cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

# AdwCleaner v4.202 - Logfile created 24/04/2015 at 22:58:37
# Updated 23/04/2015 by Xplode
# Database : 2015-04-23.2 [Server]
# Operating system : Windows 7 Ultimate Service Pack 1 (x86)
# Username : The chimiste - THECHIMISTE-PC
# Running from : C:\Users\The chimiste\Downloads\adwcleaner_4.202.exe
# Option : Scan

***** [ Services ] *****

Service Found : Update Swift Record
Service Found : Util Swift Record
Service Found : {2c5699ec-85f1-4ae8-892b-4feb9efc1813}w
Service Found : {575b3a04-506c-436e-a31c-1cf303fdf32b}w
Service Found : {682d77bf-fc9c-450a-91b2-3a6982f155c6}Gw
Service Found : {86495074-1e01-4c57-b1c7-869ad9007a9b}w
Service Found : {89f3a763-5b09-4417-a205-f6585a7468e0}w
Service Found : {d2987c5a-d6d8-46af-82d2-c3c2c88502d8}w
Service Found : {e06e3b1e-92f9-4f0c-a89e-8ca35d3784d2}w
Service Found : {e3fe5aa7-55a6-4cfa-886c-96596de8e563}Gw
Service Found : {ebea2f01-162e-499b-ad18-028f0259de6f}w

***** [ Files / Folders ] *****

File Found : C:\Users\The chimiste\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.istartsurf.com_0.localstorage
File Found : C:\Users\The chimiste\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.istartsurf.com_0.localstorage-journal
File Found : C:\Users\The chimiste\AppData\Local\Temp\Uninstall.exe
File Found : C:\Users\The chimiste\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Babylon.lnk
File Found : C:\Users\The chimiste\AppData\Roaming\Mozilla\Firefox\Profiles\pvkao422.default-1429676361100\Extensions\{2c5699ec-85f1-4ae8-892b-4feb9efc1813}.xpi
File Found : C:\Windows\system32\drivers\{2c5699ec-85f1-4ae8-892b-4feb9efc1813}w.sys
File Found : C:\Windows\system32\drivers\{575b3a04-506c-436e-a31c-1cf303fdf32b}w.sys
File Found : C:\Windows\system32\drivers\{682d77bf-fc9c-450a-91b2-3a6982f155c6}Gw.sys
File Found : C:\Windows\system32\drivers\{86495074-1e01-4c57-b1c7-869ad9007a9b}w.sys
File Found : C:\Windows\system32\drivers\{89f3a763-5b09-4417-a205-f6585a7468e0}w.sys
File Found : C:\Windows\system32\drivers\{d2987c5a-d6d8-46af-82d2-c3c2c88502d8}w.sys
File Found : C:\Windows\system32\drivers\{e06e3b1e-92f9-4f0c-a89e-8ca35d3784d2}w.sys
File Found : C:\Windows\system32\drivers\{e3fe5aa7-55a6-4cfa-886c-96596de8e563}Gw.sys
File Found : C:\Windows\system32\drivers\{ebea2f01-162e-499b-ad18-028f0259de6f}w.sys
Folder Found : C:\Program Files\Babylon
Folder Found : C:\Program Files\Swift Record
Folder Found : C:\ProgramData\Babylon
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Babylon
Folder Found : C:\Users\The chimiste\AppData\Local\Babylon
Folder Found : C:\Users\The chimiste\AppData\Local\pay-by-ads
Folder Found : C:\Users\The chimiste\AppData\Roaming\Babylon
Folder Found : C:\Users\The chimiste\AppData\Roaming\istartsurf

***** [ Scheduled tasks ] *****

Task Found : Yahoo! Search
Task Found : Yahoo! Search Updater

***** [ Shortcuts ] *****

Shortcut Infected : C:\Users\The chimiste\Desktop\chrome.lnk
Shortcut Infected : C:\Users\The chimiste\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Infected : C:\Users\The chimiste\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Songive - lightweight YouTube playlist player.lnk
Shortcut Infected : C:\Users\The chimiste\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Shortcut Infected : C:\Users\The chimiste\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Shortcut Infected : C:\Users\The chimiste\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\chrome.lnk

***** [ Registry ] *****

Data Found : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command [(Default)] - "C:\Program Files\Google\Chrome\Application\chrome.exe" hxxp://www.istartsurf.com/?type=sc&ts=1426914398&from=smt&uid=FUJITSUXMHZ2160BHXG1_K65XT8B2SLSPT8B2SLSPX
Data Found : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [(Default)] - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=1426914398&from=smt&uid=FUJITSUXMHZ2160BHXG1_K65XT8B2SLSPT8B2SLSPX
Key Found : HKCU\Software\Babylon
Key Found : HKCU\Software\Classes\keepmysearch
Key Found : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Translate this web page with Babylon
Key Found : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Translate with Babylon
Key Found : HKCU\Software\Microsoft\Office\Powerpoint\Addins\babylonofficeaddin.officeaddin
Key Found : HKCU\Software\Microsoft\Office\Word\Addins\babylonofficeaddin.officeaddin
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0759d61f-3673-416f-85d2-58b847e78ddf}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0759d61f-3673-416f-85d2-58b847e78ddf}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F72841F0-4EF1-4DF5-BCE5-B3AC8ACF5478}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\QQPlayer
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Search
Key Found : HKCU\Software\Swift Record
Key Found : HKCU\Software\Swift Record
Key Found : HKLM\SOFTWARE\Babylon
Key Found : HKLM\SOFTWARE\Classes\.bdc
Key Found : HKLM\SOFTWARE\Classes\.bgl
Key Found : HKLM\SOFTWARE\Classes\.bof
Key Found : HKLM\SOFTWARE\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B16632F1-24E0-4D99-A68D-70BFB6447C48}
Key Found : HKLM\SOFTWARE\Classes\AppID\BabylonIEPI.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\DownloadProxy.EXE
Key Found : HKLM\SOFTWARE\Classes\BabyDict
Key Found : HKLM\SOFTWARE\Classes\BabyGloss
Key Found : HKLM\SOFTWARE\Classes\BabylonIEPI.BabylonIEBho
Key Found : HKLM\SOFTWARE\Classes\BabylonIEPI.BabylonIEBho.1
Key Found : HKLM\SOFTWARE\Classes\BabylonOfficeAddin.OfficeAddin
Key Found : HKLM\SOFTWARE\Classes\BabylonOfficeAddin.OfficeAddin.1
Key Found : HKLM\SOFTWARE\Classes\BabyOptFile
Key Found : HKLM\SOFTWARE\Classes\CLSID\{0759d61f-3673-416f-85d2-58b847e78ddf}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6AC0BB10-C922-45E2-857D-2A368FE749E5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{947217BD-E967-400A-B14A-BA851A8EDCBB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Found : HKLM\SOFTWARE\Classes\Interface\{5F339F0B-716F-408F-A627-DEEB5DEB4020}
Key Found : HKLM\SOFTWARE\Classes\Interface\{928FE5E7-D557-46B7-8AF6-17ACCE1FB4ED}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{06107761-a0fa-4eaa-9fc8-54f55102f354}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A1489C85-4F6F-48C4-AC9E-18B63AF4703E}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{F310F027-15CB-4A7F-B10D-3A4AFB5013A5}
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Key Found : HKLM\SOFTWARE\istartsurfSoftware
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{F72841F0-4EF1-4DF5-BCE5-B3AC8ACF5478}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A1489C85-4F6F-48C4-AC9E-18B63AF4703E}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Babylon.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0759d61f-3673-416f-85d2-58b847e78ddf}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{ac225167-00fc-452d-94c5-bb93600e7d9a}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{ac225167-00fc-452d-94c5-bb93600e7d9a}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Babylon
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\istartsurf uninstall
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Swift Record
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Swift Record
Key Found : HKLM\SOFTWARE\Swift Record
Key Found : HKLM\SOFTWARE\Swift Record
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Update Swift Record
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Util Swift Record
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Babylon Client]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [ocr@babylon.com]

***** [ Web browsers ] *****

-\\ Internet Explorer v8.0.7601.17514

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.istartsurf.com/web/?type=ds&ts=1426914398&from=smt&uid=FUJITSUXMHZ2160BHXG1_K65XT8B2SLSPT8B2SLSPX&q={searchTerms}
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.istartsurf.com/web/?type=ds&ts=1426914398&from=smt&uid=FUJITSUXMHZ2160BHXG1_K65XT8B2SLSPT8B2SLSPX&q={searchTerms}
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.istartsurf.com/?type=hp&ts=1426914398&from=smt&uid=FUJITSUXMHZ2160BHXG1_K65XT8B2SLSPT8B2SLSPX
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.istartsurf.com/web/?type=ds&ts=1426914398&from=smt&uid=FUJITSUXMHZ2160BHXG1_K65XT8B2SLSPT8B2SLSPX&q={searchTerms}
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.istartsurf.com/?type=hp&ts=1426914398&from=smt&uid=FUJITSUXMHZ2160BHXG1_K65XT8B2SLSPT8B2SLSPX
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.istartsurf.com/?type=hp&ts=1426914398&from=smt&uid=FUJITSUXMHZ2160BHXG1_K65XT8B2SLSPT8B2SLSPX
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.istartsurf.com/web/?type=ds&ts=1426914398&from=smt&uid=FUJITSUXMHZ2160BHXG1_K65XT8B2SLSPT8B2SLSPX&q={searchTerms}

-\\ Mozilla Firefox v37.0.2 (x86 ar)


-\\ Google Chrome v

[C:\Users\The chimiste\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Found [Extension] : eofcbnmajmjmplflapaojjnihcjkigck
[C:\Users\The chimiste\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Found [Extension] : kcdeaofcapijfmeopimkgcepdpbdepnb
[C:\Users\The chimiste\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Found [Startup_URLs] : hxxp://isearch.avg.com/?cid={6C8FA8D4-F034-45F1-BA47-1506AE08DFC1}&mid=d94781ab422c47669fca7fc32406809f-8dbd0dc088645749e2b6f5e707949a89ca1cd5b9&lang=en&ds=hk011&pr=&d=2012-10-11 09:56:46&v=13.2.0.4&sap=hp

*************************

AdwCleaner[R0].txt - [12492 bytes] - [24/04/2015 21:29:09]
AdwCleaner[R1].txt - [12412 bytes] - [24/04/2015 22:58:37]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [12472 bytes] ##########

Publicité


Signaler le contenu de ce document

Publicité