start:: CreateRestorePoint: CloseProcesses: HKLM\...\Run: [AvastUI.exe] => "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui C:\Program Files\AVAST Software HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION HKU\S-1-5-21-1485915980-1558069281-2631077495-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [45488 2020-07-10] (Glarysoft LTD -> Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5 BootExecute: autocheck autochk * FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION Task: {8886F9A1-844F-4557-B3FA-002D6B31E662} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe Task: {8C5943FD-D629-47F1-A139-8CB32C43158C} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [918960 2020-07-10] (Glarysoft LTD -> Glarysoft Ltd) C:\Program Files\Common Files\AVAST Software Task: {C0FF9135-95EB-4BCC-BD51-49411C0F6DAA} - System32\Tasks\Uninstaller_SkipUac_Sarah => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [6041360 2020-07-08] (IObit Information Technology -> IObit) C:\Program Files (x86)\IObit Task: {F39C6EFC-9567-4463-8E7A-C17BDA2303E3} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe HKU\S-1-5-21-1485915980-1558069281-2631077495-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://oem15.msn.com/?pc=NMTE SearchScopes: HKU\S-1-5-21-1485915980-1558069281-2631077495-1001 -> DefaultScope {39839876-3BE5-4640-983A-C6426214B874} URL = SearchScopes: HKU\S-1-5-21-1485915980-1558069281-2631077495-1001 -> {39839876-3BE5-4640-983A-C6426214B874} URL = BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2020-01-31] (IObit Information Technology -> IObit) BHO: Pas de nom -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> Pas de fichier BHO-x32: Pas de nom -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> Pas de fichier Toolbar: HKLM - Pas de nom - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Pas de fichier Toolbar: HKLM-x32 - Pas de nom - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Pas de fichier FF Extension: (Avast SafePrice | Comparaison, offres, coupons) - C:\Users\Sarah\AppData\Roaming\Mozilla\Firefox\Profiles\2zokuu2r.default-1551291117245\Extensions\sp@avast.com.xpi [2019-10-27] FF Extension: (Textarea Cache) - C:\Users\Sarah\AppData\Roaming\Mozilla\Firefox\Profiles\2zokuu2r.default-1551291117245\Extensions\textarea-cache-lite@wildsky.cc.xpi [2020-06-15] FF Extension: (Avast Online Security) - C:\Users\Sarah\AppData\Roaming\Mozilla\Firefox\Profiles\2zokuu2r.default-1551291117245\Extensions\wrc@avast.com.xpi [2020-06-17] FF Extension: (iGraal - Cashback & codes promo) - C:\Users\Sarah\AppData\Roaming\Mozilla\Firefox\Profiles\2zokuu2r.default-1551291117245\Extensions\{dbac9680-d559-4cd4-9765-059879e8c467}.xpi [2020-07-21] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] S4 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [156944 2020-07-08] (IObit Information Technology -> IObit) R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [28936 2018-07-12] (Glarysoft LTD -> Glarysoft Ltd) S3 IUFileFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys [44104 2020-07-08] (IObit Information Technology -> IObit) S3 IUProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUProcessFilter.sys [37328 2020-07-08] (IObit Information Technology -> IObit) S3 IURegistryFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IURegistryFilter.sys [49800 2020-07-08] (IObit Information Technology -> IObit) U1 aswbdisk; pas de ImagePath S3 EuGdiDrv; \SystemRoot\system32\EuGdiDrv.sys [X] U4 npcap_wifi; pas de ImagePath 2020-08-03 20:23 - 2020-08-03 20:23 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job 2020-08-03 20:19 - 2020-08-03 20:19 - 011342944 _____ (AVAST Software) C:\Users\Sarah\Downloads\avastclear.exe 2020-07-22 11:58 - 2020-07-22 11:59 - 018453864 _____ (Glarysoft Ltd) C:\Users\Sarah\Downloads\Glary_Utilities_v5.146.0.172.exe 2020-07-22 11:30 - 2020-07-22 11:30 - 000068380 _____ C:\ProgramData\agent.uninstall.1595410170.bdinstall.v2.bin 2020-08-02 19:58 - 2019-10-27 15:22 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update 2020-08-02 19:57 - 2018-01-26 17:52 - 000000000 ____D C:\Program Files (x86)\Glary Utilities 5 2020-08-02 19:56 - 2017-10-13 18:19 - 000000000 ____D C:\Users\Sarah\AppData\Roaming\IObit 2020-08-02 19:56 - 2017-10-13 18:19 - 000000000 ____D C:\ProgramData\IObit 2020-07-29 16:10 - 2018-06-27 08:19 - 000000000 ____D C:\Users\Sarah\AppData\Local\AVAST Software 2020-07-22 11:59 - 2018-01-26 17:52 - 000001175 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk 2020-07-22 11:59 - 2018-01-26 17:52 - 000001163 _____ C:\Users\Public\Desktop\Glary Utilities 5.lnk 2020-07-22 11:55 - 2017-10-13 18:20 - 000001438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk 2020-07-22 11:55 - 2017-10-13 18:20 - 000001298 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk 2020-07-22 11:55 - 2017-10-13 18:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Pas de fichier ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Pas de fichier ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Pas de fichier ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Pas de fichier ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Pas de fichier ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Pas de fichier ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Pas de fichier ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Pas de fichier ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Pas de fichier ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Pas de fichier ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Pas de fichier ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Pas de fichier ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Pas de fichier ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Pas de fichier ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2020-07-10] (Glarysoft LTD -> Glarysoft Ltd) ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2020-07-08] (IObit Information Technology -> IObit) ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2020-07-10] (Glarysoft LTD -> Glarysoft Ltd) ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2020-07-08] (IObit Information Technology -> IObit) ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2020-07-10] (Glarysoft LTD -> Glarysoft Ltd) ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2020-07-08] (IObit Information Technology -> IObit FirewallRules: [{BEE42801-513E-4E19-BA0C-844310E7902A}] => (Allow) C:\Users\Sarah\AppData\Roaming\Zoom\bin\airhost.exe => Pas de fichier FirewallRules: [{8AC29D7E-F64D-4620-B00F-DEE657980DE4}] => (Allow) C:\Users\Sarah\AppData\Roaming\Zoom\bin\Zoom.exe => Pas de fichier FirewallRules: [{D499FAE4-ACD5-42A5-8CC9-3643ACC70CCD}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe => Pas de fichier FirewallRules: [{83E2CDAD-1A95-433F-A556-D6BE236E1C59}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe => Pas de fichier FirewallRules: [{B8C33E4E-8D1F-48D0-A267-09C9AD976B4C}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe => Pas de fichier FirewallRules: [{2DA0CA72-D9B6-4770-8BB2-B1EA6A973560}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed Unity\ACU.exe => Pas de fichier FirewallRules: [{7C402F6A-A8F3-4DCC-B4EB-BCC6A04CE5F1}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed Unity\ACU.exe => Pas de fichier cmd: md C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database cmd: DISM /Online /Cleanup-image /Restorehealth C:\Windows\Temp\*.* C:\Users\CurrentUserName\AppData\Local\Temp\*.* cmd: ipconfig /flushdns end::