Publicité
Publicité
Format du document : text/plain
Prévisualisation
start
CloseProcesses:
CreateRestorePoint:
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-3812644963-3289221836-768694644-1000\...\MountPoints2: {31d2a3fa-b3c7-11e2-a86e-20cf307da865} - F:\LaunchU3.exe -a
HKU\S-1-5-21-3812644963-3289221836-768694644-1000\...\MountPoints2: {55a3a8d0-ca99-11e2-9dbc-20cf307da865} - F:\LaunchU3.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
BootExecute: autocheck autochk * sdnclean64.exe
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_popjar_17_08_ssg08¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyEzzyD0DyCtDyD0CyD0D0EtAtBtB0DyEtN0D0Tzu0StCzzyBzztN1L2XzutAtFtByBtFtCtFyDtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StBtDyCyC0EyCtDyEtGtD0F0FtBtGyDyDzy0EtGyEzztDyCtGtAzy0DyDtBtD0AyD0B0BtAtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzytA0F0B0C0B0B0BtGtB0AyDyEtGyE0Fzz0BtGzyyCtAtCtG0ByEyC0F0DzyyEtCtD0AzzyC2QtN0A0LzutB%26cr%3D1146199160%26a%3Dwbf_popjar_17_08_ssg08%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_popjar_17_08_ssg08¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyEzzyD0DyCtDyD0CyD0D0EtAtBtB0DyEtN0D0Tzu0StCzzyBzztN1L2XzutAtFtByBtFtCtFyDtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StBtDyCyC0EyCtDyEtGtD0F0FtBtGyDyDzy0EtGyEzztDyCtGtAzy0DyDtBtD0AyD0B0BtAtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzytA0F0B0C0B0B0BtGtB0AyDyEtGyE0Fzz0BtGzyyCtAtCtG0ByEyC0F0DzyyEtCtD0AzzyC2QtN0A0LzutB%26cr%3D1146199160%26a%3Dwbf_popjar_17_08_ssg08%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_popjar_17_08_ssg08¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyEzzyD0DyCtDyD0CyD0D0EtAtBtB0DyEtN0D0Tzu0StCzzyBzztN1L2XzutAtFtByBtFtCtFyDtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StBtDyCyC0EyCtDyEtGtD0F0FtBtGyDyDzy0EtGyEzztDyCtGtAzy0DyDtBtD0AyD0B0BtAtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzytA0F0B0C0B0B0BtGtB0AyDyEtGyE0Fzz0BtGzyyCtAtCtG0ByEyC0F0DzyyEtCtD0AzzyC2QtN0A0LzutB%26cr%3D1146199160%26a%3Dwbf_popjar_17_08_ssg08%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_popjar_17_08_ssg08¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyEzzyD0DyCtDyD0CyD0D0EtAtBtB0DyEtN0D0Tzu0StCzzyBzztN1L2XzutAtFtByBtFtCtFyDtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StBtDyCyC0EyCtDyEtGtD0F0FtBtGyDyDzy0EtGyEzztDyCtGtAzy0DyDtBtD0AyD0B0BtAtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzytA0F0B0C0B0B0BtGtB0AyDyEtGyE0Fzz0BtGzyyCtAtCtG0ByEyC0F0DzyyEtCtD0AzzyC2QtN0A0LzutB%26cr%3D1146199160%26a%3Dwbf_popjar_17_08_ssg08%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_popjar_17_08_ssg08¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyEzzyD0DyCtDyD0CyD0D0EtAtBtB0DyEtN0D0Tzu0StCzzyBzztN1L2XzutAtFtByBtFtCtFyDtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StBtDyCyC0EyCtDyEtGtD0F0FtBtGyDyDzy0EtGyEzztDyCtGtAzy0DyDtBtD0AyD0B0BtAtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzytA0F0B0C0B0B0BtGtB0AyDyEtGyE0Fzz0BtGzyyCtAtCtG0ByEyC0F0DzyyEtCtD0AzzyC2QtN0A0LzutB%26cr%3D1146199160%26a%3Dwbf_popjar_17_08_ssg08%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_popjar_17_08_ssg08¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyEzzyD0DyCtDyD0CyD0D0EtAtBtB0DyEtN0D0Tzu0StCzzyBzztN1L2XzutAtFtByBtFtCtFyDtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StBtDyCyC0EyCtDyEtGtD0F0FtBtGyDyDzy0EtGyEzztDyCtGtAzy0DyDtBtD0AyD0B0BtAtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzytA0F0B0C0B0B0BtGtB0AyDyEtGyE0Fzz0BtGzyyCtAtCtG0ByEyC0F0DzyyEtCtD0AzzyC2QtN0A0LzutB%26cr%3D1146199160%26a%3Dwbf_popjar_17_08_ssg08%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3812644963-3289221836-768694644-1000 -> {015DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3333673&octid=EB_ORIGINAL_CTID&ISID=A609190F-4600-4937-8598-F3B552DF8589&SearchSource=58&CUI=&UM=8&UP=SP1D68764D-3360-45DB-8CB9-C991EA03B6F8&D=072716&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-3812644963-3289221836-768694644-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO-x32: Pas de nom -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> Pas de fichier
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\cfg [2015-05-21] <==== ATTENTION
U3 tmlwf; pas de ImagePath
U3 tmwfp; pas de ImagePath
2017-06-22 21:58 - 2013-10-17 15:36 - 00000458 ____H C:\Windows\Tasks\OptimizerPro-S-480333868.job
C:\Windows\Tasks\OptimizerPro-S-480333868.job
C:\Users\Public\AlexaNSISPlugin.4660.dll
Task: {43DB5998-97DB-4C14-ACD0-5A0D156A9CCC} - System32\Tasks\OptimizerPro-S-480333868 => c:\programdata\summersoft\optimizerpro\OptimizerPro.exe <==== ATTENTION
Task: {D419AF40-56FA-4104-AE4C-9E727A7EFDED} - \{A58A9ADB-8CA6-4798-9701-C357E5EA01DE} -> Pas de fichier <==== ATTENTION
Task: C:\Windows\Tasks\OptimizerPro-S-480333868.job => c:\programdata\summersoft\optimizerpro\OptimizerPro.exe?J/schedule /profile c:\programdata\summersoft\optimizerpro\480333868.ini <==== ATTENTION
AlternateDataStreams: C:\ProgramData\Temp:0FF263E8 [272]
EmptyTemp:
end
CloseProcesses:
CreateRestorePoint:
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-3812644963-3289221836-768694644-1000\...\MountPoints2: {31d2a3fa-b3c7-11e2-a86e-20cf307da865} - F:\LaunchU3.exe -a
HKU\S-1-5-21-3812644963-3289221836-768694644-1000\...\MountPoints2: {55a3a8d0-ca99-11e2-9dbc-20cf307da865} - F:\LaunchU3.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
BootExecute: autocheck autochk * sdnclean64.exe
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_popjar_17_08_ssg08¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyEzzyD0DyCtDyD0CyD0D0EtAtBtB0DyEtN0D0Tzu0StCzzyBzztN1L2XzutAtFtByBtFtCtFyDtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StBtDyCyC0EyCtDyEtGtD0F0FtBtGyDyDzy0EtGyEzztDyCtGtAzy0DyDtBtD0AyD0B0BtAtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzytA0F0B0C0B0B0BtGtB0AyDyEtGyE0Fzz0BtGzyyCtAtCtG0ByEyC0F0DzyyEtCtD0AzzyC2QtN0A0LzutB%26cr%3D1146199160%26a%3Dwbf_popjar_17_08_ssg08%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_popjar_17_08_ssg08¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyEzzyD0DyCtDyD0CyD0D0EtAtBtB0DyEtN0D0Tzu0StCzzyBzztN1L2XzutAtFtByBtFtCtFyDtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StBtDyCyC0EyCtDyEtGtD0F0FtBtGyDyDzy0EtGyEzztDyCtGtAzy0DyDtBtD0AyD0B0BtAtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzytA0F0B0C0B0B0BtGtB0AyDyEtGyE0Fzz0BtGzyyCtAtCtG0ByEyC0F0DzyyEtCtD0AzzyC2QtN0A0LzutB%26cr%3D1146199160%26a%3Dwbf_popjar_17_08_ssg08%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_popjar_17_08_ssg08¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyEzzyD0DyCtDyD0CyD0D0EtAtBtB0DyEtN0D0Tzu0StCzzyBzztN1L2XzutAtFtByBtFtCtFyDtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StBtDyCyC0EyCtDyEtGtD0F0FtBtGyDyDzy0EtGyEzztDyCtGtAzy0DyDtBtD0AyD0B0BtAtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzytA0F0B0C0B0B0BtGtB0AyDyEtGyE0Fzz0BtGzyyCtAtCtG0ByEyC0F0DzyyEtCtD0AzzyC2QtN0A0LzutB%26cr%3D1146199160%26a%3Dwbf_popjar_17_08_ssg08%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_popjar_17_08_ssg08¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyEzzyD0DyCtDyD0CyD0D0EtAtBtB0DyEtN0D0Tzu0StCzzyBzztN1L2XzutAtFtByBtFtCtFyDtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StBtDyCyC0EyCtDyEtGtD0F0FtBtGyDyDzy0EtGyEzztDyCtGtAzy0DyDtBtD0AyD0B0BtAtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzytA0F0B0C0B0B0BtGtB0AyDyEtGyE0Fzz0BtGzyyCtAtCtG0ByEyC0F0DzyyEtCtD0AzzyC2QtN0A0LzutB%26cr%3D1146199160%26a%3Dwbf_popjar_17_08_ssg08%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_popjar_17_08_ssg08¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyEzzyD0DyCtDyD0CyD0D0EtAtBtB0DyEtN0D0Tzu0StCzzyBzztN1L2XzutAtFtByBtFtCtFyDtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StBtDyCyC0EyCtDyEtGtD0F0FtBtGyDyDzy0EtGyEzztDyCtGtAzy0DyDtBtD0AyD0B0BtAtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzytA0F0B0C0B0B0BtGtB0AyDyEtGyE0Fzz0BtGzyyCtAtCtG0ByEyC0F0DzyyEtCtD0AzzyC2QtN0A0LzutB%26cr%3D1146199160%26a%3Dwbf_popjar_17_08_ssg08%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_popjar_17_08_ssg08¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyEzzyD0DyCtDyD0CyD0D0EtAtBtB0DyEtN0D0Tzu0StCzzyBzztN1L2XzutAtFtByBtFtCtFyDtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StBtDyCyC0EyCtDyEtGtD0F0FtBtGyDyDzy0EtGyEzztDyCtGtAzy0DyDtBtD0AyD0B0BtAtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzytA0F0B0C0B0B0BtGtB0AyDyEtGyE0Fzz0BtGzyyCtAtCtG0ByEyC0F0DzyyEtCtD0AzzyC2QtN0A0LzutB%26cr%3D1146199160%26a%3Dwbf_popjar_17_08_ssg08%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3812644963-3289221836-768694644-1000 -> {015DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3333673&octid=EB_ORIGINAL_CTID&ISID=A609190F-4600-4937-8598-F3B552DF8589&SearchSource=58&CUI=&UM=8&UP=SP1D68764D-3360-45DB-8CB9-C991EA03B6F8&D=072716&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-3812644963-3289221836-768694644-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO-x32: Pas de nom -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> Pas de fichier
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\cfg [2015-05-21] <==== ATTENTION
U3 tmlwf; pas de ImagePath
U3 tmwfp; pas de ImagePath
2017-06-22 21:58 - 2013-10-17 15:36 - 00000458 ____H C:\Windows\Tasks\OptimizerPro-S-480333868.job
C:\Windows\Tasks\OptimizerPro-S-480333868.job
C:\Users\Public\AlexaNSISPlugin.4660.dll
Task: {43DB5998-97DB-4C14-ACD0-5A0D156A9CCC} - System32\Tasks\OptimizerPro-S-480333868 => c:\programdata\summersoft\optimizerpro\OptimizerPro.exe <==== ATTENTION
Task: {D419AF40-56FA-4104-AE4C-9E727A7EFDED} - \{A58A9ADB-8CA6-4798-9701-C357E5EA01DE} -> Pas de fichier <==== ATTENTION
Task: C:\Windows\Tasks\OptimizerPro-S-480333868.job => c:\programdata\summersoft\optimizerpro\OptimizerPro.exe?J/schedule /profile c:\programdata\summersoft\optimizerpro\480333868.ini <==== ATTENTION
AlternateDataStreams: C:\ProgramData\Temp:0FF263E8 [272]
EmptyTemp:
end