cjoint

Publicité

Cliquez pour partager vos propres fichiers

Publicité

Format du document : text/plain

Prévisualisation

ÿþRogueKiller V12.12.0.0 (x64) [Jan 15 2018] (Gratuit) par Adlice Software
email : http://www.adlice.com/fr/contact/
Remontées : https://forum.adlice.com
Site web : http://www.adlice.com/fr/download/roguekiller/
Blog : http://www.adlice.com/fr/

Système d'exploitation : Windows 10 (10.0.15063) 64 bits version
Démarré en : Mode normal
Utilisateur : isen [Administrateur]
Démarré depuis : C:\Program Files\RogueKiller\RogueKiller64.exe
Mode : Scan -- Date : 01/22/2018 00:27:54 (Durée : 00:28:54)

¤¤¤ Processus : 0 ¤¤¤

¤¤¤ Registre : 16 ¤¤¤
[PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-4020342985-565055704-1982897350-1001\Software\IM -> Trouvé(e)
[PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-4020342985-565055704-1982897350-1001\Software\IM -> Trouvé(e)
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\0129611516527001mcinstcleanup (C:\Users\isen\AppData\Local\Temp\012961~1.EXE -cleanup -nolog) -> Trouvé(e)
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {8208AAA8-2AB3-414E-99C5-74D6A878AABD} : v2.27|Action=Allow|Active=TRUE|Dir=In|App=C:\Users\isen\AppData\Local\Apowersoft\Online Audio Recorder\Online Audio Recorder.exe|Name=Online Audio Recorder| [7] -> Trouvé(e)
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {A3323D79-E19A-4EEC-A15D-107F60F93B0F} : v2.27|Action=Allow|Active=TRUE|Dir=Out|App=C:\Users\isen\AppData\Local\Apowersoft\Online Audio Recorder\Online Audio Recorder.exe|Name=Online Audio Recorder| [7] -> Trouvé(e)
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {087E16B3-5497-40F9-B4EF-B23D7DCA795B} : v2.27|Action=Allow|Active=TRUE|Dir=In|Profile=Private|App=C:\ProgramData\Blackmagic Design\DaVinci Resolve\Support\QtDecoder\QTDecoder.exe|Name=DaVinciResolveQtdecoder| [x] -> Trouvé(e)
[PUP.Gen1] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {CE66BD04-43BE-442D-882A-5273F4E2AC10} : v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Popcorn Time\Updater.exe|Name=Updater.exe| [x] -> Trouvé(e)
[PUP.Gen1] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {CD7DC869-AA78-4901-86A8-570B0CE50F45} : v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Popcorn Time\Updater.exe|Name=Updater.exe| [x] -> Trouvé(e)
[PUP.Gen1] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {7494D90D-A827-4BA3-885F-6564BAF72E7A} : v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe|Name=Popcorn Time| [x] -> Trouvé(e)
[PUP.Gen1] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {A3BE1227-030D-4B60-946A-D58C3FC369B1} : v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe|Name=Popcorn Time| [x] -> Trouvé(e)
[PUP.Gen1] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {90189177-FE6E-40D0-8300-DC1BABD80AD2} : v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Popcorn Time\chromecast\node.exe|Name=node.exe| [x] -> Trouvé(e)
[PUP.Gen1] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {DFE60BBB-512F-48A9-B3DD-80229833FCB5} : v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Popcorn Time\chromecast\node.exe|Name=node.exe| [x] -> Trouvé(e)
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-4020342985-565055704-1982897350-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Trouvé(e)
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-4020342985-565055704-1982897350-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Trouvé(e)
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-4020342985-565055704-1982897350-500\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Trouvé(e)
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-4020342985-565055704-1982897350-500\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Trouvé(e)

¤¤¤ Tâches : 0 ¤¤¤

¤¤¤ Fichiers : 4 ¤¤¤
[Keylog.Gen0][Répertoire] C:\ProgramData\rvlkl -> Trouvé(e)
[PUP.Gen1][Répertoire] C:\Users\isen\AppData\Roaming\MPC -> Trouvé(e)
[Hidden.ADS][Flux] C:\ProgramData:482EE99B1E21CE8C -> Trouvé(e)
[Keylog.Gen0][Répertoire] C:\ProgramData\rvlkl -> Trouvé(e)

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Fichier Hosts : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Chargé) ¤¤¤

¤¤¤ Navigateurs web : 0 ¤¤¤

¤¤¤ Vérification MBR : ¤¤¤
+++++ PhysicalDrive0: HGST HTS721075A9E630 SCSI Disk Device +++++
--- User ---
[MBR] 039dfef2128ca86e75ad62aad6a6fecd
[BSP] 11593a722797f0131c8c495eb4b8bf96 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 715402 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: INTEL SSDSCIHF120A4H SCSI Disk Device +++++
--- User ---
[MBR] a0e3ebbbe69eda09eb27d292fe67edd2
[BSP] 46b18d42bcf31f27287d70e6b1b54db3 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 1025 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2101248 | Size: 98436 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 203698176 | Size: 12958 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
3 - [XXXXXX] FAT32 (0xb) [VISIBLE] Offset (sectors): 230236160 | Size: 2048 MB
User = LL1 ... OK
User = LL2 ... OK

Publicité

Signaler le contenu de ce document

Publicité