RogueKiller V12.10.2.0 (x64) [Mar 27 2017] (Gratuit) par Adlice Software email : http://www.adlice.com/contact/ Remontées : https://forum.adlice.com Site web : http://www.adlice.com/fr/download/roguekiller/ Blog : http://www.adlice.com Système d'exploitation : Windows 10 (10.0.10586) 64 bits version Démarré en : Mode normal Utilisateur : TEST [Administrateur] Démarré depuis : C:\Users\TEST\Desktop\RogueKillerX64.exe Mode : Scan -- Date : 04/01/2017 10:59:49 (Durée : 00:41:42) ¤¤¤ Processus : 0 ¤¤¤ ¤¤¤ Registre : 15 ¤¤¤ [PUP.Gen0] (X64) HKEY_CLASSES_ROOT\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113} -> Trouvé(e) [PUP.Gen0] (X64) HKEY_CLASSES_ROOT\CLSID\{BAC72C85-CEC6-4B86-AF06-FA20C259FAB8} (C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonBrowserHelper64.dll) -> Trouvé(e) [PUP.Gen0] (X64) HKEY_CLASSES_ROOT\CLSID\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE} (C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonAppIE64.dll) -> Trouvé(e) [PUP.Gen1] (X64) HKEY_CLASSES_ROOT\CLSID\{E4ADC61E-D06A-4E0E-8582-78C809CC8450} (C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonAppIE64.dll) -> Trouvé(e) [PUP.Gen0] (X64) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar | {ae07101b-46d4-4a98-af68-0333ea26e113} : Smartbar -> Trouvé(e) [Suspicious.Path] (X64) HKEY_USERS\S-1-5-21-2963462591-155463322-2120750002-1000\Software\Microsoft\Windows\CurrentVersion\Run | MyComGames : "C:\Users\TEST\AppData\Local\MyComGames\MyComGames.exe" -autostart [7] -> Trouvé(e) [Suspicious.Path] (X86) HKEY_USERS\S-1-5-21-2963462591-155463322-2120750002-1000\Software\Microsoft\Windows\CurrentVersion\Run | MyComGames : "C:\Users\TEST\AppData\Local\MyComGames\MyComGames.exe" -autostart [7] -> Trouvé(e) [PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-2963462591-155463322-2120750002-1000\Software\Microsoft\Internet Explorer\Main | Search Page : http://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=CH&userid=606f62de-b1fa-4ffe-9a2a-0bcad4db9b17&searchtype=ds&q={searchTerms}&installDate=09/03/2013 -> Trouvé(e) [PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-2963462591-155463322-2120750002-1000\Software\Microsoft\Internet Explorer\Main | Search Page : http://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=CH&userid=606f62de-b1fa-4ffe-9a2a-0bcad4db9b17&searchtype=ds&q={searchTerms}&installDate=09/03/2013 -> Trouvé(e) [PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-2963462591-155463322-2120750002-1000\Software\Microsoft\Internet Explorer\Main | Search Bar : http://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=CH&userid=606f62de-b1fa-4ffe-9a2a-0bcad4db9b17&searchtype=ds&q={searchTerms}&installDate=09/03/2013 -> Trouvé(e) [PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-2963462591-155463322-2120750002-1000\Software\Microsoft\Internet Explorer\Main | Search Bar : http://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=CH&userid=606f62de-b1fa-4ffe-9a2a-0bcad4db9b17&searchtype=ds&q={searchTerms}&installDate=09/03/2013 -> Trouvé(e) [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{35874AC6-5C2D-4D8A-9C66-F3D98E11261F}C:\users\test\appdata\local\mycomgames\mycomgames.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\users\test\appdata\local\mycomgames\mycomgames.exe|Name=mycomgames.exe|Desc=mycomgames.exe| [7] -> Trouvé(e) [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{81AC2CA7-0310-4C89-9EE6-EB74C2AC94A7}C:\users\test\appdata\local\mycomgames\mycomgames.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\users\test\appdata\local\mycomgames\mycomgames.exe|Name=mycomgames.exe|Desc=mycomgames.exe| [7] -> Trouvé(e) [PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-2963462591-155463322-2120750002-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Trouvé(e) [PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-2963462591-155463322-2120750002-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Trouvé(e) ¤¤¤ Tâches : 0 ¤¤¤ ¤¤¤ Fichiers : 0 ¤¤¤ ¤¤¤ WMI : 0 ¤¤¤ ¤¤¤ Fichier Hosts : 0 ¤¤¤ ¤¤¤ Antirootkit : 0 (Driver: Chargé) ¤¤¤ ¤¤¤ Navigateurs web : 0 ¤¤¤ ¤¤¤ Vérification MBR : ¤¤¤ +++++ PhysicalDrive0: OCZ-VERTEX3 +++++ --- User --- [MBR] ba34dbec08484abb24c45e3d39cb1017 [BSP] 4019fa2f28b9dc7edbc1a2b4375dd2f9 : Windows Vista/7/8|VT.Unknown MBR Code Partition table: 0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] 1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 228384 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] 2 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 467937280 | Size: 450 MB User = LL1 ... OK User = LL2 ... OK +++++ PhysicalDrive1: ST1000DM003-9YN162 +++++ --- User --- [MBR] 0c4df6d22dbde0a8e8ca2e4c9ed31ea5 [BSP] 7ab396594105f1192652d351cba96e70 : Windows Vista/7/8|VT.Unknown MBR Code Partition table: 0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 953867 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] User = LL1 ... OK User = LL2 ... OK +++++ PhysicalDrive2: WDC WD10EZRX-00D8PB0 +++++ --- User --- [MBR] cba49bdef3ee4036da45af736f739a5b [BSP] 4a802e235a1c431a2ed9a182b8c4aacd : Windows Vista/7/8|VT.Unknown MBR Code Partition table: 0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 953867 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] User = LL1 ... OK User = LL2 ... OK