Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - laclac

Pages: [1]
1
RogueKiller / Re: ===> False Positives <===
« on: January 08, 2016, 01:27:29 AM »
Pydio is a software for synchronize your cloud pydio (like dropbox)
[VT.Unknown] pydio-ui.exe(5060) -- D:\Program Files\PydioSync\bin\pydio-ui.exe[7] -> Tué(e) [TermProc]
[VT.Unknown] pydio-agent.exe(4400) -- D:\Program Files\PydioSync\bin\pydio-agent.exe[7] -> Tué(e) [TermProc]

2
RogueKiller / Re: ===> False Positives <===
« on: June 19, 2015, 10:07:26 AM »
Hi,

A new false positive, the antivirus eset:

RogueKiller V10.8.4.0 (x64) [Jun 15 2015] par Adlice Software
email : http://www.adlice.com/contact/
Remontées : http://forum.adlice.com
Site web : http://www.adlice.com/fr/logiciels/roguekiller/
Blog : http://www.adlice.com

Système d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Démarré en  : Mode normal
Utilisateur : stephane.chadeyron [Administrateur]
Démarré depuis : C:\Program Files\RogueKiller\RogueKiller.exe
Mode : Scan -- Date : 06/19/2015  10:04:43

¤¤¤ Processus : 1 ¤¤¤
[Proc.Injected] ekrn.exe(1908) -- C:\Program Files\ESET\ESET Endpoint Security\x86\ekrn.exe[7] -> Tué(e) [DrvNtTerm]

¤¤¤ Registre : 2 ¤¤¤
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-1618730201-3606924439-1700900945-13376\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0  -> Trouvé(e)
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-1618730201-3606924439-1700900945-13376\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0  -> Trouvé(e)

¤¤¤ Tâches : 0 ¤¤¤

¤¤¤ Fichiers : 0 ¤¤¤

¤¤¤ Fichier Hosts : 4 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1       localhost
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1       localhost
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1       localhost
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1       localhost

¤¤¤ Antirootkit : 0 (Driver: Chargé) ¤¤¤

¤¤¤ Navigateurs web : 0 ¤¤¤

¤¤¤ Vérification MBR : ¤¤¤
+++++ PhysicalDrive0: ST320LT007-9ZV142 +++++
--- User ---
[MBR] 67cdd999a773c0f41e4ba3a8f11c844d
[BSP] 2dc1c207c6c27aac80441500ced12459 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 305143 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

3
RogueKiller / Re: ===> False Positives <===
« on: May 25, 2015, 05:34:47 PM »
Hi,

Thank you very much for this very good tool.
I think my computer is safe but when I scanned with RogueKiller I had 720 suspects elements.
I think it's false positives with the applis:
- SandBoxie (95% of the alert)
- GData (antivirus)
- Free download Manager (Lite Edition)
- OneDrive (on the Register)
- SyncCenter (??? by defaut in windows I think but not sure (scan ok by virusTotal)

I attached the report

Thank you

4
RogueKiller / Fail detection
« on: March 05, 2015, 12:12:41 AM »
For information RogueKiller detects "Sandboxie" and "Unlocker" of malware.
But they are trust software very good.

http://www.sandboxie.com/
http://www.emptyloop.com/unlocker/

Pages: [1]