RogueKiller V12.12.26.0 [Jul 9 2018] (Free) by Adlice Software mail : http://www.adlice.com/contact/ Feedback : https://forum.adlice.com Website : http://www.adlice.com/download/roguekiller/ Blog : http://www.adlice.com Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits version Started in : Normal mode User : lenovo [Administrator] Started from : C:\Users\lenovo\Desktop\RogueKiller_portable32.exe Mode : Scan -- Date : 07/10/2018 11:34:30 (Duration : 02:50:15) ¤¤¤ Processes : 2 ¤¤¤ [PUP.Gen1] Lavasoft.WCAssistant.WinService.exe(2672) -- C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe[7] -> Found [Suspicious.Path] SkyDriveShell.dll(1616) -- C:\Users\lenovo\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll[7] -> Found ¤¤¤ Registry : 5 ¤¤¤ [Suspicious.Path] HKEY_CLASSES_ROOT\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8} (C:\Users\lenovo\AppData\Local\Google\Update\1.3.33.7\psuser.dll) -> Found [PUP.Gen1] HKEY_USERS\S-1-5-21-1450707365-3114357019-3030383042-1000\Software\Microsoft\Windows\CurrentVersion\Run | Web Companion : C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize [7] -> Found [PUP.Gen0|PUP.Gen1] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WCAssistantService (C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe) -> Found [PUP.Gen0|PUP.Gen1] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\WCAssistantService (C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe) -> Found [PUM.SearchPage] HKEY_USERS\S-1-5-21-1450707365-3114357019-3030383042-1000\Software\Microsoft\Internet Explorer\Main | Search Bar : Preserve -> Found ¤¤¤ Tasks : 0 ¤¤¤ ¤¤¤ Files : 16 ¤¤¤ [PUP.Gen1][Folder] C:\ProgramData\Lavasoft\Web Companion -> Found [PUP.Gen1][Folder] C:\Users\lenovo\AppData\Roaming\Lavasoft\Web Companion -> Found [PUP.uTorrentAds][File] C:\Users\lenovo\AppData\Roaming\uTorrent\updates\3.4.9_43085\utorrentie.exe -> Found [PUP.uTorrentAds][File] C:\Users\lenovo\AppData\Roaming\uTorrent\updates\3.4.9_43295\utorrentie.exe -> Found [PUP.uTorrentAds][File] C:\Users\lenovo\AppData\Roaming\uTorrent\updates\3.4.9_43388\utorrentie.exe -> Found [PUP.uTorrentAds][File] C:\Users\lenovo\AppData\Roaming\uTorrent\updates\3.5.0_43804\utorrentie.exe -> Found [PUP.uTorrentAds][File] C:\Users\lenovo\AppData\Roaming\uTorrent\updates\3.5.0_43916\utorrentie.exe -> Found [PUP.uTorrentAds][File] C:\Users\lenovo\AppData\Roaming\uTorrent\updates\3.5.0_44090\utorrentie.exe -> Found [PUP.uTorrentAds][File] C:\Users\lenovo\AppData\Roaming\uTorrent\updates\3.5.0_44294\utorrentie.exe -> Found [PUP.uTorrentAds][File] C:\Users\lenovo\AppData\Roaming\uTorrent\updates\3.5.1_44332\utorrentie.exe -> Found [PUP.uTorrentAds][File] C:\Users\lenovo\AppData\Roaming\uTorrent\updates\3.5.3_44358\utorrentie.exe -> Found [PUP.uTorrentAds][File] C:\Users\lenovo\AppData\Roaming\uTorrent\updates\3.5.3_44396\utorrentie.exe -> Found [PUP.uTorrentAds][File] C:\Users\lenovo\AppData\Roaming\uTorrent\updates\3.5.3_44428\utorrentie.exe -> Found [PUP.uTorrentAds][File] C:\Users\lenovo\AppData\Roaming\uTorrent\updates\3.5.3_44494\utorrentie.exe -> Found [PUP.Gen1][Folder] C:\ProgramData\Lavasoft\Web Companion -> Found [PUP.Gen1][Folder] C:\Program Files\Lavasoft\Web Companion -> Found ¤¤¤ WMI : 0 ¤¤¤ ¤¤¤ Hosts File : 0 ¤¤¤ ¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤ ¤¤¤ Web browsers : 2 ¤¤¤ [PUM.SearchEngine][Firefox:Config] sq39mbzn.default-1496470462934-1510904037715 : user_pref("browser.search.selectedEngine", "Yahoo! Search Engine"); -> Found [PUM.SearchEngine][Firefox:Config] sq39mbzn.default-1496470462934-1510904037715 : user_pref("browser.search.defaultenginename", "Yahoo! Search Engine"); -> Found ¤¤¤ MBR Check : ¤¤¤ +++++ PhysicalDrive0: +++++ --- User --- [MBR] 6676ed6a85899520b71c401c48bac944 [BSP] 15fc16227e8fccae680f59a76c9e4889 : Windows Vista/7/8 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] 1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 79900 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] 2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 163842048 | Size: 130000 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] 3 - [XXXXXX] EXTEN-LBA (0xf) [VISIBLE] Offset (sectors): 430082048 | Size: 266938 MB User = LL1 ... OK User = LL2 ... OK