cjoint

Publicité


Publicité

Format du document : text/x-log

Prévisualisation

RogueKiller V10.5.2.0 [Mar 9 2015] par Adlice Software
email : http://www.adlice.com/contact/
Remontées : http://forum.adlice.com
Site web : http://www.adlice.com/fr/logiciels/roguekiller/
Blog : http://www.adlice.com

Système d'exploitation : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Démarré en : Mode normal
Utilisateur : Administrateur [Administrateur]
Démarré depuis : C:\Documents and Settings\prof\Mes documents\Téléchargements\RogueKiller.exe
Mode : Scan -- Date : 03/09/2015 17:30:57

¤¤¤ Processus : 7 ¤¤¤
[Proc.Injected] wscntfy.exe(2964) -- C:\WINDOWS.2\system32\wscntfy.exe[7] -> Tué(e) [TermProc]
[Proc.Injected] explorer.exe(2800) -- C:\WINDOWS.2\Explorer.EXE[7] -> Tué(e) [TermProc]
[Proc.Injected] RTHDCPL.EXE(2824) -- C:\WINDOWS.2\RTHDCPL.EXE[7] -> Tué(e) [TermProc]
[Proc.Injected] rundll32.exe(4044) -- C:\WINDOWS.2\system32\RUNDLL32.EXE[7] -> Tué(e) [TermProc]
[Proc.Injected] ctfmon.exe(3540) -- C:\WINDOWS.2\system32\ctfmon.exe[7] -> Tué(e) [TermProc]
[Proc.Injected] msmsgs.exe(468) -- C:\Program Files\Messenger\msmsgs.exe[7] -> Tué(e) [TermProc]
[Proc.Injected] firefox.exe(280) -- C:\Program Files\Mozilla Firefox\firefox.exe[7] -> Tué(e) [TermProc]

¤¤¤ Registre : 9 ¤¤¤
[Suspicious.Path] HKEY_USERS\S-1-5-21-484763869-57989841-1801674531-1004\Software\Microsoft\Windows\CurrentVersion\Run | Bbryrz : C:\Documents and Settings\prof\Application Data\Bbryrz.exe -> Trouvé(e)
[PUM.Proxy] HKEY_USERS\S-1-5-21-484763869-57989841-1801674531-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Trouvé(e)
[PUM.Dns] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 172.16.0.1 172.16.0.2 [(Private Address) (XX)][(Private Address) (XX)] -> Trouvé(e)
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 172.16.0.1 172.16.0.2 [(Private Address) (XX)][(Private Address) (XX)] -> Trouvé(e)
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 172.16.0.1 172.16.0.2 [(Private Address) (XX)][(Private Address) (XX)] -> Trouvé(e)
[PUM.Dns] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{C08DF65E-7EAF-4A62-910D-1CF274957F02} | DhcpNameServer : 172.16.0.1 172.16.0.2 [(Private Address) (XX)][(Private Address) (XX)] -> Trouvé(e)
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{C08DF65E-7EAF-4A62-910D-1CF274957F02} | DhcpNameServer : 172.16.0.1 172.16.0.2 [(Private Address) (XX)][(Private Address) (XX)] -> Trouvé(e)
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{C08DF65E-7EAF-4A62-910D-1CF274957F02} | DhcpNameServer : 172.16.0.1 172.16.0.2 [(Private Address) (XX)][(Private Address) (XX)] -> Trouvé(e)
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Trouvé(e)

¤¤¤ Tâches : 0 ¤¤¤

¤¤¤ Fichiers : 1 ¤¤¤
[Suspicious.Startup][Fichier] bginfo.bat -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\bginfo.bat -> Trouvé(e)

¤¤¤ Fichier Hosts : 1 ¤¤¤
[C:\WINDOWS.2\System32\drivers\etc\hosts] 127.0.0.1 localhost

¤¤¤ Antirootkit : 0 (Driver: Chargé) ¤¤¤

¤¤¤ Navigateurs web : 0 ¤¤¤

¤¤¤ Vérification MBR : ¤¤¤
+++++ PhysicalDrive0: +++++
--- User ---
[MBR] 57530dbc0dfdaacd9d0e3ef832b56171
[BSP] 00b7924c61a7450666a8bd1e9d6ea475 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 29996 MB [Windows XP Bootstrap | Windows XP Bootloader]
1 - [XXXXXX] LINUX (0x83) [VISIBLE] Offset (sectors): 61432560 | Size: 658 MB
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 62782020 | Size: 45661 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
Error reading LL2 MBR! ([1] Fonction incorrecte. )

+++++ PhysicalDrive1: SanDisk Cruzer Fit USB Device +++++
--- User ---
[MBR] fde0b3b6e50af77cbf5b70375cf4c056
[BSP] 52462c3e23308e76123c7818b7ad5f3a : Empty MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0xc) [VISIBLE] Offset (sectors): 32 | Size: 15266 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] Cette demande n'est pas prise en charge. )


Publicité


Signaler le contenu de ce document

Publicité