Start::
CreateRestorePoint:
VirusTotal: C:\Windows\Temp\CR_BAA94.tmp\setup.exe
Startup: C:\Users\helga\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Folding@home.lnk [2020-04-18]
ShortcutTarget: Folding@home.lnk -> C:\Program Files (x86)\FAHClient\HideConsole.exe (Pas de fichier)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {062BE3D2-9FA6-4778-AFBA-318DF936C285} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Pas de fichier <==== ATTENTION
Task: {0DD1D174-E44C-4F51-892F-EA67E067DFE4} - System32\Tasks\EPSON XP-312 313 315 Series Update {2D18FEDB-C817-40B9-B31D-67B594DA807A} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE
Task: {12498A08-B72C-4DFB-A7D0-66E53E7B7F93} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Pas de fichier <==== ATTENTION
Task: {4C2D2C37-CCE3-4195-8E13-4BCCF854414D} - System32\Tasks\EPSON XP-312 313 315 Series Invitation {443C1427-4790-4BA7-9C91-4BEE038DEC9F} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE
Task: {92038A15-3A8C-4FA5-9EB7-B209D14A3B41} - System32\Tasks\EPSON XP-312 313 315 Series Invitation {2D18FEDB-C817-40B9-B31D-67B594DA807A} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE
Task: {14EBF1F5-C7E5-4266-93F3-38AC476F0F2B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Pas de fichier <==== ATTENTION
Task: {33252772-63CA-4DA9-AC67-E652C36227DE} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Pas de fichier <==== ATTENTION
Task: {5F173C1D-E4BA-4D5C-AC29-62F98A08C96E} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Pas de fichier <==== ATTENTION
Task: {6EE62C90-74AA-41BA-9529-53BBF9672D9D} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Pas de fichier <==== ATTENTION
Task: {715CE180-319F-41CD-BBE2-460776C24093} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION
Task: {843A8557-7454-4A3D-8DBC-A6081A8C1C76} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Pas de fichier <==== ATTENTION
Task: {92482845-50D4-4C93-AAF2-0BDBF7049F0F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Pas de fichier <==== ATTENTION
Task: {B7299D04-A9DF-47F3-888A-AAA5A91BFC2E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Pas de fichier <==== ATTENTION
Task: {C99598FB-DFCE-44C0-8AA6-80BCA9647F10} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Pas de fichier <==== ATTENTION
Task: {EEB5834A-3EA4-484E-840C-36618F06E3EF} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Pas de fichier <==== ATTENTION
Task: C:\WINDOWS\Tasks\EPSON XP-312 313 315 Series Invitation {2D18FEDB-C817-40B9-B31D-67B594DA807A}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-312 313 315 Series Invitation {443C1427-4790-4BA7-9C91-4BEE038DEC9F}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-312 313 315 Series Update {2D18FEDB-C817-40B9-B31D-67B594DA807A}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE:/EXE:{2D18FEDB-C817-40B9-B31D-67B594DA807A} /F:UpdateWORKGROUP\ACER$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON XP-312 313 315 Series Update {443C1427-4790-4BA7-9C91-4BEE038DEC9F}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE:/EXE:{443C1427-4790-4BA7-9C91-4BEE038DEC9F} /F:UpdateWORKGROUP\ACER$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
BHO-x32: Pas de nom -> {13D67BB7-DB5F-48AA-884D-7A5D94168509} -> Pas de fichier
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -  Pas de fichier
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\bd_js_config.js [2019-08-30] <==== ATTENTION (Pointe vers un fichier *.cfg)
FF ExtraCheck: C:\Program Files\mozilla firefox\bd_config.cfg [2019-08-30] <==== ATTENTION
CHR NewTab: Default ->  Active:"chrome-extension://icoejgdflkmfmjjnajgjlekoehgjlknm/newtab/index.html", Active:"chrome-extension://dehmegeblmdipankockognekhbifghbp/browserAction/newTab/newTab.html"
S2 GsRunner helga; "C:\Program Files\Siber Systems\GoodSync\gsync.exe" /runner-service="C:/Users/helga/AppData/Roaming/GoodSync" [X]
U2 MediaMall Server; pas de ImagePath
C:\ProgramData\agent.update.1598367368.bdinstall.v2.bin
VirusTotal: C:\WINDOWS\system32\{86F549EB-A66B-4D6C-958D-CDDD66410751}.bat
VirusTotal: C:\Program Files (x86)\Common Files\lpuninstall.exe
C:\Users\helga\AppData\Roaming\FosCloudPlugin.log
C:\Users\helga\AppData\Local\oobelibMkey.log
VirusTotal: C:\Users\helga\AppData\Local\temp.bat
CustomCLSID: HKU\S-1-5-21-2112855349-3843536276-3557369114-1008_Classes\CLSID\{004B49B7-11B9-5058-AA22-08DD0A3ADC4B}\InprocServer32 -> {18B7BB5F-9468-D082-092B-C6E985889A47} => Pas de fichier
CustomCLSID: HKU\S-1-5-21-2112855349-3843536276-3557369114-1008_Classes\CLSID\{DD0822AA-3A0A-4BDC-B749-4B00B9115850}\InprocServer32 -> {5724C050-9468-D082-0650-55A685889A47} => Pas de fichier
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Pas de fichier
ShortcutWithArgument: C:\Users\helga\Desktop\...000 NAS - Synology DiskStation.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=jihomdalendnigidhglodkbnbopidfbk
ShortcutWithArgument: C:\Users\helga\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-apps\...00 NAS - xxx DiskStation.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=jihomdalendnigidhglodkbnbopidfbk
ShortcutWithArgument: C:\Users\helga\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-apps\Signal Private Messenger.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) ->  --profile-directory=Default --app-id=bikioccmkafdpakkkcpdbppfkghcmihk
AlternateDataStreams: C:\ProgramData\Temp:2CB9631F [134]
AlternateDataStreams: C:\ProgramData\Temp:40F5ECB6 [121]
AlternateDataStreams: C:\ProgramData\Temp:8BF7ADD1 [212]
FirewallRules: [{D83ED376-BA4D-42E4-85CD-380876C210EA}] => (Allow) E:\Network\EpsonNetSetup\ENEasyApp.exe => Pas de fichier
FirewallRules: [{0F504901-AE16-473E-9B69-BF6547A8C12A}] => (Allow) E:\Network\EpsonNetSetup\ENEasyApp.exe => Pas de fichier
EmptyTemp:
Reboot:
End::