cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

RogueKiller V8.4.4 [Feb 4 2013] par Tigzy
mail : tigzyRKgmailcom
Remontees : http://www.sur-la-toile.com/discussion-193725-1--RogueKiller-Remontees.html
Site Web : http://www.sur-la-toile.com/RogueKiller/
Blog : http://tigzyrk.blogspot.com/

Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Demarrage : Mode normal
Utilisateur : Système [Droits d'admin]
Mode : Suppression -- Date : 04/02/2013 23:31:45
| ARK || MBR |

¤¤¤ Processus malicieux : 0 ¤¤¤

¤¤¤ Entrees de registre : 18 ¤¤¤
[RUN][BLACKLISTDLL] HKLM\[...]\RunOnce : iessetup (X:\Windows\system32\rundll32.exe "X:\Program Files\Internet Explorer\iessetup.dll",LaunchProcessInputFiles ) -> SUPPRIMÉ
[RUN][BLACKLISTDLL] HKLM\[...]\RunOnce : wmssetup (X:\Windows\system32\rundll32.exe "X:\Program Files\Windows Media Player\wmssetup.dll",LaunchProcessInputFiles ) -> SUPPRIMÉ
[RUN][BLACKLISTDLL] HKLM\[...]\RunOnce : ASYNCMAC (rundll32.exe streamci,StreamingDeviceSetup {eeab7790-c514-11d1-b42b-00805fc1270e},asyncmac,{ad498944-762f-11d0-8dcb-00c04fc3358c},X:\windows\INF\netrasa.inf,Ndis-Mp-AsyncMac) -> SUPPRIMÉ
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> REMPLACÉ (1)
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowHelp (0) -> REMPLACÉ (1)
[HJ SMENU] HKLM\[...]\Advanced : Start_ShowMyDocs (0) -> REMPLACÉ (1)
[HJ SMENU] HKLM\[...]\Advanced : Start_ShowMyPics (0) -> REMPLACÉ (1)
[HJ SMENU] HKLM\[...]\Advanced : Start_ShowMyGames (0) -> REMPLACÉ (1)
[HJ SMENU] HKLM\[...]\Advanced : Start_ShowMyMusic (0) -> REMPLACÉ (1)
[HJ SMENU] HKLM\[...]\Advanced : Start_ShowHelp (0) -> REMPLACÉ (1)
[HJ SMENU] HKLM\[...]\Advanced : Start_ShowPrinters (0) -> REMPLACÉ (1)
[HJ SMENU] HKLM\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> REMPLACÉ (1)
[HJ DESK] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> REMPLACÉ (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REMPLACÉ (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REMPLACÉ (0)
[HJ DLL][ROGUE ST] [ON_C:]HKLM\System[...]\ControlSet001\Services\winmgmt\Parameters : ServiceDll (C:\DOCUME~1\ADRIEN~1.000\5765827.dll) -> REMPLACÉ (%SystemRoot%\system32\wbem\WMIsvc.dll)
[HJ DLL][ROGUE ST] [ON_C:]HKLM\System[...]\ControlSet002\Services\winmgmt\Parameters : ServiceDll (C:\DOCUME~1\ADRIEN~1.000\5765827.dll) -> REMPLACÉ (%SystemRoot%\system32\wbem\WMIsvc.dll)
[HJ DLL][ROGUE ST] [ON_C:]HKLM\System[...]\ControlSet003\Services\winmgmt\Parameters : ServiceDll (C:\DOCUME~1\ADRIEN~1.000\5765827.dll) -> REMPLACÉ (%SystemRoot%\system32\wbem\WMIsvc.dll)

¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤

¤¤¤ Driver : [CHARGE] ¤¤¤

¤¤¤ Ruches Externes: ¤¤¤
-> C:\windows\system32\config\SOFTWARE
-> C:\windows\system32\config\SYSTEM
-> C:\Documents and Settings\Administrateur\NTUSER.DAT
-> C:\Documents and Settings\adrien prieur\NTUSER.DAT
-> C:\Documents and Settings\adrien prieur.ADRIEN\NTUSER.DAT
-> C:\Documents and Settings\adrien prieur.ADRIEN.000\NTUSER.DAT
-> C:\Documents and Settings\All Users\NTUSER.DAT
-> C:\Documents and Settings\Default User\NTUSER.DAT
-> C:\Documents and Settings\LocalService\NTUSER.DAT
-> C:\Documents and Settings\NetworkService\NTUSER.DAT
-> D:\windows\system32\config\SOFTWARE
-> D:\windows\system32\config\SYSTEM
-> D:\Users\Default\NTUSER.DAT

¤¤¤ Fichier HOSTS: ¤¤¤
--> X:\windows\system32\drivers\etc\hosts



¤¤¤ MBR Verif: ¤¤¤

+++++ PhysicalDrive0: +++++
--- User ---
[MBR] fc66c75698b8c88a7d3f2e4bae61a758
[BSP] 17dcfbccaf8c4ac76da77c0180452a3b : Dell MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 81920 | Size: 142346 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 291611880 | Size: 10236 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: USB DISK Pro USB Device +++++
--- User ---
[MBR] 9d410622c61c09de17b6e6bda2be4eb0
[BSP] 6f510daf46d274284f9a608a06c7db11 : Standard MBR Code
Partition table:
0 - [ACTIVE] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 8064 | Size: 3818 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

+++++ PhysicalDrive3: USB Flash Disk USB Device +++++
--- User ---
[MBR] 810ec8928d9c05303a2f5c993ac823b7
[BSP] 33a07a59d299ab4ea9f4ab0156f9d86f : Windows XP MBR Code
Partition table:
0 - [ACTIVE] FAT32 (0x0b) [VISIBLE] Offset (sectors): 512 | Size: 477 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Termine : << RKreport[2]_D_04022013_233145.txt >>
RKreport[1]_S_04022013_233121.txt ; RKreport[2]_D_04022013_233145.txt




Publicité


Signaler le contenu de ce document

Publicité