start:: closeprocesses: createrestorepoint:...

Posté le 14 janvier 2021
Télécharger | Reposter | Largeur fixe

start::
closeprocesses:
createrestorepoint:
AS: Avira Antivirus (Enabled - Up to date) {33CF8AA2-FA06-4AD4-98AB-332D53DD7FFB}
CustomCLSID: HKU\S-1-5-21-3808289131-4108088066-701223813-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\marty\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => Pas de fichier
FirewallRules: [{BB12BE1E-70CE-488F-88EE-ACAA96CBE11D}] => (Allow) C:\Users\marty\AppData\Roaming\Zoom\bin\airhost.exe => Pas de fichier
FirewallRules: [{5CDBC474-2DBA-49B9-9F36-C6A8FFCE70B6}] => (Allow) C:\Users\marty\AppData\Roaming\Zoom\bin\airhost.exe => Pas de fichier
FirewallRules: [{A2C60192-888A-4061-9490-4ADEDF6AAD53}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => Pas de fichier
FirewallRules: [{E86AF12E-38F9-4DF6-B487-832CF1FDBBC5}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => Pas de fichier
FirewallRules: [{70269566-89BA-428A-873E-F49B2D96EFD1}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => Pas de fichier
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3808289131-4108088066-701223813-1001\...\Run: [] => [X]
FF Extension: (Avira Password Manager) - C:\Users\marty\AppData\Roaming\Mozilla\Firefox\Profiles\lfJXWC0v.default\Extensions\passwordmanager@avira.com [2020-03-21]
C:\Users\marty\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll
C:\Users\marty\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
2021-01-14 21:17 - 2020-03-21 10:24 - 000000000 ____D C:\Program Files (x86)\Avira
2021-01-14 21:15 - 2018-12-01 13:49 - 000000000 ____D C:\ProgramData\Avira
2021-01-13 20:09 - 2021-01-13 20:09 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avira
emptytemp:
end::