cjoint

Publicité

Cliquez pour partager vos propres fichiers

Publicité

Format du document : text/plain

Prévisualisation

RogueKiller V12.9.1.0 (x64) [Jan 2 2017] (Premium) par Adlice Software
email : http://www.adlice.com/contact/
Remontées : http://forum.adlice.com
Site web : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Système d'exploitation : Windows 8.1 (6.3.9600) 64 bits version
Démarré en : Mode normal
Utilisateur : Nabil Mahboub [Administrateur]
Démarré depuis : C:\Program Files\RogueKiller\RogueKiller64.exe
Mode : Scan -- Date : 01/03/2017 05:55:59 (Durée : 00:37:59)

¤¤¤ Processus : 1 ¤¤¤
[Adw.DNSUnlocker] IMF.exe(4916) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe[7] -> Trouvé(e)

¤¤¤ Registre : 14 ¤¤¤
[PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-1264132362-1287912481-3764714529-1001\Software\Win -> Trouvé(e)
[PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-1264132362-1287912481-3764714529-1001\Software\Win -> Trouvé(e)
[PUP.HackTool|VT.HackTool:Win32/AutoKMS] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Service KMSELDI (C:\Program Files\KMSpico\Service_KMS.exe) -> Trouvé(e)
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{316DDE50-4B80-4FA9-BC27-180AB66540DC} | DhcpNameServer : 192.168.1.1 0.0.0.0 ([-][]) -> Trouvé(e)
[PUP.HackTool|VT.Trojan.Win32.Generic!BT] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {3844F0BC-7345-42D2-B3BB-B7D3DAA79749} : v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files\KMSpico\KMSELDI.exe|Name=KMS Emulator: KMSELDI.exe| [-] -> Trouvé(e)
[PUP.HackTool|VT.Trojan.Win32.Generic!BT] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {A91CC8CD-CE0B-4881-88F0-D5E146FE917E} : v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files\KMSpico\KMSELDI.exe|Name=KMS Emulator: KMSELDI.exe| [-] -> Trouvé(e)
[PUP.HackTool|VT.HackTool:Win32/AutoKMS] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {39954B74-CD81-4F8D-A69F-B55BECDD7DC6} : v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files\KMSpico\Service_KMS.exe|Name=KMS Emulator: Service_KMS.exe| [-] -> Trouvé(e)
[PUP.HackTool|VT.HackTool:Win32/AutoKMS] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {9FB8F2D2-8580-47E1-84BE-56A6D723D5D5} : v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files\KMSpico\Service_KMS.exe|Name=KMS Emulator: Service_KMS.exe| [-] -> Trouvé(e)
[PUP.HackTool|VT.HackTool:Win32/AutoKMS] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {36AF380F-71EC-4B7F-8444-19670C94ECEB} : v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files\KMSpico\AutoPico.exe|Name=KMS Emulator: AutoPico.exe| [-] -> Trouvé(e)
[PUP.HackTool|VT.HackTool:Win32/AutoKMS] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {D5A8D0E0-3BA3-45D0-BC74-97D71E2726B9} : v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files\KMSpico\AutoPico.exe|Name=KMS Emulator: AutoPico.exe| [-] -> Trouvé(e)
[PUP.HackTool|VT.HackTool:Win32/AutoKMS] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {02171C68-D77E-488C-92C7-D2CDB1CC483D} : v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files\KMSpico\Service_KMS.exe|Name=KMS Emulator: Service_KMS.exe| [-] -> Trouvé(e)
[PUP.HackTool|VT.HackTool:Win32/AutoKMS] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {496CFD38-C527-4890-B915-41FEF63AE3E3} : v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files\KMSpico\Service_KMS.exe|Name=KMS Emulator: Service_KMS.exe| [-] -> Trouvé(e)
[PUP.HackTool|VT.HackTool:Win32/AutoKMS] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {A06B9363-CC4B-4520-BF5F-7CAB5D16AFD2} : v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files\KMSpico\AutoPico.exe|Name=KMS Emulator: AutoPico.exe| [-] -> Trouvé(e)
[PUP.HackTool|VT.HackTool:Win32/AutoKMS] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {C4B7527D-57F8-4454-896F-8D9D08487643} : v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files\KMSpico\AutoPico.exe|Name=KMS Emulator: AutoPico.exe| [-] -> Trouvé(e)

¤¤¤ Tâches : 1 ¤¤¤
[PUP.HackTool|VT.HackTool:Win32/AutoKMS] \AutoPico Daily Restart -- "C:\Program Files\KMSpico\AutoPico.exe" (/silent) -> Trouvé(e)

¤¤¤ Fichiers : 10 ¤¤¤
[Tr.Gen0][Fichier] C:\Users\Nabil Mahboub\AppData\Roaming\uTorrent\updates\3.4.5_41073\utorrentie.exe -> Trouvé(e)
[Tr.Gen0][Fichier] C:\Users\Nabil Mahboub\AppData\Roaming\uTorrent\updates\3.4.5_41202\utorrentie.exe -> Trouvé(e)
[Tr.Gen0][Fichier] C:\Users\Nabil Mahboub\AppData\Roaming\uTorrent\updates\3.4.5_41372\utorrentie.exe -> Trouvé(e)
[Tr.Gen0][Fichier] C:\Users\Nabil Mahboub\AppData\Roaming\uTorrent\updates\3.4.5_41712\utorrentie.exe -> Trouvé(e)
[Tr.Gen0][Fichier] C:\Users\Nabil Mahboub\AppData\Roaming\uTorrent\updates\3.4.5_41865\utorrentie.exe -> Trouvé(e)
[PUP.HackTool][Fichier] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\AutoPico.lnk [LNK@] C:\PROGRA~1\KMSpico\AutoPico.exe -> Trouvé(e)
[PUP.HackTool][Fichier] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\KMSpico.lnk [LNK@] C:\PROGRA~1\KMSpico\KMSELDI.exe -> Trouvé(e)
[PUP.HackTool][Fichier] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\Log KMSpico.lnk [LNK@] C:\PROGRA~1\KMSpico\scripts\Log.cmd -> Trouvé(e)
[PUP.HackTool][Fichier] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\Uninstall KMSpico.lnk [LNK@] C:\PROGRA~1\KMSpico\UninsHs.exe /u0=KMSpico -> Trouvé(e)
[PUP.HackTool][Répertoire] C:\Program Files\KMSpico -> Trouvé(e)

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Fichier Hosts : 0 [Too big!] ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Chargé) ¤¤¤

¤¤¤ Navigateurs web : 1 ¤¤¤
[PUM.SearchEngine][Firefox:Config] g3zp2f68.default : user_pref("browser.search.defaultenginename", "Google Default"); -> Trouvé(e)

¤¤¤ Vérification MBR : ¤¤¤
+++++ PhysicalDrive0: +++++
--- User ---
[MBR] 30dca81b37c4446e46a7d5fc239d3d1e
[BSP] 5fb9cca57b0422d59b887c3b8f7dec7c : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 196607 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 402653160 | Size: 280329 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

Publicité

Signaler le contenu de ce document

Publicité