RogueKiller V12.11.5.0 (x64) [Jul 3 2017] (Premium) par Adlice Software email : http://www.adlice.com/fr/contact/ Remontées : https://forum.adlice.com Site web : http://www.adlice.com/fr/download/roguekiller/ Blog : http://www.adlice.com/fr/ Système d'exploitation : Windows 10 (10.0.10586) 64 bits version Démarré en : Mode normal Utilisateur : sa [Administrateur] Démarré depuis : D:\RogueKillerX64.exe Mode : Suppression -- Date : 07/04/2017 12:43:09 (Durée : 00:46:35) ¤¤¤ Processus : 0 ¤¤¤ ¤¤¤ Registre : 17 ¤¤¤ [PUP.Gen1] (X86) HKEY_LOCAL_MACHINE\Software\mtMedlight -> Supprimé(e) [PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-218471027-1253580550-624781408-1004\Software\csastats -> Supprimé(e) [PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-218471027-1253580550-624781408-1004\Software\DriverToolkit -> Supprimé(e) [PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-218471027-1253580550-624781408-1004\Software\mtMedlight -> Supprimé(e) [PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-218471027-1253580550-624781408-1004\Software\ProductSetup -> Supprimé(e) [PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-218471027-1253580550-624781408-1004\Software\csastats -> Supprimé(e) [PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-218471027-1253580550-624781408-1004\Software\DriverToolkit -> Supprimé(e) [PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-218471027-1253580550-624781408-1004\Software\mtMedlight -> Supprimé(e) [PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-218471027-1253580550-624781408-1004\Software\ProductSetup -> Supprimé(e) [PUP.Gen1] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7} -> Supprimé(e) [PUP.Gen1] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE} -> Supprimé(e) [PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-218471027-1253580550-624781408-1004\Software\Microsoft\Internet Explorer\Main | Search Page : http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWr8UeuffMWh7dVs9w2N48z0ekAazZzl3LywS_dKtjTdi4bSTFIrKn-U7kVRWAGVYw2JBNX6QHGAdl704tBzEluraaloZ1gR152qi_rckYuRiUH8khOQ5bXw5R1OI4tFitHMuo2c3QwpJjiggViOImceFwOw,,&q={searchTerms} -> Remplacé(e) (http://go.microsoft.com/fwlink/?LinkId=54896) [PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-218471027-1253580550-624781408-1004\Software\Microsoft\Internet Explorer\Main | Search Page : http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWr8UeuffMWh7dVs9w2N48z0ekAazZzl3LywS_dKtjTdi4bSTFIrKn-U7kVRWAGVYw2JBNX6QHGAdl704tBzEluraaloZ1gR152qi_rckYuRiUH8khOQ5bXw5R1OI4tFitHMuo2c3QwpJjiggViOImceFwOw,,&q={searchTerms} -> Remplacé(e) (http://go.microsoft.com/fwlink/?LinkId=54896) [PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-218471027-1253580550-624781408-1004\Software\Microsoft\Internet Explorer\Main | Search Bar : http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWr8UeuffMWh7dVs9w2N48z0ekAazZzl3LywS_dKtjTdi4bSTFIrKn-U7kVRWAGVYw2JBNX6QHGAdl704tBzEluraaloZ1gR152qi_rckYuRiUH8khOQ5bXw5R1OI4tFitHMuo2c3QwpJjiggViOImceFwOw,,&q={searchTerms} -> Remplacé(e) (http://search.msn.com/spbasic.htm) [PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-218471027-1253580550-624781408-1004\Software\Microsoft\Internet Explorer\Main | Search Bar : http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWr8UeuffMWh7dVs9w2N48z0ekAazZzl3LywS_dKtjTdi4bSTFIrKn-U7kVRWAGVYw2JBNX6QHGAdl704tBzEluraaloZ1gR152qi_rckYuRiUH8khOQ5bXw5R1OI4tFitHMuo2c3QwpJjiggViOImceFwOw,,&q={searchTerms} -> Remplacé(e) (http://search.msn.com/spbasic.htm) [PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Remplacé(e) (2) [PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Remplacé(e) (2) ¤¤¤ Tâches : 0 ¤¤¤ ¤¤¤ Fichiers : 1 ¤¤¤ [Tr.Gen0][Fichier] C:\Users\sa\AppData\Roaming\uTorrent\updates\3.5.0_43916\utorrentie.exe -> Supprimé(e) au redémarrage [5] ¤¤¤ WMI : 0 ¤¤¤ ¤¤¤ Fichier Hosts : 0 ¤¤¤ ¤¤¤ Antirootkit : 0 (Driver: Chargé) ¤¤¤ ¤¤¤ Navigateurs web : 1 ¤¤¤ [PUM.HomePage][Chrome:Config] Default [SecurePrefs] : session.startup_urls [http://istart.webssearches.com/?type=hp&ts=1413323260&from=exp&uid=TOSHIBAXDT01ACA100_14O6T3TNSXX14O6T3TNSX] -> Supprimé(e) ¤¤¤ Vérification MBR : ¤¤¤ +++++ PhysicalDrive0: TOSHIBA DT01ACA100 ATA Device +++++ --- User --- [MBR] 218bef4459d85f20ac02a59599032d9e [BSP] ed14e21f5140faf028806beab4eb1da0 : Windows Vista/7/8|VT.Unknown MBR Code Partition table: 0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 350 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] 1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 718848 | Size: 153516 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] 2 - [XXXXXX] EXTEN-LBA (0xf) [VISIBLE] Offset (sectors): 315119678 | Size: 800000 MB User = LL1 ... OK User = LL2 ... OK +++++ PhysicalDrive1: Generic Storage Device USB Device +++++ Error reading User MBR! ([15] Le périphérique n?est pas prêt. ) Error reading LL1 MBR! NOT VALID! Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )