cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

# AdwCleaner v5.201 - Logfile created 04/08/2016 at 17:54:00
# Updated 30/06/2016 by ToolsLib
# Database : 2016-08-04.1 [Server]
# Operating system : Windows 10 Pro (X64)
# Username : mezoo - MEZO
# Running from : C:\Users\mezoo\Desktop\adwcleaner_5.201.exe
# Option : Scan
# Support : https://toolslib.net/forum

***** [ Services ] *****

Service Found : qufumerozbt

***** [ Folders ] *****

Folder Found : C:\ProgramData\LuckyBrowse
Folder Found : C:\ProgramData\Application Data\LuckyBrowse
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\LuckyBrowse
Folder Found : C:\Program Files (x86)\LuckyBrowse
Folder Found : C:\Program Files (x86)\E0B9724C-1470161772-1220-1029-134344000000
Folder Found : C:\Users\mezoo\AppData\Roaming\SpringFiles
Folder Found : C:\Users\mezoo\AppData\Roaming\Profiles\yzzfdyu4.default
Folder Found : C:\Users\mezoo\AppData\Local\Geckofx

***** [ Files ] *****


***** [ DLL ] *****


***** [ WMI ] *****


***** [ Shortcuts ] *****

Shortcut Infected : C:\Users\Public\Desktop\Google Chrome.lnk ( "hxxp://safesurfs.net/?ssid=1470161657&a=1003679&src=sh&uuid=9198d7b7-4eb5-47b3-9a3b-0973283c265a" )
Shortcut Infected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk ( "hxxp://safesurfs.net/?ssid=1470161657&a=1003679&src=sh&uuid=9198d7b7-4eb5-47b3-9a3b-0973283c265a" )
Shortcut Infected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk ( "hxxp://safesurfs.net/?ssid=1470161657&a=1003679&src=sh&uuid=9198d7b7-4eb5-47b3-9a3b-0973283c265a" )
Shortcut Infected : C:\Users\mezoo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome (2).lnk ( "hxxp://safesurfs.net/?ssid=1470161657&a=1003679&src=sh&uuid=9198d7b7-4eb5-47b3-9a3b-0973283c265a" )
Shortcut Infected : C:\Users\mezoo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome (3).lnk ( "hxxp://safesurfs.net/?ssid=1470161657&a=1003679&src=sh&uuid=9198d7b7-4eb5-47b3-9a3b-0973283c265a" )
Shortcut Infected : C:\Users\mezoo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome (4).lnk ( "hxxp://safesurfs.net/?ssid=1470161657&a=1003679&src=sh&uuid=9198d7b7-4eb5-47b3-9a3b-0973283c265a" )
Shortcut Infected : C:\Users\mezoo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome (5).lnk ( "hxxp://safesurfs.net/?ssid=1470161657&a=1003679&src=sh&uuid=9198d7b7-4eb5-47b3-9a3b-0973283c265a" )
Shortcut Infected : C:\Users\mezoo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome (6).lnk ( "hxxp://safesurfs.net/?ssid=1470161657&a=1003679&src=sh&uuid=9198d7b7-4eb5-47b3-9a3b-0973283c265a" )
Shortcut Infected : C:\Users\mezoo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk ( "hxxp://safesurfs.net/?ssid=1470161657&a=1003679&src=sh&uuid=9198d7b7-4eb5-47b3-9a3b-0973283c265a" )
Shortcut Infected : C:\Users\mezoo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Chrome App Launcher.lnk ( "hxxp://safesurfs.net/?ssid=1470161657&a=1003679&src=sh&uuid=9198d7b7-4eb5-47b3-9a3b-0973283c265a" )
Shortcut Infected : C:\Users\mezoo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk ( "hxxp://safesurfs.net/?ssid=1470161657&a=1003679&src=sh&uuid=9198d7b7-4eb5-47b3-9a3b-0973283c265a" )
Shortcut Infected : C:\Users\mezoo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk ( "hxxp://safesurfs.net/?ssid=1470161657&a=1003679&src=sh&uuid=9198d7b7-4eb5-47b3-9a3b-0973283c265a" )
Shortcut Infected : C:\Users\mezoo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk ( "hxxp://safesurfs.net/?ssid=1470161657&a=1003679&src=sh&uuid=9198d7b7-4eb5-47b3-9a3b-0973283c265a" )
Shortcut Infected : C:\Users\mezoo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk ( "hxxp://safesurfs.net/?ssid=1470161657&a=1003679&src=sh&uuid=9198d7b7-4eb5-47b3-9a3b-0973283c265a" )
Shortcut Infected : C:\Users\mezoo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\360c22b137d62ce9\Google Chrome.lnk ( "hxxp://safesurfs.net/?ssid=1470161657&a=1003679&src=sh&uuid=9198d7b7-4eb5-47b3-9a3b-0973283c265a" )

***** [ Scheduled tasks ] *****

Task Found : LuckyBrowse

***** [ Registry ] *****

Key Found : HKCU\SOFTWARE\Mozilla\Firefox\{EB52F1AB-3C2B-424F-9794-833C687025CF}
Key Found : HKLM\SOFTWARE\Mozilla\Firefox\{EB52F1AB-3C2B-424F-9794-833C687025CF}
Key Found : HKLM\SOFTWARE\Classes\f
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A43DE495-3D00-47D4-9D2C-303115707939}
Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\SrpnFiles
Key Found : HKLM\SOFTWARE\LuckyBrowse
Key Found : HKLM\SOFTWARE\SrpnFiles
Key Found : HKLM\SOFTWARE\{E6276374-DE18-4AA5-A365-9016A2F98A2D}
Key Found : HKLM\SOFTWARE\trotuxSoftware
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ASPackage
Key Found : HKU\S-1-5-21-2355463451-85381230-1253174285-1002\Software\APN PIP
Key Found : HKU\S-1-5-21-2355463451-85381230-1253174285-1002\Software\SrpnFiles
Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{A4C5FB0E-7B5A-4BD6-8DFB-B03CE238064F}]
Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{8A0734A6-C194-433F-92BA-2292F9E6D0D3}]
Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{16124D94-15FE-446C-86D8-2AC7D714C992}]
Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{71AAB455-7381-4890-8BC4-32B046953508}]
Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{01D7B046-3016-4C40-9AFB-5A031F3AE7EB}]
Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{8233B1E5-18BA-4118-9D25-3C657CFDF82A}]

***** [ Web browsers ] *****

[C:\Users\mezoo\AppData\Roaming\Mozilla\Firefox\Profiles\nj11tx8v.default\prefs.js] Found : user_pref("browser.newtab.url", "hxxp://www.trotux.com/?z=d14de9fbb82844fae09bfbeg8zemfe1gaqfgfq1tfg&from=epf1&uid=ST31000524AS_5VPBTY3NXXXX5VPBTY3N&type=hp");
[C:\Users\mezoo\AppData\Roaming\Mozilla\Firefox\Profiles\nj11tx8v.default\prefs.js] Found : user_pref("browser.search.defaultenginename", "trotux");
[C:\Users\mezoo\AppData\Roaming\Mozilla\Firefox\Profiles\nj11tx8v.default\prefs.js] Found : user_pref("browser.search.selectedEngine", "trotux");
[C:\Users\mezoo\AppData\Roaming\Mozilla\Firefox\Profiles\nj11tx8v.default\prefs.js] Found : user_pref("browser.startup.homepage", "hxxp://www.trotux.com/?z=d14de9fbb82844fae09bfbeg8zemfe1gaqfgfq1tfg&from=epf1&uid=ST31000524AS_5VPBTY3NXXXX5VPBTY3N&type=hp");
[C:\Users\mezoo\AppData\Roaming\Profiles\0oln6mk6.default\prefs.js] Found : user_pref("browser.newtab.url", "hxxp://www.trotux.com/?z=d14de9fbb82844fae09bfbeg8zemfe1gaqfgfq1tfg&from=epf1&uid=ST31000524AS_5VPBTY3NXXXX5VPBTY3N&type=hp");
[C:\Users\mezoo\AppData\Roaming\Profiles\0oln6mk6.default\prefs.js] Found : user_pref("browser.search.defaultenginename", "trotux");
[C:\Users\mezoo\AppData\Roaming\Profiles\0oln6mk6.default\prefs.js] Found : user_pref("browser.search.searchengine.hp", "hxxp://www.trotux.com/?z=d14de9fbb82844fae09bfbeg8zemfe1gaqfgfq1tfg&from=epf1&uid=ST31000524AS_5VPBTY3NXXXX5VPBTY3N&type=hp");
[C:\Users\mezoo\AppData\Roaming\Profiles\0oln6mk6.default\prefs.js] Found : user_pref("browser.search.searchengine.sp", "hxxp://www.trotux.com/search/?from=epf1&q={searchTerms}&type=sp&uid=ST31000524AS_5VPBTY3NXXXX5VPBTY3N&z=d14de9fbb82844fae09bfbeg8zemfe1gaqfgfq1tfg");
[C:\Users\mezoo\AppData\Roaming\Profiles\0oln6mk6.default\prefs.js] Found : user_pref("browser.search.searchengine.uid", "ST31000524AS_5VPBTY3NXXXX5VPBTY3N");
[C:\Users\mezoo\AppData\Roaming\Profiles\0oln6mk6.default\prefs.js] Found : user_pref("browser.search.searchengine.url", "hxxp://www.trotux.com/search/?from=epf1&q={searchTerms}&type=sp&uid=ST31000524AS_5VPBTY3NXXXX5VPBTY3N&z=d14de9fbb82844fae09bfbeg8zemfe1gaqfgfq1tfg");
[C:\Users\mezoo\AppData\Roaming\Profiles\0oln6mk6.default\prefs.js] Found : user_pref("browser.search.selectedEngine", "trotux");
[C:\Users\mezoo\AppData\Roaming\Profiles\0oln6mk6.default\prefs.js] Found : user_pref("browser.startup.homepage", "hxxp://www.trotux.com/?z=d14de9fbb82844fae09bfbeg8zemfe1gaqfgfq1tfg&from=epf1&uid=ST31000524AS_5VPBTY3NXXXX5VPBTY3N&type=hp");

*************************

C:\AdwCleaner\AdwCleaner[S1].txt - [8669 bytes] - [04/08/2016 17:54:00]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [8742 bytes] ##########

Publicité


Signaler le contenu de ce document

Publicité