{ "header": { "program": { "project": "RogueKiller", "version": "12.11.25.0", "x64": true, "date": "Nov 20 2017", "contact": "http://www.adlice.com/fr/contact/", "feedback": "https://forum.adlice.com", "website": "http://www.adlice.com/fr/download/roguekiller/", "blog": "http://www.adlice.com/fr/" }, "environment": { "operating_system": "Windows 7 (6.1.7601 Service Pack 1) 64 bits version", "boot": 0, "winpe": false, "user": "Dany", "user_admin": true, "program_location": "C:\\Users\\Dany\\Desktop\\RogueKiller_old64.exe", "x64": true, "licensing": "free" }, "report": { "type": 1, "aborted": false, "date": "11/21/2017 14:36:31", "duration": 641, "debug": false, "count": 6, "show_legit_hooks": false, "expert_mode": false, "switches": [] } }, "information": { "processes": [ { "name": "[System Process]", "name_parent": "", "pid": 0, "path": "", "command_line": "", "pid_parent": 0, "path_parent": "", "is_64": true }, { "name": "System", "name_parent": "", "pid": 4, "path": "", "command_line": "", "pid_parent": 0, "path_parent": "", "is_64": true }, { "name": "smss.exe", "name_parent": "", "pid": 420, "path": "C:\\Windows\\System32\\smss.exe", "command_line": "\\SystemRoot\\System32\\smss.exe", "pid_parent": 4, "path_parent": "", "is_64": true }, { "name": "csrss.exe", "name_parent": "", "pid": 600, "path": "C:\\Windows\\System32\\csrss.exe", "command_line": "%SystemRoot%\\system32\\csrss.exe ObjectDirectory=\\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16", "pid_parent": 572, "path_parent": "", "is_64": true }, { "name": "wininit.exe", "name_parent": "", "pid": 692, "path": "C:\\Windows\\System32\\wininit.exe", "command_line": "wininit.exe", "pid_parent": 572, "path_parent": "", "is_64": true }, { "name": "csrss.exe", "name_parent": "", "pid": 700, "path": "C:\\Windows\\System32\\csrss.exe", "command_line": "%SystemRoot%\\system32\\csrss.exe ObjectDirectory=\\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16", "pid_parent": 684, "path_parent": "", "is_64": true }, { "name": "services.exe", "name_parent": "wininit.exe", "pid": 740, "path": "C:\\Windows\\System32\\services.exe", "command_line": "C:\\Windows\\system32\\services.exe", "pid_parent": 692, "path_parent": "C:\\Windows\\System32\\wininit.exe", "is_64": true }, { "name": "lsass.exe", "name_parent": "wininit.exe", "pid": 768, "path": "C:\\Windows\\System32\\lsass.exe", "command_line": "C:\\Windows\\system32\\lsass.exe", "pid_parent": 692, "path_parent": "C:\\Windows\\System32\\wininit.exe", "is_64": true }, { "name": "lsm.exe", "name_parent": "wininit.exe", "pid": 776, "path": "C:\\Windows\\System32\\lsm.exe", "command_line": "C:\\Windows\\system32\\lsm.exe", "pid_parent": 692, "path_parent": "C:\\Windows\\System32\\wininit.exe", "is_64": true }, { "name": "winlogon.exe", "name_parent": "", "pid": 812, "path": "C:\\Windows\\System32\\winlogon.exe", "command_line": "winlogon.exe", "pid_parent": 684, "path_parent": "", "is_64": true }, { "name": "svchost.exe", "name_parent": "services.exe", "pid": 912, "path": "C:\\Windows\\System32\\svchost.exe", "command_line": "C:\\Windows\\system32\\svchost.exe -k DcomLaunch", "pid_parent": 740, "path_parent": "C:\\Windows\\System32\\services.exe", "is_64": true }, { "name": "vsserv.exe", "name_parent": "services.exe", "pid": 968, "path": "C:\\Program Files\\Bitdefender\\Bitdefender 2017\\vsserv.exe", "command_line": "\"C:\\Program Files\\Bitdefender\\Bitdefender 2017\\vsserv.exe\" /service", "pid_parent": 