cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

RogueKiller V12.6.4.0 (x64) [Sep 26 2016] (Gratuit) par Adlice Software
email : http://www.adlice.com/contact/
Remontées : http://forum.adlice.com
Site web : http://www.adlice.com/fr/download/roguekiller/
Blog : http://www.adlice.com

Système d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Démarré en : Mode normal
Utilisateur : Esteban [Administrateur]
Démarré depuis : C:\Program Files\RogueKiller\RogueKiller64.exe
Mode : Scan -- Date : 09/28/2016 19:25:07 (Durée : 00:16:09)

¤¤¤ Processus : 0 ¤¤¤

¤¤¤ Registre : 14 ¤¤¤
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{6F82FAB4-BF91-43F8-8D1A-1B9F23C209E4}C:\users\esteban\appdata\local\temp\rarsfx0\x32\pcsftool.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\users\esteban\appdata\local\temp\rarsfx0\x32\pcsftool.exe|Name=PcSfTool|Desc=PcSfTool|Defer=User| [x] -> Trouvé(e)
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{703F09BD-BBE3-4806-9D10-0ECF0E02B9CD}C:\users\esteban\appdata\local\temp\rarsfx0\x32\pcsftool.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\users\esteban\appdata\local\temp\rarsfx0\x32\pcsftool.exe|Name=PcSfTool|Desc=PcSfTool|Defer=User| [x] -> Trouvé(e)
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{44A5D321-B3F9-4870-B5B7-13F42696A851}C:\users\esteban\appdata\local\temp\rarsfx0\x64\pcsftool.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\users\esteban\appdata\local\temp\rarsfx0\x64\pcsftool.exe|Name=PcSfTool|Desc=PcSfTool|Defer=User| [x] -> Trouvé(e)
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{CF02CAAD-79FD-4F2F-8C3B-5E3349F7432A}C:\users\esteban\appdata\local\temp\rarsfx0\x64\pcsftool.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\users\esteban\appdata\local\temp\rarsfx0\x64\pcsftool.exe|Name=PcSfTool|Desc=PcSfTool|Defer=User| [x] -> Trouvé(e)
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{6F82FAB4-BF91-43F8-8D1A-1B9F23C209E4}C:\users\esteban\appdata\local\temp\rarsfx0\x32\pcsftool.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\users\esteban\appdata\local\temp\rarsfx0\x32\pcsftool.exe|Name=PcSfTool|Desc=PcSfTool|Defer=User| [x] -> Trouvé(e)
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{703F09BD-BBE3-4806-9D10-0ECF0E02B9CD}C:\users\esteban\appdata\local\temp\rarsfx0\x32\pcsftool.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\users\esteban\appdata\local\temp\rarsfx0\x32\pcsftool.exe|Name=PcSfTool|Desc=PcSfTool|Defer=User| [x] -> Trouvé(e)
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{44A5D321-B3F9-4870-B5B7-13F42696A851}C:\users\esteban\appdata\local\temp\rarsfx0\x64\pcsftool.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\users\esteban\appdata\local\temp\rarsfx0\x64\pcsftool.exe|Name=PcSfTool|Desc=PcSfTool|Defer=User| [x] -> Trouvé(e)
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{CF02CAAD-79FD-4F2F-8C3B-5E3349F7432A}C:\users\esteban\appdata\local\temp\rarsfx0\x64\pcsftool.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\users\esteban\appdata\local\temp\rarsfx0\x64\pcsftool.exe|Name=PcSfTool|Desc=PcSfTool|Defer=User| [x] -> Trouvé(e)
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{6F82FAB4-BF91-43F8-8D1A-1B9F23C209E4}C:\users\esteban\appdata\local\temp\rarsfx0\x32\pcsftool.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\users\esteban\appdata\local\temp\rarsfx0\x32\pcsftool.exe|Name=PcSfTool|Desc=PcSfTool|Defer=User| [x] -> Trouvé(e)
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{703F09BD-BBE3-4806-9D10-0ECF0E02B9CD}C:\users\esteban\appdata\local\temp\rarsfx0\x32\pcsftool.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\users\esteban\appdata\local\temp\rarsfx0\x32\pcsftool.exe|Name=PcSfTool|Desc=PcSfTool|Defer=User| [x] -> Trouvé(e)
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{44A5D321-B3F9-4870-B5B7-13F42696A851}C:\users\esteban\appdata\local\temp\rarsfx0\x64\pcsftool.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\users\esteban\appdata\local\temp\rarsfx0\x64\pcsftool.exe|Name=PcSfTool|Desc=PcSfTool|Defer=User| [x] -> Trouvé(e)
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{CF02CAAD-79FD-4F2F-8C3B-5E3349F7432A}C:\users\esteban\appdata\local\temp\rarsfx0\x64\pcsftool.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\users\esteban\appdata\local\temp\rarsfx0\x64\pcsftool.exe|Name=PcSfTool|Desc=PcSfTool|Defer=User| [x] -> Trouvé(e)
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-2269556892-668980708-1879617014-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowRecentDocs : 0 -> Trouvé(e)
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-2269556892-668980708-1879617014-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowRecentDocs : 0 -> Trouvé(e)

¤¤¤ Tâches : 0 ¤¤¤

¤¤¤ Fichiers : 0 ¤¤¤

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Fichier Hosts : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Chargé) ¤¤¤

¤¤¤ Navigateurs web : 0 ¤¤¤

¤¤¤ Vérification MBR : ¤¤¤
+++++ PhysicalDrive0: ST1000DM 003-1CH162 SCSI Disk Device +++++
--- User ---
[MBR] 5670c9d58b50552398b58e9306b1df7a
[BSP] 8dff1682ed74f21f8a7f98cf5ee6ac8c : Linux|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 698655 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 1490678000 | Size: 225996 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
3 - [XXXXXX] EXTEN (0x5) [VISIBLE] Offset (sectors): 1431054334 | Size: 29113 MB
User = LL1 ... OK
User = LL2 ... OK


Publicité


Signaler le contenu de ce document

Publicité