start::
SystemRestore: on
CreateRestorePoint:
CloseProcesses:
RemoveProxy:
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction
Task: {528CB657-244E-4B1F-AD24-0E9D3E6120C7} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe
Task: {CA996F28-408E-41D8-8AFE-EB98645AD730} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe
Edge Notifications: HKU\S-1-5-21-4060500152-3787413664-1719840803-1001 -> hxxps://txxx.com
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe
S2 PEFService; "C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe" [X]
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys
U3 aspnet_state; pas de ImagePath
2022-12-31 19:15 - 2022-12-31 19:15 - 000000000 ___HD C:\$AV_ASW
2022-12-31 18:25 - 2022-12-31 18:23 - 000273816 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2022-12-31 18:27 - 2021-10-31 18:14 - 000391272 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2022-12-31 18:26 - 2021-10-31 18:16 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2022-12-31 18:24 - 2021-10-31 18:14 - 000695496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2022-12-31 18:24 - 2021-10-31 18:14 - 000318456 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2022-12-31 18:24 - 2021-10-31 18:14 - 000297832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2022-12-31 18:24 - 2021-10-31 18:14 - 000267888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2022-12-31 18:24 - 2021-10-31 18:14 - 000105248 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2022-12-31 18:24 - 2021-10-31 18:14 - 000095960 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2022-12-31 18:24 - 2021-10-31 18:14 - 000080376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2022-12-31 18:23 - 2021-10-31 18:14 - 000555560 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2022-12-31 18:23 - 2021-10-31 18:14 - 000039648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2022-12-31 18:22 - 2021-10-31 18:14 - 000852000 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2022-12-31 18:22 - 2021-10-31 18:14 - 000229208 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2022-12-31 18:22 - 2021-10-31 18:14 - 000031424 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2022-12-11 00:05 - 2021-10-31 18:16 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2022-12-10 23:38 - 2021-10-31 18:14 - 000391264 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswd05b12e73aafb885.tmp
2022-12-05 22:34 - 2021-10-31 18:14 - 000688336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw79abed0985e26a17.tmp
2022-12-05 22:34 - 2021-10-31 18:14 - 000555520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswd4bfed649b94e766.tmp
2022-12-05 22:34 - 2021-10-31 18:14 - 000318464 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw18c3859aa3c80062.tmp
2022-12-05 22:34 - 2021-10-31 18:14 - 000297832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw77c8ae176648c5a9.tmp
2022-12-05 22:34 - 2021-10-31 18:14 - 000268480 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw6d68f019b2ac2032.tmp
2022-12-05 22:34 - 2021-10-31 18:14 - 000105760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswe07e5097b59c0f0d.tmp
2022-12-05 22:34 - 2021-10-31 18:14 - 000095960 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw7a5b387f5f57b519.tmp
2022-12-05 22:34 - 2021-10-31 18:14 - 000080384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswf9520fcdd6aaf932.tmp
2022-12-05 22:34 - 2021-10-31 18:14 - 000039648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswd938e0f320b4f214.tmp
2022-12-05 22:32 - 2021-10-31 18:14 - 000852000 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw4f5934652005fa70.tmp
2022-12-05 22:32 - 2021-10-31 18:14 - 000229720 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw4fdd163bf32634dd.tmp
2022-12-05 22:32 - 2021-10-31 18:14 - 000031376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw3c4441f3eda6bd68.tmp
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
SearchScopes: HKU\S-1-5-21-4060500152-3787413664-1719840803-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4060500152-3787413664-1719840803-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
EmptyTemp:
cmd: ipconfig /flushdns
end::