rk-13D0.tmp-1.txt

Document joint : GBbmfWzCyCa_rk-13D0.tmp-1.txt

Cliquez pour partager vos propres fichiers

Format du document : text/plain

Prévisualisation

RogueKiller V12.9.6.0 (x64) [Jan 30 2017] (Premium) par Adlice Software
email : http://www.adlice.com/contact/
Remontées : http://forum.adlice.com
Site web : http://www.adlice.com/fr/download/roguekiller/
Blog : http://www.adlice.com

Système d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Démarré en : Mode normal
Utilisateur : ACER [Administrateur]
Démarré depuis : C:\Program Files\RogueKiller\RogueKiller64.exe
Mode : Scan -- Date : 02/01/2017 11:30:14 (Durée : 00:41:13)

¤¤¤ Processus : 0 ¤¤¤

¤¤¤ Registre : 20 ¤¤¤
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 5.39.220.126 8.8.8.8 ([X][-]) -> Trouvé(e)
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{79395FF5-EC1B-4316-8249-F2C7EA04164A} | DhcpNameServer : 172.20.10.1 ([X]) -> Trouvé(e)
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{BCF75641-7E4A-4636-8CE0-160DA12A4364} | DhcpNameServer : 5.39.220.126 8.8.8.8 ([X][-]) -> Trouvé(e)
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{79395FF5-EC1B-4316-8249-F2C7EA04164A} | DhcpNameServer : 172.20.10.1 ([X]) -> Trouvé(e)
[PUP.HackTool] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {BE705DE9-CA6B-4E1F-8DAF-64D70DE365FF} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files\KMSpico\AutoPico.exe|Name=KMS Emulator: AutoPico.exe| [x] -> Trouvé(e)
[PUP.HackTool] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {8B917788-623B-4819-8D3B-C6751DCC6E6B} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files\KMSpico\AutoPico.exe|Name=KMS Emulator: AutoPico.exe| [x] -> Trouvé(e)
[PUP.HackTool] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {0E27F415-33D9-4059-A12E-696BDA7150BA} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files\KMSpico\KMSELDI.exe|Name=KMS Emulator: KMSELDI.exe| [x] -> Trouvé(e)
[PUP.HackTool] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {8562F6DA-9248-4185-894D-18A58405CE33} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files\KMSpico\KMSELDI.exe|Name=KMS Emulator: KMSELDI.exe| [x] -> Trouvé(e)
[PUP.HackTool] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {F432E625-A269-4F7A-9FB1-034F69AB2DBB} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files\KMSpico\Service_KMS.exe|Name=KMS Emulator: Service_KMS.exe| [x] -> Trouvé(e)
[PUP.HackTool] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {F20C86E5-C82A-46EA-9F48-248072B7C5C6} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files\KMSpico\Service_KMS.exe|Name=KMS Emulator: Service_KMS.exe| [x] -> Trouvé(e)
[PUP.HackTool] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {BE705DE9-CA6B-4E1F-8DAF-64D70DE365FF} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files\KMSpico\AutoPico.exe|Name=KMS Emulator: AutoPico.exe| [x] -> Trouvé(e)
[PUP.HackTool] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {8B917788-623B-4819-8D3B-C6751DCC6E6B} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files\KMSpico\AutoPico.exe|Name=KMS Emulator: AutoPico.exe| [x] -> Trouvé(e)
[PUP.HackTool] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {0E27F415-33D9-4059-A12E-696BDA7150BA} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files\KMSpico\KMSELDI.exe|Name=KMS Emulator: KMSELDI.exe| [x] -> Trouvé(e)
[PUP.HackTool] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {8562F6DA-9248-4185-894D-18A58405CE33} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files\KMSpico\KMSELDI.exe|Name=KMS Emulator: KMSELDI.exe| [x] -> Trouvé(e)
[PUP.HackTool] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {F432E625-A269-4F7A-9FB1-034F69AB2DBB} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files\KMSpico\Service_KMS.exe|Name=KMS Emulator: Service_KMS.exe| [x] -> Trouvé(e)
[PUP.HackTool] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {F20C86E5-C82A-46EA-9F48-248072B7C5C6} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files\KMSpico\Service_KMS.exe|Name=KMS Emulator: Service_KMS.exe| [x] -> Trouvé(e)
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Trouvé(e)
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Trouvé(e)
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-111632713-3363937405-1746549519-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Trouvé(e)
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-111632713-3363937405-1746549519-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Trouvé(e)

¤¤¤ Tâches : 1 ¤¤¤
[PUP.HackTool] \AutoKMS -- C:\Windows\AutoKMS\AutoKMS.exe -> Trouvé(e)

¤¤¤ Fichiers : 4 ¤¤¤
[PUP.HackTool][Répertoire] C:\ProgramData\KMSAutoS -> Trouvé(e)
[PUP.HackTool][Répertoire] C:\Windows\AutoKMS -> Trouvé(e)
[Tr.Gen0][Fichier] C:\Users\ACER\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe -> Trouvé(e)
[PUP.HackTool][Répertoire] C:\ProgramData\KMSAutoS -> Trouvé(e)

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Fichier Hosts : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Chargé) ¤¤¤

¤¤¤ Navigateurs web : 2 ¤¤¤
[PUM.SearchPage][Chrome:Config] ChromeDefaultData [SecurePrefs] : default_search_provider_data.template_url_data.keyword [youndoo] -> Trouvé(e)
[PUM.SearchPage][Chrome:Config] ChromeDefaultData [SecurePrefs] : default_search_provider_data.template_url_data.url [http://www.youndoo.com/search/?q={searchTerms}&z=7a699f7583ecfe8638a3b31g2z3b2o2c6wdg8e7e0m&from=wak&uid=WDCXWD5000BEVT-22A0RT0_WD-WXJ1AA0S6542S6542&type=sp] -> Trouvé(e)

¤¤¤ Vérification MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD5000BEVT-22A0R SCSI Disk Device +++++
--- User ---
[MBR] 3fa96b221c5447cb72d3ae964404b108
[BSP] ce191422b34fb3e0b5c5464be09ca8f5 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 356 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 731136 | Size: 254373 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 521687040 | Size: 101916 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
3 - [XXXXXX] EXTEN-LBA (0xf) [VISIBLE] Offset (sectors): 730413056 | Size: 120292 MB
User = LL1 ... OK
User = LL2 ... OK

Signaler le contenu de ce document