RogueKiller V12.3.8.0 (x64) [Jul 11 2016] (Premium) par Adlice Software email : http://www.adlice.com/contact/ Remontées : http://forum.adlice.com Site web : http://www.adlice.com/fr/download/roguekiller/ Blog : http://www.adlice.com Système d'exploitation : Windows 10 (10.0.10240) 64 bits version Démarré en : Mode normal Utilisateur : pompido [Administrateur] Démarré depuis : C:\Users\ayoub\Desktop\RogueKillerX64.exe Mode : Suppression -- Date : 07/12/2016 19:56:01 ¤¤¤ Processus : 1 ¤¤¤ [VT.Patched3_c.BWLA] KMS Server Service.exe(7624) -- C:\WINDOWS\KMSServerService\KMS Server Service.exe[-] -> Tué(e) [TermProc] ¤¤¤ Registre : 19 ¤¤¤ [PUP] (X86) HKEY_LOCAL_MACHINE\Software\SmdmF -> Supprimé(e) [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtPending | (default) : {056D528D-CE28-4194-9BA3-BA2E9197FF8C} [x] -> Supprimé(e) [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSynced | (default) : {05B38830-F4E9-4329-978B-1DD28605D202} [x] -> Supprimé(e) [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSyncing | (default) : {0596C850-7BDD-4C9D-AFDF-873BE6890637} [x] -> Supprimé(e) [Suspicious.Path] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtPending | (default) : {056D528D-CE28-4194-9BA3-BA2E9197FF8C} [x] -> Supprimé(e) [Suspicious.Path] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSynced | (default) : {05B38830-F4E9-4329-978B-1DD28605D202} [x] -> Supprimé(e) [Suspicious.Path] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSyncing | (default) : {0596C850-7BDD-4C9D-AFDF-873BE6890637} [x] -> Supprimé(e) [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\gkernel (\??\C:\Users\ayoub\AppData\Local\Temp\gkernel.sys) -> Supprimé(e) [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\gkernel (\??\C:\Users\ayoub\AppData\Local\Temp\gkernel.sys) -> Supprimé(e) [PUM.Proxy] (X64) HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\0c-b3-19-34-48-63 -> Supprimé(e) [PUM.Proxy] (X64) HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\50-a4-c8-c1-b3-b1 -> Supprimé(e) [PUM.Proxy] (X64) HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\94-b1-0a-34-68-9b -> Supprimé(e) [PUM.Proxy] (X64) HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\a4-b1-e9-98-90-b1 -> Supprimé(e) [PUM.Proxy] (X64) HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\a4-b1-e9-cf-5f-41 -> Supprimé(e) [PUM.Proxy] (X86) HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\0c-b3-19-34-48-63 -> Supprimé(e) [PUM.Proxy] (X86) HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\50-a4-c8-c1-b3-b1 -> Supprimé(e) [PUM.Proxy] (X86) HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\94-b1-0a-34-68-9b -> Supprimé(e) [PUM.Proxy] (X86) HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\a4-b1-e9-98-90-b1 -> Supprimé(e) [PUM.Proxy] (X86) HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\a4-b1-e9-cf-5f-41 -> Supprimé(e) ¤¤¤ Tâches : 2 ¤¤¤ [Suspicious.Path] %WINDIR%\Tasks\Chromium.job -- C:\Users\ayoub\AppData\Local\Chromium\APPLIC~1\450240~1.0\INSTAL~1\UNINST~1.EXE (/Check) -> Supprimé(e) [Suspicious.Path] \Chromium -- C:\Users\ayoub\AppData\Local\Chromium\APPLIC~1\450240~1.0\INSTAL~1\UNINST~1.EXE (/Check) -> Supprimé(e) ¤¤¤ Fichiers : 1 ¤¤¤ [PUP][Répertoire] C:\Program Files (x86)\GreenTree Applications -> Supprimé(e) [PUP][Fichier] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\COPYING.Apachev2 -> Supprimé(e) [PUP][Fichier] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\COPYING.LGPLv2 -> Supprimé(e) [PUP][Fichier] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\COPYING.LGPLv3 -> Supprimé(e) [PUP][Fichier] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\FFMPEG.EXE -> Supprimé(e) [PUP][Fichier] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1025.ini -> Supprimé(e) [PUP][Fichier] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1026.ini -> Supprimé(e) [PUP][Fichier] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1029.ini -> Supprimé(e) [PUP][Fichier] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1030.ini -> Supprimé(e) [PUP][Fichier] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1031.ini -> Supprimé(e) [PUP][Fichier] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1032.ini -> Supprimé(e) [PUP][Fichier] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1033.ini -> Supprimé(e) [PUP][Fichier] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1034.ini -> Supprimé(e) [PUP][Fichier] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1035.ini -> Supprimé(e) [PUP][Fichier] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1036.ini -> Supprimé(e) [PUP][Fichier] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1038.ini -> Supprimé(e) [PUP][Fichier] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1040.ini -> Supprimé(e) [PUP][Fichier] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1043.ini -> Supprimé(e) [PUP][Fichier] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1044.ini -> Supprimé(e) [PUP][Fichier] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1045.ini -> Supprimé(e) [PUP][Fichier] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1048.ini -> Supprimé(e) [PUP][Fichier] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1049.ini -> Supprimé(e) [PUP][Fichier] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1050.ini -> Supprimé(e) [PUP][Fichier] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1051.ini -> Supprimé(e) [PUP][Fichier] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1052.ini -> Supprimé(e) [PUP][Fichier] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1053.ini -> Supprimé(e) [PUP][Fichier] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1055.ini -> Supprimé(e) [PUP][Fichier] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1059.ini -> Supprimé(e) [PUP][Fichier] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1060.ini -> Supprimé(e) [PUP][Fichier] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res1061.ini -> Supprimé(e) [PUP][Fichier] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res2052.ini -> Supprimé(e) [PUP][Fichier] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res2070.ini -> Supprimé(e) [PUP][Fichier] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res2074.ini -> Supprimé(e) [PUP][Fichier] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang\res9999.ini -> Supprimé(e) [PUP][Répertoire] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Lang -> Supprimé(e) [PUP][Fichier] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\librtmp.dll -> Supprimé(e) [PUP][Fichier] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\libvlc.dll -> Supprimé(e) [PUP][Fichier] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\libvlccore.dll -> Supprimé(e) [PUP][Fichier] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\LICENSE -> Supprimé(e) [PUP][Fichier] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\manual.bat -> Supprimé(e) [PUP][Fichier] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\access\libfilesystem_plugin.dll -> Supprimé(e) [PUP][Répertoire] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\access -> Supprimé(e) [PUP][Fichier] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_filter\libaudio_format_plugin.dll -> Supprimé(e) [PUP][Fichier] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_filter\libtrivial_channel_mixer_plugin.dll -> Supprimé(e) [PUP][Fichier] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_filter\libugly_resampler_plugin.dll -> Supprimé(e) [PUP][Répertoire] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_filter -> Supprimé(e) [PUP][Fichier] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_mixer\libfloat_mixer_plugin.dll -> Supprimé(e) [PUP][Fichier] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_mixer\libinteger_mixer_plugin.dll -> Supprimé(e) [PUP][Répertoire] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_mixer -> Supprimé(e) [PUP][Fichier] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_output\libdirectsound_plugin.dll -> Supprimé(e) [PUP][Répertoire] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\audio_output -> Supprimé(e) [PUP][Fichier] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\codec\libavcodec_plugin.dll -> Supprimé(e) [PUP][Répertoire] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\codec -> Supprimé(e) [PUP][Fichier] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\plugins.dat -> Supprimé(e) [PUP][Fichier] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\video_filter\libswscale_plugin.dll -> Supprimé(e) [PUP][Répertoire] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\video_filter -> Supprimé(e) [PUP][Fichier] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\video_output\libdirect3d_plugin.dll -> Supprimé(e) [PUP][Fichier] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\video_output\libdrawable_plugin.dll -> Supprimé(e) [PUP][Fichier] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\video_output\libvmem_plugin.dll -> Supprimé(e) [PUP][Fichier] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\video_output\libwingdi_plugin.dll -> Supprimé(e) [PUP][Répertoire] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins\video_output -> Supprimé(e) [PUP][Répertoire] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\plugins -> Supprimé(e) [PUP][Fichier] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\scripts.yds -> Supprimé(e) [PUP][Fichier] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\Uninstall.exe -> Supprimé(e) [PUP][Fichier] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\ytd.exe -> Supprimé(e) [PUP][Répertoire] C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader -> Supprimé(e) ¤¤¤ Fichier Hosts : 0 ¤¤¤ ¤¤¤ Antirootkit : 0 (Driver: Chargé) ¤¤¤ ¤¤¤ Navigateurs web : 2 ¤¤¤ [PUP][FIREFX:Addon] e3v3i08p.default : Invite All (for Facebook) [jid0-zs24wecdcQo0Lp18D7QOV4WSZFo@jetpack] -> Supprimé(e) [PUP][CHROME:Addon] Default : Grammarly for Chrome [kbfnbcaeplbcioakkpcpgfkobkghlhen] -> Supprimé(e) ¤¤¤ Vérification MBR : ¤¤¤ +++++ PhysicalDrive0: WDC WD5000LPVX-60V0TT0 +++++ --- User --- [MBR] d9644f0a4f367e9c351dd22796edba4d [BSP] bc88146668d0a571e3c04b5048688c5c : Empty MBR Code Partition table: 0 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 2048 | Size: 400 MB 1 - [MAN-MOUNT] EFI system partition | Offset (sectors): 821248 | Size: 260 MB 2 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 1353728 | Size: 128 MB 3 - Basic data partition | Offset (sectors): 1615872 | Size: 461305 MB 4 - [SYSTEM][MAN-MOUNT] | Offset (sectors): 946370560 | Size: 861 MB 5 - [SYSTEM] Basic data partition | Offset (sectors): 948133888 | Size: 13979 MB User = LL1 ... OK User = LL2 ... OK