cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

RogueKiller V11.0.4.0 [Dec 20 2015] (Gratuit) par Adlice Software
email : http://www.adlice.com/contact/
Remontées : http://forum.adlice.com
Site web : http://www.adlice.com/fr/logiciels/roguekiller/
Blog : http://www.adlice.com

Système d'exploitation : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Démarré en : Mode normal
Utilisateur : shady [Administrateur]
Démarré depuis : C:\Documents and Settings\shady\Mes documents\Downloads\Programs\RogueKiller.exe
Mode : Scan -- Date : 12/24/2015 17:35:22

¤¤¤ Processus : 7 ¤¤¤
[PUP|VT.not-a-virus:AdWare.Win32.ELEX.ed] picexasvc.exe(1408) -- C:\Program Files\Picexa\PicexaSvc.exe[7] -> Tué(e) [TermProc]
[PUP|VT.BrowserModifier:Win32/SupTab] ProtectService.exe(308) -- C:\Program Files\MiuiTab\ProtectService.exe[-] -> Tué(e) [TermProc]
[Suspicious.Path|VT.not-a-virus:AdWare.Win32.ELEX.gk] TSvr.exe(400) -- C:\Documents and Settings\shady\Application Data\TSv\TSvr.exe[7] -> Tué(e) [TermProc]
[PUP|VT.PUP.Optional.ChinAd] SSFK.exe(112) -- C:\Program Files\SFK\SSFK.exe[7] -> Tué(e) [TermProc]
[Suspicious.Path|VT.not-a-virus:AdWare.Win32.WProtManager.cm] WdMan.exe(772) -- C:\Documents and Settings\All Users\Application Data\BWdMB\WdMan.exe[-] -> Tué(e) [TermProc]
[VT.PUP/Win32.Adload] px_update_v2.1.79.exe(2808) -- C:\Documents and Settings\Invité\Application Data\Picexa Viewer\update\px_update_v2.1.79.exe[-] -> Tué(e) [TermThr]
[PUP|VT.PUP.Optional.ChinAd] (SVC) SSFK -- C:\Program Files\SFK\SSFK.exe -s[7] -> Arrêté(e)

¤¤¤ Registre : 27 ¤¤¤
[PUP] HKEY_LOCAL_MACHINE\Software\Picexa -> Trouvé(e)
[PUP] HKEY_LOCAL_MACHINE\Software\supTab -> Trouvé(e)
[PUP] HKEY_LOCAL_MACHINE\Software\V9 -> Trouvé(e)
[PUP] HKEY_LOCAL_MACHINE\Software\WebProtector -> Trouvé(e)
[PUP] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtPending | (default) : {056D528D-CE28-4194-9BA3-BA2E9197FF8C} (C:\Documents and Settings\shady\Local Settings\Application Data\MEGAsync\ShellExtX32.dll) -> Trouvé(e)
[PUP] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSynced | (default) : {05B38830-F4E9-4329-978B-1DD28605D202} (C:\Documents and Settings\shady\Local Settings\Application Data\MEGAsync\ShellExtX32.dll) -> Trouvé(e)
[PUP] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSyncing | (default) : {0596C850-7BDD-4C9D-AFDF-873BE6890637} (C:\Documents and Settings\shady\Local Settings\Application Data\MEGAsync\ShellExtX32.dll) -> Trouvé(e)
[PUP] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F} (C:\Program Files\MiuiTab\SupTab.dll) -> Trouvé(e)
[PUP|VT.BrowserModifier:Win32/SupTab] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\IHProtect Service (C:\Program Files\MiuiTab\ProtectService.exe) -> Trouvé(e)
[Suspicious.Path|VT.not-a-virus:AdWare.Win32.ELEX.gk] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\IhPul (C:\Documents and Settings\shady\Application Data\TSv\TSvr.exe) -> Trouvé(e)
[PUP|VT.not-a-virus:AdWare.Win32.ELEX.ed] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\PicexaService (C:\Program Files\Picexa\PicexaSvc.exe) -> Trouvé(e)
[PUP|VT.PUP.Optional.ChinAd] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SSFK (C:\Program Files\SFK\SSFK.exe -s) -> Trouvé(e)
[Suspicious.Path|VT.not-a-virus:AdWare.Win32.WProtManager.cm] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\WdMan (C:\Documents and Settings\All Users\Application Data\BWdMB\WdMan.exe -svr) -> Trouvé(e)
[PUP|VT.BrowserModifier:Win32/SupTab] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\IHProtect Service (C:\Program Files\MiuiTab\ProtectService.exe) -> Trouvé(e)
[PUP|VT.BrowserModifier:Win32/SupTab] HKEY_LOCAL_MACHINE\System\ControlSet003\Services\IHProtect Service (C:\Program Files\MiuiTab\ProtectService.exe) -> Trouvé(e)
[Suspicious.Path|VT.not-a-virus:AdWare.Win32.ELEX.gk] HKEY_LOCAL_MACHINE\System\ControlSet003\Services\IhPul (C:\Documents and Settings\shady\Application Data\TSv\TSvr.exe) -> Trouvé(e)
[PUP|VT.not-a-virus:AdWare.Win32.ELEX.ed] HKEY_LOCAL_MACHINE\System\ControlSet003\Services\PicexaService (C:\Program Files\Picexa\PicexaSvc.exe) -> Trouvé(e)
[PUP|VT.PUP.Optional.ChinAd] HKEY_LOCAL_MACHINE\System\ControlSet003\Services\SSFK (C:\Program Files\SFK\SSFK.exe -s) -> Trouvé(e)
[Suspicious.Path|VT.not-a-virus:AdWare.Win32.WProtManager.cm] HKEY_LOCAL_MACHINE\System\ControlSet003\Services\WdMan (C:\Documents and Settings\All Users\Application Data\BWdMB\WdMan.exe -svr) -> Trouvé(e)
[PUM.HomePage] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.omniboxes.com/?type=hp&ts=1448436952&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=ient07031&uid=ST380815AS_5RW2J8CA -> Trouvé(e)
[PUM.HomePage] HKEY_USERS\S-1-5-21-842925246-1060284298-1801674531-1003\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.omniboxes.com/?type=hp&ts=1448436952&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=ient07031&uid=ST380815AS_5RW2J8CA -> Trouvé(e)
[PUM.HomePage] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://www.omniboxes.com/?type=hp&ts=1448436952&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=ient07031&uid=ST380815AS_5RW2J8CA -> Trouvé(e)
[PUM.HomePage] HKEY_USERS\S-1-5-21-842925246-1060284298-1801674531-1003\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://www.omniboxes.com/?type=hp&ts=1448436952&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=ient07031&uid=ST380815AS_5RW2J8CA -> Trouvé(e)
[PUM.SearchPage] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.yoursites123.com/web/?type=ds&ts=1449654609&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=ient07021&uid=ST380815AS_5RW2J8CA&q={searchTerms} -> Trouvé(e)
[PUM.SearchPage] HKEY_USERS\S-1-5-21-842925246-1060284298-1801674531-1003\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.yoursites123.com/web/?type=ds&ts=1449654609&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=ient07021&uid=ST380815AS_5RW2J8CA&q={searchTerms} -> Trouvé(e)
[PUM.SearchPage] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Default_Search_URL : http://www.yoursites123.com/web/?type=ds&ts=1449654609&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=ient07021&uid=ST380815AS_5RW2J8CA&q={searchTerms} -> Trouvé(e)
[PUM.SearchPage] HKEY_USERS\S-1-5-21-842925246-1060284298-1801674531-1003\Software\Microsoft\Internet Explorer\Main | Default_Search_URL : http://www.yoursites123.com/web/?type=ds&ts=1449654609&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=ient07021&uid=ST380815AS_5RW2J8CA&q={searchTerms} -> Trouvé(e)

¤¤¤ Tâches : 1 ¤¤¤
[Suspicious.Path] %WINDIR%\Tasks\GoogleUpdateTaskMachineUA.job -- C:\Program Files\Google\Update\GoogleUpdate.exe (/ua /installsource scheduler) -> Trouvé(e)

¤¤¤ Fichiers : 8 ¤¤¤
[Suspicious.Startup|VT.HEUR:Trojan.Win32.Generic][Fichier] C:\Documents and Settings\shady\Menu Démarrer\Programmes\Démarrage\MsOffice_Upadate.exe -> Trouvé(e)
[PUP][Répertoire] C:\Documents and Settings\All Users\Application Data\{2A3D4E5F-5BF1-4668-AF7C-208A47599022} -> Trouvé(e)
[PUP][Répertoire] C:\Program Files\FreeFixer -> Trouvé(e)
[PUP][Répertoire] C:\Program Files\ghokswa Browser -> Trouvé(e)
[PUP][Répertoire] C:\Program Files\MiuiTab -> Trouvé(e)
[PUP][Répertoire] C:\Program Files\Picexa -> Trouvé(e)
[PUP][Répertoire] C:\Program Files\SFK -> Trouvé(e)
[PUP][Répertoire] C:\Program Files\WinZipper -> Trouvé(e)

¤¤¤ Fichier Hosts : 2 ¤¤¤
[C:\WINDOWS\system32\drivers\etc\hosts] 127.0.0.1 localhost
[C:\WINDOWS\system32\drivers\etc\hosts] 127.0.0.1 mpa.one.microsoft.com

¤¤¤ Antirootkit : 0 (Driver: Chargé) ¤¤¤

¤¤¤ Navigateurs web : 0 ¤¤¤

¤¤¤ Vérification MBR : ¤¤¤
+++++ PhysicalDrive0: +++++
--- User ---
[MBR] aff71e8cb688718491e56394b0bacf7e
[BSP] 29f876570690928d60af27748f4cfe45 : Windows XP|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 76308 MB [Windows XP Bootstrap | Windows XP Bootloader]
User = LL1 ... OK
User = LL2 ... OK


Publicité


Signaler le contenu de ce document

Publicité