cjoint

Publicité


Publicité

Format du document : application/octet-stream

Prévisualisation

RogueKiller V10.8.7.0 [Jun 29 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/fr/logiciels/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Started in : Normal mode
User : HP [Administrator]
Started from : C:\Users\HP\Desktop\RogueKiller.exe
Mode : Delete -- Date : 06/30/2015 00:53:36

¤¤¤ Processes : 2 ¤¤¤
[PUP] (SVC) DatamngrCoordinator -- C:\Program Files\Movies App\Datamngr\DatamngrCoordinator.exe[7] -> ERROR [41c]
[PUP] (SVC) ReimageRealTimeProtector -- C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe[7] -> Stopped

¤¤¤ Registry : 27 ¤¤¤
[PUP] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{08ae5e13-70cc-4fbb-ad00-ef4b90a44451} (C:\PROGRA~1\MOVIES~1\Datamngr\SRTOOL~1\IE\searchresultsDx.dll) -> Deleted
[PUP] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5cf5a690-c8f4-488e-9d20-f21aef602d41} (C:\Program Files\BuzzSearch\BuzzSearchBHO.dll) -> Deleted
[PUP] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} (C:\Program Files\AVG SafeGuard toolbar\18.6.0.922\AVG SafeGuard toolbar_toolbar.dll) -> Deleted
[PUP] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} (C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll) -> Deleted
[PUP] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar | {95B7759C-8C7F-4BF1-B163-73684A933233} : C:\Program Files\AVG SafeGuard toolbar\18.6.0.922\AVG SafeGuard toolbar_toolbar.dll -> Deleted
[PUP] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar | {08ae5e13-70cc-4fbb-ad00-ef4b90a44451} : Movies Search App (Dist. by Koyote-Lab, Inc.) C:\PROGRA~1\MOVIES~1\Datamngr\SRTOOL~1\IE\searchresultsDx.dll -> Deleted
[PUP] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | vProt : "C:\Program Files\AVG SafeGuard toolbar\vprot.exe" -> Deleted
[Suspicious.Path] HKEY_USERS\S-1-5-21-892030155-2450823676-1605038858-1000\Software\Microsoft\Windows\CurrentVersion\Run | Badoo Desktop : C:\ProgramData\Badoo\Badoo Desktop\1.6.58.1220\Badoo.Desktop.exe [x] -> Deleted
[PUP] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\DatamngrCoordinator (C:\Program Files\Movies App\Datamngr\DatamngrCoordinator.exe) -> ERROR [5]
[PUP] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\ReimageRealTimeProtector (C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe) -> Deleted
[Hidden.From.SCM] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\tsusbhub (system32\drivers\tsusbhub.sys) -> Deleted
[PUP] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\DatamngrCoordinator (C:\Program Files\Movies App\Datamngr\DatamngrCoordinator.exe) -> ERROR [5]
[PUP] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ReimageRealTimeProtector (C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe) -> Deleted
[PUP] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\DatamngrCoordinator (C:\Program Files\Movies App\Datamngr\DatamngrCoordinator.exe) -> Deleted
[PUP] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\ReimageRealTimeProtector (C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe) -> Deleted
[PUM.HomePage] HKEY_USERS\S-1-5-21-892030155-2450823676-1605038858-1000\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.search.ask.com/?o=APN10649A&gct=hp&d=414-136&v=r15946-737&t=4 -> Replaced (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.SearchPage] HKEY_USERS\S-1-5-21-892030155-2450823676-1605038858-1000\Software\Microsoft\Internet Explorer\Main | Search Page : http://search.b1.org/?bsrc=hmior&chid=c167991 -> Replaced (http://go.microsoft.com/fwlink/?LinkId=54896)
[PUM.Dns] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 77.88.8.88 77.88.8.2 [X][X] -> Replaced ()
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 77.88.8.88 77.88.8.2 [X][X] -> Replaced ()
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 77.88.8.88 77.88.8.2 [X][X] -> Replaced ()
[PUM.Dns] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{7F2EA74B-1207-4760-AC2E-22323A90EC5D} | DhcpNameServer : 192.168.1.1 0.0.0.0 [-][X] -> Replaced ()
[PUM.Dns] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{864D52CA-8220-401D-A697-CE6F8F571F7C} | DhcpNameServer : 77.88.8.88 77.88.8.2 [X][X] -> Replaced ()
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{7F2EA74B-1207-4760-AC2E-22323A90EC5D} | DhcpNameServer : 192.168.1.1 0.0.0.0 [-][X] -> Replaced ()
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{864D52CA-8220-401D-A697-CE6F8F571F7C} | DhcpNameServer : 77.88.8.88 77.88.8.2 [X][X] -> Replaced ()
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{7F2EA74B-1207-4760-AC2E-22323A90EC5D} | DhcpNameServer : 192.168.1.1 0.0.0.0 [-][X] -> Replaced ()
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{864D52CA-8220-401D-A697-CE6F8F571F7C} | DhcpNameServer : 77.88.8.88 77.88.8.2 [X][X] -> Replaced ()
[PUM.Policies] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Replaced (2)

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ Hosts File : 3 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 genuine.microsoft.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 mpa.one.microsoft.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 sls.microsoft.com

¤¤¤ Antirootkit : 1 (Driver: Loaded) ¤¤¤
[IAT:Inl(Hook.IEAT)] (explorer.exe) ntdll.dll - NlsAnsiCodePage : Unknown @ 0xffffffffcbbd8159 (call 0x54000009)

¤¤¤ Web browsers : 5 ¤¤¤
[PUP][FIREFX:Addon] rcu9scqf.default : Mozilla Firefox Hotfixer [veggy@veggyAddon.com] -> Not selected
[PUP][FIREFX:Addon] rcu9scqf.default : Supreme Finder [{4fec0d7e-e1c2-4b86-af44-c7cf7b0c199a}] -> Not selected
[PUP][FIREFX:Addon] rcu9scqf.default : AVG SafeGuard toolbar [avg@toolbar] -> Not selected
[PUP][FIREFX:Addon] rcu9scqf.default : Movies Search App (Dist. by Koyote-Lab, Inc.) [{08ae5e13-70cc-4fbb-ad00-ef4b90a44451}] -> Not selected
[PUM.HomePage][FIREFX:Config] rcu9scqf.default : user_pref("browser.startup.homepage", "isco&cmpid=0615tb&pr=sa&d=2014-02-05 20:40:24&v=18.6.0.922&pid=safeguard&sg=0&sap=hp"); -> Not selected

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: ST9500325AS ATA Device +++++
--- User ---
[MBR] dbdbcff69abdb6a4809399d4cb535d89
[BSP] de42e484367190f55a7e95a25a270c7e : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 124900 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 256002048 | Size: 125000 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 512002048 | Size: 125000 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
3 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 768002048 | Size: 101938 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: TOSHIBA TransMemory USB Device +++++
--- User ---
[MBR] 4e506bee1852b08d71a22c7f54d21797
[BSP] c6f7e090bf5966bb83f13f4feaba70df : Unknown MBR Code
Partition table:
0 - [XXXXXX] FAT32 (0xb) [VISIBLE] Offset (sectors): 63 | Size: 7396 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )


============================================
RKreport_SCN_06302015_004838.log - RKreport_SCN_06302015_005250.log - RKreport_DEL_06302015_005305.log

Publicité


Signaler le contenu de ce document

Publicité