740, "path_parent": "C:\\Windows\\System32\\services.exe", "is_64": true }, { "name": "svchost.exe", "name_parent": "services.exe", "pid": 1068, "path": "C:\\Windows\\System32\\svchost.exe", "command_line": "C:\\Windows\\system32\\svchost.exe -k RPCSS", "pid_parent": 740, "path_parent": "C:\\Windows\\System32\\services.exe", "is_64": true }, { "name": "svchost.exe", "name_parent": "services.exe", "pid": 1152, "path": "C:\\Windows\\System32\\svchost.exe", "command_line": "C:\\Windows\\System32\\svchost.exe -k LocalServiceNetworkRestricted", "pid_parent": 740, "path_parent": "C:\\Windows\\System32\\services.exe", "is_64": true }, { "name": "DevMgmtService.exe", "name_parent": "services.exe", "pid": 1180, "path": "C:\\Program Files\\Bitdefender\\Bitdefender Device Management\\DevMgmtService.exe", "command_line": "\"C:\\Program Files\\Bitdefender\\Bitdefender Device Management\\DevMgmtService.exe\"", "pid_parent": 740, "path_parent": "C:\\Windows\\System32\\services.exe", "is_64": true }, { "name": "svchost.exe", "name_parent": "services.exe", "pid": 1244, "path": "C:\\Windows\\System32\\svchost.exe", "command_line": "C:\\Windows\\System32\\svchost.exe -k LocalSystemNetworkRestricted", "pid_parent": 740, "path_parent": "C:\\Windows\\System32\\services.exe", "is_64": true }, { "name": "svchost.exe", "name_parent": "services.exe", "pid": 1292, "path": "C:\\Windows\\System32\\svchost.exe", "command_line": "C:\\Windows\\system32\\svchost.exe -k LocalService", "pid_parent": 740, "path_parent": "C:\\Windows\\System32\\services.exe", "is_64": true }, { "name": "svchost.exe", "name_parent": "services.exe", "pid": 1328, "path": "C:\\Windows\\System32\\svchost.exe", "command_line": "C:\\Windows\\system32\\svchost.exe -k netsvcs", "pid_parent": 740, "path_parent": "C:\\Windows\\System32\\services.exe", "is_64": true }, { "name": "svchost.exe", "name_parent": "services.exe", "pid": 1464, "path": "C:\\Windows\\System32\\svchost.exe", "command_line": "C:\\Windows\\system32\\svchost.exe -k GPSvcGroup", "pid_parent": 740, "path_parent": "C:\\Windows\\System32\\services.exe", "is_64": true }, { "name": "igfxCUIService.exe", "name_parent": "services.exe", "pid": 1540, "path": "C:\\Windows\\System32\\igfxCUIService.exe", "command_line": "C:\\Windows\\system32\\igfxCUIService.exe", "pid_parent": 740, "path_parent": "C:\\Windows\\System32\\services.exe", "is_64": true }, { "name": "svchost.exe", "name_parent": "services.exe", "pid": 1624, "path": "C:\\Windows\\System32\\svchost.exe", "command_line": "C:\\Windows\\system32\\svchost.exe -k NetworkService", "pid_parent": 740, "path_parent": "C:\\Windows\\System32\\services.exe", "is_64": true }, { "name": "spoolsv.exe", "name_parent": "services.exe", "pid": 1788, "path": "C:\\Windows\\System32\\spoolsv.exe", "command_line": "C:\\Windows\\System32\\spoolsv.exe", "pid_parent": 740, "path_parent": "C:\\Windows\\System32\\services.exe", "is_64": true }, { "name": "svchost.exe", "name_parent": "services.exe", "pid": 1820, "path": "C:\\Windows\\System32\\svchost.exe", "command_line": "C:\\Windows\\system32\\svchost.exe -k LocalServiceNoNetwork", "pid_parent": 740, "path_parent": "C:\\Windows\\System32\\services.exe", "is_64": true }, { "name": "armsvc.exe", "name_parent": "services.exe", "pid": 2004, "path": "C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\armsvc.exe", "command_line": "\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\armsvc.exe\"", "pid_parent": 