RogueKiller V12.8.3.0 [Nov 28 2016] (Gratuit) par Adlice Software email : http://www.adlice.com/contact/ Remontées : http://forum.adlice.com Site web : http://www.adlice.com/fr/download/roguekiller/ Blog : http://www.adlice.com Système d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 32 bits version Démarré en : Mode normal Utilisateur : Martine [Administrateur] Démarré depuis : C:\Users\Martine\Desktop\ROGUEKILLER.EXE Mode : Scan -- Date : 11/30/2016 13:46:31 (Durée : 00:48:16) ¤¤¤ Processus : 10 ¤¤¤ [PUP|PUP.Yac|VT.FraudTool.YAC] iSafeSvc.exe(932) -- C:\Program Files\Elex-tech\YAC\iSafeSvc.exe[7] -> Trouvé(e) [PUP|PUP.Yac|VT.FraudTool.YAC] iSafeSvc2.exe(1040) -- C:\Program Files\Elex-tech\YAC\iSafeSvc2.exe[7] -> Trouvé(e) [PUP|PUP.Yac|VT.FraudTool.YAC] iSafeTray.exe(3576) -- C:\Program Files\Elex-tech\YAC\iSafeTray.exe[7] -> Trouvé(e) [PUP|PUP.Yac|VT.FraudTool.YAC] iDskDllPatch.dll(3352) -- C:\Program Files\Elex-tech\YAC\iDskDllPatch.dll[7] -> Trouvé(e) [PUP|VT.FraudTool.YAC] (SVC) iSafeKrnl -- \??\C:\Program Files\Elex-tech\YAC\iSafeKrnl.sys[7] -> Trouvé(e) [PUP|VT.FraudTool.YAC] (SVC) iSafeKrnlKit -- \??\C:\Program Files\Elex-tech\YAC\iSafeKrnlKit.sys[7] -> Trouvé(e) [PUP|VT.FraudTool.YAC] (SVC) iSafeKrnlR3 -- \??\C:\Program Files\Elex-tech\YAC\iSafeKrnlR3.sys[7] -> Trouvé(e) [PUP|VT.FraudTool.YAC] (SVC) iSafeService -- C:\Program Files\Elex-tech\YAC\iSafeSvc.exe[7] -> Trouvé(e) [PUP] (SVC) iSafeNetFilter -- system32\DRIVERS\iSafeNetFilter.sys[x] -> Trouvé(e) [PUP|VT.FraudTool.YAC] (SVC) iSafeKrnlMon -- \??\C:\Program Files\Elex-tech\YAC\iSafeKrnlMon.sys[7] -> Trouvé(e) ¤¤¤ Registre : 21 ¤¤¤ [PUP] HKEY_LOCAL_MACHINE\Software\Elex-tech -> Trouvé(e) [PUP] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\iSafe -> Trouvé(e) [PUP|PUP.Yac|VT.FraudTool.YAC] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\iSafeKrnl (\??\C:\Program Files\Elex-tech\YAC\iSafeKrnl.sys) -> Trouvé(e) [PUP] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\iSafeKrnlBoot (system32\DRIVERS\iSafeKrnlBoot.sys) -> Trouvé(e) [PUP|PUP.Yac|VT.FraudTool.YAC] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\iSafeKrnlKit (\??\C:\Program Files\Elex-tech\YAC\iSafeKrnlKit.sys) -> Trouvé(e) [PUP|PUP.Yac|VT.FraudTool.YAC] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\iSafeKrnlMon (\??\C:\Program Files\Elex-tech\YAC\iSafeKrnlMon.sys) -> Trouvé(e) [PUP|PUP.Yac|VT.FraudTool.YAC] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\iSafeKrnlR3 (\??\C:\Program Files\Elex-tech\YAC\iSafeKrnlR3.sys) -> Trouvé(e) [PUP|PUP.Yac] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\iSafeNetFilter (system32\DRIVERS\iSafeNetFilter.sys) -> Trouvé(e) [PUP|PUP.Yac|VT.FraudTool.YAC] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\iSafeService (C:\Program Files\Elex-tech\YAC\iSafeSvc.exe) -> Trouvé(e) [PUP|PUP.Yac|VT.FraudTool.YAC] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\iSafeKrnl (\??\C:\Program Files\Elex-tech\YAC\iSafeKrnl.sys) -> Trouvé(e) [PUP] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\iSafeKrnlBoot (system32\DRIVERS\iSafeKrnlBoot.sys) -> Trouvé(e) [PUP|PUP.Yac|VT.FraudTool.YAC] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\iSafeKrnlKit (\??\C:\Program Files\Elex-tech\YAC\iSafeKrnlKit.sys) -> Trouvé(e) [PUP|PUP.Yac|VT.FraudTool.YAC] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\iSafeKrnlMon (\??\C:\Program Files\Elex-tech\YAC\iSafeKrnlMon.sys) -> Trouvé(e) [PUP|PUP.Yac|VT.FraudTool.YAC] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\iSafeKrnlR3 (\??