Posté le 29 mars 2018
Télécharger | Reposter | Largeur fixe

Start::
CreateRestorePoint:
CloseProcesses:
HKU\S-1-5-21-4140999802-2520298060-3115381736-1000\...\Run: [Ahworks] => regsvr32.exe "C:\Users\Daddy Cool\AppData\Local\Ahworks\smpcomex.dll"
HKU\S-1-5-21-4140999802-2520298060-3115381736-1000\...\Run: [ASworks] => C:\Windows\SysWOW64\regsvr32.exe "C:\Users\Daddy Cool\AppData\Local\Abgworks\wnicprt54.dll"
Startup: C:\Users\Daddy Cool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_ReCoVeRy_+hwntk.html [2016-03-07] ()
Startup: C:\Users\Daddy Cool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_ReCoVeRy_+hwntk.png [2016-03-07] ()
Startup: C:\Users\Daddy Cool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_ReCoVeRy_+hwntk.txt [2016-03-07] ()
Toolbar: HKU\S-1-5-21-4140999802-2520298060-3115381736-1000 -> Pas de nom - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Pas de fichier
CHR HomePage: Default -> hxxp://home.sweetim.com/?crg=3.1010000.10011&barid={12B1CE80-1C4E-11E2-8500-64315038364E}
2016-03-07 01:51 - 2016-03-07 01:51 - 000011495 _____ () C:\Users\Daddy Cool\AppData\Roaming\_ReCoVeRy_+hwntk.html
2016-03-07 01:51 - 2016-03-07 01:51 - 000066376 _____ () C:\Users\Daddy Cool\AppData\Roaming\_ReCoVeRy_+hwntk.png
2016-03-07 01:51 - 2016-03-07 01:51 - 000002006 _____ () C:\Users\Daddy Cool\AppData\Roaming\_ReCoVeRy_+hwntk.txt
2016-03-07 01:50 - 2016-03-07 01:50 - 000011495 _____ () C:\Users\Daddy Cool\AppData\Roaming\Microsoft\_ReCoVeRy_+hwntk.html
2016-03-07 01:50 - 2016-03-07 01:50 - 000066376 _____ () C:\Users\Daddy Cool\AppData\Roaming\Microsoft\_ReCoVeRy_+hwntk.png
2016-03-07 01:50 - 2016-03-07 01:50 - 000002006 _____ () C:\Users\Daddy Cool\AppData\Roaming\Microsoft\_ReCoVeRy_+hwntk.txt
2016-03-07 01:32 - 2016-03-07 01:48 - 000066376 _____ () C:\Users\Daddy Cool\AppData\Local\_ReCoVeRy_+hwntk.png
C:\Users\Daddy Cool\AppData\Local\Ahworks
C:\Users\Daddy Cool\AppData\Local\Abgworks
C:\Program Files (x86)\Iminent
C:\users\daddy cool\appdata\roaming\cacaoweb
FirewallRules: [{5B2A41D5-1D83-4024-A502-B41A07CBAEFB}] => (Allow) C:\Program Files (x86)\Iminent\Iminent.exe
FirewallRules: [{DC696691-19D0-4A07-BB7E-2832F66C3D91}] => (Allow) C:\Program Files (x86)\Iminent\Iminent.Messengers.exe
FirewallRules: [TCP Query User{1A51D275-3B0B-4EC0-8467-419BDB0A90EA}C:\users\daddy cool\appdata\roaming\cacaoweb\cacaoweb.exe] => (Block) C:\users\daddy cool\appdata\roaming\cacaoweb\cacaoweb.exe
FirewallRules: [UDP Query User{CA46C535-D6E2-451E-9996-8E7D9C540AD2}C:\users\daddy cool\appdata\roaming\cacaoweb\cacaoweb.exe] => (Block) C:\users\daddy cool\appdata\roaming\cacaoweb\cacaoweb.exe
FirewallRules: [TCP Query User{404498D4-AF22-4470-BA5D-52FEFAFC509A}C:\users\daddy cool\appdata\roaming\cacaoweb\cacaoweb.exe] => (Block) C:\users\daddy cool\appdata\roaming\cacaoweb\cacaoweb.exe
FirewallRules: [UDP Query User{C30C4CDD-B9E4-43FE-8FD6-6B82FC2195E9}C:\users\daddy cool\appdata\roaming\cacaoweb\cacaoweb.exe] => (Block) C:\users\daddy cool\appdata\roaming\cacaoweb\cacaoweb.exe
EmptyTemp:
End::

x
Éditer le texte

Merci d'entrer le mot de passe que vous avez indiqué à la création du texte.

x
Télécharger le texte

Merci de choisir le format du fichier à télécharger.