RogueKiller V10.5.10.0 [Apr 14 2015] par Adlice Software
email : http://www.adlice.com/contact/
Remontées : http://forum.adlice.com
Site web : http://www.adlice.com/fr/logiciels/roguekiller/
Blog : http://www.adlice.com

Système d'exploitation : Windows 8.1 (6.3.9200 ) 32 bits version
Démarré en  : Mode normal
Utilisateur : scorebut [Administrateur]
Démarré depuis : C:\Users\scorebut\Downloads\RogueKiller X64 et X86 portable et installation ( V10.5.10 15 Avril_2015 ) Novirus\RogueKiller.exe
Mode : Suppression -- Date : 04/15/2015  13:30:15

¤¤¤ Processus : 0 ¤¤¤

¤¤¤ Registre : 3 ¤¤¤
[Suspicious.Path|Hidden.From.SCM] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\mbr (\??\C:\Users\scorebut\AppData\Local\Temp\mbr.sys) -> Supprimé(e)
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\mbr (\??\C:\Users\scorebut\AppData\Local\Temp\mbr.sys) -> Non sélectionné
[PUM.Policies] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0  -> Non sélectionné

¤¤¤ Tâches : 0 ¤¤¤

¤¤¤ Fichiers : 0 ¤¤¤

¤¤¤ Fichier Hosts : 0 [Too big!] ¤¤¤

¤¤¤ Antirootkit : 13 (Driver: Chargé) ¤¤¤
[IRP:Addr(Hook.IRP)] \SystemRoot\System32\drivers\mountmgr.sys - IRP_MJ_CREATE[0] : Unknown @ 0x89c111f8
[IRP:Addr(Hook.IRP)] \SystemRoot\System32\drivers\mountmgr.sys - IRP_MJ_CLOSE[2] : Unknown @ 0x89c111f8
[IRP:Addr(Hook.IRP)] \SystemRoot\System32\drivers\mountmgr.sys - IRP_MJ_DEVICE_CONTROL[14] : Unknown @ 0x89c111f8
[IRP:Addr(Hook.IRP)] \SystemRoot\System32\drivers\mountmgr.sys - IRP_MJ_INTERNAL_DEVICE_CONTROL[15] : Unknown @ 0x89c111f8
[IRP:Addr(Hook.IRP)] \SystemRoot\System32\drivers\mountmgr.sys - IRP_MJ_POWER[22] : Unknown @ 0x89c111f8
[IRP:Addr(Hook.IRP)] \SystemRoot\System32\drivers\mountmgr.sys - IRP_MJ_SYSTEM_CONTROL[23] : Unknown @ 0x89c111f8
[IRP:Addr(Hook.IRP)] \SystemRoot\System32\drivers\mountmgr.sys - IRP_MJ_PNP[27] : Unknown @ 0x89c111f8
[Filter(Kernel.Filter)] \Driver\atapi @ \Device\Ide\IdeDeviceP0T1L0-a : \Driver\PxHelp20 @ Unknown (\SystemRoot\system32\drivers\rmseng.sys)
[Filter(Kernel.Filter)] \Driver\atapi @ Unknown : \Driver\cdrom @ \Device\CdRom1 (\??\C:\WINDOWS\system32\drivers\mbamchameleon.sys)
[Filter(Kernel.Filter)] \Driver\atapi @ Unknown : \Driver\PxHelp20 @ Unknown (\SystemRoot\system32\drivers\rmseng.sys)
[Filter(Kernel.Filter)] \Driver\atapi @ Unknown : \Driver\cdrom @ \Device\CdRom2 (\??\C:\WINDOWS\system32\drivers\mbamchameleon.sys)
[Filter(Kernel.Filter)] \Driver\atapi @ \Device\Ide\IdeDeviceP0T0L0-0 : \Driver\PxHelp20 @ Unknown (\SystemRoot\system32\drivers\rmseng.sys)
[Filter(Kernel.Filter)] \Driver\atapi @ Unknown : \Driver\cdrom @ \Device\CdRom0 (\??\C:\WINDOWS\system32\drivers\mbamchameleon.sys)

¤¤¤ Navigateurs web : 0 ¤¤¤

¤¤¤ Vérification MBR : ¤¤¤
+++++ PhysicalDrive0: ST3320620AS ATA Device +++++
--- User ---
[MBR] 07105d2916d82106f97d6e2eaedf0525
[BSP] 3c4a410819db6f203396efeb2fc72d08 : Legit.Unknown MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 350 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 718848 | Size: 269051 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] EXTEN-LBA (0xf) [VISIBLE] Offset (sectors): 571738110 | Size: 1952 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: ST380815AS ATA Device +++++
--- User ---
[MBR] b177f1ff29d25624063f0fb3673634ff
[BSP] f509949cf76150376bc0b2fef5a572ce : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 76319 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK


============================================
RKreport_SCN_05302014_184933.log - RKreport_SCN_05312014_000235.log - RKreport_SCN_05312014_112723.log - RKreport_DEL_05312014_114824.log
RKreport_SCN_06102014_213843.log - RKreport_DEL_06102014_214648.log - RKreport_SCN_08042014_010412.log - RKreport_SCN_08082014_004852.log
RKreport_SCN_08142014_233232.log - RKreport_DEL_08142014_233545.log - RKreport_SCN_08162014_134508.log - RKreport_SCN_08162014_175239.log
RKreport_DEL_08162014_175352.log - RKreport_SCN_08162014_194145.log - RKreport_DEL_08162014_204127.log - RKreport_SCN_08172014_003756.log
RKreport_DEL_08172014_005901.log - RKreport_SCN_08172014_124326.log - RKreport_DEL_08172014_124617.log - RKreport_SCN_09212014_200009.log
RKreport_DEL_09212014_200315.log - RKreport_SCN_10102014_132507.log - RKreport_SCN_10192014_192307.log - RKreport_SCN_10292014_140050.log
RKreport_DEL_10292014_141657.log - RKreport_SCN_11162014_122335.log - RKreport_SCN_01272015_215503.log - RKreport_DEL_01272015_220508.log
RKreport_SCN_03232015_130415.log - RKreport_SCN_04152015_132845.log