cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

:OTL
SRV:64bit: - [2015/06/03 12:33:03 | 001,026,432 | ---- | M] (Enigma Software Group USA, LLC.) [Auto | Running] -- C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe -- (SpyHunter 4 Service)
DRV:64bit: - [2015/06/03 12:33:07 | 000,022,704 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\EsgScanner.sys -- (EsgScanner)
FF - prefs.js..browser.search.searchengine.desc: "this is my first firefox searchEngine"
FF - prefs.js..browser.search.searchengine.ptid: "smt"
FF - prefs.js..browser.search.searchengine.uid: "M4-CT128M4SSD2_000000001144031DD42C"
O4 - HKLM..\Run: [] File not found
O4 - HKCU..\Run: [] Reg Error: Value error. File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: TaskbarNoNotification = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: TaskbarNoNotification = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O32 - AutoRun File - [2013/03/05 20:13:19 | 000,000,000 | R--D | M] - C:\Autorun.inf -- [ NTFS ]
MsConfig:64bit - StartUpReg: AdobeBridge - hkey= - key= - File not found
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:3C57BFC0

:Files
C:\Program Files\Enigma Software Group
C:\Users\FRaNKLiN\AppData\Roaming\Enigma Software Group
C:\sh4ldr
C:\Users\FRaNKLiN\Desktop\sh-remover.exe
C:\Windows\tasks\Bidaily Synchronize Task[3c32].job
C:\Users\FRaNKLiN\Desktop\SpyHunter.lnk

:Reg
[-HKEY_LOCAL_MACHINE\software\a24749c7-ba90-1460-950f-f723093bc94f]
[-HKEY_LOCAL_MACHINE\software\{1146AC44-2F03-4431-B4FD-889BC837521F}]
[-HKEY_LOCAL_MACHINE\software\wow6432node\a24749c7-ba90-1460-950f-f723093bc94f]
[-HKEY_LOCAL_MACHINE\software\wow6432node\{1146AC44-2F03-4431-B4FD-889BC837521F}]
[-HKEY_CURRENT_USER\SOFTWARE\Badguys]
[-HKEY_CURRENT_USER\SOFTWARE\Floor]
[-HKEY_CURRENT_USER\Software\Siding]
[-HKEY_CURRENT_USER\software\Optimizer Pro]
[-HKEY_CURRENT_USER\software\Otics]
[-HKEY_CURRENT_USER\software\SCAR]
[-HKEY_CURRENT_USER\software\Sys]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION]
"prevhost.exe"=-
"Fiddler.exe"=-
"Corel PaintShop Pro.exe"=-
"sllauncher.exe"=-
"svchost.exe"=-
"explorer.exe"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"TCP Query User{0A7FE394-416B-4C7A-8FD1-3CE1D47EB99B}C:\users\franklin\msprx.exe"=-
"TCP Query User{0D4A95B8-0817-45EB-8B0A-3768E95D1AC5}C:\users\franklin\msprx.exe"=-
"UDP Query User{3F2EA8A1-9FD8-479C-B2E9-5C3262E38B45}C:\users\franklin\msprx.exe"=-
"UDP Query User{F5860C2C-9DC8-4FE3-B0B0-68AFA2994904}C:\users\franklin\msprx.exe"=-

:Commands
[emptytemp]

Publicité


Signaler le contenu de ce document

Publicité