RogueKiller V9.1.0.0 (x64) [Jun 23 2014] by Adlice Software
Почта : http://www.adlice.com/contact/
Обратная связь : http://forum.adlice.com
сайт : http://www.adlice.com/softwares/roguekiller/
Блог : http://www.adlice.com
Операционная система : Windows 8.1 (6.3.9200 ) 64 bits version
Запущен в : Нормальный режим
Пользователь : Lazarev [Права администратора]
Режим : Сканировать -- Дата : 07/04/2014 22:31:55
¤¤¤ Плохие процессы : 0 ¤¤¤
¤¤¤ Элементы реестра : 2 ¤¤¤
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\pwddypow -> Найдено
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\pwddypow -> Найдено
¤¤¤ Запланированные задания : 0 ¤¤¤
¤¤¤ файлы : 0 ¤¤¤
¤¤¤ HOSTS файл : 0 ¤¤¤
¤¤¤ Antirootkit : 14 ¤¤¤
[EAT:Addr] (explorer.exe) cscui.dll - CscNetApiGetInterface : C:\Windows\SYSTEM32\cscapi.dll @ 0x7ffd2e901530
[EAT:Addr] (explorer.exe) cscui.dll - CscSearchApiGetInterface : C:\Windows\SYSTEM32\cscapi.dll @ 0x7ffd2e903cb8
[EAT:Addr] (explorer.exe) cscui.dll - OfflineFilesEnable : C:\Windows\SYSTEM32\cscapi.dll @ 0x7ffd2e906fa0
[EAT:Addr] (explorer.exe) cscui.dll - OfflineFilesGetShareCachingMode : C:\Windows\SYSTEM32\cscapi.dll @ 0x7ffd2e907434
[EAT:Addr] (explorer.exe) cscui.dll - OfflineFilesQueryStatus : C:\Windows\SYSTEM32\cscapi.dll @ 0x7ffd2e902f50
[EAT:Addr] (explorer.exe) cscui.dll - OfflineFilesQueryStatusEx : C:\Windows\SYSTEM32\cscapi.dll @ 0x7ffd2e902d50
[EAT:Addr] (explorer.exe) cscui.dll - OfflineFilesStart : C:\Windows\SYSTEM32\cscapi.dll @ 0x7ffd2e9074f0
[EAT:Addr] (explorer.exe) cscui.dll - CscNetApiGetInterface : C:\Windows\SYSTEM32\cscapi.dll @ 0x7ffd2e901530
[EAT:Addr] (explorer.exe) cscui.dll - CscSearchApiGetInterface : C:\Windows\SYSTEM32\cscapi.dll @ 0x7ffd2e903cb8
[EAT:Addr] (explorer.exe) cscui.dll - OfflineFilesEnable : C:\Windows\SYSTEM32\cscapi.dll @ 0x7ffd2e906fa0
[EAT:Addr] (explorer.exe) cscui.dll - OfflineFilesGetShareCachingMode : C:\Windows\SYSTEM32\cscapi.dll @ 0x7ffd2e907434
[EAT:Addr] (explorer.exe) cscui.dll - OfflineFilesQueryStatus : C:\Windows\SYSTEM32\cscapi.dll @ 0x7ffd2e902f50
[EAT:Addr] (explorer.exe) cscui.dll - OfflineFilesQueryStatusEx : C:\Windows\SYSTEM32\cscapi.dll @ 0x7ffd2e902d50
[EAT:Addr] (explorer.exe) cscui.dll - OfflineFilesStart : C:\Windows\SYSTEM32\cscapi.dll @ 0x7ffd2e9074f0
¤¤¤ веб-браузеры : 0 ¤¤¤
¤¤¤ Проверка MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD3200AAKS-00B3A0 ATA Device +++++
--- User ---
[MBR] 59fb256c439b0b7b13918ad15b6602c6
[BSP] 39a9f287c5f4cca3964180516c3cb7c2 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 113273 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 231985152 | Size: 113274 MB
2 - [XXXXXX] LINUX (0x83) [VISIBLE] Offset (sectors): 463972352 | Size: 73925 MB
3 - [XXXXXX] EXTEN-LBA (0xf) [VISIBLE] Offset (sectors): 615372798 | Size: 4769 MB
User = LL1 ... OK
User = LL2 ... OK
+++++ PhysicalDrive1: KINGSTON SV300S37A120G ATA Device +++++
--- User ---
[MBR] 047fc6923278c2e2ca8eb8434145af62
[BSP] 3116de312b386dcaafc5fd5aaad988b5 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 114021 MB
User = LL1 ... OK
User = LL2 ... OK
+++++ PhysicalDrive2: Partizan ©DrWeb USB Device +++++
--- User ---
[MBR] 7e8e5417b5a771e956c8bcb3c4c49ffa
[BSP] 795699a7faecf0a56bc0d4e10e6c5230 : Unknown MBR Code
Partition table:
0 - [ACTIVE] FAT16 (0x6) [VISIBLE] Offset (sectors): 63 | Size: 1936 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] ????? ?????? ?? ??????????????. )
============================================
RKreport_DEL_07042014_134845.log - RKreport_DEL_07042014_140026.log - RKreport_SCN_07042014_134459.log - RKreport_SCN_07042014_135413.log