start::
CreateRestorePoint:
CloseProcesses:
HKU\S-1-5-21-4178424111-3086846748-1683071943-1001\...\Run: [] => [X]
HKU\S-1-5-21-4178424111-3086846748-1683071943-1001\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [4040008 2019-08-13] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier
Task: {4901B38C-2C21-4291-B3C6-E81678FD81BE} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
Task: {333EDE83-3117-4FB7-A2C9-8123698D195F} - System32\Tasks\pecokukot\{3BE6C5CD-8FDF-1D77-769F-1ADC783BAC59} => C:\Users\GUERRA~1\AppData\Local\PECEME~1\PECOKU~1.EXE <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [78936 2019-06-07]
S0 avelam; C:\WINDOWS\System32\drivers\avelam.sys [22336 2019-03-20]
R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [45472 2019-03-20]
U3 aswbdisk; pas de ImagePath
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
2019-09-02 20:04 - 2019-09-25 00:02 - 000000000 ____D C:\ProgramData\Segurazo
2019-09-02 20:04 - 2019-09-25 00:02 - 000000000 ____D C:\Program Files (x86)\Segurazo
2019-09-25 20:47 - 2016-02-26 15:33 - 000000000 __HDC C:\ProgramData\{2B89F58C-32F7-46EC-A448-AECDF1F22B7B}
2019-09-24 23:48 - 2019-06-17 09:26 - 000000000 ____D C:\ProgramData\Avira
2019-09-13 15:01 - 2019-07-20 12:49 - 000002566 _____ C:\WINDOWS\System32\Tasks\Avira_Antivirus_Systray
2019-09-04 11:21 - 2019-07-19 19:34 - 000203440 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2019-09-04 11:21 - 2019-07-19 19:34 - 000195648 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2019-09-25 00:02 - 2019-06-17 09:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
EmptyTemp:
end::