cjoint

Publicité


Publicité

Format du document : application/octet-stream

Prévisualisation

RogueKiller V10.8.6.0 [Jun 22 2015] by Adlice Software
correo : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Sitio web : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Sistema Operativo : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Iniciado en : Modo Normal
Usuario : Usuario [Administrador]
Started from : C:\Users\Usuario\Downloads\RogueKiller (4).exe
Modo : Borrar -- Fecha : 06/28/2015 13:36:21

¤¤¤ Procesos : 1 ¤¤¤
[AV.Killer] QQPCRTP.exe(844) -- C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\QQPCRTP.exe[7] -> ERROR [5]

¤¤¤ Registro : 27 ¤¤¤
[PUP] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\QMUdisk (\??\C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\QMUdisk.sys) -> No seleccionado
[PUP] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\QQPCRTP ("C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\QQPCRTP.exe" -r) -> No seleccionado
[PUP] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\TAOAccelerator (\??\C:\Windows\system32\Drivers\TAOAccelerator.sys) -> No seleccionado
[PUP] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\TS888 (\??\C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\TS888.sys) -> No seleccionado
[PUP] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\TSDefenseBt (system32\DRIVERS\TSDefenseBt.sys) -> No seleccionado
[PUP] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\TSSysKit (\??\C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\TSSysKit.sys) -> No seleccionado
[PUP] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\QMUdisk (\??\C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\QMUdisk.sys) -> No seleccionado
[PUP] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\QQPCRTP ("C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\QQPCRTP.exe" -r) -> No seleccionado
[PUP] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TAOAccelerator (\??\C:\Windows\system32\Drivers\TAOAccelerator.sys) -> No seleccionado
[PUP] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TS888 (\??\C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\TS888.sys) -> No seleccionado
[PUP] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TSDefenseBt (system32\DRIVERS\TSDefenseBt.sys) -> No seleccionado
[PUP] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TSSysKit (\??\C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\TSSysKit.sys) -> No seleccionado
[PUP] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\QMUdisk (\??\C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\QMUdisk.sys) -> No seleccionado
[PUP] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\QQPCRTP ("C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\QQPCRTP.exe" -r) -> No seleccionado
[PUP] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\TAOAccelerator (\??\C:\Windows\system32\Drivers\TAOAccelerator.sys) -> No seleccionado
[PUP] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\TS888 (\??\C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\TS888.sys) -> No seleccionado
[PUP] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\TSDefenseBt (system32\DRIVERS\TSDefenseBt.sys) -> No seleccionado
[PUP] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\TSSysKit (\??\C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\TSSysKit.sys) -> No seleccionado
[PUM.HomePage] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.hao123.com/?tn=91284697_hao_pg -> No seleccionado
[PUM.HomePage] HKEY_USERS\S-1-5-21-1539507423-729811589-3848484628-1000\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.hao123.com/?tn=91284697_hao_pg -> No seleccionado
[PUM.Dns] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : [X][X] -> Reemplazado ()
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : [X][X] -> Reemplazado ()
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : [X][X] -> Reemplazado ()
[PUM.Dns] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{FEC4E5C0-D959-448F-817D-8B1F3F7688EC} | DhcpNameServer : [X][X] -> Reemplazado ()
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{FEC4E5C0-D959-448F-817D-8B1F3F7688EC} | DhcpNameServer : [X][X] -> Reemplazado ()
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{FEC4E5C0-D959-448F-817D-8B1F3F7688EC} | DhcpNameServer : [X][X] -> Reemplazado ()
[PUM.Policies] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 2 -> Reemplazado (2)

¤¤¤ Tareas : 0 ¤¤¤

¤¤¤ Archivos : 0 ¤¤¤

¤¤¤ Archivo de hosts : 1 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost -> Borrado

¤¤¤ Antirootkit : 9 (Driver: Cargado) ¤¤¤
[IAT:Inl(Hook.IEAT)] (explorer.exe) ADVAPI32.dll - RegQueryValueExW : Unknown @ 0x8f80860 (jmp 0x9222c1b3|jmp 0xfe7b2d8c|call 0xffff4d9a)
[IAT:Inl(Hook.IEAT)] (explorer.exe) ADVAPI32.dll - RegSetValueExW : Unknown @ 0x8f807f0 (jmp 0x9222f31a|jmp 0xfe7b2dfc|call 0xffff4d9a)
[IAT:Inl(Hook.IEAT)] (explorer.exe) kernel32.dll - CreateProcessW : Unknown @ 0x8f80b00 (jmp 0x935eeab3|jmp 0xfe7b2aec|call 0xffff4d9a)
[IAT:Inl(Hook.IEAT)] (explorer.exe) SHELL32.dll - SHBindToObject : Unknown @ 0x8f809b0 (jmp 0x9346dd96|jmp 0xfe7b2c3c|call 0xffff4d9a)
[IAT:Inl(Hook.IEAT)] (explorer.exe) ADVAPI32.dll - RegSetValueExA : Unknown @ 0x8f80780 (jmp 0x9222f2cd|jmp 0xfe7b2e6c|call 0xffff4d9a)
[IAT:Inl(Hook.IEAT)] (chrome.exe) kernel32.dll - ExitProcess : C:\ProgramData\Tencent\TSVulFw\TSVulFW.DAT @ 0x6b4083b0 (jmp 0xf5a1c7ce)
[IAT:Inl(Hook.IEAT)] (chrome.exe) WS2_32.dll - WSARecv : C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\TSWebMon.dat @ 0x6fca08f5 (jmp 0xfa9d986c)
[IAT:Inl(Hook.IEAT)] (chrome.exe) WS2_32.dll - WSASocketW : C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\TSWebMon.dat @ 0x6fca05ab (jmp 0xfa9dc8d8)
[IAT:Inl(Hook.IEAT)] (chrome.exe) SHELL32.dll - ShellExecuteExW : C:\Program Files\Tencent\QQPCMgr\10.9.16350.226\TSWebMon.dat @ 0x6fcc60bc (jmp 0xfa2342c6)

¤¤¤ Navegadores Web : 0 ¤¤¤

¤¤¤ Chequeo MBR : ¤¤¤
+++++ PhysicalDrive0: ST9160310AS ATA Device +++++
--- User ---
[MBR] 9ff40770d891bdaa53fb89a1612d012e
[BSP] 21c6d3a8eb788d37ff1606810b54f561 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 152525 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: Generic- Multi-Card USB Device +++++
Error reading User MBR! ([15] El dispositivo no está listo. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Solicitud no compatible. )


============================================
RKreport_SCN_06282015_133058.log - RKreport_DEL_06282015_133231.log - RKreport_DEL_06282015_133246.log - RKreport_DEL_06282015_133255.log
RKreport_DEL_06282015_133424.log - RKreport_DEL_06282015_133436.log - RKreport_DEL_06282015_133447.log - RKreport_DEL_06282015_133454.log
RKreport_DEL_06282015_133506.log - RKreport_DEL_06282015_133534.log - RKreport_DEL_06282015_133547.log

Publicité


Signaler le contenu de ce document

Publicité