cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ÿþRogueKiller V12.3.0.0 (x64) [May 22 2016] (Premium) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/software/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 10 (10.0.10586) 64 bits version
Started in : Normal mode
User : zanoob [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Mode : Delete -- Date : 05/22/2016 17:58:21

¤¤¤ Processes : 1 ¤¤¤
[Suspicious.Path|VT.Riskware.Gen!c] smass.exe(2756) -- C:\ProgramData\Microsoft\Windows\WindowsAccManager\smass.exe[-] -> Killed [TermProc]

¤¤¤ Registry : 4 ¤¤¤
[Suspicious.Path|VT.Riskware.Gen!c] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\smass (C:\ProgramData\Microsoft\Windows\WindowsAccManager\smass.exe -strtsrv) -> ERROR [4001]
[Suspicious.Path|VT.Riskware.Gen!c] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\smass (C:\ProgramData\Microsoft\Windows\WindowsAccManager\smass.exe -strtsrv) -> ERROR [4001]
[PUM.Proxy] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NlaSvc\Parameters\Internet\ManualProxies | (default) : -> Deleted
[PUM.Proxy] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NlaSvc\Parameters\Internet\ManualProxies | (default) : -> ERROR [2]

¤¤¤ Tasks : 2 ¤¤¤
[Suspicious.Path] %WINDIR%\Tasks\{61CA9651-420E-DD46-80BA-4DFBCA7F5CA9}.job -- C:\Users\zanoob\AppData\Local\{80E6B~1\UNINST~1.EXE (/Check) -> Deleted
[Suspicious.Path] \{61CA9651-420E-DD46-80BA-4DFBCA7F5CA9} -- C:\Users\zanoob\AppData\Local\{80E6B~1\UNINST~1.EXE (/Check) -> Deleted

¤¤¤ Files : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤

¤¤¤ Web browsers : 1 ¤¤¤
[PUM.HomePage][FIREFX:Config] algvtucw.default : user_pref("browser.startup.homepage", "https://www.malwarebytes.org/restorebrowser/-bfr-dd__alt__ddc_dsssyc_bd_com"); -> Replaced (about:home)

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: WDC WD10EZEX-00BN5A0 +++++
--- User ---
[MBR] 4b3a205487eb55a3d96f18657d9b20b6
[BSP] 1c3070ac0b258f4042a7266dcd3c828e : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 350 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 718848 | Size: 678328 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 1389934592 | Size: 450 MB
3 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 1390856192 | Size: 274738 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK


Publicité


Signaler le contenu de ce document

Publicité