Start::
CreateRestorepoint:
CloseProcesses:
Task: {02C94795-B414-4AF4-BF06-B3D3B4164748} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) (Pas de fichier)
Task: {0B364D64-7950-4B00-ADFE-4339317C53AA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-05-01] (Google LLC -> Google LLC)
Task: {15B3C8F9-59F3-400D-BAB2-4959B76EFAB7} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (Pas de fichier)
Task: {1FC16E16-4543-45B0-A016-45CFB7B7E268} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe /RestartRecording (Pas de fichier)
Task: {22F3BD56-65E5-41F3-9FFD-6E96A657799F} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {2EAA6F21-9272-48A7-B165-0308572E78FA} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {32A5FABD-CBA2-4741-93FE-DAD7037EB536} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-05-01] (Google LLC -> Google LLC)
Task: {388BE797-EB90-4234-AB99-BB69397FACC6} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (Pas de fichier)
Task: {3E1EE2B9-2D0A-4428-AD7F-B0B6B16F38FF} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -MediaCenterRecoveryTask (Pas de fichier)
Task: {5B1585E2-5894-403B-B85B-8811AC110CBC} - System32\Tasks\Opera scheduled Autoupdate 1647263538 => C:\Users\Utilisateur\AppData\Local\Programs\Opera\launcher.exe [2470608 2022-03-03] (Opera Software AS -> Opera Software)
Task: {72556F04-AA8E-4A80-A0EA-AA5981AE1721} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (Pas de fichier)
Task: {7465EF76-2254-4A21-AE9A-6B9CDB33B933} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe /DRMInit (Pas de fichier)
Task: {8BBF5F84-06A0-4D66-9EA2-742FC120AFD1} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-02-14] (Piriform Software Ltd -> Piriform)
Task: {8EAA093B-F0E8-49D2-9869-0615A816B254} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
Task: {9ABCB05B-D284-49D1-A2C8-C1E1C181171D} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -ObjectStoreRecoveryTask (Pas de fichier)
Task: {9FBA1DF0-8448-459E-B8A3-C849B0CF7567} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe $(Arg0) (Pas de fichier)
Task: {A488A261-0CB7-4E47-B0B0-59B4E7C08B06} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (Pas de fichier)
Task: {A66310A2-A775-40E2-9A35-775BDBD4956C} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe /OCURActivate (Pas de fichier)
Task: {A8CA0339-AED7-4B05-8F45-505563E13CB4} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe -pscn 0 (Pas de fichier)
Task: {ABF2A1E6-051F-43DB-A7BC-D5E01D27DF19} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (Pas de fichier)
Task: {AE8B4960-6E66-4A97-A8F8-484A86CECF21} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe -PvrSchedule (Pas de fichier)
Task: {B239F440-5DDF-4016-96DF-71B13665EBDF} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (Pas de fichier)
Task: {BD76EBD0-8AD9-4E39-9C58-18DB40DBE614} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -SqlLiteRecoveryTask (Pas de fichier)
Task: {C0424BFE-8250-4CBA-8DDA-B86229016663} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -PvrRecoveryTask (Pas de fichier)
Task: {C716D5BC-3EC8-4112-8150-E011AF466D21} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe /DoReindexSearchRoot (Pas de fichier)
Task: {CA2C75F3-C09D-4E95-BB11-3DA76EE6D705} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) (Pas de fichier)
Task: {D0D10105-B431-4720-B947-558FC99C0FE7} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /PBDADiscovery (Pas de fichier)
Task: {DE51B377-D131-4117-873A-091070C1D449} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoActivateWindowsSearch (Pas de fichier)
Task: {E7DA316D-6758-4F70-AAEB-DFD5A5C32F4C} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs (Pas de fichier)
Task: {F00BDBFD-DB9E-4AA9-A574-17457AFDE015} - System32\Tasks\CCleanerSkipUAC - Utilisateur => C:\Program Files\CCleaner\CCleaner.exe [29764224 2022-02-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {F13AC5C1-EF73-4305-B33E-F633D801A4A8} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
2018-01-03 11:02 - 2020-01-22 23:24 - 000005632 _____ () C:\Users\Utilisateur\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2021-08-22 16:57 - 2021-08-22 16:57 - 000004096 ____H () C:\Users\Utilisateur\AppData\Local\keyfile3.drm
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL -> Pas de fichier
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Pas de fichier
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
IE trusted site: HKU\S-1-5-21-2987335405-1365195737-358804895-1000\...\localhost -> localhost
Shortcut: C:\Users\Utilisateur\Desktop\Z AUTRESdossier\PC HelpSoft Driver Updater.lnk -> C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe (Pas de fichier)
Shortcut: C:\Users\Utilisateur\Desktop\Mes logiciels et Télé Assistance ASI\Acrobat Reader DC.lnk -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe (Pas de fichier)
Shortcut: C:\Users\Utilisateur\Desktop\Mes logiciels et Télé Assistance ASI\Profil 1 - Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Pas de fichier)
Shortcut: C:\Users\Utilisateur\Desktop\Mes logiciels et Télé Assistance ASI\pour analyse d un DD amovible\CrystalDiskInfo.lnk -> C:\Program Files\CrystalDiskInfo\DiskInfo64.exe (Pas de fichier)
Shortcut: C:\Users\Utilisateur\Desktop\Mes logiciels et Télé Assistance ASI\pdf  creator\PDFCreator.lnk -> C:\Program Files\PDFCreator\PDFCreator.exe (Pas de fichier)
Shortcut: C:\Users\Utilisateur\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Tombstones\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Pas de fichier)
Shortcut: C:\Users\Utilisateur\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Pas de fichier)
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32  =>.SUP.Orphan
HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA}  =>.SUP.Orphan
HKLM\Software\Classes\lnkfile\shellex\ContextMenuHandlers\WinRAR32  =>.SUP.Orphan
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32  =>.SUP.Orphan
Powershell: Get-Service | Select Name,Status > C:\Services.txt
cmd: powershell Get-ComputerRestorePoint
CMD: winmgmt /verifyrepository
CMD: bitsadmin /reset
CMD: cscript %windir%\system32\slmgr.vbs /dlv
CMD: netsh winsock reset
CMD: ipconfig /flushdns
Hosts:
RemoveProxy:
EmptyTemp:
End::