cjoint

Publicité

Cliquez pour partager vos propres fichiers

Publicité

Format du document : text/plain

Prévisualisation

RogueKiller V12.13.4.0 (x64) [Oct 8 2018] (Gratuit) par Adlice Software
email : http://www.adlice.com/fr/contact/
Remontées : https://forum.adlice.com
Site web : http://www.adlice.com/fr/download/roguekiller/
Blog : http://www.adlice.com/fr/

Système d'exploitation : Windows 8 (6.2.9200) 64 bits version
Démarré en : Mode normal
Utilisateur : Mathieu [Administrateur]
Démarré depuis : C:\Program Files\RogueKiller\RogueKiller64.exe
Mode : Suppression -- Date : 10/12/2018 10:15:46 (Durée : 00:38:32)

¤¤¤ Processus : 0 ¤¤¤

¤¤¤ Registre : 20 ¤¤¤
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-565260823-566925515-856121267-1002\Software\Microsoft\Internet Explorer\Main | Start Page : http://asus13.msn.com -> Remplacé(e) (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-565260823-566925515-856121267-1002\Software\Microsoft\Internet Explorer\Main | Start Page : http://asus13.msn.com -> Remplacé(e) (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-565260823-566925515-856121267-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10122018091043464\Software\Microsoft\Internet Explorer\Main | Start Page : http://asus13.msn.com -> Remplacé(e) (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-565260823-566925515-856121267-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10122018091043464\Software\Microsoft\Internet Explorer\Main | Start Page : http://asus13.msn.com -> Remplacé(e) (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-565260823-566925515-856121267-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10122018091459895\Software\Microsoft\Internet Explorer\Main | Start Page : http://asus13.msn.com -> Remplacé(e) (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-565260823-566925515-856121267-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10122018091459895\Software\Microsoft\Internet Explorer\Main | Start Page : http://asus13.msn.com -> Remplacé(e) (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-565260823-566925515-856121267-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10122018091505914\Software\Microsoft\Internet Explorer\Main | Start Page : http://asus13.msn.com -> Remplacé(e) (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-565260823-566925515-856121267-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10122018091505914\Software\Microsoft\Internet Explorer\Main | Start Page : http://asus13.msn.com -> Remplacé(e) (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-565260823-566925515-856121267-1002\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://asus13.msn.com -> Remplacé(e) (http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-565260823-566925515-856121267-1002\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://asus13.msn.com -> Remplacé(e) (http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome)
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-565260823-566925515-856121267-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10122018091043464\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://asus13.msn.com -> Remplacé(e) (http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-565260823-566925515-856121267-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10122018091043464\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://asus13.msn.com -> Remplacé(e) (http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome)
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-565260823-566925515-856121267-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10122018091459895\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://asus13.msn.com -> Remplacé(e) (http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-565260823-566925515-856121267-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10122018091459895\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://asus13.msn.com -> Remplacé(e) (http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome)
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-565260823-566925515-856121267-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10122018091505914\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://asus13.msn.com -> Remplacé(e) (http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-565260823-566925515-856121267-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10122018091505914\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://asus13.msn.com -> Remplacé(e) (http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome)
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 10.188.0.1 ([]) -> Remplacé(e) ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{6EB69A95-37F3-411C-97DC-83D9D51CFD4D} | DhcpNameServer : 10.188.0.1 ([]) -> Remplacé(e) ()
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Remplacé(e) (2)
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Remplacé(e) (2)

¤¤¤ Tâches : 7 ¤¤¤
[Hj.Shortcut] \{3EF5D124-E3AB-40D7-A95A-58BC8B5E1907} -- "c:\program files (x86)\mozilla firefox\firefox.exe" (http://ui.skype.com/ui/0/6.16.0.105/fr/abandoninstall?page=tsPlugin) -> Supprimé(e)
[Hj.Shortcut] \{421B3518-3471-42B5-97CD-121448AC76CF} -- "c:\program files (x86)\mozilla firefox\firefox.exe" (http://ui.skype.com/ui/0/7.28.80.101/fr/abandoninstall?page=tsProgressBar) -> Supprimé(e)
[Hj.Shortcut] \{7220286F-2E88-4568-87A1-511CCE4AEA67} -- "c:\program files (x86)\mozilla firefox\firefox.exe" (http://ui.skype.com/ui/0/6.21.0.104/fr/abandoninstall?page=tsMain) -> Supprimé(e)
[Hj.Shortcut] \{B19CBF4D-4339-49F3-8827-16589E9CFF90} -- "c:\program files (x86)\mozilla firefox\firefox.exe" (http://ui.skype.com/ui/0/7.28.80.101/fr/abandoninstall?page=tsProgressBar) -> Supprimé(e)
[Hj.Shortcut] \{D27A9D98-AA24-4477-8A37-4EED12960883} -- "c:\program files (x86)\mozilla firefox\firefox.exe" (http://ui.skype.com/ui/0/6.16.0.105/fr/go/help.faq.installer?LastError=1638) -> Supprimé(e)
[Hj.Shortcut] \{D6537F3D-224B-4717-9C23-C9FD1D564275} -- "c:\program files (x86)\mozilla firefox\firefox.exe" (http://ui.skype.com/ui/0/6.16.0.105/fr/go/help.faq.installer?LastError=1638) -> Supprimé(e)
[Hj.Shortcut] \{F75864ED-F180-4994-A7ED-55F55F19B30F} -- "c:\program files (x86)\mozilla firefox\firefox.exe" (http://ui.skype.com/ui/0/6.16.0.105/fr/go/help.faq.installer?LastError=1638) -> Supprimé(e)

¤¤¤ Fichiers : 19 ¤¤¤
[PUP.Gen1][Répertoire] C:\ProgramData\Lavasoft\Web Companion -> Supprimé(e)
[PUP.Gen1][Fichier] C:\ProgramData\Lavasoft\Web Companion\Definitions\MaliciousUrlDaily.zip -> Supprimé(e)
[PUP.Gen1][Fichier] C:\ProgramData\Lavasoft\Web Companion\Definitions\MaliciousUrlWeekly.zip -> Supprimé(e)
[PUP.Gen1][Répertoire] C:\ProgramData\Lavasoft\Web Companion\Definitions -> Supprimé(e)
[PUP.Gen1][Fichier] C:\ProgramData\Lavasoft\Web Companion\Icons\bing.ico -> Supprimé(e)
[PUP.Gen1][Répertoire] C:\ProgramData\Lavasoft\Web Companion\Icons -> Supprimé(e)
[PUP.Gen1][Fichier] C:\ProgramData\Lavasoft\Web Companion\Logs\Webcompanion\webcompanion.log -> Supprimé(e)
[PUP.Gen1][Répertoire] C:\ProgramData\Lavasoft\Web Companion\Logs\Webcompanion -> Supprimé(e)
[PUP.Gen1][Fichier] C:\ProgramData\Lavasoft\Web Companion\Logs\WindowsService\WCAssistantServiceLog.log -> Supprimé(e)
[PUP.Gen1][Répertoire] C:\ProgramData\Lavasoft\Web Companion\Logs\WindowsService -> Supprimé(e)
[PUP.Gen1][Répertoire] C:\ProgramData\Lavasoft\Web Companion\Logs -> Supprimé(e)
[PUP.Gen1][Fichier] C:\ProgramData\Lavasoft\Web Companion\Options\ActiveFeatures.zip -> Supprimé(e)
[PUP.Gen1][Fichier] C:\ProgramData\Lavasoft\Web Companion\Options\CurrentReleaseNotes.txt -> Supprimé(e)
[PUP.Gen1][Fichier] C:\ProgramData\Lavasoft\Web Companion\Options\install.txt -> Supprimé(e)
[PUP.Gen1][Fichier] C:\ProgramData\Lavasoft\Web Companion\Options\LatestReleaseNotes.txt -> Supprimé(e)
[PUP.Gen1][Fichier] C:\ProgramData\Lavasoft\Web Companion\Options\partner.txt -> Supprimé(e)
[PUP.Gen1][Fichier] C:\ProgramData\Lavasoft\Web Companion\Options\ServicePartnerInfo.txt -> Supprimé(e)
[PUP.Gen1][Fichier] C:\ProgramData\Lavasoft\Web Companion\Options\Statistics.txt -> Supprimé(e)
[PUP.Gen1][Fichier] C:\ProgramData\Lavasoft\Web Companion\Options\UpdateServer.txt -> Supprimé(e)
[PUP.Gen1][Répertoire] C:\ProgramData\Lavasoft\Web Companion\Options -> Supprimé(e)
[PUP.Gen0][Fichier] C:\Users\Mathieu\AppData\Roaming\Microsoft\Windows\Start Menu\LIN?.lnk [LNK@] C:\Users\Mathieu\AppData\Roaming\Browsers\exe.rehcnualenil.bat -> Supprimé(e)
[PUP.Gen0][Fichier] C:\Users\Mathieu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\St?rt ??r Br?wser.lnk [LNK@] C:\Users\Mathieu\AppData\Roaming\Browsers\exe.xoferif.bat -> Supprimé(e)
[PUP.Gen0][Fichier] C:\Users\Mathieu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\G?ogle ?hr?me.lnk [LNK@] C:\Users\Mathieu\AppData\Roaming\Browsers\exe.emorhc.bat -> Supprimé(e)
[PUP.Gen0][Fichier] C:\Users\Mathieu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\L?unch Int?rnet E??l?rer Br?wser.lnk [LNK@] C:\Users\Mathieu\AppData\Roaming\Browsers\exe.erolpxei.bat -> Supprimé(e)
[PUP.Gen0][Fichier] C:\Users\Mathieu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\G?ogle Chr?m?.lnk [LNK@] C:\Users\Mathieu\AppData\Roaming\Browsers\exe.emorhc.bat -> Supprimé(e)
[PUP.Gen0][Fichier] C:\Users\Mathieu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\G?ogl? ?hrome.lnk [LNK@] C:\Users\Mathieu\AppData\Roaming\Browsers\exe.emorhc.bat -> Supprimé(e)
[PUP.Gen0][Fichier] C:\Users\Mathieu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\LIN?.lnk [LNK@] C:\Users\Mathieu\AppData\Roaming\Browsers\exe.rehcnualenil.bat -> Supprimé(e)
[PUP.Gen0][Fichier] C:\Users\Mathieu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\?ozilla Fir?f?? (2).lnk [LNK@] C:\Users\Mathieu\AppData\Roaming\Browsers\exe.xoferif.bat -> Supprimé(e)
[PUP.Gen0][Fichier] C:\Users\Mathieu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\?ozilla Fir?f?? (3).lnk [LNK@] C:\Users\Mathieu\AppData\Roaming\Browsers\exe.xoferif.bat -> Supprimé(e)
[PUP.Gen0][Fichier] C:\Users\Mathieu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\?ozilla Fir?f??.lnk [LNK@] C:\Users\Mathieu\AppData\Roaming\Browsers\exe.xoferif.bat -> Supprimé(e)
[PUP.Gen0][Fichier] C:\Users\Mathieu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\?ozill? Fir?f??.lnk [LNK@] C:\Users\Mathieu\AppData\Roaming\Browsers\exe.xoferif.bat -> Supprimé(e)
[Hidden.ADS][Flux] C:\Windows:CM_36faabd924501fcd2f743302621d89eb425ec11f74fef19a5e0fe69c3f0b5201 -> Supprimé(e)
[PUP.Gen1][Répertoire] C:\ProgramData\Lavasoft\Web Companion -> ERROR [3]
[PUP.Gen0][Fichier] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G?ogle Chr?m?.lnk [LNK@] C:\Users\Mathieu\AppData\Roaming\Browsers\exe.emorhc.bat -> Supprimé(e)
[PUP.Gen0][Fichier] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\?ozilla Fir?f??.lnk [LNK@] C:\Users\Mathieu\AppData\Roaming\Browsers\exe.xoferif.bat -> Supprimé(e)
[Adw.Neoreklami][Fichier] C:\Program Files (x86)\SageThumbs\64\SageThumbs.dll -> Supprimé(e) au redémarrage [5]
[PUP.Gen0][Fichier] C:\Users\Mathieu\AppData\Roaming\Microsoft\Windows\Start Menu\LIN?.lnk [LNK@] C:\Users\Mathieu\AppData\Roaming\Browsers\exe.rehcnualenil.bat -> Supprimé(e) au redémarrage [2]
[PUP.Gen0][Fichier] C:\Users\Mathieu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\St?rt ??r Br?wser.lnk [LNK@] C:\Users\Mathieu\AppData\Roaming\Browsers\exe.xoferif.bat -> Supprimé(e) au redémarrage [2]

