start::
closeprocesses:
createrestorepoint:
AV: McAfee VirusScan (Enabled - Up to date) {F682A51C-4EAD-6A3A-F460-B9C1D4A2DB09}
FW: Pare-feu McAfee (Enabled) {CEB92439-04C2-6B62-DF3F-10F42A719C72}
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
FirewallRules: [UDP Query User{FB138518-1028-47ED-93CB-A185E7C7CE20}C:\users\danie\appdata\local\lifesize_app\app-2.216.2872\lifesize.exe] => (Allow) C:\users\danie\appdata\local\lifesize_app\app-2.216.2872\lifesize.exe => Pas de fichier
FirewallRules: [TCP Query User{BB00B8E7-D73E-4D86-B169-187AFDBDBAE7}C:\users\danie\appdata\local\lifesize_app\app-2.216.2872\lifesize.exe] => (Allow) C:\users\danie\appdata\local\lifesize_app\app-2.216.2872\lifesize.exe => Pas de fichier
FirewallRules: [{2FF37269-8BB5-499C-8402-10B15FAAF07C}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\119.0.2151.58\msedgewebview2.exe => Pas de fichier
HKLM-x32\...\Run: [ExpressVPNNotificationService] => C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationServiceStarter.exe [471432 2019-11-01] (Express Vpn LLC -> ExpressVPN)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (Pas de fichier)
Task: {EE65F213-EA79-4D7D-8D3A-BA80676E5641} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_UpdateInterval => %systemroot%\system32\MusNotification.exe Display (Pas de fichier)
Task: {AB8E8766-9CFC-4B06-A811-D0B0054FBBC6} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC Reboot (Pas de fichier)
Task: {4CCD8842-7B6C-4EE9-A806-30009B1DBF99} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery Reboot (Pas de fichier)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Pas de fichier)
S4 ELANFPService; %SystemRoot%\System32\ELANFPService.exe [X]
S3 aswWintun; C:\WINDOWS\System32\drivers\aswWintun.sys [51112 2023-11-11] (Avast Software s.r.o. -> AVAST Software)
S3 expressvpnsplittunnel; C:\Program Files (x86)\ExpressVPN\splittunnel\expressvpnsplittunnel.sys [28440 2019-11-01] (ExprsVPN LLC -> ExpressVPN)
2023-11-11 13:57 - 2023-11-22 20:52 - 000000000 ____D C:\Users\danie\AppData\Local\Avast Software
2023-11-11 13:56 - 2023-11-11 13:56 - 000184544 _____ (Avast Software) C:\WINDOWS\system32\Drivers\aswWireguard.sys
2023-11-11 13:56 - 2023-11-11 13:56 - 000051112 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswWintun.sys
2023-11-11 13:56 - 2023-11-11 13:56 - 000000000 ____D C:\Users\danie\AppData\Local\CEF
2023-11-11 13:54 - 2023-11-22 20:52 - 000000000 ____D C:\ProgramData\Avast Software
2023-11-11 13:54 - 2023-11-11 13:54 - 000272280 _____ (AVAST Software) C:\Users\danie\Downloads\avast_one_free_vpn.exe
emptytemp:
end::