start
CreateRestorePoint:
processes:
ShortcutWithArgument: C:\Users\sylvie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\c456cdbb761aea36\Chromium.lnk -> C:\Users\sylvie\AppData\Local\Chromium\Application\chrome.exe (The Chromium Authors) -> --profile-directory=Default 
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://istart.webssearches.com/?type=sc&ts=1415992551&from=obw&uid=HGSTXHTS541075A9E680_JD13021X0R14LK0R14LKX 
ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://istart.webssearches.com/?type=sc&ts=1415992551&from=obw&uid=HGSTXHTS541075A9E680_JD13021X0R14LK0R14LKX 
FirewallRules: [{5A58157F-9729-4DEB-88C2-4C26A57D9127}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe 
FirewallRules: [{6C0AFCEA-EA36-4AF0-BCB1-20D5DF504802}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe 
FirewallRules: [{9CBDB688-1560-4EC3-B3C4-13B86FD1A88A}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe 
FirewallRules: [{99AB5382-1059-45AC-AAEB-E32736E99DF9}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe 
FirewallRules: [{CFD60C7C-E78D-4FA3-BAA9-6277CFD878B9}] => (Allow) C:\Program Files (x86)\WinZip Driver Updater\winzipdu.exe 
FirewallRules: [{940B6747-EE8E-4FA8-A133-ACE723198FBE}] => (Allow) C:\Program Files (x86)\PremierOpinion\pmropn.exe 
FirewallRules: [{58E58365-F06B-4D0F-A69C-B284F3B933B2}] => (Allow) C:\Program Files (x86)\PremierOpinion\pmropn.exe 
FirewallRules: [TCP Query User{8907C7A8-E39F-494C-98F5-394B14B6A77F}C:\program files (x86)\premieropinion\pmropn.exe] => (Allow) C:\program files (x86)\premieropinion\pmropn.exe 
FirewallRules: [UDP Query User{C155672A-48A1-40F6-971B-BEAE99A4AA6D}C:\program files (x86)\premieropinion\pmropn.exe] => (Allow) C:\program files (x86)\premieropinion\pmropn.exe 
Tcpip\..\Interfaces\{50d0d3f5-bacb-41b2-873f-9e5272b1fb12}: [DhcpNameServer] 40.53.1.201 40.53.1.203 
HKU\S-1-5-21-3171498348-899153843-2897168466-1001\...\Run: [Chromium] => c:\users\sylvie\appdata\local\chromium\application\chrome.exe [1068544 2016-03-18] (The Chromium Authors) 
GroupPolicy: Restriction <==== ATTENTION 
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1415992551&from=obw&uid=HGSTXHTS541075A9E680_JD13021X0R14LK0R14LKX&q={searchTerms} 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1415992551&from=obw&uid=HGSTXHTS541075A9E680_JD13021X0R14LK0R14LKX&q={searchTerms} 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://v9.com?type=hp&ts=1450260648&from=mych123&uid=hgstxhts541075a9e680_jd13021x0r14lk0r14lkx&z=18a8496e945296fa6db6e20gazbw3e2o8q6ebq6z1b 
HKU\S-1-5-21-3171498348-899153843-2897168466-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.delta-homes.com/web/?type=ds&ts=1418202324&from=wpm12103&uid=HGSTXHTS541075A9E680_JD13021X0R14LK0R14LKX&q={searchTerms} 
HKU\S-1-5-21-3171498348-899153843-2897168466-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://v9.com?type=hp&ts=1450260648&from=mych123&uid=hgstxhts541075a9e680_jd13021x0r14lk0r14lkx&z=18a8496e945296fa6db6e20gazbw3e2o8q6ebq6z1b 
HKU\S-1-5-21-3171498348-899153843-2897168466-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.delta-homes.com/web/?type=ds&ts=1418202324&from=wpm12103&uid=HGSTXHTS541075A9E680_JD13021X0R14LK0R14LKX&q={searchTerms} 
SearchScopes: HKLM -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = 
SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = 
SearchScopes: HKLM-x32 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = 
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1415992551&from=obw&uid=HGSTXHTS541075A9E680_JD13021X0R14LK0R14LKX&q={searchTerms} 
SearchScopes: HKU\S-1-5-21-3171498348-899153843-2897168466-1001 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms} 
SearchScopes: HKU\S-1-5-21-3171498348-899153843-2897168466-1001 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = 
SearchScopes: HKU\S-1-5-21-3171498348-899153843-2897168466-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms} 
