cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ÿþRogueKiller V12.1.5.0 [May 2 2016] (Premium) (H'37) (1F'E, Adlice
'D(1J/ 'D%DC*1HFJ : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
'DEHB9 : http://www.adlice.com/software/roguekiller/
Blog : http://www.adlice.com

F8'E 'D*4:JD : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
J(/# AJ : 'DH69 'D7(J9J
'DE3*./E : ???? [E3$HD]
Started from : C:\Users\????\Downloads\Programs\RogueKiller.exe
'DH69 : A-5 -- 'DJHE : 05/07/2016 17:43:22

¤¤¤ 'D9EDJ) : 0 ¤¤¤

¤¤¤ 'DE3,D : 11 ¤¤¤
[PUP] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} -> H,/
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\catchme (\??\C:\Users\99DA~1\AppData\Local\Temp\catchme.sys) -> H,/
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\catchme (\??\C:\Users\99DA~1\AppData\Local\Temp\catchme.sys) -> H,/
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\catchme (\??\C:\Users\99DA~1\AppData\Local\Temp\catchme.sys) -> H,/
[PUM.Proxy] HKEY_USERS\S-1-5-21-3488952640-1886036067-2608822963-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> H,/
[PUM.HomePage] HKEY_USERS\S-1-5-21-3488952640-1886036067-2608822963-1000\Software\Microsoft\Internet Explorer\Main | start page : https://mysearch.avg.com?cid={38861EE3-51FC-44A7-877F-881524EAB58C}&mid=4c528b1b5ede47d09163d17921622c30-06ce4fc639803a2e3563922518183d8e94088cb9&lang=fr&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2015-02-09 20:24:22&v=4.0.6.10&pid=wtu&sg=&sap=hp -> H,/
[PUM.SearchPage] HKEY_USERS\S-1-5-21-3488952640-1886036067-2608822963-1000\Software\Microsoft\Internet Explorer\Main | Search Bar : Preserve -> H,/
[PUM.Dns] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{1429D174-A49A-4D51-A19B-F762FFE5471B} | NameServer : 8.8.8.8 193.251.169.165 ([-][X]) -> H,/
[PUM.Dns] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3F609C51-14F6-455A-A5A4-1472517BB17A} | NameServer : 8.8.8.8 0.0.0.0 ([-][]) -> H,/
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{3F609C51-14F6-455A-A5A4-1472517BB17A} | NameServer : 8.8.8.8 0.0.0.0 ([-][]) -> H,/
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{3F609C51-14F6-455A-A5A4-1472517BB17A} | NameServer : 8.8.8.8 0.0.0.0 ([-][]) -> H,/

¤¤¤ 'DEG'E : 3 ¤¤¤
[Suspicious.Path] \{18F1193B-94CB-4FB2-8A39-BB555BE15637} -- C:\Windows\Uninstal.exe -> H,/
[Suspicious.Path] \{3FBAC6B6-F1D9-4501-A0C4-150E82439737} -- C:\Windows\Uninstal.exe -> H,/
[Suspicious.Path] \{48B4B9CC-3CFD-4CEF-AB3B-2A156A0B77A1} -- C:\Windows\Uninstal.exe -> H,/

¤¤¤ 'DEDA'* : 0 ¤¤¤

¤¤¤ EDA 'DGH3* : 0 [Too big!] ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: E-ED) ¤¤¤

¤¤¤ 'DE*5A- : 0 ¤¤¤

¤¤¤ A-5 'D MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD5000AAKS-00WWPA0 ATA Device +++++
--- User ---
[MBR] 0e74b36c35e7067b6f46760c911afc66
[BSP] dfde74c9bb700a2ef0a5a530ff07dc0a : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 80003 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] EXTEN-LBA (0xf) [VISIBLE] Offset (sectors): 163846935 | Size: 396926 MB
User = LL1 ... OK
User = LL2 ... OK


Publicité


Signaler le contenu de ce document

Publicité