CreateRestorePoint:
CloseProcesses:
SystemRestore: On
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\PokerStars.fr.lnk -> C:\Program Files (x86)\PokerStars.FR\PokerStarsUpdate.exe (Pas de fichier)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk -> C:\Program Files\Microsoft Office\root\Office16\MSACCESS.EXE (Pas de fichier)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Pas de fichier)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro CC 2019.lnk -> C:\Program Files\Adobe\Adobe Premiere Pro CC 2019\Adobe Premiere Pro.exe (Pas de fichier)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk -> C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE (Pas de fichier)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk -> C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe (Pas de fichier)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTE.EXE (Pas de fichier)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk -> C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE (Pas de fichier)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk -> C:\Program Files\Microsoft Office\root\Office16\POWERPNT.EXE (Pas de fichier)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk -> C:\Program Files\Microsoft Office\root\Office16\MSPUB.EXE (Pas de fichier)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype Entreprise.lnk -> C:\Program Files\Microsoft Office\root\Office16\lync.exe (Pas de fichier)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk -> C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE (Pas de fichier)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy\Speccy.lnk -> C:\Program Files\Speccy\Speccy64.exe (Pas de fichier)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer\Razer Synapse.lnk -> C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe (Pas de fichier)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerStars.fr\Network Status.lnk -> C:\Program Files (x86)\PokerStars.FR\Tracer.exe (Pas de fichier)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerStars.fr\PokerStars.fr.lnk -> C:\Program Files (x86)\PokerStars.FR\PokerStarsUpdate.exe (Pas de fichier)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerStars.fr\Uninstall PokerStars.fr.lnk -> C:\Program Files (x86)\PokerStars.FR\PokerStarsUninstall.exe (Pas de fichier)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils Microsoft Office\Centre de téléchargement Office.lnk -> C:\Program Files\Microsoft Office\root\Client\AppVLP.exe (Pas de fichier)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils Microsoft Office\Database Compare.lnk -> C:\Program Files\Microsoft Office\root\Client\AppVLP.exe (Pas de fichier)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils Microsoft Office\Gestionnaire d’enregistrements Skype Entreprise.lnk -> C:\Program Files\Microsoft Office\root\Office16\OcPubMgr.exe (Pas de fichier)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils Microsoft Office\Journal de télémétrie pour Office.lnk -> C:\Program Files\Microsoft Office\root\Office16\msoev.exe (Pas de fichier)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils Microsoft Office\Préférences linguistiques d’Office.lnk -> C:\Program Files\Microsoft Office\root\Office16\SETLANG.EXE (Pas de fichier)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils Microsoft Office\Spreadsheet Compare.lnk -> C:\Program Files\Microsoft Office\root\Client\AppVLP.exe (Pas de fichier)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils Microsoft Office\Tableau de bord de télémétrie pour Office.lnk -> C:\Program Files\Microsoft Office\root\Office16\msotd.exe (Pas de fichier)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\A propos de Java.lnk -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\javacpl.exe (Pas de fichier)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configurer Java.lnk -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\javacpl.exe (Pas de fichier)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Rechercher les mises à jour.lnk -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\javacpl.exe (Pas de fichier)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriversCloud.com\DriversCloud.com - Démarrer la détection.lnk -> C:\Program Files\DriversCloud.com\DriversCloud.exe (Pas de fichier)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriversCloud.com\DriversCloud.html.lnk -> C:\Program Files\DriversCloud.com\DriversCloud.html (Pas de fichier)
