cjoint

Publicité


Publicité

Format du document : text/x-log

Prévisualisation

RogueKiller V10.6.5.0 [May 20 2015] par Adlice Software
email : http://www.adlice.com/contact/
Remontées : http://forum.adlice.com
Site web : http://www.adlice.com/fr/logiciels/roguekiller/
Blog : http://www.adlice.com

Système d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Démarré en : Mode normal
Utilisateur : MOUSSA [Administrateur]
Démarré depuis : C:\Users\MOUSSA\Desktop\RogueKiller.exe
Mode : Suppression -- Date : 05/21/2015 17:35:18

¤¤¤ Processus : 0 ¤¤¤

¤¤¤ Registre : 5 ¤¤¤
[PUM.Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad | WebCheck : {E6FB5E20-DE35-11CF-9C87-00AA005127ED} -> ERROR [0]
[PUM.Orphan] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{92780B25-18CC-41C8-B9BE-3C9C571A8263} | CLSID : -> ERROR [2]
[Hidden.From.SCM] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\bd0003 (system32\DRIVERS\bd0003.sys) -> ERROR [2]
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 0 -> Remplacé(e) (0)
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 0 -> Remplacé(e) (0)

¤¤¤ Tâches : 1 ¤¤¤
[Suspicious.Path] BYAIAMUF.job -- C:\Users\MOUSSA\AppData\Roaming\BYAIAMUF.exe (/infocmdline=eYNBRhRm2rIdnMpQgsYNP6aaVqmP7NHpii4uYfXmvolS2mdHTalipoF8BNmu79Kkxz1HxKF6Q0/9frz7upBxcwyNhVmReyBJrAXzyyp+GabGlfqX03U4FchgG3hymW0WB7/uOYQ5O9pZM7wECqXjVdZqZoMXcR2bjpS3fPEaPqAkj7lF2vhkXeaXZ5w23PAvgQ6u0ZEIkqHu15yEKYAWa4OQujnuGWt9uQD+hN2B443/YYffO+ATgEMnP7Kft/z9wd5lPw7cUQlzDl7T8B7WOn/XM4mzQB9nJqsKgoZCxhK7bBEpKI/0a19HZeM6uEb6Z+ZU+g5M9ZKPTxNnFEVkrKnDIAUemw2jScGMIFapC4OK5RUFHrggfChqixtrcIkZFpD+rq7hYPZC4HZOb0TGtYCY81Bk1XL/5LDSVzH7HqDBIcsBVGlP7StfFcxMET5ow+qC7OuldWgXJzhiRDLiLcQUtFrQr+MbtKEn96GypnKYhMGt13pWRp1o5QfjHRRgsZkLutK+wRg09MBTdV6esMVJAnVrHQ18v7KwLAnjHLQ6qygpZwcc4FRKmt288xLM80NNLghoNjL7A5LleUPNwEK91s0rHvKmd83SdnKb64/+DklNpVBvfiP1S7ufH9ZR3T06y0c1dfgiSyZsKto8dEXbr5D/fQu+D2xz3adWKyg=) -> ERROR [0]

¤¤¤ Fichiers : 0 ¤¤¤

¤¤¤ Fichier Hosts : 0 ¤¤¤

¤¤¤ Antirootkit : 4 (Driver: Chargé) ¤¤¤
[IAT:Inl(Hook.IEAT)] (explorer.exe) ntdll.dll - NlsAnsiCodePage : Unknown @ 0xffffffffcbe07159 (call 0x54000009)
[IAT:Inl(Hook.IEAT)] (iexplore.exe) ntdll.dll - NlsAnsiCodePage : Unknown @ 0xffffffffcbe07159 (call 0x54000009)
[IAT:Inl(Hook.IEAT)] (iexplore.exe) ntdll.dll - NlsAnsiCodePage : Unknown @ 0xffffffffcbe07159 (call 0x54000009)
[IAT:Inl(Hook.IEAT)] (iexplore.exe) ntdll.dll - NlsAnsiCodePage : Unknown @ 0xffffffffcbe07159 (call 0x54000009)

¤¤¤ Navigateurs web : 1 ¤¤¤
[PUP][FIREFX:Addon] xz8f4ym2.default : Shopper-Pro [{746505DC-0E21-4667-97F8-72EA6BCF5EEF}] -> Supprimé(e)

¤¤¤ Vérification MBR : ¤¤¤
+++++ PhysicalDrive0: TOSHIBA MQ01ABD050 +++++
--- User ---
[MBR] 833f4a126efcd072d58733905cc0abb8
[BSP] e06eb7b6db929cf20410f67453ccca98 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 102400 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 209717248 | Size: 112720 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 440567808 | Size: 131818 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
3 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 710531072 | Size: 130000 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK


============================================
RKreport_SCN_05202015_194550.log - RKreport_SCN_05212015_173015.log - RKreport_DEL_05212015_173447.log

Publicité


Signaler le contenu de ce document

Publicité