´╗┐start::
CreateRestorePoint:
CloseProcesses:
DeleteKey: HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\ACE
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\Robert\Downloads\CCleaner 5.74.8198 Active\CCleaner.v5.74.8198.exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\Robert\Downloads\CCleaner 5.74.8198 Active\CCleaner.v5.74.8198.exe.ApplicationCompany
DeleteValue: HKU\S-1-5-21-2235607428-1572317980-2000546280-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\Robert\Downloads\CCleaner 5.74.8198 Active\CCleaner.v5.74.8198.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-2235607428-1572317980-2000546280-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\Robert\Downloads\CCleaner 5.74.8198 Active\CCleaner.v5.74.8198.exe.ApplicationCompany
HKU\S-1-5-21-2235607428-1572317980-2000546280-1001\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 8\Dashboard.exe [1371376 2022-04-26] (CyberGhost S.R.L. -> CyberGhost S.R.L.)
HKU\S-1-5-21-2235607428-1572317980-2000546280-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32281272 2020-11-10] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2235607428-1572317980-2000546280-1001\...\Run: [MicrosoftEdgeAutoLaunch_A9F6DCE4ABADF4F51CF45CD7129E3C6C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3547040 2022-04-28] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2235607428-1572317980-2000546280-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Acer.scr [456224 2010-07-29] (Acer Incorporated -> )
Task: {0249278E-A61E-422A-A48E-EE578D20A06C} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {06A42C1A-5945-4356-94C4-773DF312075B} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (Pas de fichier)
Task: {0D0216F3-9C0C-492C-AC73-F81012A65E1E} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (Pas de fichier)
Task: {18E0C6F6-0045-486D-89D1-78A68221B6ED} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe -PvrSchedule (Pas de fichier)
Task: {1987D8E7-0064-4AB8-BA03-FD22B309BF21} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe /DRMInit (Pas de fichier)
Task: {1C288A01-EDC4-4412-9200-8D3C618E4B57} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe $(Arg0) (Pas de fichier)
Task: {22A50078-02BD-4B18-BB75-A08287FE683C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2DB3AEB3-1A29-4138-892A-D8F2831177B9} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /PBDADiscovery (Pas de fichier)
Task: {3B69DAF6-1C2E-4024-B449-7630D0C6AACC} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe /StartRecording (Pas de fichier)
Task: {785C91B9-1ADA-4B9A-AD76-EF28BFE60F0E} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -PvrRecoveryTask (Pas de fichier)
Task: {96A9367E-170F-4C3B-A377-A58FE4F00B6B} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe /OCURActivate (Pas de fichier)
Task: {9C21A7A3-86A5-4FC0-A34F-389A2E782A22} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (Pas de fichier)
Task: {96A9367E-170F-4C3B-A377-A58FE4F00B6B} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe /OCURActivate (Pas de fichier)
Task: {9C21A7A3-86A5-4FC0-A34F-389A2E782A22} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (Pas de fichier)
Task: {A891FCE6-1B9D-4523-8FA9-B5F5D2D30A98} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (Pas de fichier)
Task: {B9F69C68-B9B7-4A1E-9928-307A7D2286F5} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -ObjectStoreRecoveryTask (Pas de fichier)
Task: {D5331609-20BC-4896-BC69-F728FC23412D} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (Pas de fichier)
Task: {E4105C8F-077C-4365-9365-3568A0FD2EA8} - System32\Tasks\Adobe Reader Speed Launcher => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Pas de fichier)
Task: {F0C88F9B-C354-456D-B30C-FDAC35F7E59A} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) (Pas de fichier)
Task: {F496671F-BF30-49FA-996C-CC780B454C48} - System32\Tasks\Adobe ARM => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Pas de fichier)
Task: {F6672383-A5DA-4F3B-A87C-EA427CD7805C} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -SqlLiteRecoveryTask (Pas de fichier)
Task: {FA9F6EFC-50F6-4B3E-A493-23D6BD5A02FE} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (Pas de fichier)
Task: {FD1DB8E5-96DE-4CBC-83C6-5F7DC21E863B} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe /DoReindexSearchRoot (Pas de fichier)
U3 idsvc; pas de ImagePath
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => -> Pas de fichier
EmptyTemp:
end::