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Fichier Hosts : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Chargé) ¤¤¤

¤¤¤ Navigateurs web : 6 ¤¤¤
[PUM.HomePage][Firefox:Config] 6kt43ar3.default-1434886448240 : user_pref("browser.startup.homepage", "https://www.malwarebytes.org/restorebrowser/"); -> Remplacé(e) (about:home)
[PUM.SearchEngine][Firefox:Config] 6kt43ar3.default-1434886448240 : user_pref("browser.search.selectedEngine", "Bing®"); -> Supprimé(e)
[PUM.SearchEngine][Firefox:Config] 6kt43ar3.default-1434886448240 : user_pref("browser.search.defaultenginename", "Bing®"); -> Supprimé(e)
[PUM.SearchPage][Chrome:Config] Default [SecurePrefs] : default_search_provider_data.template_url_data.keyword [qwant.com] -> Supprimé(e)
[PUM.SearchPage][Chrome:Config] Default [SecurePrefs] : default_search_provider_data.template_url_data.url [https://www.qwant.com/?q={searchTerms}&client=opensearch] -> Supprimé(e)
[PUM.SearchPage][Chrome:Config] Default [SecurePrefs] : default_search_provider_data.template_url_data.suggestions_url [https://api.qwant.com/api/suggest/?q={searchTerms}&client=opensearch] -> Supprimé(e)

¤¤¤ Vérification MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD7500BPKX-80HPJT0 +++++
--- User ---
[MBR] fed5a442707a868e55b7c3ca9c160577
[BSP] 41f38fef58afd164ffddcfc6de5920ef : Empty|VT.Unknown MBR Code
Partition table:
0 - [MAN-MOUNT] EFI system partition | Offset (sectors): 2048 | Size: 100 MB
1 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 206848 | Size: 900 MB
2 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 2050048 | Size: 128 MB
3 - Basic data partition | Offset (sectors): 2312192 | Size: 286160 MB
4 - Basic data partition | Offset (sectors): 588367872 | Size: 407625 MB
5 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 1423183872 | Size: 20490 MB
User = LL1 ... OK
User = LL2 ... OK

Publicité

Signaler le contenu de ce document

Publicité