start:: CreateRestorePoint: CloseProcesses: Hosts: RemoveProxy: HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction HKU\S-1-5-21-2014061092-255564908-1934616328-1000\...\Run: [AvastBrowserAutoLaunch_7A0E20F7956DB7599C905231EE970483] => "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" GroupPolicy: Restriction ? <==== ATTENTION HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION ShortcutTarget: peerblock.exe - Raccourci.lnk -> C:\Program Files\PeerBlock\peerblock.exe (Pas de fichier) HKU\S-1-5-21-2014061092-255564908-1934616328-1000\...\Run: [PeerBlock] => C:\Program Files\PeerBlock\peerblock.exe Startup: C:\Users\Vincent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\peerblock.exe - Raccourci.lnk Task: {1AC66150-AC25-42A5-A339-0F1FD4777FAF} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe CHR Extension: (Avast SafePrice | Comparaison, offres, coupons) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck CHR Extension: (Avast Online Security) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki CHR Extension: (Avast SafePrice | Comparaison, offres, coupons) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck CHR HKU\S-1-5-21-2014061092-255564908-1934616328-1003\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx S3 catchme; \??\C:\ComboFix\catchme.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] 2020-10-17 20:04 - 2020-10-17 20:04 - 000000000 ____D C:\avast! sandbox 2020-10-16 05:52 - 2020-10-16 05:52 - 000339552 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2020-10-16 05:52 - 2020-10-16 05:52 - 000217336 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbbc636aa07557906.tmp 2020-10-16 05:52 - 2020-10-16 05:52 - 000175720 _____ (AVAST Software) C:\Windows\system32\Drivers\asw20df97f17a1b35be.tmp 2020-10-19 07:41 - 2015-12-04 23:01 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software 2020-10-19 07:41 - 2015-10-15 22:57 - 000000000 ____D C:\ProgramData\AVAST Software 2020-10-16 05:53 - 2020-04-15 00:52 - 000518664 _____ (AVAST Software) C:\Windows\system32\Drivers\asw7bcbdf9676c3a282.tmp 2020-10-16 05:52 - 2020-03-14 19:31 - 000851608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswa6472ffbfb85ce26.tmp 2020-10-16 05:52 - 2020-03-14 19:31 - 000470912 _____ (AVAST Software) C:\Windows\system32\Drivers\aswb0a142086e679349.tmp 2020-10-16 05:52 - 2020-03-14 19:31 - 000326928 _____ (AVAST Software) C:\Windows\system32\Drivers\asw637e999b370aa8a6.tmp 2020-10-16 05:52 - 2020-03-14 19:31 - 000236112 _____ (AVAST Software) C:\Windows\system32\Drivers\asw7e48010558735ddd.tmp 2020-10-16 05:52 - 2020-03-14 19:31 - 000206408 _____ (AVAST Software) C:\Windows\system32\Drivers\aswb6e357f7afabef39.tmp 2020-10-16 05:52 - 2020-03-14 19:31 - 000195664 _____ (AVAST Software) C:\Windows\system32\Drivers\asw12722f1ed59803dd.tmp 2020-10-16 05:52 - 2020-03-14 19:31 - 000109280 _____ (AVAST Software) C:\Windows\system32\Drivers\asw16109ae1fb85632a.tmp 2020-10-16 05:52 - 2020-03-14 19:31 - 000084856 _____ (AVAST Software) C:\Windows\system32\Drivers\aswc34fd8294612adf4.tmp 2020-10-16 05:52 - 2020-03-14 19:31 - 000060496 _____ (AVAST Software) C:\Windows\system32\Drivers\asw71b28f8c62169922.tmp 2020-10-16 05:52 - 2020-03-14 19:31 - 000042784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswb433b0ddeccb5eca.tmp 2020-10-16 05:52 - 2020-03-14 19:31 - 000037152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswa313468816a7ee80.tmp 2020-02-09 11:45 - 2020-02-29 01:12 - 000000600 _____ () C:\Users\Home\AppData\Roaming\winscp.rnd ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => -> Pas de fichier AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [482] SearchScopes: HKU\S-1-5-21-2014061092-255564908-1934616328-1003 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = SearchScopes: HKU\S-1-5-21-2014061092-255564908-1934616328-1003 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = IE trusted site: HKU\S-1-5-21-2014061092-255564908-1934616328-1000\...\no-ip.org -> hxxps://vdelab.no-ip.org EmptyTemp: cmd: ipconfig /flushdns cmd: netsh winsock reset cmd: sfc /scannow end::