CreateRestorePoint:
CloseProcesses:
HKU\S-1-5-21-2556729981-529755724-54686541-1001\...\RunOnce: [Application Restart #3] => C:\Windows\SysWOW64\muachost.exe [1692840 2015-08-18] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
BootExecute: autocheck autochk * icarus_rvrt.exe
GroupPolicy: Restriction ? <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {A23EB61C-A33D-4650-B653-0EB3EE632EB0} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {F9AF484A-61B5-4AD1-9CDA-2D694AA41AB2} - System32\Tasks\Auslogics\Disk Defrag\Start Disk Defrag on bobolink logon => C:\Program Files (x86)\Auslogics\Disk Defrag\Integrator.exe [3562872 2020-10-05] (Auslogics Labs Pty Ltd -> Auslogics)
CHR Notifications: Default -> hxxps://www.emuparadise.me; hxxps://www.facebook.com; hxxps://www.first4figures.com; hxxps://www.pinterest.fr; hxxps://www.youtube.com
2020-10-14 17:39 - 2020-10-14 17:39 - 000000000 ____D C:\Users\bobolink\Desktop\FRST-OlderVersion
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Pas de fichier
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [480]
FirewallRules: [TCP Query User{EFD985AC-2516-4FCB-B459-75A576C893CC}C:\users\bobolink\appdata\local\vavoo\vavoo.exe] => (Allow) C:\users\bobolink\appdata\local\vavoo\vavoo.exe => Pas de fichier
FirewallRules: [UDP Query User{B46B265D-34B3-4214-8BD3-2B3BDC0B47CD}C:\users\bobolink\appdata\local\vavoo\vavoo.exe] => (Allow) C:\users\bobolink\appdata\local\vavoo\vavoo.exe => Pas de fichier
FirewallRules: [{97327C15-0CC6-4E3D-B089-ABAFDCA6BC9E}] => (Block) C:\Program Files (x86)\Adobe Photoshop CS6\Photoshop.exe => Pas de fichier
FirewallRules: [{CADB0354-B7D8-46EB-AEB8-2724C47E73AF}] => (Block) C:\Program Files\VEGAS\VEGAS Pro 16.0\vegas160.exe => Pas de fichier
FirewallRules: [{3AF45DDC-06B1-4980-A38E-07C30FA2C223}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Pas de fichier
FirewallRules: [{85CA58E5-2B63-4782-93C4-FF1A95DF3DD9}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Pas de fichier
FirewallRules: allRules: [TCP Query User{1989DA1F-B7BC-48D7-92DF-7550C6985F27}C:\program files (x86)\steam\steamapps\common\rideop - vr thrill ride experience\rideopvrexperience\binaries\win64\rideopvrexperience-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\rideop - vr thrill ride experience\rideopvrexperience\binaries\win64\rideopvrexperience-win64-shipping.exe => Pas de fichier
FirewallRules: [UDP Query User{A9E3952B-B73B-4D0C-A80B-D3FDB45B85B3}C:\program files (x86)\steam\steamapps\common\rideop - vr thrill ride experience\rideopvrexperience\binaries\win64\rideopvrexperience-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\rideop - vr thrill ride experience\rideopvrexperience\binaries\win64\rideopvrexperience-win64-shipping.exe => Pas de fichier
FirewallRules: [TCP Query User{AE30BE19-94A6-463F-9602-47BFF2321045}C:\program files\magix\vr-x player\vr-x player.exe] => (Allow) C:\program files\magix\vr-x player\vr-x player.exe => Pas de fichier
FirewallRules: [UDP Query User{15E5C927-53DE-4890-90FB-5FCEC3FCDB78}C:\program files\magix\vr-x player\vr-x player.exe] => (Allow) C:\program files\magix\vr-x player\vr-x player.exe => Pas de fichier
C:\Users\bobolink\Documents\VAVOO.lnk -> C:\Users\bobolink\AppData\Local\VAVOO\vavoo.exe (Pas de fichier)
Shortcut: C:\Users\bobolink\Documents\Application Aleks\TeamViewer 14.lnk -> C:\Program Files (x86)\TeamViewer\TeamViewer.exe (Pas de fichier)
C:\users\bobolink\appdata\local\vavoo
C:\Program Files (x86)\Adobe Photoshop CS6
C:\Program Files (x86)\Steam
C:\program files\magix
C:\Program Files (x86)\TeamViewer
CMD: cscript %windir%\System32\slmgr.vbs /dli
CMD: netsh winsock reset all
CMD: netsh advfirewall reset 
CMD: netsh int ipv4 reset all
CMD: netsh int ipv6 reset all
CMD: netsh int portproxy reset all
CMD: netsh int tcp reset all
CMD: bitsadmin /reset
Reg: REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Dfrg\BootOptimizeFunction" /V Enable /T REG_SZ /D n /f
Reg: REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Dfrg\BootOptimizeFunction" /V OptimizeComplete /T REG_SZ /D no /f
Reg: REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /V PowerdownAfterShutdown /T REG_SZ /D 1 /f
Reg: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /V ClearPageFileAtShutdown /T REG_DWORD /D 0 /f
Reg: REG ADD "HKEY_CURRENT_USER\Control Panel\Desktop" /V MenuShowDelay /T REG_SZ /D 400 /f
Reg: REG ADD "HKEY_CURRENT_USER\Control Panel\Desktop" /V WaitToKillAppTimeout /T REG_SZ /D 1200 /f
Reg: REG ADD "HKEY_CURRENT_USER\Control Panel\Desktop" /V HungAppTimeout /T REG_SZ /D 1200 /f
Reg: REG ADD "HKEY_CURRENT_USER\Control Panel\Desktop" /V AutoEndTasks /T REG_SZ /D 1 /f
Reg: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control" /V WaitToKillServiceTimeout /T REG_SZ /D 1200 /f
c:\windows\temp\*.*
C:\Users\CurrentUserName\AppData\Local\Temp\*.*
C:\Windows\SoftwareDistribution\Download\ *
EmptyTemp: