start:: CreateRestorePoint: CloseProcesses: Hosts: Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)] Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)] Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)] Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)] FF Homepage: Mozilla\Firefox\Profiles\aov9js4v.Utilisateur par défaut-1522051753298 -> hxxps://mysearchengine.co/homepage?hp=1&bitmask=9996&pId=MO150601&iDate=2020-11-10 10:26:11&bName= FF NewTab: Mozilla\Firefox\Profiles\aov9js4v.Utilisateur par défaut-1522051753298 -> hxxps://mysearchengine.co/homepage?hp=1&bitmask=9996&pId=MO150601&iDate=2020-11-10 10:26:11&bName= FF SearchPlugin: C:\Users\sgrbo\AppData\Roaming\Mozilla\Firefox\Profiles\aov9js4v.Utilisateur par défaut-1522051753298\searchplugins\mysearchengine.xml [2020-11-22] FF ProfilePath: C:\Users\sgrbo\AppData\Roaming\Mozilla\Firefox\Profiles\a7xa1rd2.default [2020-11-22] FF Homepage: Mozilla\Firefox\Profiles\a7xa1rd2.default -> hxxps://mysearchengine.co/homepage?hp=1&bitmask=9996&pId=MO150601&iDate=2020-11-10 10:26:11&bName= FF NewTab: Mozilla\Firefox\Profiles\a7xa1rd2.default -> hxxps://mysearchengine.co/homepage?hp=1&bitmask=9996&pId=MO150601&iDate=2020-11-10 10:26:11&bName= FF SearchPlugin: C:\Users\sgrbo\AppData\Roaming\Mozilla\Firefox\Profiles\a7xa1rd2.default\searchplugins\mysearchengine.xml [2020-11-22] CustomCLSID: HKU\S-1-5-21-3651091238-137905499-632287878-1001_Classes\CLSID\{500C8957-D051-4057-8C54-CBB13E45C719}\localserver32 -> "C:\Users\sgrbo\AppData\Local\StarLeaf\StarLeaf\1\StarLeaf.UWP.exe" --toasty => Pas de fichier ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Pas de fichier ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Pas de fichier ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Pas de fichier ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Pas de fichier ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Pas de fichier ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Pas de fichier ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Pas de fichier ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Pas de fichier ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Pas de fichier ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Pas de fichier ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Pas de fichier ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Pas de fichier ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Pas de fichier ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Pas de fichier ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Pas de fichier AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F [134] AlternateDataStreams: C:\ProgramData\TEMP:BE64143E [109] AlternateDataStreams: C:\Users\sgrbo\Documents\Chargements appareil photo:com.dropbox.attributes [168] IE trusted site: HKU\S-1-5-21-3651091238-137905499-632287878-1001\...\localhost -> localhost IE trusted site: HKU\S-1-5-21-3651091238-137905499-632287878-1001\...\webcompanion.com -> hxxp://webcompanion.com HKLM\...\StartupApproved\Run: => "SecurityHealth" HKLM\...\StartupApproved\Run32: => "Dropbox" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "Tray Temperature" HKU\S-1-5-21-3651091238-137905499-632287878-1001\...\StartupApproved\StartupFolder: => "Facebook Gameroom.lnk" HKU\S-1-5-21-3651091238-137905499-632287878-1001\...\StartupApproved\StartupFolder: => "GigaTribe.lnk" HKU\S-1-5-21-3651091238-137905499-632287878-1001\...\StartupApproved\StartupFolder: => "StarLeaf.lnk" HKU\S-1-5-21-3651091238-137905499-632287878-1001\...\StartupApproved\Run: => "EA Core" HKU\S-1-5-21-3651091238-137905499-632287878-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-3651091238-137905499-632287878-1001\...\StartupApproved\Run: => "PlariumPlay" HKU\S-1-5-21-3651091238-137905499-632287878-1001\...\StartupApproved\Run: => "EpicGamesLauncher" HKU\S-1-5-21-3651091238-137905499-632287878-1001\...\StartupApproved\Run: => "ApowerREC" HKU\S-1-5-21-3651091238-137905499-632287878-1001\...\StartupApproved\Run: => "upjers Home" HKU\S-1-5-21-3651091238-137905499-632287878-1001\...\StartupApproved\Run: => "EADM" FirewallRules: [{7E24DA73-771B-4F87-8960-157E6A85FFB9}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe => Pas de fichier FirewallRules: [{6A580929-7090-423F-AB40-36CAB8A70189}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe => Pas de fichier FirewallRules: [{9406F33C-746E-46B3-9653-022FCD8C5C23}] => (Allow) C:\Users\sgrbo\AppData\Roaming\Zoom\bin\airhost.exe => Pas de fichier FirewallRules: [{32D38F42-0B3E-425F-8538-51783DE2821D}] => (Allow) C:\Users\sgrbo\AppData\Local\StarLeaf\StarLeaf\2\StarLeafc.exe => Pas de fichier FirewallRules: [{AFEACA37-4267-4FDE-8303-954B6306A8A5}] => (Allow) C:\Users\sgrbo\AppData\Local\StarLeaf\StarLeaf\1\StarLeafc.exe => Pas de fichier FirewallRules: [{232E7079-F530-435A-931C-8895B7E75591}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerREC\ApowerREC.exe => Pas de fichier FirewallRules: [{6738CA08-5C7C-4D58-AEAD-0A44CD7D7A46}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerREC\ApowerREC.exe => Pas de fichier EmptyTemp: cmd: ipconfig /flushdns cmd: netsh advfirewall reset cmd: netsh winsock reset cmd: sfc /scannow end::