cjoint

Publicité


Publicité

Format du document : text/x-log

Prévisualisation

RogueKiller V10.6.3.0 [May 11 2015] par Adlice Software
email : http://www.adlice.com/contact/
Remontées : http://forum.adlice.com
Site web : http://www.adlice.com/fr/logiciels/roguekiller/
Blog : http://www.adlice.com

Système d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Démarré en : Mode normal
Utilisateur : Hicham [Administrateur]
Démarré depuis : C:\Users\Hicham\Desktop\RogueKiller_2.exe
Mode : Scan -- Date : 05/16/2015 20:26:27

¤¤¤ Processus : 0 ¤¤¤

¤¤¤ Registre : 18 ¤¤¤
[Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad | WebCheck : {E6FB5E20-DE35-11CF-9C87-00AA005127ED} -> Trouvé(e)
[Orphan] HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser | {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} : -> Trouvé(e)
[Orphan] HKEY_USERS\S-1-5-21-1082021709-2678286093-2821165619-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser | {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} : -> Trouvé(e)
[Orphan] HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser | {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} : -> Trouvé(e)
[Orphan] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{92780B25-18CC-41C8-B9BE-3C9C571A8263} | CLSID : {E0DD6CAB-2D10-11D2-8F1A-0000F87ABD16} -> Trouvé(e)
[Suspicious.Path|VT.Unknown] HKEY_USERS\S-1-5-21-1082021709-2678286093-2821165619-1000\Software\Microsoft\Windows\CurrentVersion\Run | SocialSafe.Helper : C:\Program Files\SocialSafe\SocialSafe files\native-helpers\SocialSafe.Helper.exe "C:\Users\Hicham\AppData\Roaming\com.1minus1.socialsafe.D675411CF670AA3EFAC13BDD847989BEDE2115E2.1\Local Store\native-helpers\tasks.json" [7][-] -> Trouvé(e)
[Suspicious.Path|Hidden.From.SCM] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\mbr (\??\C:\Users\Hicham\AppData\Local\Temp\mbr.sys) -> Trouvé(e)
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\mbr (\??\C:\Users\Hicham\AppData\Local\Temp\mbr.sys) -> Trouvé(e)
[PUM.HomePage] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://securityresponse.symantec.com/avcenter/fix_homepage/ -> Trouvé(e)
[PUM.Dns] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{7EB9A59B-4369-4847-BAAB-FB739754D535} | DhcpNameServer : 80.67.0.2 91.213.246.2 [-][SWEDEN (SE)] -> Trouvé(e)
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{7EB9A59B-4369-4847-BAAB-FB739754D535} | DhcpNameServer : 80.67.0.2 91.213.246.2 [-][SWEDEN (SE)] -> Trouvé(e)
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{7EB9A59B-4369-4847-BAAB-FB739754D535} | DhcpNameServer : 80.67.0.2 91.213.246.2 [-][SWEDEN (SE)] -> Trouvé(e)
[PUM.Policies] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Trouvé(e)
[PUM.StartMenu] HKEY_USERS\S-1-5-21-1082021709-2678286093-2821165619-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Trouvé(e)
[PUM.DesktopIcons] HKEY_USERS\S-1-5-21-1082021709-2678286093-2821165619-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> Trouvé(e)
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Trouvé(e)
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Trouvé(e)
[PUM.DesktopIcons] HKEY_USERS\S-1-5-21-1082021709-2678286093-2821165619-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Trouvé(e)

¤¤¤ Tâches : 0 ¤¤¤

¤¤¤ Fichiers : 0 ¤¤¤

¤¤¤ Fichier Hosts : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Chargé) ¤¤¤

¤¤¤ Navigateurs web : 2 ¤¤¤
[PUM.Proxy][FIREFX:Config] pc3qx5nu.default : user_pref("network.proxy.http", "178.73.212.194"); -> Trouvé(e)
[PUM.Proxy][FIREFX:Config] pc3qx5nu.default : user_pref("network.proxy.http_port", 1205); -> Trouvé(e)

¤¤¤ Vérification MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD5000LPVT-16G33T0 +++++
--- User ---
[MBR] dea59413312bb9dcb083a37a6c85eefb
[BSP] 3efae9701682a76b101f1b8d55b7a6d0 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 63 | Size: 0 MB
1 - [ACTIVE] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
2 - [XXXXXX] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 206848 | Size: 109900 MB
3 - [XXXXXX] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 225282048 | Size: 366938 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: SanDisk Cruzer Blade USB Device +++++
--- User ---
[MBR] fdfc5e10197f449ac042b9e4e4f344b9
[BSP] 9ebab87c9fc2ff0c648e6f839a8fb989 : Empty|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] FAT32 (0xb) [VISIBLE] Offset (sectors): 32 | Size: 7633 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )


Publicité


Signaler le contenu de ce document

Publicité