fixlist.txt

Document joint : HDcsmosQanl_fixlist.txt

Cliquez pour partager vos propres fichiers

Format du document : text/plain

Prévisualisation

CreateRestorePoint:
CloseProcesses:

C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe
C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\systemcore\mfemms.exe
(McAfee, Inc.) C:\windows\System32\mfevtps.exe
(McAfee, Inc.) C:\windows\System32\mfevtps.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.12.1.15\nortonsecurity.exe
C:\Program Files (x86)\IObit\Classic Start\SMService.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.12.1.15\nortonsecurity.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
(IObit) C:\Program Files (x86)\IObit\Classic Start\ClassicStart.exe
(IObit) C:\Program Files (x86)\IObit\Classic Start\StartMenu_Hook.exe
(IObit) C:\Program Files (x86)\IObit\Classic Start\InstallServices.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McUICnt.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.9.829.0\McCSPServiceHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [5893920 2015-11-12] (IObit)
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3956248472-2550150166-470528241-1001\...\Run: [Norton Download Manager{NS22110207-SHPD-FSD510303}] => C:\Users\Public\Downloads\Norton\{NS22110207-SHPD-FSD510303}\NortonNSDownloader.exe [1120096 2018-01-07] (Symantec Corporation)
HKU\S-1-5-21-3956248472-2550150166-470528241-1001\...\Run: [Advanced SystemCare 11] => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [3598624 2017-12-11] (IObit)
HKU\S-1-5-21-3956248472-2550150166-470528241-1001\...\Policies\system: [Shell] explorer.exe,msiexec.exe /i hxxp://point.ltdmsjq.com/?data=zDlkMj83FTqcOUE1NjhSRYY1NjJYRUEdNTEdMYMcRURYNYI5OF== /q <==== ATTENTION
HKU\S-1-5-18\...\Run: [Advanced SystemCare 9] => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [3598624 2017-12-11] (IObit)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll => Pas de fichier
AppInit_DLLs-x32: C:\ProgramData\ApppazmaL\BigTip.dll => Pas de fichier
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
GroupPolicy: Restriction <==== ATTENTION
GroupPolicy\User: Restriction <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nuesearch.com/?type=hp&ts=1473857940&z=f579f6a51b58b57ba9c33e6g7z7macdbdw9mat5g3b&from=qks0914&uid=WDCXWD10EZEX-60M2NA0_WD-WCC3F7VNUFAHNUFAH
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nuesearch.com/?type=hp&ts=1473857940&z=f579f6a51b58b57ba9c33e6g7z7macdbdw9mat5g3b&from=qks0914&uid=WDCXWD10EZEX-60M2NA0_WD-WCC3F7VNUFAHNUFAH
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nuesearch.com/search/?type=ds&ts=1473857940&z=f579f6a51b58b57ba9c33e6g7z7macdbdw9mat5g3b&from=qks0914&uid=WDCXWD10EZEX-60M2NA0_WD-WCC3F7VNUFAHNUFAH&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nuesearch.com/search/?type=ds&ts=1473857940&z=f579f6a51b58b57ba9c33e6g7z7macdbdw9mat5g3b&from=qks0914&uid=WDCXWD10EZEX-60M2NA0_WD-WCC3F7VNUFAHNUFAH&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nuesearch.com/?type=hp&ts=1473857940&z=f579f6a51b58b57ba9c33e6g7z7macdbdw9mat5g3b&from=qks0914&uid=WDCXWD10EZEX-60M2NA0_WD-WCC3F7VNUFAHNUFAH
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nuesearch.com/?type=hp&ts=1473857940&z=f579f6a51b58b57ba9c33e6g7z7macdbdw9mat5g3b&from=qks0914&uid=WDCXWD10EZEX-60M2NA0_WD-WCC3F7VNUFAHNUFAH
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nuesearch.com/search/?type=ds&ts=1473857940&z=f579f6a51b58b57ba9c33e6g7z7macdbdw9mat5g3b&from=qks0914&uid=WDCXWD10EZEX-60M2NA0_WD-WCC3F7VNUFAHNUFAH&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nuesearch.com/search/?type=ds&ts=1473857940&z=f579f6a51b58b57ba9c33e6g7z7macdbdw9mat5g3b&from=qks0914&uid=WDCXWD10EZEX-60M2NA0_WD-WCC3F7VNUFAHNUFAH&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nuesearch.com/?type=hp&ts=1473857940&z=f579f6a51b58b57ba9c33e6g7z7macdbdw9mat5g3b&from=qks0914&uid=WDCXWD10EZEX-60M2NA0_WD-WCC3F7VNUFAHNUFAH
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nuesearch.com/?type=hp&ts=1473857940&z=f579f6a51b58b57ba9c33e6g7z7macdbdw9mat5g3b&from=qks0914&uid=WDCXWD10EZEX-60M2NA0_WD-WCC3F7VNUFAHNUFAH
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nuesearch.com/search/?type=ds&ts=1473857940&z=f579f6a51b58b57ba9c33e6g7z7macdbdw9mat5g3b&from=qks0914&uid=WDCXWD10EZEX-60M2NA0_WD-WCC3F7VNUFAHNUFAH&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nuesearch.com/search/?type=ds&ts=1473857940&z=f579f6a51b58b57ba9c33e6g7z7macdbdw9mat5g3b&from=qks0914&uid=WDCXWD10EZEX-60M2NA0_WD-WCC3F7VNUFAHNUFAH&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nuesearch.com/?type=hp&ts=1473857940&z=f579f6a51b58b57ba9c33e6g7z7macdbdw9mat5g3b&from=qks0914&uid=WDCXWD10EZEX-60M2NA0_WD-WCC3F7VNUFAHNUFAH
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nuesearch.com/?type=hp&ts=1473857940&z=f579f6a51b58b57ba9c33e6g7z7macdbdw9mat5g3b&from=qks0914&uid=WDCXWD10EZEX-60M2NA0_WD-WCC3F7VNUFAHNUFAH
