RogueKiller V12.11.14.0 (x64) [Sep 11 2017] (Gratuit) par Adlice Software
email : http://www.adlice.com/fr/contact/
Remontées : https://forum.adlice.com
Site web : http://www.adlice.com/fr/download/roguekiller/
Blog : http://www.adlice.com/fr/

Système d'exploitation : Windows 10 (10.0.14393) 64 bits version
Démarré en  : Mode normal
Utilisateur : AntoineNb [Administrateur]
Démarré depuis : C:\Program Files\RogueKiller\RogueKiller64.exe
Mode : Scan -- Date : 09/17/2017 10:15:20 (Durée : 23:18:37)
Commutateurs : -refid

¤¤¤ Processus : 0 ¤¤¤

¤¤¤ Registre : 8 ¤¤¤
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-21514658-176086606-4257457094-1002\Software\Microsoft\Internet Explorer\Main | Start Page : http://r.orange.fr/r/Oodc_IE_oi_v2?ref=O_OI_defaultPage_IE_promoHP  -> Trouvé(e)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-21514658-176086606-4257457094-1002\Software\Microsoft\Internet Explorer\Main | Start Page : http://r.orange.fr/r/Oodc_IE_oi_v2?ref=O_OI_defaultPage_IE_promoHP  -> Trouvé(e)
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-21514658-176086606-4257457094-1002\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://acer13.msn.com/?pc=APJB  -> Trouvé(e)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-21514658-176086606-4257457094-1002\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://acer13.msn.com/?pc=APJB  -> Trouvé(e)
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 193.252.165.234 ([France])  -> Trouvé(e)
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{87335c07-2af6-4a17-887d-3dd50ffbf2ce} | DhcpNameServer : 193.252.165.234 ([France])  -> Trouvé(e)
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{EF54007D-6C76-42C8-9334-56EB43480130}C:\users\antoinenb\appdata\local\roblox\versions\version-59d9f194d92d441b\robloxstudiobeta.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=C:\users\antoinenb\appdata\local\roblox\versions\version-59d9f194d92d441b\robloxstudiobeta.exe|Name=robloxstudiobeta.exe|Desc=robloxstudiobeta.exe|Defer=User| [x] -> Trouvé(e)
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{4537C71C-7BB0-4217-9969-FEAB35B12E3C}C:\users\antoinenb\appdata\local\roblox\versions\version-59d9f194d92d441b\robloxstudiobeta.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=C:\users\antoinenb\appdata\local\roblox\versions\version-59d9f194d92d441b\robloxstudiobeta.exe|Name=robloxstudiobeta.exe|Desc=robloxstudiobeta.exe|Defer=User| [x] -> Trouvé(e)

¤¤¤ Tâches : 0 ¤¤¤

¤¤¤ Fichiers : 10 ¤¤¤
[Hj.Shortcut][Fichier] C:\Users\Public\Desktop\Google Chrome.lnk [LNK@] C:\PROGRA~2\Google\Chrome\APPLIC~1\chrome.exe http://r.orange.fr/r/Oodc_CHshortcut_oi_v2?ref=O_OI_defaultPage_CH_promoHP_shortcut -> Trouvé(e)
[Hj.Shortcut][Fichier] C:\Users\AntoineNb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk [LNK@] C:\PROGRA~1\INTERN~1\iexplore.exe http://r.orange.fr/r/Oodc_IEshortcut_oi_v2?ref=O_OI_defaultPage_IE_promoHP_shortcut -> Trouvé(e)
[Hj.Shortcut][Fichier] C:\Users\AntoineNb\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [LNK@] C:\PROGRA~2\Google\Chrome\APPLIC~1\chrome.exe http://r.orange.fr/r/Oodc_CHshortcut_oi_v2?ref=O_OI_defaultPage_CH_promoHP_shortcut -> Trouvé(e)
[Hj.Shortcut][Fichier] C:\Users\AntoineNb\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [LNK@] C:\PROGRA~1\INTERN~1\iexplore.exe http://r.orange.fr/r/Oodc_IEshortcut_oi_v2?ref=O_OI_defaultPage_IE_promoHP_shortcut -> Trouvé(e)
[Hj.Shortcut][Fichier] C:\Users\AntoineNb\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk [LNK@] C:\PROGRA~2\Google\Chrome\APPLIC~1\chrome.exe http://r.orange.fr/r/Oodc_CHshortcut_oi_v2?ref=O_OI_defaultPage_CH_promoHP_shortcut -> Trouvé(e)
[Hj.Shortcut][Fichier] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk [LNK@] C:\PROGRA~2\Google\Chrome\APPLIC~1\chrome.exe http://r.orange.fr/r/Oodc_CHshortcut_oi_v2?ref=O_OI_defaultPage_CH_promoHP_shortcut -> Trouvé(e)
[PUP.AutoIt.Gen][Fichier] C:\Users\AntoineNb\Desktop\AutoClicker.exe -> Trouvé(e)
[PUP.AutoIt.Gen][Fichier] C:\Users\AntoineNb\Desktop\OneClick2RP.exe -> Trouvé(e)
[Hj.Shortcut][Fichier] C:\Users\Public\Desktop\Google Chrome.lnk [LNK@] C:\PROGRA~2\Google\Chrome\APPLIC~1\chrome.exe http://r.orange.fr/r/Oodc_CHshortcut_oi_v2?ref=O_OI_defaultPage_CH_promoHP_shortcut -> Trouvé(e)
[Hj.Shortcut][Fichier] C:\Users\AntoineNb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk [LNK@] C:\PROGRA~1\INTERN~1\iexplore.exe http://r.orange.fr/r/Oodc_IEshortcut_oi_v2?ref=O_OI_defaultPage_IE_promoHP_shortcut -> Trouvé(e)

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Fichier Hosts : 0 [Too big!] ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Chargé) ¤¤¤

¤¤¤ Navigateurs web : 0 ¤¤¤

¤¤¤ Vérification MBR : ¤¤¤
+++++ PhysicalDrive0:  +++++
--- User ---
[MBR] d03119433fdbd98821f9fd9fee01600b
[BSP] db0e47bf117d07620784bd0e2fdeb7b0 : Empty MBR Code
Partition table:
0 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 2048 | Size: 600 MB
1 - [MAN-MOUNT] EFI system partition | Offset (sectors): 1230848 | Size: 300 MB
2 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 1845248 | Size: 128 MB
3 - Basic data partition | Offset (sectors): 2107392 | Size: 936256 MB
4 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 1919559680 | Size: 16584 MB
User = LL1 ... OK
User = LL2 ... OK