tart::
CreateRestorePoint:
CloseProcesses:
Hosts:
RemoveProxy:
GroupPolicy: Restriction ?
Policies: C:\ProgramData\NTUSER.pol: Restriction
HKLM-x32\...\RunOnce: [SymInstallStub] => C:\ProgramData\NortonInstaller\NSSInstallStub.exe 
HKU\S-1-5-21-1296333286-1373168368-3703510258-1001\...\Run: [QtraxNotification] => C:\Users\symar\Qtrax\Player\Notification.exe
HKU\S-1-5-21-1296333286-1373168368-3703510258-1001\...\Run: [GoogleChromeAutoLaunch_62662A188B8E545B26448BD5C524F9DA]
Task: {0DCCD543-D348-4E9D-B73F-13FE341E3D62} - System32\Tasks\Updater12765.exe => C:\Users\symar\AppData\Local\Updater12765\Updater12765.exe
Task: {2A862896-D227-4E31-96D2-A30425AB5741} - System32\Tasks\SoftwareUpdateTaskMachineUA => C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe
Task: {75413559-75B9-4794-86FB-D75F6E0E3ABC} - System32\Tasks\{5D9893F3-7FC8-DC98-47ED-4F99A301DC39} => C:\Users\symar\AppData\Roaming\5D9893~1\UpdTask.exe
Task: {98E83064-58E5-45D0-9533-F6C824A6A042} - System32\Tasks\Norton Product Installer => C:\ProgramData\NortonInstaller\NSSInstallStub.exe
Task: {BB3DB9DB-18C8-43F2-8F10-B7640A4F6218} - System32\Tasks\Desk 365 RunAsStdUser => C:\Program Files (x86)\Desk 365\desk365.exe
Task: {CD6BE525-5247-4904-859C-DEEC714CD1ED} - System32\Tasks\BrowserDefendert => C:\Windows\system32\sc.exe start BrowserDefendert
Task: {E16DB668-B79D-420B-8917-924A2C044F2C} - System32\Tasks\Norton Product InstallerIdle => C:\ProgramData\NortonInstaller\NSSInstallStub.exe
Task: {F5B3CF67-EC7B-4CA8-8CF5-751437639DD5} - System32\Tasks\SoftwareUpdateTaskMachineCore => C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\Bing Search Engine ranem.job => Wscript.exe C:\ProgramData\{6820AD43-E262-2785-64A4-B9C7FEE63209}\dalo.txt
Edge HomePage: Default -> hxxp://search.babylon.com/?affID=120517&babsrc=HP_ss_sps&mntrId=A2D81A54B25D705E
FF HKLM-x32\...\Firefox\Extensions: [bubbledock@nosibay.com] - C:\Program Files (x86)\Nosibay\Bubble Dock\extensions\FFSurfMatch
CHR HKLM\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\symar\AppData\Local\mysearchdial_speedial_v9.0.2.crx [2013-07-16]
CHR HKU\S-1-5-21-1296333286-1373168368-3703510258-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\symar\AppData\Local\mysearchdial_speedial_v9.0.2.crx [2013-07-16]
CHR HKLM-x32\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\symar\AppData\Roaming\BabSolution\CR\Delta.crx [2013-06-08]
CHR HKLM-x32\...\Chrome\Extension: [igdhbblpcellaljokkpfhcjlagemhgjl] - C:\Program Files (x86)\Iminent\Iminent.crx <non trouvé(e)>
CHR HKLM-x32\...\Chrome\Extension: [kbjlipmgfoamgjaogmbihaffnpkpjajp] - C:\Program Files (x86)\Nosibay\Bubble Dock\extensions\GCSurfMatch.crx [2012-11-06]
CHR HKLM-x32\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\symar\AppData\Local\mysearchdial_speedial_v9.0.2.crx [2013-07-16]
S2 Software_update; C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe
S3 Software_update_m; C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe
S2 IMService; C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe [X]
S2 MediaStreamingService; C:\ProgramData\Boxore\LSP\MediaStreamingService.exe [X]
S1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
S3 NAVENG; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.8.0.50\Definitions\SDSDefs\20170216.023\ENG64.SYS [X]
S3 NAVEX15; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.8.0.50\Definitions\SDSDefs\20170216.023\EX64.SYS [X]
2021-08-19 20:49 - 2021-08-19 20:49 - 000003142 _____ C:\WINDOWS\system32\Tasks\Norton Product Installer
2021-08-19 20:49 - 2021-08-19 20:49 - 000000492 _____ C:\WINDOWS\Tasks\Norton Product Installer.job
2021-08-19 19:49 - 2021-08-19 19:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Scan
2021-08-19 19:49 - 2021-08-19 19:49 - 000000000 ____D C:\Program Files (x86)\NortonInstaller
2021-08-19 19:49 - 2021-08-19 19:49 - 000000000 ____D C:\Program Files (x86)\Norton Security Scan
2021-08-19 19:18 - 2021-08-19 20:49 - 000003028 _____ C:\WINDOWS\system32\Tasks\Norton Product InstallerIdle
2021-08-19 19:18 - 2021-08-19 20:49 - 000000500 ____H C:\WINDOWS\Tasks\Norton Product InstallerIdle.job
