cjoint

Publicité

Cliquez pour partager vos propres fichiers

Publicité

Format du document : text/plain

Prévisualisation

RogueKiller V12.10.10.0 (x64) [May 22 2017] (Gratuit) par Adlice Software
email : http://www.adlice.com/contact/
Remontées : https://forum.adlice.com
Site web : http://www.adlice.com/fr/download/roguekiller/
Blog : http://www.adlice.com

Système d'exploitation : Windows 10 (10.0.15063) 64 bits version
Démarré en : Mode normal
Utilisateur : Ce PC [Administrateur]
Démarré depuis : C:\Program Files\RogueKiller\RogueKiller64.exe
Mode : Scan -- Date : 05/25/2017 12:37:41 (Durée : 01:07:21)

¤¤¤ Processus : 4 ¤¤¤
[PUP.HackTool|Suspicious.Path|VT.Hktl.Kms.Gen!c] KMS-R@1n.exe(3212) -- C:\Windows\KMS-R@1n.exe[-] -> Trouvé(e)
[Proc.Injected] explorer.exe(2732) -- C:\Windows\SysWOW64\explorer.exe[7] -> Trouvé(e)
[Suspicious.Path|VT.Unknown] Ld9708.tmp(820) -- C:\Users\Ce PC\AppData\Local\Temp\Ld9708.tmp[-] -> Trouvé(e)
[PUP.HackTool|Suspicious.Path|VT.Hktl.Kms.Gen!c] (SVC) KMS-R@1n -- C:\Windows\KMS-R@1n.exe[-] -> Trouvé(e)

¤¤¤ Registre : 11 ¤¤¤
[PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-3043548726-3783489516-1277162877-1001\Software\Win -> Trouvé(e)
[PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-3043548726-3783489516-1277162877-1001\Software\Win -> Trouvé(e)
[PUP.HackTool|Suspicious.Path|VT.Hktl.Kms.Gen!c] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\KMS-R@1n (C:\Windows\KMS-R@1n.exe) -> Trouvé(e)
[PUP.HackTool|Suspicious.Path|VT.Hktl.Kms.Gen!c] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {9BA3B394-9735-4FCE-B229-E3103DDFD660} : v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=1688|App=C:\Windows\KMS-R@1n.exe|Name=KMS-R@1n| [-] -> Trouvé(e)
[PUP.HackTool|Suspicious.Path|VT.Hktl.Kms.Gen!c] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {1AAF237B-C825-49A2-A9DF-F608F9F0D9B2} : v2.27|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|LPort=1688|App=C:\Windows\KMS-R@1n.exe|Name=KMS-R@1n| [-] -> Trouvé(e)
[PUP.HackTool|Suspicious.Path|VT.Patched4_c.GXW] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\OSppSvc.exe | Debugger : KMS-R@1nHook.exe [-] -> Trouvé(e)
[PUP.HackTool|Suspicious.Path|VT.Patched4_c.GXW] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SppExtComObj.exe | Debugger : KMS-R@1nHook.exe [-] -> Trouvé(e)
[PUP.HackTool|Suspicious.Path|VT.Patched4_c.GXW] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\OSppSvc.exe | Debugger : KMS-R@1nHook.exe [-] -> Trouvé(e)
[PUP.HackTool|Suspicious.Path|VT.Patched4_c.GXW] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SppExtComObj.exe | Debugger : KMS-R@1nHook.exe [-] -> Trouvé(e)
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-3043548726-3783489516-1277162877-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_TrackProgs : 0 -> Trouvé(e)
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-3043548726-3783489516-1277162877-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_TrackProgs : 0 -> Trouvé(e)

¤¤¤ Tâches : 0 ¤¤¤

¤¤¤ Fichiers : 5 ¤¤¤
[Hidden.ADS][Flux] C:\Windows:{DA6227CB-326B-4B4D-9A81-04B61F1538DD} -> Trouvé(e)
[PUP.HackTool][Fichier] C:\Windows\KMS-R@1n.exe -> Trouvé(e)
[PUP.HackTool][Fichier] C:\Windows\KMS-R@1nHook.exe -> Trouvé(e)
[PUP.Gen0][Fichier] C:\Windows\SECOH-QAD.exe -> Trouvé(e)
[PUP.HackTool][Répertoire] C:\Program Files\KMSpico -> Trouvé(e)

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Fichier Hosts : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Chargé) ¤¤¤

¤¤¤ Navigateurs web : 0 ¤¤¤

¤¤¤ Vérification MBR : ¤¤¤
+++++ PhysicalDrive0: ST500LM012 HN-M500MBB +++++
--- User ---
[MBR] dc6278bdbdce96acaeb1cf5585e8ee76
[BSP] 580b726f4c26cf4bec618624727bf4fd : Empty|VT.Unknown MBR Code
Partition table:
0 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 2048 | Size: 450 MB
1 - [MAN-MOUNT] EFI system partition | Offset (sectors): 923648 | Size: 100 MB
2 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 1128448 | Size: 16 MB
3 - Basic data partition | Offset (sectors): 1161216 | Size: 476373 MB
User = LL1 ... OK
User = LL2 ... OK

Publicité

Signaler le contenu de ce document

Publicité