ÿþRogueKiller V12.9.0.0 (x64) [Dec 26 2016] (Premium) par Adlice Software email : http://www.adlice.com/contact/ Remontées : http://forum.adlice.com Site web : http://www.adlice.com/fr/download/roguekiller/ Blog : http://www.adlice.com Système d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Démarré en : Mode normal Utilisateur : nabil [Administrateur] Démarré depuis : C:\Program Files\RogueKiller\RogueKiller64.exe Mode : Scan -- Date : 12/29/2016 13:19:32 (Durée : 00:28:25) ¤¤¤ Processus : 0 ¤¤¤ ¤¤¤ Registre : 26 ¤¤¤ [PUP.Gen1] (X86) HKEY_LOCAL_MACHINE\Software\Myfree Codec -> Trouvé(e) [PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-562870371-3727511220-3748967717-1000\Software\Myfree Codec -> Trouvé(e) [PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-562870371-3727511220-3748967717-1000\Software\Myfree Codec -> Trouvé(e) [PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-562870371-3727511220-3748967717-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec -> Trouvé(e) [PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-562870371-3727511220-3748967717-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec -> Trouvé(e) [PUP.Gen0] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\LavasoftTcpService (C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe) -> Trouvé(e) [PUP.Gen0] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WCAssistantService (C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe) -> Trouvé(e) [PUP.Gen0] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\LavasoftTcpService (C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe) -> Trouvé(e) [PUP.Gen0] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\WCAssistantService (C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe) -> Trouvé(e) [PUM.Proxy] (X64) HKEY_USERS\S-1-5-21-562870371-3727511220-3748967717-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings | AutoConfigUrl : -> Trouvé(e) [PUM.Proxy] (X86) HKEY_USERS\S-1-5-21-562870371-3727511220-3748967717-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings | AutoConfigUrl : -> Trouvé(e) [PUM.Proxy] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NlaSvc\Parameters\Internet\ManualProxies | (default) : 0http://noblocking.biz/wpad.dat?0a5e52b151fad29631d3603866616c0d22785202 -> Trouvé(e) [PUM.Proxy] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\NlaSvc\Parameters\Internet\ManualProxies | (default) : 0http://noblocking.biz/wpad.dat?0a5e52b151fad29631d3603866616c0d22785202 -> Trouvé(e) [PUP.HackTool|Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {AA2FAC26-269F-45FD-B08D-89378F00C9F1} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=1688|App=C:\Windows\KMS-R@1n.exe|Name=KMS-R@1n| [x] -> Trouvé(e) [PUP.HackTool|Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {81709E4C-9BD6-49EF-B2F6-79264BC992A0} : v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|LPort=1688|App=C:\Windows\KMS-R@1n.exe|Name=KMS-R@1n| [x] -> Trouvé(e) [PUP.HackTool|Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {AA2FAC26-269F-45FD-B08D-89378F00C9F1} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=1688|App=C:\Windows\KMS-R@1n.exe|Name=KMS-R@1n| [x] -> Trouvé(e) [PUP.HackTool|Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {81709E4C-9BD6-49EF-B2F6-79264BC992A0} : v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|LPort=1688|App=C:\Windows\KMS-R@1n.exe|Name=KMS-R@1n| [x] -> Trouvé(e) [PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Trouvé(e) [PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Trouvé(e) [PUM.SecurityCenter] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Security Center | UpdatesDisableNotify : 1 -> Trouvé(e) [PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-562870371-3727511220-3748967717-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowHelp : 0 -> Trouvé(e) [PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-562870371-3727511220-3748967717-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowRecentDocs : 0 -> Trouvé(e) [PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-562870371-3727511220-3748967717-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowSetProgramAccessAndDefaults : 0 -> Trouvé(e) [PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-562870371-3727511220-3748967717-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowHelp : 0 -> Trouvé(e) [PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-562870371-3727511220-3748967717-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowRecentDocs : 0 -> Trouvé(e) [PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-562870371-3727511220-3748967717-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowSetProgramAccessAndDefaults : 0 -> Trouvé(e) ¤¤¤ Tâches : 0 ¤¤¤ ¤¤¤ Fichiers : 12 ¤¤¤ [PUP.Gen1][Répertoire] C:\ProgramData\Lavasoft\Web Companion -> Trouvé(e) [PUP.Gen1][Répertoire] C:\ProgramData\PC Faster -> Trouvé(e) [PUP.HackTool][Fichier] C:\Windows\KMS-R@1nHook.exe -> Trouvé(e) [PUP.Gen1][Répertoire] C:\Users\nabil\AppData\Roaming\PC Faster -> Trouvé(e) [Tr.Gen0][Fichier] C:\Users\nabil\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe -> Trouvé(e) [Tr.Gen0][Fichier] C:\Users\nabil\AppData\Roaming\uTorrent\updates\3.4.8_42449\utorrentie.exe -> Trouvé(e) [Tr.Gen0][Fichier] C:\Users\nabil\AppData\Roaming\uTorrent\updates\3.4.8_42576\utorrentie.exe -> Trouvé(e) [PUP.Gen1][Répertoire] C:\ProgramData\Lavasoft\Web Companion -> Trouvé(e) [PUP.Gen1][Répertoire] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec -> Trouvé(e) [PUP.Gen1][Répertoire] C:\ProgramData\PC Faster -> Trouvé(e) [PUP.Gen1][Répertoire] C:\Program Files (x86)\MyFree Codec -> Trouvé(e) [PUP.Gen3][Fichier] C:\Users\nabil\AppData\Roaming\Mozilla\Firefox\Profiles\v8zu60c4.default\searchplugins\yahoo-lavasoft.xml -> Trouvé(e) ¤¤¤ WMI : 0 ¤¤¤ ¤¤¤ Fichier Hosts : 0 [Too big!] ¤¤¤ ¤¤¤ Antirootkit : 0 (Driver: Chargé) ¤¤¤ ¤¤¤ Navigateurs web : 3 ¤¤¤ [PUM.Proxy][Firefox:Config] v8zu60c4.default : user_pref("network.proxy.http", "41.250.60.9"); -> Trouvé(e) [PUM.Proxy][Firefox:Config] v8zu60c4.default : user_pref("network.proxy.http_port", 8571); -> Trouvé(e) [PUM.Proxy][Firefox:Config] v8zu60c4.default : user_pref("network.proxy.type", 4); -> Trouvé(e) ¤¤¤ Vérification MBR : ¤¤¤ +++++ PhysicalDrive0: Hitachi HTS543232A7A384 ATA Device +++++ --- User --- [MBR] 2d22488cfe01734888dd1eb77dbbe415 [BSP] 6a35166a4d37e2bdb5204188c0e82258 : Windows Vista/7/8|VT.Unknown MBR Code Partition table: 0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 350 MB [Windows XP Bootstrap | Windows XP Bootloader] 1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 718848 | Size: 40964 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] 2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 84613120 | Size: 263928 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] User = LL1 ... OK User = LL2 ... OK +++++ PhysicalDrive1: Multiple Card Reader USB Device +++++ Error reading User MBR! ([15] Le périphérique n?est pas prêt. ) Error reading LL1 MBR! NOT VALID! Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )