start::
CreateRestorePoint:
CloseProcesses:
Hosts:
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> Pas de fichier
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Pas de fichier 
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Pas de fichier
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => -> Pas de fichier 
FirewallRules: [TCP Query User{92CC08FB-1EE4-44FB-B7BE-CD3200CC7DED}C:3\flightsimulator.exe] => (Allow) C:3\flightsimulator.exe => Pas de fichier
FirewallRules: [UDP Query User{BAD1ECDE-91CF-46DE-A4DE-E29D7FA43019}C:3\flightsimulator.exe] => (Allow) C:3\flightsimulator.exe => Pas de fichier 
FirewallRules: [{B8EC2DCA-346B-4230-BEFA-910F0C7CE08B}] => (Allow) C:\Users\johns\AppData\Roaming\Zoom\bin\airhost.exe => Pas de fichier
FirewallRules: [{9BAFF6D9-2250-4C34-952C-F92BF91783AF}] => (Allow) C:\Users\johns\AppData\Roaming\Zoom\bin\airhost.exe => Pas de fichier 
HKLM\...\Run: [AvastUI.exe] => "C:\Program Files\Avast Software\Avast\AvLaunch.exe" /gui 
C:\Program Files\Avast Software
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION 
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION 
Task: {036F84F9-0FE2-4F36-B2CC-1E77A7B6051A} - System32\Tasks\EOSv3 Scheduler onTime => E:\Bureau\esetonlinescanner_fra.exe
Task: {0B09150C-BBCF-4A7C-AB14-C5B4F1D6198E} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe 
Task: {A56EABDA-24AF-4028-B1B9-4D64DDD36423} - System32\Tasks\EOSv3 Scheduler onLogOn => E:\Bureau\esetonlinescanner_fra.exe
Task: {A687F10C-B268-48E4-B565-09AAE71F0557} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION 
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe 
Tcpip\..\Interfaces\{919a3341-2cb5-4630-9732-445b99142ece}: [DhcpNameServer] 1.1.1.1 1.0.0.1
Tcpip\..\Interfaces\{d92b4897-3829-46b4-ac6a-d09bd4e48b7b}: [DhcpNameServer] 1.1.1.1 1.0.0.1 
FF NewTab: Mozilla\Firefox\Profiles\5ftrzaw0.default -> about:newtab 
CHR HKU\S-1-5-21-1392421100-4142089999-605373075-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\johns\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2018-12-02]
CHR HKU\S-1-5-21-1392421100-4142089999-605373075-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
U4 npcap_wifi; pas de ImagePath
S3 NPF; system32\drivers\npf.sys [X]
S3 RtlWlanu; \SystemRoot\System32\drivers\rtwlanu.sys [X] 
2021-02-28 23:30 - 2021-02-28 23:30 - 012486448 _____ (AVAST Software) C:\Users\johns\Desktop\avastclear.exe 
2021-02-28 23:34 - 2016-12-07 18:50 - 000000000 ____D C:\ProgramData\AVAST Software 
2021-02-28 23:31 - 2020-07-17 22:32 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software 
2021-02-28 20:18 - 2018-06-10 15:03 - 000000000 ____D C:\Users\johns\AppData\Local\AVAST Software 
2021-02-26 18:37 - 2020-07-17 22:32 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update 
2019-03-12 19:44 - 2019-03-12 19:44 - 000000000 _____ () C:\Users\johns\AppData\Local\{26E14DF2-439E-4317-A579-EA3BFE64E428}
2019-03-16 19:37 - 2019-03-16 19:37 - 000000000 _____ () C:\Users\johns\AppData\Local\{BF35AAFA-D1F4-474B-B399-DDFA8A48F8AC} 
EmptyTemp: 
cmd: ipconfig /flushdns
cmd: netsh advfirewall reset
cmd: netsh winsock reset
end::