start
CreateRestorePoint:
CloseProcesses:
HKU\S-1-5-21-3792903588-1615404425-274105849-1000\...\Run: [cacaoweb] => C:\Users\user\AppData\Roaming\cacaoweb\cacaoweb.exe [554288 2015-11-08] ()
AppInit_DLLs-x32: c:\progra~3\browse~1\261125~1.80\{c16c1~1\browse~1.dll => Pas de fichier
AutoConfigURL: [S-1-5-21-3792903588-1615404425-274105849-1000] => file://C:\Program Files (x86)\PodoWeb\bin\Pac8806.js
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-homes.com/?type=hp&ts=1418845175&from=wpm12173&uid=HitachiXHTS725032A9A364_100514PCKN04VLHU6KXJX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-homes.com/?type=hp&ts=1418845175&from=wpm12173&uid=HitachiXHTS725032A9A364_100514PCKN04VLHU6KXJX
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1408468575&from=smt&uid=HitachiXHTS725032A9A364_100514PCKN04VLHU6KXJX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1408468575&from=smt&uid=HitachiXHTS725032A9A364_100514PCKN04VLHU6KXJX&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.delta-homes.com/?type=hp&ts=1418845175&from=wpm12173&uid=HitachiXHTS725032A9A364_100514PCKN04VLHU6KXJX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.delta-homes.com/?type=hp&ts=1418845175&from=wpm12173&uid=HitachiXHTS725032A9A364_100514PCKN04VLHU6KXJX
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1408468575&from=smt&uid=HitachiXHTS725032A9A364_100514PCKN04VLHU6KXJX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1408468575&from=smt&uid=HitachiXHTS725032A9A364_100514PCKN04VLHU6KXJX&q={searchTerms}
HKU\S-1-5-21-3792903588-1615404425-274105849-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-homes.com/?type=hp&ts=1418845175&from=wpm12173&uid=HitachiXHTS725032A9A364_100514PCKN04VLHU6KXJX
HKU\S-1-5-21-3792903588-1615404425-274105849-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.delta-homes.com/?type=hp&ts=1418845175&from=wpm12173&uid=HitachiXHTS725032A9A364_100514PCKN04VLHU6KXJX
HKU\S-1-5-21-3792903588-1615404425-274105849-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1408468575&from=smt&uid=HitachiXHTS725032A9A364_100514PCKN04VLHU6KXJX&q={searchTerms}
HKU\S-1-5-21-3792903588-1615404425-274105849-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1408468575&from=smt&uid=HitachiXHTS725032A9A364_100514PCKN04VLHU6KXJX&q={searchTerms}
SearchScopes: HKLM -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL =
SearchScopes: HKLM-x32 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1423496463&from=zbd1&uid=hitachixhts725032a9a364_100514pckn04vlhu6kxjx&q={searchTerms}
SearchScopes: HKLM-x32 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1423496463&from=zbd1&uid=hitachixhts725032a9a364_100514pckn04vlhu6kxjx&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3792903588-1615404425-274105849-1000 -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://www.delta-homes.com/web/?utm_source=b&utm_medium=wpm03253&utm_campaign=install_ie&utm_content=ds&from=wpm03253&uid=HitachiXHTS725032A9A364_100514PCKN04VLHU6KXJX&ts=1427271673&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3792903588-1615404425-274105849-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.delta-homes.com/web/?utm_source=b&utm_medium=wpm03253&utm_campaign=install_ie&utm_content=ds&from=wpm03253&uid=HitachiXHTS725032A9A364_100514PCKN04VLHU6KXJX&ts=1427271673&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3792903588-1615404425-274105849-1000 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://www.delta-homes.com/web/?utm_source=b&utm_medium=wpm03253&utm_campaign=install_ie&utm_content=ds&from=wpm03253&uid=HitachiXHTS725032A9A364_100514PCKN04VLHU6KXJX&ts=1427271673&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3792903588-1615404425-274105849-1000 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.delta-homes.com/web/?utm_source=b&utm_medium=wpm03253&utm_campaign=install_ie&utm_content=ds&from=wpm03253&uid=HitachiXHTS725032A9A364_100514PCKN04VLHU6KXJX&ts=1427271673&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3792903588-1615404425-274105849-1000 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = hxxp://www.delta-homes.com/web/?utm_source=b&utm_medium=wpm03253&utm_campaign=install_ie&utm_content=ds&from=wpm03253&uid=HitachiXHTS725032A9A364_100514PCKN04VLHU6KXJX&ts=1427271673&type=default&q={searchTerms}
BHO-x32: GoodTab Class -> {1F91A9A1-01BA-4c81-863D-3BA0751E1419} -> C:\Program Files (x86)\MiuiTab\SupTab.dll => Pas de fichier
BHO-x32: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files (x86)\XTab\SupTab.dll => Pas de fichier
BHO-x32: Pas de nom -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> Pas de fichier
oolbar: HKLM - Pas de nom - {ae07101b-46d4-4a98-af68-0333ea26e113} - Pas de fichier
Toolbar: HKLM-x32 - Pas de nom - {ae07101b-46d4-4a98-af68-0333ea26e113} - Pas de fichier
FF DefaultSearchEngine: delta-homes
FF SearchEngineOrder.1: V9
FF SelectedSearchEngine: delta-homes
FF user.js: detected! => C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\p36zv8eg.default\user.js [2015-09-19]
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\p36zv8eg.default\searchplugins\delta-homes.xml [2015-12-15]
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\p36zv8eg.default\searchplugins\trovi-search.xml [2014-12-13]
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\p36zv8eg.default\searchplugins\V9.xml [2015-02-21]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\delta-homes.xml [2014-12-17]
FF Extension: cacaoweb - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\p36zv8eg.default\extensions\cacaoweb@cacaoweb.org [2014-09-27] [non signé]
FF Extension: Search Enginer - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\p36zv8eg.default\extensions\sweetsearch@gmail.com [2015-04-22] [non signé]
FF Extension: Default NewTab - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\p36zv8eg.default\extensions\default_newtabff@gmail.com [2015-07-25] [non signé]
FF Extension: Default SearchProtected - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\p36zv8eg.default\extensions\defsearchp@gmail.com.xpi [2015-12-14] [non signé]
FF Extension: YahooToolsProtected - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\p36zv8eg.default\extensions\yahooprotected@gmail.com.xpi [2015-12-14] [non signé]
FF Extension: Security Protection - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\p36zv8eg.default\Extensions\detgdp@gmail.com [2014-12-17] [non signé]
FF HKLM-x32\...\Firefox\Extensions: [offerboxffx@offerbox.com] - C:\Program Files (x86)\OfferBox\offerboxffx@offerbox.com => non trouvé(e)
FF HKLM-x32\...\Firefox\Extensions: [webbooster@iminent.com] - C:\Program Files (x86)\Iminent\webbooster@iminent.com => non trouvé(e)
FF HKLM-x32\...\Firefox\Extensions: [detgdp@gmail.com] - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\p36zv8eg.default\extensions\detgdp@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [quick_searchff@gmail.com] - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\p36zv8eg.default\extensions\quick_searchff@gmail.com => non trouvé(e)
FF HKLM-x32\...\Firefox\Extensions: [sweetsearch@gmail.com] - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\p36zv8eg.default\extensions\sweetsearch@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [defsearchp@gmail.com] - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\p36zv8eg.default\extensions\defsearchp@gmail.com => non trouvé(e)
FF HKU\S-1-5-21-3792903588-1615404425-274105849-1000\...\Firefox\Extensions: [{0F827075-B026-42F3-885D-98981EE7B1AE}] - C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension => non trouvé(e)
CHR HKLM-x32\...\Chrome\Extension: [bjeikeheijdjdfjbmknpefojickbkmom] - C:\Program Files (x86)\OfferBox\OfferBoxChromeExtension.crx <non trouvé(e)>
CHR HKLM-x32\...\Chrome\Extension: [pgafcinpmmpklohkojmllohdhomoefph] - C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.crx <non trouvé(e)>
R2 STORS_Service; C:\STORS\STORS Service\Stors_Service.exe [20480 2007-04-04] () [Fichier non signé]
S2 iSafeService; C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [X]
R1 {00c97d86-accb-4288-9972-6d929c1fe93a}Gw64; C:\Windows\System32\drivers\{00c97d86-accb-4288-9972-6d929c1fe93a}Gw64.sys [61008 2014-08-19] (StdLib)
R1 {00c97d86-accb-4288-9972-6d929c1fe93a}w64; C:\Windows\System32\drivers\{00c97d86-accb-4288-9972-6d929c1fe93a}w64.sys [48720 2014-09-26] (StdLib)
S3 CpqDfw; system32\drivers\CpqDfw.sys [X]
2015-12-10 23:46 - 2015-12-10 23:47 - 00000000 ____D C:\Users\user\AppData\Local\bvxvyxxvcy
2015-12-15 21:11 - 2015-11-11 09:02 - 00000000 ____D C:\Program Files (x86)\Picexa
2015-12-15 20:57 - 2014-06-26 23:30 - 00000000 ____D C:\Users\user\AppData\Roaming\cacaoweb
2015-12-10 23:46 - 2015-05-26 17:45 - 00000000 ____D C:\Program Files (x86)\SearchProtect
2011-05-25 16:51 - 2011-05-25 19:14 - 0000392 ____N () C:\ProgramData\49995512
2011-05-25 16:52 - 2011-05-25 19:11 - 0000144 ____N () C:\ProgramData\~49995512
2011-05-25 16:52 - 2011-05-25 19:11 - 0000168 ____N () C:\ProgramData\~49995512r
C:\Program Files (x86)\OfferBox
C:\Program Files (x86)\XTab
C:\Program Files (x86)\MiuiTab
c:\progra~3\browse~1
C:\Program Files (x86)\Elex-tech
C:\ProgramData\BrowserProtect
C:\STORS\STORS Service
C:\Windows\System32\drivers\{00c97d86-accb-4288-9972-6d929c1fe93a}Gw64.sys
C:\Windows\System32\drivers\{00c97d86-accb-4288-9972-6d929c1fe93a}w64.sys
Task: {0929F13F-A76A-487A-9149-CE24F4CCC29D} - System32\Tasks\BrowserProtect => Sc.exe start BrowserProtect
Task: {F93A0787-2E2F-42DA-AD88-4B77FA5BAB00} - System32\Tasks\bvxvyxxvcy => C:\Users\user\AppData\Local\bvxvyxxvcy\bvxvyxxvcy.exe [2015-12-02] ()
EmptyTemp:
end