start::
closeprocesses:
createrestorepoint:
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {33CF8AA2-FA06-4AD4-98AB-332D53DD7FFB}
ContextMenuHandlers2: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} => C:\Program Files (x86)\Avira\Security\Antivirus.ContextMenu\Antivirus.ContextMenu.DLL -> Pas de fichier
ContextMenuHandlers3: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} => C:\Program Files (x86)\Avira\Security\Antivirus.ContextMenu\Antivirus.ContextMenu.DLL -> Pas de fichier
SearchScopes: HKU\S-1-5-21-1060754448-2026478670-1621780896-1001 -> DefaultScope {E5C04D79-80B2-4DFA-9D7D-C5FF7259A12D} URL =
SearchScopes: HKU\S-1-5-21-1060754448-2026478670-1621780896-1001 -> {E5C04D79-80B2-4DFA-9D7D-C5FF7259A12D} URL =
FirewallRules: [{84CFA192-054D-4455-BD23-8C237E4C2C49}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe => Pas de fichier
C:\Program Files (x86)\Avira
FirewallRules: [{C0A8B92F-0D2A-44FD-A6CC-3789379127B0}] => (Allow) LPort=2869
FirewallRules: [{300BD173-B05B-45DC-9114-0338C0613050}] => (Allow) LPort=1900
FirewallRules: [{2350F6D2-93B7-4256-AA89-53DFCDBC0A9F}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => Pas de fichier
FirewallRules: [{666C8D47-CE0E-418D-B107-DD6E03F94927}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => Pas de fichier
FirewallRules: [{3C3AC433-F102-44B6-AE21-C8DFEBA5B00F}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => Pas de fichier
C:\Program Files\Avira
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-1060754448-2026478670-1621780896-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIIXE.EXE /EPT "EPLTarget\P0000000000000000" /M "WF-2510 Series" (Pas de fichier)
Task: {5584DD2C-ABD7-4FB9-8D40-C9EB2979D857} - System32\Tasks\{07098037-0EE5-47FB-9D86-CE7C4E8E5505} => "c:\windows\system32\launchwinapp.exe" hxxps://ui.skype.com/ui/0/7.33.0.105/fr/abandoninstall?source=lightinstaller&page=tsInstall
Task: {7BAEF305-5C51-4A71-8574-DA1B7D050B9A} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION
Task: {B0FFA022-A350-4BBE-8E59-DB9CDAB0C469} - System32\Tasks\CareCenter\hola_Reg_HKLMRun => C:\Program Files\Hola\app\hola.exe --silent (Pas de fichier)
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3: <==== ATTENTION (Restriction - Zones)
IE trusted site: HKU\S-1-5-21-1060754448-2026478670-1621780896-1001\...\hola.org -> hxxp://hola.org
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
CHR Notifications: Default -> hxxps://web.skype.com; hxxps://www.abc.es; hxxps://www.consoglobe.com
C:\Users\Farah\Downloads\*.crdownload
2022-08-07 23:09 - 2022-08-07 23:09 - 000268536 ____C (AVAST Software) C:\Users\Farah\Downloads\avast_free_antivirus_setup_online.exe
cmd: sfc /scannow
emptytemp:
end::