cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

start
CloseProcesses:
Hosts:
CreateRestorePoint:
(Symantec Corporation) C:\Users\Public\Downloads\Norton\{NIS2250215-SHPD-FSD51083}\FSDUI_Custom.exe
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-581744776-2104340524-879650286-1001\...\Run: [Norton Download Manager{NIS2250215-SHPD-FSD51083}] => C:\Users\sand\AppData\Local\Temp\{CDA6B99E-6688-4CB5-9AF6-192AF95B5999}\Upgrade.exe [2059272 2015-07-27] (Symantec Corporation) <===== ATTENTION
AppInit_DLLs: C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC64LO~1.DLL => Pas de fichier
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll => Pas de fichier
BootExecute: autocheck autochk * sdnclean64.exe
Winsock: Catalog9-x64 01 C:\WINDOWS\system32\acengine64.dll [318720 2015-10-07] (Abengine)
Winsock: Catalog9-x64 02 C:\WINDOWS\system32\acengine64.dll [318720 2015-10-07] (Abengine)
Winsock: Catalog9-x64 03 C:\WINDOWS\system32\acengine64.dll [318720 2015-10-07] (Abengine)
Winsock: Catalog9-x64 04 C:\WINDOWS\system32\acengine64.dll [318720 2015-10-07] (Abengine)
Winsock: Catalog9-x64 16 C:\WINDOWS\system32\acengine64.dll [318720 2015-10-07] (Abengine)
SearchScopes: HKU\S-1-5-21-581744776-2104340524-879650286-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKU\S-1-5-21-581744776-2104340524-879650286-1001 -> {63ACF9B9-4300-4A95-B8EA-A7450AC5B444} URL =
S2 hiiBpekFuX; "C:\ProgramData\tjMrhTGjgZ\hiiBpekFuX.exe" [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
2015-10-07 22:47 - 2015-10-07 22:47 - 00894960 _____ C:\Users\sand\Downloads\Norton_Removal_Tool (2).exe
2015-10-07 21:17 - 2015-10-07 21:18 - 00894960 _____ C:\Users\sand\Downloads\Norton_Removal_Tool (1).exe
2015-10-07 17:29 - 2015-10-07 22:37 - 00000000 ____D C:\Users\sand\AppData\Local\WebBar
2015-10-07 17:29 - 2015-10-07 22:02 - 00000000 ____D C:\Program Files\WebBar
2015-10-07 17:29 - 2015-10-07 22:01 - 00000000 ____D C:\Users\sand\AppData\Local\bvxvexvbg
C:\Users\sand\AppData\Local\bvxvexvbg
C:\Users\sand\AppData\Local\WebBar
C:\Users\sand\AppData\Local\WebBar
2015-10-07 17:28 - 2015-10-07 17:28 - 00002427 _____ C:\Users\Public\Desktop\MyBrowser.lnk
2015-10-07 17:28 - 2015-10-07 17:28 - 00000000 ____D C:\Users\sand\AppData\Local\MyBrowser
2015-10-07 17:28 - 2015-10-07 17:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyBrowser
2015-10-07 17:28 - 2015-10-07 17:28 - 00000000 ____D C:\Program Files (x86)\MyBrowser
2015-10-07 17:20 - 2015-10-07 21:22 - 00012064 _____ C:\WINDOWS\SysWOW64\acengineOff.ini
2015-10-07 17:20 - 2015-09-03 05:17 - 00318720 _____ (Abengine) C:\WINDOWS\system32\acengine64.dll
2015-10-07 17:20 - 2015-09-03 05:17 - 00269832 _____ (Abengine) C:\WINDOWS\SysWOW64\acengine.dll
2015-10-06 21:59 - 2015-10-06 21:59 - 00000000 ____D C:\Users\Default\AppData\Local\Pokki
2015-10-06 21:59 - 2015-10-06 21:59 - 00000000 ____D C:\Users\Default User\AppData\Local\Pokki
2015-10-06 21:49 - 2015-10-06 21:49 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2015-10-08 14:02 - 2013-11-08 10:57 - 00000000 ____D C:\ProgramData\Norton
C:\Users\sand\AppData\Local\Temp\{CDA6B99E-6688-4CB5-9AF6-192AF95B5999}\Upgrade.exe
FirewallRules: [{995D643A-DAF8-4B5E-A768-CCBEF2A22722}] => (Allow) C:\Program Files (x86)\MyBrowser\MyBrowser\Application\mybrowser.exe
C:\Program Files (x86)\MyBrowser\MyBrowser\Application\mybrowser.exe
cmd: netsh winsock reset

EmptyTemp:
end

Publicité


Signaler le contenu de ce document

Publicité