RogueKiller V11.0.3.0 [Dec 14 2015] (Gratuito) di Adlice Software
posta :
https://www.adlice.com/contact/
Commenti :
https://forum.adlice.com/
Sito Web :
https://www.adlice.com/roguekiller/
Discussione :
https://www.adlice.com/
Sistema Operativo : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Iniziato in : Modalità Normale
Utente : Luda [Amministratore]
Iniziato da : C:\Users\Luda\Desktop\RogueKiller.exe
Modalità : Scansione -- Data : 12/15/2015 11:11:43
¤¤¤ Processi : 0 ¤¤¤
¤¤¤ Registro : 10 ¤¤¤
[PUP] (X86) HKEY_LOCAL_MACHINE\Software\MYBESTOFFERSTODAY -> Trovato
[VT.Unknown] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | mbot_it_014010176 : "C:\Program Files (x86)\mbot_it_014010176\mbot_it_014010176.exe" [7] -> Trovato
[Suspicious.Path|VT.Unknown] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce | upmbot_it_014010176.exe : C:\Users\Luda\AppData\Local\mbot_it_014010176\upmbot_it_014010176.exe -runonce [7][x] -> Trovato
[Hidden.From.SCM] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\FontCache3.0.0.0 (%systemroot%\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe) -> Trovato
[Hidden.From.SCM] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Partizan (system32\drivers\Partizan.sys) -> Trovato
[Hidden.From.SCM] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\PROCMON23 (System32\Drivers\PROCMON23.SYS) -> Trovato
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Trovato
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Trovato
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-649329546-2253565086-3821493260-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Trovato
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-649329546-2253565086-3821493260-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Trovato
¤¤¤ Attività : 1 ¤¤¤
[Suspicious.Path] %WINDIR%\Tasks\MJRUL1.job -- C:\ProgramData\KeyStream\KeyStream.exe -> Trovato
¤¤¤ Archivi : 1 ¤¤¤
[PUP][Cartella] C:\Program Files (x86)\9400A9DD-1449569257-3012-8B14-E01877C1E34F -> Trovato
¤¤¤ Archivio Hosts : 1 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost
¤¤¤ Antirootkit : 0 (Driver: Non caricato [0xc000036b]) ¤¤¤
¤¤¤ Web Browser : 1 ¤¤¤
[PUM.Proxy][FIREFX:Config] 7dkebsf4.default-1424695275169 : user_pref("network.proxy.type", 5); -> Trovato
¤¤¤ Controllo MBR : ¤¤¤
+++++ PhysicalDrive0: TOSHIB MQ01ABF050 SCSI Disk Device +++++
--- User ---
[MBR] 0086f36f0b7bc8b257f89fc226376c3d
[BSP] 9e3b3c473b1db0daa516427cdae6e1cc : Windows Vista/7/8 MBR Code
Partition table:
0 - [MAN-MOUNT] EFI system partition | Offset (sectors): 2048 | Size: 100 MB
1 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 206848 | Size: 128 MB
2 - Basic data partition | Offset (sectors): 468992 | Size: 239937 MB
3 - Basic data partition | Offset (sectors): 491870208 | Size: 236768 MB
User = LL1 ... OK
User = LL2 ... OK
cosa eliminare grazie
Altro...