cjoint

Publicité


Publicité

Format du document : text/x-log

Prévisualisation

RogueKiller V10.6.3.0 [May 11 2015] par Adlice Software
Mail : http://www.adlice.com/contact/
Remontées : http://forum.adlice.com
Site Web : http://www.adlice.com/fr/logiciels/roguekiller/
Blog : http://www.adlice.com

Système d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Démarrage : Mode sans echec
Utilisateur : adeline [Droits d'admin]
Démarré depuis : F:\RogueKiller_old.exe
Mode : Suppression -- Date : 05/20/2015 09:20:34

¤¤¤ Processus malicieux : 1 ¤¤¤
[PUP] bobrowser.exe(1792) -- C:\Users\adeline\AppData\Local\BoBrowser\Application\bobrowser.exe[-]VT(-2) -> TUÉ [TermProc]

¤¤¤ Entrées de registre : 95 ¤¤¤
[Orphan] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad | WebCheck : {E6FB5E20-DE35-11CF-9C87-00AA005127ED} -> SUPPRIMÉ
[Orphan] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad | WebCheck : {E6FB5E20-DE35-11CF-9C87-00AA005127ED} -> SUPPRIMÉ
[PUP] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A} (C:\Program Files (x86)\Iminent\Minibar.InternetExplorer.BHOx64.dll) -> SUPPRIMÉ
[Orphan] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000F18F2-09EB-4A59-82B2-5AE4184C39C3} -> SUPPRIMÉ
[Orphan] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00cbb66b-1d3b-46d3-9577-323a336acb50} -> SUPPRIMÉ
[Orphan] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1017A80C-6F09-4548-A84D-EDD6AC9525F0} -> SUPPRIMÉ
[Orphan] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311301136} -> SUPPRIMÉ
[Orphan] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311531136} -> SUPPRIMÉ
[Orphan] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> SUPPRIMÉ
[Orphan] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B} -> SUPPRIMÉ
[Orphan] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3475D2C4-BBD1-4255-A70D-4125A4D30956} -> SUPPRIMÉ
[Orphan] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> SUPPRIMÉ
[Orphan] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D6A9BBF-402C-4301-B1EF-28D04F71D761} -> SUPPRIMÉ
[Orphan] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} -> SUPPRIMÉ
[Orphan] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> SUPPRIMÉ
[Orphan] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{963B125B-8B21-49A2-A3A8-E37092276531} -> SUPPRIMÉ
[PUP] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A} (C:\Program Files (x86)\Iminent\Minibar.InternetExplorer.BHOx64.dll) -> SUPPRIMÉ
[Orphan] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} -> SUPPRIMÉ
[Orphan] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} -> SUPPRIMÉ
[Orphan] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D2C5E510-BE6D-42CC-9F61-E4F939078474} -> SUPPRIMÉ
[Orphan] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} -> SUPPRIMÉ
[Orphan] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} -> SUPPRIMÉ
[Orphan] (X86) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar | {1017A80C-6F09-4548-A84D-EDD6AC9525F0} : -> SUPPRIMÉ
[Orphan] (X86) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar | {9E131A93-EED7-4BEB-B015-A0ADB30B5646} : Claro LTD Toolbar -> SUPPRIMÉ
[Orphan] (X86) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar | {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} : Funmoods Toolbar -> SUPPRIMÉ
[Orphan] (X86) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar | {CA9B9C89-4662-4ADC-9C23-A452BECD5D19} : MixiDJ Toolbar -> SUPPRIMÉ
[Orphan] (X86) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar | {98889811-442D-49dd-99D7-DC866BE87DBC} : Babylon Toolbar -> SUPPRIMÉ
[Orphan] (X64) HKEY_USERS\S-1-5-21-2966359266-327608566-4080403288-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser | {21FA44EF-376D-4D53-9B0F-8A89D3229068} : -> SUPPRIMÉ
[Orphan] (X64) HKEY_USERS\S-1-5-21-2966359266-327608566-4080403288-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser | {1017A80C-6F09-4548-A84D-EDD6AC9525F0} : -> SUPPRIMÉ
[Orphan] (X64) HKEY_USERS\S-1-5-21-2966359266-327608566-4080403288-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser | {D4027C7F-154A-4066-A1AD-4243D8127440} : -> SUPPRIMÉ
[Orphan] (X86) HKEY_USERS\S-1-5-21-2966359266-327608566-4080403288-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser | {21FA44EF-376D-4D53-9B0F-8A89D3229068} : -> ERROR [2]
[Orphan] (X86) HKEY_USERS\S-1-5-21-2966359266-327608566-4080403288-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser | {1017A80C-6F09-4548-A84D-EDD6AC9525F0} : -> ERROR [2]
[Orphan] (X86) HKEY_USERS\S-1-5-21-2966359266-327608566-4080403288-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser | {D4027C7F-154A-4066-A1AD-4243D8127440} : -> ERROR [2]
[Orphan] (X86) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{92780B25-18CC-41C8-B9BE-3C9C571A8263} | CLSID : -> ERROR [2]
[PUP] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | soft2PC : "C:\Program Files (x86)\Soft2PC\soft2pc.exe" [-] -> SUPPRIMÉ
[PUP] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | Iminent : C:\Program Files (x86)\Iminent\Iminent.exe /warmup "F77F87E5-A6BD-4922-A530-EDF63D7E9F8C" [7][x][x] -> SUPPRIMÉ
[PUP] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | IminentMessenger : C:\Program Files (x86)\Iminent\Iminent.Messengers.exe [7] -> SUPPRIMÉ
[Suspicious.Path] (X64) HKEY_USERS\S-1-5-21-2966359266-327608566-4080403288-1000\Software\Microsoft\Windows\CurrentVersion\Run | Hoolapp Android : "C:\Users\adeline\AppData\Roaming\HOOLAP~1\Hoolapp.exe" /Minimized [7][x] -> SUPPRIMÉ
