cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

RogueKiller V12.8.3.0 [Nov 28 2016] (Gratuit) par Adlice Software
email : http://www.adlice.com/contact/
Remontées : http://forum.adlice.com
Site web : http://www.adlice.com/fr/download/roguekiller/
Blog : http://www.adlice.com

Système d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Démarré en : Mode normal
Utilisateur : Martine [Administrateur]
Démarré depuis : C:\Users\Martine\Desktop\ROGUEKILLER.EXE
Mode : Scan -- Date : 11/30/2016 13:46:31 (Durée : 00:48:16)

¤¤¤ Processus : 10 ¤¤¤
[PUP|PUP.Yac|VT.FraudTool.YAC] iSafeSvc.exe(932) -- C:\Program Files\Elex-tech\YAC\iSafeSvc.exe[7] -> Trouvé(e)
[PUP|PUP.Yac|VT.FraudTool.YAC] iSafeSvc2.exe(1040) -- C:\Program Files\Elex-tech\YAC\iSafeSvc2.exe[7] -> Trouvé(e)
[PUP|PUP.Yac|VT.FraudTool.YAC] iSafeTray.exe(3576) -- C:\Program Files\Elex-tech\YAC\iSafeTray.exe[7] -> Trouvé(e)
[PUP|PUP.Yac|VT.FraudTool.YAC] iDskDllPatch.dll(3352) -- C:\Program Files\Elex-tech\YAC\iDskDllPatch.dll[7] -> Trouvé(e)
[PUP|VT.FraudTool.YAC] (SVC) iSafeKrnl -- \??\C:\Program Files\Elex-tech\YAC\iSafeKrnl.sys[7] -> Trouvé(e)
[PUP|VT.FraudTool.YAC] (SVC) iSafeKrnlKit -- \??\C:\Program Files\Elex-tech\YAC\iSafeKrnlKit.sys[7] -> Trouvé(e)
[PUP|VT.FraudTool.YAC] (SVC) iSafeKrnlR3 -- \??\C:\Program Files\Elex-tech\YAC\iSafeKrnlR3.sys[7] -> Trouvé(e)
[PUP|VT.FraudTool.YAC] (SVC) iSafeService -- C:\Program Files\Elex-tech\YAC\iSafeSvc.exe[7] -> Trouvé(e)
[PUP] (SVC) iSafeNetFilter -- system32\DRIVERS\iSafeNetFilter.sys[x] -> Trouvé(e)
[PUP|VT.FraudTool.YAC] (SVC) iSafeKrnlMon -- \??\C:\Program Files\Elex-tech\YAC\iSafeKrnlMon.sys[7] -> Trouvé(e)

¤¤¤ Registre : 21 ¤¤¤
[PUP] HKEY_LOCAL_MACHINE\Software\Elex-tech -> Trouvé(e)
[PUP] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\iSafe -> Trouvé(e)
[PUP|PUP.Yac|VT.FraudTool.YAC] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\iSafeKrnl (\??\C:\Program Files\Elex-tech\YAC\iSafeKrnl.sys) -> Trouvé(e)
[PUP] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\iSafeKrnlBoot (system32\DRIVERS\iSafeKrnlBoot.sys) -> Trouvé(e)
[PUP|PUP.Yac|VT.FraudTool.YAC] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\iSafeKrnlKit (\??\C:\Program Files\Elex-tech\YAC\iSafeKrnlKit.sys) -> Trouvé(e)
[PUP|PUP.Yac|VT.FraudTool.YAC] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\iSafeKrnlMon (\??\C:\Program Files\Elex-tech\YAC\iSafeKrnlMon.sys) -> Trouvé(e)
[PUP|PUP.Yac|VT.FraudTool.YAC] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\iSafeKrnlR3 (\??\C:\Program Files\Elex-tech\YAC\iSafeKrnlR3.sys) -> Trouvé(e)
[PUP|PUP.Yac] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\iSafeNetFilter (system32\DRIVERS\iSafeNetFilter.sys) -> Trouvé(e)
[PUP|PUP.Yac|VT.FraudTool.YAC] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\iSafeService (C:\Program Files\Elex-tech\YAC\iSafeSvc.exe) -> Trouvé(e)
[PUP|PUP.Yac|VT.FraudTool.YAC] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\iSafeKrnl (\??\C:\Program Files\Elex-tech\YAC\iSafeKrnl.sys) -> Trouvé(e)
[PUP] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\iSafeKrnlBoot (system32\DRIVERS\iSafeKrnlBoot.sys) -> Trouvé(e)
[PUP|PUP.Yac|VT.FraudTool.YAC] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\iSafeKrnlKit (\??\C:\Program Files\Elex-tech\YAC\iSafeKrnlKit.sys) -> Trouvé(e)
[PUP|PUP.Yac|VT.FraudTool.YAC] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\iSafeKrnlMon (\??\C:\Program Files\Elex-tech\YAC\iSafeKrnlMon.sys) -> Trouvé(e)
[PUP|PUP.Yac|VT.FraudTool.YAC] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\iSafeKrnlR3 (\??\C:\Program Files\Elex-tech\YAC\iSafeKrnlR3.sys) -> Trouvé(e)
[PUP|PUP.Yac] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\iSafeNetFilter (system32\DRIVERS\iSafeNetFilter.sys) -> Trouvé(e)
[PUP|PUP.Yac|VT.FraudTool.YAC] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\iSafeService (C:\Program Files\Elex-tech\YAC\iSafeSvc.exe) -> Trouvé(e)
[PUM.HomePage] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.istartsurf.com/?type=hppp&ts=1434454543&from=xtab&uid=AC0B1EBF48334751A61BD6D50C54269A -> Trouvé(e)
[PUM.HomePage] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://www.istartsurf.com/?type=hppp&ts=1434454543&from=xtab&uid=AC0B1EBF48334751A61BD6D50C54269A -> Trouvé(e)
[PUM.HomePage] HKEY_USERS\S-1-5-21-2787963296-4269164344-169216427-1000\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://www.istartsurf.com/?type=hppp&ts=1434454543&from=xtab&uid=AC0B1EBF48334751A61BD6D50C54269A -> Trouvé(e)
[PUM.Policies] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Trouvé(e)
[PUM.StartMenu] HKEY_USERS\S-1-5-21-2787963296-4269164344-169216427-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Trouvé(e)

