cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

:OTL
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://speedial.com/results.php?f=4&q={searchTerms}&a=spd_tele_14_22_ch&cd=2XzuyEtN2Y1L1QzuzyyEtAzy0EyD0CtA0DtD0C0D0AtCyBtCtN0D0Tzu0SzzzztBtN1L2XzutBtFtBtDtFtCzytFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyDtD0DyCyB0EtBtDtGyDyEzz0BtG0D0B0CyDtGtAtCtB0BtGtCyDtAyE0DyEtCyBtDzzyEtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBtD0BtC0B0AzztAtGyC0FzztDtG0E0C0C0AtGyEyC0AtDtGyE0C0EyE0D0FyDzzzyyE0D0C2Q&cr=897083106&ir=
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>;
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>;
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" =
IE - HKU\S-1-5-21-3713109748-3542463635-3387801132-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3713109748-3542463635-3387801132-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://speedial.com/results.php?f=4&q={searchTerms}&a=spd_tele_14_22_ch&cd=2XzuyEtN2Y1L1QzuzyyEtAzy0EyD0CtA0DtD0C0D0AtCyBtCtN0D0Tzu0SzzzztBtN1L2XzutBtFtBtDtFtCzytFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyDtD0DyCyB0EtBtDtGyDyEzz0BtG0D0B0CyDtGtAtCtB0BtGtCyDtAyE0DyEtCyBtDzzyEtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBtD0BtC0B0AzztAtGyC0FzztDtG0E0C0C0AtGyEyC0AtDtGyE0C0EyE0D0FyDzzzyyE0D0C2Q&cr=897083106&ir=
FF - prefs.js..browser.search.defaultenginename: "Mysearchdial"
FF - prefs.js..browser.search.order.1: "Mysearchdial"
FF - prefs.js..browser.search.selectedEngine: "Mysearchdial"
FF - prefs.js..extensions.enabledAddons: artur.dubovoy%40gmail.com:6.1.2
[2014/09/08 22:48:05 | 000,000,000 | ---D | M] ("Flash Video Downloader - YouTube Full HD Download") -- C:\Users\Eli�s\AppData\Roaming\mozilla\Firefox\Profiles\djzirn12.default\extensions\artur.dubovoy@gmail.com
File not found (No name found) -- C:\USERS\ELIèS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DJZIRN12.DEFAULT\EXTENSIONS\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}
File not found (No name found) -- C:\USERS\ELIèS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DJZIRN12.DEFAULT\EXTENSIONS\{B9DB16A4-6EDC-47EC-A1F4-B86292ED211D}
File not found (No name found) -- C:\USERS\ELIèS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DJZIRN12.DEFAULT\EXTENSIONS\ARTUR.DUBOVOY@GMAIL.COM
[2012/01/12 10:58:30 | 000,917,816 | ---- | M] (BitComet) -- C:\Program Files (x86)\mozilla firefox\plugins\npBitCometAgent.dll
CHR - Extension: No name found = C:\Users\Eli�s\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
CHR - Extension: No name found = C:\Users\Eli�s\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
O3:64bit: - HKLM\..\Toolbar: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No CLSID value found.
O4 - HKU\.DEFAULT..\Run: [systray] C:\Program Files (x86)\TheBestMatch\Homepage\DWCSysTray.exe File not found
O4 - HKU\S-1-5-18..\Run: [systray] C:\Program Files (x86)\TheBestMatch\Homepage\DWCSysTray.exe File not found
O4 - HKU\S-1-5-19..\Run: [systray] C:\Program Files (x86)\TheBestMatch\Homepage\DWCSysTray.exe File not found
O4 - HKU\S-1-5-20..\Run: [systray] C:\Program Files (x86)\TheBestMatch\Homepage\DWCSysTray.exe File not found
O4 - HKU\S-1-5-21-3713109748-3542463635-3387801132-1001..\Run: [AdobeBridge] File not found
O20:64bit: - HKLM Winlogon: UserInit - (bj.dll) - File not found
O33 - MountPoints2\{3f1fc300-7e0c-11e3-be0a-9439e5c3d0ce}\Shell - "" = AutoRun
O33 - MountPoints2\{3f1fc300-7e0c-11e3-be0a-9439e5c3d0ce}\Shell\AutoRun\command - "" = F:\setup.exe
O33 - MountPoints2\{e616fef4-f1d9-11e2-a003-9439e5c3d0ce}\Shell - "" = AutoRun
O33 - MountPoints2\{e616fef4-f1d9-11e2-a003-9439e5c3d0ce}\Shell\AutoRun\command - "" = E:\setup.exe
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
@Alternate Data Stream - 1203 bytes -> C:\ProgramData\Microsoft:MmMdk8G4fmhEAF0dgVNq8UCt
@Alternate Data Stream - 1155 bytes -> C:\Program Files (x86)\Common Files\microsoft shared:85U1AezXkPKwAH4hhipKoWy
@Alternate Data Stream - 1063 bytes -> C:\ProgramData\Microsoft:dJbMGfnrZttRKrBOmB8w8wTeV69
@Alternate Data Stream - 1058 bytes -> C:\Users\Eli�s\AppData\Local\Temp:9VQBNddfRTBcWU2GA6HPYTif
@Alternate Data Stream - 1024 bytes -> C:\ProgramData\Microsoft:sesz279bkUczrtFdpKSbEc

:Files
C:\Users\Eli�s\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn
C:\Users\Eli�s\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
C:\Program Files (x86)\TheBestMatch
C:\Users\Eli�s\AppData\Roaming\DOK52P4Q3J.dat
C:\Users\Eli�s\AppData\Roaming\cdiStatPath.dat
C:\Windows\Installer\{b3fec48b-e6a1-a405-7bd1-dc2d80e04a44}
C:\Users\Eli�s\AppData\Local\{b3fec48b-e6a1-a405-7bd1-dc2d80e04a44}
C:\Users\Eli�s\AppData\Roaming\DriverCure
C:\Users\Eli�s\AppData\Roaming\ParetoLogic
C:\Users\Eli�s\AppData\Roaming\ProductData
C:\Users\Eli�s\AppData\Local\8AFJKSwzw
C:\Users\Eli�s\AppData\Local\ttR9F195X
C:\Users\Eli�s\AppData\Local\XX
C:\Users\Eli�s\AppData\Local\{*}
C:\$RECYCLE.BIN\*.* /s
C:\$RECYCLE.BIN\*
netsh winhttp reset proxy /c
ipconfig /flushdns /c

:Reg
[-HKEY_LOCAL_MACHINE\software\McAfee]
[-HKEY_LOCAL_MACHINE\software\McAfee.com]
[-HKEY_LOCAL_MACHINE\software\{3DAFC8E5-2505-41FF-ABFC-EAECF8DB46D4}]
[-HKEY_LOCAL_MACHINE\software\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}]
[-HKEY_LOCAL_MACHINE\software\{78EFF776-1054-0C02-C47F-2474E1F654D9}]
[-HKEY_CURRENT_USER\software\Local AppWizard-Generated Applications]
[-HKEY_CURRENT_USER\software\MCAFEE]
[-HKEY_CURRENT_USER\software\TeleCharger]
[-HKEY_CURRENT_USER\software\{2F543434-2600-9235-6A29-6F0388CA5A9F}]

:Commands
[emptytemp]

Publicité


Signaler le contenu de ce document

Publicité