cjoint

Publicité

Cliquez pour partager vos propres fichiers

Publicité

Format du document : text/plain

Prévisualisation

RogueKiller V12.11.7.0 [Jul 17 2017] (Gratuit) par Adlice Software
email : http://www.adlice.com/fr/contact/
Remontées : https://forum.adlice.com
Site web : http://www.adlice.com/fr/download/roguekiller/
Blog : http://www.adlice.com/fr/

Système d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Démarré en : Mode normal
Utilisateur : acer [Administrateur]
Démarré depuis : C:\Program Files\RogueKiller\RogueKiller.exe
Mode : Suppression -- Date : 07/20/2017 23:21:11 (Durée : 02:53:49)

¤¤¤ Processus : 0 ¤¤¤

¤¤¤ Registre : 16 ¤¤¤
[Suspicious.Path] HKEY_CLASSES_ROOT\CLSID\{8D9CFB3B-AB70-4FF0-86DB-C85F04FCDBDC} (C:\Users\acer\AppData\Local\Hook Network\Raccourcis Internet Explorer 9\2.0.0.1\IE9PinnedSitesHelper.dll) -> Supprimé(e)
[PUP.Gen1] HKEY_USERS\S-1-5-21-3870036773-1733889631-3641599161-1000\Software\IM -> Supprimé(e)
[Suspicious.Path] HKEY_USERS\S-1-5-21-3870036773-1733889631-3641599161-1000\Software\Microsoft\Windows\CurrentVersion\Run | smoti2.vbs : C:\Users\acer\AppData\Roaming\smoti2\smoti2.vbs [-] -> Supprimé(e)
[PUM.HomePage] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://securityresponse.symantec.com/avcenter/fix_homepage/ -> Remplacé(e) (http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome)
[PUM.HomePage] HKEY_USERS\S-1-5-21-3870036773-1733889631-3641599161-1000\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://acer.msn.com -> Remplacé(e) (http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome)
[PUM.SearchPage] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Search Page : http://securityresponse.symantec.com/avcenter/fix_homepage/ -> Remplacé(e) (http://go.microsoft.com/fwlink/?LinkId=54896)
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{41E1D76D-4FDC-4C8D-8EA7-5A83EC5D635C} | NameServer : 10.172.11.121 10.172.11.122 ([X][X]) -> Remplacé(e) ()
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{81507A36-4E1C-4567-8F6E-871AB15A31AD} | NameServer : 10.172.11.121 10.172.11.122 ([X][X]) -> Remplacé(e) ()
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{9BB0AA55-EF56-49B6-A8A2-D550338A2175} | NameServer : 10.172.11.121 10.172.11.122 ([X][X]) -> Remplacé(e) ()
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{C23A3E13-C2B4-4B81-A566-483C618EE0FA} | NameServer : 10.172.11.121 10.172.11.122 ([X][X]) -> Remplacé(e) ()
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{41E1D76D-4FDC-4C8D-8EA7-5A83EC5D635C} | NameServer : 10.172.11.121 10.172.11.122 ([X][X]) -> Remplacé(e) ()
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{81507A36-4E1C-4567-8F6E-871AB15A31AD} | NameServer : 10.172.11.121 10.172.11.122 ([X][X]) -> Remplacé(e) ()
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{9BB0AA55-EF56-49B6-A8A2-D550338A2175} | NameServer : 10.172.11.121 10.172.11.122 ([X][X]) -> Remplacé(e) ()
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{C23A3E13-C2B4-4B81-A566-483C618EE0FA} | NameServer : 10.172.11.121 10.172.11.122 ([X][X]) -> Remplacé(e) ()
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {E5E079E0-CBD3-42C6-8A81-3339C157D291} : v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Users\acer\AppData\Roaming\thdr\download\MiniThunderPlatform.exe|Name=MiniThunderPlatform| [7] -> Supprimé(e)
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {E5E079E0-CBD3-42C6-8A81-3339C157D291} : v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Users\acer\AppData\Roaming\thdr\download\MiniThunderPlatform.exe|Name=MiniThunderPlatform| [7] -> Supprimé(e)

¤¤¤ Tâches : 10 ¤¤¤
[Hj.Shortcut] \{12B74D88-540E-4CBC-9394-FF9BF9E2A6B9} -- "C:\Program Files\Internet Explorer\iexplore.exe" (http://ui.skype.com/ui/0/4.1.0.179.367/fr/abandoninstall?source=lightinstaller&page=tsProblems&LastError=404&installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;notincluded) -> Supprimé(e)
[Hj.Shortcut] \{31361903-C968-444C-9F30-8763C1524383} -- "C:\Program Files\Internet Explorer\iexplore.exe" (http://www.skype.com/go/downloading?source=lightinstaller&ver=4.1.0.179.367&LastError=404) -> Supprimé(e)
[Hj.Shortcut] \{541CC86A-E8F3-4BF6-B961-F65850FDC007} -- "C:\Program Files\Internet Explorer\iexplore.exe" (http://ui.skype.com/ui/0/4.1.0.179.367/fr/abandoninstall?source=lightinstaller&page=tsProblems&LastError=404&installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;notincluded) -> Supprimé(e)
[Hj.Shortcut] \{9839EF3F-C77A-4FB2-8A48-44E01F7845B4} -- "C:\Program Files\Internet Explorer\iexplore.exe" (http://www.skype.com/go/downloading?source=lightinstaller&ver=4.1.0.179.367&LastError=404) -> Supprimé(e)
[Hj.Shortcut] \{9EEA8B89-88F7-4EB0-868D-52D4482B2B98} -- "C:\Program Files\Internet Explorer\iexplore.exe" (http://www.skype.com/go/downloading?source=lightinstaller&ver=5.9.0.114&LastError=12007) -> Supprimé(e)
[Hj.Shortcut] \{B6F2C5A7-6203-4592-91F1-FB4D709D0B42} -- "C:\Program Files\Internet Explorer\iexplore.exe" (http://www.skype.com/go/downloading?source=lightinstaller&ver=4.1.0.179.367&LastError=404) -> Supprimé(e)
[Hj.Shortcut] \{D2B1D302-8CEF-4302-9A49-552EF05095A3} -- "C:\Program Files\Internet Explorer\iexplore.exe" (http://www.skype.com/go/downloading?source=lightinstaller&ver=5.9.0.114&LastError=12029) -> Supprimé(e)
[Hj.Shortcut] \{EDC4B92B-46DE-4FCF-A0C1-BA74BB9171A2} -- "C:\Program Files\Internet Explorer\iexplore.exe" (http://ui.skype.com/ui/0/4.1.0.179.367/fr/abandoninstall?source=lightinstaller&page=tsMain&installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;notincluded) -> Supprimé(e)
[Hj.Shortcut] \{F40DE42A-1A0E-42DC-8373-893A769816D1} -- "C:\Program Files\Internet Explorer\iexplore.exe" (http://ui.skype.com/ui/0/4.1.0.179.367/fr/abandoninstall?source=lightinstaller&page=tsProblems&LastError=404&installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;notincluded) -> Supprimé(e)
[Hj.Shortcut] \{F8E421DD-B6D0-47AB-ADC4-E88BE4C53235} -- "C:\Program Files\Internet Explorer\iexplore.exe" (http://ui.skype.com/ui/0/5.9.0.114/fr/abandoninstall?source=lightinstaller&page=tsInstall) -> Supprimé(e)

¤¤¤ Fichiers : 5 ¤¤¤
[PUP.Gen0][Fichier] C:\Users\acer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\G?ogl? Chrome.lnk [LNK@] C:\Users\acer\AppData\Roaming\Browsers\exe.emorhc.bat -> Supprimé(e)
[PUP.Gen0][Fichier] C:\Users\acer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\G??gl? ?hrom?.lnk [LNK@] C:\Users\acer\AppData\Roaming\Browsers\exe.emorhc.bat -> Supprimé(e)
[PUP.Gen1][Répertoire] C:\Users\acer\AppData\Roaming\Easeware -> Supprimé(e)
[PUP.Gen1][Fichier] C:\Users\acer\AppData\Roaming\Easeware\DriverEasy\settings.dat -> Supprimé(e)
[PUP.Gen1][Répertoire] C:\Users\acer\AppData\Roaming\Easeware\DriverEasy -> Supprimé(e)
[PUP.Gen1][Répertoire] C:\Program Files\Easeware -> Supprimé(e)
[PUP.Gen1][Fichier] C:\Program Files\Easeware\DriverEasy\DriverEasy.exe -> Supprimé(e)
[PUP.Gen1][Répertoire] C:\Program Files\Easeware\DriverEasy -> Supprimé(e)
[Tr.Gen0][Fichier] C:\Program Files\Tor\tor.exe -> Supprimé(e)

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Fichier Hosts : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Chargé) ¤¤¤

¤¤¤ Navigateurs web : 0 ¤¤¤

¤¤¤ Vérification MBR : ¤¤¤
+++++ PhysicalDrive0: +++++
--- User ---
[MBR] 8c8529a564136a061febc4a8bec6596e
[BSP] 9a176894feaa95d7e94683b070e025be : Acer MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 13312 MB
1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 27265024 | Size: 101 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 27471872 | Size: 139212 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

Publicité

Signaler le contenu de ce document

Publicité