¤¤¤ Tâches : 0 ¤¤¤

¤¤¤ Fichiers : 2 ¤¤¤
[PUP][Répertoire] C:\Users\Martine\AppData\Roaming\Elex-tech -> Trouvé(e)
[PUP][Répertoire] C:\Program Files\Elex-tech -> Trouvé(e)

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Fichier Hosts : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Chargé) ¤¤¤

¤¤¤ Navigateurs web : 5 ¤¤¤
[PUM.HomePage][Firefox:Config] twzvgypb.default : user_pref("browser.startup.homepage", "http://www.nicesearches.com?type=hp&ts=1476171341&from=3a211011&uid=wdcxwd3200aaks-75l9a0_wd-wmav2y59765597655&z=61aa567c3aee36d5210b448g4zfmeqagem2g3c7efm"); -> Trouvé(e)
[PUP|PUM.NewTab][Firefox:Config] twzvgypb.default : user_pref("browser.newtab.url", "http://www.nicesearches.com?type=hp&ts=1476171341&from=3a211011&uid=wdcxwd3200aaks-75l9a0_wd-wmav2y59765597655&z=61aa567c3aee36d5210b448g4zfmeqagem2g3c7efm"); -> Trouvé(e)
[PUM.SearchEngine][Firefox:Config] twzvgypb.default : user_pref("browser.search.selectedEngine", "nice"); -> Trouvé(e)
[PUM.SearchEngine][Firefox:Config] twzvgypb.default : user_pref("browser.search.defaultenginename", "nice"); -> Trouvé(e)
[PUP|PUM.SearchEngine][Firefox:Config] twzvgypb.default : user_pref("browser.search.searchengine.url", "http://www.nicesearches.com/search.php?type=ds&ts=1479199851&from=3e881114&uid=wdcxwd3200aaks-75l9a0_wd-wmav2y59765597655&z=813acc351c248dc595d11d0g7z0mftfgatbt3bag3q&q={searchTerms}"); -> Trouvé(e)

¤¤¤ Vérification MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD3200AAKS-75L9A0 ATA Device +++++
--- User ---
[MBR] 7d66c045dfc01b44f5ccd1437e3b912b
[BSP] 43e2be632fa467e7e97cb39987fa84d2 : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 78 MB
1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 161792 | Size: 9918 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 20473856 | Size: 295247 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: Samsung SSD 840 EVO 120G USB Device +++++
--- User ---
[MBR] 392480f684d3d3c5dc3ea5b662f55816
[BSP] a0cd39258fc9816c0334dcbc3d7bc47f : HP|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 114471 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive2: Seagate Portable USB Device +++++
--- User ---
[MBR] b12df605df986a6b138f0752342b2b9d
[BSP] 8c9f4cec188e4ffb0e594f5c8cdedf99 : Windows XP|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 238472 MB [Windows XP Bootstrap | Windows XP Bootloader]
User = LL1 ... OK
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )


Publicité


Signaler le contenu de ce document

Publicité