740, "path_parent": "C:\\Windows\\System32\\services.exe", "is_64": false }, { "name": "ABService.exe", "name_parent": "services.exe", "pid": 1648, "path": "C:\\Program Files (x86)\\AOMEI Backupper\\ABService.exe", "command_line": "\"C:\\Program Files (x86)\\AOMEI Backupper\\ABService.exe\"", "pid_parent": 740, "path_parent": "C:\\Windows\\System32\\services.exe", "is_64": false }, { "name": "taskhost.exe", "name_parent": "services.exe", "pid": 2200, "path": "C:\\Windows\\System32\\taskhost.exe", "command_line": "\"taskhost.exe\"", "pid_parent": 740, "path_parent": "C:\\Windows\\System32\\services.exe", "is_64": true }, { "name": "dwm.exe", "name_parent": "svchost.exe", "pid": 2256, "path": "C:\\Windows\\System32\\dwm.exe", "command_line": "\"C:\\Windows\\system32\\Dwm.exe\"", "pid_parent": 1244, "path_parent": "C:\\Windows\\System32\\svchost.exe", "is_64": true }, { "name": "explorer.exe", "name_parent": "", "pid": 2284, "path": "C:\\Windows\\explorer.exe", "command_line": "C:\\Windows\\Explorer.EXE", "pid_parent": 2244, "path_parent": "", "is_64": true }, { "name": "OfficeClickToRun.exe", "name_parent": "services.exe", "pid": 2408, "path": "C:\\Program Files\\Common Files\\Microsoft Shared\\ClickToRun\\OfficeClickToRun.exe", "command_line": "\"C:\\Program Files\\Common Files\\Microsoft Shared\\ClickToRun\\OfficeClickToRun.exe\" /service", "pid_parent": 740, "path_parent": "C:\\Windows\\System32\\services.exe", "is_64": true }, { "name": "svchost.exe", "name_parent": "services.exe", "pid": 2444, "path": "C:\\Windows\\System32\\svchost.exe", "command_line": "C:\\Windows\\System32\\svchost.exe -k utcsvc", "pid_parent": 740, "path_parent": "C:\\Windows\\System32\\services.exe", "is_64": true }, { "name": "svchost.exe", "name_parent": "services.exe", "pid": 2488, "path": "C:\\Windows\\System32\\svchost.exe", "command_line": "C:\\Windows\\system32\\svchost.exe -k LocalServiceAndNoImpersonation", "pid_parent": 740, "path_parent": "C:\\Windows\\System32\\services.exe", "is_64": true }, { "name": "NBService.exe", "name_parent": "services.exe", "pid": 2520, "path": "C:\\Program Files (x86)\\Common Files\\Nero\\Nero BackItUp 4\\NBService.exe", "command_line": "\"C:\\Program Files (x86)\\Common Files\\Nero\\Nero BackItUp 4\\NBService.exe\"", "pid_parent": 740, "path_parent": "C:\\Windows\\System32\\services.exe", "is_64": false }, { "name": "ProductAgentService.exe", "name_parent": "services.exe", "pid": 2628, "path": "C:\\Program Files\\Bitdefender Agent\\ProductAgentService.exe", "command_line": "\"C:\\Program Files\\Bitdefender Agent\\ProductAgentService.exe\"", "pid_parent": 740, "path_parent": "C:\\Windows\\System32\\services.exe", "is_64": false }, { "name": "ss_conn_service.exe", "name_parent": "services.exe", "pid": 2744, "path": "C:\\Program Files (x86)\\Samsung\\USB Drivers\\27_ssconn\\conn\\ss_conn_service.exe", "command_line": "\"C:\\Program Files (x86)\\Samsung\\USB Drivers\\27_ssconn\\conn\\ss_conn_service.exe\"", "pid_parent": 740, "path_parent": "C:\\Windows\\System32\\services.exe", "is_64": false }, { "name": "svchost.exe", "name_parent": "services.exe", "pid": 2836, "path": "C:\\Windows\\System32\\svchost.exe", "command_line": "C:\\Windows\\system32\\svchost.exe -k imgsvc", "pid_parent": 740, "path_parent": "C:\\Windows\\System32\\services.exe", "is_64": true }, { "name": "bdagent.exe", "name_parent": "Explorer.EXE", "pid": 2856, "path": "C:\\Program Files\\Bitdefender\\Bitdefender 2017\\bdagent.exe", "command_line": "\"C:\\Program