cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

start
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3145036126-457181674-1837085233-1000\...\MountPoints2: {6eb6aaef-495e-11de-8b68-806e6f6e6963} - E:\Autorun.exe
HKU\S-1-5-21-3145036126-457181674-1837085233-1000\...\MountPoints2: {db1640c0-be5a-11e4-a09e-00248cf9898b} - F:\Startme.exe
SearchScopes: HKLM -> {657C0CF1-FD11-416D-8CB2-369BDF8E4B4D} URL = hxxp://fr.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913932
SearchScopes: HKLM -> {A27AC05D-887E-4C54-98BF-519807417112} URL = hxxp://fr.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
SearchScopes: HKLM-x32 -> {657C0CF1-FD11-416D-8CB2-369BDF8E4B4D} URL = hxxp://fr.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913932
SearchScopes: HKLM-x32 -> {A27AC05D-887E-4C54-98BF-519807417112} URL = hxxp://fr.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
SearchScopes: HKU\S-1-5-21-3145036126-457181674-1837085233-1000 -> {2B7B7EFC-C234-4532-822B-A8D74D7EF7EB} URL =
SearchScopes: HKU\S-1-5-21-3145036126-457181674-1837085233-1000 -> {657C0CF1-FD11-416D-8CB2-369BDF8E4B4D} URL =
SearchScopes: HKU\S-1-5-21-3145036126-457181674-1837085233-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-3145036126-457181674-1837085233-1000 -> {A27AC05D-887E-4C54-98BF-519807417112} URL =
BHO: Pas de nom -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> Pas de fichier
Toolbar: HKU\S-1-5-21-3145036126-457181674-1837085233-1000 -> Pas de nom - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Pas de fichier
CHR HKLM-x32\...\Chrome\Extension: [ehedbflalfjlmepakecekpbhnonnmpdf] - C:\ProgramData\Download and Sa\ehedbflalfjlmepakecekpbhnonnmpdf.crx
S3 catchme; \??\C:\Users\nathalie\AppData\Local\Temp\catchme.sys [X]
S3 cpuz132; \??\C:\Users\nathalie\AppData\Local\Temp\cpuz132\cpuz132_x64.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 PCDSRVC{F36B3A4C-F95654BD-06000000}_0; \??\c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms [X]
2013-02-10 11:42 - 2013-02-10 11:42 - 0004934 _____ () C:\ProgramData\mtbjfghn.xbe
AlternateDataStreams: C:\ProgramData\Temp:CB0AACC9


EmptyTemp:
end

Publicité


Signaler le contenu de ce document

Publicité