RogueKiller V12.11.13.0 (x64) [Sep 4 2017] (Gratuit) par Adlice Software email : http://www.adlice.com/fr/contact/ Remontées : https://forum.adlice.com Site web : http://www.adlice.com/fr/download/roguekiller/ Blog : http://www.adlice.com/fr/ Système d'exploitation : Windows 8.1 (6.3.9600) 64 bits version Démarré en : Mode normal Utilisateur : Griffu [Administrateur] Démarré depuis : C:\Users\Aptinia\Downloads\RogueKillerX64.exe Mode : Scan -- Date : 09/09/2017 19:58:31 (Durée : 00:34:08) ¤¤¤ Processus : 0 ¤¤¤ ¤¤¤ Registre : 10 ¤¤¤ [PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-3252788328-853933333-2693396642-1001\Software\Distromatic -> Trouvé(e) [PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-3252788328-853933333-2693396642-1001\Software\Distromatic -> Trouvé(e) [PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-3252788328-853933333-2693396642-1001\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://asus13.msn.com/?pc=ASJB -> Trouvé(e) [PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-3252788328-853933333-2693396642-1001\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://asus13.msn.com/?pc=ASJB -> Trouvé(e) [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{E7CC550D-ADB4-42AB-AB3F-BFB94F9B75D6}C:\users\aptinia\appdata\local\mycomgames\mycomgames.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\users\aptinia\appdata\local\mycomgames\mycomgames.exe|Name=mycomgames.exe|Desc=mycomgames.exe|Defer=User| [x] -> Trouvé(e) [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{72551D27-4BF5-43C4-B8A4-8C1B65F39425}C:\users\aptinia\appdata\local\mycomgames\mycomgames.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\users\aptinia\appdata\local\mycomgames\mycomgames.exe|Name=mycomgames.exe|Desc=mycomgames.exe|Defer=User| [x] -> Trouvé(e) [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {D8752852-8EFB-4CAD-B612-66B7B68F287F} : v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Users\Aptinia\AppData\Local\Temp\QQVipDownloader\mhfc_1495528350_1096\MiniQQDL.exe|Name=ÌÚѶ²úÆ·ÏÂÔØ×é¼þ| [x] -> Trouvé(e) [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {4FD317D8-5C77-4551-8452-3ADACAB9931A} : v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Users\Aptinia\AppData\Local\Temp\QQVipDownloader\mhfc_1495528350_1096\MiniQQDL.exe|Name=ÌÚѶ²úÆ·ÏÂÔØ×é¼þ| [x] -> Trouvé(e) [PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Trouvé(e) [PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Trouvé(e) ¤¤¤ Tâches : 0 ¤¤¤ ¤¤¤ Fichiers : 2 ¤¤¤ [PUP.Gen0][Fichier] C:\Windows\Reimage.ini -> Trouvé(e) [PUP.Gen1][Répertoire] C:\Users\Aptinia\AppData\Roaming\Tencent -> Trouvé(e) ¤¤¤ WMI : 0 ¤¤¤ ¤¤¤ Fichier Hosts : 0 ¤¤¤ ¤¤¤ Antirootkit : 0 (Driver: Chargé) ¤¤¤ ¤¤¤ Navigateurs web : 0 ¤¤¤ ¤¤¤ Vérification MBR : ¤¤¤ +++++ PhysicalDrive0: WDC WD10EZEX-22BN5A0 +++++ --- User --- [MBR] aab8584874e1478a58571fe4f2555d74 [BSP] e593436385241cb7bfdb2e0892d451f5 : Unknown MBR Code Partition table: 0 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 2048 | Size: 800 MB 1 - [MAN-MOUNT] EFI system partition | Offset (sectors): 1640448 | Size: 260 MB 2 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 2172928 | Size: 128 MB 3 - Basic data partition | Offset (sectors): 2435072 | Size: 153600 MB 4 - Basic data partition | Offset (sectors): 317007872 | Size: 780744 MB 5 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 1915971584 | Size: 18336 MB User = LL1 ... OK User = LL2 ... OK