Files\\Bitdefender\\Bitdefender 2017\\bdagent.exe\" ", "pid_parent": 2284, "path_parent": "C:\\Windows\\explorer.exe", "is_64": true }, { "name": "updatesrv.exe", "name_parent": "services.exe", "pid": 2888, "path": "C:\\Program Files\\Bitdefender\\Bitdefender 2017\\updatesrv.exe", "command_line": "\"C:\\Program Files\\Bitdefender\\Bitdefender 2017\\updatesrv.exe\" /service", "pid_parent": 740, "path_parent": "C:\\Windows\\System32\\services.exe", "is_64": true }, { "name": "WsAppService.exe", "name_parent": "services.exe", "pid": 3004, "path": "C:\\Program Files (x86)\\Wondershare\\WAF\\2.3.1.1\\WsAppService.exe", "command_line": "\"C:\\Program Files (x86)\\Wondershare\\WAF\\2.3.1.1\\WsAppService.exe\"", "pid_parent": 740, "path_parent": "C:\\Windows\\System32\\services.exe", "is_64": true }, { "name": "ONENOTEM.EXE", "name_parent": "Explorer.EXE", "pid": 3196, "path": "C:\\Program Files (x86)\\Microsoft Office\\root\\Office16\\ONENOTEM.EXE", "command_line": "\"C:\\Program Files (x86)\\Microsoft Office\\root\\Office16\\ONENOTEM.EXE\" /tsr", "pid_parent": 2284, "path_parent": "C:\\Windows\\explorer.exe", "is_64": false }, { "name": "ABNotify.exe", "name_parent": "", "pid": 3264, "path": "C:\\Program Files (x86)\\AOMEI Backupper\\ABNotify.exe", "command_line": "\"C:\\Program Files (x86)\\AOMEI Backupper\\ABNotify.exe\" -auto", "pid_parent": 2756, "path_parent": "", "is_64": false }, { "name": "MBAMService.exe", "name_parent": "services.exe", "pid": 3380, "path": "C:\\Program Files\\Malwarebytes\\Anti-Malware\\mbamservice.exe", "command_line": "\"C:\\Program Files\\Malwarebytes\\Anti-Malware\\mbamservice.exe\"", "pid_parent": 740, "path_parent": "C:\\Windows\\System32\\services.exe", "is_64": true }, { "name": "PresentationFontCache.exe", "name_parent": "services.exe", "pid": 3708, "path": "C:\\Windows\\Microsoft.Net\\Framework64\\v3.0\\WPF\\PresentationFontCache.exe", "command_line": "C:\\Windows\\Microsoft.Net\\Framework64\\v3.0\\WPF\\PresentationFontCache.exe", "pid_parent": 740, "path_parent": "C:\\Windows\\System32\\services.exe", "is_64": true }, { "name": "igfxEM.exe", "name_parent": "", "pid": 3900, "path": "C:\\Windows\\System32\\igfxEM.exe", "command_line": "igfxEM.exe ", "pid_parent": 3856, "path_parent": "", "is_64": true }, { "name": "igfxHK.exe", "name_parent": "", "pid": 3920, "path": "C:\\Windows\\System32\\igfxHK.exe", "command_line": "igfxHK.exe ", "pid_parent": 3856, "path_parent": "", "is_64": true }, { "name": "igfxTray.exe", "name_parent": "", "pid": 3936, "path": "C:\\Windows\\System32\\igfxTray.exe", "command_line": "igfxTray.exe ", "pid_parent": 3856, "path_parent": "", "is_64": true }, { "name": "CCleaner64.exe", "name_parent": "", "pid": 4132, "path": "C:\\Program Files\\CCleaner\\CCleaner64.exe", "command_line": "\"C:\\Program Files\\CCleaner\\CCleaner.exe\" /MONITOR /uac", "pid_parent": 3288, "path_parent": "", "is_64": true }, { "name": "SearchIndexer.exe", "name_parent": "services.exe", "pid": 4456, "path": "C:\\Windows\\System32\\SearchIndexer.exe", "command_line": "C:\\Windows\\system32\\SearchIndexer.exe /Embedding", "pid_parent": 740, "path_parent": "C:\\Windows\\System32\\services.exe", "is_64": true }, { "name": "mbamtray.exe", "name_parent": "mbamservice.exe", "pid": 4552, "path": "C:\\Program Files\\Malwarebytes\\Anti-Malware\\mbamtray.exe", "command_line": "\"C:\\Program Files\\Malwarebytes\\Anti-Malware\\mbamtray.exe\" ", "pid_parent": 3380, "path_parent": "C:\\Program