[PUP] (X64) HKEY_USERS\S-1-5-21-2966359266-327608566-4080403288-1000\Software\Microsoft\Windows\CurrentVersion\Run | Desk 365 : "C:\Program Files (x86)\Desk 365\desk365.exe" /autorun [7][x] -> SUPPRIMÉ
[Suspicious.Path] (X64) HKEY_USERS\S-1-5-21-2966359266-327608566-4080403288-1000\Software\Microsoft\Windows\CurrentVersion\Run | Gameo : C:\Users\adeline\AppData\Roaming\Gameo\gameo.exe "C:\Users\adeline\AppData\Roaming\Gameo\gameo.dat" mode:minimized [-][-][x] -> SUPPRIMÉ
[Suspicious.Path] (X64) HKEY_USERS\S-1-5-21-2966359266-327608566-4080403288-1000\Software\Microsoft\Windows\CurrentVersion\Run | GoogleChromeAutoLaunch_58C83E32F0F2FCD2A5B3D113851A2E96 : "C:\Users\adeline\AppData\Local\Vosteran\Application\vosteran.exe" --auto-launch-at-startup --profile-directory="Default" [-][x][x] -> SUPPRIMÉ
[PUP] (X64) HKEY_USERS\S-1-5-21-2966359266-327608566-4080403288-1000\Software\Microsoft\Windows\CurrentVersion\Run | Bubble Dock : "C:\Users\adeline\AppData\Roaming\Nosibay\Bubble Dock\LBubble Dock.exe" /winstartup [7][x] -> SUPPRIMÉ
[PUP] (X64) HKEY_USERS\S-1-5-21-2966359266-327608566-4080403288-1000\Software\Microsoft\Windows\CurrentVersion\Run | BoBrowser : "C:\Users\adeline\AppData\Local\BoBrowser\Application\bobrowser.exe" --no-proxy-server [-][x] -> SUPPRIMÉ
[Suspicious.Path] (X86) HKEY_USERS\S-1-5-21-2966359266-327608566-4080403288-1000\Software\Microsoft\Windows\CurrentVersion\Run | Hoolapp Android : "C:\Users\adeline\AppData\Roaming\HOOLAP~1\Hoolapp.exe" /Minimized [7][x] -> ERROR [2]
[PUP] (X86) HKEY_USERS\S-1-5-21-2966359266-327608566-4080403288-1000\Software\Microsoft\Windows\CurrentVersion\Run | Desk 365 : "C:\Program Files (x86)\Desk 365\desk365.exe" /autorun [7][x] -> ERROR [2]
[Suspicious.Path] (X86) HKEY_USERS\S-1-5-21-2966359266-327608566-4080403288-1000\Software\Microsoft\Windows\CurrentVersion\Run | Gameo : C:\Users\adeline\AppData\Roaming\Gameo\gameo.exe "C:\Users\adeline\AppData\Roaming\Gameo\gameo.dat" mode:minimized [-][-][x] -> ERROR [2]
[Suspicious.Path] (X86) HKEY_USERS\S-1-5-21-2966359266-327608566-4080403288-1000\Software\Microsoft\Windows\CurrentVersion\Run | GoogleChromeAutoLaunch_58C83E32F0F2FCD2A5B3D113851A2E96 : "C:\Users\adeline\AppData\Local\Vosteran\Application\vosteran.exe" --auto-launch-at-startup --profile-directory="Default" [-][x][x] -> ERROR [2]
[PUP] (X86) HKEY_USERS\S-1-5-21-2966359266-327608566-4080403288-1000\Software\Microsoft\Windows\CurrentVersion\Run | Bubble Dock : "C:\Users\adeline\AppData\Roaming\Nosibay\Bubble Dock\LBubble Dock.exe" /winstartup [7][x] -> ERROR [2]
[PUP] (X86) HKEY_USERS\S-1-5-21-2966359266-327608566-4080403288-1000\Software\Microsoft\Windows\CurrentVersion\Run | BoBrowser : "C:\Users\adeline\AppData\Local\BoBrowser\Application\bobrowser.exe" --no-proxy-server [-][x] -> ERROR [2]
[Suspicious.Path] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce | upt4pc_fr_5.exe : C:\Users\adeline\AppData\Local\tuto4pc_fr_5\upt4pc_fr_5.exe -runonce [-][x] -> SUPPRIMÉ
[PUP] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\BackupStack (C:\Program Files (x86)\MyPC Backup\BackupStack.exe) -> SUPPRIMÉ
[PUP] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\CltMngSvc (C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe) -> SUPPRIMÉ
[PUP] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\desksvc (C:\Program Files (x86)\Desk 365\deskSvc.exe) -> SUPPRIMÉ
[PUP] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\IBUpdaterService (%SystemRoot%\system32\dmwu.exe) -> SUPPRIMÉ
[PUP] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\IHProtect Service (C:\Program Files (x86)\XTab\ProtectService.exe) -> SUPPRIMÉ
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\supt4pc_fr_37 (C:\Users\adeline\AppData\Local\tuto4pc_fr_37\supt4pc_fr_37.exe) -> SUPPRIMÉ
[PUP] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\WajamUpdater ("C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe") -> SUPPRIMÉ
[PUP|Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\WindowsMangerProtect (C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe -service) -> SUPPRIMÉ
[PUP] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\BackupStack (C:\Program Files (x86)\MyPC Backup\BackupStack.exe) -> SUPPRIMÉ
[PUP] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\CltMngSvc (C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe) -> SUPPRIMÉ
[PUP] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\desksvc (C:\Program Files (x86)\Desk 365\deskSvc.exe) -> SUPPRIMÉ
[PUP] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\IBUpdaterService (%SystemRoot%\system32\dmwu.exe) -> SUPPRIMÉ
[PUP] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\IHProtect Service (C:\Program Files (x86)\XTab\ProtectService.exe) -> SUPPRIMÉ
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\supt4pc_fr_37 (C:\Users\adeline\AppData\Local\tuto4pc_fr_37\supt4pc_fr_37.exe) -> SUPPRIMÉ
[PUP] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WajamUpdater ("C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe") -> SUPPRIMÉ
[PUP|Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WindowsMangerProtect (C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe -service) -> SUPPRIMÉ
[PUP] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\BackupStack (C:\Program Files (x86)\MyPC Backup\BackupStack.exe) -> SUPPRIMÉ
[PUP] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\CltMngSvc (C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe) -> SUPPRIMÉ
