RogueKiller V10.10.1.0 [Aug 17 2015] par Adlice Software
email : http://www.adlice.com/contact/
Remontées : http://forum.adlice.com
Site web : http://www.adlice.com/fr/logiciels/roguekiller/
Blog : http://www.adlice.com

Système d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Démarré en  : Mode sans échec prise en charge réseau
Utilisateur : Victor [Administrateur]
Démarré depuis : C:\Users\Victor.pc-PC.001\Desktop\RogueKiller.exe
Mode : Suppression -- Date : 08/20/2015 21:36:04

¤¤¤ Processus : 0 ¤¤¤

¤¤¤ Registre : 8 ¤¤¤
[PUP] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | 3D BubbleSound : "C:\Program Files\BubbleSound\3D BubbleSound.exe" [x] -> Supprimé(e)
[PUP] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | Windesk Winsearch : C:\Program Files (x86)\WindeskWinsearch\Windesk Winsearch.exe [x] -> Supprimé(e)
[PUP] (X64) HKEY_USERS\S-1-5-21-4262996136-3617272635-2497329360-1012\Software\Microsoft\Windows\CurrentVersion\RunOnce | PennyBee :   -> Supprimé(e)
[PUP] (X86) HKEY_USERS\S-1-5-21-4262996136-3617272635-2497329360-1012\Software\Microsoft\Windows\CurrentVersion\RunOnce | PennyBee :   -> ERROR [2]
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\pidijupo (C:\Users\Normal\AppData\Roaming\B3C3ED1C-1428596512-E011-A408-1C7508A31ABB\jnsc7619.tmp) -> Supprimé(e)
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\zifumoqo (C:\Users\Normal\AppData\Roaming\B3C3ED1C-1428596512-E011-A408-1C7508A31ABB\nsh41CA.tmpfs) -> Supprimé(e)
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\pidijupo (C:\Users\Normal\AppData\Roaming\B3C3ED1C-1428596512-E011-A408-1C7508A31ABB\jnsc7619.tmp) -> Supprimé(e)
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\zifumoqo (C:\Users\Normal\AppData\Roaming\B3C3ED1C-1428596512-E011-A408-1C7508A31ABB\nsh41CA.tmpfs) -> Supprimé(e)

¤¤¤ Tâches : 6 ¤¤¤
[Suspicious.Path] %WINDIR%\Tasks\EasyFix.job -- c:\programdata\{589cf8ba-be49-247d-589c-cf8babe4e2ea}\nsy7850.tmp.exe (--startup=1 --single) -> Supprimé(e)
[Suspicious.Path] %WINDIR%\Tasks\Inst_Rep.job -- C:\Users\Normal\AppData\Local\Installer\Install_22533\DCytdieamodc_amodc_setup.exe (/S /REPORT /NUM=10 /AFF=amodcI010924_0_0_0_0,e3b8de2d-947d-40f9-93e0-d4caa5b63652,/S /MAG=AMODC /SUB=10924) -> Supprimé(e)
[PUP] %WINDIR%\Tasks\PCPrivacyDock_Popup.job -- C:\Program Files (x86)\PC Privacy Dock\Splash.exe -> Supprimé(e)
[Suspicious.Path] %WINDIR%\Tasks\PostPoneInstall.job -- C:\Users\Normal\AppData\Local\Temp\ce98ac2e-20c0-4a93-86f6-bdb3e61caf55.exe (C:\Users\Normal\AppData\Local\Temp\ce98ac2e-20c0-4a93-86f6-bdb3e61caf55.exe /INSTALL /dwlurl=http://dl.newstatsdemosrv.com/appsi/icinem/setup.exe /zdata=appinstanceuid%3ddd18b683-a21e-4e91-9e0d-5b11610534c0%26appkey%3d3c91fcc2-ce59-42b3-b901-f68079520898  /bagkey=Knskn3UP /configurationfields=341 /configid=262 --make-default-browser=true -AppInstanceUid=DD18B683-A21E-4E91-9E0D-5B11610534C0) -> Supprimé(e)
[Suspicious.Path] %WINDIR%\Tasks\Run_Bobby_Browser.job -- C:\Users\Normal\AppData\Local\BoBrowser\Application\bobrowser.exe (--no-startup-window) -> Supprimé(e)
[Suspicious.Path] %WINDIR%\Tasks\Run_Browser.job -- C:\Users\Normal\AppData\Local\UnicoBrowser\Application\unicobrowser.exe (--no-startup-window) -> Supprimé(e)

¤¤¤ Fichiers : 0 ¤¤¤

¤¤¤ Fichier Hosts : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Non chargé [0xc000035f]) ¤¤¤

¤¤¤ Navigateurs web : 0 ¤¤¤

¤¤¤ Vérification MBR : ¤¤¤
+++++ PhysicalDrive0: ST9500325AS ATA Device +++++
--- User ---
[MBR] 5cf508b924193ffd4bce0b5e910c4657
[BSP] df05e0d83a75ec59b111f9884c81c14e : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 476838 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK