Publicité
Publicité
Format du document : text/x-log
Prévisualisation
RogueKiller V9.2.6.0 [Jul 11 2014] par Adlice Software
Mail : http://www.adlice.com/contact/
Remontées : http://forum.adlice.com
Site Web : http://www.surlatoile.org/RogueKiller/
Blog : http://www.adlice.com
Système d'exploitation : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Démarrage : Mode normal
Utilisateur : Sakuya [Droits d'admin]
Mode : Suppression -- Date : 08/08/2014 14:04:26
¤¤¤ Processus malicieux : 0 ¤¤¤
¤¤¤ Entrées de registre : 5 ¤¤¤
[Suspicious.Path] HKEY_USERS\S-1-5-21-381164742-1774454537-2887258218-1032\Software\Microsoft\Windows\CurrentVersion\Run | Viber : "C:\Users\Sakuya\AppData\Local\Viber\Viber.exe" StartMinimized [x] -> SUPPRIMÉ
[PUM.Policies] HKEY_USERS\S-1-5-21-381164742-1774454537-2887258218-1032\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> SUPPRIMÉ
[PUM.Policies] HKEY_USERS\S-1-5-21-381164742-1774454537-2887258218-1032\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> SUPPRIMÉ
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> REMPLACÉ (0)
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> REMPLACÉ (0)
¤¤¤ Tâches planifiées : 0 ¤¤¤
¤¤¤ Fichiers : 0 ¤¤¤
¤¤¤ Fichier HOSTS : 2 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost
[C:\Windows\System32\drivers\etc\hosts] ::1 localhost
¤¤¤ Antirootkit : 0 (Driver: CHARGE) ¤¤¤
¤¤¤ Navigateurs web : 5 ¤¤¤
[IE:Addon] System : avast! EasyPass Toolbar [{724d43a0-0d85-11d4-9908-00400523e39a}] -> SUPPRIMÉ
[FIREFX:Addon] jtc8o41y.default : Microsoft .NET Framework Assistant [{20a82645-c095-46ed-80e3-08825760534b}] -> SUPPRIMÉ
[FIREFX:Addon] jtc8o41y.default : avast! EasyPass Toolbar for Firefox [{22119944-ED35-4ab1-910B-E619EA06A115}] -> SUPPRIMÉ
[FIREFX:Addon] jtc8o41y.default : avast! Online Security [wrc@avast.com] -> SUPPRIMÉ
[CHROME:Addon] Default : Google Wallet [nmmhkkegccagdldgiimedpiccmgmieda] -> SUPPRIMÉ
¤¤¤ MBR Verif : ¤¤¤
+++++ PhysicalDrive0: WDC WD2500BEVT-22ZCT0 +++++
--- User ---
[MBR] 28cdbf65736fe539cf99789b447c1abc
[BSP] 3be0b8fbdf73520adceb0d7374926ad5 : Windows XP MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 10000 MB
1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 20482048 | Size: 228473 MB
User = LL1 ... OK
User = LL2 ... OK
+++++ PhysicalDrive1: Generic Flash Disk USB Device +++++
--- User ---
[MBR] 363dcd827727097628b34ff7e33bd9f3
[BSP] ce49b2c9dee063d3ca344ff1becdb084 : Unknown MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x0) [VISIBLE] Offset (sectors): 1919950958 | Size: 265838 MB
1 - [XXXXXX] UNKNOWN (0x0) [VISIBLE] Offset (sectors): 1330184202 | Size: 263172 MB
2 - [XXXXXX] DISKMNG (0x53) [VISIBLE] Offset (sectors): 538989391 | Size: 682794 MB
3 - [ACTIVE] UNKNOWN (0x0) [VISIBLE] Offset (sectors): 1394627663 | Size: 10 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] Cette demande n'est pas prise en charge. )
============================================
RKreport_SCN_08082014_140134.log
Mail : http://www.adlice.com/contact/
Remontées : http://forum.adlice.com
Site Web : http://www.surlatoile.org/RogueKiller/
Blog : http://www.adlice.com
Système d'exploitation : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Démarrage : Mode normal
Utilisateur : Sakuya [Droits d'admin]
Mode : Suppression -- Date : 08/08/2014 14:04:26
¤¤¤ Processus malicieux : 0 ¤¤¤
¤¤¤ Entrées de registre : 5 ¤¤¤
[Suspicious.Path] HKEY_USERS\S-1-5-21-381164742-1774454537-2887258218-1032\Software\Microsoft\Windows\CurrentVersion\Run | Viber : "C:\Users\Sakuya\AppData\Local\Viber\Viber.exe" StartMinimized [x] -> SUPPRIMÉ
[PUM.Policies] HKEY_USERS\S-1-5-21-381164742-1774454537-2887258218-1032\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> SUPPRIMÉ
[PUM.Policies] HKEY_USERS\S-1-5-21-381164742-1774454537-2887258218-1032\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> SUPPRIMÉ
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> REMPLACÉ (0)
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> REMPLACÉ (0)
¤¤¤ Tâches planifiées : 0 ¤¤¤
¤¤¤ Fichiers : 0 ¤¤¤
¤¤¤ Fichier HOSTS : 2 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost
[C:\Windows\System32\drivers\etc\hosts] ::1 localhost
¤¤¤ Antirootkit : 0 (Driver: CHARGE) ¤¤¤
¤¤¤ Navigateurs web : 5 ¤¤¤
[IE:Addon] System : avast! EasyPass Toolbar [{724d43a0-0d85-11d4-9908-00400523e39a}] -> SUPPRIMÉ
[FIREFX:Addon] jtc8o41y.default : Microsoft .NET Framework Assistant [{20a82645-c095-46ed-80e3-08825760534b}] -> SUPPRIMÉ
[FIREFX:Addon] jtc8o41y.default : avast! EasyPass Toolbar for Firefox [{22119944-ED35-4ab1-910B-E619EA06A115}] -> SUPPRIMÉ
[FIREFX:Addon] jtc8o41y.default : avast! Online Security [wrc@avast.com] -> SUPPRIMÉ
[CHROME:Addon] Default : Google Wallet [nmmhkkegccagdldgiimedpiccmgmieda] -> SUPPRIMÉ
¤¤¤ MBR Verif : ¤¤¤
+++++ PhysicalDrive0: WDC WD2500BEVT-22ZCT0 +++++
--- User ---
[MBR] 28cdbf65736fe539cf99789b447c1abc
[BSP] 3be0b8fbdf73520adceb0d7374926ad5 : Windows XP MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 10000 MB
1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 20482048 | Size: 228473 MB
User = LL1 ... OK
User = LL2 ... OK
+++++ PhysicalDrive1: Generic Flash Disk USB Device +++++
--- User ---
[MBR] 363dcd827727097628b34ff7e33bd9f3
[BSP] ce49b2c9dee063d3ca344ff1becdb084 : Unknown MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x0) [VISIBLE] Offset (sectors): 1919950958 | Size: 265838 MB
1 - [XXXXXX] UNKNOWN (0x0) [VISIBLE] Offset (sectors): 1330184202 | Size: 263172 MB
2 - [XXXXXX] DISKMNG (0x53) [VISIBLE] Offset (sectors): 538989391 | Size: 682794 MB
3 - [ACTIVE] UNKNOWN (0x0) [VISIBLE] Offset (sectors): 1394627663 | Size: 10 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] Cette demande n'est pas prise en charge. )
============================================
RKreport_SCN_08082014_140134.log