[PUP] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\desksvc (C:\Program Files (x86)\Desk 365\deskSvc.exe) -> SUPPRIMÉ
[PUP] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\IBUpdaterService (%SystemRoot%\system32\dmwu.exe) -> SUPPRIMÉ
[PUP] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\IHProtect Service (C:\Program Files (x86)\XTab\ProtectService.exe) -> SUPPRIMÉ
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\supt4pc_fr_37 (C:\Users\adeline\AppData\Local\tuto4pc_fr_37\supt4pc_fr_37.exe) -> SUPPRIMÉ
[PUP] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\WajamUpdater ("C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe") -> SUPPRIMÉ
[PUP|Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\WindowsMangerProtect (C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe -service) -> SUPPRIMÉ
[PUM.HomePage] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.luckysearches.com/?type=hppp&ts=1429870268&from=tt4u&uid=395049983_1052498_2CF1AAFE -> REMPLACÉ (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.luckysearches.com/?type=hppp&ts=1429870268&from=tt4u&uid=395049983_1052498_2CF1AAFE -> REMPLACÉ (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-2966359266-327608566-4080403288-1000\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.luckysearches.com/?type=hppp&ts=1429870268&from=tt4u&uid=395049983_1052498_2CF1AAFE -> REMPLACÉ (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-2966359266-327608566-4080403288-1000\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.luckysearches.com/?type=hppp&ts=1429870268&from=tt4u&uid=395049983_1052498_2CF1AAFE -> REMPLACÉ (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://www.luckysearches.com/?type=hppp&ts=1429870268&from=tt4u&uid=395049983_1052498_2CF1AAFE -> REMPLACÉ (http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome)
[PUM.HomePage] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://www.luckysearches.com/?type=hppp&ts=1429870268&from=tt4u&uid=395049983_1052498_2CF1AAFE -> REMPLACÉ (http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome)
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-2966359266-327608566-4080403288-1000\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://www.luckysearches.com/?type=hppp&ts=1429870268&from=tt4u&uid=395049983_1052498_2CF1AAFE -> REMPLACÉ (http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-2966359266-327608566-4080403288-1000\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://www.luckysearches.com/?type=hppp&ts=1429870268&from=tt4u&uid=395049983_1052498_2CF1AAFE -> REMPLACÉ (http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome)
[PUM.SearchPage] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.luckysearches.com/web/?type=ds&ts=1429870237&from=tt4u&uid=395049983_1052498_2CF1AAFE&q={searchTerms} -> REMPLACÉ (http://go.microsoft.com/fwlink/?LinkId=54896)
[PUM.SearchPage] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.luckysearches.com/web/?type=ds&ts=1429870237&from=tt4u&uid=395049983_1052498_2CF1AAFE&q={searchTerms} -> REMPLACÉ (http://go.microsoft.com/fwlink/?LinkId=54896)
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-2966359266-327608566-4080403288-1000\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.luckysearches.com/web/?type=dspp&ts=1429870268&from=tt4u&uid=395049983_1052498_2CF1AAFE&q={searchTerms} -> REMPLACÉ (http://go.microsoft.com/fwlink/?LinkId=54896)
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-2966359266-327608566-4080403288-1000\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.luckysearches.com/web/?type=dspp&ts=1429870268&from=tt4u&uid=395049983_1052498_2CF1AAFE&q={searchTerms} -> REMPLACÉ (http://go.microsoft.com/fwlink/?LinkId=54896)
[PUM.SearchPage] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Default_Search_URL : http://www.luckysearches.com/web/?type=ds&ts=1429870237&from=tt4u&uid=395049983_1052498_2CF1AAFE&q={searchTerms} -> REMPLACÉ (http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch)
[PUM.SearchPage] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Default_Search_URL : http://www.luckysearches.com/web/?type=ds&ts=1429870237&from=tt4u&uid=395049983_1052498_2CF1AAFE&q={searchTerms} -> REMPLACÉ (http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch)
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-2966359266-327608566-4080403288-1000\Software\Microsoft\Internet Explorer\Main | Default_Search_URL : http://www.luckysearches.com/web/?type=dspp&ts=1429870268&from=tt4u&uid=395049983_1052498_2CF1AAFE&q={searchTerms} -> REMPLACÉ (http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch)
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-2966359266-327608566-4080403288-1000\Software\Microsoft\Internet Explorer\Main | Default_Search_URL : http://www.luckysearches.com/web/?type=dspp&ts=1429870268&from=tt4u&uid=395049983_1052498_2CF1AAFE&q={searchTerms} -> REMPLACÉ (http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch)
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> REMPLACÉ (0)
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> REMPLACÉ (0)
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> REMPLACÉ (0)
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> REMPLACÉ (0)
[PUP] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows | AppInit_DLLs : C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll [7] -> REMPLACÉ ()

¤¤¤ Tâches planifiées : 0 ¤¤¤

¤¤¤ Fichiers : 1 ¤¤¤
[Suspicious.Path][Fichier] tbhcn.lnk -- C:\Users\adeline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tbhcn.lnk [LNK@] C:\Users\adeline\AppData\Roaming\GINYAS~1\tbhcn.exe /active=24 /update=24 /interval=10 /IEhome=1 /IEsearch=1 /FFhome=1 /FFsearch=1 /CHhome=1 /CHsearch=1 /pubId=ginyas_377 /affId=g377_FR_Camp008 /version=1 -> SUPPRIMÉ

¤¤¤ Fichier HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: NON CHARGE [0xc000035f]) ¤¤¤

¤¤¤ Navigateurs web : 0 ¤¤¤

¤¤¤ MBR Verif : ¤¤¤
+++++ PhysicalDrive0: ST375052 8AS SCSI Disk Device +++++
--- User ---
[MBR] 5db69ff8201f1b65e906607fe46e6404
[BSP] 9091f62d941b7d89220e5b8bf9692c39 : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 14000 MB
1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 28674048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 28878848 | Size: 350651 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
3 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 747012096 | Size: 350651 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
Error reading LL2 MBR! ([1] Fonction incorrecte. )

+++++ PhysicalDrive1: Generic- Compact Flash USB Device +++++
Error reading User MBR! ([15] Le périphérique n?est pas prêt. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive2: Multiple Flash Reader USB Device +++++
Error reading User MBR! ([15] Le périphérique n?est pas prêt. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive3: Lexar USB Flash Drive USB Device +++++
--- User ---
[MBR] 5cdb116ed251b7de24a9a608249fd840
[BSP] 4b8b702b557e3455c4e0f1b634afd5c4 : Unknown MBR Code
Partition table:
0 - [XXXXXX] FAT32 (0xb) [VISIBLE] Offset (sectors): 2192 | Size: 7646 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )


============================================
RKreport_SCN_05202015_091648.log

Publicité


Signaler le contenu de ce document

Publicité