cjoint

Publicité

Cliquez pour partager vos propres fichiers

Publicité

Format du document : text/plain

Prévisualisation

ÿþRogueKiller V12.9.6.0 (x64) [Jan 30 2017] (Premium) (H'37) (1F'E, Adlice
'D(1J/ 'D%DC*1HFJ : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
'DEHB9 : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

F8'E 'D*4:JD : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
J(/# AJ : 'DH69 'D7(J9J
'DE3*./E : sk [E3$HD]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
'DH69 : A-5 -- 'DJHE : 02/01/2017 22:47:45 (Duration : 00:19:23)

¤¤¤ 'D9EDJ) : 2 ¤¤¤
[VT.PUP.Optional.EmployeeMonitor] NLSAgentSvc.exe(1088) -- C:\Program Files (x86)\Net Monitor for Employees Pro\bin\NLSAgentSvc.exe[7] -> ???
[VT.W32.HfsAdware.A934] NLSupervisorPro.exe(4884) -- C:\Program Files (x86)\Net Monitor for Employees Pro\bin\NLSupervisorPro.exe[7] -> ???

¤¤¤ 'DE3,D : 26 ¤¤¤
[PUP.Gen1] (X64) HKEY_USERS\.DEFAULT\Software\Mobogenie -> ???
[PUP.Gen1] (X86) HKEY_USERS\.DEFAULT\Software\Mobogenie -> ???
[PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-1118053748-3941602973-2339576242-1000\Software\IM -> ???
[PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-1118053748-3941602973-2339576242-1000\Software\ProductSetup -> ???
[PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-1118053748-3941602973-2339576242-1000\Software\Torch -> ???
[PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-1118053748-3941602973-2339576242-1000\Software\IM -> ???
[PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-1118053748-3941602973-2339576242-1000\Software\ProductSetup -> ???
[PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-1118053748-3941602973-2339576242-1000\Software\Torch -> ???
[PUP.Gen1] (X64) HKEY_USERS\S-1-5-18\Software\Mobogenie -> ???
[PUP.Gen1] (X86) HKEY_USERS\S-1-5-18\Software\Mobogenie -> ???
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\OVPNService ("C:\Users\sk\AppData\Local\TotalVPN\OVPN.Service.exe") -> ???
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\OVPNService ("C:\Users\sk\AppData\Local\TotalVPN\OVPN.Service.exe") -> ???
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 192.168.1.1 0.0.0.0 ([-][]) -> ???
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 192.168.1.1 0.0.0.0 ([-][]) -> ???
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{4B5B2A62-4D66-4795-9084-6D39E16F51CE} | DhcpNameServer : 192.168.1.1 0.0.0.0 ([-][]) -> ???
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{4B5B2A62-4D66-4795-9084-6D39E16F51CE} | DhcpNameServer : 192.168.1.1 0.0.0.0 ([-][]) -> ???
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{9260C696-C811-4C3D-9D80-F8BD700F1201}C:\users\sk\appdata\local\temp\rar$exa0.727\lanlaunch\lanlaunch.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\users\sk\appdata\local\temp\rar$exa0.727\lanlaunch\lanlaunch.exe|Name=lanlaunch.exe|Desc=lanlaunch.exe|Defer=User| [x] -> ???
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{C707D6F8-91F0-485D-B8FC-1CA8DEEA67DF}C:\users\sk\appdata\local\temp\rar$exa0.727\lanlaunch\lanlaunch.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\users\sk\appdata\local\temp\rar$exa0.727\lanlaunch\lanlaunch.exe|Name=lanlaunch.exe|Desc=lanlaunch.exe|Defer=User| [x] -> ???
[PUP.Gen1] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {85AC8BCF-954D-493B-A3FE-DB355588EF3D} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Mobogenie3\mobogenieP2sp.exe|Name=downloader| [x] -> ???
[PUP.Gen1] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {699B2E40-3C4B-4E97-871F-82FDDE1EED25} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Mobogenie3\mobogenieP2sp.exe|Name=downloader| [x] -> ???
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{9260C696-C811-4C3D-9D80-F8BD700F1201}C:\users\sk\appdata\local\temp\rar$exa0.727\lanlaunch\lanlaunch.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\users\sk\appdata\local\temp\rar$exa0.727\lanlaunch\lanlaunch.exe|Name=lanlaunch.exe|Desc=lanlaunch.exe|Defer=User| [x] -> ???
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{C707D6F8-91F0-485D-B8FC-1CA8DEEA67DF}C:\users\sk\appdata\local\temp\rar$exa0.727\lanlaunch\lanlaunch.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\users\sk\appdata\local\temp\rar$exa0.727\lanlaunch\lanlaunch.exe|Name=lanlaunch.exe|Desc=lanlaunch.exe|Defer=User| [x] -> ???
[PUP.Gen1] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {85AC8BCF-954D-493B-A3FE-DB355588EF3D} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Mobogenie3\mobogenieP2sp.exe|Name=downloader| [x] -> ???
[PUP.Gen1] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {699B2E40-3C4B-4E97-871F-82FDDE1EED25} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Mobogenie3\mobogenieP2sp.exe|Name=downloader| [x] -> ???
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> ???
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> ???