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nuesearch.com/search/?type=ds&ts=1473857940&z=f579f6a51b58b57ba9c33e6g7z7macdbdw9mat5g3b&from=qks0914&uid=WDCXWD10EZEX-60M2NA0_WD-WCC3F7VNUFAHNUFAH&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nuesearch.com/search/?type=ds&ts=1473857940&z=f579f6a51b58b57ba9c33e6g7z7macdbdw9mat5g3b&from=qks0914&uid=WDCXWD10EZEX-60M2NA0_WD-WCC3F7VNUFAHNUFAH&q={searchTerms}
hxxp://www.amisites.com/search/?type=ds&ts=1479289797&z=db2bcd1d0fbaf697b65f3bbg5zfmdt1o5tdqbtacbg&from=che0812&uid=WDCXWD10EZEX-60M2NA0_WD-WCC3F7VNUFAHNUFAH&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3956248472-2550150166-470528241-1001 -> {015DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3333673&octid=EB_ORIGINAL_CTID&ISID=D79990B7-1FE1-483A-9FDC-37F0480F75E2&SearchSource=58&CUI=&UM=8&UP=SP7960A0FA-B6C5-441A-AB59-1551631C053A&D=082516&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-3956248472-2550150166-470528241-1001 -> {1b31c9d2-7135-442b-bb93-7c002172adc6} URL = hxxp://go.mail.ru/distib/ep/?q={SearchTerms}&product_id=%7B60E198EC-86D0-4FFF-83E4-336A03CE944F%7D&gp=811010
SearchScopes: HKU\S-1-5-21-3956248472-2550150166-470528241-1001 -> {222280B0-FD02-42E4-BCD5-8ED40F55D02F} URL = hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-3956248472-2550150166-470528241-1001 -> {26080cad-4adc-49ac-8c63-eda16e595cbd} URL =
SearchScopes: HKU\S-1-5-21-3956248472-2550150166-470528241-1001 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxp://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYSttY34mamef947lyuZn5X7qpkDH3GIw1zt-DM99XiatMsoQLv1b1g9xbj3gS9SMOWIrWXg6i8tjWvzjX7hG6mCs1JfLtTg4Q9w37Nk1oog-NwyRB7CjV42BSFUcp7DZeLhDcbtmMAoXRNsJ1Z09KTx-HGb1cyX7nbVw6jpZ4o_BYQu&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3956248472-2550150166-470528241-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.amisites.com/search/?type=ds&ts=1479289797&z=db2bcd1d0fbaf697b65f3bbg5zfmdt1o5tdqbtacbg&from=che0812&uid=WDCXWD10EZEX-60M2NA0_WD-WCC3F7VNUFAHNUFAH&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3956248472-2550150166-470528241-1001 -> {5A1560B7-507E-49D1-A53F-8471B7D8BBF2} URL = hxxp://www-searching.com/s.ashx?prd=opensearch&q={searchTerms}&s=G8Ozftpbl0cshmoBU,be1c5a92-aff4-4c88-a07f-f1a92dfdf97b,
SearchScopes: HKU\S-1-5-21-3956248472-2550150166-470528241-1001 -> {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = hxxps://www.amazon.fr/gp/bit/amazonserp/ref=bit_bds-p10_serp_ie_fr_display?ie=UTF8&tagbase=bds-p10&tbrId=v1_abb-channel-10_cc2b5d71_1201_1401_20160430_FR_ie_ds_&tag=bds-p10-serp-fr-ie-21&query={searchTerms}
SearchScopes: HKU\S-1-5-21-3956248472-2550150166-470528241-1001 -> {C6968660-FD5D-4C6F-BB0F-7B4910E5F148} URL = hxxps://fr.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-3956248472-2550150166-470528241-1001 -> {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_16_24_plk_ir_15_53¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DHodor%26cd%3D2XzuyEtN2Y1L1Qzuzz0C0D0C0DyEtAzytC0CtB0DtBtDtByCtN0D0Tzu0StCyCtByDtN1L2XzutAtFtBtBtFtAtFtDtN1L1Czu1M1Q1CtByEtFtCtFtDtN1L1G1B1V1N2Y1L1Qzu2StDtAyBtDyD0Azz0DtGtCtDtBtAtG0E0E0FtAtGyC0E0ByCtG0B0E0C0EyDtByC0CyByCtD0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0B0FtC0C0E0AtDtGyEtCtD0EtGyEzytBzytG0B0C0C0DtG0AtD0DyDyE0FtAtCtAyEyCyE2QtN0A0LzuyE%26cr%3D1384839021%26a%3Dhdr_s_16_24_plk_ir_15_53%26os_ver%3D6.3%26os%3DWindows%2B8.1&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3956248472-2550150166-470528241-1001 -> {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWrUJ1X5m4UdMeSMllqEh7eyy5D_xsWHpXN_LiEs79d6u0f1TzA8givW6NElk-W-j2yv0bT2xG1_ePUOBiSC7_Pp2rT1UfYIzfE3qLmwGmowO8jsJqCIGA1yYzFPZA9hiTVPyJF-oYANVs5qJoyZb8pEPQ6oaLC9nYlgtRKBBz&q={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2016-05-23] (IObit)
BHO: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine\22.12.1.15\coIEPlg.dll [2018-03-02] (Symantec Corporation)
BHO-x32: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine32\22.12.1.15\coIEPlg.dll [2018-03-02] (Symantec Corporation)
BHO-x32: IObit Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Advanced SystemCare\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2017-08-04] (IObit)
BHO-x32: IObit Ads Removal -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files (x86)\IObit\Advanced SystemCare\Surfing Protection\Adblock\Adblock.dll [2016-06-23] (IObit)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine\22.12.1.15\coIEPlg.dll [2018-03-02] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine32\22.12.1.15\coIEPlg.dll [2018-03-02] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-3956248472-2550150166-470528241-1001 -> Pas de nom - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - Pas de fichier
Toolbar: HKU\S-1-5-21-3956248472-2550150166-470528241-1001 -> Pas de nom - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Pas de fichier
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\mcsniepl64.dll [2016-11-21] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2016-11-21] (McAfee, Inc.)
