cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ÿþRogueKiller V10.10.4.0 [Sep 4 2015] (H'37) (1F'E, Adlice
'D(1J/ 'D%DC*1HFJ : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
'DEHB9 : http://www.adlice.com/software/roguekiller/
Blog : http://www.adlice.com

F8'E 'D*4:JD : Windows 8.1 (6.3.9600) 64 bits version
J(/# AJ : 'DH69 'D7(J9J
'DE3*./E : Admin [E3$HD]
Started from : C:\Users\Admin\Desktop\RogueKiller.exe
'DH69 : -0A -- 'DJHE : 09/12/2015 22:15:13

¤¤¤ 'D9EDJ) : 1 ¤¤¤
[Suspicious.Path] unsignedthemes.exe(316) -- C:\Windows\unsignedthemes.exe[-] -> *E -0A) [TermProc]

¤¤¤ 'DE3,D : 10 ¤¤¤
[PUP] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> E-0HA
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\UnsignedThemes (C:\Windows\unsignedthemes.exe) -> E-0HA
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\UnsignedThemes (C:\Windows\unsignedthemes.exe) -> E-0HA
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-974419967-1347355742-710009984-1001\Software\Microsoft\Internet Explorer\Main | Start Page : http://khatmau.biz/ -> %3*(/'D (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-974419967-1347355742-710009984-1001\Software\Microsoft\Internet Explorer\Main | Start Page : http://khatmau.biz/ -> %3*(/'D (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3474DBD5-EAB1-42B2-8379-449C60E8003A} | DhcpNameServer : 192.168.1.1 0.0.0.0 ([-][X]) -> %3*(/'D ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{3474DBD5-EAB1-42B2-8379-449C60E8003A} | DhcpNameServer : 192.168.1.1 0.0.0.0 ([-][X]) -> %3*(/'D ()
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> %3*(/'D (2)
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> %3*(/'D (2)
[PUM.Desktop] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\SystemRestore | DisableSR : 1 -> E-0HA

¤¤¤ 'DEG'E : 0 ¤¤¤

¤¤¤ 'DEDA'* : 0 ¤¤¤

¤¤¤ EDA 'DGH3* : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: DE J*E 'D*-EJD [0xc000036b]) ¤¤¤

¤¤¤ 'DE*5A- : 3 ¤¤¤
[FIREFX:Addon] uilb9tub.default : anonymoX [client@anonymox.net] -> E-0HA
[FIREFX:Addon] uilb9tub.default : IDM integration [mozilla_cc2@internetdownloadmanager.com] -> E-0HA
[FIREFX:Addon] uilb9tub.default : AdBlock for Firefox [jid1-NIfFY2CA8fy1tg@jetpack] -> E-0HA

¤¤¤ A-5 'D MBR : ¤¤¤
+++++ PhysicalDrive0: Hitachi HTS547575A9E384 +++++
--- User ---
[MBR] f5c0466738c77f6c4c9515d44215cfe0
[BSP] a2ab3129b711f62b2be8df2ebf7424ac : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2052 | Size: 99 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 205200 | Size: 49900 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 102402048 | Size: 100000 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
3 - [XXXXXX] EXTEN-LBA (0xf) [VISIBLE] Offset (sectors): 307202048 | Size: 565402 MB
User = LL1 ... OK
User = LL2 ... OK


Publicité


Signaler le contenu de ce document

Publicité