cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

RogueKiller V8.8.15 _x64_ [Mar 27 2014] par Adlice Software
mail : http://www.adlice.com/contact/
Remontees : http://forum.adlice.com
Site Web : http://www.surlatoile.org/RogueKiller/
Blog : http://www.adlice.com

Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur : pc [Droits d'admin]
Mode : Recherche -- Date : 05/03/2014 16:10:56
| ARK || FAK || MBR |

¤¤¤ Processus malicieux : 0 ¤¤¤

¤¤¤ Entrees de registre : 7 ¤¤¤
[PROXY IE][PUM] HKCU\[...]\Internet Settings : ProxyServer (hxxp=127.0.0.1:14027 [Country: (Private Address) (XX), City: (Private Address)]) -> TROUVÉ
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> TROUVÉ
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> TROUVÉ
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> TROUVÉ
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> TROUVÉ
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> TROUVÉ
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> TROUVÉ

¤¤¤ Tâches planifiées : 2 ¤¤¤
[V2][SUSP PATH] Test TimeTrigger : C:\Users\pc\AppData\Local\Temp\Runner.exe - C:\Users\pc\AppData\Local\Temp\DNS.exe [x][x] -> TROUVÉ
[V2][SUSP PATH] PeriodicScanRetry : %windir%\ehome\MCUpdate.exe - -pscn 0 [7][-] -> TROUVÉ

¤¤¤ Entrées Startup : 0 ¤¤¤

¤¤¤ Navigateurs web : 0 ¤¤¤

¤¤¤ Addons navigateur : 0 ¤¤¤

¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤

¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤
[Address] EAT @explorer.exe (DllCanUnloadNow) : wshbth.dll -> HOOKED (C:\Windows\system32\sdautoplay.dll @ 0xF6EE2D24)
[Address] EAT @explorer.exe (DllGetClassObject) : wshbth.dll -> HOOKED (C:\Windows\system32\sdautoplay.dll @ 0xF6EE2D38)
[Address] EAT @explorer.exe (DllRegisterServer) : wshbth.dll -> HOOKED (C:\Windows\system32\sdautoplay.dll @ 0xF6EE2D54)
[Address] EAT @explorer.exe (DllUnregisterServer) : wshbth.dll -> HOOKED (C:\Windows\system32\sdautoplay.dll @ 0xF6EE2DF0)

¤¤¤ Ruches Externes: ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ Fichier HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ MBR Verif: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST9320325AS +++++
--- User ---
[MBR] bd1e07ced1c583398fa9e482fec20638
[BSP] a9a37c4cab0a14b6ffc5eb8d95438a66 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0x1c) [HIDDEN!] Offset (sectors): 2048 | Size: 25600 MB
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 52430848 | Size: 128028 MB
2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 314632192 | Size: 151615 MB
User = LL1 ... OK!
User != LL2 ... KO!
--- LL2 ---
[MBR] ebbe29abb236b510001064d743229dc6
[BSP] a9a37c4cab0a14b6ffc5eb8d95438a66 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0x1c) [HIDDEN!] Offset (sectors): 2048 | Size: 25600 MB
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 52430848 | Size: 125337 MB
2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 309121024 | Size: 154307 MB

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) USB DISK 2.0 USB Device +++++
--- User ---
[MBR] 2205d2b11aefd838b3efadc9d74ccd9d
[BSP] 33a07a59d299ab4ea9f4ab0156f9d86f : Windows XP MBR Code
Partition table:
0 - [ACTIVE] FAT16 (0x06) [VISIBLE] Offset (sectors): 32 | Size: 1911 MB
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Cette demande n?est pas prise en charge. )

Termine : << RKreport[0]_S_05032014_161056.txt >>





Publicité


Signaler le contenu de ce document

Publicité