cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

RogueKiller V10.5.1.0 [Mar 5 2015] par Adlice Software
email : http://www.adlice.com/contact/
Remontées : http://forum.adlice.com
Site web : http://www.adlice.com/fr/logiciels/roguekiller/
Blog : http://www.adlice.com

Système d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Démarré en : Mode normal
Utilisateur : Louis [Administrateur]
Démarré depuis : C:\Users\Louis\Downloads\RogueKiller.exe
Mode : Scan -- Date : 03/07/2015 19:00:01

¤¤¤ Processus : 0 ¤¤¤

¤¤¤ Registre : 13 ¤¤¤
[PUP] HKEY_LOCAL_MACHINE\RK_Software_ON_G_337B\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA34C851-D481-49F5-A356-3A8B0A8F3B7E} -> Trouvé(e)
[PUP] HKEY_LOCAL_MACHINE\RK_Software_ON_G_337B\Microsoft\Windows\CurrentVersion\Run | BService : C:\Program Files\Bench\BService\1.1\bservice.exe -> Trouvé(e)
[PUP] HKEY_LOCAL_MACHINE\RK_Software_ON_G_337B\Microsoft\Windows\CurrentVersion\Run | Bench Communicator Watcher : C:\Program Files\Bench\Proxy\pwdg.exe -> Trouvé(e)
[PUP] HKEY_LOCAL_MACHINE\RK_Software_ON_G_337B\Microsoft\Windows\CurrentVersion\Run | Bench Settings Cleaner : C:\Program Files\Bench\Proxy\cl.exe -> Trouvé(e)
[Suspicious.Path] HKEY_LOCAL_MACHINE\RK_Software_ON_G_337B\Microsoft\Windows\CurrentVersion\RunOnce | Discount Dragon-repairJob : wscript.exe "C:\Users\Louis\AppData\Local\Discount Dragon\repair.js" "Discount Dragon-repairJob" -> Trouvé(e)
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Freemake Improver ("C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe") -> Trouvé(e)
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Freemake Improver ("C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe") -> Trouvé(e)
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Freemake Improver ("C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe") -> Trouvé(e)
[PUM.Proxy] HKEY_USERS\RK_Louis_ON_G_3E3C\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Trouvé(e)
[PUM.Proxy] HKEY_USERS\RK_Louis_ON_G_3E3C\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:3128 -> Trouvé(e)
[PUM.Policies] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Trouvé(e)
[PUM.StartMenu] HKEY_USERS\RK_Admin_ON_G_81D8\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Trouvé(e)
[PUM.StartMenu] HKEY_USERS\S-1-5-21-1097295771-2414175964-98458535-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_TrackProgs : 0 -> Trouvé(e)

¤¤¤ Tâches : 0 ¤¤¤

¤¤¤ Fichiers : 0 ¤¤¤

¤¤¤ Fichier Hosts : 34 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 media.opencandy.com
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.opencandy.com
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 tracking.opencandy.com
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 api.opencandy.com
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 installer.betterinstaller.com
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 installer.filebulldog.com
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 inno.bisrv.com
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 nsis.bisrv.com
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.file2desktop.com
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.goateastcach.us
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.guttastatdk.us
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.inskinmedia.com
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.insta.oibundles2.com
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.insta.playbryte.com
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.llogetfastcach.us
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.montiera.com
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.msdwnld.com
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.mypcbackup.com
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.ppdownload.com
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.riceateastcach.us
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.shyapotato.us
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.solimba.com
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.tuto4pc.com
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.appround.biz
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.bigspeedpro.com
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.bispd.com
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.bisrv.com
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.cdndp.com
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.download.sweetpacks.com
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.dpdownload.com
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.visualbee.net

¤¤¤ Antirootkit : 7 (Driver: Chargé) ¤¤¤
[IRP:Addr(Hook.IRP)] \SystemRoot\System32\drivers\mountmgr.sys - IRP_MJ_CREATE[0] : Unknown @ 0x857fb1f8
[IRP:Addr(Hook.IRP)] \SystemRoot\System32\drivers\mountmgr.sys - IRP_MJ_CLOSE[2] : Unknown @ 0x857fb1f8
[IRP:Addr(Hook.IRP)] \SystemRoot\System32\drivers\mountmgr.sys - IRP_MJ_DEVICE_CONTROL[14] : Unknown @ 0x857fb1f8
[IRP:Addr(Hook.IRP)] \SystemRoot\System32\drivers\mountmgr.sys - IRP_MJ_INTERNAL_DEVICE_CONTROL[15] : Unknown @ 0x857fb1f8
[IRP:Addr(Hook.IRP)] \SystemRoot\System32\drivers\mountmgr.sys - IRP_MJ_POWER[22] : Unknown @ 0x857fb1f8
[IRP:Addr(Hook.IRP)] \SystemRoot\System32\drivers\mountmgr.sys - IRP_MJ_SYSTEM_CONTROL[23] : Unknown @ 0x857fb1f8
[IRP:Addr(Hook.IRP)] \SystemRoot\System32\drivers\mountmgr.sys - IRP_MJ_PNP[27] : Unknown @ 0x857fb1f8

¤¤¤ Navigateurs web : 0 ¤¤¤

¤¤¤ Vérification MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD10EARS-00Y5B1 ATA Device +++++
--- User ---
[MBR] 7d3435c4136e1724149bf5accf5bf38e
[BSP] 15501b332faeefdca3fd8a20c059aea8 : Windows XP MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 329999 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 675840000 | Size: 101999 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
3 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 884736000 | Size: 521869 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: WDC WD1600AAJB-00J3A0 ATA Device +++++
--- User ---
[MBR] 3a08b9b9d0f38de2eafd227e4b2d2529
[BSP] 709d96ce5b9368214caaf3be347d884e : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 4096 | Size: 152625 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive2: Brother DCP-J725DW USB Device +++++
Error reading User MBR! ([15] Le périphérique n?est pas prêt. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )


============================================
RKreport_DEL_05292014_195119.log - RKreport_DEL_05292014_200638.log - RKreport_DEL_08082014_164627.log - RKreport_DEL_08082014_165852.log
RKreport_DEL_08082014_181652.log - RKreport_SCN_05292014_194721.log - RKreport_SCN_05292014_200038.log - RKreport_SCN_08082014_162804.log
RKreport_SCN_08082014_165525.log - RKreport_SCN_08082014_170730.log

Publicité


Signaler le contenu de ce document

Publicité