FF Extension: (IObit Surfing Protection & Ads Removal) - C:\Users\tode\AppData\Roaming\Mozilla\Firefox\Profiles\kej2hw71.default\Extensions\ascsurfingprotectionnew@iobit.com.xpi [2016-10-18] [Legacy]
FF ProfilePath: C:\Users\tode\AppData\Roaming\Firefox\Firefox\Profiles\nf6scteo.default [2017-06-05] <==== ATTENTION
FF Homepage: Firefox\Firefox\Profiles\nf6scteo.default -> hxxp://www.searchinme.com/
FF SearchPlugin: C:\Users\tode\AppData\Roaming\Firefox\Firefox\Profiles\nf6scteo.default\searchplugins\startsearch.xml [2017-05-24]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.5.1.7\coFFPlgn => non trouvé(e)
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2017-01-05] [Legacy] [non signé]
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\npmcsnffpl64.dll [2016-11-21] ()
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [Pas de fichier]
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\npmcsnffpl.dll [2016-11-21] ()
FF Plugin HKU\S-1-5-21-3956248472-2550150166-470528241-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\tode\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2017-05-18] (Unity Technologies ApS)
CHR HomePage: Default -> hxxp://www.nicesearches.com?type=hp&ts=1475915827&from=fb081008&uid=wdcxwd10ezex-60m2na0_wd-wcc3f7vnufahnufah&z=a55b2b44d6a87bfa5988d54g1zfm8wbt8gbw9m4b9b
CHR StartupUrls: Default -> "hxxp://www.nicesearches.com?type=hp&ts=1475915827&from=fb081008&uid=wdcxwd10ezex-60m2na0_wd-wcc3f7vnufahnufah&z=a55b2b44d6a87bfa5988d54g1zfm8wbt8gbw9m4b9b"
CHR DefaultSearchURL: Default -> hxxp://www-searching.com/search.aspx?site=shdefault1&prd=smw&pid=s&shr=d&q={searchTerms}&s=G8Ozftpbl0cshmoBU,be1c5a92-aff4-4c88-a07f-f1a92dfdf97b,
CHR DefaultSearchKeyword: Default -> www-searching.com
CHR DefaultSuggestURL: Default -> hxxp://api.searchpredict.com/api/?rqtype=ffplugin&siteID=8661&dbCode=1&command={searchTerms}
CHR Extension: (Norton Security Toolbar) - C:\Users\tode\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2018-03-07]
CHR Extension: (Norton Identity Safe) - C:\Users\tode\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2017-12-23]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.12.1.15\Exts\Chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.12.1.15\Exts\Chrome.crx
HKU\.DEFAULT\...\StartMenuInternet\ChromeHTML: -> C:\Program Files (x86)\Jarhair\Application\chrome.exe <==== ATTENTION
HKU\S-1-5-21-3956248472-2550150166-470528241-1001\...\StartMenuInternet\ChromeHTML: -> C:\Program Files (x86)\Eggper\Application\chrome.exe (Google Inc.) <==== ATTENTION
HKU\S-1-5-18\...\StartMenuInternet\ChromeHTML: -> C:\Program Files (x86)\Jarhair\Application\chrome.exe <==== ATTENTION
R2 AdvancedSystemCareService11; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [1058080 2017-12-11] (IObit)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [882464 2015-11-04] (IObit)
R2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [360736 2016-10-28] (IObit)
R2 IOTUpdaterSvc; C:\Program Files (x86)\IOTransfer\Updater\IOTUpdater.exe [3176632 2018-03-09] (IOTransfer)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2960672 2016-04-28] (IObit)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [994848 2016-11-21] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [332528 2014-03-12] (McAfee, Inc.)
R2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.9.829.0\\McCSPServiceHost.exe [1910000 2016-05-31] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [816128 2016-06-21] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232688 2016-04-26] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [382456 2016-08-02] (McAfee, Inc.)
R2 mfevtp; C:\windows\system32\mfevtps.exe [277744 2016-04-26] (McAfee, Inc.)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1454216 2016-09-13] (McAfee, Inc.)
S3 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R2 NortonSecurity; C:\Program Files (x86)\Norton Security\Engine\22.12.1.15\NortonSecurity.exe [328712 2018-03-03] (Symantec Corporation)
R2 SMService; C:\Program Files (x86)\IObit\Classic Start\SMService.exe [1077520 2018-01-25] (IObit)
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [996824 2017-02-06] (McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16248 2017-02-06] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.Exe [86864 2017-02-06] (McAfee, Inc.)
R1 BHDrvx64; C:\Program Files (x86)\Norton Security\NortonData\22.11.2.7\Definitions\BASHDefs\20180326.001\BHDrvx64.sys [1879632 2018-02-09] (Symantec Corporation)
R1 ccSet_NGC; C:\windows\system32\drivers\NGCx64\160C010.00F\ccSetx64.sys [187544 2018-03-02] (Symantec Corporation)
R3 cfwids; C:\windows\System32\drivers\cfwids.sys [78632 2016-08-02] (McAfee, Inc.)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [507984 2018-03-23] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153168 2018-03-24] (Symantec Corporation)
R3 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2015-03-25] (IObit)
S3 HipShieldK; C:\windows\System32\drivers\HipShieldK.sys [216704 2016-08-02] (McAfee, Inc.)
R1 IDSVia64; C:\Program Files (x86)\Norton Security\NortonData\22.11.2.7\Definitions\IPSDefs\20180329.065\IDSvia64.sys [1056920 2018-01-06] (Symantec Corporation)
R3 iobit_monitor_server; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\Monitor_win7_x64.sys [14680 2016-12-21] (IObit)
S1 iSafeKrnl; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [0 2018-03-23] () <==== ATTENTION (zéro octet Fichier/Dossier) <==== ATTENTION
R1 iSafeKrnlKit; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [110112 2016-05-23] (Elex do Brasil Participações Ltda) <==== ATTENTION
R1 iSafeKrnlMon; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [52440 2016-05-23] (Elex do Brasil Participações Ltda) <==== ATTENTION
R1 iSafeNetFilter; C:\windows\System32\DRIVERS\iSafeNetFilter.sys [52392 2016-05-19] (Elex do Brasil Participações Ltda) <==== ATTENTION
R3 mfeaack; C:\windows\System32\drivers\mfeaack.sys [419624 2016-08-02] (McAfee, Inc.)
R3 mfeavfk; C:\windows\System32\drivers\mfeavfk.sys [349480 2016-08-02] (McAfee, Inc.)
S0 mfeelamk; C:\windows\System32\drivers\mfeelamk.sys [83608 2016-08-02] (McAfee, Inc.)
R3 mfefirek; C:\windows\System32\drivers\mfefirek.sys [493352 2016-08-02] (McAfee, Inc.)
R0 mfehidk; C:\windows\System32\drivers\mfehidk.sys [843048 2016-08-02] (McAfee, Inc.)
R3 mfencbdc; C:\windows\System32\DRIVERS\mfencbdc.sys [519456 2016-08-01] (McAfee, Inc.)
S3 mfencrk; C:\windows\System32\DRIVERS\mfencrk.sys [100136 2016-08-01] (McAfee, Inc.)
R0 mfewfpk; C:\windows\System32\drivers\mfewfpk.sys [243496 2016-08-02] (McAfee, Inc.)
R0 SmartDefragDriver; C:\windows\System32\Drivers\SmartDefragDriver.sys [21360 2016-03-22] (IObit)
R1 SRTSP; C:\windows\System32\Drivers\NGCx64\160C010.00F\SRTSP64.SYS [817816 2018-03-02] (Symantec Corporation)
R1 SRTSPX; C:\windows\system32\drivers\NGCx64\160C010.00F\SRTSPX64.SYS [49304 2018-03-02] (Symantec Corporation)
R0 SymEFASI; C:\windows\System32\drivers\NGCx64\160C010.00F\SYMEFASI64.SYS [1942168 2018-03-02] (Symantec Corporation)
S0 SymELAM; C:\windows\System32\drivers\NGCx64\160C010.00F\SymELAM.sys [24608 2018-03-02] (Symantec Corporation)
R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [102552 2018-02-20] (Symantec Corporation)
R1 SymIRON; C:\windows\system32\drivers\NGCx64\160C010.00F\Ironx64.SYS [307864 2018-03-02] (Symantec Corporation)
R1 SymNetS; C:\windows\System32\Drivers\NGCx64\160C010.00F\SYMNETS.SYS [566936 2018-03-02] (Symantec Corporation)
U3 aswbdisk; pas de ImagePath
S3 cpuz138; \??\C:\Users\tode\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [X] <==== ATTENTION
U2 CWASRE; pas de ImagePath
S3 dbx; system32\DRIVERS\dbx.sys [X]
S1 NetUtils2016; \??\C:\windows\system32\drivers\NetUtils2016.sys [X] <==== ATTENTION
S4 nvlddmkm; \SystemRoot\system32\DRIVERS\nvlddmkm.sys [X]
S1 p1481106710am; \??\C:\Users\tode\AppData\Local\Temp\bkB4E.tmp\p1481106710am.sys [X] <==== ATTENTION
S1 p1481292973am; \??\C:\Users\tode\AppData\Local\Temp\bk9C9B.tmp\p1481292973am.sys [X] <==== ATTENTION
S1 p1483097046am; \??\C:\Users\tode\AppData\Local\Temp\bk694B.tmp\p1483097046am.sys [X] <==== ATTENTION
S1 p1484582936am; \??\C:\Users\tode\AppData\Local\Temp\bkC6C.tmp\p1484582936am.sys [X] <==== ATTENTION
S1 p1485339738am; \??\C:\Users\tode\AppData\Local\Temp\bk4758.tmp\p1485339738am.sys [X] <==== ATTENTION
S1 p1485339899am; \??\C:\Users\tode\AppData\Local\Temp\bkB75E.tmp\p1485339899am.sys [X] <==== ATTENTION
S1 p1486205859am; \??\C:\Users\tode\AppData\Local\Temp\bk4F8B.tmp\p1486205859am.sys [X] <==== ATTENTION
S1 p1486252125am; \??\C:\Users\tode\AppData\Local\Temp\bk437B.tmp\p1486252125am.sys [X] <==== ATTENTION
S1 p1486396207am; \??\C:\Users\tode\AppData\Local\Temp\bkAF9F.tmp\p1486396207am.sys [X] <==== ATTENTION
S1 p1486474885am; \??\C:\Users\tode\AppData\Local\Temp\bk5633.tmp\p1486474885am.sys [X] <==== ATTENTION
S1 p1486474991am; \??\C:\Users\tode\AppData\Local\Temp\bkF453.tmp\p1486474991am.sys [X] <==== ATTENTION
S1 p1486475044am; \??\C:\Users\tode\AppData\Local\Temp\bkC119.tmp\p1486475044am.sys [X] <==== ATTENTION
S1 p1486482351am; \??\C:\Users\tode\AppData\Local\Temp\bk3F45.tmp\p1486482351am.sys [X] <==== ATTENTION
S1 p1486936324am; \??\C:\Users\tode\AppData\Local\Temp\bk1654.tmp\p1486936324am.sys [X] <==== ATTENTION
S1 p1487068961am; \??\C:\Users\tode\AppData\Local\Temp\bk4BDC.tmp\p1487068961am.sys [X] <==== ATTENTION
S1 p1487070963am; \??\C:\Users\tode\AppData\Local\Temp\bkDE61.tmp\p1487070963am.sys [X] <==== ATTENTION
S1 p1487076466am; \??\C:\Users\tode\AppData\Local\Temp\bk67D.tmp\p1487076466am.sys [X] <==== ATTENTION
S1 p1487076572am; \??\C:\Users\tode\AppData\Local\Temp\bkA4FA.tmp\p1487076572am.sys [X] <==== ATTENTION
S1 p1487087403am; \??\C:\Users\tode\AppData\Local\Temp\bkA420.tmp\p1487087403am.sys [X] <==== ATTENTION
S1 p1487087509am; \??\C:\Users\tode\AppData\Local\Temp\bk45F8.tmp\p1487087509am.sys [X] <==== ATTENTION
S1 p1487087662am; \??\C:\Users\tode\AppData\Local\Temp\bk9D17.tmp\p1487087662am.sys [X] <==== ATTENTION
S1 p1487186264am; \??\C:\Users\tode\AppData\Local\Temp\bk7242.tmp\p1487186264am.sys [X] <==== ATTENTION
S1 p1487861826am; \??\C:\Users\tode\AppData\Local\Temp\bk96.tmp\p1487861826am.sys [X] <==== ATTENTION
S1 p1487862046am; \??\C:\Users\tode\AppData\Local\Temp\bk59F2.tmp\p1487862046am.sys [X] <==== ATTENTION
S1 p1487862166am; \??\C:\Users\tode\AppData\Local\Temp\bk2D2B.tmp\p1487862166am.sys [X] <==== ATTENTION
S1 p1488369027am; \??\C:\Users\tode\AppData\Local\Temp\bk23AF.tmp\p1488369027am.sys [X] <==== ATTENTION
S1 p1488369225am; \??\C:\Users\tode\AppData\Local\Temp\bk3758.tmp\p1488369225am.sys [X] <==== ATTENTION
S1 p1488570446am; \??\C:\Users\tode\AppData\Local\Temp\bkE377.tmp\p1488570446am.sys [X] <==== ATTENTION
S1 p1488974040am; \??\C:\Users\tode\AppData\Local\Temp\bk1924.tmp\p1488974040am.sys [X] <==== ATTENTION
S1 p1489147256am; \??\C:\Users\tode\AppData\Local\Temp\bk3753.tmp\p1489147256am.sys [X] <==== ATTENTION
U2 snare; pas de ImagePath
S3 X6va035; \??\C:\windows\SysWOW64\Drivers\X6va035 [X]
S3 X6va062; \??\C:\windows\SysWOW64\Drivers\X6va062 [X]
S3 xhunter1; \??\C:\windows\xhunter1.sys [X]
2018-04-02 16:30 - 2018-04-02 16:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2018-04-02 12:38 - 2018-04-02 12:39 - 015333512 _____ (Piriform Ltd) C:\Users\tode\Downloads\ccsetup541 (1).exe
2018-04-02 12:38 - 2018-04-02 12:38 - 015333512 _____ (Piriform Ltd) C:\Users\tode\Downloads\ccsetup541.exe
2018-04-02 11:34 - 2018-04-02 11:57 - 306673592 _____ (NVIDIA Corporation) C:\Users\tode\Downloads\342.01-desktop-win8-win7-winvista-64bit-international (1).exe
2018-04-01 18:33 - 2018-04-01 18:42 - 115663799 _____ (NVIDIA Corporation) C:\Users\tode\Downloads\340.52-desktop-win8-win7-winvista-64bit-international-whql (1).exe.crdownload
2018-03-26 17:11 - 2018-03-26 17:11 - 000001148 _____ C:\Users\Public\Desktop\IOTransfer 2.lnk
2018-03-07 13:22 - 2018-04-01 17:35 - 000003218 _____ C:\windows\System32\Tasks\Norton WSC Integration
2018-03-07 13:22 - 2018-03-07 13:22 - 000002336 _____ C:\Users\Public\Desktop\Norton Security.lnk
2018-03-07 13:22 - 2018-03-07 13:22 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2018-04-02 16:25 - 2017-12-23 04:51 - 000000000 ____D C:\ProgramData\Norton
2018-04-02 12:30 - 2017-02-15 12:54 - 000000000 _____ C:\Users\tode\Downloads\iOrbit.exe
2018-04-01 17:35 - 2018-01-28 11:00 - 000003248 _____ C:\windows\System32\Tasks\Driver Booster Scheduler
2018-04-01 17:35 - 2017-01-02 22:24 - 000003068 _____ C:\windows\System32\Tasks\McAfeeLogon
2018-03-26 17:11 - 2018-02-19 17:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IOTransfer 2
2018-03-25 08:16 - 2018-01-26 19:03 - 000002285 _____ C:\Users\Public\Desktop\Advanced SystemCare 11.lnk
2018-03-07 13:31 - 2018-02-21 00:43 - 000000000 ____D C:\windows\System32\Tasks\Norton Security
2018-03-07 13:24 - 2018-02-20 12:07 - 000000000 ____D C:\windows\system32\Drivers\NGCx64
AV: Norton Security (Enabled - Up to date) {E3FDBD9F-8140-1400-F32B-8B58923F7C4D}
AV: Protection antivirus et antispyware McAfee (Disabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Norton Security (Enabled - Up to date) {589C5C7B-A77A-1B8E-C99B-B02AE9B836F0}
AS: IObit Malware Fighter (Enabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}
AS: Protection antivirus et antispyware McAfee (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: Pare-feu McAfee (Disabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}
FW: Norton Security (Enabled) {DBC63CBA-CB2F-1558-D874-226D6CEC3B36}
Advanced SystemCare 11 (HKLM-x32\...\Advanced SystemCare_is1) (Version: 11.1.0 - IObit)
AlphaConsole version 8.0 (HKLM-x32\...\{83CB5404-7E78-4B1F-B0D5-A8D0FCDA9B7D}_is1) (Version: 8.0 - AlphaConsole)
AlphaGo (HKLM-x32\...\{118B6258-BF13-47C9-8D46-B2A349196B5D}) (Version: 1.0.0 - Default Company Name) <==== ATTENTION
AlphaGo (HKLM-x32\...\{2C652C0A-EC71-4797-8077-F67649177AB0}) (Version: 1.0.2 - Default Company Name) <==== ATTENTION
AlphaGo (HKLM-x32\...\{51639FCA-678F-4D71-8044-E16E3D49187F}) (Version: 1.0.7 - Default Company Name) <==== ATTENTION
AlphaGo (HKLM-x32\...\{97D2FBF4-72CF-4DD6-8DA8-26710BC7BE71}) (Version: 1.1.0 - Default Company Name) <==== ATTENTION
AlphaGo (HKLM-x32\...\{B20B3A3C-91E3-4326-8A0F-B3C012574F8C}) (Version: 1.1.2 - Default Company Name) <==== ATTENTION
AlphaGo (HKLM-x32\...\{B7CB7055-EFAE-4CD2-928A-15DB5F4FF7C7}) (Version: 1.2.5 - AlphaGo) <==== ATTENTION
amuleC (HKLM-x32\...\{0F7B5011-72EC-493D-A7BF-546591047E8E}) (Version: 1.0.2 - amuleC) <==== ATTENTION
amuleC (HKLM-x32\...\{19539992-061C-4E8B-9053-07B175303AF4}) (Version: 1.0.1 - amuleC) <==== ATTENTION
amuleC (HKLM-x32\...\{418DDAC3-E16C-47C2-B5FE-4FBCAB0E10D0}) (Version: 1.0.0 - amuleC) <==== ATTENTION
aMuleCustom (HKLM-x32\...\{58C69614-BB4F-4E55-BF6B-AFCB0B7377DB}) (Version: 1.0.1 - walalala co) <==== ATTENTION
amulesw (HKLM-x32\...\{7CC4BD9A-10F3-432B-A037-AE9FCE1F9B64}) (Version: 1.0.8 - amules) <==== ATTENTION
BikaQ Rss (HKLM-x32\...\{3678D164-84DB-4F73-AFD6-916342E10764}) (Version: 3.0.17 - BikaQ) <==== ATTENTION
BikaQ Rss Reader (HKLM-x32\...\{56B2B28A-E663-4D28-84A3-3846068A7D63}) (Version: 1.0.0 - BikaQ) <==== ATTENTION
Caster (HKLM\...\{d35e5e88-e5b8-447f-b6f4-66bc7aa638d1}) (Version: 1.0 - Caster) <==== ATTENTION
Chromium (HKU\S-1-5-21-3956248472-2550150166-470528241-1001\...\Chromium) (Version: 46.0.2472.0 - Chromium)
Gameo (HKU\S-1-5-21-3956248472-2550150166-470528241-1001\...\Gameo) (Version: 0.14.1 - IronSource Ltd.) <==== ATTENTION
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Host Service (HKU\S-1-5-21-3956248472-2550150166-470528241-1001\...\Host Service) (Version: - ) <==== ATTENTION
InterHop (HKLM-x32\...\{A0275D4F-FFAB-4A42-9874-B871B1C4CA3D}) (Version: 1.0.0 - InterHop) <==== ATTENTION
IObit Malware Fighter 3 (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 3.4 - IObit)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 6.1.0.418 - IObit)
IOTransfer 2 (HKLM-x32\...\IOTransfer_is1) (Version: 2.1.0.5272 - IOTransfer)
Itibiti RTC (HKLM-x32\...\{730E03E4-350E-48E5-9D3E-4329903D454D}) (Version: 0.0.1 - Itibiti Inc) Hidden <==== ATTENTION
Key Presser 2.1.6.2 (HKLM-x32\...\{A74CA1C1-AE87-46CB-BF3B-3E7BB192222B}_is1) (Version: - Robot-Soft.com, Inc.)
KNCTR (HKLM-x32\...\Itibiti_is1) (Version: - Itibiti Inc.) <==== ATTENTION
Norton Security (HKLM-x32\...\NGC) (Version: 22.12.1.15 - Symantec Corporation)
Search Provided by Yahoo (HKLM-x32\...\YahooProvidedSearch) (Version: - ) <==== ATTENTION
Search the Web (Yahoo) (HKLM-x32\...\a92e2408) (Version: - ) <==== ATTENTION
Setup (HKLM-x32\...\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}) (Version: - ) <==== ATTENTION
Smart Defrag 5 (HKLM-x32\...\Smart Defrag_is1) (Version: 5.2.0 - IObit)
Sound+ (HKLM\...\SoundPlus) (Version: 1.0 - ) <==== ATTENTION
Spybot Anti-Beacon (HKLM-x32\...\{419A7FCF-93E1-474D-BFE9-987CF3F90C88}_is1) (Version: 1.6 - Safer-Networking Ltd.)
SrpnFiles (HKU\S-1-5-21-3956248472-2550150166-470528241-1001\...\SrpnFiles) (Version: 29.16.34 - hxxps://www.www.springfile.biz) <==== ATTENTION
Start Menu 8 (HKLM-x32\...\IObit_StartMenu8_is1) (Version: 4.2.0.2 - IObit)
WinSnare (HKLM-x32\...\{2D7A9DE0-A61B-4555-9E44-8485AE3DB8A8}) (Version: 4.0.4 - WinSnare) <==== ATTENTION
WINSNARE (HKLM-x32\...\{56D19032-B59F-4020-994B-15912A49CD96}) (Version: 4.4.6 - WINSNARE) <==== ATTENTION
Unity Web Player (HKU\S-1-5-21-3956248472-2550150166-470528241-1001\...\UnityWebPlayer) (Version: 5.3.8f2 - Unity Technologies ApS)
YAC(Yet Another Cleaner!) (HKLM-x32\...\iSafe) (Version: - ELEX DO BRASIL PARTICIPAÇÕES LTDA) <==== ATTENTION
Yahoo! Powered (HKLM-x32\...\winsearch) (Version: - ) <==== ATTENTION
youndoo - Uninstall (HKLM-x32\...\{6FFDF83E-3EBF-49BC-B07B-0026CC4F3531}) (Version: - ) <==== ATTENTION
youndoo - Uninstall (HKLM-x32\...\{D65AA75A-EFD7-4EAA-BC01-8C65009FA758}) (Version: - ) <==== ATTENTION
HKU\S-1-5-21-3956248472-2550150166-470528241-1001\...\ChromeHTML
C:\Program Files (x86)\Eggper\Application\chrome.exe (Google Inc.) <==== ATTENTION
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} =>
C:\Program Files (x86)\Norton Security\Engine\22.12.1.15\buShell.dll [2018-03-02] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} =>
C:\Program Files (x86)\Norton Security\Engine\22.12.1.15\buShell.dll [2018-03-02] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} =>
C:\Program Files (x86)\Norton Security\Engine\22.12.1.15\buShell.dll [2018-03-02] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} =>
C:\Program Files (x86)\Norton Security\Engine\22.12.1.15\buShell.dll [2018-03-02] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} =>
C:\Program Files (x86)\Norton Security\Engine\22.12.1.15\buShell.dll [2018-03-02] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} =>
C:\Program Files (x86)\Norton Security\Engine\22.12.1.15\buShell.dll [2018-03-02] (Symantec Corporation)
ContextMenuHandlers1: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} =>
C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2017-09-26] (IObit)
ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} =>
C:\Program Files (x86)\Norton Security\Engine\22.12.1.15\buShell.dll [2018-03-02] (Symantec Corporation)
ContextMenuHandlers1: [iFunVideoConverter] -> {AF8FA9C9-9907-463e-BDC3-4CC1200D6310} => C:\Program Files (x86)\IObit\Classic Start\IObitStartMenuExtension.dll [2018-01-25] (IObit)
ContextMenuHandlers1: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2015-01-09] (IObit)
ContextMenuHandlers1: [IobitStartMenu] -> {AF8FA9C9-9907-463e-BDC3-4CC1200D6310} =>
C:\Program Files (x86)\IObit\Classic Start\IObitStartMenuExtension.dll [2018-01-25] (IObit)
ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} =>
C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2016-05-23] (IObit)
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} =>
c:\Program Files\mcafee\msc\mcctxmenufrmwrk.dll [2016-11-21] (McAfee, Inc.)
ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} =>
C:\windows\System32\IObitSmartDefragExtension.dll [2016-03-25] (IObit)
ContextMenuHandlers1: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} =>
C:\Program Files (x86)\Norton Security\Engine\22.12.1.15\NavShExt.dll [2018-03-02] (Symantec Corporation)
ContextMenuHandlers2: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} =>
C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2017-09-26] (IObit)
ContextMenuHandlers2: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} =>
C:\Program Files (x86)\Norton Security\Engine\22.12.1.15\NavShExt.dll [2018-03-02] (Symantec Corporation)
ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => -> Pas de fichier
ContextMenuHandlers4: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} =>
C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2017-09-26] (IObit)
ContextMenuHandlers4: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} =>
C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2015-01-09] (IObit)
ContextMenuHandlers4: [IobitStartMenu] -> {AF8FA9C9-9907-463e-BDC3-4CC1200D6310} =>
C:\Program Files (x86)\IObit\Classic Start\IObitStartMenuExtension.dll [2018-01-25] (IObit)
ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} =>
C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2016-05-23] (IObit)
ContextMenuHandlers4-x32: [WinZipper] -> {DC638EEA-2BA2-4459-9C46-85A2F0BE6040} => -> Pas de fichier
ContextMenuHandlers6: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2015-01-09] (IObit)
ContextMenuHandlers6: [IobitStartMenu] -> {AF8FA9C9-9907-463e-BDC3-4CC1200D6310} => C:\Program Files (x86)\IObit\Classic Start\IObitStartMenuExtension.dll [2018-01-25] (IObit)
ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2016-05-23] (IObit)
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} =>
c:\Program Files\mcafee\msc\mcctxmenufrmwrk.dll [2016-11-21] (McAfee, Inc.)
ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} =>
C:\windows\System32\IObitSmartDefragExtension.dll [2016-03-25] (IObit)
ContextMenuHandlers6: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} =>
C:\Program Files (x86)\Norton Security\Engine\22.12.1.15\NavShExt.dll [2018-03-02] (Symantec Corporation)
ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => -> Pas de fichier
ContextMenuHandlers6-x32: [WinZipper] -> {DC638EEA-2BA2-4459-9C46-85A2F0BE6040} => -> Pas de fichier
Task: {06C05CF3-6D13-49C3-878C-7A48FAC7948C} - System32\Tasks\StartMenu8_Start =>
C:\Program Files (x86)\IObit\Classic Start\Start_Active.exe [2018-01-25] ()
Task: {0A5102CB-B3FE-4501-BB5A-7E664B86136C} - System32\Tasks\Driver Booster SkipUAC (tode) =>
C:\Program Files (x86)\IObit\Driver Booster\5.2.0\DriverBooster.exe [2018-01-11] (IObit)
Task: {1DD4BA16-8E5E-4EB6-9A3A-2F4ABDB0738C} - System32\Tasks\Norton Security\Norton Security Error Analyzer =>
C:\Program Files (x86)\Norton Security\Engine\22.12.1.15\SymErr.exe [2018-03-02] (Symantec Corporation)
Task: {297DBE80-8082-42A9-AD4E-FE2E7597C93F} - System32\Tasks\{5E83FAD8-7A6F-4CEB-8D37-512EFF0D3C57} =>
C:\windows\system32\pcalua.exe -a "C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanionInstaller.exe" -c --uninstall
Task: {45C661AF-B753-49D6-9E20-16F1CD0FD7E8} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2017-04-12] (TODO: )
Task: {48982693-4903-48C0-B15A-8468375A2893} - System32\Tasks\ASC11_SkipUac_tode =>
C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe [2017-12-12] (IObit)
Task: {4E8C0C58-0449-43F1-AF32-04B66080CAB9} - System32\Tasks\Remediation\AntimalwareMigrationTask =>
C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [2018-03-02] Symantec Corporation)
Task: {5755E18E-B0A8-4FAF-A937-724CED634C1D} - System32\Tasks\PED_Torrent_Search => C:\ProgramData\Torrent_Search_PED\rundll32.exe VsuhDd9.dll,#67 <==== ATTENTION
Task: {7106DED3-8646-4125-B476-ED8031ABE29E} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {717A9EA0-0ADA-496E-B078-8D4D7F60EC6F} - System32\Tasks\gameo_update => C:\Users\tode\AppData\Roaming\Gameo\gameo.exe [2015-07-04] () <==== ATTENTION
Task: {72E8A2F9-7FCC-4860-9F52-69013DA79312} - System32\Tasks\SmartDefrag_Startup =>
C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe [2016-07-27] (IObit)
Task: {76CAC4EA-554A-46EE-A560-AEA6F3E15818} - System32\Tasks\Milimili => C:\Program Files (x86)\MIO\MIO.exe [2017-05-17] () <==== ATTENTION
Task: {7E23F882-FD84-49AE-8A19-D49254A3FB36} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\platform\McUICnt.exe [2016-09-20] (McAfee, Inc.)
Task: {8FBD4885-937C-44C8-9415-F8448E1B0B0E} - \SMW_UpdateTask_Time_3635323538343436362d415b343437414545785a5a6c -> Pas de fichier <==== ATTENTION
Task: {9FA13EBC-3290-474C-B160-4F974D6C6B8D} - System32\Tasks\Safer-Networking\Spybot Anti-Beacon\Refresh Anti-Beacon immunization =>
C:\Program Files (x86)\Spybot Anti-Beacon\SDAntiBeacon.exe [2016-11-11] (Safer-Networking Ltd.)
Task: {AB4CC723-B735-4B4D-B54A-D10A2F8ADB12} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {B10FFB23-FA9C-44B1-B30A-E098299DFDCE} - System32\Tasks\Norton Security\Norton Security Error Processor =>
C:\Program Files (x86)\Norton Security\Engine\22.12.1.15\SymErr.exe [2018-03-02] (Symantec Corporation)
Task: {B46D7379-1777-46F5-ADE1-337FD1CA2312} - System32\Tasks\Uninstaller_SkipUac_tode =>
C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2016-12-15] (IObit)
Task: {B6C22B6A-653D-4C03-A95E-BF6F3B3E606A} - System32\Tasks\ASC11_PerformanceMonitor =>
C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe [2017-12-07] (IObit)
Task: {BE3CDB07-2751-435E-BBF8-CFECA9F7D68F} - System32\Tasks\SmartDefrag_AutoAnalyze =>
C:\Program Files (x86)\IObit\Smart Defrag\AutoDefrag.exe [2016-06-06] (IObit)
Task: {BF8E1B8E-E76B-494B-8EB8-B99F361AE4DB} - System32\Tasks\SmartDefrag_Update =>
C:\Program Files (x86)\IObit\Smart Defrag\AutoUpdate.exe [2016-07-22] (IObit)
Task: {CBAD0142-6E44-414A-BB67-8B87A8517E42} - System32\Tasks\update-S-1-5-21-3956248472-2550150166-470528241-1001 =>
C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2017-04-12] (TODO: )
Task: {D7EEEC80-7E02-4D76-85FF-52C246A2A9FB} - System32\Tasks\Windows-PG => C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe C:\windows\psgo\psgo.ps1 <==== ATTENTION
Task: {E44523AA-3A3F-4539-9EB4-4B00B1F6E2C8} - System32\Tasks\Norton WSC Integration =>
C:\Program Files (x86)\Norton Security\Engine\22.12.1.15\WSCStub.exe [2018-03-02] (Symantec Corporation)
Task: {F713F2CB-9F27-4157-A3F4-D15F93E9B30D} - System32\Tasks\Driver Booster Scheduler =>
C:\Program Files (x86)\IObit\Driver Booster\5.2.0\Scheduler.exe [2017-12-11] (IObit)
Task: C:\windows\Tasks\PED_Torrent_Search.job => C:\ProgramData\Torrent_Search_PED\rundll32.exeVsuhDd9.dll <==== ATTENTION
Task: C:\windows\Tasks\StartMenu8_Start.job => C:\Program Files (x86)\IObit\Classic Start\Start_Active.exe
Task: C:\windows\Tasks\Uninstaller_SkipUac_tode.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: C:\windows\Tasks\update-S-1-5-21-3956248472-2550150166-470528241-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
WMI_ActiveScriptEventConsumer_ASEC: <==== ATTENTION
ShortcutWithArgument: C:\Users\tode\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mail.Ru.lnk -> C:\windows\System32\rundll32.exe (Microsoft Corporation) -> url,FileProtocolHandler "hxxp://www.mail.ru/cnt/20775012?gp=811008"
2017-01-02 22:22 - 2016-10-25 01:31 - 000508368 _____ () C:\Program Files\Common Files\McAfee\Sustainability\GenericPlugin.dll
2015-12-19 23:45 - 2015-01-09 19:46 - 000517408 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\sqlite3.dll
2017-01-21 11:52 - 2016-06-21 20:30 - 000442144 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2017-01-21 11:52 - 2016-06-21 20:29 - 000210720 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2017-01-21 11:52 - 2016-06-21 20:29 - 000059680 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2015-12-19 21:09 - 2015-11-06 13:05 - 000618784 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2016-08-24 22:33 - 2016-01-11 17:03 - 000899872 _____ () C:\Program Files (x86)\IObit\Smart Defrag\webres.dll
2016-08-24 22:33 - 2016-01-11 17:02 - 000630048 _____ () C:\Program Files (x86)\IObit\Smart Defrag\ProductStatistics.dll
2018-01-26 19:03 - 2016-08-18 19:43 - 000442144 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\madExcept_.bpl
2018-01-26 19:03 - 2016-08-18 19:43 - 000210720 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\madBasic_.bpl
2018-01-26 19:03 - 2016-08-18 19:43 - 000059680 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\madDisAsm_.bpl
2018-01-26 19:03 - 2017-08-04 14:44 - 000082720 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\GetProcessDLL.dll
2018-02-26 12:29 - 2018-01-26 12:05 - 000275560 _____ () C:\Program Files (x86)\IObit\Classic Start\sqlite3.dll
2018-02-26 12:29 - 2018-01-25 15:54 - 000059664 _____ () C:\Program Files (x86)\IObit\Classic Start\parseAuto.dll
2018-02-26 12:29 - 2018-01-26 12:04 - 000355600 _____ () C:\Program Files (x86)\IObit\Classic Start\madExcept_.bpl
2018-02-26 12:29 - 2018-01-26 12:04 - 000190224 _____ () C:\Program Files (x86)\IObit\Classic Start\madBasic_.bpl
2018-02-26 12:29 - 2018-01-26 12:04 - 000057616 _____ () C:\Program Files (x86)\IObit\Classic Start\madDisAsm_.bpl
2018-02-26 12:29 - 2018-01-25 15:56 - 000047888 _____ () C:\Program Files (x86)\IObit\Classic Start\winkey.dll
2017-01-21 11:52 - 2015-12-28 14:50 - 000899872 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\webres.dll
2017-01-21 11:52 - 2016-09-26 14:59 - 000631072 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\ProductStatistics.dll
2018-01-26 19:03 - 2017-06-10 16:33 - 000631584 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\ProductStatistics.dll
2015-12-19 23:44 - 2015-03-27 16:39 - 000182080 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\unrar.dll
2015-12-19 23:44 - 2015-01-09 19:46 - 000145184 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\zlibwapi.dll
2015-12-19 23:45 - 2014-10-16 11:26 - 000622880 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\ProductStatistics.dll
FirewallRules: [{505702CF-6209-41FC-B19D-7198744C1567}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [TCP Query User{4668C888-6084-470B-AA7B-0A3CF92CA8FE}C:\users\tode\appdata\roaming\cacaoweb\cacaoweb.exe] => (Allow) C:\users\tode\appdata\roaming\cacaoweb\cacaoweb.exe
FirewallRules: [UDP Query User{09CEA77C-4D51-4A1F-A0E1-D9B16B6EC739}C:\users\tode\appdata\roaming\cacaoweb\cacaoweb.exe] => (Allow) C:\users\tode\appdata\roaming\cacaoweb\cacaoweb.exe
FirewallRules: [TCP Query User{5FA91901-E426-447B-A239-46A0A1E9E31D}C:\users\tode\appdata\roaming\cacaoweb\cacaoweb.exe] => (Block) C:\users\tode\appdata\roaming\cacaoweb\cacaoweb.exe
FirewallRules: [UDP Query User{1635544A-D067-4467-B690-ADA0C21C86EF}C:\users\tode\appdata\roaming\cacaoweb\cacaoweb.exe] => (Block) C:\users\tode\appdata\roaming\cacaoweb\cacaoweb.exe
FirewallRules: [{DDBD17C4-E37B-4906-9F51-380C10524B46}] => (Allow) C:\Program Files (x86)\Itibiti Soft Phone\Itibiti.exe
FirewallRules: [{396BB139-7737-43EF-AEF1-92F2F82AD011}] => (Allow) C:\Program Files (x86)\Itibiti Soft Phone\Itibiti.exe
FirewallRules: [{7AACD3EF-332B-4591-890F-4AF2665A8109}] => (Allow) C:\Program Files (x86)\IObit\Advanced SystemCare\Surfing Protection\FFNativeMessage.exe
FirewallRules: [{87F17F6F-B00C-4367-AFDD-B5CDD6E304C4}] => (Allow) C:\Program Files (x86)\IObit\Advanced SystemCare\Surfing Protection\FFNativeMessage.exe
FirewallRules: [{BA694CB3-126A-44A4-A949-C8E94FEAC749}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.2.0\DriverBooster.exe
FirewallRules: [{55D579FC-9577-4179-A6DE-DF6432BC677C}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.2.0\DriverBooster.exe
FirewallRules: [{3B4BB6E9-F431-4B6D-9E22-1DC18934C8F7}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.2.0\DBDownloader.exe
FirewallRules: [{EBE686C9-E2E5-41BC-B711-CD294ADA1663}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.2.0\DBDownloader.exe
FirewallRules: [{288C0026-E24D-4B46-8F3F-AECD59C7E58A}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.2.0\AutoUpdate.exe
FirewallRules: [{B12D9A98-8AAF-4BAF-8BBF-0B3FE4E68940}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.2.0\AutoUpdate.exe
RemoveProxy:
Hosts:
EmptyTemp:
RemoveProxy:
Reboot:

Signaler le contenu de ce document