cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ÿþRogueKiller V10.10.9.0 [Oct 5 2015] par Adlice Software
email : http://www.adlice.com/contact/
Remontées : http://forum.adlice.com
Site web : http://www.adlice.com/fr/logiciels/roguekiller/
Blog : http://www.adlice.com

Système d'exploitation : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Démarré en : Mode normal
Utilisateur : USER [Administrateur]
Démarré depuis : C:\Documents and Settings\USER\Bureau\RogueKiller.exe
Mode : Suppression -- Date : 10/08/2015 13:27:38

¤¤¤ Processus : 0 ¤¤¤

¤¤¤ Registre : 13 ¤¤¤
[PUM.Dns] HKEY_LOCAL_MACHINE\RK_System_ON_D_80CD\ControlSet001\Services\Tcpip\Parameters\Interfaces\{AA8FC79C-B7C0-4C47-83F6-3238AE2C80C4} | NameServer : 62.251.229.237 62.251.229.223 ([-][X]) -> Remplacé(e) ()
[PUM.Desktop] HKEY_LOCAL_MACHINE\RK_Software_ON_D_263A\Microsoft\Windows NT\CurrentVersion\SystemRestore | DisableSR : 1 -> Supprimé(e)
[PUM.StartMenu] HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowRecentDocs : 0 -> Remplacé(e) (1)
[PUM.StartMenu] HKEY_USERS\RK_Default User_ON_D_5C65\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowHelp : 0 -> Remplacé(e) (1)
[PUM.StartMenu] HKEY_USERS\RK_LocalService_ON_D_129C\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowHelp : 0 -> Remplacé(e) (1)
[PUM.StartMenu] HKEY_USERS\RK_NetworkService_ON_D_DA71\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowHelp : 0 -> Remplacé(e) (1)
[PUM.StartMenu] HKEY_USERS\RK_tarik_ON_D_4F82\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowHelp : 0 -> Remplacé(e) (1)
[PUM.StartMenu] HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowRecentDocs : 0 -> Remplacé(e) (1)
[PUM.StartMenu] HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowRecentDocs : 0 -> Remplacé(e) (1)
[PUM.StartMenu] HKEY_USERS\S-1-5-21-117609710-261478967-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowRecentDocs : 0 -> Remplacé(e) (1)
[PUM.StartMenu] HKEY_USERS\S-1-5-21-117609710-261478967-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowHelp : 0 -> Remplacé(e) (1)
[PUM.StartMenu] HKEY_USERS\S-1-5-21-117609710-261478967-1417001333-500\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowRecentDocs : 0 -> Remplacé(e) (1)
[PUM.StartMenu] HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowRecentDocs : 0 -> Remplacé(e) (1)

¤¤¤ Tâches : 0 ¤¤¤

¤¤¤ Fichiers : 0 ¤¤¤

¤¤¤ Fichier Hosts : 1 ¤¤¤
[C:\WINDOWS\system32\drivers\etc\hosts] 127.0.0.1 localhost

¤¤¤ Antirootkit : 2 (Driver: Chargé) ¤¤¤
[ShwSSDT:Addr(Hook.Shadow)] NtUserSetWindowsHookEx[549] : Unknown @ 0x41e74e59e3c00000
[ShwSSDT:Addr(Hook.Shadow)] NtUserSetWinEventHook[552] : Unknown @ 0x41e74e59e4600000

¤¤¤ Navigateurs web : 9 ¤¤¤
[FIREFX:Addon] bwxmqi7i.default-1435344809437 : Tamper Data [{9c51bd27-6ed8-4000-a2bf-36cb95c0c947}] -> Supprimé(e)
[FIREFX:Addon] bwxmqi7i.default-1435344809437 : Video DownloadHelper [{b9db16a4-6edc-47ec-a1f4-b86292ed211d}] -> Supprimé(e)
[FIREFX:Addon] bwxmqi7i.default-1435344809437 : ReloadEvery [{888d99e7-e8b5-46a3-851e-1ec45da1e644}] -> Supprimé(e)
[FIREFX:Addon] bwxmqi7i.default-1435344809437 : Best Proxy Switcher [bestproxyswitcher@bestproxyswitcher.com] -> Supprimé(e)
[FIREFX:Addon] bwxmqi7i.default-1435344809437 : Adblock Plus [{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}] -> Supprimé(e)
[FIREFX:Addon] bwxmqi7i.default-1435344809437 : ZenMate Security & Privacy VPN [firefox@zenmate.com] -> Supprimé(e)
[FIREFX:Addon] bwxmqi7i.default-1435344809437 : Microsoft .NET Framework Assistant [{20a82645-c095-46ed-80e3-08825760534b}] -> Supprimé(e)
[PUM.Proxy][FIREFX:Config] bwxmqi7i.default-1435344809437 : user_pref("network.proxy.http", "46.105.152.78"); -> Supprimé(e)
[PUM.Proxy][FIREFX:Config] bwxmqi7i.default-1435344809437 : user_pref("network.proxy.http_port", 8888); -> Supprimé(e)

¤¤¤ Vérification MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD1600AABS-00PRA0 +++++
--- User ---
[MBR] 40a94d1f21d5128e222ccff8aef91091
[BSP] 59b7e5d9a861757a33fb4adcdeb79ec1 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 39001 MB [Windows XP Bootstrap | Windows XP Bootloader]
1 - [XXXXXX] EXTEN-LBA (0xf) [VISIBLE] Offset (sectors): 79875180 | Size: 113615 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: Multi Flash Reader USB Device +++++
Error reading User MBR! ([15] Le périphérique n'est pas prêt. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Cette demande n'est pas prise en charge. )


Publicité


Signaler le contenu de ce document

Publicité