cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ÿþRogueKiller V10.10.1.0 [Aug 17 2015] par Adlice Software
email : http://www.adlice.com/contact/
Remontées : http://forum.adlice.com
Site web : http://www.adlice.com/fr/logiciels/roguekiller/
Blog : http://www.adlice.com

Système d'exploitation : Windows 7 (6.1.7600) 32 bits version
Démarré en : Mode normal
Utilisateur : HOUSSAM [Administrateur]
Démarré depuis : C:\Users\HOUSSAM\Downloads\RogueKiller.exe
Mode : Scan -- Date : 08/23/2015 01:52:48

¤¤¤ Processus : 0 ¤¤¤

¤¤¤ Registre : 16 ¤¤¤
[PUP] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\globalUpdate (C:\Program Files\globalUpdate\Update\globalupdate.exe /svc) -> Trouvé(e)
[PUP] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\globalUpdatem (C:\Program Files\globalUpdate\Update\globalupdate.exe /medsvc) -> Trouvé(e)
[PUP] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\IHProtect Service (C:\Program Files\MiuiTab\ProtectService.exe) -> Trouvé(e)
[PUP] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\QMIEProtect (\??\C:\Program Files\Tencent\QQPCMgr\10.10.16434.218\QMIEProtect.sys) -> Trouvé(e)
[PUP] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\QMUdisk (\??\C:\Program Files\Tencent\QQPCMgr\10.10.16434.218\QMUdisk.sys) -> Trouvé(e)
[PUP] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\QQPCHelper (\??\C:\Program Files\Tencent\QQPCMgr\10.10.16434.218\QQPCHelper.sys) -> Trouvé(e)
[PUP] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\QQPCRTP ("C:\Program Files\Tencent\QQPCMgr\10.10.16434.218\QQPCRTP.exe" -r) -> Trouvé(e)
[PUP] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\QQSysMon (\??\C:\Program Files\Tencent\QQPCMgr\10.10.16434.218\QQSysMon.sys) -> Trouvé(e)
[PUP] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SPDRIVER_1.42.1.1974 (\??\C:\Program Files\ShopperPro\JSDriver\1.42.1.1974\jsdrv.sys) -> Trouvé(e)
[PUP] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TAOAccelerator (\??\C:\Windows\system32\Drivers\TAOAccelerator.sys) -> Trouvé(e)
[PUP] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TAOFrame ("C:\Program Files\Tencent\QQPCMgr\10.10.16434.218\TAOFrame.exe") -> Trouvé(e)
[PUP] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TSCPM (\??\C:\Program Files\Tencent\QQPCMgr\10.10.16434.218\tscpm.sys) -> Trouvé(e)
[PUP] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TSDefenseBt (system32\DRIVERS\TSDefenseBt.sys) -> Trouvé(e)
[PUP] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TSKSP (\??\C:\Program Files\Tencent\QQPCMgr\10.10.16434.218\TSKsp.sys) -> Trouvé(e)
[PUP] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TSSysKit (\??\C:\Program Files\Tencent\QQPCMgr\10.10.16434.218\TSSysKit.sys) -> Trouvé(e)
[PUP|Suspicious.Path] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WindowsMangerProtect (C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe -service) -> Trouvé(e)

¤¤¤ Tâches : 0 ¤¤¤

¤¤¤ Fichiers : 0 ¤¤¤

¤¤¤ Fichier Hosts : 2 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost
[C:\Windows\System32\drivers\etc\hosts] ::1 localhost

¤¤¤ Antirootkit : 8 (Driver: Chargé) ¤¤¤
[IRP:Addr(Hook.IRP)] \SystemRoot\System32\drivers\mountmgr.sys - IRP_MJ_CREATE[0] : Unknown @ 0x41e0cca03f000000
[IRP:Addr(Hook.IRP)] \SystemRoot\System32\drivers\mountmgr.sys - IRP_MJ_CLOSE[2] : Unknown @ 0x41e0cca03f000000
[IRP:Addr(Hook.IRP)] \SystemRoot\System32\drivers\mountmgr.sys - IRP_MJ_DEVICE_CONTROL[14] : Unknown @ 0x41e0cca03f000000
[IRP:Addr(Hook.IRP)] \SystemRoot\System32\drivers\mountmgr.sys - IRP_MJ_INTERNAL_DEVICE_CONTROL[15] : Unknown @ 0x41e0cca03f000000
[IRP:Addr(Hook.IRP)] \SystemRoot\System32\drivers\mountmgr.sys - IRP_MJ_POWER[22] : Unknown @ 0x41e0cca03f000000
[IRP:Addr(Hook.IRP)] \SystemRoot\System32\drivers\mountmgr.sys - IRP_MJ_SYSTEM_CONTROL[23] : Unknown @ 0x41e0cca03f000000
[IRP:Addr(Hook.IRP)] \SystemRoot\System32\drivers\mountmgr.sys - IRP_MJ_PNP[27] : Unknown @ 0x41e0cca03f000000
[IAT:Inl(Hook.IEAT)] (explorer.exe @ USER32.dll) ntdll.dll - NlsAnsiCodePage : Unknown @ 0xffffffffcb147159 (call 0x54000009)

¤¤¤ Navigateurs web : 0 ¤¤¤

¤¤¤ Vérification MBR : ¤¤¤
+++++ PhysicalDrive0: Hitachi HTS545032B9A300 ATA Device +++++
--- User ---
[MBR] 15f034f55e5458aa401563ebcc253401
[BSP] 3d024eca73dba0713527e9b3686ed286 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 908 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] EXTEN-LBA (0xf) [VISIBLE] Offset (sectors): 1863540 | Size: 304325 MB
User = LL1 ... OK
User = LL2 ... OK


Publicité


Signaler le contenu de ce document

Publicité