cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

start
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
BootExecute: autocheck autochk * sdnclean64.exe
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1586855828-3280254180-3485630780-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
2016-01-18 21:34 - 2016-01-18 21:34 - 00000000 ____D C:\Users\NGM\AppData\Roaming\cacaoweb
Task: {BA892292-0264-461C-BDB6-ADBA13A01D18} - System32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "hxxp://www.roboform.com/uninstall.html?aaa=KICMIMNJLJMMLMOMJJOJCNPMMMOMMMCNLMNMNJKMCNOJKJIMLMCNNMKMLJKJJJKJHMMMMMJJLMOMJNJICMIMCNGMCNOMPMFMOMOMCNPMCNGMJMPMPMFMJMCNOMCNIMJMPMOMCNNMJNPICMPMFMFMMMMMJNHICMEKMICNJJCKJNBJCMBLILCLJNKJCMJNNICMJNDJCMJJNIJNMJCMPMFMPMFMPMJNFICMNIJJIIGJPIKJAJKILIBNKJHIKJ"
AlternateDataStreams: C:\Users\NGM\Downloads\cacaoweb.exe:BDU


EmptyTemp:
end

Publicité


Signaler le contenu de ce document

Publicité