start
CreateRestorePoint:
CloseProcesses:
Task: {21A857EC-09DF-43AC-B301-A2DC476F08AD} - System32\Tasks\AmiUpdXp => C:\Users\Chris\AppData\Local\29162\Updater.exe [2015-11-18] () <==== ATTENTION
C:\Users\Chris\AppData\Local\29162
Task: {45ED2FAF-CFE6-4A4B-BEE6-50BE2A1E3EA1} - System32\Tasks\Palikan moci => C:\Windows\system32\wscript.exe [2009-07-14] (Microsoft Corporation)
Task: C:\Windows\Tasks\AmiUpdXp.job => C:\Users\Chris\AppData\Local\29162\Updater.exe <==== ATTENTION
AppInit_DLLs-x32: C:\PROGRA~3\{F2F91~1\201~1.9\moci.dll => Pas de fichier
HKU\S-1-5-21-2239301738-3973958401-513106048-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.palikan.com/?f=1&a=plk_mlvi_15_47&cd=2XzuyEtN2Y1L1Qzu0B0CyD0F0FyEyC0E0B0AtD0C0FtAzytAtN0D0Tzu0StCyEtCyDtN1L2XzutAtFtCyEtFtDtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StB0CtAzzzz0FyE0EtGtD0DyC0DtGyCtByB0CtGyDtDyB0EtG0Ezy0B0DyEtD0FtDzzzz0ByD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StA0EyB0EyC0FyEyDtGyC0DyCyEtGyE0A0CyCtGzyyBzzyEtGtAtAzytBtD0EyC0EtCtAtC0F2QtN0A0LzuyE&cr=1738876078&ir=
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.palikan.com/results.php?f=4&q={searchTerms}&a=plk_mlvi_15_47&cd=2XzuyEtN2Y1L1Qzu0B0CyD0F0FyEyC0E0B0AtD0C0FtAzytAtN0D0Tzu0StCyEtCyDtN1L2XzutAtFtCyEtFtDtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StB0CtAzzzz0FyE0EtGtD0DyC0DtGyCtByB0CtGyDtDyB0EtG0Ezy0B0DyEtD0FtDzzzz0ByD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StA0EyB0EyC0FyEyDtGyC0DyCyEtGyE0A0CyCtGzyyBzzyEtGtAtAzytBtD0EyC0EtCtAtC0F2QtN0A0LzuyE&cr=1738876078&ir=
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.palikan.com/results.php?f=4&q={searchTerms}&a=plk_mlvi_15_47&cd=2XzuyEtN2Y1L1Qzu0B0CyD0F0FyEyC0E0B0AtD0C0FtAzytAtN0D0Tzu0StCyEtCyDtN1L2XzutAtFtCyEtFtDtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StB0CtAzzzz0FyE0EtGtD0DyC0DtGyCtByB0CtGyDtDyB0EtG0Ezy0B0DyEtD0FtDzzzz0ByD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StA0EyB0EyC0FyEyDtGyC0DyCyEtGyE0A0CyCtGzyyBzzyEtGtAtAzytBtD0EyC0EtCtAtC0F2QtN0A0LzuyE&cr=1738876078&ir=
SearchScopes: HKU\S-1-5-21-2239301738-3973958401-513106048-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.palikan.com/results.php?f=4&q={searchTerms}&a=plk_mlvi_15_47&cd=2XzuyEtN2Y1L1Qzu0B0CyD0F0FyEyC0E0B0AtD0C0FtAzytAtN0D0Tzu0StCyEtCyDtN1L2XzutAtFtCyEtFtDtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StB0CtAzzzz0FyE0EtGtD0DyC0DtGyCtByB0CtGyDtDyB0EtG0Ezy0B0DyEtD0FtDzzzz0ByD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StA0EyB0EyC0FyEyDtGyC0DyCyEtGyE0A0CyCtGzyyBzzyEtGtAtAzytBtD0EyC0EtCtAtC0F2QtN0A0LzuyE&cr=1738876078&ir=
SearchScopes: HKU\S-1-5-21-2239301738-3973958401-513106048-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.palikan.com/results.php?f=4&q={searchTerms}&a=plk_mlvi_15_47&cd=2XzuyEtN2Y1L1Qzu0B0CyD0F0FyEyC0E0B0AtD0C0FtAzytAtN0D0Tzu0StCyEtCyDtN1L2XzutAtFtCyEtFtDtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StB0CtAzzzz0FyE0EtGtD0DyC0DtGyCtByB0CtGyDtDyB0EtG0Ezy0B0DyEtD0FtDzzzz0ByD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StA0EyB0EyC0FyEyDtGyC0DyCyEtGyE0A0CyCtGzyyBzzyEtGtAtAzytBtD0EyC0EtCtAtC0F2QtN0A0LzuyE&cr=1738876078&ir=
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
CHR HomePage: Default -> hxxp://www.palikan.com/?f=1&a=plk_mlvi_15_47&cd=2XzuyEtN2Y1L1Qzu0B0CyD0F0FyEyC0E0B0AtD0C0FtAzytAtN0D0Tzu0StCyEtCyDtN1L2XzutAtFtCyEtFtDtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StB0CtAzzzz0FyE0EtGtD0DyC0DtGyCtByB0CtGyDtDyB0EtG0Ezy0B0DyEtD0FtDzzzz0ByD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StA0EyB0EyC0FyEyDtGyC0DyCyEtGyE0A0CyCtGzyyBzzyEtGtAtAzytBtD0EyC0EtCtAtC0F2QtN0A0LzuyE&cr=1738876078&ir=
CHR StartupUrls: Default -> "hxxp://www.palikan.com/?f=7&a=plk_mlvi_15_47&cd=2XzuyEtN2Y1L1Qzu0B0CyD0F0FyEyC0E0B0AtD0C0FtAzytAtN0D0Tzu0StCyEtCyDtN1L2XzutAtFtCyEtFtDtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StB0CtAzzzz0FyE0EtGtD0DyC0DtGyCtByB0CtGyDtDyB0EtG0Ezy0B0DyEtD0FtDzzzz0ByD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StA0EyB0EyC0FyEyDtGyC0DyCyEtGyE0A0CyCtGzyyBzzyEtGtAtAzytBtD0EyC0EtCtAtC0F2QtN0A0LzuyE&cr=1738876078&ir=","hxxp://www.google.com/"
CHR DefaultSearchURL: Default -> hxxp://www.palikan.com/results.php?f=4&q={searchTerms}&a=plk_mlvi_15_47&cd=2XzuyEtN2Y1L1Qzu0B0CyD0F0FyEyC0E0B0AtD0C0FtAzytAtN0D0Tzu0StCyEtCyDtN1L2XzutAtFtCyEtFtDtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StB0CtAzzzz0FyE0EtGtD0DyC0DtGyCtByB0CtGyDtDyB0EtG0Ezy0B0DyEtD0FtDzzzz0ByD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StA0EyB0EyC0FyEyDtGyC0DyCyEtGyE0A0CyCtGzyyBzzyEtGtAtAzytBtD0EyC0EtCtAtC0F2QtN0A0LzuyE&cr=1738876078&ir=
CHR DefaultSearchKeyword: Default -> palikan.com
CHR Extension: (Palikan New Tab) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljibkigjccbegnbeojkoafejpoiachej [2015-12-18]
CHR HKLM\...\Chrome\Extension: [ljibkigjccbegnbeojkoafejpoiachej] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2239301738-3973958401-513106048-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ljibkigjccbegnbeojkoafejpoiachej] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ljibkigjccbegnbeojkoafejpoiachej] - hxxps://clients2.google.com/service/update2/crx
S1 wfdrvr_vt_1_10_0_28; system32\drivers\wfdrvr_vt_1_10_0_28.sys [X]
EmptyTemp:
end