start::
closeprocesses:
createrestorepoint:
AV: Avast Antivirus (Disabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
CustomCLSID: HKU\S-1-5-21-2607165618-564694558-2456799905-1001_Classes\CLSID\{49E0BE0A-39E0-4932-B7BE-F249D56ACD31}\InprocServer32 -> csp16.dll => Pas de fichier
HKLM\...\StartupApproved\Run: => "AvastUI.exe"
HKLM\...\StartupApproved\Run: => "WinZip UN"
HKLM\...\StartupApproved\Run: => "WinZip PreLoader"
HKLM\...\StartupApproved\Run: => "WinZip FAH"
HKLM\...\StartupApproved\Run32: => "WinZip PreLoader"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {332175D3-3732-4509-B11A-7331906F519E} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe (Pas de fichier)
C:\Program Files\Avast Software
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe join (Pas de fichier)
C:\Users\quentin123\AppData\Roaming\Mozilla
CHR StartupUrls: Default -> "hxxps://fr.yahoo.com/?fr=hp-avast&type=avastbcl","hxxp://www.nav-fr.com/"
C:\Users\quentin123\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik
C:\Users\quentin123\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
S3 GoogleChromeElevationService; "C:\Program Files (x86)\Google\Chrome\Application\108.0.5359.98\elevation_service.exe" [X]
2022-12-29 19:52 - 2017-11-02 21:43 - 000000000 ____D C:\Users\quentin123\AppData\Local\AVAST Software
2022-12-29 19:39 - 2021-10-25 16:43 - 000000000 ____D C:\Program Files\Avast Software
2022-12-29 19:39 - 2017-07-17 06:33 - 000000000 ____D C:\ProgramData\AVAST Software
2022-12-29 15:13 - 2021-10-25 16:47 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
cmd: sfc /scannow
emptytemp:
end::