cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

start
CloseProcesses:
CreateRestorePoint:
(Conduit) C:\Users\Vinciane\AppData\Local\ValueApps\ValueApps.exe
() C:\Users\Vinciane\AppData\Local\ValueApps\ValueAppsTrayIcon.exe
HKLM\...\Run: [] => [X]
HKU\S-1-5-21-3199634993-518937472-4119080787-1001\...\Run: [ValueAppsTrayIcon] => C:\Users\Vinciane\AppData\Local\ValueApps\ValueAppsTrayIcon.exe [20280 2014-03-13] ()
Winsock: Catalog9 01 C:\Windows\SysWOW64\ValueApps.dll [345400 2014-03-13] (Conduit)
Winsock: Catalog9 02 C:\Windows\SysWOW64\ValueApps.dll [345400 2014-03-13] (Conduit)
Winsock: Catalog9 03 C:\Windows\SysWOW64\ValueApps.dll [345400 2014-03-13] (Conduit)
Winsock: Catalog9 04 C:\Windows\SysWOW64\ValueApps.dll [345400 2014-03-13] (Conduit)
Winsock: Catalog9 16 C:\Windows\SysWOW64\ValueApps.dll [345400 2014-03-13] (Conduit)
Winsock: Catalog9-x64 01 C:\Windows\system32\ValueApps64.dll [445752 2014-03-13] (Conduit)
Winsock: Catalog9-x64 02 C:\Windows\system32\ValueApps64.dll [445752 2014-03-13] (Conduit)
Winsock: Catalog9-x64 03 C:\Windows\system32\ValueApps64.dll [445752 2014-03-13] (Conduit)
Winsock: Catalog9-x64 04 C:\Windows\system32\ValueApps64.dll [445752 2014-03-13] (Conduit)
Winsock: Catalog9-x64 16 C:\Windows\system32\ValueApps64.dll [445752 2014-03-13] (Conduit)
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3199634993-518937472-4119080787-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com/?gd=&ctid=CT3319415&octid=EB_ORIGINAL_CTID&ISID=M65AD2808-6810-4FC8-AE7B-D7C5307DC4EE&SearchSource=55&CUI=&UM=5&UP=SP1840C35D-8E84-4E96-9960-FBA300A1D8EE&SSPV=
SearchScopes: HKLM -> DefaultScope {D041A96F-27FA-4787-AB93-0087CDE1FF2A} URL = hxxp://speedial.com/results.php?f=4&q={searchTerms}&a=spd_tele_14_18_ff&cd=2XzuyEtN2Y1L1Qzu0CyEyDyEyEyEtDyDyE0Fzz0F0AyDzyyDtN0D0Tzu0SzzyDtAtN1L2XzutBtFtBtDtFyCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyCyDyCyB0EyE0FzztG0Fzy0B0EtGyCtByD0AtGzztAzz0DtGyB0DzyyBzztDtAyCzyyBzytA2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0CzytC0FtB0E0AtG0D0E0EyEtG0F0D0EtDtG0B0DyDtAtGyDzzzz0AtB0CtDzzyEtAyD0E2Q&cr=1537163213&ir=
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {31090377-0740-419E-BEFC-A56E50500D5B} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=tele_14_18_ff&cd=2XzuyEtN2Y1L1Qzu0CyEyDyEyEyEtDyDyE0Fzz0F0AyDzyyDtN0D0Tzu0SzzyDtAtN1L2XzutBtFtBtDtFyCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyD0DzztC0E0DyBzytGtBtA0AtCtGtB0CyEzztGtC0C0BtBtGyB0FzytD0F0CyD0FyE0D0FyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0CzytC0FtB0E0AtG0D0E0EyEtG0F0D0EtDtG0B0DyDtAtGyDzzzz0AtB0CtDzzyEtAyD0E2Q&cr=747175941&ir=
SearchScopes: HKLM -> {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=tele_14_18_ff&cd=2XzuyEtN2Y1L1Qzu0CyEyDyEyEyEtDyDyE0Fzz0F0AyDzyyDtN0D0Tzu0SzzyDtAtN1L2XzutBtFtBtDtFyCtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyEtB0C0ByEyDyD0FtGzyzyzztAtGtB0Bzz0FtGyBtBtCyCtGyCtB0FtCyByE0EyDzyyEyCtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0CzytC0FtB0E0AtG0D0E0EyEtG0F0D0EtDtG0B0DyDtAtGyDzzzz0AtB0CtDzzyEtAyD0E2Q&cr=959382111&ir=
