988-4728-9608-6164DE1800C3}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe => Pas de fichier
FirewallRules: [UDP Query User{80E723ED-5F1A-4665-BE13-F297481D651F}C:\users\yo\desktop\[pc] battlefield vietnam [green1991]\battlefield vietnam\bfvietnam.exe] => (Allow) C:\users\yo\desktop\[pc] battlefield vietnam [green1991]\battlefield vietnam\bfvietnam.exe => Pas de fichier
FirewallRules: [TCP Query User{A3F79CA1-46A2-4FD5-AE13-3539503DA8FE}C:\users\yo\desktop\[pc] battlefield vietnam [green1991]\battlefield vietnam\bfvietnam.exe] => (Allow) C:\users\yo\desktop\[pc] battlefield vietnam [green1991]\battlefield vietnam\bfvietnam.exe => Pas de fichier
FirewallRules: [UDP Query User{0A2DC9ED-F24D-4B48-8650-E951C9FE4FA2}C:\program files (x86)\ea games\mohda\mohaa.exe] => (Allow) C:\program files (x86)\ea games\mohda\mohaa.exe => Pas de fichier
FirewallRules: [TCP Query User{452B1E44-DEAF-4A08-84E6-30D0FAFDCE8F}C:\program files (x86)\ea games\mohda\mohaa.exe] => (Allow) C:\program files (x86)\ea games\mohda\mohaa.exe => Pas de fichier
FirewallRules: [UDP Query User{9B59A3F6-B162-4CDD-9D73-73B9A41BA884}C:\program files (x86)\activision\call of duty - black ops\blackops.exe] => (Allow) C:\program files (x86)\activision\call of duty - black ops\blackops.exe => Pas de fichier
FirewallRules: [TCP Query User{70F4D0A8-3F2A-4E6B-91C9-E4B8FEE8C887}C:\program files (x86)\activision\call of duty - black ops\blackops.exe] => (Allow) C:\program files (x86)\activision\call of duty - black ops\blackops.exe => Pas de fichier
FirewallRules: [UDP Query User{5AE3B603-B9D7-4D50-B8AC-C656353FA34F}C:\program files (x86)\activision\call of duty - black ops\blackops.exe] => (Allow) C:\program files (x86)\activision\call of duty - black ops\blackops.exe => Pas de fichier
FirewallRules: [TCP Query User{AF32E3C3-53BD-4C66-86A4-0DE2CF69BD6C}C:\program files (x86)\activision\call of duty - black ops\blackops.exe] => (Allow) C:\program files (x86)\activision\call of duty - black ops\blackops.exe => Pas de fichier
FirewallRules: [{8E0EE29F-4E91-45D7-877A-58D1C92E73E4}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AC3MP.exe => Pas de fichier
FirewallRules: [{8D29D4AF-BF85-49C1-831D-100AD2F80D28}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AC3MP.exe => Pas de fichier
FirewallRules: [{272D5024-D51C-4326-882E-2212EB20F1E6}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AC3SP.exe => Pas de fichier
FirewallRules: [{89554A28-F2DA-4A2D-8B84-C2082AA17E60}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AC3SP.exe => Pas de fichier
FirewallRules: [{4D06E7D5-3B19-4906-8B40-F7EF7270272B}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AssassinsCreed3.exe => Pas de fichier
FirewallRules: [{51D64EA8-6C64-4722-9ABC-469DDB1A3303}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AssassinsCreed3.exe => Pas de fichier
FirewallRules: [{7FED21C2-45A2-49E4-8BD5-E6B01FFFFF17}] => (Allow) C:\Program Files (x86)\Ubisoft\Rayman Origins\Rayman Origins.exe => Pas de fichier
FirewallRules: [{BFB83A1A-526A-481F-A196-BE247C2413FE}] => (Allow) C:\Program Files (x86)\Ubisoft\Rayman Origins\Rayman Origins.exe => Pas de fichier
FirewallRules: [{B03BAC9E-D4F8-46B8-A290-B1BFA98CA3F8}] => (Allow) C:\Program Files (x86)\Ubisoft\Rayman Origins\gu.exe => Pas de fichier
FirewallRules: [{97B13B3D-8CF5-42FE-B159-43F75BB9F2E5}] => (Allow) C:\Program Files (x86)\Ubisoft\Rayman Origins\gu.exe => Pas de fichier
FirewallRules: [TCP Query User{F699598E-843B-4E67-A72C-0A03D9F64820}C:\program files\az-launcher\az-launcher.exe] => (Allow) C:\program files\az-launcher\az-launcher.exe => Pas de fichier
FirewallRules: [UDP Query User{C705B1A3-9E4D-4A61-B162-575140E10171}C:\program files\az-launcher\az-launcher.exe] => (Allow) C:\program files\az-launcher\az-launcher.exe => Pas de fichier
FirewallRules: [TCP Query User{7237CC76-00B2-4FC7-8F22-AC8113357F23}C:\users\yo\appdata\roaming\cacaoweb\cacaoweb.exe] => (Allow) C:\users\yo\appdata\roaming\cacaoweb\cacaoweb.exe (CACAOWEB Ltd -> )
FirewallRules: [UDP Query User{7BF9F179-747B-4142-B377-6DBE7AC15847}C:\users\yo\appdata\roaming\cacaoweb\cacaoweb.exe] => (Allow) C:\users\yo\appdata\roaming\cacaoweb\cacaoweb.exe (CACAOWEB Ltd -> )
CMD: cscript %windir%\System32\slmgr.vbs /dlv
CMD: Winmgmt /verifyrepository
CMD: netsh winsock reset
CMD: bitsadmin /reset
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh advfirewall reset 
