Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- RogueKiller Anti-Malware V13.2.1.0 (x64) [May 22 2019] (Free) by Adlice Software
- mail : https://adlice.com/contact/
- Website : https://adlice.com/download/roguekiller/
- Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits
- Started in : Normal mode
- User : xxx [Administrator]
- Started from : C:\Users\xxx\Downloads\RogueKiller_portable64.exe
- Signatures : 20190527_073557, Driver : Loaded
- Mode : Standard Scan, Scan -- Date : 2019/05/27 20:43:21 (Duration : 00:22:12)
- ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
- ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Process Modules ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
- ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Services ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
- ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Tasks ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
- [PUP.Gen1 (Potentially Malicious)] (Microsoft Windows) \{0D6C97DB-FFB4-47F7-9302-5140508DCAE0} -- C:\Windows\system32\pcalua.exe [-a C:\Users\xxx\AppData\Roaming\istartsurf\UninstallManager.exe -c -ptid=cor] -> Found
- ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Registry ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
- >>>>>> XX - Software
- [PUP.Gen1 (Potentially Malicious)] (X64) HKEY_USERS\S-1-5-21-614731021-3141606484-428700027-1000\Software\OCS -- N/A -> Found
- >>>>>> O87 - Firewall
- [Suspicious.Path (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{86B0F990-31A3-430D-85BA-13C23F3761C0}C:\users\xxx\appdata\local\fivem\fivem.exe -- v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\users\xxx\appdata\local\fivem\fivem.exe|Name=fivem.exe|Desc=fivem.exe|Defer=User| (C:\users\xxx\appdata\local\fivem\fivem.exe) -> Found
- [Suspicious.Path (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{CADDBEB0-8594-4A0F-9FC3-BCC98BAD1086}C:\users\xxx\appdata\local\fivem\fivem.exe -- v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\users\xxx\appdata\local\fivem\fivem.exe|Name=fivem.exe|Desc=fivem.exe|Defer=User| (C:\users\xxx\appdata\local\fivem\fivem.exe) -> Found
- [Suspicious.Path (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{39183A36-524C-41AF-973E-37F673EDC9CD}C:\users\xxx\appdata\roaming\gameranger\gameranger\gameranger.exe -- (GameRanger Technologies) v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\users\xxx\appdata\roaming\gameranger\gameranger\gameranger.exe|Name=gameranger.exe|Desc=gameranger.exe|Defer=User| (C:\users\xxx\appdata\roaming\gameranger\gameranger\gameranger.exe) -> Found
- [Suspicious.Path (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{4ACA1568-1362-4570-85EA-AD4C52E012C1}C:\users\xxx\appdata\roaming\gameranger\gameranger\gameranger.exe -- (GameRanger Technologies) v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\users\xxx\appdata\roaming\gameranger\gameranger\gameranger.exe|Name=gameranger.exe|Desc=gameranger.exe|Defer=User| (C:\users\xxx\appdata\roaming\gameranger\gameranger\gameranger.exe) -> Found
- [Suspicious.Path (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{86B0F990-31A3-430D-85BA-13C23F3761C0}C:\users\xxx\appdata\local\fivem\fivem.exe -- v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\users\xxx\appdata\local\fivem\fivem.exe|Name=fivem.exe|Desc=fivem.exe|Defer=User| (C:\users\xxx\appdata\local\fivem\fivem.exe) -> Found
- [Suspicious.Path (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{CADDBEB0-8594-4A0F-9FC3-BCC98BAD1086}C:\users\xxx\appdata\local\fivem\fivem.exe -- v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\users\xxx\appdata\local\fivem\fivem.exe|Name=fivem.exe|Desc=fivem.exe|Defer=User| (C:\users\xxx\appdata\local\fivem\fivem.exe) -> Found
- [Suspicious.Path (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{39183A36-524C-41AF-973E-37F673EDC9CD}C:\users\xxx\appdata\roaming\gameranger\gameranger\gameranger.exe -- (GameRanger Technologies) v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\users\xxx\appdata\roaming\gameranger\gameranger\gameranger.exe|Name=gameranger.exe|Desc=gameranger.exe|Defer=User| (C:\users\xxx\appdata\roaming\gameranger\gameranger\gameranger.exe) -> Found
- [Suspicious.Path (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{4ACA1568-1362-4570-85EA-AD4C52E012C1}C:\users\xxx\appdata\roaming\gameranger\gameranger\gameranger.exe -- (GameRanger Technologies) v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\users\xxx\appdata\roaming\gameranger\gameranger\gameranger.exe|Name=gameranger.exe|Desc=gameranger.exe|Defer=User| (C:\users\xxx\appdata\roaming\gameranger\gameranger\gameranger.exe) -> Found
- ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ WMI ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
- ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Hosts File ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
- ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Files ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
- [Root.Wajam (Malicious)] (file) NTZhZTA0ZT -- (technologiejarbon.com) C:\Windows\System32\drivers\NTZhZTA0ZT -> Found
- [PUP.OnlineIO (Potentially Malicious)] (folder) AdvinstAnalytics -- C:\Users\xxx\AppData\Local\AdvinstAnalytics -> Found
- [Spy.Socelars (Malicious)] (folder) App -- C:\Users\xxx\AppData\Local\App -> Found
- ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Web browsers ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement