start:: closeprocesses: createrestorepoint:...

Édité le 26 janvier 2023
Télécharger | Reposter | Largeur fixe

start::
closeprocesses:
createrestorepoint:
CustomCLSID: HKU\S-1-5-21-2818061667-358164760-1632197267-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\WilPa\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => No File
AV: McAfee VirusScan (Enabled - Up to date) {F682A51C-4EAD-6A3A-F460-B9C1D4A2DB09}
FW: Pare-feu McAfee (Enabled) {CEB92439-04C2-6B62-DF3F-10F42A719C72}
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2022-07-26] (McAfee, LLC -> McAfee, LLC)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2022-07-26] (McAfee, LLC -> McAfee, LLC)
FirewallRules: [UDP Query User{6E91AE35-991E-4741-B080-587EF2BB567A}C:\users\wilpa\downloads\anydesk.exe] => (Allow) C:\users\wilpa\downloads\anydesk.exe => No File
FirewallRules: [TCP Query User{8A2C6CDE-C83F-4B7A-8782-61E729E3B6F2}C:\users\wilpa\downloads\anydesk.exe] => (Allow) C:\users\wilpa\downloads\anydesk.exe => No File
FirewallRules: [TCP Query User{BE6AD069-0920-4C54-8280-6D23739D0779}C:\users\wilpa\downloads\anydesk (3).exe] => (Allow) C:\users\wilpa\downloads\anydesk (3).exe => No File
FirewallRules: [UDP Query User{E3F41AED-E5F4-44E5-92BA-E3ECAEB8EF64}C:\users\wilpa\downloads\anydesk (3).exe] => (Allow) C:\users\wilpa\downloads\anydesk (3).exe => No File
FirewallRules: [TCP Query User{5964CE8C-CA18-4BEA-B8F9-A553F3E8643B}C:\users\wilpa\appdata\local\temp\xamarin\xma\local\broker\7d112053\broker.exe] => (Allow) C:\users\wilpa\appdata\local\temp\xamarin\xma\local\broker\7d112053\broker.exe => No File
FirewallRules: [UDP Query User{2D8AFC5C-04F4-4685-8A85-D50D897D1A93}C:\users\wilpa\appdata\local\temp\xamarin\xma\local\broker\7d112053\broker.exe] => (Allow) C:\users\wilpa\appdata\local\temp\xamarin\xma\local\broker\7d112053\broker.exe => No File
FirewallRules: [TCP Query User{B35A6829-9CB4-4116-9856-75390A61E914}C:\program files (x86)\freestyle gunz\gunz.exe] => (Allow) C:\program files (x86)\freestyle gunz\gunz.exe => No File
FirewallRules: [UDP Query User{283EB951-B8AD-42C8-8D27-6FA82CBF9A3B}C:\program files (x86)\freestyle gunz\gunz.exe] => (Allow) C:\program files (x86)\freestyle gunz\gunz.exe => No File
FirewallRules: [{6B6921F4-9307-4A2D-B3E6-BCA2E67FAA37}] => (Block) C:\program files (x86)\freestyle gunz\gunz.exe => No File
FirewallRules: [{66305B24-D829-40A3-AE7B-E8A11C4CDDCA}] => (Block) C:\program files (x86)\freestyle gunz\gunz.exe => No File
FirewallRules: [{FC7434C7-8A95-4A6E-B86B-38E897E1411B}] => (Allow) C:\Users\WilPa\AppData\Roaming\BitTorrent\BitTorrent.exe => No File
FirewallRules: [{D5307B27-DAF2-49FC-B6FF-48652B8C1889}] => (Allow) C:\Users\WilPa\AppData\Roaming\BitTorrent\BitTorrent.exe => No File
Task: {73D28EFC-C691-4F88-8D33-50DEC02068A9} - System32\Tasks\McAfee\McAfee OOBE Patch Telemetry => C:\Program Files\Common Files\McAfee\ModuleCore\DayZeroOOBEFix_64.exe [3499728 2020-05-31] (McAfee, LLC -> McAfee, LLC)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
C:\Users\WilPa\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
C:\Users\WilPa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [850256 2023-01-22] (McAfee, LLC -> McAfee, LLC)
C:\Program Files\McAfee
HKU\S-1-5-21-2818061667-358164760-1632197267-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\WilPa\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-2818061667-358164760-1632197267-1001\...\RunOnce: [Uninstall 22.253.1204.0001] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\WilPa\AppData\Local\Microsoft\OneDrive\22.253.1204.0001" (No File)
2023-01-25 13:29 - 2023-01-25 13:29 - 000000000 ____D C:\Users\Public\Documents\RegRunInfo
2023-01-25 13:28 - 2023-01-25 13:31 - 000000000 ____D C:\Users\WilPa\AppData\Local\UnHackMe
2023-01-25 13:28 - 2023-01-25 13:28 - 036782740 _____ C:\Users\WilPa\Downloads\reanimator.zip
2023-01-25 13:28 - 2023-01-25 13:28 - 000000000 ____D C:\Program Files (x86)\Greatis
2023-01-25 13:05 - 2023-01-25 13:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GridinSoft Anti-Malware
2023-01-25 13:05 - 2023-01-25 13:05 - 000905704 _____ (Gridinsoft LLC) C:\Users\WilPa\Downloads\install-antimalware-fix.exe
2023-01-25 13:05 - 2023-01-25 13:05 - 000000000 ____D C:\ProgramData\GridinSoft
2023-01-26 09:22 - 2020-05-31 00:31 - 000000000 ____D C:\ProgramData\McAfee
2023-01-26 09:15 - 2022-01-26 08:07 - 000000000 ____D C:\Users\WilPa\.docker
2023-01-26 09:15 - 2022-01-26 08:04 - 000000000 ____D C:\ProgramData\DockerDesktop
2023-01-26 09:15 - 2022-01-26 08:02 - 000000000 ____D C:\Users\WilPa\AppData\Roaming\Docker
2023-01-26 09:15 - 2022-01-26 08:02 - 000000000 ____D C:\Users\WilPa\AppData\Local\Docker
2023-01-26 09:15 - 2022-01-26 08:02 - 000000000 ____D C:\Program Files\Docker
emptytemp:
end::