Publicité
Publicité
Format du document : text/plain
Prévisualisation
start
CloseProcesses:
Hosts:
CreateRestorePoint:
C:\Users\User\AppData\Roaming\cacaoweb\cacaoweb.exe
HKU\S-1-5-21-2569905410-2087770512-1162047771-1000\...\Run: [cacaoweb] => C:\Users\User\AppData\Roaming\cacaoweb\cacaoweb.exe [563896 2016-08-06] ()
HKU\S-1-5-21-2569905410-2087770512-1162047771-1000\...\Run: [IDMan] => C:\Users\User\AppData\Local\Temp\Rar$EXa0.532\Crack\IDMan.exe /onboot <===== ATTENTION
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKU\S-1-5-21-2569905410-2087770512-1162047771-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1419877892&from=ill&uid=WDCXWD10EZEX-00KUWA0_WD-WCC1S534579245792&q={searchTerms}
HKU\S-1-5-21-2569905410-2087770512-1162047771-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1419877892&from=ill&uid=WDCXWD10EZEX-00KUWA0_WD-WCC1S534579245792&q={searchTerms}
SearchScopes: HKLM -> {05C12E4C-6291-43F6-8C07-BBD3B3EF5E18} URL =
SearchScopes: HKLM -> {15D811D6-979A-4DA0-9B21-A6E02AEABAEF} URL =
SearchScopes: HKLM -> {5AA6BEBB-7C58-4146-9106-8F6046AD5CE8} URL =
SearchScopes: HKU\S-1-5-21-2569905410-2087770512-1162047771-1000 -> {05C12E4C-6291-43F6-8C07-BBD3B3EF5E18} URL =
SearchScopes: HKU\S-1-5-21-2569905410-2087770512-1162047771-1000 -> {15D811D6-979A-4DA0-9B21-A6E02AEABAEF} URL =
SearchScopes: HKU\S-1-5-21-2569905410-2087770512-1162047771-1000 -> {5AA6BEBB-7C58-4146-9106-8F6046AD5CE8} URL =
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> Pas de fichier
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> Pas de fichier
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\omiga-plus.xml [2014-12-29]
C:\Program Files (x86)\mozilla firefox\browser\searchplugins\omiga-plus.xml
FF Extension: (cacaoweb) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\q4z3h53g.default\Extensions\cacaoweb@cacaoweb.org [2014-11-21] [non signé]
CHR StartupUrls: Default -> "hxxp://isearch.omiga-plus.com/?type=hp&ts=1419877892&from=ill&uid=WDCXWD10EZEX-00KUWA0_WD-WCC1S534579245792"
S3 cpuz134; \??\C:\Users\User\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
2016-08-28 14:53 - 2014-11-05 02:48 - 00000000 ____D C:\Users\User\AppData\Roaming\cacaoweb
2014-07-27 18:21 - 2014-10-04 11:41 - 0018056 _____ () C:\Users\User\AppData\Roaming\Bubble Dock.installation.log
C:\Users\User\AppData\Roaming\Bubble Dock.installation.log
2014-07-27 18:20 - 2014-10-04 11:40 - 0000194 _____ () C:\Users\User\AppData\Roaming\WindApp.boostrap.log
2014-07-27 18:21 - 2014-10-04 11:41 - 0000748 _____ () C:\Users\User\AppData\Roaming\WindApp.installation.log
2014-09-30 16:57 - 2014-09-30 16:57 - 0431104 _____ () C:\ProgramData\uninstall_Winservices.exe
C:\ProgramData\uninstall_Winservices.exe
C:\Users\User\AppData\Local\Temp\DeltaTB.exe
Task: {1BF04A8B-7CC7-4D74-9F2D-EA433FD5673C} - System32\Tasks\DoctorPC_Start => C:\Program Files (x86)\Doctor PC\DoctorPC.exe <==== ATTENTION
Task: {81D9223A-5B1B-48C3-BCE0-12173AA8C226} - System32\Tasks\WIN-statsAdmin => C:\Users\User\AppData\Local\Microsoft\WinU\~lhjqmkp.exe <==== ATTENTION
Task: {DCF69417-5161-4B90-9482-81EC360CC314} - System32\Tasks\DoctorPC_Popup => C:\Program Files (x86)\Doctor PC\Splash.exe <==== ATTENTION
Task: {F995D3D6-6039-4BD2-BC9F-7A4CA597DD25} - System32\Tasks\WIN-GGfIfEGCfEGbGffIfCfEGC => C:\Users\User\AppData\Roaming\~ztaedxm.exe [2014-11-19] () <==== ATTENTION
2014-11-05 02:48 - 2016-08-06 15:50 - 00563896 _____ () C:\Users\User\AppData\Roaming\cacaoweb\cacaoweb.exe
AlternateDataStreams: C:\ProgramData\TEMP:AD022376
FirewallRules: [TCP Query User{F313FB50-6DC7-4199-826A-F5C4B41C6619}C:\users\user\appdata\roaming\cacaoweb\cacaoweb.exe] => (Allow) C:\users\user\appdata\roaming\cacaoweb\cacaoweb.exe
FirewallRules: [UDP Query User{94CCD802-6F90-4BA5-B650-E5BB83A0141E}C:\users\user\appdata\roaming\cacaoweb\cacaoweb.exe] => (Allow) C:\users\user\appdata\roaming\cacaoweb\cacaoweb.exe