\C:\Program Files\Elex-tech\YAC\iSafeKrnlR3.sys) -> Trouvé(e) [PUP|PUP.Yac] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\iSafeNetFilter (system32\DRIVERS\iSafeNetFilter.sys) -> Trouvé(e) [PUP|PUP.Yac|VT.FraudTool.YAC] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\iSafeService (C:\Program Files\Elex-tech\YAC\iSafeSvc.exe) -> Trouvé(e) [PUM.HomePage] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.istartsurf.com/?type=hppp&ts=1434454543&from=xtab&uid=AC0B1EBF48334751A61BD6D50C54269A -> Trouvé(e) [PUM.HomePage] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://www.istartsurf.com/?type=hppp&ts=1434454543&from=xtab&uid=AC0B1EBF48334751A61BD6D50C54269A -> Trouvé(e) [PUM.HomePage] HKEY_USERS\S-1-5-21-2787963296-4269164344-169216427-1000\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://www.istartsurf.com/?type=hppp&ts=1434454543&from=xtab&uid=AC0B1EBF48334751A61BD6D50C54269A -> Trouvé(e) [PUM.Policies] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Trouvé(e) [PUM.StartMenu] HKEY_USERS\S-1-5-21-2787963296-4269164344-169216427-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Trouvé(e) ¤¤¤ Tâches : 0 ¤¤¤ ¤¤¤ Fichiers : 2 ¤¤¤ [PUP][Répertoire] C:\Users\Martine\AppData\Roaming\Elex-tech -> Trouvé(e) [PUP][Répertoire] C:\Program Files\Elex-tech -> Trouvé(e) ¤¤¤ WMI : 0 ¤¤¤ ¤¤¤ Fichier Hosts : 0 ¤¤¤ ¤¤¤ Antirootkit : 0 (Driver: Chargé) ¤¤¤ ¤¤¤ Navigateurs web : 5 ¤¤¤ [PUM.HomePage][Firefox:Config] twzvgypb.default : user_pref("browser.startup.homepage", "http://www.nicesearches.com?type=hp&ts=1476171341&from=3a211011&uid=wdcxwd3200aaks-75l9a0_wd-wmav2y59765597655&z=61aa567c3aee36d5210b448g4zfmeqagem2g3c7efm"); -> Trouvé(e) [PUP|PUM.NewTab][Firefox:Config] twzvgypb.default : user_pref("browser.newtab.url", "http://www.nicesearches.com?type=hp&ts=1476171341&from=3a211011&uid=wdcxwd3200aaks-75l9a0_wd-wmav2y59765597655&z=61aa567c3aee36d5210b448g4zfmeqagem2g3c7efm"); -> Trouvé(e) [PUM.SearchEngine][Firefox:Config] twzvgypb.default : user_pref("browser.search.selectedEngine", "nice"); -> Trouvé(e) [PUM.SearchEngine][Firefox:Config] twzvgypb.default : user_pref("browser.search.defaultenginename", "nice"); -> Trouvé(e) [PUP|PUM.SearchEngine][Firefox:Config] twzvgypb.default : user_pref("browser.search.searchengine.url", "http://www.nicesearches.com/search.php?type=ds&ts=1479199851&from=3e881114&uid=wdcxwd3200aaks-75l9a0_wd-wmav2y59765597655&z=813acc351c248dc595d11d0g7z0mftfgatbt3bag3q&q={searchTerms}"); -> Trouvé(e) ¤¤¤ Vérification MBR : ¤¤¤ +++++ PhysicalDrive0: WDC WD3200AAKS-75L9A0 ATA Device +++++ --- User --- [MBR] 7d66c045dfc01b44f5ccd1437e3b912b [BSP] 43e2be632fa467e7e97cb39987fa84d2 : Windows Vista/7/8 MBR Code Partition table: 0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 78 MB 1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 161792 | Size: 9918 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] 2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 20473856 | Size: 295247 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] User = LL1 ... OK User = LL2 ... OK +++++ PhysicalDrive1: Samsung SSD 840 EVO 120G USB Device +++++ --- User --- [MBR] 392480f684d3d3c5dc3ea5b662f55816 [BSP] a0cd39258fc9816c0334dcbc3d7bc47f : HP|VT.Unknown MBR Code Partition table: 0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 114471 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] User = LL1 ... OK Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. ) +++++ PhysicalDrive2: Seagate Portable USB Device +++++ --- User --- [MBR] b12df605df986a6b138f0752342b2b9d [BSP] 8c9f4cec188e4ffb0e594f5c8cdedf99 : Windows XP|VT.Unknown MBR Code Partition table: 0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 238472 MB [Windows XP Bootstrap | Windows XP Bootloader] User = LL1 ... OK Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )