Publicité
Publicité
Format du document : text/plain
Prévisualisation
# AdwCleaner v6.044 - Rapport créé le 07/03/2017 à 18:45:31
# Mis à jour le 28/02/2017 par Malwarebytes
# Base de données : 2017-03-07.1 [Serveur]
# Système d'exploitation : Windows 10 Home (X64)
# Nom d'utilisateur : HARDCORE - HARDCORE-PC
# Exécuté depuis : C:\Users\HARDCORE\Desktop\adwcleaner_6.044.exe
# Mode: Scan
# Support : https://www.malwarebytes.com/support
***** [ Services ] *****
Service trouvé: FirefoxU
Service trouvé: WinSAPSvc
Service trouvé: ed2kidle
Service trouvé: WinSnare
Service trouvé: Apps_Cfg
Service trouvé: Kyubey
***** [ Dossiers ] *****
Dossier trouvé: C:\Program Files (x86)\WinSnare(4.2.5)
Dossier trouvé: C:\Users\HARDCORE\AppData\Roaming\WinSAPSvc
Dossier trouvé: C:\Users\HARDCORE\AppData\Roaming\winsapsvc
Dossier trouvé: C:\Users\HARDCORE\AppData\Roaming\aMule
Dossier trouvé: C:\Users\HARDCORE\AppData\Roaming\WinSnare
Dossier trouvé: C:\Users\HARDCORE\AppData\Roaming\Kyubey
Dossier trouvé: C:\Users\HARDCORE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\amuleC
Dossier trouvé: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BikaQ
Dossier trouvé: C:\Program Files (x86)\Qernient
Dossier trouvé: C:\Program Files (x86)\BikaQRss
Dossier trouvé: C:\Program Files (x86)\Firefox
Dossier trouvé: C:\Users\HARDCORE\AppData\Roaming\WinSnare
***** [ Fichiers ] *****
Fichier trouvé: C:\Users\Public\Documents\temp.dat
Fichier trouvé: C:\Users\Public\Documents\report.dat
Fichier trouvé: C:\Users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_apdhdnojdbhafnfogidcjgknlgjaackh_0.localstorage
Fichier trouvé: C:\Users\stoec\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_apdhdnojdbhafnfogidcjgknlgjaackh_0.localstorage
***** [ DLL ] *****
Aucune DLL patchée trouvée.
***** [ WMI ] *****
Aucune clé malveillante trouvée.
***** [ Raccourcis ] *****
Raccourci infecté: C:\Users\Public\Desktop\Google Chrome.lnk ( hxxp://www.startpageing123.com/?type=sc&ts=1488817320&z=cc08a6a25a626934285701eg5zeb3bdb1g0m8c1o9z&from=che0812&uid=WDCXWD6400BPVT-80HXZT1_WD-WXP1E21XLH70XL
Raccourci infecté: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk ( hxxp://www.startpageing123.com/?type=sc&ts=1488817320&z=cc08a6a25a626934285701eg5zeb3bdb1g0m8c1o9z&from=che0812&uid=WDCXWD6400B
Raccourci infecté: C:\Users\HARDCORE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk ( hxxp://www.startpageing123.com/?type=sc&ts=1488817320&z=cc08a6a25a626934285701eg5zeb3bdb1g0m8c1o9z&from=
Raccourci infecté: C:\Users\HARDCORE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk ( hxxp://www.startpageing123.com/?type=sc&ts=1488817320&z=cc08a6a25a626934285701eg5zeb3bdb1g0m
Raccourci infecté: C:\Users\HARDCORE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk ( hxxp://www.startpageing123.com/?type=sc&ts=1488817320&z=cc08a6a25a626934285701eg5zeb3bdb1g0m8c1o9z&from=c
Raccourci infecté: C:\Users\HARDCORE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk ( hxxp://www.startpageing123.com/?type=sc&ts=1488817320&z=cc08a6a25a626934285701eg5zeb3b
Raccourci infecté: C:\Users\HARDCORE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk ( hxxp://www.startpageing123.com/?type=sc&ts=1488817320&z=cc08a6a25a626934285701eg5zeb3
***** [ Tâches planifiées ] *****
Tâche trouvée: BoxSoftwareUpdate
Tâche trouvée: LaunchApp
Tâche trouvée: BikaQ_FetchAndUpgrade_CanBeDel
***** [ Registre ] *****
Clé trouvée: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\WinSnare
Clé trouvée: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\WinSnare
Clé trouvée: HKU\S-1-5-21-393267221-3395938937-2926540975-1000\Software\WinSnare
Clé trouvée: HKCU\Software\WinSnare
Clé trouvée: HKLM\SOFTWARE\ScreenShot
Clé trouvée: HKLM\SOFTWARE\startpageing123Software
Clé trouvée: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{78A2D999-4673-4FCC-818E-57B0AF8F3B70}
Clé trouvée: [x64] HKCU\Software\WinSnare
Clé trouvée: [x64] HKLM\SOFTWARE\InterSect Alliance
Clé trouvée: HKLM\SOFTWARE\Classes\Installer\Features\999D2A873764CCF418E8750BFAF8B307
Clé trouvée: HKLM\SOFTWARE\Classes\Installer\Products\999D2A873764CCF418E8750BFAF8B307
Clé trouvée: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-393267221-3395938937-2926540975-1000\Products\E4DFFE2B890D5484D965ED57EB3B9531
Clé trouvée: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\999D2A873764CCF418E8750BFAF8B307
Clé trouvée: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\999D2A873764CCF418E8750BFAF8B307
Clé trouvée: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\999D2A873764CCF418E8750BFAF8B307
Clé trouvée: [x64] HKLM\SOFTWARE\Classes\Installer\Features\999D2A873764CCF418E8750BFAF8B307
Clé trouvée: [x64] HKLM\SOFTWARE\Classes\Installer\Products\999D2A873764CCF418E8750BFAF8B307
Donnée trouvée: HKU\S-1-5-21-393267221-3395938937-2926540975-1000\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.startpageing123.com/?type=hp&ts=1488817320&z=cc08a6a25a626934285701eg5zeb3bdb1g0m8
Donnée trouvée: HKU\S-1-5-21-393267221-3395938937-2926540975-1000\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.startpageing123.com/?type=hp&ts=1488817320&z=cc08a6a25a626934285701eg5zeb3bd
Donnée trouvée: HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.startpageing123.com/?type=hp&ts=1488817320&z=cc08a6a25a626934285701eg5zeb3bdb1g0m8c1o9z&from=che0812&uid=WDCXWD6400BPVT-80HXZT1
Donnée trouvée: HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.startpageing123.com/?type=hp&ts=1488817320&z=cc08a6a25a626934285701eg5zeb3bdb1g0m8c1o9z&from=che0812&uid=WDCXWD6400BPVT-8
Donnée trouvée: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.startpageing123.com/?type=hp&ts=1488817320&z=cc08a6a25a626934285701eg5zeb3bdb1g0m8c1o9z&from=che0812&uid=WDCXWD6400BPVT-8
Donnée trouvée: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.startpageing123.com/search/?type=ds&ts=1488817320&z=cc08a6a25a626934285701eg5zeb3bdb1g0m8c1o9z&from=che0812&uid=WDCXWD6
Donnée trouvée: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.startpageing123.com/search/?type=ds&ts=1488817320&z=cc08a6a25a626934285701eg5zeb3bdb1g0m8c1o9z&from=che0812&uid=WDCXWD6400BPVT
Donnée trouvée: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.startpageing123.com/?type=hp&ts=1488817320&z=cc08a6a25a626934285701eg5zeb3bdb1g0m8c1o9z&from=che0812&uid=WDCXWD6400BPVT-80HXZT1
Donnée trouvée: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.startpageing123.com/?type=hp&ts=1488817320&z=cc08a6a25a626934285701eg5zeb3bdb1g0m8c1o9z&from=che0812&uid=WDCXWD6400BPVT-80HXZ
Donnée trouvée: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.startpageing123.com/?type=hp&ts=1488817320&z=cc08a6a25a626934285701eg5zeb3bdb1g0m8c1o9z&from=che0812&uid=WDCXWD6400BPVT
Donnée trouvée: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.startpageing123.com/?type=hp&ts=1488817320&z=cc08a6a25a626934285701eg5zeb3bdb1g0m8c1o9z&from=che0812&uid=WDCXWD6400BPVT-80HXZ
Donnée trouvée: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.startpageing123.com/search/?type=ds&ts=1488817320&z=cc08a6a25a626934285701eg5zeb3bdb1g0m8c1o9z&from=che0812&uid=WDCXWD6400BP
Donnée trouvée: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.startpageing123.com/?type=hp&ts=1488817320&z=cc08a6a25a626934285701eg5zeb3bdb1g0m8c1o9z&from=che0812&uid=WDCXWD6400BPVT
Donnée trouvée: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.startpageing123.com/search/?type=ds&ts=1488817320&z=cc08a6a25a626934285701eg5zeb3bdb1g0m8c1o9z&from=che0812&uid=WDCXW
Clé trouvée: HKU\S-1-5-21-393267221-3395938937-2926540975-1000\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Donnée trouvée: HKU\S-1-5-21-393267221-3395938937-2926540975-1000\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] -
Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Donnée trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] -
Clé trouvée: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Donnée trouvée: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] -
Clé trouvée: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Donnée trouvée: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] -
Clé trouvée: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Donnée trouvée: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] -
Donnée trouvée: HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [] - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.startpageing123.com/?type=sc&ts=1488817320&z=cc08a6a25a626934285
Donnée trouvée: HKLM\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command [] - "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" hxxp://www.startpageing123.com/?type=sc&ts=1488817320&z=cc08
Donnée trouvée: [x64] HKLM\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command [] - "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" hxxp://www.startpageing123.com/?type=sc&ts=1488817320&z=cc
Valeur trouvée: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost [WinSAPSvc]
Clé trouvée: HKCU\SOFTWARE\Classes\ChromeHTML
***** [ Navigateurs web ] *****
Aucune préférence Firefox malveillante trouvée.
Chromium préf trouvée: [C:\Users\HARDCORE\AppData\Local\Google\Chrome\User Data\Default\Web data] - searchinterneat-a.akamaihd.net
Chromium préf trouvée: [C:\Users\HARDCORE\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - hxxp://www.startpageing123.com/?type=hp&ts=1488817320&z=cc08a6a25a626934285701eg5zeb3bdb1g0m8c1o9z&from=che0812&ui
Chromium préf trouvée: [C:\Users\HARDCORE\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - hxxp://www.startpageing123.com/searchfavicon.ico
Chromium préf trouvée: [C:\Users\HARDCORE\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - hxxp://www.startpageing123.com/?type=hp&ts=1488817320&z=cc08a6a25a626934285701eg5zeb3bdb1g0m8c1o9z&from=che0812&u
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [38085 octets] - [24/02/2017 10:55:02]
C:\AdwCleaner\AdwCleaner[C2].txt - [9924 octets] - [24/02/2017 18:05:11]
C:\AdwCleaner\AdwCleaner[R0].txt - [23649 octets] - [19/03/2014 18:36:30]
C:\AdwCleaner\AdwCleaner[R1].txt - [1571 octets] - [23/03/2014 12:26:06]
C:\AdwCleaner\AdwCleaner[R2].txt - [1351 octets] - [07/04/2014 14:03:46]
C:\AdwCleaner\AdwCleaner[S0].txt - [20689 octets] - [19/03/2014 18:37:18]
C:\AdwCleaner\AdwCleaner[S1].txt - [1287 octets] - [07/04/2014 14:04:26]
C:\AdwCleaner\AdwCleaner[S2].txt - [40033 octets] - [24/02/2017 10:47:39]
C:\AdwCleaner\AdwCleaner[S3].txt - [35262 octets] - [24/02/2017 10:52:16]
C:\AdwCleaner\AdwCleaner[S4].txt - [9333 octets] - [24/02/2017 18:02:47]
C:\AdwCleaner\AdwCleaner[S5].txt - [11938 octets] - [07/03/2017 18:45:31]
########## EOF - C:\AdwCleaner\AdwCleaner[S5].txt - [12013 octets] ##########
# Mis à jour le 28/02/2017 par Malwarebytes
# Base de données : 2017-03-07.1 [Serveur]
# Système d'exploitation : Windows 10 Home (X64)
# Nom d'utilisateur : HARDCORE - HARDCORE-PC
# Exécuté depuis : C:\Users\HARDCORE\Desktop\adwcleaner_6.044.exe
# Mode: Scan
# Support : https://www.malwarebytes.com/support
***** [ Services ] *****
Service trouvé: FirefoxU
Service trouvé: WinSAPSvc
Service trouvé: ed2kidle
Service trouvé: WinSnare
Service trouvé: Apps_Cfg
Service trouvé: Kyubey
***** [ Dossiers ] *****
Dossier trouvé: C:\Program Files (x86)\WinSnare(4.2.5)
Dossier trouvé: C:\Users\HARDCORE\AppData\Roaming\WinSAPSvc
Dossier trouvé: C:\Users\HARDCORE\AppData\Roaming\winsapsvc
Dossier trouvé: C:\Users\HARDCORE\AppData\Roaming\aMule
Dossier trouvé: C:\Users\HARDCORE\AppData\Roaming\WinSnare
Dossier trouvé: C:\Users\HARDCORE\AppData\Roaming\Kyubey
Dossier trouvé: C:\Users\HARDCORE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\amuleC
Dossier trouvé: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BikaQ
Dossier trouvé: C:\Program Files (x86)\Qernient
Dossier trouvé: C:\Program Files (x86)\BikaQRss
Dossier trouvé: C:\Program Files (x86)\Firefox
Dossier trouvé: C:\Users\HARDCORE\AppData\Roaming\WinSnare
***** [ Fichiers ] *****
Fichier trouvé: C:\Users\Public\Documents\temp.dat
Fichier trouvé: C:\Users\Public\Documents\report.dat
Fichier trouvé: C:\Users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_apdhdnojdbhafnfogidcjgknlgjaackh_0.localstorage
Fichier trouvé: C:\Users\stoec\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_apdhdnojdbhafnfogidcjgknlgjaackh_0.localstorage
***** [ DLL ] *****
Aucune DLL patchée trouvée.
***** [ WMI ] *****
Aucune clé malveillante trouvée.
***** [ Raccourcis ] *****
Raccourci infecté: C:\Users\Public\Desktop\Google Chrome.lnk ( hxxp://www.startpageing123.com/?type=sc&ts=1488817320&z=cc08a6a25a626934285701eg5zeb3bdb1g0m8c1o9z&from=che0812&uid=WDCXWD6400BPVT-80HXZT1_WD-WXP1E21XLH70XL
Raccourci infecté: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk ( hxxp://www.startpageing123.com/?type=sc&ts=1488817320&z=cc08a6a25a626934285701eg5zeb3bdb1g0m8c1o9z&from=che0812&uid=WDCXWD6400B
Raccourci infecté: C:\Users\HARDCORE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk ( hxxp://www.startpageing123.com/?type=sc&ts=1488817320&z=cc08a6a25a626934285701eg5zeb3bdb1g0m8c1o9z&from=
Raccourci infecté: C:\Users\HARDCORE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk ( hxxp://www.startpageing123.com/?type=sc&ts=1488817320&z=cc08a6a25a626934285701eg5zeb3bdb1g0m
Raccourci infecté: C:\Users\HARDCORE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk ( hxxp://www.startpageing123.com/?type=sc&ts=1488817320&z=cc08a6a25a626934285701eg5zeb3bdb1g0m8c1o9z&from=c
Raccourci infecté: C:\Users\HARDCORE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk ( hxxp://www.startpageing123.com/?type=sc&ts=1488817320&z=cc08a6a25a626934285701eg5zeb3b
Raccourci infecté: C:\Users\HARDCORE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk ( hxxp://www.startpageing123.com/?type=sc&ts=1488817320&z=cc08a6a25a626934285701eg5zeb3
***** [ Tâches planifiées ] *****
Tâche trouvée: BoxSoftwareUpdate
Tâche trouvée: LaunchApp
Tâche trouvée: BikaQ_FetchAndUpgrade_CanBeDel
***** [ Registre ] *****
Clé trouvée: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\WinSnare
Clé trouvée: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\WinSnare
Clé trouvée: HKU\S-1-5-21-393267221-3395938937-2926540975-1000\Software\WinSnare
Clé trouvée: HKCU\Software\WinSnare
Clé trouvée: HKLM\SOFTWARE\ScreenShot
Clé trouvée: HKLM\SOFTWARE\startpageing123Software
Clé trouvée: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{78A2D999-4673-4FCC-818E-57B0AF8F3B70}
Clé trouvée: [x64] HKCU\Software\WinSnare
Clé trouvée: [x64] HKLM\SOFTWARE\InterSect Alliance
Clé trouvée: HKLM\SOFTWARE\Classes\Installer\Features\999D2A873764CCF418E8750BFAF8B307
Clé trouvée: HKLM\SOFTWARE\Classes\Installer\Products\999D2A873764CCF418E8750BFAF8B307
Clé trouvée: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-393267221-3395938937-2926540975-1000\Products\E4DFFE2B890D5484D965ED57EB3B9531
Clé trouvée: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\999D2A873764CCF418E8750BFAF8B307
Clé trouvée: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\999D2A873764CCF418E8750BFAF8B307
Clé trouvée: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\999D2A873764CCF418E8750BFAF8B307
Clé trouvée: [x64] HKLM\SOFTWARE\Classes\Installer\Features\999D2A873764CCF418E8750BFAF8B307
Clé trouvée: [x64] HKLM\SOFTWARE\Classes\Installer\Products\999D2A873764CCF418E8750BFAF8B307
Donnée trouvée: HKU\S-1-5-21-393267221-3395938937-2926540975-1000\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.startpageing123.com/?type=hp&ts=1488817320&z=cc08a6a25a626934285701eg5zeb3bdb1g0m8
Donnée trouvée: HKU\S-1-5-21-393267221-3395938937-2926540975-1000\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.startpageing123.com/?type=hp&ts=1488817320&z=cc08a6a25a626934285701eg5zeb3bd
Donnée trouvée: HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.startpageing123.com/?type=hp&ts=1488817320&z=cc08a6a25a626934285701eg5zeb3bdb1g0m8c1o9z&from=che0812&uid=WDCXWD6400BPVT-80HXZT1
Donnée trouvée: HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.startpageing123.com/?type=hp&ts=1488817320&z=cc08a6a25a626934285701eg5zeb3bdb1g0m8c1o9z&from=che0812&uid=WDCXWD6400BPVT-8
Donnée trouvée: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.startpageing123.com/?type=hp&ts=1488817320&z=cc08a6a25a626934285701eg5zeb3bdb1g0m8c1o9z&from=che0812&uid=WDCXWD6400BPVT-8
Donnée trouvée: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.startpageing123.com/search/?type=ds&ts=1488817320&z=cc08a6a25a626934285701eg5zeb3bdb1g0m8c1o9z&from=che0812&uid=WDCXWD6
Donnée trouvée: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.startpageing123.com/search/?type=ds&ts=1488817320&z=cc08a6a25a626934285701eg5zeb3bdb1g0m8c1o9z&from=che0812&uid=WDCXWD6400BPVT
Donnée trouvée: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.startpageing123.com/?type=hp&ts=1488817320&z=cc08a6a25a626934285701eg5zeb3bdb1g0m8c1o9z&from=che0812&uid=WDCXWD6400BPVT-80HXZT1
Donnée trouvée: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.startpageing123.com/?type=hp&ts=1488817320&z=cc08a6a25a626934285701eg5zeb3bdb1g0m8c1o9z&from=che0812&uid=WDCXWD6400BPVT-80HXZ
Donnée trouvée: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.startpageing123.com/?type=hp&ts=1488817320&z=cc08a6a25a626934285701eg5zeb3bdb1g0m8c1o9z&from=che0812&uid=WDCXWD6400BPVT
Donnée trouvée: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.startpageing123.com/?type=hp&ts=1488817320&z=cc08a6a25a626934285701eg5zeb3bdb1g0m8c1o9z&from=che0812&uid=WDCXWD6400BPVT-80HXZ
Donnée trouvée: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.startpageing123.com/search/?type=ds&ts=1488817320&z=cc08a6a25a626934285701eg5zeb3bdb1g0m8c1o9z&from=che0812&uid=WDCXWD6400BP
Donnée trouvée: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.startpageing123.com/?type=hp&ts=1488817320&z=cc08a6a25a626934285701eg5zeb3bdb1g0m8c1o9z&from=che0812&uid=WDCXWD6400BPVT
Donnée trouvée: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.startpageing123.com/search/?type=ds&ts=1488817320&z=cc08a6a25a626934285701eg5zeb3bdb1g0m8c1o9z&from=che0812&uid=WDCXW
Clé trouvée: HKU\S-1-5-21-393267221-3395938937-2926540975-1000\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Donnée trouvée: HKU\S-1-5-21-393267221-3395938937-2926540975-1000\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] -
Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Donnée trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] -
Clé trouvée: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Donnée trouvée: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] -
Clé trouvée: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Donnée trouvée: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] -
Clé trouvée: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Donnée trouvée: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] -
Donnée trouvée: HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [] - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.startpageing123.com/?type=sc&ts=1488817320&z=cc08a6a25a626934285
Donnée trouvée: HKLM\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command [] - "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" hxxp://www.startpageing123.com/?type=sc&ts=1488817320&z=cc08
Donnée trouvée: [x64] HKLM\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command [] - "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" hxxp://www.startpageing123.com/?type=sc&ts=1488817320&z=cc
Valeur trouvée: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost [WinSAPSvc]
Clé trouvée: HKCU\SOFTWARE\Classes\ChromeHTML
***** [ Navigateurs web ] *****
Aucune préférence Firefox malveillante trouvée.
Chromium préf trouvée: [C:\Users\HARDCORE\AppData\Local\Google\Chrome\User Data\Default\Web data] - searchinterneat-a.akamaihd.net
Chromium préf trouvée: [C:\Users\HARDCORE\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - hxxp://www.startpageing123.com/?type=hp&ts=1488817320&z=cc08a6a25a626934285701eg5zeb3bdb1g0m8c1o9z&from=che0812&ui
Chromium préf trouvée: [C:\Users\HARDCORE\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - hxxp://www.startpageing123.com/searchfavicon.ico
Chromium préf trouvée: [C:\Users\HARDCORE\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - hxxp://www.startpageing123.com/?type=hp&ts=1488817320&z=cc08a6a25a626934285701eg5zeb3bdb1g0m8c1o9z&from=che0812&u
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [38085 octets] - [24/02/2017 10:55:02]
C:\AdwCleaner\AdwCleaner[C2].txt - [9924 octets] - [24/02/2017 18:05:11]
C:\AdwCleaner\AdwCleaner[R0].txt - [23649 octets] - [19/03/2014 18:36:30]
C:\AdwCleaner\AdwCleaner[R1].txt - [1571 octets] - [23/03/2014 12:26:06]
C:\AdwCleaner\AdwCleaner[R2].txt - [1351 octets] - [07/04/2014 14:03:46]
C:\AdwCleaner\AdwCleaner[S0].txt - [20689 octets] - [19/03/2014 18:37:18]
C:\AdwCleaner\AdwCleaner[S1].txt - [1287 octets] - [07/04/2014 14:04:26]
C:\AdwCleaner\AdwCleaner[S2].txt - [40033 octets] - [24/02/2017 10:47:39]
C:\AdwCleaner\AdwCleaner[S3].txt - [35262 octets] - [24/02/2017 10:52:16]
C:\AdwCleaner\AdwCleaner[S4].txt - [9333 octets] - [24/02/2017 18:02:47]
C:\AdwCleaner\AdwCleaner[S5].txt - [11938 octets] - [07/03/2017 18:45:31]
########## EOF - C:\AdwCleaner\AdwCleaner[S5].txt - [12013 octets] ##########