CreateRestorePoint:
CloseProcesses:
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [] => [X]
Task: {27E72C99-339B-4248-9866-1873625B1038} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-12-03] (Google Inc -> Google LLC)
Task: {E3847BAC-E858-4509-801F-73CFDCC0662B} - System32\Tasks\WinZip Update Notifier 3 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2814096 2020-02-24] (Corel Corporation -> Corel Corporation)
CHR Notifications: Default -> hxxps://agecheck.content4you.net; hxxps://filmporno5k.com; hxxps://flashcontact.ch; hxxps://pagesjaunes-by.accengage.net; hxxps://secure-access-0f89b7vmy2ta1fe667.securegate.xyz; hxxps://secure-access-4149b7vhqsl16dz2b2.securegate.xyz; hxxps://secure-access-a94d07vwhgx8pwj2af.securegate.site; hxxps://secure-access-d00e2fntlqdbg8na11.securegate.xyz; hxxps://secure-accesss-vbflf.securegate.xyz; hxxps://secure-accesss-ynutt.securegate.xyz; hxxps://txxx.com; hxxps://www.1planculcesoir.com; hxxps://www.analdin.com; hxxps://www.cnet.com; hxxps://www.cnetfrance.fr; hxxps://www.config-gamer.fr; hxxps://www.doctissimo.fr; hxxps://www.facebook.com; hxxps://www.filmpornohd.xxx; hxxps://www.gentside.com; hxxps://www.hardwarecooking.fr; hxxps://www.jeuxvideo.com; hxxps://www.ldlc.com; hxxps://www.mydates.com; hxxps://www.pornosuivre.com; hxxps://www.programme-television.org; hxxps://www.public.fr; hxxps://www.putainporno.com; hxxps://www.santemagazine.fr; hxxps://www.youtube.com
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2988544 2020-06-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG))
C:\Program Files (x86)\Avira
2020-11-05 14:13 - 2020-11-05 14:13 - 000000000 ____D C:\WINDOWS\system32\Tasks\Safer-Networking
2020-11-05 14:13 - 2020-11-05 14:13 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avira
2020-11-02 15:53 - 2020-11-02 15:53 - 000000000 ____D C:\Users\ericb\AppData\Local\AdAwareDesktop
2020-11-02 15:50 - 2020-11-02 15:50 - 000000000 ____D C:\Users\ericb\AppData\Local\AdAwareUpdater
2020-11-02 15:49 - 2020-11-02 15:49 - 002613168 _____ C:\Users\ericb\Downloads\ad-aware-antivirus-free_12-2_fr_12797.exe
2020-11-02 15:27 - 2020-11-08 19:25 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2020-11-02 15:27 - 2020-11-08 19:24 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2020-11-02 15:24 - 2020-11-02 15:24 - 069910960 _____ (Safer-Networking Ltd. ) C:\Users\ericb\Downloads\spybotsd-2.7.64.0 (3).exe
2020-11-02 15:22 - 2020-11-02 15:22 - 069910960 _____ (Safer-Networking Ltd. ) C:\Users\ericb\Downloads\spybotsd-2.7.64.0 (2).exe
2020-11-02 15:22 - 2020-11-02 15:22 - 069910960 _____ (Safer-Networking Ltd. ) C:\Users\ericb\Downloads\spybotsd-2.7.64.0 (1).exe
2020-11-02 15:19 - 2020-11-02 15:20 - 069910960 _____ (Safer-Networking Ltd. ) C:\Users\ericb\Downloads\spybotsd-2.7.64.0.exe
2020-11-08 19:24 - 2019-12-03 15:01 - 000000000 ____D C:\ProgramData\eMule
2020-11-08 19:24 - 2019-12-03 14:40 - 000000000 ____D C:\Users\ericb\AppData\Local\eMule
2020-11-08 19:21 - 2019-12-29 11:43 - 000000000 ____D C:\Program Files (x86)\Avira
2020-11-08 19:19 - 2019-12-29 11:43 - 000000000 ____D C:\ProgramData\Avira
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F2BC8305-DFBE-4C02-A906-9BBD8EE299A3}_is1" /f
FirewallRules: [UDP Query User{9C5765FF-6A9A-47ED-86CF-26D2B7773510}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe => Pas de fichier
FirewallRules: [TCP Query User{C70207B6-DF01-4637-BA67-34C3F2C63108}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe => Pas de fichier
CMD: netsh advfirewall reset 
CMD: netsh int ipv4 reset all
CMD: netsh int ipv6 reset all
CMD: netsh int portproxy reset all
CMD: netsh int tcp reset all
CMD: netsh int ip reset all
Reg: REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer" /V SmartScreenEnabled /T REG_SZ /D RequireAdmin /f
Reg: REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Dfrg\BootOptimizeFunction" /V Enable /T REG_SZ /D n /f
Reg: REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Dfrg\BootOptimizeFunction" /V OptimizeComplete /T REG_SZ /D no /f
Reg: REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /V PowerdownAfterShutdown /T REG_SZ /D 1 /f
Reg: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /V ClearPageFileAtShutdown /T REG_DWORD /D 0 /f
Reg: REG ADD "HKEY_CURRENT_USER\Control Panel\Desktop" /V MenuShowDelay /T REG_SZ /D 400 /f
Reg: REG ADD "HKEY_CURRENT_USER\Control Panel\Desktop" /V WaitToKillAppTimeout /T REG_SZ /D 1200 /f
Reg: REG ADD "HKEY_CURRENT_USER\Control Panel\Desktop" /V HungAppTimeout /T REG_SZ /D 1200 /f
Reg: REG ADD "HKEY_CURRENT_USER\Control Panel\Desktop" /V AutoEndTasks /T REG_SZ /D 1 /f
Reg: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control" /V WaitToKillServiceTimeout /T REG_SZ /D 1200 /f
CMD: bitsadmin /reset
CMD: cscript %windir%\System32\slmgr.vbs /dli
c:\windows\temp\*.*
C:\Users\CurrentUserName\AppData\Local\Temp\*.*
C:\Windows\SoftwareDistribution\Download\ *
EmptyTemp: