cjoint

Publicité


Publicité

Format du document : application/octet-stream

Prévisualisation

RogueKiller V10.8.7.0 [Jun 29 2015] par Adlice Software
email : http://www.adlice.com/contact/
Remontées : http://forum.adlice.com
Site web : http://www.adlice.com/fr/logiciels/roguekiller/
Blog : http://www.adlice.com

Système d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Démarré en : Mode normal
Utilisateur : HP [Administrateur]
Démarré depuis : C:\Users\HP\Desktop\RogueKiller.exe
Mode : Scan -- Date : 06/30/2015 00:48:38

¤¤¤ Processus : 2 ¤¤¤
[PUP] (SVC) DatamngrCoordinator -- C:\Program Files\Movies App\Datamngr\DatamngrCoordinator.exe[7] -> ERROR [41c]
[PUP] (SVC) ReimageRealTimeProtector -- C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe[7] -> Arrêté(e)

¤¤¤ Registre : 27 ¤¤¤
[PUP] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{08ae5e13-70cc-4fbb-ad00-ef4b90a44451} (C:\PROGRA~1\MOVIES~1\Datamngr\SRTOOL~1\IE\searchresultsDx.dll) -> Trouvé(e)
[PUP] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5cf5a690-c8f4-488e-9d20-f21aef602d41} (C:\Program Files\BuzzSearch\BuzzSearchBHO.dll) -> Trouvé(e)
[PUP] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} (C:\Program Files\AVG SafeGuard toolbar\18.6.0.922\AVG SafeGuard toolbar_toolbar.dll) -> Trouvé(e)
[PUP] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} (C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll) -> Trouvé(e)
[PUP] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar | {95B7759C-8C7F-4BF1-B163-73684A933233} : C:\Program Files\AVG SafeGuard toolbar\18.6.0.922\AVG SafeGuard toolbar_toolbar.dll -> Trouvé(e)
[PUP] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar | {08ae5e13-70cc-4fbb-ad00-ef4b90a44451} : Movies Search App (Dist. by Koyote-Lab, Inc.) C:\PROGRA~1\MOVIES~1\Datamngr\SRTOOL~1\IE\searchresultsDx.dll -> Trouvé(e)
[PUP] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | vProt : "C:\Program Files\AVG SafeGuard toolbar\vprot.exe" -> Trouvé(e)
[Suspicious.Path] HKEY_USERS\S-1-5-21-892030155-2450823676-1605038858-1000\Software\Microsoft\Windows\CurrentVersion\Run | Badoo Desktop : C:\ProgramData\Badoo\Badoo Desktop\1.6.58.1220\Badoo.Desktop.exe [x] -> Trouvé(e)
[PUP] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\DatamngrCoordinator (C:\Program Files\Movies App\Datamngr\DatamngrCoordinator.exe) -> Trouvé(e)
[PUP] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\ReimageRealTimeProtector (C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe) -> Trouvé(e)
[Hidden.From.SCM] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\tsusbhub (system32\drivers\tsusbhub.sys) -> Trouvé(e)
[PUP] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\DatamngrCoordinator (C:\Program Files\Movies App\Datamngr\DatamngrCoordinator.exe) -> Trouvé(e)
[PUP] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ReimageRealTimeProtector (C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe) -> Trouvé(e)
[PUP] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\DatamngrCoordinator (C:\Program Files\Movies App\Datamngr\DatamngrCoordinator.exe) -> Trouvé(e)
[PUP] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\ReimageRealTimeProtector (C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe) -> Trouvé(e)
[PUM.HomePage] HKEY_USERS\S-1-5-21-892030155-2450823676-1605038858-1000\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.search.ask.com/?o=APN10649A&gct=hp&d=414-136&v=r15946-737&t=4 -> Trouvé(e)
[PUM.SearchPage] HKEY_USERS\S-1-5-21-892030155-2450823676-1605038858-1000\Software\Microsoft\Internet Explorer\Main | Search Page : http://search.b1.org/?bsrc=hmior&chid=c167991 -> Trouvé(e)
[PUM.Dns] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 77.88.8.88 77.88.8.2 [X][X] -> Trouvé(e)
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 77.88.8.88 77.88.8.2 [X][X] -> Trouvé(e)
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 77.88.8.88 77.88.8.2 [X][X] -> Trouvé(e)
[PUM.Dns] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{7F2EA74B-1207-4760-AC2E-22323A90EC5D} | DhcpNameServer : 192.168.1.1 0.0.0.0 [-][X] -> Trouvé(e)
[PUM.Dns] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{864D52CA-8220-401D-A697-CE6F8F571F7C} | DhcpNameServer : 77.88.8.88 77.88.8.2 [X][X] -> Trouvé(e)
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{7F2EA74B-1207-4760-AC2E-22323A90EC5D} | DhcpNameServer : 192.168.1.1 0.0.0.0 [-][X] -> Trouvé(e)
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{864D52CA-8220-401D-A697-CE6F8F571F7C} | DhcpNameServer : 77.88.8.88 77.88.8.2 [X][X] -> Trouvé(e)
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{7F2EA74B-1207-4760-AC2E-22323A90EC5D} | DhcpNameServer : 192.168.1.1 0.0.0.0 [-][X] -> Trouvé(e)
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{864D52CA-8220-401D-A697-CE6F8F571F7C} | DhcpNameServer : 77.88.8.88 77.88.8.2 [X][X] -> Trouvé(e)
[PUM.Policies] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Trouvé(e)

¤¤¤ Tâches : 0 ¤¤¤

¤¤¤ Fichiers : 0 ¤¤¤

¤¤¤ Fichier Hosts : 3 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 genuine.microsoft.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 mpa.one.microsoft.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 sls.microsoft.com

¤¤¤ Antirootkit : 1 (Driver: Chargé) ¤¤¤
[IAT:Inl(Hook.IEAT)] (explorer.exe) ntdll.dll - NlsAnsiCodePage : Unknown @ 0xffffffffcbbd8159 (call 0x54000009)

¤¤¤ Navigateurs web : 5 ¤¤¤
[PUP][FIREFX:Addon] rcu9scqf.default : Mozilla Firefox Hotfixer [veggy@veggyAddon.com] -> Trouvé(e)
[PUP][FIREFX:Addon] rcu9scqf.default : Supreme Finder [{4fec0d7e-e1c2-4b86-af44-c7cf7b0c199a}] -> Trouvé(e)
[PUP][FIREFX:Addon] rcu9scqf.default : AVG SafeGuard toolbar [avg@toolbar] -> Trouvé(e)
[PUP][FIREFX:Addon] rcu9scqf.default : Movies Search App (Dist. by Koyote-Lab, Inc.) [{08ae5e13-70cc-4fbb-ad00-ef4b90a44451}] -> Trouvé(e)
[PUM.HomePage][FIREFX:Config] rcu9scqf.default : user_pref("browser.startup.homepage", "isco&cmpid=0615tb&pr=sa&d=2014-02-05 20:40:24&v=18.6.0.922&pid=safeguard&sg=0&sap=hp"); -> Trouvé(e)

¤¤¤ Vérification MBR : ¤¤¤
+++++ PhysicalDrive0: ST9500325AS ATA Device +++++
--- User ---
[MBR] dbdbcff69abdb6a4809399d4cb535d89
[BSP] de42e484367190f55a7e95a25a270c7e : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 124900 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 256002048 | Size: 125000 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 512002048 | Size: 125000 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
3 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 768002048 | Size: 101938 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: TOSHIBA TransMemory USB Device +++++
--- User ---
[MBR] 4e506bee1852b08d71a22c7f54d21797
[BSP] c6f7e090bf5966bb83f13f4feaba70df : Unknown MBR Code
Partition table:
0 - [XXXXXX] FAT32 (0xb) [VISIBLE] Offset (sectors): 63 | Size: 7396 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )


Publicité


Signaler le contenu de ce document

Publicité