Posté le 16 décembre 2018
Télécharger | Reposter | Largeur fixe

start::
CreateRestorePoint:
CloseProcesses:
Hosts:
RemoveProxy:
EmptyTemp:
HKLM-x32\...\Run: [Boxore Client] => C:\Program Files (x86)\Boxore\Boxore Client\boxore.exe
HKU\S-1-5-21-529793163-1823889777-3392212690-1001\...\Run: [cacaoweb] => C:\Users\USER1\AppData\Roaming\cacaoweb\cacaoweb.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2018-12-16]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.895\SSScheduler.exe (McAfee, Inc.)
GroupPolicy: Restriction - Chrome <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM -> {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp://start.mysearchdial.com/results.php?f=
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
SearchScopes: HKLM -> {f7bb050c-e116-44da-89c2-6f2b68c54836} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=
SearchScopes: HKLM-x32 -> {f7bb050c-e116-44da-89c2-6f2b68c54836} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=
SearchScopes: HKU\S-1-5-21-529793163-1823889777-3392212690-1001 -> {27CE9472-361B-4510-8223-82F6E6F0B516} URL = hxxp://search.conduit.com/Results.aspx?ctid=
SearchScopes: HKU\S-1-5-21-529793163-1823889777-3392212690-1001 -> {545A7CF9-4203-4F1E-9ACF-BC4C59E3500A} URL = hxxp://q.search-simple.com/?affID=na&q=
SearchScopes: HKU\S-1-5-21-529793163-1823889777-3392212690-1001 -> {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp://start.mysearchdial.com/results.php?f=4&q=
SearchScopes: HKU\S-1-5-21-529793163-1823889777-3392212690-1001 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://Vosteran.com/results.php?f=4&q=
BHO-x32: Pas de nom -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> Pas de fichier
BHO-x32: mysearchdial Helper Object -> {EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} -> C:\Program Files (x86)\Mysearchdial\1.8.29.0\bh\mysearchdial.dll
BHO-x32: Boxore Client -> {EFA7A511-B491-4312-BB35-4586B99E45ED} -> C:\Program Files (x86)\Boxore\Boxore Client\IE\AdRotate32.dll
Toolbar: HKLM-x32 - mysearchdial Toolbar - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\Program Files (x86)\Mysearchdial\1.8.29.0\mysearchdialTlbr.dll
FF HKU\S-1-5-21-529793163-1823889777-3392212690-1001\...\Firefox\Extensions: [{76aa785e-0ace-46d5-ba82-ee5f1b429703}] - C:\Program Files (x86)\LyricsWoofer\133.xpi => non trouvé(e)
FF HKU\S-1-5-21-529793163-1823889777-3392212690-1001\...\Firefox\Extensions: [{828c786a-e911-4821-aabd-a58eff0dcf02}] - C:\Program Files (x86)\BlockAndSurf Corp\158.xpi => non trouvé(e)
CHR HKLM\...\Chrome\Extension: [iagcajndpnfncplednpbnkahadegklfa] - C:\Users\USER1\AppData\Local\speedial.crx [2014-04-23]
CHR HKLM\...\Chrome\Extension: [ihokndmjeombjojnfkmapfnjeghjohim] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-529793163-1823889777-3392212690-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [iagcajndpnfncplednpbnkahadegklfa] - C:\Users\USER1\AppData\Local\speedial.crx
CHR HKU\S-1-5-21-529793163-1823889777-3392212690-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ihokndmjeombjojnfkmapfnjeghjohim] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-529793163-1823889777-3392212690-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iagcajndpnfncplednpbnkahadegklfa] - C:\Users\USER1\AppData\Local\speedial.crx
CHR HKLM-x32\...\Chrome\Extension: [ihokndmjeombjojnfkmapfnjeghjohim] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - hxxps://clients2.google.com/service/update2/crx
CHR crx: C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\default_apps\search.crx
