start:: CreateRestorePoint: CloseProcesses: Hosts: ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Pas de fichier ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Pas de fichier ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Pas de fichier ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Pas de fichier ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Pas de fichier ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Pas de fichier ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Pas de fichier ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Pas de fichier ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Pas de fichier ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Pas de fichier ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Pas de fichier ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Pas de fichier ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Pas de fichier ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Pas de fichier ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> Pas de fichier ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Pas de fichier ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll -> Pas de fichier ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => -> Pas de fichier C:\Program Files (x86)\Glary Utilities 5 ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\WINDOWS\System32\IObitSmartDefragExtension.dll [2016-03-25] (IObit Information Technology -> IObit) ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll -> Pas de fichier ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => -> Pas de fichier ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> Pas de fichier ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Pas de fichier ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll -> Pas de fichier ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => -> Pas de fichier ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\WINDOWS\System32\IObitSmartDefragExtension.dll [2016-03-25] (IObit Information Technology -> IObit) IE trusted site: HKU\S-1-5-21-2451943935-529709864-1479247760-1000\...\localhost -> localhost IE restricted site: HKU\S-1-5-21-2451943935-529709864-1479247760-1000\...\007guard.com -> install.007guard.com IE restricted site: HKU\S-1-5-21-2451943935-529709864-1479247760-1000\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-2451943935-529709864-1479247760-1000\...\008k.com -> www.008k.com IE restricted site: HKU\S-1-5-21-2451943935-529709864-1479247760-1000\...\00hq.com -> www.00hq.com IE restricted site: HKU\S-1-5-21-2451943935-529709864-1479247760-1000\...\010402.com -> 010402.com IE restricted site: HKU\S-1-5-21-2451943935-529709864-1479247760-1000\...\0190-dialers.com -> 0190-dialers.com IE restricted site: HKU\S-1-5-21-2451943935-529709864-1479247760-1000\...\01i.info -> 01i.info IE restricted site: HKU\S-1-5-21-2451943935-529709864-1479247760-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\S-1-5-21-2451943935-529709864-1479247760-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\S-1-5-21-2451943935-529709864-1479247760-1000\...\05p.com -> 05p.com IE restricted site: HKU\S-1-5-21-2451943935-529709864-1479247760-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\S-1-5-21-2451943935-529709864-1479247760-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\S-1-5-21-2451943935-529709864-1479247760-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\S-1-5-21-2451943935-529709864-1479247760-1000\...\0calories.net -> 0calories.net IE restricted site: HKU\S-1-5-21-2451943935-529709864-1479247760-1000\...\0cj.net -> 0cj.net IE restricted site: HKU\S-1-5-21-2451943935-529709864-1479247760-1000\...\0scan.com -> www.0scan.com IE restricted site: HKU\S-1-5-21-2451943935-529709864-1479247760-1000\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\S-1-5-21-2451943935-529709864-1479247760-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\S-1-5-21-2451943935-529709864-1479247760-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\S-1-5-21-2451943935-529709864-1479247760-1000\...