RogueKiller V8.8.15 [Mar 27 2014] par Adlice Software mail : http://www.adlice.com/contact/ Remontees : http://forum.adlice.com Site Web : http://www.surlatoile.org/RogueKiller/ Blog : http://www.adlice.com Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Demarrage : Mode normal Utilisateur : Jocelyn [Droits d'admin] Mode : Suppression -- Date : 04/30/2014 20:22:56 | ARK || FAK || MBR | ¤¤¤ Processus malicieux : 0 ¤¤¤ ¤¤¤ Entrees de registre : 2 ¤¤¤ [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REMPLACÉ (0) [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REMPLACÉ (0) ¤¤¤ Tâches planifiées : 0 ¤¤¤ ¤¤¤ Entrées Startup : 0 ¤¤¤ ¤¤¤ Navigateurs web : 0 ¤¤¤ ¤¤¤ Addons navigateur : 0 ¤¤¤ ¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤ ¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤ [Address] IAT @iexplore.exe (StrStrIW) : api-ms-win-downlevel-shlwapi-l1-1-0.dll -> HOOKED (C:\Windows\syswow64\shlwapi.DLL @ 0x75EA46E9) [Address] EAT @iexplore.exe (BeginBufferedAnimation) : dwmapi.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x74DEDF38) [Address] EAT @iexplore.exe (BeginBufferedPaint) : dwmapi.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x74DEB741) [Address] EAT @iexplore.exe (BeginPanningFeedback) : dwmapi.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x74E076AF) [Address] EAT @iexplore.exe (BufferedPaintClear) : dwmapi.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x74DEBBDB) [Address] EAT @iexplore.exe (BufferedPaintInit) : dwmapi.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x74DEB8D4) [Address] EAT @iexplore.exe (BufferedPaintRenderAnimation) : dwmapi.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x74DEDE83) [Address] EAT @iexplore.exe (BufferedPaintSetAlpha) : dwmapi.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x74E0CE19) [Address] EAT @iexplore.exe (BufferedPaintStopAllAnimations) : dwmapi.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x74DEE428) [Address] EAT @iexplore.exe (BufferedPaintUnInit) : dwmapi.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x74DF7525) [Address] EAT @iexplore.exe (CloseThemeData) : dwmapi.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x74DE1FA1) [Address] EAT @iexplore.exe (DrawThemeBackground) : dwmapi.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x74DED464) [Address] EAT @iexplore.exe (DrawThemeBackgroundEx) : dwmapi.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x74DF436D) [Address] EAT @iexplore.exe (DrawThemeEdge) : dwmapi.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x74E0C01C) [Address] EAT @iexplore.exe (DrawThemeIcon) : dwmapi.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x74E0D123) [Address] EAT @iexplore.exe (DrawThemeParentBackground) : dwmapi.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x74DEE776) [Address] EAT @iexplore.exe (DrawThemeParentBackgroundEx) : dwmapi.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x74DEE5C5) [Address] EAT @iexplore.exe (DrawThemeText) : dwmapi.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x74DEDB21) [Address] EAT @iexplore.exe (DrawThemeTextEx) : dwmapi.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x74DEA70C) [Address] EAT @iexplore.exe (EnableThemeDialogTexture) : dwmapi.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x74DF786D) [Address] EAT @iexplore.exe (EnableTheming) : dwmapi.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x74E0C9FF) [Address] EAT @iexplore.exe (EndBufferedAnimation) : dwmapi.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x74DEACE8) [Address] EAT @iexplore.exe (EndBufferedPaint) : dwmapi.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x74DEACE8) [Address] EAT @iexplore.exe (EndPanningFeedback) : dwmapi.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x74E0762C) [Address] EAT @iexplore.exe (GetBufferedPaintBits) : dwmapi.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x74DECF26) [Address] EAT @iexplore.exe (GetBufferedPaintDC) : dwmapi.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x74E0CDCF) [Address] EAT @iexplore.exe (GetBufferedPaintTargetDC) : dwmapi.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x74E0CD86) [Address] EAT @iexplore.exe (GetBufferedPaintTargetRect) : dwmapi.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x74E0C893) [Address] EAT @iexplore.exe (GetCurrentThemeName) : dwmapi.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x74DF63AE) [Address] EAT @iexplore.exe (GetThemeAppProperties) : dwmapi.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x74DEEBD6) [Address] EAT @iexplore.exe (GetThemeBackgroundContentRect) : dwmapi.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x74DEDA9E) [Address] EAT @iexplore.exe (GetThemeBackgroundExtent) : dwmapi.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x74DF7155) [Address] EAT @iexplore.exe (GetThemeBackgroundRegion) : dwmapi.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x74DF0190) [Address] EAT @iexplore.exe (GetThemeBitmap) : dwmapi.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x74DE4B9C) [Address] EAT @iexplore.exe (GetThemeBool) : dwmapi.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x74DE6651) [Address] EAT @iexplore.exe (GetThemeColor) : dwmapi.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x74DE27C0) [Address] EAT @iexplore.exe (GetThemeDocumentationProperty) : dwmapi.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x74E0C346) [Address] EAT @iexplore.exe (GetThemeEnumValue) : dwmapi.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x74DE27C0) [Address] EAT @iexplore.exe (GetThemeFilename) : dwmapi.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x74E0B997) [Address] EAT @iexplore.exe (GetThemeFont) : dwmapi.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x74DF76A2) [Address] EAT @iexplore.exe (GetThemeInt) : dwmapi.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x74DE27C0) [Address] EAT @iexplore.exe (GetThemeIntList) : dwmapi.