RogueKiller V8.8.15 _x64_ [Mar 27 2014] par Adlice Software
mail : http://www.adlice.com/contact/
Remontees : http://forum.adlice.com
Site Web : http://www.surlatoile.org/RogueKiller/
Blog : http://www.adlice.com

Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur : Brandon [Droits d'admin]
Mode : Recherche -- Date : 05/19/2014 17:13:23
| ARK || FAK || MBR |

¤¤¤ Processus malicieux : 0 ¤¤¤

¤¤¤ Entrees de registre : 2 ¤¤¤
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> TROUVÉ
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> TROUVÉ

¤¤¤ Tâches planifiées : 1 ¤¤¤
[V2][SUSP PATH] CIS_{81EFDD93-DBBE-415B-BE6E-49B9664E3E82} : C:\Users\Brandon\AppData\Local\Temp\cis2CDF.exe - --PostUninstall {81EFDD93-DBBE-415B-BE6E-49B9664E3E82} [x][x] -> TROUVÉ

¤¤¤ Entrées Startup : 1 ¤¤¤
[Brandon][SUSP PATH] Curse.lnk : C:\Users\Brandon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk @C:\Users\Brandon\AppData\Roaming\CURSEC~1\Bin\Curse.exe /startup [-][7] -> TROUVÉ

¤¤¤ Navigateurs web : 0 ¤¤¤

¤¤¤ Addons navigateur : 0 ¤¤¤

¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤

¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤
[Address] EAT @explorer.exe (DllCanUnloadNow) : sfc_os.DLL -> HOOKED (C:\Windows\system32\wpdshserviceobj.dll @ 0xF7093D60)
[Address] EAT @explorer.exe (DllGetClassObject) : sfc_os.DLL -> HOOKED (C:\Windows\system32\wpdshserviceobj.dll @ 0xF7091A74)
[Address] EAT @explorer.exe (DllRegisterServer) : sfc_os.DLL -> HOOKED (C:\Windows\system32\wpdshserviceobj.dll @ 0xF7096070)
[Address] EAT @explorer.exe (DllUnregisterServer) : sfc_os.DLL -> HOOKED (C:\Windows\system32\wpdshserviceobj.dll @ 0xF7096278)

¤¤¤ Ruches Externes: ¤¤¤

¤¤¤ Infection :  ¤¤¤

¤¤¤ Fichier HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
[...]


¤¤¤ MBR Verif: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) TOSHIBA MK5059GSXP +++++
--- User ---
[MBR] fe22cd8e4f35573e73b95393eede9187
[BSP] a6e17da8355dfd0714b9683d6cdac011 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 16384 MB
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 33556480 | Size: 100 MB
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 33761280 | Size: 460454 MB
User = LL1 ... OK!
User = LL2 ... OK!

Termine : << RKreport[0]_S_05192014_171323.txt >>