Publicité
Publicité
Format du document : text/plain
Prévisualisation
RogueKiller V8.5.4 [Mar 18 2013] par Tigzy
mail : tigzyRKgmailcom
Remontees : http://www.sur-la-toile.com/discussion-193725-1--RogueKiller-Remontees.html
Site Web : http://www.sur-la-toile.com/RogueKiller/
Blog : http://tigzyrk.blogspot.com/
Systeme d'exploitation : Windows 8 (6.2.9200 ) 64 bits version
Demarrage : Mode normal
Utilisateur : Thibault [Droits d'admin]
Mode : Recherche -- Date : 26/04/2013 12:25:03
| ARK || FAK || MBR |
¤¤¤ Processus malicieux : 0 ¤¤¤
¤¤¤ Entrees de registre : 10 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : Yontoo Desktop ("C:\Users\Thibault\AppData\Roaming\Yontoo\YontooDesktop.exe") [x] -> TROUVÉ
[RUN][SUSP PATH] HKUS\S-1-5-21-2863388381-458817329-146271622-1001[...]\Run : Yontoo Desktop ("C:\Users\Thibault\AppData\Roaming\Yontoo\YontooDesktop.exe") [x] -> TROUVÉ
[SHELL][SUSP PATH] HKLM\[...]\Winlogon : Shell (C:\ProgramData\3alj.bat) [-] -> TROUVÉ
[TASK][SUSP PATH] Update Check : C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe /s /p 1 [x] -> TROUVÉ
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> TROUVÉ
[HJ] HKLM\[...]\Wow6432Node\System : ConsentPromptBehaviorAdmin (0) -> TROUVÉ
[HJ] HKLM\[...]\System : EnableLUA (0) -> TROUVÉ
[HJ] HKLM\[...]\Wow6432Node\System : EnableLUA (0) -> TROUVÉ
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> TROUVÉ
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> TROUVÉ
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver : [NON CHARGE] ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
--> C:\windows\system32\drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
¤¤¤ MBR Verif: ¤¤¤
+++++ PhysicalDrive0: WDC WD10EZEX-60ZF5A0 +++++
--- User ---
[MBR] 8807705790e66cbaf86e89a99c65e4bd
[BSP] 3aff2aa3cf5ed52f71374b2d05224f1b : Empty MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0xee) [VISIBLE] Offset (sectors): 1 | Size: 2097151 Mo
User = LL1 ... OK!
User = LL2 ... OK!
+++++ PhysicalDrive1: V7 VAFD4GAR USB Device +++++
--- User ---
[MBR] 3ebc9e08e88f7305901f3f3f41056ea4
[BSP] a83a24340e59ea8cbbf2d8eaa19e98b0 : Windows XP MBR Code
Partition table:
0 - [XXXXXX] FAT32 (0x0b) [VISIBLE] Offset (sectors): 63 | Size: 3853 Mo
User = LL1 ... OK!
Error reading LL2 MBR!
Termine : << RKreport[1]_S_26042013_122503.txt >>
RKreport[1]_S_26042013_122503.txt
mail : tigzyRK
Remontees : http://www.sur-la-toile.com/discussion-193725-1--RogueKiller-Remontees.html
Site Web : http://www.sur-la-toile.com/RogueKiller/
Blog : http://tigzyrk.blogspot.com/
Systeme d'exploitation : Windows 8 (6.2.9200 ) 64 bits version
Demarrage : Mode normal
Utilisateur : Thibault [Droits d'admin]
Mode : Recherche -- Date : 26/04/2013 12:25:03
| ARK || FAK || MBR |
¤¤¤ Processus malicieux : 0 ¤¤¤
¤¤¤ Entrees de registre : 10 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : Yontoo Desktop ("C:\Users\Thibault\AppData\Roaming\Yontoo\YontooDesktop.exe") [x] -> TROUVÉ
[RUN][SUSP PATH] HKUS\S-1-5-21-2863388381-458817329-146271622-1001[...]\Run : Yontoo Desktop ("C:\Users\Thibault\AppData\Roaming\Yontoo\YontooDesktop.exe") [x] -> TROUVÉ
[SHELL][SUSP PATH] HKLM\[...]\Winlogon : Shell (C:\ProgramData\3alj.bat) [-] -> TROUVÉ
[TASK][SUSP PATH] Update Check : C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe /s /p 1 [x] -> TROUVÉ
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> TROUVÉ
[HJ] HKLM\[...]\Wow6432Node\System : ConsentPromptBehaviorAdmin (0) -> TROUVÉ
[HJ] HKLM\[...]\System : EnableLUA (0) -> TROUVÉ
[HJ] HKLM\[...]\Wow6432Node\System : EnableLUA (0) -> TROUVÉ
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> TROUVÉ
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> TROUVÉ
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver : [NON CHARGE] ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
--> C:\windows\system32\drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
¤¤¤ MBR Verif: ¤¤¤
+++++ PhysicalDrive0: WDC WD10EZEX-60ZF5A0 +++++
--- User ---
[MBR] 8807705790e66cbaf86e89a99c65e4bd
[BSP] 3aff2aa3cf5ed52f71374b2d05224f1b : Empty MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0xee) [VISIBLE] Offset (sectors): 1 | Size: 2097151 Mo
User = LL1 ... OK!
User = LL2 ... OK!
+++++ PhysicalDrive1: V7 VAFD4GAR USB Device +++++
--- User ---
[MBR] 3ebc9e08e88f7305901f3f3f41056ea4
[BSP] a83a24340e59ea8cbbf2d8eaa19e98b0 : Windows XP MBR Code
Partition table:
0 - [XXXXXX] FAT32 (0x0b) [VISIBLE] Offset (sectors): 63 | Size: 3853 Mo
User = LL1 ... OK!
Error reading LL2 MBR!
Termine : << RKreport[1]_S_26042013_122503.txt >>
RKreport[1]_S_26042013_122503.txt