cjoint

Publicité

Cliquez pour partager vos propres fichiers

Publicité

Format du document : text/plain

Prévisualisation

ÿþRogueKiller Anti-Malware V13.1.3.0 [Jan 24 2019] (Free) by Adlice Software
mail : https://adlice.com/contact/
Website : https://adlice.com/download/roguekiller/
Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits
Started in : Normal mode
User : p [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller.exe
Signatures : 20190121_152739, Driver : Loaded
Mode : Standard Scan, Scan -- Date : 2019/01/30 15:56:12 (Duration : 00:56:34)
Switches : -refid 3

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
[VT.Unknown (Potentially Malicious)] DFServ.exe (892) -- C:\Program Files\Faronics\Deep Freeze\Install C-0\DFServ.exe -> Found

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Process Modules ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Services ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
[VT.Unknown (Potentially Malicious)] tapstrong (0) -- (Strong Technology, LLC) system32\DRIVERS\tapstrong.sys -> Found
[PUP.Gen1 (Potentially Malicious)] Util Norpalla (0) -- "C:\Program Files\Norpalla\bin\utilNorpalla.exe" -> Found

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Tasks ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
[PUP.Gen1|Adw.PayByAds (Malicious)] (Microsoft Windows) \Yahoo! Search Updater -- wscript.exe [//B "C:\Users\p\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\..\updt.js"] -> Found

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Registry ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
>>>>>> O101 - Clsid
[PUP.Gen1 (Potentially Malicious)] HKEY_CLASSES_ROOT\CLSID\{0B257DAE-66FE-4A5B-954F-0DA536599865} -- (Maxiget Limited) "C:\Program Files\Maxiget\Updater\70.3.29.7018\MaxigetUpdaterBroker.exe" -> Found
[PUP.Gen0 (Potentially Malicious)] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} -- N/A -> Found
[PUP.Gen1 (Potentially Malicious)] HKEY_CLASSES_ROOT\CLSID\{2EDC1FA7-A499-4B61-A8EF-6D7358086220} -- (Maxiget Limited) C:\Program Files\Maxiget\Updater\70.3.29.7018\npMaxigetUpdater3.dll -> Found
[PUP.Gen1 (Potentially Malicious)] HKEY_CLASSES_ROOT\CLSID\{375D6409-3B2F-4093-9A8A-597660C9FFEA} -- (Maxiget Limited) "C:\Program Files\Maxiget\Updater\70.3.29.7018\MaxigetUpdaterOnDemand.exe" -> Found
[PUP.Gen1 (Potentially Malicious)] HKEY_CLASSES_ROOT\CLSID\{76C99418-BC08-4D65-9652-531101EFF701} -- (Maxiget Limited) "C:\Program Files\Maxiget\Updater\70.3.29.7018\MaxigetUpdaterBroker.exe" -> Found
[PUP.Gen1 (Potentially Malicious)] HKEY_CLASSES_ROOT\CLSID\{7B3418AF-9901-4F15-B66B-7053D7A1BD1E} -- (Maxiget Limited) "C:\Program Files\Maxiget\Updater\70.3.29.7018\MaxigetUpdaterBroker.exe" -> Found
[PUP.Gen1 (Potentially Malicious)] HKEY_CLASSES_ROOT\CLSID\{877C41CD-A715-4E93-B1F5-F73606E7F456} -- (Maxiget Limited) C:\Program Files\Maxiget\Updater\70.3.29.7018\npMaxigetUpdater3.dll -> Found
[PUP.Gen1 (Potentially Malicious)] HKEY_CLASSES_ROOT\CLSID\{952C2A45-A877-4FDA-A2E9-3BACF926084C} -- (Maxiget Limited) "C:\Program Files\Maxiget\Updater\70.3.29.7018\MaxigetUpdaterOnDemand.exe" -> Found
[PUP.Gen1 (Potentially Malicious)] HKEY_CLASSES_ROOT\CLSID\{A98F1BF0-2DD7-4813-86CA-625808970141} -- (Maxiget Limited) "C:\Program Files\Maxiget\Updater\70.3.29.7018\MaxigetUpdaterOnDemand.exe" -> Found
[PUP.Gen1 (Potentially Malicious)] HKEY_CLASSES_ROOT\CLSID\{B79DCCCE-5D68-405E-A844-2114E3DBC1D1} -- (Maxiget Limited) "C:\Program Files\Maxiget\Updater\70.3.29.7018\MaxigetUpdaterBroker.exe" -> Found
[PUP.Gen1 (Potentially Malicious)] HKEY_CLASSES_ROOT\CLSID\{B8B812CD-E38D-47F7-8B3C-AED08B4B2CF5} -- (Maxiget Limited) C:\Program Files\Maxiget\Updater\70.3.29.7018\psmachine.dll -> Found
[PUP.Gen1 (Potentially Malicious)] HKEY_CLASSES_ROOT\CLSID\{BCD8E0F4-2C79-40FF-A3D9-BFB45B03252E} -- (Maxiget Limited) C:\Program Files\Maxiget\Updater\70.3.29.7018\psmachine.dll -> Found
[PUP.Gen1 (Potentially Malicious)] HKEY_CLASSES_ROOT\CLSID\{C13EF276-BD72-4874-B405-CDD6193212F4} -- (Maxiget Limited) "C:\Program Files\Maxiget\Updater\70.3.29.7018\MaxigetUpdaterOnDemand.exe" -> Found
[PUP.Gen1 (Potentially Malicious)] HKEY_CLASSES_ROOT\CLSID\{CB2433C3-7FC4-43C9-89AE-10652126D7E1} -- (Maxiget Limited) "C:\Program Files\Maxiget\Updater\70.3.29.7018\MaxigetUpdaterOnDemand.exe" -> Found
>>>>>> XX - Software
[PUP.Gen1 (Potentially Malicious)] HKEY_LOCAL_MACHINE\Software\Maxiget -- N/A -> Found
[PUP.Gen1 (Potentially Malicious)] HKEY_USERS\S-1-5-21-532372818-831637793-4151276621-1000\Software\Distromatic -- N/A -> Found
[PUP.Gen1 (Potentially Malicious)] HKEY_USERS\S-1-5-21-532372818-831637793-4151276621-1000\Software\Maxiget -- N/A -> Found
[PUP.Gen1 (Potentially Malicious)] HKEY_USERS\S-1-5-21-532372818-831637793-4151276621-1000\Software\PowerPack -- N/A -> Found
>>>>>> XX - Uninstall
[PUP.Gen1 (Potentially Malicious)] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\MaxiGet Software Manager_is1 -- N/A -> Found
>>>>>> O23 - Services
[PUP.Gen1 (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Util Norpalla -- "C:\Program Files\Norpalla\bin\utilNorpalla.exe" (missing) -> Found
[PUP.Gen1 (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Util Norpalla -- "C:\Program Files\Norpalla\bin\utilNorpalla.exe" (missing) -> Found
[PUP.Gen1 (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet003\Services\Util Norpalla -- "C:\Program Files\Norpalla\bin\utilNorpalla.exe" (missing) -> Found
>>>>>> XX - Explorer Advanced
[PUM.StartMenu (Potentially Malicious)] HKEY_USERS\S-1-5-21-532372818-831637793-4151276621-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowMyGames -- 0 -> Found