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.895\McCHSvc.exe
S3 Software_update_m; C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe
R2 StartMenuService; C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe
U5 AppMgmt; C:\windows\system32\svchost.exe [29696 2012-09-20] (Microsoft Corporation) <==== ATTENTION (pas de ServiceDLL)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 SMUpdd; \??\C:\Program Files\Common Files\Goobzo\GBUpdate\smw.sys [X] <==== ATTENTION
S2 SPDRIVER_1.35.1.155; \??\C:\Program Files (x86)\ShopperPro\JSDriver\1.35.1.155\jsdrv.sys [X]
2018-12-16 17:11 - 2018-12-16 17:11 - 000000000 ____D C:\windows\System32\Tasks\Avast Software
2018-12-16 17:11 - 2018-12-16 17:11 - 000000000 ____D C:\Users\USER1\AppData\Local\ZHP
2018-12-16 17:10 - 2018-12-16 17:10 - 003099520 _____ C:\Users\USER1\Downloads\ZHPCleaner.exe
2018-12-16 17:08 - 2018-12-16 17:08 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2018-12-16 17:00 - 2018-12-16 17:00 - 000000000 ____D C:\Program Files\AVAST Software
2018-12-16 16:59 - 2018-12-16 17:08 - 000000000 ____D C:\ProgramData\AVAST Software
2018-12-16 16:07 - 2018-12-16 16:07 - 000001975 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2018-12-16 16:07 - 2018-12-16 16:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2018-12-16 16:06 - 2018-12-16 16:09 - 000000000 ____D C:\ProgramData\McAfee Security Scan
2018-12-16 16:22 - 2015-04-12 16:21 - 000000000 ____D C:\Users\USER1\AppData\Roaming\uTorrent
2018-12-16 16:07 - 2014-06-01 14:45 - 000000000 ____D C:\Program Files\McAfee Security Scan
2018-12-16 16:07 - 2013-12-21 10:31 - 000000000 ____D C:\ProgramData\McAfee
2013-04-04 16:40 - 2014-06-10 20:44 - 000003818 _____ () C:\Users\USER1\AppData\Roaming\Bubble Dock.boostrap.log
2013-04-04 16:41 - 2014-06-10 20:44 - 000044344 _____ () C:\Users\USER1\AppData\Roaming\Bubble Dock.installation.log
2014-04-23 17:23 - 2014-04-23 17:23 - 000358193 _____ () C:\Users\USER1\AppData\Local\speedial.crx
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier
ContextMenuHandlers1: [WinZipper] -> {4F622628-7632-4B28-B184-D7BA0CA3273B} => -> Pas de fichier
ContextMenuHandlers6: [WinZipper] -> {4F622628-7632-4B28-B184-D7BA0CA3273B} => -> Pas de fichier
Task: {20E6CEE6-A09B-4045-B035-DD6C8FE39B90} - \Yahoo! Search Updater -> Pas de fichier
Task: {2902B01D-2594-43BE-A0F8-0142BB6E92D5} - \Sense-updater -> Pas de fichier
Task: {2E2108B7-7C70-4DEC-A5FF-8DB6C4F7C39A} - \Sense-codedownloader -> Pas de fichier
Task: {2F81E0AA-20FA-4545-8972-0677AE184199} - \iWebar-chromeinstaller -> Pas de fichier
Task: {3BAC7E9B-E887-47D6-AFBA-D278A8A3ED96} - \iWebar-firefoxinstaller -> Pas de fichier
Task: {3D017580-557E-490D-B9E1-98FCE4BE6298} - System32\Tasks\YTDownloaderUpd => C:\Program Files (x86)\YTDownloader\updater.exe
Task: {4B223ACC-2A77-4DF5-8850-12EFF9766E19} - \iWebar-codedownloader -> Pas de fichier
Task: {4F7F6B3E-371B-43BB-B61A-390F4A476853} - \Yahoo! Search -> Pas de fichier
Task: {53AC0324-DF88-4D97-BB0D-36A65EAEE881} - \APSnotifierPP1 -> Pas de fichier
Task: {5E393096-0EBD-468A-AB82-3DA754F912E1} - \APSnotifierPP2 -> Pas de fichier
Task: {61764E6A-D248-4D7A-BD5D-A23378B76862} - \APSnotifierPP3 -> Pas de fichier
Task: {62944F8B-681E-4BBC-B2D1-93F7D74C4690} - \Sense-firefoxinstaller -> Pas de fichier
Task: {647015E4-86D2-44DA-B7A6-70EA8849E34B} - \iWebar-enabler -> Pas de fichier
Task: {665449F7-519F-40AE-80A0-0702B2A3AD34} - System32\Tasks\SMW_UpdateTask_Time_333333333231363934392d3237575a236c6c3255342a41 => wscript.exe //B "C:\ProgramData\MyBing\smhe.js" smu.exe /invoke /f:check_services /l:0