CMD: netsh int ipv4 reset all
CMD: netsh int ipv6 reset all
CMD: netsh int portproxy reset all
CMD: netsh int tcp reset all
CMD: netsh int ip reset all 
Reg: REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer" /V SmartScreenEnabled /T REG_SZ /D RequireAdmin /f
Reg: REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Dfrg\BootOptimizeFunction" /V Enable /T REG_SZ /D n /f
Reg: REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Dfrg\BootOptimizeFunction" /V OptimizeComplete /T REG_SZ /D no /f
Reg: REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /V PowerdownAfterShutdown /T REG_SZ /D 1 /f
Reg: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /V ClearPageFileAtShutdown /T REG_DWORD /D 0 /f
Reg: REG ADD "HKEY_CURRENT_USER\Control Panel\Desktop" /V MenuShowDelay /T REG_SZ /D 400 /f
Reg: REG ADD "HKEY_CURRENT_USER\Control Panel\Desktop" /V WaitToKillAppTimeout /T REG_SZ /D 1200 /f
Reg: REG ADD "HKEY_CURRENT_USER\Control Panel\Desktop" /V HungAppTimeout /T REG_SZ /D 1200 /f
Reg: REG ADD "HKEY_CURRENT_USER\Control Panel\Desktop" /V AutoEndTasks /T REG_SZ /D 1 /f
Reg: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control" /V WaitToKillServiceTimeout /T REG_SZ /D 1200 /f
Reg: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters" /V TcpMaxPortExhausted /T REG_DWORD /D 1 /f
Reg: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters" /V TcpMaxHalfOpenRetried /T REG_DWORD /D 400 /f
Reg: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters" /V TcpMaxHalfOpen /T REG_DWORD /D 500 /f
Reg: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters" /V SynAttackProtect /T REG_DWORD /D 2 /f
Reg: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters" /V KeapAliveTime /T REG_DWORD /D 300000 /f
Reg: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters" /V EnableDeadGWDetect /T REG_DWORD /D 0 /f
Reg: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters" /V DisableIPSourceRouting /T REG_DWORD /D 1 /f
Reg: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters" /V EnableMulticastForwarding /T REG_DWORD /D 0 /f
Reg: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters" /V IPEnableRouter /T REG_DWORD /D 0 /f
Reg: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters" /V EnableAddrMaskReply /T REG_DWORD /D 0 /f
Reg: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters" /V TcpMaxConnectResponseRetransmissions /T REG_DWORD /D 2 /f
Reg: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters" /V TcpMaxDataRetransmissions /T REG_DWORD /D 2 /f
Reg: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters" /V EnablePMTUDiscovery /T REG_DWORD /D 0 /f
Reg: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters" /V NoNameReleaseOnDemand /T REG_DWORD /D 1 /f
Reg: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\AFD\Parameters" /V EnableDynamicBacklog /T REG_DWORD /D 1 /f
Reg: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\AFD\Parameters" /V MinimumDynamicBacklog /T REG_DWORD /D 20 /f
Reg: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\AFD\Parameters" /V MaximumDynamicBacklog /T REG_DWORD /D 20000 /f
Reg: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\AFD\Parameters" /V DynamicBacklogGrowthDelta /T REG_DWORD /D 10 /f
Reg: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\AFD\Parameters" /V FastCopyReceiveThreshold /T REG_DWORD /D  500 /f
Reg: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\AFD\Parameters" /V FastSendDatagramThreshold /T REG_DWORD /D  500 /f
Reg: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters" /V NoNameReleaseOnDemand /T REG_DWORD /D 1 /f
Reg: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa" /V NoLmHash /T REG_DWORD /D 1 /f
Reg: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa" /V lmcompatibilitylevel /T REG_DWORD /D 5 /f
Reg: REG QUERY "HKU\S-1-5-21-3110098909-1101332020-947144772-1004\SOFTWARE\Policies\Microsoft\Windows\System" /s
Reg: REG QUERY "HKU\S-1-5-21-3110098909-1101332020-947144772-1004\SOFTWARE\Policies\Microsoft\Windows\Explorer" /s
Reg: REG QUERY "HKU\S-1-5-21-3110098909-1101332020-947144772-1001\SOFTWARE\Policies\Microsoft\Windows\System" /s
Reg: REG QUERY "HKU\S-1-5-21-3110098909-1101332020-947144772-1001\SOFTWARE\Policies\Microsoft\Windows\Explorer" /s
C:\users\yo\appdata\roaming\cacaoweb
c:\windows\temp\*.*
C:\Users\yo\AppData\Local\Temp\*.* 
C:\Windows\SoftwareDistribution\Download\*
EmptyTemp: