cjoint

Publicité


Publicité

Format du document : application/octet-stream

Prévisualisation

RogueKiller V10.8.6.0 [Jun 22 2015] par Adlice Software
email : http://www.adlice.com/contact/
Remontées : http://forum.adlice.com
Site web : http://www.adlice.com/fr/logiciels/roguekiller/
Blog : http://www.adlice.com

Système d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Démarré en : Mode normal
Utilisateur : BILEL2 [Administrateur]
Démarré depuis : C:\Users\BILEL2.DAlmaarif-PC\Desktop\RogueKiller.exe
Mode : Scan -- Date : 06/25/2015 23:58:01

¤¤¤ Processus : 0 ¤¤¤

¤¤¤ Registre : 5 ¤¤¤
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\catchme (\??\C:\Users\BILEL2~1.DA~\AppData\Local\Temp\catchme.sys) -> Trouvé(e)
[Hidden.From.SCM] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Partizan (system32\drivers\Partizan.sys) -> Trouvé(e)
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\catchme (\??\C:\Users\BILEL2~1.DA~\AppData\Local\Temp\catchme.sys) -> Trouvé(e)
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\catchme (\??\C:\Users\BILEL2~1.DA~\AppData\Local\Temp\catchme.sys) -> Trouvé(e)
[PUM.SearchPage] HKEY_USERS\S-1-5-21-3777347321-274098484-2441411430-1005\Software\Microsoft\Internet Explorer\Main | Search Bar : Preserve -> Trouvé(e)

¤¤¤ Tâches : 0 ¤¤¤

¤¤¤ Fichiers : 0 ¤¤¤

¤¤¤ Fichier Hosts : 0 ¤¤¤

¤¤¤ Antirootkit : 1 (Driver: Chargé) ¤¤¤
[IAT:Inl(Hook.IEAT)] (explorer.exe) ntdll.dll - NlsAnsiCodePage : Unknown @ 0xffffffffcb0a8159 (call 0x54000009)

¤¤¤ Navigateurs web : 3 ¤¤¤
[PUP][FIREFX:Addon] 99rgkajb.default : AS Magic Player [magicplayer@acestream.org] -> Trouvé(e)
[PUM.Proxy][FIREFX:Config] ovasxklu.default : user_pref("network.proxy.http", "127.0.0.1"); -> Trouvé(e)
[PUM.Proxy][FIREFX:Config] ovasxklu.default : user_pref("network.proxy.http_port", 8088); -> Trouvé(e)

¤¤¤ Vérification MBR : ¤¤¤
+++++ PhysicalDrive0: Hitachi HDS721032CLA362 ATA Device +++++
--- User ---
[MBR] 00eb74c388ed31bcf90a3cac31b6effe
[BSP] 9fbb9a8fb53bf5613052dc871a90fa36 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 80000 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 163842048 | Size: 60000 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] EXTEN-LBA (0xf) [VISIBLE] Offset (sectors): 286722048 | Size: 60000 MB
3 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 409602048 | Size: 105243 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK


Publicité


Signaler le contenu de ce document

Publicité