cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ÿþRogueKiller V11.0.12.0 [Feb 15 2016] (Free) (H'37) (1F'E, Adlice
'D(1J/ 'D%DC*1HFJ : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
'DEHB9 : http://www.adlice.com/software/roguekiller/
Blog : http://www.adlice.com

F8'E 'D*4:JD : Windows 10 (10.0.10586) 32 bits version
J(/# AJ : 'DH69 'D7(J9J
'DE3*./E : PC [E3$HD]
Started from : C:\Users\PC\Downloads\Programs\RogueKiller.exe
'DH69 : -0A -- 'DJHE : 02/21/2016 20:11:34

¤¤¤ 'D9EDJ) : 0 ¤¤¤

¤¤¤ 'DE3,D : 12 ¤¤¤
[PUP] HKEY_LOCAL_MACHINE\Software\Partner -> E-0HA
[PUM.SearchPage] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01 -> %3*(/'D (http://go.microsoft.com/fwlink/?LinkId=54896)
[PUM.SearchPage] HKEY_USERS\S-1-5-21-373802467-2294298891-4220601738-1000\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01 -> %3*(/'D (http://go.microsoft.com/fwlink/?LinkId=54896)
[PUM.Dns] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{24b25de3-d05e-4292-b9a3-319beb67e311} | NameServer : 212.217.0.12 212.217.1.12 ([-][X]) -> %3*(/'D ()
[PUM.Dns] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{431a6341-0da3-4d5b-b0c0-48b40ca239fe} | NameServer : 62.251.230.241 212.217.1.1 ([X][-]) -> %3*(/'D ()
[PUM.Dns] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{71c1529c-f7ae-43b8-8836-166140e8f4f9} | NameServer : 212.217.0.12 212.217.1.12 ([-][X]) -> %3*(/'D ()
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{24b25de3-d05e-4292-b9a3-319beb67e311} | NameServer : 212.217.0.12 212.217.1.12 ([-][X]) -> %3*(/'D ()
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{431a6341-0da3-4d5b-b0c0-48b40ca239fe} | NameServer : 62.251.230.241 212.217.1.1 ([X][-]) -> %3*(/'D ()
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{71c1529c-f7ae-43b8-8836-166140e8f4f9} | NameServer : 212.217.0.12 212.217.1.12 ([-][X]) -> %3*(/'D ()
[PUM.StartMenu] HKEY_USERS\S-1-5-21-373802467-2294298891-4220601738-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> %3*(/'D (1)
[PUM.StartMenu] HKEY_USERS\S-1-5-21-373802467-2294298891-4220601738-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_TrackProgs : 0 -> %3*(/'D (1)
[PUM.StartMenu] HKEY_USERS\S-1-5-21-373802467-2294298891-4220601738-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowHelp : 0 -> %3*(/'D (1)

¤¤¤ 'DEG'E : 1 ¤¤¤
[Suspicious.Path] \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -- C:\Program Files\Microsoft Security Client\MpCmdRun.exe (Scan -ScheduleJob -RestrictPrivileges) -> E-0HA

¤¤¤ 'DEDA'* : 2 ¤¤¤
[PUP][EDA] C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} -> E-0HA
[PUP][EDA] C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} -> E-0HA
[PUP][EDA] C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}\{D3742F82-1C1A-4DCC-ABBD-0E831C0185CC}.msi -> E-0HA

¤¤¤ EDA 'DGH3* : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: E-ED) ¤¤¤

¤¤¤ 'DE*5A- : 7 ¤¤¤
[FIREFX:Addon] 7qyn4rkx.default-1456078499989 : Mozilla Firefox hotfix [firefox-hotfix@mozilla.org] -> E-0HA
[FIREFX:Addon] 7qyn4rkx.default-1456078499989 : Adblock Plus [{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}] -> E-0HA
[FIREFX:Addon] 7qyn4rkx.default-1456078499989 : IDM integration [mozilla_cc2@internetdownloadmanager.com] -> E-0HA
[FIREFX:Addon] 7qyn4rkx.default-1456078499989 : IDM CC [mozilla_cc@internetdownloadmanager.com] -> E-0HA
[FIREFX:Addon] 7qyn4rkx.default-1456078499989 : Avast Online Security [wrc@avast.com] -> E-0HA
[FIREFX:Addon] 7qyn4rkx.default-1456078499989 : Avast SafePrice [sp@avast.com] -> E-0HA
[PUM.HomePage][FIREFX:Config] pjuna2yk.default : user_pref("browser.startup.homepage", "https://www.malwarebytes.org/restorebrowser/_504_bl-sw-21__alt__ddc_dsssyc_bd_com"); -> %3*(/'D (about:home)

¤¤¤ A-5 'D MBR : ¤¤¤
+++++ PhysicalDrive0: +++++
--- User ---
[MBR] 6d6b42b4d292320fbfe071c0e0669ae1
[BSP] af49ae7d99225c257f1fdddbc92255f6 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 94967 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 194494464 | Size: 449 MB
2 - [XXXXXX] EXTEN-LBA (0xf) [VISIBLE] Offset (sectors): 195414660 | Size: 143055 MB
User = LL1 ... OK
User = LL2 ... OK


Publicité


Signaler le contenu de ce document

Publicité