cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

RogueKiller V11.0.5.0 (x64) [Dec 28 2015] (Gratuit) par Adlice Software
email : http://www.adlice.com/contact/
Remontées : http://forum.adlice.com
Site web : http://www.adlice.com/fr/logiciels/roguekiller/
Blog : http://www.adlice.com

Système d'exploitation : Windows 7 (6.1.7600) 64 bits version
Démarré en : Mode normal
Utilisateur : user [Administrateur]
Démarré depuis : C:\Users\user\Desktop\RogueKillerX64.exe
Mode : Scan -- Date : 01/01/2016 01:14:01

¤¤¤ Processus : 6 ¤¤¤
[Suspicious.Path] ouc.exe(2432) -- C:\ProgramData\Djezzy connect\OnlineUpdate\ouc.exe[7] -> Tué(e) [TermProc]
[PUP] PandoraService.exe(2964) -- C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe[7] -> Tué(e) [TermProc]
[Suspicious.Path] ZDServ.exe(3164) -- C:\ProgramData\ZDSupport\ZDServ\ZDServ.exe[7] -> Tué(e) [TermProc]
[Suspicious.Path] CancelAutoPlay_Server.exe(3752) -- C:\ProgramData\ZDSupport\ZDServ\CancelAutoPlay_Server.exe[7] -> Tué(e) [TermProc]
[PUP] PanProcess.exe(4740) -- C:\Program Files (x86)\PANDORA.TV\PanService\PanProcess.exe[7] -> Tué(e) [TermThr]
[PUP] (SVC) PanService -- C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe[7] -> Arrêté(e)

¤¤¤ Registre : 40 ¤¤¤
[PUP] (X86) HKEY_LOCAL_MACHINE\Software\Babylon -> Trouvé(e)
[PUP] (X86) HKEY_LOCAL_MACHINE\Software\Conduit -> Trouvé(e)
[PUP] (X86) HKEY_LOCAL_MACHINE\Software\Innovative Solutions -> Trouvé(e)
[PUP] (X86) HKEY_LOCAL_MACHINE\Software\Pandora.TV -> Trouvé(e)
[PUP] (X86) HKEY_LOCAL_MACHINE\Software\SlimWare Utilities Inc -> Trouvé(e)
[PUP] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} (C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll) -> Trouvé(e)
[PUP] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} (C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll) -> Trouvé(e)
[PUP] (X64) HKEY_USERS\S-1-5-21-1996387653-2965574860-2608301139-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser | {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} : -> Trouvé(e)
[PUP] (X86) HKEY_USERS\S-1-5-21-1996387653-2965574860-2608301139-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser | {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} : -> Trouvé(e)
[PUP] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | mobilegeni daemon : C:\Program Files (x86)\Mobogenie\DaemonProcess.exe [x] -> Trouvé(e)
[PUP] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\PanService (C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe) -> Trouvé(e)
[PUP] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SWDUMon (system32\DRIVERS\SWDUMon.sys) -> Trouvé(e)
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\ZDServ ("C:\ProgramData\ZDSupport\ZDServ\ZDServ.exe") -> Trouvé(e)
[PUP] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PanService (C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe) -> Trouvé(e)
[PUP] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SWDUMon (system32\DRIVERS\SWDUMon.sys) -> Trouvé(e)
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ZDServ ("C:\ProgramData\ZDSupport\ZDServ\ZDServ.exe") -> Trouvé(e)
[PUP] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\PanService (C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe) -> Trouvé(e)
[PUP] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SWDUMon (system32\DRIVERS\SWDUMon.sys) -> Trouvé(e)
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\ZDServ ("C:\ProgramData\ZDSupport\ZDServ\ZDServ.exe") -> Trouvé(e)
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{22435F35-D340-4F9A-836E-FBC04AC97EF4} | NameServer : 172.24.111.1 172.24.111.2 ([X][X]) -> Trouvé(e)
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3ED2415F-5180-42C4-9149-D865D00E75A0} | NameServer : 172.24.111.1 172.24.111.2 ([X][X]) -> Trouvé(e)
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{40619473-DE5B-4CF5-BA74-54B2E5F2C76D} | NameServer : 172.24.111.1 172.24.111.2 ([X][X]) -> Trouvé(e)
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{767FEC82-376A-4C5A-9AED-A3DF25A49950} | DhcpNameServer : 8.8.8.8 8.8.4.4 10.8.2.0 ([-][-][X]) -> Trouvé(e)
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{CFDFD6A8-2925-430D-A9DF-BA5165B04258} | NameServer : 213.177.160.2,196.29.40.3 ([X][X]) -> Trouvé(e)
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{D2C4C623-8285-4B18-95A0-9816DF1D15D3} | NameServer : 209.244.0.3,209.244.0.4 ([X][X]) -> Trouvé(e)
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{22435F35-D340-4F9A-836E-FBC04AC97EF4} | NameServer : 172.24.111.1 172.24.111.2 ([X][X]) -> Trouvé(e)
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{3ED2415F-5180-42C4-9149-D865D00E75A0} | NameServer : 172.24.111.1 172.24.111.2 ([X][X]) -> Trouvé(e)
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{40619473-DE5B-4CF5-BA74-54B2E5F2C76D} | NameServer : 172.24.111.1 172.24.111.2 ([X][X]) -> Trouvé(e)
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{767FEC82-376A-4C5A-9AED-A3DF25A49950} | DhcpNameServer : 8.8.8.8 8.8.4.4 10.8.2.0 ([-][-][X]) -> Trouvé(e)
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{CFDFD6A8-2925-430D-A9DF-BA5165B04258} | NameServer : 213.177.160.2,196.29.40.3 ([X][X]) -> Trouvé(e)
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{D2C4C623-8285-4B18-95A0-9816DF1D15D3} | NameServer : 209.244.0.3,209.244.0.4 ([X][X]) -> Trouvé(e)
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{22435F35-D340-4F9A-836E-FBC04AC97EF4} | NameServer : 172.24.111.1 172.24.111.2 ([X][X]) -> Trouvé(e)
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{3ED2415F-5180-42C4-9149-D865D00E75A0} | NameServer : 172.24.111.1 172.24.111.2 ([X][X]) -> Trouvé(e)
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{40619473-DE5B-4CF5-BA74-54B2E5F2C76D} | NameServer : 172.24.111.1 172.24.111.2 ([X][X]) -> Trouvé(e)
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{767FEC82-376A-4C5A-9AED-A3DF25A49950} | DhcpNameServer : 8.8.8.8 8.8.4.4 10.8.2.0 ([-][-][X]) -> Trouvé(e)
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{CFDFD6A8-2925-430D-A9DF-BA5165B04258} | NameServer : 213.177.160.2,196.29.40.3 ([X][X]) -> Trouvé(e)
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{D2C4C623-8285-4B18-95A0-9816DF1D15D3} | NameServer : 209.244.0.3,209.244.0.4 ([X][X]) -> Trouvé(e)
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Trouvé(e)
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Trouvé(e)
[Suspicious.Path] (X86) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32 | vidc.spv1 : C:\Users\user\AppData\Local\LEARNP~1\SCREEN~1\SCREEN~1.DLL [7] -> Trouvé(e)

