RogueKiller V8.4.2 _x64_ [Dec 31 2012] par Tigzy mail : tigzyRKgmailcom Remontees : http://www.sur-la-toile.com/discussion-193725-1--RogueKiller-Remontees.html Site Web : http://www.sur-la-toile.com/RogueKiller/ Blog : http://tigzyrk.blogspot.com/ Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Demarrage : Mode normal Utilisateur : schweppes [Droits d'admin] Mode : Recherche -- Date : 04/01/2013 22:23:20 ¤¤¤ Processus malicieux : 2 ¤¤¤ [SUSP PATH] FacebookMessenger.exe -- C:\Users\schweppes\AppData\Local\Facebook\Messenger\2.1.4651.0\FacebookMessenger.exe -> TUÉ [TermProc] [SUSP PATH] cacaoweb.exe -- C:\Users\schweppes\Desktop\cacaoweb.exe -> TUÉ [TermProc] ¤¤¤ Entrees de registre : 13 ¤¤¤ [RUN][SUSP PATH] HKCU\[...]\Services\Microsoft\Run : Spotify ("C:\Users\schweppes\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart) -> TROUVÉ [RUN][SUSP PATH] HKCU\[...]\Services\Microsoft\Run : cacaoweb ("C:\Users\schweppes\AppData\Roaming\cacaoweb\cacaoweb.exe" -noplayer) -> TROUVÉ [RUN][SUSP PATH] HKUS\S-1-5-21-574182596-1706258110-660260797-1001[...]\Services-574182596-1706258110-660260797-1001\Run : Spotify ("C:\Users\schweppes\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart) -> TROUVÉ [RUN][SUSP PATH] HKUS\S-1-5-21-574182596-1706258110-660260797-1001[...]\Services-574182596-1706258110-660260797-1001\Run : cacaoweb ("C:\Users\schweppes\AppData\Roaming\cacaoweb\cacaoweb.exe" -noplayer) -> TROUVÉ [TASK][SUSP PATH] OptimizerProUpdaterTask{398196A7-ED10-45DC-B67D-E0977C77DBB0}.job : C:\ProgramData\Premium\OptimizerPro\OptimizerPro.exe /schedule /profilepath "C:\ProgramData\Premium\OptimizerPro\profile.ini" -> TROUVÉ [TASK][SUSP PATH] OptimizerProUpdaterTask{0064C7B4-FDF2-45D2-A76D-27B15CE40A1D}.job : C:\ProgramData\Premium\OptimizerPro\OptimizerPro.exe /schedule /profilepath "C:\ProgramData\Premium\OptimizerPro\profile.ini" -> TROUVÉ [STARTUP][SUSP PATH] Facebook Messenger.lnk @schweppes : C:\Users\schweppes\AppData\Local\Facebook\Messenger\2.1.4651.0\FacebookMessenger.exe -> TROUVÉ [HJ] HKLM\[...]\Services\Microsoft\System : ConsentPromptBehaviorAdmin (0) -> TROUVÉ [HJ] HKLM\[...]\Wow6432Node\Services\Microsoft\System : ConsentPromptBehaviorAdmin (0) -> TROUVÉ [HJ] HKLM\[...]\Services\Microsoft\System : EnableLUA (0) -> TROUVÉ [HJ] HKLM\[...]\Wow6432Node\Services\Microsoft\System : EnableLUA (0) -> TROUVÉ [HJ DESK] HKLM\[...]\Services\Microsoft\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> TROUVÉ [HJ DESK] HKLM\[...]\Services\Microsoft\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> TROUVÉ ¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤ ¤¤¤ Driver : [NON CHARGE] ¤¤¤ ¤¤¤ Fichier HOSTS: ¤¤¤ --> C:\Windows\system32\drivers\etc\hosts 127.0.0.1 localhost 127.0.0.1 3dns.adobe.com 127.0.0.1 3dns-1.adobe.com 127.0.0.1 3dns-2.adobe.com 127.0.0.1 3dns-3.adobe.com 127.0.0.1 3dns-4.adobe.com 127.0.0.1 activate.adobe.com 127.0.0.1 activate-sea.adobe.com 127.0.0.1 activate-sea.adobe.com.* 127.0.0.1 activate-sjc0.adobe.com 127.0.0.1 activate.wip.adobe.com 127.0.0.1 activate.wip1.adobe.com 127.0.0.1 activate.wip2.adobe.com 127.0.0.1 activate.wip3.adobe.com 127.0.0.1 activate.wip4.adobe.com 127.0.0.1 adobe-dns.adobe.com 127.0.0.1 adobe-dns-1.adobe.com 127.0.0.1 adobe-dns-2.adobe.com 127.0.0.1 adobe-dns-3.adobe.com 127.0.0.1 adobe-dns-4.adobe.com [...] ¤¤¤ MBR Verif: ¤¤¤ +++++ PhysicalDrive0: ST9500420AS ATA Device +++++ --- User --- [MBR] f3005d952cf4c2735e78eb0878792ef0 [BSP] 0bf90815b25b6d63f48de0141d48d559 : Windows 7/8 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 350 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 718848 | Size: 476588 Mo User = LL1 ... OK! User = LL2 ... OK! Termine : << RKreport[1]_S_04012013_222320.txt >> RKreport[1]_S_04012013_222320.txt