Comprendre le rapport RogueKiller

Après avoir télécharger RogueKiller depuis le site: https://www.luanagames.com/index.fr.html
et suivre les étapes qu'il faut, voilà le rapport:


RogueKiller V5.2.2 [05/06/2011] par Tigzy
contact sur https://www.luanagames.com/index.fr.html
mail: tigzyRK<at>gmail<dot>com
Remontees: https://www.luanagames.com/index.fr.html

Systeme d'exploitation: Windows Vista (6.0.6001 Service Pack 1) 32 bits version
Demarrage : Mode normal
Utilisateur: user [Droits d'admin]
Mode: Suppression -- Date : 15/06/2011 12:58:01

Processus malicieux: 3
[SUSP PATH] PLFSetI.exe -- c:\windows\plfseti.exe -> KILLED
[SUSP PATH] lsnfier.exe -- c:\users\user\appdata\roaming\microsoft\notification de cadeaux msn\lsnfier.exe -> KILLED
[SUSP PATH] jvu.exe -- c:\users\user\appdata\local\jvu.exe -> KILLED

Entrees de registre: 12
[SUSP PATH] HKCU\[...]\Run : biecei (C:\Users\user\biecei.exe) -> DELETED
[SUSP PATH] HKLM\[...]\Run : PLFSetI (C:\Windows\PLFSetI.exe) -> DELETED
[SUSP PATH] HKLM\[...]\Run : RestartNeroSetup ("C:\Users\user\AppData\Local\Temp\NERO13823\setupx.exe") -> DELETED
[SUSP PATH] HKLM\[...]\Run : adiras (C:\Windows\adiras.exe) -> DELETED
[SUSP PATH] Notification de cadeaux MSN.lnk : C:\Users\user\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe -> DELETED
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[FILE ASSO] HKCU\[...]Software\Classes\.exe\shell\open\command : ("C:\Users\user\AppData\Local\jvu.exe" -a "%1" %*) -> REPLACED : ("%1" %*)
[FILE ASSO] HKCU\[...]Software\Classes\exefile\shell\open\command : ("C:\Users\user\AppData\Local\jvu.exe" -a "%1" %*) -> REPLACED : ("%1" %*)
[FILE ASSO] HKLM\[...]Software\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command : ("C:\Users\user\AppData\Local\jvu.exe" -a "C:\Program Files\Mozilla Firefox\firefox.exe") -> REPLACED : ("C:\Program Files\mozilla firefox\firefox.exe")
[FILE ASSO] HKLM\[...]Software\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command : ("C:\Users\user\AppData\Local\jvu.exe" -a "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode) -> REPLACED : ("C:\Program Files\mozilla firefox\firefox.exe" -safe-mode)
[FILE ASSO] HKLM\[...]Software\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command : ("C:\Users\user\AppData\Local\jvu.exe" -a "C:\Program Files\Internet Explorer\iexplore.exe") -> REPLACED : ("C:\Program Files\internet explorer\iexplore.exe")

Fichier HOSTS:
127.0.0.1 localhost
::1 localhost
127.0.0.1 localhost


Termine : << RKreport[1].txt >>
RKreport[1].txt