RogueKiller V12.11.29.0 (x64) [Dec 18 2017] (Premium) par Adlice Software
email : http://www.adlice.com/fr/contact/
Remontées : https://forum.adlice.com
Site web : http://www.adlice.com/fr/download/roguekiller/
Blog : http://www.adlice.com/fr/

Système d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Démarré en  : Mode normal
Utilisateur : ziwass [Administrateur]
Démarré depuis : C:\Program Files\RogueKiller\RogueKiller64.exe
Mode : Suppression -- Date : 12/23/2017 23:11:53 (Durée : 00:33:39)

¤¤¤ Processus : 0 ¤¤¤

¤¤¤ Registre : 6 ¤¤¤
[PUP.DriverPack] (X64) HKEY_USERS\S-1-5-21-700845423-2606857621-1733508647-1000\Software\drpsu -> Supprimé(e)
[PUP.DriverPack] (X86) HKEY_USERS\S-1-5-21-700845423-2606857621-1733508647-1000\Software\drpsu -> Supprimé(e)
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WinPhlash (\??\C:\Users\ziwass\AppData\Local\Temp\Winphlash64\PHLASHNT.SYS) -> Supprimé(e)
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\WinPhlash (\??\C:\Users\ziwass\AppData\Local\Temp\Winphlash64\PHLASHNT.SYS) -> Supprimé(e)
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-700845423-2606857621-1733508647-1000\Software\Microsoft\Internet Explorer\Main | Start Page : https://maktoob.search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10440__171028__yaie  -> Remplacé(e) (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-700845423-2606857621-1733508647-1000\Software\Microsoft\Internet Explorer\Main | Start Page : https://maktoob.search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10440__171028__yaie  -> Remplacé(e) (http://go.microsoft.com/fwlink/p/?LinkId=255141)

¤¤¤ Tâches : 0 ¤¤¤

¤¤¤ Fichiers : 2 ¤¤¤
[Tr.Gen0][Fichier] C:\Users\ziwass\AppData\Local\Temp\0.txt -> Supprimé(e)
[PUP.Gen3][Fichier] C:\Users\ziwass\AppData\Roaming\Mozilla\Firefox\Profiles\sb6luiyl.default\searchplugins\yahoo-lavasoft.xml -> Supprimé(e)

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Fichier Hosts : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Chargé) ¤¤¤

¤¤¤ Navigateurs web : 4 ¤¤¤
[PUM.HomePage][Firefox:Config] sb6luiyl.default : user_pref("browser.startup.homepage", "https://maktoob.search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10440__171028__yaff"); -> Remplacé(e) (about:home)
[PUM.NewTab][Firefox:Config] sb6luiyl.default : user_pref("browser.newtab.url", "https://maktoob.search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10440__171028__yaff"); -> Supprimé(e)
[PUM.SearchEngine][Firefox:Config] sb6luiyl.default : user_pref("browser.search.selectedEngine", "Yahoo®"); -> Supprimé(e)
[PUM.SearchEngine][Firefox:Config] sb6luiyl.default : user_pref("browser.search.defaultenginename", "Yahoo®"); -> Supprimé(e)

¤¤¤ Vérification MBR : ¤¤¤
+++++ PhysicalDrive0: Hitachi HTS543216L9A300 +++++
--- User ---
[MBR] 79dfeba76f807074fd7bdf14dce18037
[BSP] 4d93b3105525130411cf738dc20a3792 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 79900 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 163842048 | Size: 72624 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK