start CloseProcesses: CreateRestorePoint: HKU\S-1-5-21-3720113905-2448826761-1402061820-1001\...\Run: [Chromium] => c:\users\anthony\appdata\local\chromium\application\chrome.exe [1068544 2016-03-18] (The Chromium Authors) SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx S3 xhunter1; C:\WINDOWS\xhunter1.sys [36808 2016-06-09] (Wellbia.com Co., Ltd.) C:\WINDOWS\xhunter1.sys 0D85D274C6E267457FF1E3ABB0D57683 ContextMenuHandlers01: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> Pas de fichier ContextMenuHandlers04: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Pas de fichier Task: {08BF1D79-8E4D-438A-ACB9-6CBFFB4CD0FF} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Pas de fichier <==== ATTENTION Task: {09AAED2A-8FF6-42E2-B531-797EB52C9027} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Pas de fichier <==== ATTENTION Task: {4A864B4E-33CE-4DA9-807D-3BC21455127B} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Pas de fichier <==== ATTENTION Task: {8ABF52AB-E74B-4921-909E-BE4DD7533E3B} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Pas de fichier <==== ATTENTION Task: {8EE40775-8B4B-4BD6-A92D-48000851EDCD} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Pas de fichier <==== ATTENTION Task: {A70B7D07-0B6B-4057-9955-22A9D119509F} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Pas de fichier <==== ATTENTION Task: {B0A0308C-CBA7-423D-A038-6CB189D0B256} - \Microsoft\Windows\Setup\gwx\rundetector -> Pas de fichier <==== ATTENTION Task: {CB070BBB-9313-4320-96B6-E939EA173123} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Pas de fichier <==== ATTENTION Task: {D10E60C2-9C69-4B42-95D6-A436EF74F871} - System32\Tasks\{9AE1FBDD-2661-489D-97DC-A3FA6879A2E4} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\Anthony\AppData\Local\{C06FF633-E4C7-9A8B-895F-BF63AD3743FB}\uninst.exe -c -FN="C:\Users\Anthony\AppData\Local\{C032F689-E560-9BFF-8E56-BC2D52844113}\HelperUpdate.exe"-P=/Uninstall /s /noun /DelSelfDir Task: {D2EC5F23-3C5B-4126-80FF-1F4BDDEB9845} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Pas de fichier <==== ATTENTION Task: {DCD8EA8D-A739-438C-9987-2789DA0E892D} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Pas de fichier <==== ATTENTION Task: {F8028CB8-87FE-4F38-B5D4-1F6F5E93A24A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Pas de fichier <==== ATTENTION HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2087264 2014-09-11] (Wondershare) HKU\S-1-5-21-3720113905-2448826761-1402061820-1001\...\StartupApproved\Run: => "Chromium" HKLM\...\StartupApproved\StartupFolder: => "WinZip Préchargeur.lnk" HKLM\...\StartupApproved\StartupFolder: => "FAH.lnk" HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe" FirewallRules: [UDP Query User{43256DC5-AC8C-408A-9C56-22485E503640}C:\program files (x86)\bitcomet\bitcomet.exe] => (Allow) C:\program files (x86)\bitcomet\bitcomet.exe FirewallRules: [TCP Query User{817ADE79-5A65-45EA-BEC1-08E00F4ED461}C:\program files (x86)\bitcomet\bitcomet.exe] => (Allow) C:\program files (x86)\bitcomet\bitcomet.exe C:\Program Files (x86)\BitComet\BitComet.exe FirewallRules: [{64FD2A86-B589-4FA4-9378-B1911CD295F5}] => (Allow) C:\Users\Anthony\AppData\Local\Chromium\Application\chrome.exe FirewallRules: [{93E0C9CC-4844-4618-B532-1F2A654393A0}] => (Allow) D:\SteamLibrary\steamapps\common\Ultimate Booster Experience\UltimateBooster(SteamVR)\UltimateBooster.exe FirewallRules: [{D6980F13-8B1F-4450-B443-8A952440FD3A}] => (Allow) D:\SteamLibrary\steamapps\common\Ultimate Booster Experience\UltimateBooster(SteamVR)\UltimateBooster.exe FirewallRules: [{230A795A-5104-434F-AA21-CF8D009E9D39}] => (Allow) D:\SteamLibrary\steamapps\common\Ultimate Booster Experience\UltimateBooster(Oculus)\UltimateBooster.exe FirewallRules: [{1AAA106D-E943-4118-A79B-B20DEA94284C}] => (Allow) D:\SteamLibrary\steamapps\common\Ultimate Booster Experience\UltimateBooster(Oculus)\UltimateBooster.exe EmptyTemp: end