RogueKiller V12.10.3.0 (x64) [Apr 3 2017] (Premium) par Adlice Software email : http://www.adlice.com/contact/ Remontées : https://forum.adlice.com Site web : http://www.adlice.com/fr/download/roguekiller/ Blog : http://www.adlice.com Système d'exploitation : Windows 10 (10.0.14393) 64 bits version Démarré en : Mode normal Utilisateur : Faiça [Administrateur] Démarré depuis : C:\Program Files\RogueKiller\RogueKiller64.exe Mode : Scan -- Date : 04/03/2017 23:20:44 (Durée : 01:18:42) ¤¤¤ Processus : 1 ¤¤¤ [VT.Unknown] InternetEverywhere_Service.exe(1204) -- C:\Program Files (x86)\InternetEverywhere\InternetEverywhere_Service.exe[7] -> Trouvé(e) ¤¤¤ Registre : 13 ¤¤¤ [PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-147171939-3418158111-1363790160-1001\Software\DriverToolkit -> Trouvé(e) [PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-147171939-3418158111-1363790160-1001\Software\DriverToolkit -> Trouvé(e) [VT.Unknown] (X64) HKEY_USERS\S-1-5-21-147171939-3418158111-1363790160-1001\Software\Microsoft\Windows\CurrentVersion\Run | IDMan : C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot [-] -> Trouvé(e) [VT.Unknown] (X86) HKEY_USERS\S-1-5-21-147171939-3418158111-1363790160-1001\Software\Microsoft\Windows\CurrentVersion\Run | IDMan : C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot [-] -> Trouvé(e) [PUP.Gen1] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Update service (C:\Program Files (x86)\Popcorn Time\Updater.exe) -> Trouvé(e) [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 192.168.1.1 0.0.0.0 ([-][]) -> Trouvé(e) [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{13fe8a63-673e-4ff4-80f0-65cd8cf20f4a} | NameServer : 41.214.140.5 8.8.8.8 ([Morocco][-]) -> Trouvé(e) [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{7ee15dc7-4d7e-429e-a701-c20e0b2414ef} | DhcpNameServer : 192.168.1.1 0.0.0.0 ([-][]) -> Trouvé(e) [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{a225758a-063f-4a86-82d1-b98ba8c2aa29} | DhcpNameServer : 192.168.1.1 0.0.0.0 ([-][]) -> Trouvé(e) [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{ba5df853-df31-4ef0-b57b-84f73a4863db} | DhcpNameServer : 192.168.1.1 0.0.0.0 ([-][]) -> Trouvé(e) [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{bcae0663-4a7b-431f-a4fe-5ca48c8e2c91} | NameServer : 41.214.140.5 8.8.8.8 ([Morocco][-]) -> Trouvé(e) [PUP.Gen1] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {EB2F704C-F567-4057-9C0C-80C7A6EFF442} : v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Popcorn Time\Updater.exe|Name=Updater.exe| [-] -> Trouvé(e) [PUP.Gen1] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {942A96CF-60E3-4B95-9836-F088E9B020ED} : v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Popcorn Time\Updater.exe|Name=Updater.exe| [-] -> Trouvé(e) ¤¤¤ Tâches : 0 ¤¤¤ ¤¤¤ Fichiers : 7 ¤¤¤ [PUP.Gen1][Fichier] C:\Users\Public\Desktop\Popcorn Time.lnk [LNK@] C:\PROGRA~2\Popcorn Time\PopcornTimeDesktop.exe -> Trouvé(e) [PUP.HackTool][Fichier] C:\Windows\KMS-R@1nHook.exe -> Trouvé(e) [PUP.Gen1][Répertoire] C:\Users\Faiça\AppData\Local\DriverToolkit -> Trouvé(e) [PUP.Gen1][Répertoire] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Popcorn Time -> Trouvé(e) [PUP.Gen1][Répertoire] C:\Program Files (x86)\DriverToolkit -> Trouvé(e) [PUP.Gen1][Répertoire] C:\Program Files (x86)\Popcorn Time -> Trouvé(e) [PUP.Gen1][Fichier] C:\Users\Public\Desktop\Popcorn Time.lnk [LNK@] C:\PROGRA~2\Popcorn Time\PopcornTimeDesktop.exe -> Trouvé(e) ¤¤¤ WMI : 0 ¤¤¤ ¤¤¤ Fichier Hosts : 0 ¤¤¤ ¤¤¤ Antirootkit : 0 (Driver: Chargé) ¤¤¤ ¤¤¤ Navigateurs web : 0 ¤¤¤ ¤¤¤ Vérification MBR : ¤¤¤ +++++ PhysicalDrive0: TOSHIBA MK6475GSX +++++ --- User --- [MBR] 8bfc132d4cbb87e8bb8bbf196f40f463 [BSP] 1d98503997b133a96c76e539205cc86b : Windows Vista/7/8|VT.Unknown MBR Code Partition table: 0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 500 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] 1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 1026048 | Size: 409978 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] 2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 840660992 | Size: 199999 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] User = LL1 ... OK User = LL2 ... OK