cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ÿþRogueKiller V12.9.6.0 [Jan 30 2017] (Premium) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Started in : Normal mode
User : CyberAbdo [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller.exe
Mode : Delete -- Date : 01/30/2017 16:43:32 (Duration : 00:40:59)

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 13 ¤¤¤
[PUP.Gen0] HKEY_CLASSES_ROOT\CLSID\{0A93904A-BB1E-4a0c-9753-B57B9AE272CC} (C:\Program Files\Baidu Security\Baidu Antivirus\BavShx.dll) -> Deleted
[PUP.Gen0] HKEY_CLASSES_ROOT\CLSID\{22848257-6a2d-4d2a-8d56-c886d25b8b58} (C:\Users\CyberAbdo\AppData\Local\Pokki\Download Helper\npPokkiDownloadHelper.1.2.0.78.dll) -> Deleted
[PUP.Gen0] HKEY_CLASSES_ROOT\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} (C:\PROGRA~1\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL) -> Deleted
[PUP.Gen1] HKEY_USERS\S-1-5-21-1119879957-2025897805-3966961949-1002\Software\csastats -> Deleted
[PUP.Gen1] HKEY_USERS\S-1-5-21-1119879957-2025897805-3966961949-1002\Software\Pokki -> Deleted
[PUP.Gen1] HKEY_USERS\S-1-5-21-1119879957-2025897805-3966961949-1002\Software\ProductSetup -> Deleted
[PUP.Gen1] HKEY_USERS\S-1-5-21-1119879957-2025897805-3966961949-1002\Software\Microsoft\Windows\CurrentVersion\Uninstall\PokkiDownloadHelper -> Deleted
[PUP.Gen0] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\BaiduAntivirusIconLock | (default) : {0A93904A-BB1E-4a0c-9753-B57B9AE272CC} (C:\Program Files\Baidu Security\Baidu Antivirus\BavShx.dll) -> Deleted
[PUP.Gen0] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} (C:\PROGRA~1\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL) -> Deleted
[Suspicious.Path] HKEY_USERS\S-1-5-21-1119879957-2025897805-3966961949-1002\Software\Microsoft\Windows\CurrentVersion\Run | SysinfYhX : C:\WINDOWS\system32\cmd.exe /c start wscript /e:VBScript.Encode %temp%\SysinfYhX.db [x][x][x] -> Deleted
[Suspicious.Path] HKEY_USERS\S-1-5-21-1119879957-2025897805-3966961949-1002\Software\Microsoft\Windows NT\CurrentVersion\Winlogon | Shell : explorer.exe,C:\Users\CyberAbdo\AppData\Roaming\WindowsUpdate\mobsync.exe [x] -> Deleted
[PUM.Policies] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Replaced (2)
[PUM.StartMenu] HKEY_USERS\S-1-5-21-1119879957-2025897805-3966961949-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Replaced (1)

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 1 ¤¤¤
[PUP.Gen0|PUP.Gen1][Folder] C:\Users\CyberAbdo\AppData\Local\Pokki -> Deleted
[PUP.Gen0|PUP.Gen1][File] C:\Users\CyberAbdo\AppData\Local\Pokki\Download Helper\npPokkiDownloadHelper.1.2.0.78.dll -> Deleted
[PUP.Gen0|PUP.Gen1][File] C:\Users\CyberAbdo\AppData\Local\Pokki\Download Helper\PokkiDownloadHelper.exe -> Deleted
[PUP.Gen0|PUP.Gen1][Folder] C:\Users\CyberAbdo\AppData\Local\Pokki\Download Helper -> Deleted

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: +++++
--- User ---
[MBR] f53939b911ff558ef69eaee1beb5e3fa
[BSP] 6ec4f645c50fa1e9b6704eced832cf7f : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 90 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 186368 | Size: 244593 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 501112832 | Size: 232256 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: +++++
Error reading User MBR! ([15] Le périphérique n?est pas prêt. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )


Publicité


Signaler le contenu de ce document

Publicité