cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

start
CloseProcesses:
CreateRestorePoint:
C:\Users\Gaëtan TARBY\AppData\Roaming\cacaoweb\cacaoweb.exe
HKU\S-1-5-21-2954512790-1360209958-2506789052-1000\...\Run: [cacaoweb] => C:\Users\Gaëtan TARBY\AppData\Roaming\cacaoweb\cacaoweb.exe [554288 2015-11-04] ()
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => Pas de fichier
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_ggfc_14_47_ff&cd=2XzuyEtN2Y1L1Qzu0D0CtD0E0AtC0A0CzztA0F0FyDyDyCyCtN0D0Tzu0StCtDyDtAtN1L2XzutAtFyCtFtBtFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyC0D0DyDtDyCyC0DtGyEyB0D0BtGtByE0DyBtGtDtCtCtDtGtC0F0A0BtBzztCyEzzyByE0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0CyEyBzyyC0EtDzztGyEyC0DyBtGyEzzyDyBtGzzzyyD0FtG0A0AtCyDyEtBtDyC0DyDtB0C2Q&cr=252118214&ir=
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_ggfc_14_47_ff&cd=2XzuyEtN2Y1L1Qzu0D0CtD0E0AtC0A0CzztA0F0FyDyDyCyCtN0D0Tzu0StCtDyDtAtN1L2XzutAtFyCtFtBtFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyC0D0DyDtDyCyC0DtGyEyB0D0BtGtByE0DyBtGtDtCtCtDtGtC0F0A0BtBzztCyEzzyByE0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0CyEyBzyyC0EtDzztGyEyC0DyBtGyEzzyDyBtGzzzyyD0FtG0A0AtCyDyEtBtDyC0DyDtB0C2Q&cr=252118214&ir=
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = hxxp://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_ggfc_14_47_ff&cd=2XzuyEtN2Y1L1Qzu0D0CtD0E0AtC0A0CzztA0F0FyDyDyCyCtN0D0Tzu0StCtDyDtAtN1L2XzutAtFyCtFtBtFtDtN1L1CzutCyEtBzytDyD1V1QtN1L1G1B1V1N2Y1L1Qzu2SyByE0AyDyC0B0DtBtGtCtB0DyBtGtD0EzzyBtGtBtBtAtDtGtD0BtAzz0D0AyBtD0Czzzz0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0CyEyBzyyC0EtDzztGyEyC0DyBtGyEzzyDyBtGzzzyyD0FtG0A0AtCyDyEtBtDyC0DyDtB0C2Q&cr=1900521183&ir=
SearchScopes: HKLM-x32 -> DefaultScope la valeur est absente
SearchScopes: HKU\S-1-5-21-2954512790-1360209958-2506789052-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\Ask.xml [2014-11-18]
FF Extension: cacaoweb - C:\Users\Gaëtan TARBY\AppData\Roaming\Mozilla\Firefox\Profiles\t9y8qltd.default-1416343584596\Extensions\cacaoweb@cacaoweb.org [2015-01-09] [non signé]
FF Extension: Download videos and MP3s from YouTube - C:\Users\Gaëtan TARBY\AppData\Roaming\Mozilla\Firefox\Profiles\t9y8qltd.default-1416343584596\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900} [2014-11-19] [non signé]
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-11-19] [non signé]
CHR DefaultSearchURL: Default -> hxxp://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_ggfc_14_47_ff&cd=2XzuyEtN2Y1L1Qzu0D0CtD0E0AtC0A0CzztA0F0FyDyDyCyCtN0D0Tzu0StCtDyDtAtN1L2XzutAtFyCtFtBtFtDtN1L1CzutCyEtBzytDyD1V1QtN1L1G1B1V1N2Y1L1Qzu2SyByE0AyDyC0B0DtBtGtCtB0DyBtGtD0EzzyBtGtBtBtAtDtGtD0BtAzz0D0AyBtD0Czzzz0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0CyEyBzyyC0EtDzztGyEyC0DyBtGyEzzyDyBtGzzzyyD0FtG0A0AtCyDyEtBtDyC0DyDtB0C2Q&cr=1900521183&ir=
CHR DefaultSearchKeyword: Default -> Vosteran.com
2015-12-22 11:31 - 2015-01-09 21:38 - 00000000 ____D C:\Users\Gaëtan TARBY\AppData\Roaming\cacaoweb
2014-11-18 17:22 - 2014-11-19 09:22 - 0000067 _____ () C:\Users\Gaëtan TARBY\AppData\Roaming\WB.CFG
2012-04-23 15:17 - 2012-04-23 15:19 - 0015229 _____ () C:\ProgramData\ArcadeDeluxe5.log
C:\ProgramData\Empire of Sports Cleanup.exe
Task: {8BC1D926-0D45-4CE1-AE0D-86C00A7B408B} - \Digital Sites -> Pas de fichier <==== ATTENTION
Task: {ACE5E8C1-2B96-4B97-BB13-735F101A9511} - \WSE_Vosteran -> Pas de fichier <==== ATTENTION
2015-01-09 21:38 - 2015-11-04 08:16 - 00554288 _____ () C:\Users\Gaëtan TARBY\AppData\Roaming\cacaoweb\cacaoweb.exe
AlternateDataStreams: C:\Users\Gaëtan TARBY\Downloads\ccsetup323(1).exe:BDU
AlternateDataStreams: C:\Users\Gaëtan TARBY\Downloads\ccsetup323.exe:BDU
FirewallRules: [TCP Query User{E94C479A-987D-463B-AC19-EA83ACDF5DFD}C:\users\gaëtan tarby\appdata\roaming\cacaoweb\cacaoweb.exe] => (Block) C:\users\gaëtan tarby\appdata\roaming\cacaoweb\cacaoweb.exe
FirewallRules: [UDP Query User{A06E5E23-C51F-44EB-AB72-AA8D32238BEB}C:\users\gaëtan tarby\appdata\roaming\cacaoweb\cacaoweb.exe] => (Block) C:\users\gaëtan tarby\appdata\roaming\cacaoweb\cacaoweb.exe
FirewallRules: [TCP Query User{36C8E407-9770-4A20-B294-BD1A7641C20F}C:\users\gaëtan tarby\appdata\roaming\cacaoweb\cacaoweb.exe] => (Block) C:\users\gaëtan tarby\appdata\roaming\cacaoweb\cacaoweb.exe
FirewallRules: [UDP Query User{89AB6276-E8B7-4603-BAB1-627E77CBDDD8}C:\users\gaëtan tarby\appdata\roaming\cacaoweb\cacaoweb.exe] => (Block) C:\users\gaëtan tarby\appdata\roaming\cacaoweb\cacaoweb.exe



EmptyTemp:
end

Publicité


Signaler le contenu de ce document

Publicité