cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

start
CreateRestorePoint:
RemoveProxy:

HKLM\...\Run: [Lightshot] => C:\Program Files\Skillbrains\lightshot\Lightshot.exe

HKU\S-1-5-21-2144204855-2056754177-3143132483-1000\...\Run: [LightShot] => C:\Users\COMPAQ\AppData\Local\Skillbrains\lightshot\LightShot.exe Flags: uninsdeletevalue
ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files\Internet Download Manager\IDMShellExt.dll [2015-08-14] (Tonec Inc.)
Startup: C:\Users\COMPAQ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\C-cleaner.lnk [2016-04-26]
ShortcutTarget: C-cleaner.lnk -> C:\Windows\System32\wscript.exe (Microsoft Corporation)
ShortcutTarget: VideoLAN.lnk -> C:\Windows\System32\wscript.exe (Microsoft Corporation)
S3 eapihdrv; \??\C:\Users\COMPAQ\AppData\Local\Temp\ehdrv.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
2016-04-26 13:18 - 2016-03-30 16:03 - 00000000 _RSHD C:\Skypee
2016-04-26 13:06 - 2016-03-30 16:01 - 00000000 _RSHD C:\$RECYCLEBIN
2016-04-26 12:51 - 2016-03-30 16:00 - 00000000 __SHD C:\win
ShortcutWithArgument: C:\Users\COMPAQ\Desktop\Google Chrome.lnk -> C:\Documents and Settings\COMPAQ\Local Settings\Applic~1\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://sweets-pages.com/or/20
ShortcutWithArgument: C:\Users\COMPAQ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Chrome.LNK -> C:\Documents and Settings\COMPAQ\Local Settings\Applic~1\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://sweets-pages.com/or/20
ShortcutWithArgument: C:\Users\COMPAQ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Internet Explorer.LNK -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://sweets-pages.com/or/16
ShortcutWithArgument: C:\Users\COMPAQ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.LNK -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://sweets-pages.com/or/18

CMD: netsh winsock reset all
CMD: ipconfig /flushdns
hosts:
EmptyTemp:
Reboot:
end

Publicité


Signaler le contenu de ce document

Publicité