start::
closeprocesses:
createrestorepoint:
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => -> Pas de fichier
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier
AlternateDataStreams: C:\ProgramData\Temp:373E1720 [134]
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com/?ptr=100&crg=3.1010000.10039&barid={C4423AE2-C622-11E2-935B-28924A3FD466}
HKU\S-1-5-21-3101702298-3018225471-2544267325-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/?affID=120519&tt=gc_&babsrc=HP_ss_din2g&mntrId=981A74E54382279A
SearchScopes: HKLM -> DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.sweetim.com/search.asp?src=6&ptr=100&q={searchTerms}&crg=3.1010000.10039&barid={C4423AE2-C622-11E2-935B-28924A3FD466}
SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKLM -> {B737AC33-1B07-414A-8006-991128380625} URL = hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://fr.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/709-111075-12437-3/4?mpre=hxxp://www.ebay.fr/sch/i.html?_nkw={searchTerms}
SearchScopes: HKLM -> {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.sweetim.com/search.asp?src=6&ptr=100&q={searchTerms}&crg=3.1010000.10039&barid={C4423AE2-C622-11E2-935B-28924A3FD466}
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-21-3101702298-3018225471-2544267325-1000 -> DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&barid={C4423AE2-C622-11E2-935B-28924A3FD466}&crg=3.1010000.10039&st=23&st=23&ptr=100
SearchScopes: HKU\S-1-5-21-3101702298-3018225471-2544267325-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPMTDF&pc=HPMTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3101702298-3018225471-2544267325-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&babsrc=SP_ss_din2g&mntrId=981A74E54381FF22&affID=121962&tsp=4919
SearchScopes: HKU\S-1-5-21-3101702298-3018225471-2544267325-1000 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKU\S-1-5-21-3101702298-3018225471-2544267325-1000 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-21-3101702298-3018225471-2544267325-1000 -> {B737AC33-1B07-414A-8006-991128380625} URL = hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-3101702298-3018225471-2544267325-1000 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://fr.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKU\S-1-5-21-3101702298-3018225471-2544267325-1000 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/709-111075-12437-3/4?mpre=hxxp://www.ebay.fr/sch/i.html?_nkw={searchTerms}
SearchScopes: HKU\S-1-5-21-3101702298-3018225471-2544267325-1000 -> {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&barid={C4423AE2-C622-11E2-935B-28924A3FD466}&crg=3.1010000.10039&st=23&st=23&ptr=100
BHO: Pas de nom -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> Pas de fichier
BHO: SweetPacks Browser Helper -> {EEE6C35C-6118-11DC-9C72-001320C79847} -> C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2013-03-18] (SweetIM Technologies Ltd -> SweetIM Technologies Ltd.)
Toolbar: HKLM - SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2013-03-18] (SweetIM Technologies Ltd -> SweetIM Technologies Ltd.)
Toolbar: HKU\S-1-5-21-3101702298-3018225471-2544267325-1000 -> Pas de nom - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Pas de fichier
HKLM\...\Run: [IgfxTray] => C:\Windows\system32 [0 2021-11-20] () <==== ATTENTION [zéro octet Fichier/Dossier]
HKLM\...\Run: [HotKeysCmds] => C:\Windows\system32 [0 2021-11-20] () <==== ATTENTION [zéro octet Fichier/Dossier]
HKLM\...\Run: [Persistence] => C:\Windows\system32 [0 2021-11-20] () <==== ATTENTION [zéro octet Fichier/Dossier]
HKLM\...\Run: [GfxServiceInstall] => C:\Windows\system32 [0 2021-11-20] () <==== ATTENTION [zéro octet Fichier/Dossier]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1}] -> msiexec /fu {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} /qn
Task: {09B01D22-53E1-4040-B721-FF51EB97B8DF} - System32\Tasks\SoftwareUpdateTaskMachineUA => C:\Program Files\Software\Update\SoftwareUpdate.exe [119408 2013-05-24] (Boxore OU -> The Software Group)
Task: {46189B4D-B48B-43FF-9B12-04DC4E9FDF4C} - System32\Tasks\EPUpdater => C:\Users\darty\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe (Pas de fichier) <==== ATTENTION
Task: {646FE921-AAAB-40FB-A0E8-77693E43D6A5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Pas de fichier)
Task: {6CE411F4-1599-443B-B9E2-1015C074EADB} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_32_0_0_387_Plugin.exe -check plugin (Pas de fichier)
Task: {A31C21D8-5CED-483B-96C1-56D7DC35E94E} - System32\Tasks\SoftwareUpdateTaskMachineCore => C:\Program Files\Software\Update\SoftwareUpdate.exe [119408 2013-05-24] (Boxore OU -> The Software Group)
Task: {DB3AC13D-8F47-429C-9EC6-CC1F1C7FC912} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [1469456 2018-03-24] (AVAST Software s.r.o. -> AVAST Software)
Task: C:\Windows\Tasks\SoftwareUpdateTaskMachineCore.job => C:\Program Files\Software\Update\SoftwareUpdate.exe
Task: C:\Windows\Tasks\SoftwareUpdateTaskMachineUA.job => C:\Program Files\Software\Update\SoftwareUpdate.exe
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_32_0_0_387.dll [Pas de fichier]
FF Plugin: @tools.Software.com/Software Update;version=3 -> C:\Program Files\Software\Update\1.3.25.0\npSoftwareUpdate3.dll [2013-05-24] (Boxore OU -> The Software Group)
FF Plugin: @tools.Software.com/Software Update;version=9 -> C:\Program Files\Software\Update\1.3.25.0\npSoftwareUpdate3.dll [2013-05-24] (Boxore OU -> The Software Group)
C:\Users\darty\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
C:\Users\darty\AppData\Local\Google\Chrome\User Data\Default\Extensions\fagpjgjmoaccgkkpjeoinehnoaimnbla
CHR HKLM\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\darty\AppData\Roaming\BabSolution\CR\Delta.crx [2013-05-24]
S2 Software_update; C:\Program Files\Software\Update\SoftwareUpdate.exe [119408 2013-05-24] (Boxore OU -> The Software Group)
S3 Software_update_m; C:\Program Files\Software\Update\SoftwareUpdate.exe [119408 2013-05-24] (Boxore OU -> The Software Group)
S3 clwvd; system32\DRIVERS\clwvd.sys [X]
2021-11-20 12:25 - 2013-05-26 17:39 - 000000000 ____D C:\Program Files\SweetIM
2021-11-20 10:18 - 2013-05-24 16:26 - 000000000 ____D C:\Users\darty\AppData\Roaming\BabSolution
2021-11-20 10:14 - 2017-10-06 18:55 - 000016384 _____ C:\Windows\system32\Ikeext.etl
2021-11-20 10:14 - 2013-05-24 16:25 - 000000900 _____ C:\Windows\Tasks\SoftwareUpdateTaskMachineCore.job
2021-11-20 10:14 - 2009-07-14 05:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-11-20 07:41 - 2013-05-24 17:12 - 000000000 ____D C:\Program Files\AVAST Software
2021-11-19 22:54 - 2013-05-24 17:11 - 000000000 ____D C:\ProgramData\AVAST Software
cmd: netsh advfirewall reset
emptytemp:
end::