¤¤¤ 'DEG'E : 0 ¤¤¤

¤¤¤ 'DEDA'* : 4 ¤¤¤
[PUP.Gen1][EDA] C:\Users\sk\AppData\Roaming\Mobogenie -> ???
[PUP.Gen1][EDA] C:\Users\sk\AppData\Local\Torch -> ???
[PUP.Gen1][EDA] C:\Program Files (x86)\Mobogenie3 -> ???
[PUP.Firefox][EDA] C:\Users\sk\AppData\Roaming\Mozilla\Firefox\Profiles\xvmpq9hm.default\Invalidprefs.js -> ???

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ EDA 'DGH3* : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: E-ED) ¤¤¤

¤¤¤ 'DE*5A- : 0 ¤¤¤

¤¤¤ A-5 'D MBR : ¤¤¤
+++++ PhysicalDrive0: ST4000DM000-1F2168 ATA Device +++++
--- User ---
[MBR] 0086f36f0b7bc8b257f89fc226376c3d
[BSP] 9e3b3c473b1db0daa516427cdae6e1cc : Windows Vista/7/8 MBR Code
Partition table:
0 - Microsoft reserved partition | Offset (sectors): 34 | Size: 128 MB
1 - Basic data partition | Offset (sectors): 264192 | Size: 3815318 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: ST4000DM000-1F2168 ATA Device +++++
--- User ---
[MBR] 0086f36f0b7bc8b257f89fc226376c3d
[BSP] 9e3b3c473b1db0daa516427cdae6e1cc : Windows Vista/7/8 MBR Code
Partition table:
0 - Microsoft reserved partition | Offset (sectors): 34 | Size: 128 MB
1 - Basic data partition | Offset (sectors): 264192 | Size: 3815318 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive2: ST4000DM000-1F2168 ATA Device +++++
--- User ---
[MBR] 0086f36f0b7bc8b257f89fc226376c3d
[BSP] 9e3b3c473b1db0daa516427cdae6e1cc : Windows Vista/7/8 MBR Code
Partition table:
0 - Microsoft reserved partition | Offset (sectors): 34 | Size: 128 MB
1 - Basic data partition | Offset (sectors): 264192 | Size: 3815318 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive3: ST250DM000-1BD141 ATA Device +++++
--- User ---
[MBR] ba8dcd0e83194c54ddade66c21229935
[BSP] b5ef7adda760a6c590a47b374998465a : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 238379 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive4: ST4000DX001-1CE168 ATA Device +++++
--- User ---
[MBR] 0086f36f0b7bc8b257f89fc226376c3d
[BSP] 9e3b3c473b1db0daa516427cdae6e1cc : Windows Vista/7/8 MBR Code
Partition table:
0 - Microsoft reserved partition | Offset (sectors): 34 | Size: 128 MB
1 - Basic data partition | Offset (sectors): 264192 | Size: 3815318 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive5: SanDisk Cruzer Blade USB Device +++++
--- User ---
[MBR] 3d2c9e9c28b964a9e55b905505c2c8e8
[BSP] 574103611cef5986b7571fedf65a3777 : Legit.Unknown|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 15263 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
Error reading LL2 MBR! ([32] ??????? ??? ?????. )

Publicité

Signaler le contenu de ce document

Publicité