SearchScopes: HKU\S-1-5-21-3171498348-899153843-2897168466-1001 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = 
SearchScopes: HKU\S-1-5-21-3171498348-899153843-2897168466-1001 -> {8ec1716d-5640-4e76-aec3-f1eba6f2503d} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms} 
SearchScopes: HKU\S-1-5-21-3171498348-899153843-2897168466-1001 -> {90C6C18C-4D3C-4CDE-BFDC-24475FFD75D1} URL = hxxps://fr.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default 
SearchScopes: HKU\S-1-5-21-3171498348-899153843-2897168466-1001 -> {92F8242F-C250-4532-9A75-3DBE94433B92} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms} 
SearchScopes: HKU\S-1-5-21-3171498348-899153843-2897168466-1001 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms} 
FF user.js: detected! => C:\Users\sylvie\AppData\Roaming\Mozilla\Firefox\Profiles\qnwes9cy.default\user.js [2016-03-14] 
FF NewTab: Mozilla\Firefox\Profiles\qnwes9cy.default -> chrome://quick_start/content/index.html 
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\qnwes9cy.default -> nice 
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\qnwes9cy.default -> nice 
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\qnwes9cy.default -> nice 
FF Homepage: Mozilla\Firefox\Profiles\qnwes9cy.default -> hxxp://www.nicesearches.com?type=hp&ts=1459155889&from=10637238&uid=hgstxhts541075a9e680_jd13021x0r14lk0r14lkx&z=f8f486b605fe600bbdc230ag1z2w4tcgdw7w0bcbbb 
FF Extension: (xRocket Toolbar) - C:\Users\sylvie\AppData\Roaming\Mozilla\Firefox\Profiles\qnwes9cy.default\Extensions\arthurj8283@gmail.com [2015-05-12] [non signé] 
FF Extension: (Default NewTab) - C:\Users\sylvie\AppData\Roaming\Mozilla\Firefox\Profiles\qnwes9cy.default\Extensions\default_newtabff@gmail.com [2015-12-21] [non signé] 
FF Extension: (Default SearchProtected ) - C:\Users\sylvie\AppData\Roaming\Mozilla\Firefox\Profiles\qnwes9cy.default\Extensions\defsearchp@gmail.com.xpi [2015-12-21] [non signé] 
FF Extension: (QuickSearch) - C:\Users\sylvie\AppData\Roaming\Mozilla\Firefox\Profiles\qnwes9cy.default\Extensions\quick_searchff@gmail.com [2015-05-28] [non signé] 
FF Extension: (Search Enginer) - C:\Users\sylvie\AppData\Roaming\Mozilla\Firefox\Profiles\qnwes9cy.default\Extensions\sweetsearch@gmail.com [2015-06-17] [non signé] 
FF Extension: (YahooToolsProtected ) - C:\Users\sylvie\AppData\Roaming\Mozilla\Firefox\Profiles\qnwes9cy.default\Extensions\yahooprotected@gmail.com.xpi [2015-12-21] [non signé] 
FF SearchPlugin: C:\Users\sylvie\AppData\Roaming\Mozilla\Firefox\Profiles\qnwes9cy.default\searchplugins\nice-.xml [2016-04-06] 
FF SearchPlugin: C:\Users\sylvie\AppData\Roaming\Mozilla\Firefox\Profiles\qnwes9cy.default\searchplugins\v9-.xml [2015-12-21] 
FF Extension: (Nouvel onglet de Yahoo) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\jid1-G80Ec8LLEbK5fQ@jetpack.xpi [2015-11-24] [non signé] 
FF HKLM-x32\...\Firefox\Extensions: [arthurj8283@gmail.com] - C:\Users\sylvie\AppData\Roaming\Mozilla\Firefox\Profiles\qnwes9cy.default\extensions\arthurj8283@gmail.com 
FF HKLM-x32\...\Firefox\Extensions: [quick_searchff@gmail.com] - C:\Users\sylvie\AppData\Roaming\Mozilla\Firefox\Profiles\qnwes9cy.default\extensions\quick_searchff@gmail.com 
FF HKLM-x32\...\Firefox\Extensions: [sweetsearch@gmail.com] - C:\Users\sylvie\AppData\Roaming\Mozilla\Firefox\Profiles\qnwes9cy.default\extensions\sweetsearch@gmail.com 
FF HKLM-x32\...\Firefox\Extensions: [default_newtabff@gmail.com] - C:\Users\sylvie\AppData\Roaming\Mozilla\Firefox\Profiles\qnwes9cy.default\extensions\default_newtabff@gmail.com 
FF HKLM-x32\...\Firefox\Extensions: [defsearchp@gmail.com] - C:\Users\sylvie\AppData\Roaming\Mozilla\Firefox\Profiles\qnwes9cy.default\extensions\defsearchp@gmail.com => non trouvé(e) 
FF HKLM-x32\...\Firefox\Extensions: [{C7AE725D-FA5C-4027-BB4C-787EF9F8248A}] - C:\Program Files (x86)\PremierOpinion\firefox 
FF Extension: (PremierOpinion) - C:\Program Files (x86)\PremierOpinion\firefox [2017-05-02] [non signé] 
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\delta-homes.xml [2015-05-28] 
