start::
closeprocesses:
createrestorepoint:
CustomCLSID: HKU\S-1-5-21-2320667067-559883105-1614379642-1001_Classes\CLSID\{9486aaf1-0930-362a-962d-8e6908739c817}\InprocServer32 -> 0x2B138275C3FED60121638275C3FED601010000000400000000000000 => Pas de fichier
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
BHO: Pas de nom -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> Pas de fichier
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
FirewallRules: [{3BFC647C-2E0A-4A69-A466-1356777BC529}] => (Allow) C:\Program Files\ASUS\ARMOURY CRATE Service\MobilePlugin\AutoConnectHelper.exe => Pas de fichier
FirewallRules: [TCP Query User{459D5C83-FD1F-4DE8-A5AE-6EC4647ABA14}C:\users\azokk\appdata\local\programs\opera\77.0.4054.90\opera.exe] => (Allow) C:\users\azokk\appdata\local\programs\opera\77.0.4054.90\opera.exe => Pas de fichier
FirewallRules: [UDP Query User{8E5C7999-BD0E-45AE-8D16-9E728AD3D01C}C:\users\azokk\appdata\local\programs\opera\77.0.4054.90\opera.exe] => (Allow) C:\users\azokk\appdata\local\programs\opera\77.0.4054.90\opera.exe => Pas de fichier
FirewallRules: [TCP Query User{2EAF6631-9115-469F-B847-19E712815F4A}C:\program files (x86)\orbitdownloader\orbitnet.exe] => (Allow) C:\program files (x86)\orbitdownloader\orbitnet.exe => Pas de fichier
FirewallRules: [UDP Query User{C6E54C5B-6047-4D9C-BA51-8A9E8DD039CC}C:\program files (x86)\orbitdownloader\orbitnet.exe] => (Allow) C:\program files (x86)\orbitdownloader\orbitnet.exe => Pas de fichier
FirewallRules: [TCP Query User{37BFEBE1-ACA5-425E-8762-8E57C6DAE8FD}C:\users\azokk\appdata\local\programs\opera\78.0.4093.231\opera.exe] => (Block) C:\users\azokk\appdata\local\programs\opera\78.0.4093.231\opera.exe => Pas de fichier
FirewallRules: [UDP Query User{383DCD06-F983-4FE5-8D04-3B76350E5811}C:\users\azokk\appdata\local\programs\opera\78.0.4093.231\opera.exe] => (Block) C:\users\azokk\appdata\local\programs\opera\78.0.4093.231\opera.exe => Pas de fichier
FirewallRules: [{B86438E4-4AE8-4B83-8F5F-D13C03399696}] => (Allow) C:\Program Files\Vuze\Azureus.exe => Pas de fichier
FirewallRules: [{825759B4-B6B5-4928-B66B-DBA10B60942D}] => (Allow) C:\Program Files\Vuze\Azureus.exe => Pas de fichier
FirewallRules: [{DBC0376A-4E67-4BD6-9454-F01D6D247F67}] => (Allow) C:\Program Files\ASUS\ARMOURY CRATE Service\MobilePlugin\AutoConnectHelper.exe => Pas de fichier
FirewallRules: [{57169282-D9D7-496E-9742-A5F8A3B5B808}] => (Allow) C:\Program Files\ASUS\ARMOURY CRATE Service\MobilePlugin\AutoConnectHelper.exe => Pas de fichier
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.) [Fichier non signé]
cmd: type C:\Users\azokk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Controle.vbs
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {4680A8DF-7B63-403E-ABB1-3FA7B77DE631} - \Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan -> Pas de fichier <==== ATTENTION
Task: {559B0F92-63C4-4001-AE5E-A650091C71B8} - \Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance -> Pas de fichier <==== ATTENTION
Task: {6189E1AA-0D29-4809-AC64-EBF94F3B3224} - \ASUS\ASUSUpdateTaskMachineCore1d6a98d12721278 -> Pas de fichier <==== ATTENTION
Task: {6CBEF361-EE00-46F9-B3B8-D803788F07C8} - \Microsoft\Windows\Management\Provisioning\PostResetBoot -> Pas de fichier <==== ATTENTION
Task: {DB1218E6-F693-4F20-BC36-E62D6CB63AB4} - \Microsoft\Windows\Windows Defender\Windows Defender Cleanup -> Pas de fichier <==== ATTENTION
Task: {E559FBB0-7370-4985-90DD-5D6B10DFC5F1} - \Microsoft\Windows\Windows Defender\Windows Defender Verification -> Pas de fichier <==== ATTENTION
Edge Extension: (Google) - C:\ProgLog\ProgLog\ProgLog\ProgLog\ProgLog\ProgLog\ProgLog [2021-03-11]
C:\ProgLog
Edge HKU\S-1-5-21-2320667067-559883105-1614379642-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [llbjbkhnmlidjebalopleeepgdfgcpec] - C:\Program Files (x86)\Internet Download Manager\IDMEdgeExt.crx <non trouvé(e)>
Edge HKLM-x32\...\Edge\Extension: [pdhdldaneekjpoaldekpgomomeabpnek]
FF Notifications: Mozilla\Firefox\Profiles\oryjsfi1.default-release -> hxxps://www.forumdbl.com;
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl]
CHR HKLM-x32\...\Chrome\Extension: [khndhdhbebhaddchcgnalcjlaekbbeof]
U1 aswbdisk; pas de ImagePath
S3 mfeaack01; \Device\mfeaack01.sys [X]
cmd: sfc /scannow
emptytemp:
end::