Publicité
Publicité
Format du document : text/plain
Prévisualisation
RogueKiller V8.5.4 [Mar 18 2013] par Tigzy
mail : tigzyRKgmailcom
Remontees : http://www.sur-la-toile.com/discussion-193725-1--RogueKiller-Remontees.html
Site Web : http://www.sur-la-toile.com/RogueKiller/
Blog : http://tigzyrk.blogspot.com/
Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur : jacques [Droits d'admin]
Mode : Recherche -- Date : 03/06/2013 12:32:40
| ARK || FAK || MBR |
¤¤¤ Processus malicieux : 0 ¤¤¤
¤¤¤ Entrees de registre : 13 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : SCheck ("C:\Users\jacques\AppData\Roaming\SCheck\SCheck.exe" check ) [-] -> TROUVÉ
[RUN][SUSP PATH] HKCU\[...]\Run : Intermediate ("C:\Users\jacques\AppData\Roaming\Intermediate\Intermediate.exe") [-] -> TROUVÉ
[RUN][SUSP PATH] HKUS\S-1-5-21-3556436392-465967782-1320673946-1001[...]\Run : SCheck ("C:\Users\jacques\AppData\Roaming\SCheck\SCheck.exe" check ) [-] -> TROUVÉ
[RUN][SUSP PATH] HKUS\S-1-5-21-3556436392-465967782-1320673946-1001[...]\Run : Intermediate ("C:\Users\jacques\AppData\Roaming\Intermediate\Intermediate.exe") [-] -> TROUVÉ
[TASK][SUSP PATH] Searchya : C:\Users\jacques\AppData\Roaming\Searchya\UPDATE~1\UPDATE~1.EXE /Check [x] -> TROUVÉ
[TASK][SUSP PATH] Test TimeTrigger : C:\Users\jacques\AppData\Local\Temp\Runner.exe C:\Users\jacques\AppData\Local\Temp\DNS.exe [x] -> TROUVÉ
[TASK][SUSP PATH] Updater27096.exe : C:\Users\jacques\AppData\Local\Updater27096\Updater27096.exe /extensionid=27096 /extensionname="Services x86" /chromeid=cnmdgidklhhnmppphpohildcefnaaflp [x] -> TROUVÉ
[TASK][SUSP PATH] VisualBeeRecovery : C:\Users\jacques\AppData\Local\VisualBeeExe\VisualBeeRecovery.exe /s [x] -> TROUVÉ
[TASK][SUSP PATH] {1536C082-16E5-471D-8206-B033E2982A92} : C:\Users\jacques\Desktop\HPPSdr doctor hp.exe [x] -> TROUVÉ
[TASK][SUSP PATH] {1F0F865B-F1B8-4836-93A3-6C4E3CE5B56E} : C:\Users\jacques\Desktop\windows-live-messenger-2011.exe [x] -> TROUVÉ
[TASK][SUSP PATH] {CD97A9D1-96F5-462C-86B8-D82052FE48C5} : C:\Users\jacques\Desktop\7z920.exe [x] -> TROUVÉ
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> TROUVÉ
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> TROUVÉ
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver : [NON CHARGE] ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
¤¤¤ MBR Verif: ¤¤¤
+++++ PhysicalDrive0: Hitachi HDS721010CLA632 +++++
--- User ---
[MBR] bd39a46b95963e4ad0fc63cf1f5e5a72
[BSP] be86d243b6a84aeefa599db868200af5 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 935275 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1915650048 | Size: 18492 Mo
User = LL1 ... OK!
User != LL2 ... KO!
--- LL2 ---
[MBR] f2303dca4b3c4abb58871f632efb86d4
[BSP] 6a7384cb4196069af087e29e50ac287b : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 205154304 | Size: 300 Mo
Termine : << RKreport[1]_S_03062013_123240.txt >>
RKreport[1]_S_03062013_123240.txt
mail : tigzyRK
Remontees : http://www.sur-la-toile.com/discussion-193725-1--RogueKiller-Remontees.html
Site Web : http://www.sur-la-toile.com/RogueKiller/
Blog : http://tigzyrk.blogspot.com/
Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur : jacques [Droits d'admin]
Mode : Recherche -- Date : 03/06/2013 12:32:40
| ARK || FAK || MBR |
¤¤¤ Processus malicieux : 0 ¤¤¤
¤¤¤ Entrees de registre : 13 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : SCheck ("C:\Users\jacques\AppData\Roaming\SCheck\SCheck.exe" check ) [-] -> TROUVÉ
[RUN][SUSP PATH] HKCU\[...]\Run : Intermediate ("C:\Users\jacques\AppData\Roaming\Intermediate\Intermediate.exe") [-] -> TROUVÉ
[RUN][SUSP PATH] HKUS\S-1-5-21-3556436392-465967782-1320673946-1001[...]\Run : SCheck ("C:\Users\jacques\AppData\Roaming\SCheck\SCheck.exe" check ) [-] -> TROUVÉ
[RUN][SUSP PATH] HKUS\S-1-5-21-3556436392-465967782-1320673946-1001[...]\Run : Intermediate ("C:\Users\jacques\AppData\Roaming\Intermediate\Intermediate.exe") [-] -> TROUVÉ
[TASK][SUSP PATH] Searchya : C:\Users\jacques\AppData\Roaming\Searchya\UPDATE~1\UPDATE~1.EXE /Check [x] -> TROUVÉ
[TASK][SUSP PATH] Test TimeTrigger : C:\Users\jacques\AppData\Local\Temp\Runner.exe C:\Users\jacques\AppData\Local\Temp\DNS.exe [x] -> TROUVÉ
[TASK][SUSP PATH] Updater27096.exe : C:\Users\jacques\AppData\Local\Updater27096\Updater27096.exe /extensionid=27096 /extensionname="Services x86" /chromeid=cnmdgidklhhnmppphpohildcefnaaflp [x] -> TROUVÉ
[TASK][SUSP PATH] VisualBeeRecovery : C:\Users\jacques\AppData\Local\VisualBeeExe\VisualBeeRecovery.exe /s [x] -> TROUVÉ
[TASK][SUSP PATH] {1536C082-16E5-471D-8206-B033E2982A92} : C:\Users\jacques\Desktop\HPPSdr doctor hp.exe [x] -> TROUVÉ
[TASK][SUSP PATH] {1F0F865B-F1B8-4836-93A3-6C4E3CE5B56E} : C:\Users\jacques\Desktop\windows-live-messenger-2011.exe [x] -> TROUVÉ
[TASK][SUSP PATH] {CD97A9D1-96F5-462C-86B8-D82052FE48C5} : C:\Users\jacques\Desktop\7z920.exe [x] -> TROUVÉ
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> TROUVÉ
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> TROUVÉ
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver : [NON CHARGE] ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
¤¤¤ MBR Verif: ¤¤¤
+++++ PhysicalDrive0: Hitachi HDS721010CLA632 +++++
--- User ---
[MBR] bd39a46b95963e4ad0fc63cf1f5e5a72
[BSP] be86d243b6a84aeefa599db868200af5 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 935275 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1915650048 | Size: 18492 Mo
User = LL1 ... OK!
User != LL2 ... KO!
--- LL2 ---
[MBR] f2303dca4b3c4abb58871f632efb86d4
[BSP] 6a7384cb4196069af087e29e50ac287b : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 205154304 | Size: 300 Mo
Termine : << RKreport[1]_S_03062013_123240.txt >>
RKreport[1]_S_03062013_123240.txt