cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

start
CloseProcesses:
CreateRestorePoint:
RemoveProxy:

HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-2791196081-3455553443-96247009-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2791196081-3455553443-96247009-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yahoo.com/?ilc=8
SearchScopes: HKU\S-1-5-21-2791196081-3455553443-96247009-1001 -> DefaultScope {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = hxxp://search.yahoo.com/search?p={searchTerms}&fr=mkg028
SearchScopes: HKU\S-1-5-21-2791196081-3455553443-96247009-1001 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = hxxp://search.yahoo.com/search?p={searchTerms}&fr=mkg028
CHR HomePage: Default -> hxxp://eg.hao222.com/
CHR StartupUrls: Default -> "hxxp://eg.hao222.com/"
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2945312 2016-01-14] (IObit)
2016-04-28 02:40 - 2016-04-28 02:40 - 00001427 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk
2016-04-28 01:11 - 2016-04-28 01:48 - 00000000 ____D C:\Users\uthmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster
2016-04-28 01:11 - 2016-04-28 01:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster
2016-04-28 01:11 - 2016-04-28 01:11 - 00014501 _____ C:\ProgramData\Duplicaterecord.js
2016-04-28 01:11 - 2016-04-28 01:11 - 00000000 ____D C:\ProgramData\Baidu
2016-04-27 22:29 - 2016-04-27 22:29 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2016-04-27 19:44 - 2016-04-27 19:44 - 00000000 _SHDL C:\Users\uthmin\My Documents
2016-04-27 19:44 - 2016-04-27 19:44 - 00000000 _SHDL C:\Users\uthmin\Documents\My Videos
2016-04-27 19:44 - 2016-04-27 19:44 - 00000000 _SHDL C:\Users\uthmin\Documents\My Pictures
2016-04-27 19:44 - 2016-04-27 19:44 - 00000000 _SHDL C:\Users\uthmin\Documents\My Music
Task: {1721B862-666C-4F34-ADA2-0F4D97A29970} - System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 => Cscript.exe "C:\ProgramData\Duplicaterecord.js" <==== ATTENTION
Task: {5DBD4505-4D34-4F34-881C-B64685AFE22E} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {9F25FD7B-D8A4-47CA-AFEA-4A6D47DBB9B0} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {AC4DE593-1CC8-415A-B8A8-C321520EB5AA} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {B020AAEC-8DAC-4EAC-8D60-0C6BDA049D49} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {D4A94B4D-EC9D-4232-9130-94D99DD64BBE} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_uthmin.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
EmptyTemp:
CMD: netsh winsock reset all
CMD: ipconfig /flushdns
hosts:
reboot:
end

Publicité


Signaler le contenu de ce document

Publicité