cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ÿþRogueKiller V12.9.0.0 (x64) [Dec 26 2016] (Premium) par Adlice Software
email : http://www.adlice.com/contact/
Remontées : http://forum.adlice.com
Site web : http://www.adlice.com/fr/download/roguekiller/
Blog : http://www.adlice.com

Système d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Démarré en : Mode normal
Utilisateur : nabil [Administrateur]
Démarré depuis : C:\Program Files\RogueKiller\RogueKiller64.exe
Mode : Scan -- Date : 12/29/2016 13:19:32 (Durée : 00:28:25)

¤¤¤ Processus : 0 ¤¤¤

¤¤¤ Registre : 26 ¤¤¤
[PUP.Gen1] (X86) HKEY_LOCAL_MACHINE\Software\Myfree Codec -> Trouvé(e)
[PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-562870371-3727511220-3748967717-1000\Software\Myfree Codec -> Trouvé(e)
[PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-562870371-3727511220-3748967717-1000\Software\Myfree Codec -> Trouvé(e)
[PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-562870371-3727511220-3748967717-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec -> Trouvé(e)
[PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-562870371-3727511220-3748967717-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec -> Trouvé(e)
[PUP.Gen0] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\LavasoftTcpService (C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe) -> Trouvé(e)
[PUP.Gen0] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WCAssistantService (C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe) -> Trouvé(e)
[PUP.Gen0] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\LavasoftTcpService (C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe) -> Trouvé(e)
[PUP.Gen0] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\WCAssistantService (C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe) -> Trouvé(e)
[PUM.Proxy] (X64) HKEY_USERS\S-1-5-21-562870371-3727511220-3748967717-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings | AutoConfigUrl : -> Trouvé(e)
[PUM.Proxy] (X86) HKEY_USERS\S-1-5-21-562870371-3727511220-3748967717-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings | AutoConfigUrl : -> Trouvé(e)
[PUM.Proxy] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NlaSvc\Parameters\Internet\ManualProxies | (default) : 0http://noblocking.biz/wpad.dat?0a5e52b151fad29631d3603866616c0d22785202 -> Trouvé(e)
[PUM.Proxy] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\NlaSvc\Parameters\Internet\ManualProxies | (default) : 0http://noblocking.biz/wpad.dat?0a5e52b151fad29631d3603866616c0d22785202 -> Trouvé(e)
[PUP.HackTool|Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {AA2FAC26-269F-45FD-B08D-89378F00C9F1} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=1688|App=C:\Windows\KMS-R@1n.exe|Name=KMS-R@1n| [x] -> Trouvé(e)
[PUP.HackTool|Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {81709E4C-9BD6-49EF-B2F6-79264BC992A0} : v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|LPort=1688|App=C:\Windows\KMS-R@1n.exe|Name=KMS-R@1n| [x] -> Trouvé(e)
[PUP.HackTool|Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {AA2FAC26-269F-45FD-B08D-89378F00C9F1} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=1688|App=C:\Windows\KMS-R@1n.exe|Name=KMS-R@1n| [x] -> Trouvé(e)
[PUP.HackTool|Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {81709E4C-9BD6-49EF-B2F6-79264BC992A0} : v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|LPort=1688|App=C:\Windows\KMS-R@1n.exe|Name=KMS-R@1n| [x] -> Trouvé(e)
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Trouvé(e)
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Trouvé(e)
[PUM.SecurityCenter] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Security Center | UpdatesDisableNotify : 1 -> Trouvé(e)
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-562870371-3727511220-3748967717-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowHelp : 0 -> Trouvé(e)
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-562870371-3727511220-3748967717-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowRecentDocs : 0 -> Trouvé(e)
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-562870371-3727511220-3748967717-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowSetProgramAccessAndDefaults : 0 -> Trouvé(e)
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-562870371-3727511220-3748967717-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowHelp : 0 -> Trouvé(e)
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-562870371-3727511220-3748967717-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowRecentDocs : 0 -> Trouvé(e)
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-562870371-3727511220-3748967717-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowSetProgramAccessAndDefaults : 0 -> Trouvé(e)

¤¤¤ Tâches : 0 ¤¤¤

¤¤¤ Fichiers : 12 ¤¤¤
[PUP.Gen1][Répertoire] C:\ProgramData\Lavasoft\Web Companion -> Trouvé(e)
[PUP.Gen1][Répertoire] C:\ProgramData\PC Faster -> Trouvé(e)
[PUP.HackTool][Fichier] C:\Windows\KMS-R@1nHook.exe -> Trouvé(e)
[PUP.Gen1][Répertoire] C:\Users\nabil\AppData\Roaming\PC Faster -> Trouvé(e)
[Tr.Gen0][Fichier] C:\Users\nabil\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe -> Trouvé(e)
[Tr.Gen0][Fichier] C:\Users\nabil\AppData\Roaming\uTorrent\updates\3.4.8_42449\utorrentie.exe -> Trouvé(e)
[Tr.Gen0][Fichier] C:\Users\nabil\AppData\Roaming\uTorrent\updates\3.4.8_42576\utorrentie.exe -> Trouvé(e)
[PUP.Gen1][Répertoire] C:\ProgramData\Lavasoft\Web Companion -> Trouvé(e)
[PUP.Gen1][Répertoire] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec -> Trouvé(e)
[PUP.Gen1][Répertoire] C:\ProgramData\PC Faster -> Trouvé(e)
[PUP.Gen1][Répertoire] C:\Program Files (x86)\MyFree Codec -> Trouvé(e)
[PUP.Gen3][Fichier] C:\Users\nabil\AppData\Roaming\Mozilla\Firefox\Profiles\v8zu60c4.default\searchplugins\yahoo-lavasoft.xml -> Trouvé(e)

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Fichier Hosts : 0 [Too big!] ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Chargé) ¤¤¤

¤¤¤ Navigateurs web : 3 ¤¤¤
[PUM.Proxy][Firefox:Config] v8zu60c4.default : user_pref("network.proxy.http", "41.250.60.9"); -> Trouvé(e)
[PUM.Proxy][Firefox:Config] v8zu60c4.default : user_pref("network.proxy.http_port", 8571); -> Trouvé(e)
[PUM.Proxy][Firefox:Config] v8zu60c4.default : user_pref("network.proxy.type", 4); -> Trouvé(e)

¤¤¤ Vérification MBR : ¤¤¤
+++++ PhysicalDrive0: Hitachi HTS543232A7A384 ATA Device +++++
--- User ---
[MBR] 2d22488cfe01734888dd1eb77dbbe415
[BSP] 6a35166a4d37e2bdb5204188c0e82258 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 350 MB [Windows XP Bootstrap | Windows XP Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 718848 | Size: 40964 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 84613120 | Size: 263928 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: Multiple Card Reader USB Device +++++
Error reading User MBR! ([15] Le périphérique n?est pas prêt. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )


Publicité


Signaler le contenu de ce document

Publicité