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ WMI ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Hosts File ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Files ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
[PUP.Gen1 (Potentially Malicious)] (folder) Maxiget -- C:\Users\p\AppData\Local\Maxiget -> Found
[PUP.Gen1 (Potentially Malicious)] (folder) Amazon Browser Settings -- C:\Program Files\Amazon Browser Settings -> Found
[PUP.Gen1 (Potentially Malicious)] (folder) Maxiget -- C:\Program Files\Maxiget -> Found
[PUP.Gen1 (Potentially Malicious)] (folder) Amazon Browser Settings -- C:\Program Files\Amazon Browser Settings -> Found
[PUP.Gen1 (Potentially Malicious)] (folder) Maxiget -- C:\Program Files\Maxiget -> Found
[PUP.Gen1 (Potentially Malicious)] (folder) Maxiget -- C:\Users\p\AppData\Local\Maxiget -> Found

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Web browsers ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
>>>>>> Firefox Config
[PUM.SearchEngine (Potentially Malicious)] browser.search.defaultenginename (C:\Users\p\AppData\Roaming\Mozilla\Firefox\Profiles\1fan8a2l.default\prefs.js) -- Bing -> Found
[PUM.SearchEngine (Potentially Malicious)] browser.search.selectedEngine (C:\Users\p\AppData\Roaming\Mozilla\Firefox\Profiles\1fan8a2l.default\prefs.js) -- Bing -> Found
>>>>>> Chrome Config
[PUM.SearchEngine (Potentially Malicious)] default_search_provider_data.template_url_data.keyword (C:\Users\p\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences) -- yahoo.com -> Found
[PUP.Gen1 (Potentially Malicious)] homepage (C:\Users\p\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences) -- http://rts.dsrlte.com?affID=na -> Found

Publicité

Signaler le contenu de ce document

Publicité