rk-502D.tmp.txt

Document joint : FKewJnOpHr1_rk-502D.tmp.txt

Cliquez pour partager vos propres fichiers

Format du document : text/plain

Prévisualisation

ÿþRogueKiller V12.7.5.0 (x64) [Oct 31 2016] (Premium) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 10 (10.0.14393) 64 bits version
Started in : Normal mode
User : JAOUDHBOUB [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Mode : Scan -- Date : 11/04/2016 21:02:17 (Duration : 00:57:11)

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 12 ¤¤¤
[PUP] (X64) HKEY_CLASSES_ROOT\metnsd -> Found
[PUP] (X86) HKEY_LOCAL_MACHINE\Software\PIP -> Found
[PUP] (X64) HKEY_USERS\S-1-12-1-1227376218-1127487552-3009783178-2957316744\Software\APN PIP -> Found
[PUP] (X64) HKEY_USERS\S-1-12-1-1227376218-1127487552-3009783178-2957316744\Software\PIP -> Found
[PUP] (X86) HKEY_USERS\S-1-12-1-1227376218-1127487552-3009783178-2957316744\Software\APN PIP -> Found
[PUP] (X86) HKEY_USERS\S-1-12-1-1227376218-1127487552-3009783178-2957316744\Software\PIP -> Found
[PUP] (X64) HKEY_USERS\S-1-12-1-1227376218-1127487552-3009783178-2957316744\Software\Microsoft\Windows\CurrentVersion\Uninstall\QQPlayer -> Found
[PUP] (X86) HKEY_USERS\S-1-12-1-1227376218-1127487552-3009783178-2957316744\Software\Microsoft\Windows\CurrentVersion\Uninstall\QQPlayer -> Found
[PUP] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {5911B1F3-1AF3-4D74-B362-E3A5402092E0} : v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Tencent\QQPlayer\QQDeskUpdate.exe|Name=QQPlayerUpdate| [7] -> Found
[PUP] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {870FE759-5B48-439B-AA79-2D7214E9D8CA} : v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Tencent\QQPlayer\QQDeskUpdate.exe|Name=QQPlayerUpdate| [7] -> Found
[PUP] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {947BC5B1-640A-446B-8117-9050B38DEFF3} : v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Tencent\QQPlayer\QQPlayer.exe|Name=QQPlayer| [7] -> Found
[PUP] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {7F63CC78-CD0F-42A7-8074-E61A5930E1F2} : v2.26|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Tencent\QQPlayer\QPToolbox.exe|Name=QPToolBox|Desc=QPToolBox|EmbedCtxt=QPToolBox| [7] -> Found

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 7 ¤¤¤
[Hj.Name][File] C:\$SysReset\Scratch\csrss.exe -> Found
[PUP][Folder] C:\ProgramData\Tencent -> Found
[PUP][File] C:\Users\JAOUDHBOUB\Desktop\Internet Explorer.lnk [LNK@] C:\PROGRA~2\INTERN~1\iexplore.exe http://www.bahaty.com/red/i.php -> Found
[PUP][File] C:\Users\JAOUDHBOUB\Desktop\QQ??.lnk [LNK@] C:\PROGRA~2\Tencent\QQPlayer\QQPlayer.exe -> Found
[PUP][Folder] C:\Users\JAOUDHBOUB\AppData\Roaming\Tencent -> Found
[PUP][Folder] C:\ProgramData\Tencent -> Found
[PUP][Folder] C:\Program Files (x86)\Tencent -> Found

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤

¤¤¤ Web browsers : 1 ¤¤¤
[PUP][CHROME:Addon] Default : Alexa Traffic Rank [cknebhggccemgcnbidipinkifmmegdel] -> Found

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: LITEONIT LCS-128M6S 2.5 7mm 128GB +++++
--- User ---
[MBR] a870a5887d0dfc8dd6748ecf859be057
[BSP] 6b7fa7baa97d7d0c03d7a241b50c7830 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 500 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 1026048 | Size: 121603 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: TOSHIBA USB FLASH DRIVE USB Device +++++
--- User ---
[MBR] 7f19c3a5e66dc8d50aa0b982df55da0d
[BSP] 46da370ee715b7b3df2114b48f473394 : Legit.Unknown MBR Code
Partition table:
0 - [ACTIVE] FAT32-LBA (0xc) [VISIBLE] Offset (sectors): 8064 | Size: 7441 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive2: Kingston DataTraveler 2.0 USB Device +++++
--- User ---
[MBR] 7d778ef742e7ed5771c4e4cefc6b20ce
[BSP] 73f182b332449b82f0699b9fabd24d14 : Legit.Unknown MBR Code
Partition table:
0 - [ACTIVE] FAT32-LBA (0xc) [VISIBLE] Offset (sectors): 63 | Size: 14880 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

Signaler le contenu de ce document