¤¤¤ Tâches : 0 ¤¤¤

¤¤¤ Fichiers : 3 ¤¤¤
[PUP][Répertoire] C:\Program Files (x86)\Innovative Solutions -> Trouvé(e)
[PUP][Répertoire] C:\Program Files (x86)\PANDORA.TV -> Trouvé(e)
[PUP][Répertoire] C:\Program Files (x86)\Tencent -> Trouvé(e)

¤¤¤ Fichier Hosts : 16 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 activate.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 3dns-3.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 adobe-dns-2.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 adobe-dns-3.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 ereg.wip3.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 activate-sea.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 wip3.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 wwis-dubc1-vip60.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 activate-sjc0.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 practivate.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 ereg.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 activate.wip3.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 3dns-2.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 adobe-dns.adobe.com
[C:\Windows\System32\drivers\etc\hosts] ::1 localhost

¤¤¤ Antirootkit : 0 (Driver: Non chargé [0xc0000428]) ¤¤¤

¤¤¤ Navigateurs web : 2 ¤¤¤
[PUM.Proxy][FIREFX:Config] 3uswqi4w.default : user_pref("network.proxy.http", "127.0.0.1"); -> Trouvé(e)
[PUM.Proxy][FIREFX:Config] 3uswqi4w.default : user_pref("network.proxy.http_port", 9666); -> Trouvé(e)

¤¤¤ Vérification MBR : ¤¤¤
+++++ PhysicalDrive0: HGST HTS545050A7E380 SCSI Disk Device +++++
--- User ---
[MBR] b0d7ce92ad6074c3c10a858355b324f1
[BSP] 06799a5a0a854d2c1720be179c6cfc6d : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 143597 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 294088704 | Size: 333342 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
Error reading LL2 MBR! ([18] Le programme a émis une commande de longueur incorrecte. )


Publicité


Signaler le contenu de ce document

Publicité