Shortcut: C:\Users\lilia\Desktop\Adobe Premiere Pro Auto-Save\Drone USA\Adobe Premiere Pro CC 2019.lnk -> C:\Program Files\Adobe\Adobe Premiere Pro CC 2019\Adobe Premiere Pro.exe (Pas de fichier)
Shortcut: C:\Users\lilia\Creative Cloud Files\_Documents en ligne.lnk -> C:\Program Files (x86)\Adobe\Adobe Sync\Coresync\Coresync.exe (Pas de fichier)
Shortcut: C:\Users\lilia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom\Start Zoom.lnk -> C:\Users\lilia\AppData\Roaming\Zoom\bin\Zoom.exe (Pas de fichier)
Shortcut: C:\Users\lilia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom\Uninstall Zoom.lnk -> C:\Users\lilia\AppData\Roaming\Zoom\uninstall\Installer.exe (Pas de fichier)
Shortcut: C:\Users\Public\Desktop\Les Sims 4.lnk -> C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin_LE\TS4.exe (Pas de fichier)
C:\Program Files\Malwarebytes
C:\Program Files\Speccy
C:\Program Files\DriversCloud.com
Reg: REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Dfrg\BootOptimizeFunction" /V Enable /T REG_SZ /D n /f
Reg: REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Dfrg\BootOptimizeFunction" /V OptimizeComplete /T REG_SZ /D no /f
Reg: REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /V PowerdownAfterShutdown /T REG_SZ /D 1 /f
Reg: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /V ClearPageFileAtShutdown /T REG_DWORD /D 0 /f
Reg: REG ADD "HKEY_CURRENT_USER\Control Panel\Desktop" /V MenuShowDelay /T REG_SZ /D 400 /f
Reg: REG ADD "HKEY_CURRENT_USER\Control Panel\Desktop" /V WaitToKillAppTimeout /T REG_SZ /D 1200 /f
Reg: REG ADD "HKEY_CURRENT_USER\Control Panel\Desktop" /V HungAppTimeout /T REG_SZ /D 1200 /f
Reg: REG ADD "HKEY_CURRENT_USER\Control Panel\Desktop" /V AutoEndTasks /T REG_SZ /D 1 /f
Reg: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control" /V WaitToKillServiceTimeout /T REG_SZ /D 1200 /f
CMD: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa" /V lmcompatibilitylevel /T REG_DWORD /D 5 /f
CMD: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters" /V TcpMaxPortExhausted /T REG_DWORD /D 1 /f
CMD: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters" /V TcpMaxHalfOpenRetried /T REG_DWORD /D 400 /f
CMD: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters" /V TcpMaxHalfOpen /T REG_DWORD /D 500 /f
CMD: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters" /V SynAttackProtect /T REG_DWORD /D 2 /f
CMD: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters" /V KeapAliveTime /T REG_DWORD /D 300000 /f
CMD: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters" /V EnableDeadGWDetect /T REG_DWORD /D 0 /f
CMD: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters" /V DisableIPSourceRouting /T REG_DWORD /D 1 /f
CMD: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters" /V EnableMulticastForwarding /T REG_DWORD /D 0 /f
CMD: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters" /V IPEnableRouter /T REG_DWORD /D 0 /f
CMD: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters" /V EnableAddrMaskReply /T REG_DWORD /D 0 /f
CMD: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters" /V TcpMaxConnectResponseRetransmissions /T REG_DWORD /D 2 /f
CMD: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters" /V TcpMaxDataRetransmissions /T REG_DWORD /D 2 /f
CMD: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters" /V EnablePMTUDiscovery /T REG_DWORD /D 0 /f
CMD: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters" /V NoNameReleaseOnDemand /T REG_DWORD /D 1 /f
CMD: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\AFD\Parameters" /V EnableDynamicBacklog /T REG_DWORD /D 1 /f
CMD: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\AFD\Parameters" /V MinimumDynamicBacklog /T REG_DWORD /D 20 /f
CMD: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\AFD\Parameters" /V MaximumDynamicBacklog /T REG_DWORD /D 20000 /f
CMD: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\AFD\Parameters" /V DynamicBacklogGrowthDelta /T REG_DWORD /D 10 /f
CMD: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters" /V NoNameReleaseOnDemand /T REG_DWORD /D 1 /f
CMD: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa" /V NoLmHash /T REG_DWORD /D 1 /f
CMD: md C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database
CMD: netsh winsock reset 
CMD: ipconfig /flushdns
CMD: netsh advfirewall reset 
CMD: netsh int ipv4 reset all
CMD: netsh int ipv6 reset all
CMD: netsh int portproxy reset all
CMD: netsh int tcp reset all
c:\windows\temp\*.*
C:\Users\CurrentUserName\AppData\Local\Temp\*.*
C:\Windows\SoftwareDistribution\Download\ *
EmptyTemp: