cjoint

Publicité

Cliquez pour partager vos propres fichiers

Publicité

Format du document : text/plain

Prévisualisation

ÿþRogueKiller V12.11.14.0 (x64) [Sep 11 2017] (Gratuit) par Adlice Software
email : http://www.adlice.com/fr/contact/
Remontées : https://forum.adlice.com
Site web : http://www.adlice.com/fr/download/roguekiller/
Blog : http://www.adlice.com/fr/

Système d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Démarré en : Mode normal
Utilisateur : user [Administrateur]
Démarré depuis : C:\Users\user\Desktop\Desinfecte\phase2\RogueKiller_portable64.exe
Mode : Scan -- Date : 09/14/2017 15:40:02 (Durée : 01:04:31)

¤¤¤ Processus : 5 ¤¤¤
[Suspicious.Path] ouc.exe(1648) -- C:\ProgramData\airtel mobile broadband\OnlineUpdate\ouc.exe[7] -> Trouvé(e)
[Hj.Name] svchost.exe(2844) -- C:\Windows\System32\system\svchost.exe[-] -> Trouvé(e)
[Tr.Gen0] oldmcdonald.exe(3820) -- C:\Program Files (x86)\Autorun Eater\oldmcdonald.exe[-] -> Trouvé(e)
[Tr.Gen0] billy.exe(2940) -- C:\Program Files (x86)\Autorun Eater\billy.exe[-] -> Trouvé(e)
[Hj.Name] (SVC) system -- C:\windows\System32\system\svchost.exe msg[-] -> Trouvé(e)

¤¤¤ Registre : 29 ¤¤¤
[PUP.Gen0|PUP.Gen1] (X86) HKEY_LOCAL_MACHINE\Software\Solvusoft -> Trouvé(e)
[PUP.Gen1] (X86) HKEY_LOCAL_MACHINE\Software\YourFileDownloader -> Trouvé(e)
[PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-1453980305-4087452227-2687232628-1001\Software\Appscion -> Trouvé(e)
[PUP.Ask|PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-1453980305-4087452227-2687232628-1001\Software\Ask.com -> Trouvé(e)
[PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-1453980305-4087452227-2687232628-1001\Software\DriverToolkit -> Trouvé(e)
[PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-1453980305-4087452227-2687232628-1001\Software\Appscion -> Trouvé(e)
[PUP.Ask|PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-1453980305-4087452227-2687232628-1001\Software\Ask.com -> Trouvé(e)
[PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-1453980305-4087452227-2687232628-1001\Software\DriverToolkit -> Trouvé(e)
[PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-1453980305-4087452227-2687232628-1001\Software\AppDataLow\AskToolbarInfo -> Trouvé(e)
[PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-1453980305-4087452227-2687232628-1001\Software\AppDataLow\AskToolbarInfo -> Trouvé(e)
[PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-1453980305-4087452227-2687232628-1001\Software\AppDataLow\Software\AskToolbar -> Trouvé(e)
[PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-1453980305-4087452227-2687232628-1001\Software\AppDataLow\Software\AskToolbar -> Trouvé(e)
[PUP.Gen1] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE} -> Trouvé(e)
[PUP.Gen1] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D66BF89F-B0A2-48F5-A2E4-242EB645AB76}_is1 -> Trouvé(e)
[PUP.Gen0] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440} -> Trouvé(e)
[PUP.Gen0] (X86) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar | {D4027C7F-154A-4066-A1AD-4243D8127440} : -> Trouvé(e)
[Tr.Gen0] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | Autorun Eater : C:\Program Files (x86)\Autorun Eater\oldmcdonald.exe [-] -> Trouvé(e)
[Hj.Name] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\system (C:\windows\System32\system\svchost.exe msg) -> Trouvé(e)
[Hj.Name] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\system (C:\windows\System32\system\svchost.exe msg) -> Trouvé(e)
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{47E78655-14D4-4151-953F-3A7C099AB0D4} | DhcpNameServer : 172.25.30.84 172.25.30.85 ([X][X]) -> Trouvé(e)
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{75B4A63F-BCAA-45F9-90D2-10282815AA2B} | DhcpNameServer : 172.25.30.84 172.25.30.85 ([X][X]) -> Trouvé(e)
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{9E3421DC-E344-470B-B7C3-ADEF37681F41} | DhcpNameServer : 172.25.30.84 172.25.30.85 ([X][X]) -> Trouvé(e)
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{47E78655-14D4-4151-953F-3A7C099AB0D4} | DhcpNameServer : 172.25.30.84 172.25.30.85 ([X][X]) -> Trouvé(e)
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{75B4A63F-BCAA-45F9-90D2-10282815AA2B} | DhcpNameServer : 172.25.30.84 172.25.30.85 ([X][X]) -> Trouvé(e)
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{9E3421DC-E344-470B-B7C3-ADEF37681F41} | DhcpNameServer : 172.25.30.84 172.25.30.85 ([X][X]) -> Trouvé(e)
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Trouvé(e)
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Trouvé(e)
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-1453980305-4087452227-2687232628-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Trouvé(e)
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-1453980305-4087452227-2687232628-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Trouvé(e)

