cjoint

Publicité

Cliquez pour partager vos propres fichiers

Publicité

Format du document : text/plain

Prévisualisation

ÿþRogueKiller V12.8.4.0 [Dec 5 2016] (Premium) par Adlice Software
email : http://www.adlice.com/contact/
Remontées : http://forum.adlice.com
Site web : http://www.adlice.com/fr/download/roguekiller/
Blog : http://www.adlice.com

Système d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Démarré en : Mode normal
Utilisateur : Med [Administrateur]
Démarré depuis : C:\Program Files\RogueKiller\RogueKiller.exe
Mode : Suppression -- Date : 12/05/2016 21:17:36 (Durée : 00:45:52)

¤¤¤ Processus : 1 ¤¤¤
[VT.Sape.Heur.A7972!c] UsbFix.exe(2044) -- C:\UsbFix\UsbFix.exe[-] -> Tué(e) [TermProc]

¤¤¤ Registre : 15 ¤¤¤
[Suspicious.Path] HKEY_CLASSES_ROOT\CLSID\{3049C3E9-B461-4BC5-8870-4C09146192CA} (C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll) -> Supprimé(e)
[Suspicious.Path] HKEY_CLASSES_ROOT\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6} (C:\Users\Med\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll) -> Supprimé(e)
[Suspicious.Path] HKEY_CLASSES_ROOT\CLSID\{8F84B376-2386-475B-992D-07F7562AA180} (C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll) -> Supprimé(e)
[Suspicious.Path] HKEY_CLASSES_ROOT\CLSID\{B173D0A0-F669-4F7A-8C40-CF46A1ED04C6} (C:\Users\Med\AppData\Roaming\WindSolutions\CopyTransManager\CopyTransManager.ax) -> Supprimé(e)
[PUP] HKEY_LOCAL_MACHINE\Software\{12DA0E6F-5543-440C-BAA2-28BF01070AFA} -> Supprimé(e)
[PUP] HKEY_USERS\S-1-5-21-3874071003-1161783992-2313022149-1000\Software\APN PIP -> Supprimé(e)
[PUP] HKEY_USERS\S-1-5-21-3874071003-1161783992-2313022149-1000\Software\TeleCharger -> Supprimé(e)
[PUP] HKEY_USERS\S-1-5-21-3874071003-1161783992-2313022149-1000\Software\WebApp -> Supprimé(e)
[PUP] HKEY_USERS\.DEFAULT\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA} -> Supprimé(e)
[PUP] HKEY_USERS\S-1-5-21-3874071003-1161783992-2313022149-1000\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA} -> Supprimé(e)
[PUP] HKEY_USERS\S-1-5-18\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA} -> Supprimé(e)
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{A6258F64-5A84-42D3-8998-547EED94AB6E} | DhcpNameServer : 172.20.10.1 ([]) -> Remplacé(e) ()
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{A6258F64-5A84-42D3-8998-547EED94AB6E} | DhcpNameServer : 172.20.10.1 ([]) -> Remplacé(e) ()
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {C6E96F1C-831C-4B67-808C-B575A846D929} : v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Users\Med\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe|Name=Facebook Video Calling Plugin|Edge=TRUE| [7] -> Supprimé(e)
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {C6E96F1C-831C-4B67-808C-B575A846D929} : v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Users\Med\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe|Name=Facebook Video Calling Plugin|Edge=TRUE| [7] -> Supprimé(e)

¤¤¤ Tâches : 0 ¤¤¤

¤¤¤ Fichiers : 0 ¤¤¤

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Fichier Hosts : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Chargé) ¤¤¤

¤¤¤ Navigateurs web : 0 ¤¤¤

¤¤¤ Vérification MBR : ¤¤¤
+++++ PhysicalDrive0: ST9500420AS +++++
--- User ---
[MBR] a3b3a6a367b10c9c53d8b7e351c1713d
[BSP] f3f6eb90eb3955241edbbc61cf11a1fd : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 241664 | Size: 8818 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 18300928 | Size: 100003 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 223107072 | Size: 368000 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: SD Memory Card +++++
Error reading User MBR! ([79] Le délai de temporisation de sémaphore a expiré. )
Error reading LL1 MBR! ([1] Fonction incorrecte. )
Error reading LL2 MBR! ([1] Fonction incorrecte. )

Publicité

Signaler le contenu de ce document

Publicité