CHR HomePage: Default -> search.ask.com 
CHR StartupUrls: Default -> "hxxp://www.nicesearches.com/?type=hp&ts=1459155889&from=10637238&uid=hgstxhts541075a9e680_jd13021x0r14lk0r14lkx&z=f8f486b605fe600bbdc230ag1z2w4tcgdw7w0bcbbb","hxxp://free/" 
CHR Extension: (Shopping App by Ask) - C:\Users\sylvie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaahaeginbdcckocjkhbciadcafnep [2015-12-25] 
CHR Extension: (Ask Search) - C:\Users\sylvie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaahlfahldnilidgnlikdckbfehhca [2015-11-14] 
CHR Extension: (Sidivvkafe) - C:\Users\sylvie\AppData\Local\Google\Chrome\User Data\Default\Extensions\agfeochobejeklielppmobimhfoloapp [2017-06-01] 
CHR Extension: (Ask Web Search) - C:\Users\sylvie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkbpfdkbpbckgkcelkfjjhepmdcdmahi [2017-04-29] 
CHR Extension: (Zwinky) - C:\Users\sylvie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehjkfdmkpocpileolmldepapdjbfegei [2015-02-13] 
CHR Extension: (Golfimedl) - C:\Users\sylvie\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkhibdlheikpabfgmocknknpegdofdii [2017-06-07] 
CHR Extension: (Headie) - C:\Users\sylvie\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn [2015-05-01] 
CHR Extension: (Colors palette for Facebook) - C:\Users\sylvie\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkcipgeajgpafoplebkdklfighbmihpn [2015-10-02] 
CHR Extension: (PremierOpinion) - C:\Users\sylvie\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle [2017-05-02] 
CHR Extension: (Security Protection) - C:\Users\sylvie\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh [2015-06-03] 
CHR HKLM\...\Chrome\Extension: [aaaaahaeginbdcckocjkhbciadcafnep] - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\aaaaahaeginbdcckocjkhbciadcafnep.crx [2015-05-26] 
CHR HKLM\...\Chrome\Extension: [aaaaahlfahldnilidgnlikdckbfehhca] - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\aaaaahlfahldnilidgnlikdckbfehhca.crx [2015-05-26] 
CHR HKLM\...\Chrome\Extension: [noajmlkipclmeolfcnflkjhijkigpfjh] - C:\Users\sylvie\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh.crx [2014-12-10] 
CHR HKLM\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx 
CHR HKU\S-1-5-21-3171498348-899153843-2897168466-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx 
CHR HKLM-x32\...\Chrome\Extension: [aaaaahaeginbdcckocjkhbciadcafnep] - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\aaaaahaeginbdcckocjkhbciadcafnep.crx [2015-05-26] 
CHR HKLM-x32\...\Chrome\Extension: [aaaaahlfahldnilidgnlikdckbfehhca] - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\aaaaahlfahldnilidgnlikdckbfehhca.crx [2015-05-26] 
CHR HKLM-x32\...\Chrome\Extension: [fabhkdeopjkcpkmofliimbjckmocfiom] - hxxps://clients2.google.com/service/update2/crx 
CHR HKLM-x32\...\Chrome\Extension: [mkndcbhcgphcfkkddanakjiepeknbgle] - C:\Program Files (x86)\PremierOpinion\pmcm.crx [2017-05-02] 
CHR HKLM-x32\...\Chrome\Extension: [noajmlkipclmeolfcnflkjhijkigpfjh] - C:\Users\sylvie\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh.crx [2014-12-10] 
CHR HKLM-x32\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx 
R2 PremierOpinion; C:\Program Files (x86)\PremierOpinion\pmservice.exe [204736 2017-03-13] (VoiceFive, Inc.) <==== ATTENTION 
2017-06-13 20:55 - 2017-06-03 08:08 - 00080078 _____ C:\WINDOWS\system32\normidna.nls 
2017-06-05 09:15 - 2017-06-05 09:32 - 00000140 _____ C:\WINDOWS\Reimage.ini 
2017-07-04 09:54 - 2017-05-01 16:44 - 00000000 ____D C:\Program Files (x86)\PremierOpinion 
2014-06-22 14:41 - 2014-06-22 14:47 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log 
2014-06-22 14:40 - 2014-06-22 14:41 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log 
2017-05-01 16:13 - 2017-05-01 16:14 - 0995248 _____ ( ) C:\Users\sylvie\AppData\Local\Temp\ICReinstall_HDVideoPlayer.exe 
C:\Program Files\Common Files\mcafee
C:\Program Files (x86)\WinZip Driver Updater
c:\users\sylvie\appdata\local\chromium
emptytemp:
end