cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ÿþRogueKiller V10.9.3.0 (x64) [Jul 21 2015] par Adlice Software
email : http://www.adlice.com/contact/
Remontées : http://forum.adlice.com
Site web : http://www.adlice.com/fr/logiciels/roguekiller/
Blog : http://www.adlice.com

Système d'exploitation : Windows 8 (6.2.9200 ) 64 bits version
Démarré en : Mode normal
Utilisateur : Lounes [Administrateur]
Démarré depuis : C:\Users\Lounes\Downloads\RogueKillerX64.exe
Mode : Scan -- Date : 07/21/2015 23:48:08

¤¤¤ Processus : 0 ¤¤¤

¤¤¤ Registre : 18 ¤¤¤
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\catchme (\??\C:\Users\Lounes\AppData\Local\Temp\catchmejtao.sys) -> Trouvé(e)
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\catchme (\??\C:\Users\Lounes\AppData\Local\Temp\catchmejtao.sys) -> Trouvé(e)
[PUM.Proxy] (X64) HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : -> Trouvé(e)
[PUM.Proxy] (X86) HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : -> Trouvé(e)
[PUM.Proxy] (X64) HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : -> Trouvé(e)
[PUM.Proxy] (X86) HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : -> Trouvé(e)
[PUM.HomePage] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=fr&pid=NIS&pvid=20.6.0.27 -> Trouvé(e)
[PUM.HomePage] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=fr&pid=NIS&pvid=20.6.0.27 -> Trouvé(e)
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=fr&pid=NIS&pvid=20.6.0.27 -> Trouvé(e)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=fr&pid=NIS&pvid=20.6.0.27 -> Trouvé(e)
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=fr&pid=NIS&pvid=20.6.0.27 -> Trouvé(e)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=fr&pid=NIS&pvid=20.6.0.27 -> Trouvé(e)
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=fr&pid=NIS&pvid=20.6.0.27 -> Trouvé(e)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=fr&pid=NIS&pvid=20.6.0.27 -> Trouvé(e)
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{95D11D56-D364-4CBE-90FE-D5CFFE0F7547} | DhcpNameServer : 40.22.1.201 40.22.1.203 ([UNITED STATES (US)][-]) -> Trouvé(e)
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{F3E6B547-4C7D-47D6-B7D6-7CF04E604A37} | DhcpNameServer : 8.8.8.8 8.8.4.4 172.18.12.1 ([-][-][(Private Address) (XX)]) -> Trouvé(e)
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{95D11D56-D364-4CBE-90FE-D5CFFE0F7547} | DhcpNameServer : 40.22.1.201 40.22.1.203 ([UNITED STATES (US)][-]) -> Trouvé(e)
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{F3E6B547-4C7D-47D6-B7D6-7CF04E604A37} | DhcpNameServer : 8.8.8.8 8.8.4.4 172.18.12.1 ([-][-][(Private Address) (XX)]) -> Trouvé(e)

¤¤¤ Tâches : 2 ¤¤¤
[Suspicious.Path|VT.Trojan.Generic.14558205] %WINDIR%\Tasks\Chromium.job -- C:\Users\Lounes\AppData\Local\Chromium\APPLIC~1\440238~1.0\INSTAL~1\UNINST~1.EXE (/Check) -> Trouvé(e)
[Suspicious.Path|VT.Trojan.Generic.14558205] \Chromium -- C:\Users\Lounes\AppData\Local\Chromium\APPLIC~1\440238~1.0\INSTAL~1\UNINST~1.EXE (/Check) -> Trouvé(e)

¤¤¤ Fichiers : 0 ¤¤¤

¤¤¤ Fichier Hosts : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Chargé) ¤¤¤

¤¤¤ Navigateurs web : 1 ¤¤¤
[PUM.Proxy][FIREFX:Config] j69w6pvq.default : user_pref("network.proxy.type", 4); -> Trouvé(e)

¤¤¤ Vérification MBR : ¤¤¤
+++++ PhysicalDrive0: ST1000LM024 HN-M101MBB +++++
--- User ---
[MBR] b6a5b19c9119be7850116df19286ac72
[BSP] 52bd98af05b34ef3fe2da1318cb9b3b9 : Empty MBR Code
Partition table:
0 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 2048 | Size: 400 MB
1 - [MAN-MOUNT] EFI system partition | Offset (sectors): 821248 | Size: 260 MB
2 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 1353728 | Size: 128 MB
3 - Basic data partition | Offset (sectors): 1615872 | Size: 928175 MB
4 - [SYSTEM][MAN-MOUNT] | Offset (sectors): 1902518272 | Size: 450 MB
5 - [SYSTEM] Basic data partition | Offset (sectors): 1903439872 | Size: 24455 MB
User = LL1 ... OK
User = LL2 ... OK


Publicité


Signaler le contenu de ce document

Publicité