\1-se.com -> 1-se.com HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Pas de fichier) MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^O&O Defrag Tray.lnk => C:\Windows\pss\O&O Defrag Tray.lnk.CommonStartup MSCONFIG\startupfolder: C:^Users^chewnakin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Lanceur.lnk => C:\Windows\pss\Lanceur.lnk.Startup MSCONFIG\startupreg: Google Update => MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" MSCONFIG\startupreg: HP Software Update => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe MSCONFIG\startupreg: hpsysdrv => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe MSCONFIG\startupreg: IntelliPoint => "c:\Program Files\Microsoft IntelliPoint\ipoint.exe" MSCONFIG\startupreg: Magic Desktop for HP notification => "C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe" MSCONFIG\startupreg: NBAgent => MSCONFIG\startupreg: OODefragTray => C:\Program Files\OO Software\Defrag\oodtray.exe MSCONFIG\startupreg: PDF Complete => C:\Program Files (x86)\PDF Complete\pdfsty.exe MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk" HKLM\...\StartupApproved\StartupFolder: => "O&O Defrag Tray.lnk" HKLM\...\StartupApproved\Run: => "RTHDVCPL" HKLM\...\StartupApproved\Run: => "OODefragTray" HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run32: => "HP Software Update" HKLM\...\StartupApproved\Run32: => "SDTray" HKLM\...\StartupApproved\Run32: => "FLxHCIm64" HKLM\...\StartupApproved\Run32: => "IObit Malware Fighter" HKU\S-1-5-21-2451943935-529709864-1479247760-1000\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-2451943935-529709864-1479247760-1000\...\StartupApproved\Run: => "CCleaner Monitoring" HKU\S-1-5-21-2451943935-529709864-1479247760-1000\...\StartupApproved\Run: => "SmartRAM" HKU\S-1-5-21-2451943935-529709864-1479247760-1000\...\StartupApproved\Run: => "bdagent.exe" HKU\S-1-5-21-2451943935-529709864-1479247760-1000\...\StartupApproved\Run: => "CCleaner Smart Cleaning" HKU\S-1-5-21-2451943935-529709864-1479247760-1000\...\StartupApproved\Run: => "GUDelayStartup" HKU\S-1-5-21-2451943935-529709864-1479247760-1000\...\StartupApproved\Run: => "Glary Memory Optimizer" HKLM\...\Policies\Explorer: [NoRecentDocsHistory] 1 HKLM\...\Policies\Explorer: [NoInstrumentation] 1 HKLM\...\Policies\Explorer: [NoRecentDocsMenu] 1 HKLM\...\Policies\Explorer: [NoRecentDocsNetHood] 1 HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION HKU\S-1-5-21-2451943935-529709864-1479247760-1000\...\Policies\system: [DisableLockWorkstation] 0 HKU\S-1-5-21-2451943935-529709864-1479247760-1000\...\Policies\system: [DisableChangePassword] 0 HKU\S-1-5-21-2451943935-529709864-1479247760-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-21-2451943935-529709864-1479247760-1000\...\Policies\Explorer: [NoRecentDocsHistory] 1 HKU\S-1-5-21-2451943935-529709864-1479247760-1000\...\Policies\Explorer: [NoRecentDocsMenu] 1 HKU\S-1-5-21-2451943935-529709864-1479247760-1000\...\Policies\Explorer: [NoRecentDocsNetHood] 1 GroupPolicy: Restriction ? <==== ATTENTION Task: {32074C6F-864E-469C-BC7A-E9FCF15F1359} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Pas de fichier <==== ATTENTION Task: {252DC96A-7026-4003-AF45-6246A7CB94D3} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NOUACCHECK BHO: Pas de nom -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> Pas de fichier Toolbar: HKU\S-1-5-21-2451943935-529709864-1479247760-1000 -> Pas de nom - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Pas de fichier CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx S3 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS -> EasyBits Software AS) [Fichier non signé] S3 cpuz143; \??\C:\WINDOWS\temp\cpuz143\cpuz143_x64.sys [X] U3 idsvc; pas de ImagePath 2019-06-09 18:04 - 2019-06-09 18:05 - 000000000 ____D C:\Users\chewnakin\Desktop\IObit Driver Booster PRO v6.4.0.398 Portable 2019-06-08 12:53 - 2016-03-25 14:33 - 000128288 _____ (IObit) C:\WINDOWS\system32\IObitSmartDefragExtension.dll 2019-06-08 12:53 - 2016-03-22 11:02 - 000036824 _____ (IObit) C:\WINDOWS\system32\SmartDefragBootTime.exe 2019-06-11 18:04 - 2018-05-26 15:36 - 000000000 ____D C:\WINDOWS\System32\Tasks\WiseCleaner EmptyTemp: cmd: ipconfig /flushdns end::