SearchScopes: HKLM -> {D041A96F-27FA-4787-AB93-0087CDE1FF2A} URL = hxxp://speedial.com/results.php?f=4&q={searchTerms}&a=spd_tele_14_18_ff&cd=2XzuyEtN2Y1L1Qzu0CyEyDyEyEyEtDyDyE0Fzz0F0AyDzyyDtN0D0Tzu0SzzyDtAtN1L2XzutBtFtBtDtFyCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyCyDyCyB0EyE0FzztG0Fzy0B0EtGyCtByD0AtGzztAzz0DtGyB0DzyyBzztDtAyCzyyBzytA2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0CzytC0FtB0E0AtG0D0E0EyEtG0F0D0EtDtG0B0DyDtAtGyDzzzz0AtB0CtDzzyEtAyD0E2Q&cr=1537163213&ir=
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxps://fr.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3199634993-518937472-4119080787-1001 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?gd=&ctid=CT3319415&octid=EB_ORIGINAL_CTID&ISID=M65AD2808-6810-4FC8-AE7B-D7C5307DC4EE&SearchSource=58&CUI=&UM=5&UP=SP1840C35D-8E84-4E96-9960-FBA300A1D8EE&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-3199634993-518937472-4119080787-1001 -> {31090377-0740-419E-BEFC-A56E50500D5B} URL =
SearchScopes: HKU\S-1-5-21-3199634993-518937472-4119080787-1001 -> {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL =
FF Extension: cacaoweb - C:\Users\Vinciane\AppData\Roaming\Mozilla\Firefox\Profiles\d7ordo0a.default-1448720446826\Extensions\cacaoweb@cacaoweb.org [2016-01-20] [non signé]
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-03-20] [non signé]
R2 ValueApps; C:\Users\Vinciane\AppData\Local\ValueApps\ValueApps.exe [2149176 2014-03-13] (Conduit)
2016-03-29 18:51 - 2014-03-29 19:49 - 00000000 ____D C:\Program Files (x86)\Mega Browse
Mega Browse (HKLM\...\Mega Browse) (Version: 2014.03.28.231011 - Mega Browse) <==== ATTENTION
Task: {12C0025C-B3B0-448E-9C03-687E9E2474B8} - System32\Tasks\ValueAppsGUI => C:\Users\Vinciane\AppData\Local\ValueApps\ValueAppsGUI.exe [2014-03-13] (Perion)
FirewallRules: [TCP Query User{89608934-7E4F-43C1-B0D9-8267B42816EF}C:\users\vinciane\appdata\roaming\cacaoweb\cacaoweb.exe] => (Allow) C:\users\vinciane\appdata\roaming\cacaoweb\cacaoweb.exe
FirewallRules: [UDP Query User{0FB3DBA5-D7F1-4F77-98BF-1DEF5E9FD632}C:\users\vinciane\appdata\roaming\cacaoweb\cacaoweb.exe] => (Allow) C:\users\vinciane\appdata\roaming\cacaoweb\cacaoweb.exe
FirewallRules: [TCP Query User{B53CD119-B69F-4079-9C96-4F14901900FA}C:\users\vinciane\appdata\roaming\cacaoweb\cacaoweb.exe] => (Block) C:\users\vinciane\appdata\roaming\cacaoweb\cacaoweb.exe
FirewallRules: [UDP Query User{96B894D0-4AFD-45CF-B303-D41D693E8FB8}C:\users\vinciane\appdata\roaming\cacaoweb\cacaoweb.exe] => (Block) C:\users\vinciane\appdata\roaming\cacaoweb\cacaoweb.exe
cmd: netsh winsock reset

EmptyTemp:
end

Publicité


Signaler le contenu de ce document

Publicité