Publicité
Publicité
Format du document : text/plain
Prévisualisation
start
CloseProcesses:
Hosts:
CreateRestorePoint:
C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
C:\Users\Mohamed\Desktop\advanced-systemcare-free_9-2-0-1110_fr_403234.exe
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-4271785191-1134607117-2392673886-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-4271785191-1134607117-2392673886-1002 -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL =
CHR HKU\S-1-5-21-4271785191-1134607117-2392673886-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Mohamed\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx
S2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1042304 2016-04-14] (Enigma Software Group USA, LLC.)
S3 CoordinatorServiceHost; "C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe" [X]
R3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [15920 2016-04-14] (Enigma Software Group USA, LLC.)
2016-04-14 18:31 - 2016-04-14 18:31 - 00000000 ____D C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
2016-04-14 18:21 - 2016-04-14 18:07 - 42683680 ____N (IObit ) C:\Users\Mohamed\Desktop\advanced-systemcare-free_9-2-0-1110_fr_403234.exe
2016-04-14 16:27 - 2016-04-14 16:27 - 00003422 _____ C:\WINDOWS\System32\Tasks\SpyHunter4Startup
2016-04-14 16:27 - 2016-04-14 16:27 - 00001134 _____ C:\Users\Mohamed\Desktop\SpyHunter.lnk
2016-04-14 16:27 - 2016-04-14 16:27 - 00000000 ____D C:\Users\Mohamed\AppData\Roaming\Enigma Software Group
2016-04-14 16:26 - 2016-04-14 16:27 - 00000000 ____D C:\sh4ldr
2012-11-27 02:17 - 2012-09-07 12:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2012-11-27 02:17 - 2009-07-22 11:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2012-11-27 02:17 - 2012-09-07 12:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS
C:\ProgramData\hpeB081.dll
Task: {87CDDDAB-FCB8-4B09-B6D7-9DD3D82A0E87} - System32\Tasks\Microsoft\Windows\RVLKL\RVLKL => C:\ProgramData\rvlkl\rvlkl.exe <==== ATTENTION
C:\ProgramData\rvlkl\rvlkl.exe
Task: {AB150D1E-62B4-4FF9-89ED-3DBD96A930A8} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [2016-04-14] (Enigma Software Group USA, LLC.)
AlternateDataStreams: C:\ProgramData\Temp:054203E4 [312]
AlternateDataStreams: C:\ProgramData\Temp:7FAE3E0D [294]
EmptyTemp:
end
CloseProcesses:
Hosts:
CreateRestorePoint:
C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
C:\Users\Mohamed\Desktop\advanced-systemcare-free_9-2-0-1110_fr_403234.exe
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-4271785191-1134607117-2392673886-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-4271785191-1134607117-2392673886-1002 -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL =
CHR HKU\S-1-5-21-4271785191-1134607117-2392673886-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Mohamed\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx
S2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1042304 2016-04-14] (Enigma Software Group USA, LLC.)
S3 CoordinatorServiceHost; "C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe" [X]
R3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [15920 2016-04-14] (Enigma Software Group USA, LLC.)
2016-04-14 18:31 - 2016-04-14 18:31 - 00000000 ____D C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
2016-04-14 18:21 - 2016-04-14 18:07 - 42683680 ____N (IObit ) C:\Users\Mohamed\Desktop\advanced-systemcare-free_9-2-0-1110_fr_403234.exe
2016-04-14 16:27 - 2016-04-14 16:27 - 00003422 _____ C:\WINDOWS\System32\Tasks\SpyHunter4Startup
2016-04-14 16:27 - 2016-04-14 16:27 - 00001134 _____ C:\Users\Mohamed\Desktop\SpyHunter.lnk
2016-04-14 16:27 - 2016-04-14 16:27 - 00000000 ____D C:\Users\Mohamed\AppData\Roaming\Enigma Software Group
2016-04-14 16:26 - 2016-04-14 16:27 - 00000000 ____D C:\sh4ldr
2012-11-27 02:17 - 2012-09-07 12:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2012-11-27 02:17 - 2009-07-22 11:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2012-11-27 02:17 - 2012-09-07 12:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS
C:\ProgramData\hpeB081.dll
Task: {87CDDDAB-FCB8-4B09-B6D7-9DD3D82A0E87} - System32\Tasks\Microsoft\Windows\RVLKL\RVLKL => C:\ProgramData\rvlkl\rvlkl.exe <==== ATTENTION
C:\ProgramData\rvlkl\rvlkl.exe
Task: {AB150D1E-62B4-4FF9-89ED-3DBD96A930A8} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [2016-04-14] (Enigma Software Group USA, LLC.)
AlternateDataStreams: C:\ProgramData\Temp:054203E4 [312]
AlternateDataStreams: C:\ProgramData\Temp:7FAE3E0D [294]
EmptyTemp:
end