cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

start
CloseProcesses:
CreateRestorePoint:
(Pay By Ads LTD) C:\Users\Live\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrlte.exe
HKU\S-1-5-21-2327678848-2729833923-3921942238-1001\...\Run: [Yahoo! Search] => C:\Users\Live\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrlte.exe [660736 2015-07-28] (Pay By Ads LTD)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2327678848-2729833923-3921942238-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://searchsimple-a.akamaihd.net/?affID=prA-00
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://binkiland.com/results.php?f=4&q={searchTerms}&a=bnk_tele_15_06&cd=2XzuyEtN2Y1L1Qzu0D0CtD0E0AtC0A0Azzzy0DtAtBtBtC0EtN0D0Tzu0StCtCtAtCtN1L2XzutAtFyBtFyBtFyDtN1L1CzutCyEtBzytDyD1V1ByEtN1L1G1B1V1N2Y1L1Qzu2SyC0E0F0FtB0DtByBtG0C0FtDzztGyDyDzz0BtGtByE0A0DtGyCzz0CtA0E0A0FyDtAtCyDyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szz0B0C0ByCyByDyCtGtDtAyC0EtGyEyE0A0DtG0A0ByB0FtGzytA0DtDtC0Bzzzy0DtCyE0A2Q&cr=1171097245&ir=
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://binkiland.com/results.php?f=4&q={searchTerms}&a=bnk_tele_15_06&cd=2XzuyEtN2Y1L1Qzu0D0CtD0E0AtC0A0Azzzy0DtAtBtBtC0EtN0D0Tzu0StCtCtAtCtN1L2XzutAtFyBtFyBtFyDtN1L1CzutCyEtBzytDyD1V1ByEtN1L1G1B1V1N2Y1L1Qzu2SyC0E0F0FtB0DtByBtG0C0FtDzztGyDyDzz0BtGtByE0A0DtGyCzz0CtA0E0A0FyDtAtCyDyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szz0B0C0ByCyByDyCtGtDtAyC0EtGyEyE0A0DtG0A0ByB0FtGzytA0DtDtC0Bzzzy0DtCyE0A2Q&cr=1171097245&ir=
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2327678848-2729833923-3921942238-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://searchsimple-a.akamaihd.net/?affID=prA-00&q={searchTerms}&r=447
SearchScopes: HKU\S-1-5-21-2327678848-2729833923-3921942238-1001 -> OldSearch URL = http://binkiland.com/results.php?f=4&q={searchTerms}&a=bnk_tele_15_06&cd=2XzuyEtN2Y1L1Qzu0D0CtD0E0AtC0A0Azzzy0DtAtBtBtC0EtN0D0Tzu0StCtCtAtCtN1L2XzutAtFyBtFyBtFyDtN1L1CzutCyEtBzytDyD1V1ByEtN1L1G1B1V1N2Y1L1Qzu2SyC0E0F0FtB0DtByBtG0C0FtDzztGyDyDzz0BtGtByE0A0DtGyCzz0CtA0E0A0FyDtAtCyDyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szz0B0C0ByCyByDyCtGtDtAyC0EtGyEyE0A0DtG0A0ByB0FtGzytA0DtDtC0Bzzzy0DtCyE0A2Q&cr=1171097245&ir=
SearchScopes: HKU\S-1-5-21-2327678848-2729833923-3921942238-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://searchsimple-a.akamaihd.net/?affID=prA-00&q={searchTerms}&r=447
FF NewTab: hxxp://searchsimple-a.akamaihd.net/?m=tab&affID=prA-00
FF Homepage: hxxp://searchsimple-a.akamaihd.net/?affID=prA-00
FF Keyword.URL: hxxp://searchsimple-a.akamaihd.net/?q=
FF Extension: Techgile 1.0.1 - C:\Users\Live\AppData\Roaming\Mozilla\Firefox\Profiles\0hx80260.default\Extensions\{f8cb8569-1f1b-4031-9006-6efba1b07d17}.xpi [2014-12-27]
2015-07-15 22:27 - 2015-07-15 22:28 - 00532784 _____ C:\Users\Live\Downloads\cacaoweb.exe
C:\Users\Live\Downloads\cacaoweb.exe
2015-07-28 18:22 - 2015-02-05 20:51 - 00000000 ____D C:\Users\Live\AppData\Local\Binkiland
2015-06-28 14:21 - 2014-12-29 23:03 - 00000159 _____ C:\Users\Live\AppData\Roaming\WB.CFG
2015-02-16 21:49 - 2015-03-01 01:49 - 0000010 _____ () C:\Users\Live\AppData\Local\DSI.DAT
2015-03-13 19:33 - 2015-04-12 15:30 - 0274045 _____ () C:\Users\Live\AppData\Local\dsi1.dat
2015-03-13 19:33 - 2015-04-12 15:30 - 0161916 _____ () C:\Users\Live\AppData\Local\dsi2.dat
2015-02-16 21:49 - 2015-02-16 21:49 - 0022528 _____ () C:\Users\Live\AppData\Local\dsisetup361314692.exe
2014-12-29 23:03 - 2015-06-28 14:21 - 0000159 _____ () C:\Users\Live\AppData\Roaming\WB.CFG
C:\Users\Live\ZHPCleaner.exe
Buzzdock (HKLM\...\{ac225167-00fc-452d-94c5-bb93600e7d9a}) (Version: - Alactro LLC) <==== ATTENTION
Yahoo! Search (HKU\S-1-5-21-2327678848-2729833923-3921942238-1001\...\Yahoo! Search) (Version: - Pay-By-Ads) <==== ATTENTION
Task: {C15B31FC-837A-47BA-BFAF-76E7359D5652} - System32\Tasks\Yahoo! Search Updater => Wscript.exe //B "C:\Users\Live\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\..\updt.js" <==== ATTENTION
FirewallRules: [TCP Query User{E51885AD-1C94-462D-8A39-EE3641ED15A1}C:\users\live\appdata\roaming\cacaoweb\cacaoweb.exe] => (Allow) C:\users\live\appdata\roaming\cacaoweb\cacaoweb.exe
FirewallRules: [UDP Query User{A62C016F-3095-44F6-BE03-7BCFC6EE35D7}C:\users\live\appdata\roaming\cacaoweb\cacaoweb.exe] => (Allow) C:\users\live\appdata\roaming\cacaoweb\cacaoweb.exe




EmptyTemp:
end

Publicité


Signaler le contenu de ce document

Publicité