RogueKiller V12.9.6.0 (x64) [Jan 30 2017] (Premium) par Adlice Software email : http://www.adlice.com/contact/ Remontées : http://forum.adlice.com Site web : http://www.adlice.com/fr/download/roguekiller/ Blog : http://www.adlice.com Système d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Démarré en : Mode normal Utilisateur : ACER [Administrateur] Démarré depuis : C:\Program Files\RogueKiller\RogueKiller64.exe Mode : Scan -- Date : 02/01/2017 11:30:14 (Durée : 00:41:13) ¤¤¤ Processus : 0 ¤¤¤ ¤¤¤ Registre : 20 ¤¤¤ [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 5.39.220.126 8.8.8.8 ([X][-]) -> Trouvé(e) [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{79395FF5-EC1B-4316-8249-F2C7EA04164A} | DhcpNameServer : 172.20.10.1 ([X]) -> Trouvé(e) [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{BCF75641-7E4A-4636-8CE0-160DA12A4364} | DhcpNameServer : 5.39.220.126 8.8.8.8 ([X][-]) -> Trouvé(e) [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{79395FF5-EC1B-4316-8249-F2C7EA04164A} | DhcpNameServer : 172.20.10.1 ([X]) -> Trouvé(e) [PUP.HackTool] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {BE705DE9-CA6B-4E1F-8DAF-64D70DE365FF} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files\KMSpico\AutoPico.exe|Name=KMS Emulator: AutoPico.exe| [x] -> Trouvé(e) [PUP.HackTool] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {8B917788-623B-4819-8D3B-C6751DCC6E6B} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files\KMSpico\AutoPico.exe|Name=KMS Emulator: AutoPico.exe| [x] -> Trouvé(e) [PUP.HackTool] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {0E27F415-33D9-4059-A12E-696BDA7150BA} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files\KMSpico\KMSELDI.exe|Name=KMS Emulator: KMSELDI.exe| [x] -> Trouvé(e) [PUP.HackTool] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {8562F6DA-9248-4185-894D-18A58405CE33} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files\KMSpico\KMSELDI.exe|Name=KMS Emulator: KMSELDI.exe| [x] -> Trouvé(e) [PUP.HackTool] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {F432E625-A269-4F7A-9FB1-034F69AB2DBB} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files\KMSpico\Service_KMS.exe|Name=KMS Emulator: Service_KMS.exe| [x] -> Trouvé(e) [PUP.HackTool] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {F20C86E5-C82A-46EA-9F48-248072B7C5C6} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files\KMSpico\Service_KMS.exe|Name=KMS Emulator: Service_KMS.exe| [x] -> Trouvé(e) [PUP.HackTool] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {BE705DE9-CA6B-4E1F-8DAF-64D70DE365FF} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files\KMSpico\AutoPico.exe|Name=KMS Emulator: AutoPico.exe| [x] -> Trouvé(e) [PUP.HackTool] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {8B917788-623B-4819-8D3B-C6751DCC6E6B} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files\KMSpico\AutoPico.exe|Name=KMS Emulator: AutoPico.exe| [x] -> Trouvé(e) [PUP.HackTool] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {0E27F415-33D9-4059-A12E-696BDA7150BA} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files\KMSpico\KMSELDI.exe|Name=KMS Emulator: KMSELDI.exe| [x] -> Trouvé(e) [PUP.HackTool] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {8562F6DA-9248-4185-894D-18A58405CE33} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files\KMSpico\KMSELDI.exe|Name=KMS Emulator: KMSELDI.exe| [x] -> Trouvé(e) [PUP.HackTool] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {F432E625-A269-4F7A-9FB1-034F69AB2DBB} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files\KMSpico\Service_KMS.exe|Name=KMS Emulator: Service_KMS.exe| [x] -> Trouvé(e) [PUP.HackTool] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {F20C86E5-C82A-46EA-9F48-248072B7C5C6} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files\KMSpico\Service_KMS.exe|Name=KMS Emulator: Service_KMS.exe| [x] -> Trouvé(e) [PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Trouvé(e) [PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Trouvé(e) [PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-111632713-3363937405-1746549519-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Trouvé(e) [PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-111632713-3363937405-1746549519-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Trouvé(e) ¤¤¤ Tâches : 1 ¤¤¤ [PUP.HackTool] \AutoKMS -- C:\Windows\AutoKMS\AutoKMS.exe -> Trouvé(e) ¤¤¤ Fichiers : 4 ¤¤¤ [PUP.HackTool][Répertoire] C:\ProgramData\KMSAutoS -> Trouvé(e) [PUP.HackTool][Répertoire] C:\Windows\AutoKMS -> Trouvé(e) [Tr.Gen0][Fichier] C:\Users\ACER\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe -> Trouvé(e) [PUP.HackTool][Répertoire] C:\ProgramData\KMSAutoS -> Trouvé(e) ¤¤¤ WMI : 0 ¤¤¤ ¤¤¤ Fichier Hosts : 0 ¤¤¤ ¤¤¤ Antirootkit : 0 (Driver: Chargé) ¤¤¤ ¤¤¤ Navigateurs web : 2 ¤¤¤ [PUM.SearchPage][Chrome:Config] ChromeDefaultData [SecurePrefs] : default_search_provider_data.template_url_data.keyword [youndoo] -> Trouvé(e) [PUM.SearchPage][Chrome:Config] ChromeDefaultData [SecurePrefs] : default_search_provider_data.template_url_data.url [http://www.youndoo.com/search/?q={searchTerms}&z=7a699f7583ecfe8638a3b31g2z3b2o2c6wdg8e7e0m&from=wak&uid=WDCXWD5000BEVT-22A0RT0_WD-WXJ1AA0S6542S6542&type=sp] -> Trouvé(e) ¤¤¤ Vérification MBR : ¤¤¤ +++++ PhysicalDrive0: WDC WD5000BEVT-22A0R SCSI Disk Device +++++ --- User --- [MBR] 3fa96b221c5447cb72d3ae964404b108 [BSP] ce191422b34fb3e0b5c5464be09ca8f5 : Windows Vista/7/8 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 356 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] 1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 731136 | Size: 254373 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] 2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 521687040 | Size: 101916 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] 3 - [XXXXXX] EXTEN-LBA (0xf) [VISIBLE] Offset (sectors): 730413056 | Size: 120292 MB User = LL1 ... OK User = LL2 ... OK