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x74E0B86E) [Address] EAT @iexplore.exe (GetThemeMargins) : dwmapi.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x74DE2F97) [Address] EAT @iexplore.exe (GetThemeMetric) : dwmapi.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x74DF55B4) [Address] EAT @iexplore.exe (GetThemePartSize) : dwmapi.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x74DE289F) [Address] EAT @iexplore.exe (GetThemePosition) : dwmapi.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x74E0B80D) [Address] EAT @iexplore.exe (GetThemePropertyOrigin) : dwmapi.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x74DF0923) [Address] EAT @iexplore.exe (GetThemeRect) : dwmapi.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x74E0B936) [Address] EAT @iexplore.exe (GetThemeStream) : dwmapi.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x74E0B8CF) [Address] EAT @iexplore.exe (GetThemeString) : dwmapi.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x74E0B7A1) [Address] EAT @iexplore.exe (GetThemeSysBool) : dwmapi.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x74E0CB86) [Address] EAT @iexplore.exe (GetThemeSysColor) : dwmapi.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x74DF5530) [Address] EAT @iexplore.exe (GetThemeSysColorBrush) : dwmapi.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x74E0CA32) [Address] EAT @iexplore.exe (GetThemeSysFont) : dwmapi.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x74E0C3D8) [Address] EAT @iexplore.exe (GetThemeSysInt) : dwmapi.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x74E0C5E7) [Address] EAT @iexplore.exe (GetThemeSysSize) : dwmapi.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x74E0CC61) [Address] EAT @iexplore.exe (GetThemeSysString) : dwmapi.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x74E0C553) [Address] EAT @iexplore.exe (GetThemeTextExtent) : dwmapi.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x74DE89FE) [Address] EAT @iexplore.exe (GetThemeTextMetrics) : dwmapi.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x74DF778C) [Address] EAT @iexplore.exe (GetThemeTransitionDuration) : dwmapi.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x74DEE1A1) [Address] EAT @iexplore.exe (GetWindowTheme) : dwmapi.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x74DF535B) [Address] EAT @iexplore.exe (HitTestThemeBackground) : dwmapi.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x74DF2DC1) [Address] EAT @iexplore.exe (IsAppThemed) : dwmapi.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x74DF7009) [Address] EAT @iexplore.exe (IsCompositionActive) : dwmapi.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x74DE65DF) [Address] EAT @iexplore.exe (IsThemeActive) : dwmapi.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x74DF6F36) [Address] EAT @iexplore.exe (IsThemeBackgroundPartiallyTransparent) : dwmapi.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x74DE281C) [Address] EAT @iexplore.exe (IsThemeDialogTextureEnabled) : dwmapi.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x74E0CB3F) [Address] EAT @iexplore.exe (IsThemePartDefined) : dwmapi.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x74DE30CF) [Address] EAT @iexplore.exe (OpenThemeData) : dwmapi.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x74DE5F29) [Address] EAT @iexplore.exe (OpenThemeDataEx) : dwmapi.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x74DF06FE) [Address] EAT @iexplore.exe (SetThemeAppProperties) : dwmapi.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x74E0CCEC) [Address] EAT @iexplore.exe (SetWindowTheme) : dwmapi.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x74DF7AFC) [Address] EAT @iexplore.exe (SetWindowThemeAttribute) : dwmapi.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x74DE9E39) [Address] EAT @iexplore.exe (ThemeInitApiHook) : dwmapi.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x74DE4571) [Address] EAT @iexplore.exe (UpdatePanningFeedback) : dwmapi.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x74E075ED) ¤¤¤ Ruches Externes: ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ Fichier HOSTS: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts ¤¤¤ MBR Verif: ¤¤¤ +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD10 EADS-00M2B0 SCSI Disk Device +++++ --- User --- [MBR] 5d3ad9bfa75f98f21dc2c1d0487acb03 [BSP] 7c2559f2a629ae9b8f61353657ed0c09 : Windows 7/8 MBR Code Partition table: 0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 15360 MB 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 31459328 | Size: 100 MB 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 31664128 | Size: 468942 MB 3 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 992057344 | Size: 469465 MB User = LL1 ... OK! Error reading LL2 MBR! ([0x1] Fonction incorrecte. ) +++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) Generic- SD/MMC USB Device +++++ Error reading User MBR! ([0x15] Le périphérique n?est pas prêt. ) User = LL1 ... OK! Error reading LL2 MBR! ([0x32] Cette demande n?est pas prise en charge. ) +++++ PhysicalDrive2: (\\.\PHYSICALDRIVE2 @ USB) Generic- Compact Flash USB Device +++++ Error reading User MBR! ([0x15] Le périphérique n?est pas prêt. ) User = LL1 ... OK! Error reading LL2 MBR! ([0x32] Cette demande n?est pas prise en charge. ) +++++ PhysicalDrive3: (\\.\PHYSICALDRIVE3 @ USB) Generic- SM/xD Picture USB Device +++++ Error reading User MBR! ([0x15] Le périphérique n?est pas prêt. ) User = LL1 ... OK! Error reading LL2 MBR! ([0x32] Cette demande n?est pas prise en charge. ) +++++ PhysicalDrive4: (\\.\PHYSICALDRIVE4 @ USB) Generic- MS/MS-Pro USB Device +++++ Error reading User MBR! ([0x15] Le périphérique n?est pas prêt. ) User = LL1 ... OK! Error reading LL2 MBR! ([0x32] Cette demande n?est pas prise en charge. ) Termine : << RKreport[0]_D_04302014_202256.txt >> RKreport[0]_S_04302014_202217.txt