Posté le 13 novembre 2020
Télécharger | Reposter | Largeur fixe

start::
closeprocesses:
createrestorepoint:
HKU\S-1-5-21-847398224-3266564336-1598762257-1001\...\Run: [cacaoweb] => C:\Users\droopy\AppData\Roaming\cacaoweb\cacaoweb.exe [567192 2020-10-27] (CACAOWEB Ltd -> )
HKU\S-1-5-21-847398224-3266564336-1598762257-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [8160856 2020-10-27] (LAVASOFT SOFTWARE CANADA INC -> Lavasoft)
FF NewTab: Mozilla\Firefox\Profiles\59qx6eqf.default -> hxxps://securesearch.org/homepage?hp=2&pId=LU150701WEBDIRECT&iDate=2020-10-27 02:35:26&bName=
FF Homepage: Mozilla\Firefox\Profiles\hh00q9yx.default-release -> hxxps://securesearch.org/homepage?hp=2&pId=LU150701WEBDIRECT&iDate=2020-10-27 02:35:26&bName=
FF NewTab: Mozilla\Firefox\Profiles\hh00q9yx.default-release -> hxxps://securesearch.org/homepage?hp=2&pId=LU150701WEBDIRECT&iDate=2020-10-27 02:35:26&bName=
FF Extension: (cacaoweb) - C:\Users\droopy\AppData\Roaming\Mozilla\Firefox\Profiles\hh00q9yx.default-release\Extensions\cacaoweb@cacaoweb.org [2020-11-07] [] [non signé]
R2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [29272 2020-10-27] (LAVASOFT SOFTWARE CANADA INC -> )
2020-10-27 15:35 - 2020-10-27 15:35 - 000000000 ____D C:\Users\droopy\AppData\Roaming\Lavasoft
2020-10-27 15:35 - 2020-10-27 15:35 - 000000000 ____D C:\Users\droopy\AppData\Local\Lavasoft
2020-10-27 15:35 - 2020-10-27 15:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2020-10-27 15:34 - 2020-10-27 15:34 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2020-10-27 15:33 - 2020-10-27 15:33 - 000512624 _____ (Lavasoft) C:\Users\droopy\Downloads\WcInstaller.exe
2020-10-27 15:33 - 2020-10-27 15:33 - 000000000 ____D C:\ProgramData\Lavasoft
2020-10-27 15:30 - 2020-11-07 10:49 - 000567192 _____ C:\Users\droopy\Desktop\cacaoweb.exe
2020-10-27 15:30 - 2020-10-27 15:30 - 000567192 _____ C:\Users\droopy\Downloads\cacaoweb.exe
2020-10-27 15:30 - 2020-10-27 15:30 - 000000000 ____D C:\Users\droopy\AppData\Roaming\cacaoweb
HKU\S-1-5-21-847398224-3266564336-1598762257-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://securesearch.org/homepage?hp=2&pId=LU150701WEBDIRECT&iDate=2020-10-27 02:35:26&bName=
SearchScopes: HKU\S-1-5-21-847398224-3266564336-1598762257-1001 -> {993F5746-4C15-42BC-99C1-064A1764271B} URL = hxxps://securesearch.org?q={searchTerms}
IE trusted site: HKU\S-1-5-21-847398224-3266564336-1598762257-1001\...\webcompanion.com -> hxxp://webcompanion.com
FirewallRules: [TCP Query User{9B3F5E86-5016-4A82-8DCF-EBB8CF60DE2D}C:\users\droopy\appdata\roaming\cacaoweb\cacaoweb.exe] => (Allow) C:\users\droopy\appdata\roaming\cacaoweb\cacaoweb.exe (CACAOWEB Ltd -> )
FirewallRules: [UDP Query User{8CCFF253-6808-4B33-B35C-81F72FC16B55}C:\users\droopy\appdata\roaming\cacaoweb\cacaoweb.exe] => (Allow) C:\users\droopy\appdata\roaming\cacaoweb\cacaoweb.exe (CACAOWEB Ltd -> )
VirusTotal: C:\Users\droopy\AppData\Local\kl.dll;C:\Users\droopy\AppData\Roaming\Microsoft\Windows\dllcache\icacls.exe
emptytemp:
end::

x
Éditer le texte

Merci d'entrer le mot de passe que vous avez indiqué à la création du texte.

x
Télécharger le texte

Merci de choisir le format du fichier à télécharger.