cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ÿþRogueKiller V12.0.3.0 [Mar 21 2016] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/software/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 10 (10.0.10586) 64 bits version
Started in : Normal mode
User : Lenovo [Administrator]
Started from : C:\Users\Lenovo\Desktop\RogueKiller.exe
Mode : Delete -- Date : 03/27/2016 21:30:26

¤¤¤ Processes : 2 ¤¤¤
[Suspicious.Path] BingSvc.exe(2052) -- C:\Users\Lenovo\AppData\Local\Microsoft\BingSvc\BingSvc.exe[x] -> Found
[Suspicious.Path] MiPhoneHelper.exe(5592) -- C:\Users\Lenovo\AppData\Local\MiPhoneManager\main\MiPhoneHelper.exe[x] -> Found

¤¤¤ Registry : 11 ¤¤¤
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtPending | (default) : {056D528D-CE28-4194-9BA3-BA2E9197FF8C} [x] -> Not selected
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSynced | (default) : {05B38830-F4E9-4329-978B-1DD28605D202} [x] -> Not selected
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSyncing | (default) : {0596C850-7BDD-4C9D-AFDF-873BE6890637} [x] -> Not selected
[Suspicious.Path] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtPending | (default) : {056D528D-CE28-4194-9BA3-BA2E9197FF8C} [x] -> Not selected
[Suspicious.Path] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSynced | (default) : {05B38830-F4E9-4329-978B-1DD28605D202} [x] -> Not selected
[Suspicious.Path] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSyncing | (default) : {0596C850-7BDD-4C9D-AFDF-873BE6890637} [x] -> Not selected
[Hidden.From.SCM] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\WUDFRd (\SystemRoot\System32\drivers\WUDFRd.sys) -> Not selected
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-2204421134-1669722188-388184259-1002\Software\Microsoft\Internet Explorer\Main | Start Page : www.wana.ma -> Not selected
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-2204421134-1669722188-388184259-1002\Software\Microsoft\Internet Explorer\Main | Start Page : www.wana.ma -> Not selected
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-2204421134-1669722188-388184259-1002\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://lenovo13.msn.com -> Not selected
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-2204421134-1669722188-388184259-1002\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://lenovo13.msn.com -> Not selected

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 2 ¤¤¤
[PUP][File] C:\Windows\SECOH-QAD.exe -> Deleted
[File.Forged][File] C:\Windows\System32\drivers\drmk.sys -> Replaced at reboot ( @Src C:\Users\Lenovo\AppData\Local\Temp\snack\drmk.sys)

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Not loaded [0xc000036b]) ¤¤¤

¤¤¤ Web browsers : 2 ¤¤¤
[PUM.Proxy][FIREFX:Config] 7dkwb1y9.default : user_pref("network.proxy.http", "192.95.4.124"); -> Not selected
[PUM.Proxy][FIREFX:Config] 7dkwb1y9.default : user_pref("network.proxy.http_port", 80); -> Not selected

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: ST1000LM024 HN-M101MBB +++++
--- User ---
[MBR] dee761589656e863c7db4032f6df265a
[BSP] 0870a669def3a9d0d01bf86c2e1eb5e8 : Empty MBR Code
Partition table:
0 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 2048 | Size: 1000 MB
1 - [SYSTEM][MAN-MOUNT] EFI system partition | Offset (sectors): 2050048 | Size: 260 MB
2 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 2582528 | Size: 1000 MB
3 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 4630528 | Size: 128 MB
4 - Basic data partition | Offset (sectors): 4892672 | Size: 504496 MB
5 - [SYSTEM][MAN-MOUNT] | Offset (sectors): 1038100480 | Size: 452 MB
6 - Basic data partition | Offset (sectors): 1039026176 | Size: 399999 MB
7 - [SYSTEM][MAN-MOUNT] | Offset (sectors): 1858226176 | Size: 452 MB
8 - Basic data partition | Offset (sectors): 1859151872 | Size: 25600 MB
9 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 1911580672 | Size: 20480 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: HUAWEI SD Storage USB Device +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )


Publicité


Signaler le contenu de ce document

Publicité