cjoint

Publicité


Publicité

Format du document : text/x-log

Prévisualisation

RogueKiller V9.2.13.0 (x64) [Sep 25 2014] par Adlice Software
Mail : http://www.adlice.com/contact/
Remontées : http://forum.adlice.com
Site Web : https://www.surlatoile.org/RogueKiller/
Blog : http://www.adlice.com

Système d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Démarrage : Mode normal
Utilisateur : Dusk [Droits d'admin]
Mode : Suppression -- Date : 10/04/2014 10:47:30

¤¤¤ Processus malicieux : 0 ¤¤¤

¤¤¤ Entrées de registre : 16 ¤¤¤
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{9C995F7F-43F8-4B21-8F21-38D5C6DB0EF0} | DhcpNameServer : 7.254.254.254 -> REMPLACÉ ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{AA09D400-32D2-4BD7-84B5-10B9C74DCCED} | DhcpNameServer : 172.20.10.1 -> REMPLACÉ ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{9C995F7F-43F8-4B21-8F21-38D5C6DB0EF0} | DhcpNameServer : 7.254.254.254 -> REMPLACÉ ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{AA09D400-32D2-4BD7-84B5-10B9C74DCCED} | DhcpNameServer : 172.20.10.1 -> REMPLACÉ ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{9C995F7F-43F8-4B21-8F21-38D5C6DB0EF0} | DhcpNameServer : 7.254.254.254 -> REMPLACÉ ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{AA09D400-32D2-4BD7-84B5-10B9C74DCCED} | DhcpNameServer : 172.20.10.1 -> REMPLACÉ ()
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-1636517195-2122311652-1856158453-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> REMPLACÉ (0)
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-1636517195-2122311652-1856158453-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> REMPLACÉ (0)
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-1636517195-2122311652-1856158453-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> REMPLACÉ (0)
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-1636517195-2122311652-1856158453-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> REMPLACÉ (0)
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> REMPLACÉ (0)
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> REMPLACÉ (0)
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-1636517195-2122311652-1856158453-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> REMPLACÉ (0)
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-1636517195-2122311652-1856158453-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> REMPLACÉ (0)
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-1636517195-2122311652-1856158453-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> REMPLACÉ (0)
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-1636517195-2122311652-1856158453-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> REMPLACÉ (0)

¤¤¤ Tâches planifiées : 0 ¤¤¤

¤¤¤ Fichiers : 0 ¤¤¤

¤¤¤ Fichier HOSTS : 1 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost -> SUPPRIMÉ

¤¤¤ Antirootkit : 2 (Driver: CHARGE) ¤¤¤
[Filter(Root.Keylogger)] \Driver\kbdclass @ \Device\KeyboardClass2 : \Driver\vmkbd2 @ Unknown (\SystemRoot\system32\DRIVERS\ikbevent.sys)
[Filter(Root.Keylogger)] \Driver\kbdclass @ \Device\KeyboardClass1 : \Driver\vmkbd2 @ Unknown (\SystemRoot\system32\DRIVERS\ikbevent.sys)

¤¤¤ Navigateurs web : 0 ¤¤¤

¤¤¤ MBR Verif : ¤¤¤
+++++ PhysicalDrive0: SanDisk SDSSDHP128G ATA Device +++++
--- User ---
[MBR] 8531c645e194d5dcb3bc466c35db6e65
[BSP] 4eaa4af0507e07181b0a85121ca03a3c : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 122102 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: WDC WD10EZEX-00KUWA0 ATA Device +++++
--- User ---
[MBR] 858a5d002e80c338411114058b9b2df1
[BSP] 727b0b91aa2c967bb20ff16148565028 : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 953867 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive2: ST1000DM003-1CH162 ATA Device +++++
--- User ---
[MBR] 3657b48231bb25c1373d4145384a1105
[BSP] 357863a1295b20bd6bdfd9c863954825 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 953766 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive3: WDC WD10EZEX-00RKKA0 ATA Device +++++
--- User ---
[MBR] f9648385a76cdf09da271cef6bf53ada
[BSP] ec0109e01684068e9655c03d28e1e409 : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 953867 MB
User = LL1 ... OK
User = LL2 ... OK


============================================
RKreport_SCN_10042014_103430.log - RKreport_DEL_10042014_103519.log - RKreport_SCN_10042014_103718.log

Publicité


Signaler le contenu de ce document

Publicité