Task: {676DC8D6-FD6E-407D-8A7B-C47293BBF03E} - System32\Tasks\StartMenuAutoupdate => C:\Program Files (x86)\IObit\Start Menu 8\AutoUpdate.exe
Task: {6B770DBA-E027-4512-94B2-B77E81F7C5F7} - \ShopperProJSUpd -> Pas de fichier
Task: {6C81EE85-AC7C-4ACC-AEA1-7FA2358F9CC9} - System32\Tasks\SoftwareUpdateTaskMachineUA => C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe
Task: {6EF357F9-2645-4851-A0DD-26613A1A6F2C} - System32\Tasks\PC Speed Maximizer Schedule => C:\Program Files (x86)\PC Speed Maximizer\SPMSchedule.exe
Task: {753161CD-EBD9-409B-A2E3-7996ECECFCA6} - \SPDriver -> Pas de fichier
Task: {7C8C3DF0-125C-4442-9506-7E4A4409D074} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe
Task: {806C7633-10B2-489D-8CA9-5B30197A49DD} - \iWebar-updater -> Pas de fichier
Task: {82CE0DFA-A003-4114-81D9-6B24A2B25B3F} - System32\Tasks\Run_dregol => C:\Users\USER1\AppData\Roaming\RUN_DR~1\UPDATE~1\UPDATE~1.EXE
Task: {8B8A67AC-DFCF-46E8-9D84-5D1960C5BCF2} - System32\Tasks\SoftwareUpdateTaskMachineCore => C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe
Task: {A70116A2-915D-4C38-8976-BECCA0DE9647} - \SMupdate1 -> Pas de fichier
Task: {A76FFFAD-6DF9-4F85-B525-9CA213C8EB00} - \Sense-enabler -> Pas de fichier
Task: {A960F8A9-879E-40BB-962D-06778C1991DE} - System32\Tasks\{3F759D03-8F48-4015-982B-26BFB5769399} => C:\windows\system32\pcalua.exe -a "C:\Program Files (x86)\Iminent\inst\Bootstrapper\Bootstrapper.exe" -c uninstall
Task: {B8FF77A1-DC28-43B1-B245-2792724EE383} - \Sense-chromeinstaller -> Pas de fichier
Task: {C4BA8B01-9DF7-4FE9-9A1C-487120FADDFE} - \RunAsStdUser -> Pas de fichier
Task: {EC25327D-2D39-4DF4-A097-1112AE2407B4} - System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => C:\windows\system32\rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update2
Task: {ED0BBCE1-BD08-46D6-BE1E-051877045F90} - \ShopperPro -> Pas de fichier
Task: {EF6D3A40-9D46-4090-A3B3-4C6994F5D068} - System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 => C:\windows\system32\rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update3
Task: {F01C0DB8-C2CF-41C5-A2C6-E5DF07D63647} - System32\Tasks\ShopperProUpd => C:\Program Files (x86)\ShopperPro\updater.exe
Task: C:\windows\Tasks\Run_dregol.job => C:\Users\USER1\AppData\Roaming\RUN_DR~1\UPDATE~1\UPDATE~1.EXE
Task: C:\windows\Tasks\SoftwareUpdateTaskMachineCore.job => C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe
Task: C:\windows\Tasks\SoftwareUpdateTaskMachineUA.job => C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe
2013-05-23 18:39 - 2013-09-29 18:05 - 000348992 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madExcept_.bpl
2013-05-23 18:39 - 2013-09-29 18:05 - 000183616 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madBasic_.bpl
2013-05-23 18:39 - 2013-09-29 18:05 - 000051008 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madDisAsm_.bpl
2013-10-18 12:40 - 2013-09-29 18:05 - 000040256 _____ () C:\Program Files (x86)\IObit\Start Menu 8\winkey.dll
AlternateDataStreams: C:\windows\system32\Drivers\hbaftodj.sys:changelist [1578]
AlternateDataStreams: C:\ProgramData\TEMP:AD022376 [137]
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\Run32: => "Boxore Client"
HKU\S-1-5-21-529793163-1823889777-3392212690-1001\...\StartupApproved\Run: => "cacaoweb"
cmd: ipconfig /flushdns
end::

x
Éditer le texte

Merci d'entrer le mot de passe que vous avez indiqué à la création du texte.

x
Télécharger le texte

Merci de choisir le format du fichier à télécharger.