start:: closeprocesses: createrestorepoint:...

Édité le 19 février 2022
Télécharger | Reposter | Largeur fixe

start::
closeprocesses:
createrestorepoint:
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll -> Pas de fichier
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll -> Pas de fichier
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll -> Pas de fichier
C:\Program Files\ESET
AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
AlternateDataStreams: C:\Windows\system32\9EarsSurroundSound.dll:72B1DE377E [10]
AlternateDataStreams: C:\ProgramData\ClownfishVoiceChanger.ini:11F6F046F7 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AZ Launcher - Minecraft.lnk:EE97536411 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks 5 Multi-Instance Manager.lnk:35C0D57199 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks 5.lnk:088221F38A [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini:41964AA945 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk:F20EF51E1F [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk:F208FC6732 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk:C7FE7E9A98 [10]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [5032]
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-378358812-1298706659-4086652433-1001\...\webcompanion.com -> hxxp://webcompanion.com
HKU\S-1-5-21-378358812-1298706659-4086652433-1001\...\StartupApproved\Run: => "utweb"
HKU\S-1-5-21-378358812-1298706659-4086652433-1001\...\StartupApproved\Run: => "Web Companion"
FirewallRules: [{7A7E1926-5555-4351-9E2C-0A717CAB1CE0}] => (Block) %ProgramFiles%\ESET\ESET Security\ekrn.exe => Pas de fichier
FirewallRules: [{B9C8151D-09EE-40DD-BED3-60DFFD7117E1}] => (Block) %ProgramFiles%\ESET\ESET Security\speclean.exe => Pas de fichier
FirewallRules: [{CC3F4AE6-FC36-4DC5-8BB3-78203F6F14C0}] => (Block) %ProgramFiles%\ESET\ESET Security\ekrn.exe => Pas de fichier
FirewallRules: [{403DDC0F-50FB-481E-A728-FDFBA2BFF495}] => (Allow) C:\Program Files\DriversCloud.com\DriversCloud.exe => Pas de fichier
FirewallRules: [{AA2BE693-21E3-4166-8868-19D8B37FF474}] => (Allow) C:\Program Files\DriversCloud.com\DriversCloud.exe => Pas de fichier
FirewallRules: [TCP Query User{BB1C9206-A273-4C8F-8B0B-8E383AACE47B}C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe => Pas de fichier
FirewallRules: [UDP Query User{72221A35-4F29-4F33-9CC4-76BC337AF5DB}C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe => Pas de fichier
FirewallRules: [{37FB0CA4-69F1-496B-87BB-619EE94DEEA7}] => (Allow) C:\Program Files (x86)\Overwolf\0.188.0.22\OverwolfBrowser.exe => Pas de fichier
FirewallRules: [{911E7D98-1BA6-4F57-AC77-D3A20B197651}] => (Allow) C:\Program Files (x86)\Overwolf\0.188.0.22\OverwolfBrowser.exe => Pas de fichier
FirewallRules: [{CF6B26E5-B2EE-4156-874C-7CCBE5A38B5E}] => (Block) C:\Program Files (x86)\Overwolf\0.188.0.22\OverwolfBrowser.exe => Pas de fichier
FirewallRules: [{5DCF9528-3BC5-476B-8FD5-2841D35E37D7}] => (Block) C:\Program Files (x86)\Overwolf\0.188.0.22\OverwolfBrowser.exe => Pas de fichier
FirewallRules: [{4D8EED2F-48A1-4934-972D-88C866A14EF9}] => (Allow) C:\Program Files (x86)\Overwolf\0.190.0.13\OverwolfBrowser.exe => Pas de fichier
FirewallRules: [{A2758F7C-C8CE-4033-806D-66CFC9387CF0}] => (Allow) C:\Program Files (x86)\Overwolf\0.190.0.13\OverwolfBrowser.exe => Pas de fichier
FirewallRules: [{FF438FC4-9102-46BF-8365-84E66B86CAD0}] => (Block) C:\Program Files (x86)\Overwolf\0.190.0.13\OverwolfBrowser.exe => Pas de fichier
FirewallRules: [{7A2D07A3-44DF-4345-8C4E-35481D4E8796}] => (Block) C:\Program Files (x86)\Overwolf\0.190.0.13\OverwolfBrowser.exe => Pas de fichier
HKLM\...\Run: [egui] => "C:\Program Files\ESET\ESET Security\ecmds.exe" /run /hide /proxy (Pas de fichier)
HKU\S-1-5-21-378358812-1298706659-4086652433-1001\...\Run: [utweb] => "C:\Users\galax\AppData\Roaming\uTorrent Web\utweb.exe" /MINIMIZED (Pas de fichier)
HKU\S-1-5-21-378358812-1298706659-4086652433-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize (Pas de fichier)
C:\Program Files (x86)\Lavasoft
Task: {4AAE8B34-101A-4FC7-A4B0-6480D99D7BA8} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe /RunningFrom Schedule (Pas de fichier)
Edge HKLM-x32\...\Edge\Extension: [caiblelclndcckfafdaggpephhgfpoip]
Edge HKLM-x32\...\Edge\Extension: [emgfgdclgfeldebanedpihppahgngnle]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [mfhcmdonhekjhfbjmeacdjbhlfgpjabp]
S2 ekrn; "C:\Program Files\ESET\ESET Security\ekrn.exe" [X]
S3 ekrnEpfw; "C:\Program Files\ESET\ESET Security\ekrn.exe" [X]
S3 OverwolfUpdater; "C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe" /RunningFrom SCM [X]
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [160992 2020-10-26] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [15288 2020-10-22] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [190464 2020-10-26] (ESET, spol. s r.o. -> ESET)
S4 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [107784 2020-10-26] (ESET, spol. s r.o. -> ESET)
emptytemp:
end::