RogueKiller V12.9.7.0 (x64) [Feb 6 2017] (Gratuit) par Adlice Software email : http://www.adlice.com/contact/ Remontes : http://forum.adlice.com Site web : http://www.adlice.com/fr/download/roguekiller/ Blog : http://www.adlice.com Systme d'exploitation : Windows 10 (10.0.14393) 64 bits version Dmarr en : Mode normal Utilisateur : shagu [Administrateur] Dmarr depuis : C:\Users\shagu\Desktop\RogueKillerX64.exe Mode : Scan -- Date : 02/20/2017 16:22:28 (Dure : 00:36:24) Processus : 1 [Root.Wajam] (SVC) 7ad9afa1fb34e2ffbfe2d9be24eea4c0 -- system32\drivers\7ad9afa1fb34e2ffbfe2d9be24eea4c0.sys[-] -> Trouv(e) Registre : 40 [PUP.Gen0] (X64) HKEY_CLASSES_ROOT\CLSID\{2FB831EA-DA68-4A66-8E31-A2D976A6296C} (C:\Program Files\\X64\KZipShell.dll) -> Trouv(e) [PUP.Gen0] (X64) HKEY_CLASSES_ROOT\CLSID\{3DCCD550-7586-40D2-A51D-D2F98EC06B3C} (C:\Program Files\\X64\KZipShell.dll) -> Trouv(e) [PUP.Gen0] (X64) HKEY_CLASSES_ROOT\CLSID\{6ADF19E3-77A3-4395-ADB4-9FD7D351EB3E} (C:\Program Files\\X64\KZipShell.dll) -> Trouv(e) [PUP.Gen0] (X64) HKEY_CLASSES_ROOT\CLSID\{C9487131-EF4C-40D9-BA70-E85356CAF67E} (C:\Program Files\\X64\KZipShell.dll) -> Trouv(e) [PUP.UCBrowser|PUP.Gen1] (X64) HKEY_LOCAL_MACHINE\Software\UCBrowser -> Trouv(e) [PUP.Gen1] (X86) HKEY_LOCAL_MACHINE\Software\ByteFence -> Trouv(e) [PUP.Gen1] (X86) HKEY_LOCAL_MACHINE\Software\SearchModule -> Trouv(e) [PUP.UCBrowser|PUP.Gen1] (X86) HKEY_LOCAL_MACHINE\Software\UCBrowser -> Trouv(e) [PUP.Gen1] (X86) HKEY_LOCAL_MACHINE\Software\UCBrowserPID -> Trouv(e) [PUP.UCBrowser|PUP.Gen1] (X64) HKEY_USERS\.DEFAULT\Software\UCBrowser -> Trouv(e) [PUP.UCBrowser|PUP.Gen1] (X86) HKEY_USERS\.DEFAULT\Software\UCBrowser -> Trouv(e) [PUP.UCBrowser|PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-1826273261-1479682476-3830217024-1000\Software\UCBrowser -> Trouv(e) [PUP.UCBrowser|PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-1826273261-1479682476-3830217024-1000\Software\UCBrowser -> Trouv(e) [PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-1826273261-1479682476-3830217024-1001\Software\AutoTime -> Trouv(e) [PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-1826273261-1479682476-3830217024-1001\Software\ByteFence -> Trouv(e) [PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-1826273261-1479682476-3830217024-1001\Software\cacaoweb -> Trouv(e) [PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-1826273261-1479682476-3830217024-1001\Software\Installer -> Trouv(e) [PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-1826273261-1479682476-3830217024-1001\Software\SNDA -> Trouv(e) [PUP.UCBrowser|PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-1826273261-1479682476-3830217024-1001\Software\UCBrowser -> Trouv(e) [PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-1826273261-1479682476-3830217024-1001\Software\UCBrowserPID -> Trouv(e) [PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-1826273261-1479682476-3830217024-1001\Software\AutoTime -> Trouv(e) [PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-1826273261-1479682476-3830217024-1001\Software\ByteFence -> Trouv(e) [PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-1826273261-1479682476-3830217024-1001\Software\cacaoweb -> Trouv(e) [PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-1826273261-1479682476-3830217024-1001\Software\Installer -> Trouv(e) [PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-1826273261-1479682476-3830217024-1001\Software\SNDA -> Trouv(e) [PUP.UCBrowser|PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-1826273261-1479682476-3830217024-1001\Software\UCBrowser -> Trouv(e) [PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-1826273261-1479682476-3830217024-1001\Software\UCBrowserPID -> Trouv(e) [PUP.UCBrowser|PUP.Gen1] (X64) HKEY_USERS\S-1-5-18\Software\UCBrowser -> Trouv(e) [PUP.UCBrowser|PUP.Gen1] (X86) HKEY_USERS\S-1-5-18\Software\UCBrowser -> Trouv(e) [PUP.WikiThemes] (X64) HKEY_USERS\S-1-5-21-1826273261-1479682476-3830217024-1001\Software\AppDataLow\Software\WikiThemes -> Trouv(e) [PUP.WikiThemes] (X86) HKEY_USERS\S-1-5-21-1826273261-1479682476-3830217024-1001\Software\AppDataLow\Software\WikiThemes -> Trouv(e) [PUP.Gen1] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\ByteFence -> Trouv(e) [PUP.Gen0] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\KzShlobj | (default) : {AAA0C5B8-933F-4200-93AD-B143D7FFF9F2} -> Trouv(e) [PUP.Gen0|PUP.Gen1|Suspicious.Path] (X64) HKEY_USERS\S-1-5-21-1826273261-1479682476-3830217024-1001\Software\Microsoft\Windows\CurrentVersion\Run | cacaoweb : "C:\Users\shagu\AppData\Roaming\cacaoweb\cacaoweb.exe" -noplayer [x] -> Trouv(e) [PUP.Gen0|PUP.Gen1|Suspicious.Path] (X86) HKEY_USERS\S-1-5-21-1826273261-1479682476-3830217024-1001\Software\Microsoft\Windows\CurrentVersion\Run | cacaoweb : "C:\Users\shagu\AppData\Roaming\cacaoweb\cacaoweb.exe" -noplayer [x] -> Trouv(e) [Root.Wajam] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\7ad9afa1fb34e2ffbfe2d9be24eea4c0 (system32\drivers\7ad9afa1fb34e2ffbfe2d9be24eea4c0.sys) -> Trouv(e) [PUP.Gen0|PUP.UCBrowser] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\UCBrowserSvc ("C:\Program Files (x86)\UCBrowser\Application\UCService.exe") -> Trouv(e) [PUP.UCBrowser] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {D94D5721-45E3-46BD-B548-4EEF07536625} : v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe|Name=Chromium (mDNS-In)|Desc=Rgle de trafic entrant pour Chromium autorisant le trafic mDNS|EmbedCtxt=UC???| [x] -> Trouv(e) [PUP.UCBrowser] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {9A8D0E29-5E79-49EE-B1BE-4BDEB9F8AE95} : v2.26|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe|Name=UC??|Desc=UC??| [x] -> Trouv(e) [PUP.UCBrowser] (X86) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{65122CB0-EA0F-47DF-A953-017170ED12F9} | StubPath : "C:\Program Files (x86)\UCBrowser\Application\6.0.1471.913\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --wow-install-target-path="C:\Program Files (x86)\UCBrowser" [x] -> Trouv(e) Tches : 3 [PUP.UCBrowser] \UCBrowserSecureUpdater -- "C:\Program Files (x86)\UCBrowser\Security\uclauncher.exe" (--update-config) -> Trouv(e) [PUP.UCBrowser] \UCBrowserUpdater -- C:\Program Files (x86)\UCBrowser\Application\update_task.exe (/update) -> Trouv(e) [PUP.UCBrowser] \UCBrowserUpdaterCore -- C:\Program Files (x86)\UCBrowser\Application\update_task.exe (/task=1) -> Trouv(e) Fichiers : 12 [PUP.Gen1][Rpertoire] C:\ProgramData\WindowsMsg -> Trouv(e) [PUP.Gen0][Fichier] C:\Users\shagu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Int?rn?t ??pl?r?r.lnk [LNK@] C:\Users\shagu\AppData\Roaming\Browsers\exe.erolpxei.bat -> Trouv(e) [PUP.Gen0][Fichier] C:\Users\shagu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\G??gle Chr?m?.lnk [LNK@] C:\Users\shagu\AppData\Roaming\Browsers\exe.emorhc.bat -> Trouv(e) [Ads.Generic|Hidden.ADS][Flux] C:\Windows\System32\drivers:ucdrv-x64.sys -> Trouv(e) [Ads.Generic|Hidden.ADS][Flux] C:\Windows\System32\drivers:x64 -> Trouv(e) [Ads.Generic|Hidden.ADS][Flux] C:\Windows\System32\drivers:x86 -> Trouv(e) [Root.Wajam][Fichier] C:\Windows\System32\drivers\7ad9afa1fb34e2ffbfe2d9be24eea4c0.sys -> Trouv(e) [PUP.Gen1][Rpertoire] C:\Users\shagu\AppData\Local\DownloadManager -> Trouv(e) [PUP.WikiThemes][Rpertoire] C:\Users\shagu\AppData\Local\WikiThemes -> Trouv(e) [PUP.Gen0][Fichier] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G?ogl? ?hr?m?.lnk [LNK@] C:\Users\shagu\AppData\Roaming\Browsers\exe.emorhc.bat -> Trouv(e) [PUP.Gen1][Rpertoire] C:\ProgramData\WindowsMsg -> Trouv(e) [PUP.Gen0][Fichier] C:\Users\shagu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Int?rn?t ??pl?r?r.lnk [LNK@] C:\Users\shagu\AppData\Roaming\Browsers\exe.erolpxei.bat -> Trouv(e) WMI : 0 Fichier Hosts : 0 Antirootkit : 0 (Driver: Charg) Navigateurs web : 0 Vrification MBR : +++++ PhysicalDrive0: WDC WD3200BPVT-22JJ5T0 +++++ --- User --- [MBR] 2f0913784ab8f50d586c90c33b724942 [BSP] f650f734991eff7e9b7ff4609359d1aa : Windows Vista/7/8|VT.Unknown MBR Code Partition table: 0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 15360 MB 1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 31459328 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] 2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 31664128 | Size: 289783 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] User = LL1 ... OK User = LL2 ... OK