start::
closeprocesses:
createrestorepoint:
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> Pas de fichier
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> Pas de fichier
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> Pas de fichier
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Pas de fichier
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Pas de fichier
AlternateDataStreams: C:\Users\JB\OneDrive:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.SyncRootIdentity [130]
HKU\S-1-5-21-3446929943-3149982378-3286304182-1000\...\StartupApproved\Run: => "Chromium"
HKU\S-1-5-21-3446929943-3149982378-3286304182-1000\...\Run: [PrtScr by FireStarter] => C:\Program Files (x86)\PrtScr\PrtScr.exe [1700864 2009-05-16] (FireStarter) [Fichier non signé]
HKU\S-1-5-21-3446929943-3149982378-3286304182-1000\...\Run: [Windscribe] => C:\Program Files (x86)\Windscribe\Windscribe.exe [10097840 2018-09-07] (Windscribe Limited -> Windscribe Limited)
HKU\S-1-5-21-3446929943-3149982378-3286304182-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-3446929943-3149982378-3286304182-1000\...\Run: [GoogleChromeAutoLaunch_125F0EE867BD32D63262A537769ACD54] => "C:\Users\JB\AppData\Local\Chromium\Application\chrome.exe" --no-startup-window
C:\Users\JB\AppData\Local\Chromium
C:\Program Files (x86)\IObit
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
BootExecute: autocheck autochk /r \??\C:autocheck autochk *
Task: {13417C00-39BD-4E27-947B-6E60BDD8B36D} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {15346B63-6830-4D1F-B965-A9710DE26A6A} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {15D28626-0CF5-4E51-A988-FF341F266BA8} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {16CDF7BB-F8C7-4573-93B1-6832D9ED418E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Pas de fichier <==== ATTENTION
Task: {1863A21B-8E80-46BF-8F45-E5BF407F0695} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {1EF305FF-F7F2-46E8-8FB5-19E403E58100} - \winspt -> Pas de fichier <==== ATTENTION
Task: {1FE2234B-81CF-4C5E-9ABA-F9537B626BB8} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Pas de fichier <==== ATTENTION
Task: {2D54A6B2-76DE-425E-A940-B3FA5D65B35A} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {2EAF634C-661E-4B5E-9C23-C4B3AF52F9C7} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Pas de fichier <==== ATTENTION
Task: {2F3684A1-95C3-46F5-A528-05F76615DDD9} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {32AD38C6-4EEE-4FB0-9297-6D42A0762339} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3387B1CE-103D-4307-931E-42B6C30AA555} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Pas de fichier <==== ATTENTION
Task: {3CDA25E0-190B-4776-BDD4-D177A16A922F} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {4983AEC2-3AF2-4795-9F63-3A293F3FE11A} - System32\Tasks\Driver Booster SkipUAC (JB) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {51FFE0B6-7A69-48B5-8993-8FBA319000D6} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {553F7CEC-F379-49D3-A4EC-81D993DC937C} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {5D4ACF69-561D-4C09-B61A-E8BA2A4A2B21} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Pas de fichier <==== ATTENTION
Task: {61EA08E4-13BE-4845-A8A3-5181771EA241} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {68FB761D-88AB-41DC-92D9-D55B44AAB932} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {6A411E42-FB7D-4D42-A8F7-2164862A6352} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6BD893DF-9861-43A7-8B26-D7D1744939A1} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe
Task: {6F87856C-7769-49B4-BC4A-0D74C9338687} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Pas de fichier <==== ATTENTION
Task: {7D105F5F-0EE4-48AF-BF90-5BA5F1A084EC} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {894074D3-3E4C-4AAC-BE23-6E7D4F6F0DD7} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8D9A7923-425D-4FB7-B560-3C9FC6FED120} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION
Task: {9581E245-1735-4EC4-83DC-F3AED5F3BAFF} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Pas de fichier <==== ATTENTION
Task: {99611542-F10A-400B-B705-F79911F8FFB6} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B9DEA787-7D14-4D6A-89CA-1A528CCB99B5} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {BE21206A-4A79-4784-95CF-8D328A764A61} - System32\Tasks\Avira Browser Safety Updater Task => C:\Program Files (x86)\Avira\Browser Safety\AviraBrowserSafetyUpdater.exe [20776 2015-03-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {C0C2E18F-0674-4F46-BD20-95CFBB32F03A} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CFF077C8-00F4-48C7-9817-2758CF77C356} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {D0C974B9-C25A-46DA-AEB0-5D470952C309} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {D446BF49-72F0-4419-9BD8-7F46144B81C8} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {D743727B-8797-4F02-96F5-0CCDC0B02F4E} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {DA2696DB-C2E8-4A6A-8B31-5B767BDAD6C5} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {DA77EAE0-5B16-4B64-A9F6-FDECA3EB7927} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Pas de fichier <==== ATTENTION
Task: {DD2909A6-6FCF-486B-BE65-54735AB653AD} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {E49412F7-83E0-4D2A-80F3-DDBE527B4032} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Pas de fichier <==== ATTENTION
Task: {E7E84913-D261-4E69-8F63-EA39AB356C4D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Pas de fichier <==== ATTENTION
Task: {EE577279-9A09-4795-A939-97D0A45C9391} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Pas de fichier <==== ATTENTION
Task: {FCE614B3-3585-4D23-BF93-527020306FDB} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FF8B1002-6AB3-4A7E-932C-EAB6F2A1F7ED} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
BHO-x32: AviraBrowserSafety.BrowserSafety -> {c3c77255-42c0-499f-b664-6e981a0b1647} -> C:\Program Files (x86)\Avira\Browser Safety\Avira Browser Safety.dll [2015-03-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\Program Files (x86)\Avira\Browser Safety\Avira Browser Safety.dll [2015-03-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FF Extension: (Protection Web Avira) - C:\Users\JB\AppData\Roaming\Mozilla\Firefox\Profiles\a2u3wjdy.default\Extensions\abs@avira.com.xpi [2020-02-06]
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
CHR DefaultSearchURL: Default -> hxxps://search.avira.com/#web/result?source=omnibar&q={searchTerms}
CHR DefaultSearchKeyword: Default -> Avira
CHR DefaultSuggestURL: Default -> hxxps://search.avira.com/suggestions?q={searchTerms}&li=ff&hl=en
C:\Users\JB\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk
C:\Users\JB\AppData\Local\Google\Chrome\User Data\Default\Extensions\khjilmcjipkeokomeekfnhkpbnhmgaje
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM\...\Chrome\Extension: [khjilmcjipkeokomeekfnhkpbnhmgaje]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [khjilmcjipkeokomeekfnhkpbnhmgaje]
S2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [324304 2016-08-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 Steam Client Service; "C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService [X]
S2 MBAMChameleon; \SystemRoot\System32\Drivers\MbamChameleon.sys [X]
2020-03-01 22:40 - 2015-10-12 00:22 - 000000000 ____D C:\Program Files (x86)\Avira
2020-03-01 22:20 - 2015-10-12 00:41 - 000000000 ___DC C:\Users\JB\AppData\Roaming\Avira
2020-03-01 22:20 - 2015-10-12 00:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2020-03-01 22:20 - 2015-10-12 00:22 - 000000000 ____D C:\ProgramData\Avira
cmd: netsh advfirewall reset
emptytemp:
end::