start:: CreateRestorePoint: CloseProcesses: ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> Pas de fichier ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Pas de fichier Task: {4D8C8CA0-8C38-45B6-A2C7-BF8668983AAC} - System32\Tasks\{ADC9135B-53BB-4D83-B7FE-ED923AE492D2} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files\ByteFence\ByteFence.exe" -c /uninstall C:\Program Files\ByteFence Task: {7CE3A6C3-3730-4C8D-81BB-40129F3A6C1C} - \Ghovucultliviied -> Pas de fichier <==== ATTENTION Task: {56CABCDA-FCD0-4070-8F78-933A25F72399} - System32\Tasks\Driver Booster SkipUAC (Jason) => C:\Program Files (x86)\IObit\Driver Booster\5.0.3\DriverBooster.exe [2017-10-11] (IObit) Task: {8EE5A14B-94D4-49B1-AF95-F7E1CAB52A0C} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\5.0.3\Scheduler.exe [2017-08-30] (IObit) C:\Program Files (x86)\IObit Task: {B80920BA-BDAC-4B1F-A98F-446015558F7C} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Pas de fichier <==== ATTENTION Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\{1FBA2EF6-951B-BB92-EE2F-59999C1B72C5}.job => C:\PROGRA~2\COMMON~1\1FBA2E~1\Sync.exe Task: {AABAA028-0C95-4288-92AF-013BD5531756} - System32\Tasks\{1FBA2EF6-951B-BB92-EE2F-59999C1B72C5} => C:\PROGRA~2\COMMON~1\1FBA2E~1\Sync.exe FirewallRules: [{57CD0FB3-4D8B-4BC0-95E9-AFDD189F862C}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe FirewallRules: [{EDE99B9F-A1CC-4508-A358-BA602FE50C61}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe FirewallRules: [{C3B5D8A6-C64A-472E-B034-2D3BA98CAB2A}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.0.3\DriverBooster.exe FirewallRules: [{43A962FC-7E96-4F2B-8510-65C8B74B3E9E}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.0.3\DriverBooster.exe FirewallRules: [{8ECBB9D3-F9A2-4E27-8DC9-D550BE22860C}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.0.3\DBDownloader.exe FirewallRules: [{079F6E59-B969-4A11-9DA9-24540769888B}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.0.3\DBDownloader.exe FirewallRules: [{EC55F424-B508-4E96-8FC5-0315E954FF37}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.0.3\AutoUpdate.exe FirewallRules: [{B4146CB7-E43D-4A4A-90D5-D96AE59D286B}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.0.3\AutoUpdate.exe HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION GroupPolicy: Restriction <==== ATTENTION SearchScopes: HKU\S-1-5-21-1006525404-3962306342-3869324399-1000 -> {62416CD3-9480-4833-90E3-971D3D371F86} URL = hxxps://fr.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default SearchScopes: HKU\S-1-5-21-1006525404-3962306342-3869324399-1000 -> {D8250735-63A6-4463-9BCE-F44250CA122F} URL = CHR HomePage: Default -> hxxp://www.ourluckysites.com/?type=hp&ts=1491918704&z=569f970d2d7b6631d8aaa8cgcz6tfg4t7g8bcqeq3b&from=che0812&uid=ST1000DM003-1CH162_Z1D9SV38XXXXZ1D9SV38 CHR StartupUrls: Default -> "hxxps://www.google.fr/","hxxp://www.ourluckysites.com/?type=hp&ts=1491918704&z=569f970d2d7b6631d8aaa8cgcz6tfg4t7g8bcqeq3b&from=che0812&uid=ST1000DM003-1CH162_Z1D9SV38XXXXZ1D9SV38","hxxps://www.google.com/" CHR HKLM\...\Chrome\Extension: [ehlceeijggpdgfcefmipcmdelickjgfg] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-1006525404-3962306342-3869324399-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ehlceeijggpdgfcefmipcmdelickjgfg] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [ehlceeijggpdgfcefmipcmdelickjgfg] - hxxps://clients2.google.com/service/update2/crx C:\Windows\Tasks\{1FBA2EF6-951B-BB92-EE2F-59999C1B72C5}.job VirusTotal: c:\windows\system32\cdp.dll EmptyTemp: end::