RogueKiller V12.10.10.0 (x64) [May 22 2017] (Gratuit) par Adlice Software email : http://www.adlice.com/contact/ Remontées : https://forum.adlice.com Site web : http://www.adlice.com/fr/download/roguekiller/ Blog : http://www.adlice.com Système d'exploitation : Windows 10 (10.0.15063) 64 bits version Démarré en : Mode normal Utilisateur : Ce PC [Administrateur] Démarré depuis : C:\Program Files\RogueKiller\RogueKiller64.exe Mode : Scan -- Date : 05/25/2017 12:37:41 (Durée : 01:07:21) ¤¤¤ Processus : 4 ¤¤¤ [PUP.HackTool|Suspicious.Path|VT.Hktl.Kms.Gen!c] KMS-R@1n.exe(3212) -- C:\Windows\KMS-R@1n.exe[-] -> Trouvé(e) [Proc.Injected] explorer.exe(2732) -- C:\Windows\SysWOW64\explorer.exe[7] -> Trouvé(e) [Suspicious.Path|VT.Unknown] Ld9708.tmp(820) -- C:\Users\Ce PC\AppData\Local\Temp\Ld9708.tmp[-] -> Trouvé(e) [PUP.HackTool|Suspicious.Path|VT.Hktl.Kms.Gen!c] (SVC) KMS-R@1n -- C:\Windows\KMS-R@1n.exe[-] -> Trouvé(e) ¤¤¤ Registre : 11 ¤¤¤ [PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-3043548726-3783489516-1277162877-1001\Software\Win -> Trouvé(e) [PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-3043548726-3783489516-1277162877-1001\Software\Win -> Trouvé(e) [PUP.HackTool|Suspicious.Path|VT.Hktl.Kms.Gen!c] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\KMS-R@1n (C:\Windows\KMS-R@1n.exe) -> Trouvé(e) [PUP.HackTool|Suspicious.Path|VT.Hktl.Kms.Gen!c] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {9BA3B394-9735-4FCE-B229-E3103DDFD660} : v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=1688|App=C:\Windows\KMS-R@1n.exe|Name=KMS-R@1n| [-] -> Trouvé(e) [PUP.HackTool|Suspicious.Path|VT.Hktl.Kms.Gen!c] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {1AAF237B-C825-49A2-A9DF-F608F9F0D9B2} : v2.27|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|LPort=1688|App=C:\Windows\KMS-R@1n.exe|Name=KMS-R@1n| [-] -> Trouvé(e) [PUP.HackTool|Suspicious.Path|VT.Patched4_c.GXW] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\OSppSvc.exe | Debugger : KMS-R@1nHook.exe [-] -> Trouvé(e) [PUP.HackTool|Suspicious.Path|VT.Patched4_c.GXW] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SppExtComObj.exe | Debugger : KMS-R@1nHook.exe [-] -> Trouvé(e) [PUP.HackTool|Suspicious.Path|VT.Patched4_c.GXW] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\OSppSvc.exe | Debugger : KMS-R@1nHook.exe [-] -> Trouvé(e) [PUP.HackTool|Suspicious.Path|VT.Patched4_c.GXW] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SppExtComObj.exe | Debugger : KMS-R@1nHook.exe [-] -> Trouvé(e) [PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-3043548726-3783489516-1277162877-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_TrackProgs : 0 -> Trouvé(e) [PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-3043548726-3783489516-1277162877-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_TrackProgs : 0 -> Trouvé(e) ¤¤¤ Tâches : 0 ¤¤¤ ¤¤¤ Fichiers : 5 ¤¤¤ [Hidden.ADS][Flux] C:\Windows:{DA6227CB-326B-4B4D-9A81-04B61F1538DD} -> Trouvé(e) [PUP.HackTool][Fichier] C:\Windows\KMS-R@1n.exe -> Trouvé(e) [PUP.HackTool][Fichier] C:\Windows\KMS-R@1nHook.exe -> Trouvé(e) [PUP.Gen0][Fichier] C:\Windows\SECOH-QAD.exe -> Trouvé(e) [PUP.HackTool][Répertoire] C:\Program Files\KMSpico -> Trouvé(e) ¤¤¤ WMI : 0 ¤¤¤ ¤¤¤ Fichier Hosts : 0 ¤¤¤ ¤¤¤ Antirootkit : 0 (Driver: Chargé) ¤¤¤ ¤¤¤ Navigateurs web : 0 ¤¤¤ ¤¤¤ Vérification MBR : ¤¤¤ +++++ PhysicalDrive0: ST500LM012 HN-M500MBB +++++ --- User --- [MBR] dc6278bdbdce96acaeb1cf5585e8ee76 [BSP] 580b726f4c26cf4bec618624727bf4fd : Empty|VT.Unknown MBR Code Partition table: 0 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 2048 | Size: 450 MB 1 - [MAN-MOUNT] EFI system partition | Offset (sectors): 923648 | Size: 100 MB 2 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 1128448 | Size: 16 MB 3 - Basic data partition | Offset (sectors): 1161216 | Size: 476373 MB User = LL1 ... OK User = LL2 ... OK