2021-08-19 16:00 - 2021-07-13 08:34 - 000376072 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2021-08-19 16:00 - 2021-07-13 08:23 - 000317176 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2021-08-19 19:49 - 2012-12-19 23:39 - 000000000 ____D C:\ProgramData\Norton
2021-08-19 19:18 - 2012-12-19 23:38 - 000000000 ____D C:\ProgramData\NortonInstaller
2013-07-16 06:07 - 2013-07-16 06:07 - 000423709 _____ () C:\Users\symar\AppData\Local\mysearchdial_speedial_v9.0.2.crx
ShortcutWithArgument: C:\Users\symar\AppData\Local\Chrome .lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> hxxp://start.iminent.com/?appId=5693BFEE-3BE4-45B3-AA06-A710EE81900C&ref=sct
ShortcutWithArgument: C:\Users\symar\AppData\Local\Firefox .lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://start.iminent.com/?appId=5693BFEE-3BE4-45B3-AA06-A710EE81900C&ref=sct
ShortcutWithArgument: C:\Users\symar\AppData\Local\Iexplore .lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://start.iminent.com/?appId=5693BFEE-3BE4-45B3-AA06-A710EE81900C&ref=sct
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MediaStreamingService => ""="service"
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.qvo6.com/?utm_source=b&utm_medium=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.qvo6.com/?utm_source=b&utm_medium=
HKU\S-1-5-21-1296333286-1373168368-3703510258-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/?affID=120517&babsrc=
HKU\S-1-5-21-1296333286-1373168368-3703510258-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.qvo6.com/?utm_source=b&utm_medium=
HKU\S-1-5-21-1296333286-1373168368-3703510258-1001\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.delta-search.com/?affID=120517&babsrc=
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM -> {23CB700D-5A9C-4A14-ADF4-9D0536BB7F7E} URL = hxxp://start.mysearchdial.com/results.php?f=4&q=
SearchScopes: HKLM -> {26080cad-4adc-49ac-8c63-eda16e595cbd} URL =
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM -> {d4fee3d1-1014-4db8-a824-573bf9ab51c7} URL =
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 -> {23CB700D-5A9C-4A14-ADF4-9D0536BB7F7E} URL = hxxp://start.mysearchdial.com/results.php?f=4&q=
SearchScopes: HKLM-x32 -> {26080cad-4adc-49ac-8c63-eda16e595cbd} URL =
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 -> {d4fee3d1-1014-4db8-a824-573bf9ab51c7} URL =
SearchScopes: HKU\S-1-5-21-1296333286-1373168368-3703510258-1001 -> bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKU\S-1-5-21-1296333286-1373168368-3703510258-1001 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://isearch.babylon.com/?q=
SearchScopes: HKU\S-1-5-21-1296333286-1373168368-3703510258-1001 -> {23CB700D-5A9C-4A14-ADF4-9D0536BB7F7E} URL = hxxp://start.mysearchdial.com/results.php?f=4&q=
SearchScopes: HKU\S-1-5-21-1296333286-1373168368-3703510258-1001 -> {26080cad-4adc-49ac-8c63-eda16e595cbd} URL =
SearchScopes: HKU\S-1-5-21-1296333286-1373168368-3703510258-1001 -> {2A05C7DD-F835-70CA-516C-484D814B951C} URL =
SearchScopes: HKU\S-1-5-21-1296333286-1373168368-3703510258-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=slbnew&from=
SearchScopes: HKU\S-1-5-21-1296333286-1373168368-3703510258-1001 -> {d4fee3d1-1014-4db8-a824-573bf9ab51c7} URL =
SearchScopes: HKU\S-1-5-21-1296333286-1373168368-3703510258-1001 -> {F89378F9-1BF7-4D11-8124-9EAB2E6CD29E} URL =
BHO: IMinent WebBooster (BHO) -> {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} -> C:\Program Files (x86)\Iminent\Minibar.InternetExplorer.BHOx64.dll => Pas de fichier
BHO-x32: IMinent WebBooster (BHO) -> {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} -> C:\Program Files (x86)\Iminent\Minibar.InternetExplorer.BHOx86.dll => Pas de fichier
BHO-x32: mysearchdial Helper Object -> {EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} -> C:\PROGRA~2\MYSEAR~1\bh\MYSEAR~1.DLL => Pas de fichier
Toolbar: HKLM-x32 - mysearchdial Toolbar - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\Program Files (x86)\Mysearchdial\mysearchdialTlbr.dll 
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
EmptyTemp:
cmd: ipconfig /flushdns
end::