¤¤¤ Tâches : 0 ¤¤¤

¤¤¤ Fichiers : 21 ¤¤¤
[PUP.Gen1][Répertoire] C:\ProgramData\Babylon -> Trouvé(e)
[Tr.Gen0][Fichier] C:\Users\Public\Desktop\Autorun Eater.lnk [LNK@] C:\PROGRA~2\AUTORU~1\OLDMCD~1.EXE -> Trouvé(e)
[PUP.Gen1][Fichier] C:\Users\Public\Desktop\DriverToolkit.lnk [LNK@] C:\PROGRA~2\DRIVER~1\DRIVER~1.EXE -> Trouvé(e)
[PUP.Gen0|PUP.Gen1][Répertoire] C:\Users\user\AppData\Roaming\Solvusoft -> Trouvé(e)
[PUP.Gen1][Répertoire] C:\Users\user\AppData\Roaming\YourFileDownloader -> Trouvé(e)
[PUP.Gen1][Répertoire] C:\Users\user\AppData\Local\Babylon -> Trouvé(e)
[PUP.Gen1][Répertoire] C:\Users\user\AppData\Local\DriverToolkit -> Trouvé(e)
[PUP.Gen1][Répertoire] C:\Users\user\AppData\Local\FileViewPro -> Trouvé(e)
[PUP.Gen1][Répertoire] C:\Users\user\AppData\Local\PackageAware -> Trouvé(e)
[PUP.Gen1][Répertoire] C:\ProgramData\Babylon -> Trouvé(e)
[Tr.Gen0][Fichier] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autorun Eater\Autorun Eater.lnk [LNK@] C:\PROGRA~2\AUTORU~1\OLDMCD~1.EXE -> Trouvé(e)
[Tr.Gen0][Fichier] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autorun Eater\Désinstaller Autorun Eater.lnk [LNK@] C:\PROGRA~2\AUTORU~1\unins000.exe -> Trouvé(e)
[Tr.Gen0][Fichier] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autorun Eater\Farm Manual.lnk [LNK@] C:\PROGRA~2\AUTORU~1\aehelp.chm -> Trouvé(e)
[PUP.Gen1][Répertoire] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverToolkit -> Trouvé(e)
[PUP.Ask|PUP.Gen1][Répertoire] C:\Program Files (x86)\Ask.com -> Trouvé(e)
[Tr.Gen0][Répertoire] C:\Program Files (x86)\Autorun Eater -> Trouvé(e)
[PUP.Gen1][Répertoire] C:\Program Files (x86)\DriverToolkit -> Trouvé(e)
[PUP.Gen1][Répertoire] C:\Program Files (x86)\YourFileDownloader -> Trouvé(e)
[Tr.Gen0][Fichier] C:\Users\Public\Desktop\Autorun Eater.lnk [LNK@] C:\PROGRA~2\AUTORU~1\OLDMCD~1.EXE -> Trouvé(e)
[PUP.Gen1][Fichier] C:\Users\Public\Desktop\DriverToolkit.lnk [LNK@] C:\PROGRA~2\DRIVER~1\DRIVER~1.EXE -> Trouvé(e)
[PUP.Firefox][Fichier] C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\dtxrfpee.default\Invalidprefs.js -> Trouvé(e)

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Fichier Hosts : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Chargé) ¤¤¤

¤¤¤ Navigateurs web : 2 ¤¤¤
[PUP.Gen2][Firefox:Addon] dtxrfpee.default : [toolbar@ask.com] -> Trouvé(e)
[PUM.HomePage][Firefox:Config] 12c50b2h.Mozilla_Firefox_33.1 : user_pref("browser.startup.homepage", "http://utilu.com/"); -> Trouvé(e)

¤¤¤ Vérification MBR : ¤¤¤
+++++ PhysicalDrive0: TOSHIBA MK5061GSYN +++++
--- User ---
[MBR] bfe2845fedaedc2e6ba38294ef62c9c7
[BSP] 7abdaf95f6ca0dec8238e93ab0dfdcb4 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 300 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 616448 | Size: 128000 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] EXTEN (0x5) [VISIBLE] Offset (sectors): 262760448 | Size: 307200 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: WD Elements 1078 USB Device +++++
--- User ---
[MBR] c93726d3c2e695ec4acc902c8996af2a
[BSP] 4a1ee5857c1e79694292a74f169437df : Windows XP MBR Code
Partition table:
0 - [XXXXXX] FAT32 (0xb) [VISIBLE] Offset (sectors): 2048 | Size: 476907 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

Publicité

Signaler le contenu de ce document

Publicité