cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ÿþRogueKiller V12.3.3.0 (x64) [Jun 13 2016] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/software/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Ag Erlaf [Administrator]
Started from : C:\Users\Ag Erlaf\Downloads\RogueKillerX64.exe
Mode : Scan -- Date : 06/15/2016 11:11:25

¤¤¤ Processes : 1 ¤¤¤
[Proc.Injected] hpwuschd2.exe(2980) -- C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe[x] -> Found

¤¤¤ Registry : 12 ¤¤¤
[PUP] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\.QMDeskTopGCIcon | (default) : {B7667919-3765-4815-A66D-98A09BE662D6} (C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16443.223\QMGCShellExt64.dll) -> Found
[PUP] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B} (C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16443.223\TSWebMon64.dat) -> Found
[PUP] (X64) HKEY_USERS\S-1-5-21-1753231300-1309403576-1715330843-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{71e129ff-6c2a-4984-818c-7e2c998b8d99} -> Found
[PUP] (X86) HKEY_USERS\S-1-5-21-1753231300-1309403576-1715330843-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{71e129ff-6c2a-4984-818c-7e2c998b8d99} -> Found
[Suspicious.Path|VT.Unknown] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | CheckUpdate : C:\ProgramData\Update\fmaj5.exe [-] -> Found
[PUM.Proxy] (X64) HKEY_USERS\S-1-5-21-1753231300-1309403576-1715330843-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:49184;https=127.0.0.1:49184 -> Found
[PUM.Proxy] (X86) HKEY_USERS\S-1-5-21-1753231300-1309403576-1715330843-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:49184;https=127.0.0.1:49184 -> Found
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-1753231300-1309403576-1715330843-1000\Software\Microsoft\Internet Explorer\Main | Search bar : Preserve -> Found
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-1753231300-1309403576-1715330843-1000\Software\Microsoft\Internet Explorer\Main | Search bar : Preserve -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{F43600FE-D2C3-403E-8B12-1907EFA34707} | DhcpNameServer : 172.20.10.1 ([]) -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{F43600FE-D2C3-403E-8B12-1907EFA34707} | DhcpNameServer : 172.20.10.1 ([]) -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{F43600FE-D2C3-403E-8B12-1907EFA34707} | DhcpNameServer : 172.20.10.1 ([]) -> Found

¤¤¤ Tasks : 1 ¤¤¤
[Suspicious.Path] %WINDIR%\Tasks\GS.Enabler-S-1824435291.job -- c:\programdata\house of soft\gs.enabler\GS.Enabler.exe (/schedule /profile "c:\programdata\house of soft\gs.enabler\1824435291.ini") -> Found

¤¤¤ Files : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: ST310005 28AS SATA Disk Device +++++
--- User ---
[MBR] 75204682677f14e8fe5438b69c227f49
[BSP] 8f2a61db9a92a1befc69ced5182179b3 : HP|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 938220 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 1921681408 | Size: 15547 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK


Publicité


Signaler le contenu de ce document

Publicité