ÿþRogueKiller V12.9.0.0 [Dec 26 2016] (Premium) by Adlice Software mail : http://www.adlice.com/contact/ Feedback : http://forum.adlice.com Website : http://www.adlice.com/download/roguekiller/ Blog : http://www.adlice.com Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits version Started in : Normal mode User : chakiche mohamed [Administrator] Started from : C:\Program Files\RogueKiller\RogueKiller.exe Mode : Scan -- Date : 12/27/2016 20:47:13 (Duration : 00:48:54) ¤¤¤ Processes : 0 ¤¤¤ ¤¤¤ Registry : 8 ¤¤¤ [PUP.Gen0] HKEY_CLASSES_ROOT\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474} -> Found [PUP.Gen1] HKEY_USERS\.DEFAULT\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_ -> Found [PUP.Gen1] HKEY_USERS\S-1-5-18\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_ -> Found [PUP.Gen1] HKEY_USERS\S-1-5-21-2196797711-3197828652-2754627983-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\QQPlayer -> Found [PUM.Proxy] HKEY_USERS\S-1-5-21-2196797711-3197828652-2754627983-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : -> Found [PUM.SearchPage] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.oursurfing.com/web/?type=ds&ts=1446223307&z=670ccfa8318eb2f60429c7cg1z3zcqfoaodc3c6e9m&from=amt&uid=toshibaxdt01aca100_x48jyw5nsxxx48jyw5nsx&q={searchTerms} -> Found [PUM.SearchPage] HKEY_USERS\S-1-5-21-2196797711-3197828652-2754627983-1000\Software\Microsoft\Internet Explorer\Main | Search Bar : Preserve -> Found [PUM.SearchPage] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Default_Search_URL : http://www.oursurfing.com/web/?type=ds&ts=1446223307&z=670ccfa8318eb2f60429c7cg1z3zcqfoaodc3c6e9m&from=amt&uid=toshibaxdt01aca100_x48jyw5nsxxx48jyw5nsx&q={searchTerms} -> Found ¤¤¤ Tasks : 0 ¤¤¤ ¤¤¤ Files : 8 ¤¤¤ [PUP.Gen1][Folder] C:\Users\chakiche mohamed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\QQPlayer -> Found [PUP.Gen1][File] C:\Users\chakiche mohamed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QQPlayer.lnk [LNK@] C:\PROGRA~1\Tencent\QQPlayer\QQPlayer.exe -> Found [PUP.Gen1][File] C:\Users\chakiche mohamed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\QQPlayer.lnk [LNK@] C:\PROGRA~1\Tencent\QQPlayer\QQPlayer.exe -> Found [PUP.Gen1][Folder] C:\Users\chakiche mohamed\AppData\Roaming\Elex-tech -> Found [PUP.Gen1][Folder] C:\Users\chakiche mohamed\AppData\Roaming\Tencent -> Found [PUP.Gen1][Folder] C:\Program Files\NixController -> Found [PUP.Gen1][Folder] C:\Program Files\Tencent -> Found [PUP.Gen1][Folder] C:\Users\chakiche mohamed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\QQPlayer -> Found ¤¤¤ WMI : 0 ¤¤¤ ¤¤¤ Hosts File : 0 ¤¤¤ ¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤ ¤¤¤ Web browsers : 1 ¤¤¤ [PUP.Gen1|PUP.Gen0][Chrome:Addon] Default : Wiki-Search.me [fcgnigmofekcllgbiejhmigggmgehkip] -> Found ¤¤¤ MBR Check : ¤¤¤ +++++ PhysicalDrive0: TOSHIBA DT01ACA100 ATA Device +++++ --- User --- [MBR] 757ce243e52285e44394b06234343972 [BSP] d816bae46474089fb6a6a2c0a8171a02 : Windows Vista/7/8|VT.Unknown MBR Code Partition table: 0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 350 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] 1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 718848 | Size: 153650 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] 2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 315394048 | Size: 200000 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] 3 - [XXXXXX] EXTEN-LBA (0xf) [VISIBLE] Offset (sectors): 724994048 | Size: 599867 MB User = LL1 ... OK User = LL2 ... OK