EmptyTemp:
end
CloseProcesses:
Hosts:
CreateRestorePoint:
C:\Users\User\AppData\Roaming\cacaoweb\cacaoweb.exe
HKU\S-1-5-21-2569905410-2087770512-1162047771-1000\...\Run: [cacaoweb] => C:\Users\User\AppData\Roaming\cacaoweb\cacaoweb.exe [563896 2016-08-06] ()
HKU\S-1-5-21-2569905410-2087770512-1162047771-1000\...\Run: [IDMan] => C:\Users\User\AppData\Local\Temp\Rar$EXa0.532\Crack\IDMan.exe /onboot <===== ATTENTION
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKU\S-1-5-21-2569905410-2087770512-1162047771-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1419877892&from=ill&uid=WDCXWD10EZEX-00KUWA0_WD-WCC1S534579245792&q={searchTerms}
HKU\S-1-5-21-2569905410-2087770512-1162047771-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1419877892&from=ill&uid=WDCXWD10EZEX-00KUWA0_WD-WCC1S534579245792&q={searchTerms}
SearchScopes: HKLM -> {05C12E4C-6291-43F6-8C07-BBD3B3EF5E18} URL =
SearchScopes: HKLM -> {15D811D6-979A-4DA0-9B21-A6E02AEABAEF} URL =
SearchScopes: HKLM -> {5AA6BEBB-7C58-4146-9106-8F6046AD5CE8} URL =
SearchScopes: HKU\S-1-5-21-2569905410-2087770512-1162047771-1000 -> {05C12E4C-6291-43F6-8C07-BBD3B3EF5E18} URL =
SearchScopes: HKU\S-1-5-21-2569905410-2087770512-1162047771-1000 -> {15D811D6-979A-4DA0-9B21-A6E02AEABAEF} URL =
SearchScopes: HKU\S-1-5-21-2569905410-2087770512-1162047771-1000 -> {5AA6BEBB-7C58-4146-9106-8F6046AD5CE8} URL =
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> Pas de fichier
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> Pas de fichier
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\omiga-plus.xml [2014-12-29]
C:\Program Files (x86)\mozilla firefox\browser\searchplugins\omiga-plus.xml
FF Extension: (cacaoweb) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\q4z3h53g.default\Extensions\cacaoweb@cacaoweb.org [2014-11-21] [non signé]
CHR StartupUrls: Default -> "hxxp://isearch.omiga-plus.com/?type=hp&ts=1419877892&from=ill&uid=WDCXWD10EZEX-00KUWA0_WD-WCC1S534579245792"
S3 cpuz134; \??\C:\Users\User\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
2016-08-28 14:53 - 2014-11-05 02:48 - 00000000 ____D C:\Users\User\AppData\Roaming\cacaoweb
2014-07-27 18:21 - 2014-10-04 11:41 - 0018056 _____ () C:\Users\User\AppData\Roaming\Bubble Dock.installation.log
C:\Users\User\AppData\Roaming\Bubble Dock.installation.log
2014-07-27 18:20 - 2014-10-04 11:40 - 0000194 _____ () C:\Users\User\AppData\Roaming\WindApp.boostrap.log
2014-07-27 18:21 - 2014-10-04 11:41 - 0000748 _____ () C:\Users\User\AppData\Roaming\WindApp.installation.log
2014-09-30 16:57 - 2014-09-30 16:57 - 0431104 _____ () C:\ProgramData\uninstall_Winservices.exe
C:\ProgramData\uninstall_Winservices.exe
C:\Users\User\AppData\Local\Temp\DeltaTB.exe
Task: {1BF04A8B-7CC7-4D74-9F2D-EA433FD5673C} - System32\Tasks\DoctorPC_Start => C:\Program Files (x86)\Doctor PC\DoctorPC.exe <==== ATTENTION
Task: {81D9223A-5B1B-48C3-BCE0-12173AA8C226} - System32\Tasks\WIN-statsAdmin => C:\Users\User\AppData\Local\Microsoft\WinU\~lhjqmkp.exe <==== ATTENTION
Task: {DCF69417-5161-4B90-9482-81EC360CC314} - System32\Tasks\DoctorPC_Popup => C:\Program Files (x86)\Doctor PC\Splash.exe <==== ATTENTION
Task: {F995D3D6-6039-4BD2-BC9F-7A4CA597DD25} - System32\Tasks\WIN-GGfIfEGCfEGbGffIfCfEGC => C:\Users\User\AppData\Roaming\~ztaedxm.exe [2014-11-19] () <==== ATTENTION
2014-11-05 02:48 - 2016-08-06 15:50 - 00563896 _____ () C:\Users\User\AppData\Roaming\cacaoweb\cacaoweb.exe
AlternateDataStreams: C:\ProgramData\TEMP:AD022376
FirewallRules: [TCP Query User{F313FB50-6DC7-4199-826A-F5C4B41C6619}C:\users\user\appdata\roaming\cacaoweb\cacaoweb.exe] => (Allow) C:\users\user\appdata\roaming\cacaoweb\cacaoweb.exe
FirewallRules: [UDP Query User{94CCD802-6F90-4BA5-B650-E5BB83A0141E}C:\users\user\appdata\roaming\cacaoweb\cacaoweb.exe] => (Allow) C:\users\user\appdata\roaming\cacaoweb\cacaoweb.exe
EmptyTemp:
end