rk-3FF2.tmp.txt

Document joint : GDbjW0UwAxQ_rk-3FF2.tmp.txt

Cliquez pour partager vos propres fichiers

Format du document : text/plain

Prévisualisation

ÿþRogueKiller V12.10.2.0 (x64) [Mar 27 2017] (Gratuit) par Adlice Software
email : http://www.adlice.com/contact/
Remontées : https://forum.adlice.com
Site web : http://www.adlice.com/fr/download/roguekiller/
Blog : http://www.adlice.com

Système d'exploitation : Windows 10 (10.0.10586) 64 bits version
Démarré en : Mode normal
Utilisateur : TEST [Administrateur]
Démarré depuis : C:\Users\TEST\Desktop\RogueKillerX64.exe
Mode : Scan -- Date : 04/01/2017 10:59:49 (Durée : 00:41:42)

¤¤¤ Processus : 0 ¤¤¤

¤¤¤ Registre : 15 ¤¤¤
[PUP.Gen0] (X64) HKEY_CLASSES_ROOT\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113} -> Trouvé(e)
[PUP.Gen0] (X64) HKEY_CLASSES_ROOT\CLSID\{BAC72C85-CEC6-4B86-AF06-FA20C259FAB8} (C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonBrowserHelper64.dll) -> Trouvé(e)
[PUP.Gen0] (X64) HKEY_CLASSES_ROOT\CLSID\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE} (C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonAppIE64.dll) -> Trouvé(e)
[PUP.Gen1] (X64) HKEY_CLASSES_ROOT\CLSID\{E4ADC61E-D06A-4E0E-8582-78C809CC8450} (C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonAppIE64.dll) -> Trouvé(e)
[PUP.Gen0] (X64) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar | {ae07101b-46d4-4a98-af68-0333ea26e113} : Smartbar -> Trouvé(e)
[Suspicious.Path] (X64) HKEY_USERS\S-1-5-21-2963462591-155463322-2120750002-1000\Software\Microsoft\Windows\CurrentVersion\Run | MyComGames : "C:\Users\TEST\AppData\Local\MyComGames\MyComGames.exe" -autostart [7] -> Trouvé(e)
[Suspicious.Path] (X86) HKEY_USERS\S-1-5-21-2963462591-155463322-2120750002-1000\Software\Microsoft\Windows\CurrentVersion\Run | MyComGames : "C:\Users\TEST\AppData\Local\MyComGames\MyComGames.exe" -autostart [7] -> Trouvé(e)
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-2963462591-155463322-2120750002-1000\Software\Microsoft\Internet Explorer\Main | Search Page : http://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=CH&userid=606f62de-b1fa-4ffe-9a2a-0bcad4db9b17&searchtype=ds&q={searchTerms}&installDate=09/03/2013 -> Trouvé(e)
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-2963462591-155463322-2120750002-1000\Software\Microsoft\Internet Explorer\Main | Search Page : http://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=CH&userid=606f62de-b1fa-4ffe-9a2a-0bcad4db9b17&searchtype=ds&q={searchTerms}&installDate=09/03/2013 -> Trouvé(e)
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-2963462591-155463322-2120750002-1000\Software\Microsoft\Internet Explorer\Main | Search Bar : http://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=CH&userid=606f62de-b1fa-4ffe-9a2a-0bcad4db9b17&searchtype=ds&q={searchTerms}&installDate=09/03/2013 -> Trouvé(e)
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-2963462591-155463322-2120750002-1000\Software\Microsoft\Internet Explorer\Main | Search Bar : http://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=CH&userid=606f62de-b1fa-4ffe-9a2a-0bcad4db9b17&searchtype=ds&q={searchTerms}&installDate=09/03/2013 -> Trouvé(e)
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{35874AC6-5C2D-4D8A-9C66-F3D98E11261F}C:\users\test\appdata\local\mycomgames\mycomgames.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\users\test\appdata\local\mycomgames\mycomgames.exe|Name=mycomgames.exe|Desc=mycomgames.exe| [7] -> Trouvé(e)
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{81AC2CA7-0310-4C89-9EE6-EB74C2AC94A7}C:\users\test\appdata\local\mycomgames\mycomgames.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\users\test\appdata\local\mycomgames\mycomgames.exe|Name=mycomgames.exe|Desc=mycomgames.exe| [7] -> Trouvé(e)
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-2963462591-155463322-2120750002-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Trouvé(e)
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-2963462591-155463322-2120750002-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Trouvé(e)

¤¤¤ Tâches : 0 ¤¤¤

¤¤¤ Fichiers : 0 ¤¤¤

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Fichier Hosts : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Chargé) ¤¤¤

¤¤¤ Navigateurs web : 0 ¤¤¤

¤¤¤ Vérification MBR : ¤¤¤
+++++ PhysicalDrive0: OCZ-VERTEX3 +++++
--- User ---
[MBR] ba34dbec08484abb24c45e3d39cb1017
[BSP] 4019fa2f28b9dc7edbc1a2b4375dd2f9 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 228384 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 467937280 | Size: 450 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: ST1000DM003-9YN162 +++++
--- User ---
[MBR] 0c4df6d22dbde0a8e8ca2e4c9ed31ea5
[BSP] 7ab396594105f1192652d351cba96e70 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 953867 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive2: WDC WD10EZRX-00D8PB0 +++++
--- User ---
[MBR] cba49bdef3ee4036da45af736f739a5b
[BSP] 4a802e235a1c431a2ed9a182b8c4aacd : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 953867 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

Signaler le contenu de ce document