start:: SystemRestore: on CreateRestorePoint: CloseProcesses: RemoveProxy: HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction Task: {528CB657-244E-4B1F-AD24-0E9D3E6120C7} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe Task: {CA996F28-408E-41D8-8AFE-EB98645AD730} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe Edge Notifications: HKU\S-1-5-21-4060500152-3787413664-1719840803-1001 -> hxxps://txxx.com R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe S2 PEFService; "C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe" [X] S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys U3 aspnet_state; pas de ImagePath 2022-12-31 19:15 - 2022-12-31 19:15 - 000000000 ___HD C:\$AV_ASW 2022-12-31 18:25 - 2022-12-31 18:23 - 000273816 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe 2022-12-31 18:27 - 2021-10-31 18:14 - 000391272 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys 2022-12-31 18:26 - 2021-10-31 18:16 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update 2022-12-31 18:24 - 2021-10-31 18:14 - 000695496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys 2022-12-31 18:24 - 2021-10-31 18:14 - 000318456 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys 2022-12-31 18:24 - 2021-10-31 18:14 - 000297832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys 2022-12-31 18:24 - 2021-10-31 18:14 - 000267888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys 2022-12-31 18:24 - 2021-10-31 18:14 - 000105248 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys 2022-12-31 18:24 - 2021-10-31 18:14 - 000095960 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys 2022-12-31 18:24 - 2021-10-31 18:14 - 000080376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys 2022-12-31 18:23 - 2021-10-31 18:14 - 000555560 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys 2022-12-31 18:23 - 2021-10-31 18:14 - 000039648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys 2022-12-31 18:22 - 2021-10-31 18:14 - 000852000 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys 2022-12-31 18:22 - 2021-10-31 18:14 - 000229208 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys 2022-12-31 18:22 - 2021-10-31 18:14 - 000031424 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys 2022-12-11 00:05 - 2021-10-31 18:16 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software 2022-12-10 23:38 - 2021-10-31 18:14 - 000391264 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswd05b12e73aafb885.tmp 2022-12-05 22:34 - 2021-10-31 18:14 - 000688336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw79abed0985e26a17.tmp 2022-12-05 22:34 - 2021-10-31 18:14 - 000555520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswd4bfed649b94e766.tmp 2022-12-05 22:34 - 2021-10-31 18:14 - 000318464 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw18c3859aa3c80062.tmp 2022-12-05 22:34 - 2021-10-31 18:14 - 000297832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw77c8ae176648c5a9.tmp 2022-12-05 22:34 - 2021-10-31 18:14 - 000268480 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw6d68f019b2ac2032.tmp 2022-12-05 22:34 - 2021-10-31 18:14 - 000105760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswe07e5097b59c0f0d.tmp 2022-12-05 22:34 - 2021-10-31 18:14 - 000095960 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw7a5b387f5f57b519.tmp 2022-12-05 22:34 - 2021-10-31 18:14 - 000080384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswf9520fcdd6aaf932.tmp 2022-12-05 22:34 - 2021-10-31 18:14 - 000039648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswd938e0f320b4f214.tmp 2022-12-05 22:32 - 2021-10-31 18:14 - 000852000 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw4f5934652005fa70.tmp 2022-12-05 22:32 - 2021-10-31 18:14 - 000229720 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw4fdd163bf32634dd.tmp 2022-12-05 22:32 - 2021-10-31 18:14 - 000031376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw3c4441f3eda6bd68.tmp HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" SearchScopes: HKU\S-1-5-21-4060500152-3787413664-1719840803-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-4060500152-3787413664-1719840803-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = EmptyTemp: cmd: ipconfig /flushdns end::