start:: CreateRestorePoint: CloseProcesses: Hosts: RemoveProxy: HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe HKU\S-1-5-21-1802723799-2739854329-3866504653-1001\...\Run: [cacaoweb] => C:\Users\charl\AppData\Roaming\cacaoweb\cacaoweb.exe HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION Task: {4233D828-2B98-4CC5-8C68-354F674610C0} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\1.6.106\DADUpdater.exe Task: {44CBA0D8-D086-4539-9C57-5F7A9BAFD261} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\platform\McUICnt.exe Task: {86CA9E93-5646-4B54-B700-6B95B245A87C} - System32\Tasks\McAfee\McAfee Idle Detection Task => {ABCDCA3B-DE6B-5A7C-B132-6D7CBA63E5C5} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe Task: {D0E2D246-09DE-47CE-AEE9-ED056B61AA1C} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe FF Extension: (cacaoweb) - C:\Users\charl\AppData\Roaming\Mozilla\Firefox\Profiles\13g4ydzv.default-release\Extensions\cacaoweb@cacaoweb.org FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL S3 ClientAnalyticsService; C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_15_8\McApExe.exe S3 McAWFwk; C:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\2.9.175.0\\McCSPServiceHost.exe S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe R3 mfevtp; C:\windows\system32\mfevtps.exe R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys U3 mfeavfk01; pas de ImagePath S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys 2021-08-29 21:53 - 2021-08-31 18:29 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee 2021-08-29 21:53 - 2021-08-29 21:53 - 000002486 _____ C:\WINDOWS\system32\Tasks\McAfeeLogon 2021-08-31 20:02 - 2018-05-15 17:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee 2019-04-05 21:37 - 2019-04-05 21:37 - 000000000 _____ () C:\Users\charl\AppData\Local\{A4BB894E-4844-45F1-BB56-019040C05212} ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\mcafee\msc\McCtxMenuFrmWrk.dll ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\mcafee\msc\McCtxMenuFrmWrk.dll HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="Service" Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll EmptyTemp: cmd: ipconfig /flushdns cmd: sfc /scannow end::