Files\\Malwarebytes\\Anti-Malware\\mbamservice.exe", "is_64": false }, { "name": "wmpnetwk.exe", "name_parent": "services.exe", "pid": 4616, "path": "C:\\Program Files\\Windows Media Player\\wmpnetwk.exe", "command_line": "\"C:\\Program Files\\Windows Media Player\\wmpnetwk.exe\"", "pid_parent": 740, "path_parent": "C:\\Windows\\System32\\services.exe", "is_64": true }, { "name": "svchost.exe", "name_parent": "services.exe", "pid": 4996, "path": "C:\\Windows\\System32\\svchost.exe", "command_line": "C:\\Windows\\System32\\svchost.exe -k LocalServicePeerNet", "pid_parent": 740, "path_parent": "C:\\Windows\\System32\\services.exe", "is_64": true }, { "name": "svchost.exe", "name_parent": "services.exe", "pid": 5072, "path": "C:\\Windows\\System32\\svchost.exe", "command_line": "C:\\Windows\\system32\\svchost.exe -k NetworkServiceNetworkRestricted", "pid_parent": 740, "path_parent": "C:\\Windows\\System32\\services.exe", "is_64": true }, { "name": "bdredline.exe", "name_parent": "services.exe", "pid": 6464, "path": "C:\\Program Files\\Common Files\\Bitdefender\\SetupInformation\\Bitdefender RedLine\\bdredline.exe", "command_line": "\"C:\\Program Files\\Common Files\\Bitdefender\\SetupInformation\\Bitdefender RedLine\\bdredline.exe\"", "pid_parent": 740, "path_parent": "C:\\Windows\\System32\\services.exe", "is_64": true }, { "name": "bdwtxag.exe", "name_parent": "", "pid": 2712, "path": "C:\\Program Files\\Bitdefender\\Bitdefender 2017\\bdwtxag.exe", "command_line": "\"C:\\Program Files\\Bitdefender\\Bitdefender 2017\\bdwtxag.exe \"", "pid_parent": 1460, "path_parent": "", "is_64": true }, { "name": "audiodg.exe", "name_parent": "svchost.exe", "pid": 828, "path": "C:\\Windows\\System32\\audiodg.exe", "command_line": "", "pid_parent": 1152, "path_parent": "C:\\Windows\\System32\\svchost.exe", "is_64": true }, { "name": "SearchProtocolHost.exe", "name_parent": "SearchIndexer.exe", "pid": 2172, "path": "C:\\Windows\\System32\\SearchProtocolHost.exe", "command_line": "\"C:\\Windows\\system32\\SearchProtocolHost.exe\" Global\\UsGthrFltPipeMssGthrPipe14_ Global\\UsGthrCtrlFltPipeMssGthrPipe14 1 -2147483646 \"Software\\Microsoft\\Windows Search\" \"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\" \"C:\\ProgramData\\Microsoft\\Search\\Data\\Temp\\usgthrsvc\" \"DownLevelDaemon\" ", "pid_parent": 4456, "path_parent": "C:\\Windows\\System32\\SearchIndexer.exe", "is_64": true }, { "name": "SearchFilterHost.exe", "name_parent": "SearchIndexer.exe", "pid": 5208, "path": "C:\\Windows\\System32\\SearchFilterHost.exe", "command_line": "\"C:\\Windows\\system32\\SearchFilterHost.exe\" 0 532 536 544 65536 540 ", "pid_parent": 4456, "path_parent": "C:\\Windows\\System32\\SearchIndexer.exe", "is_64": true }, { "name": "RogueKiller_old64.exe", "name_parent": "Explorer.EXE", "pid": 2476, "path": "C:\\Users\\Dany\\Desktop\\RogueKiller_old64.exe", "command_line": "\"C:\\Users\\Dany\\Desktop\\RogueKiller_old64.exe\" ", "pid_parent": 2284, "path_parent": "C:\\Windows\\explorer.exe", "is_64": true }, { "name": "WmiPrvSE.exe", "name_parent": "svchost.exe", "pid": 6060, "path": "C:\\Windows\\System32\\wbem\\WmiPrvSE.exe", "command_line": "C:\\Windows\\system32\\wbem\\wmiprvse.exe", "pid_parent": 912, "path_parent": "C:\\Windows\\System32\\svchost.exe", "is_64": true } ] }, "results": { "processes": [], "modules": [], "services": [], "registry": [ { "scan_what": 2, "scan_how": [ 7 ], "scan_how_trigger": 7, "vendors": [ "PUP.ByteFence", "PUP.Gen1" ], "rule_name": "SOFTWARE", "view": 256, "value": "", "subkey": "ByteFence", "value_old_data": "", "value_data": "", "path": "HKEY_USERS\\.DEFAULT\\Software", "extra": "", "files_status": "", "vtscore": -1, "files": [], "status_str": "TROUVÉ", "status_choice": 1, "status_removed": 0 }, { "scan_what": 2, "scan_how": [ 7 ], "scan_how_trigger": 7, "vendors": [ "PUP.ByteFence", "PUP.Gen1" ], "rule_name": "SOFTWARE", "view": 512, "value": "", "subkey": "ByteFence", "value_old_data": "", "value_data": "", "path": "HKEY_USERS\\.DEFAULT\\Software", "extra": "", "files_status": "", "vtscore": -1, "files": [], "status_str": "TROUVÉ", "status_choice": 1, "status_removed": 0 }, { "scan_what": 2, "scan_how": [ 7 ], "scan_how_trigger": 7, "vendors": [ "PUP.ByteFence", "PUP.Gen1" ], "rule_name": "SOFTWARE", "view": 256, "value": "", "subkey": "ByteFence", "value_old_data": "", "value_data": "", "path": "HKEY_USERS\\S-1-5-18\\Software", "extra": "", "files_status": "", "vtscore": -1, "files": [], "status_str": "TROUVÉ", "status_choice": 1, "status_removed": 0 }, { "scan_what": 2, "scan_how": [ 7 ], "scan_how_trigger": 7, "vendors": [ "PUP.ByteFence", "PUP.Gen1" ], "rule_name": "SOFTWARE", "view": 512, "value": "", "subkey": "ByteFence", "value_old_data": "", "value_data": "", "path": "HKEY_USERS\\S-1-5-18\\Software", "extra": "", "files_status": "", "vtscore": -1, "files": [], "status_str": "TROUVÉ", "status_choice": 1, "status_removed": 0 } ], "tasks": [], "filesystem": [ { "scan_what": 3, "scan_how": [ 1, 2, 9 ], "vendors": [ "Tr.Gen" ], "status_choice": 2, "processed": [ { "type": 2, "name": "Update", "path_expanded": "C:\\Program Files (x86)\\Update", "path_compressed": "%programfiles(x86)%\\Update", "extra": "", "md5": "", "md5_low_level": "", "forged": false, "lnk_target": "", "lnk_args": "", "junc_target": "", "junc_tag": 0, "junc_error": 0, "exists": true, "signed": false, "signer": "", "status_str": "TROUVÉ", "status_removed": 0 } ] } ], "wmi": [], "hosts": { "is_too_big": false, "lines": [] }, "antirootkit": { "is_driver_loaded": false, "driver_error": 3221226347, "results": [] }, "web_browsers": [ { "scan_what": 2, "scan_how": [ 2 ], "vendors": [ "PUM.HomePage" ], "browser": 1, "browser_str": "Firefox", "config": { "user": "ewa7t1ij.default", "line": "user_pref(\"browser.startup.homepage\", \"http://www.orange.fr/portail\");", "key": "browser.startup.homepage", "value": "http://www.orange.fr/portail", "line_count": 69 }, "status_str": "TROUVÉ", "status_malicious": true, "status_choice": 1, "status_removed": 0 } ], "disk": { "results": [], "mbr": "+++++ PhysicalDrive0: SanDisk SDSSDHP128G SCSI Disk Device +++++\n--- User ---\n[MBR] f46289ded3607f0efeb652645db234ec\n[BSP] 52b1067b2e28da7d2093ad9e4d2ad919 : Windows Vista/7/8|VT.Unknown MBR Code\nPartition table:\n0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 350 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]\n1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 718848 | Size: 121752 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]\nUser = LL1 ... OK\nUser = LL2 ... OK\n\n+++++ PhysicalDrive1: WDC WD10EZEX-00BN5A0 SCSI Disk Device +++++\n--- User ---\n[MBR] 4d6f3434cbd480408867a0d0c2132e8e\n[BSP] ef0c8449cc2bae59f0f87d7c42c27dac : Windows Vista/7/8|VT.Unknown MBR Code\nPartition table:\n0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 953867 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]\nUser = LL1 ... OK\nUser = LL2 ... OK\n\n" } } }