RogueKiller V10.0.4.0 (x64) [Oct 29 2014] par Adlice Software email : http://www.adlice.com/contact/ Remontées : http://forum.adlice.com Site web : https://www.surlatoile.org/RogueKiller/ Blog : http://www.adlice.com Système d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Démarré en : Mode normal Utilisateur : Armis [Administrateur] Mode : Scan -- Date : 11/08/2014 09:40:06 ¤¤¤ Processus : 0 ¤¤¤ ¤¤¤ Registre : 10 ¤¤¤ [PUM.HomePage] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Start Page : http://google.com -> Trouvé(e) [PUM.HomePage] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Start Page : http://google.com -> Trouvé(e) [PUM.SearchPage] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Search Page : http://google.com -> Trouvé(e) [PUM.SearchPage] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Search Page : http://google.com -> Trouvé(e) [PUM.SearchPage] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> Trouvé(e) [PUM.SearchPage] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> Trouvé(e) [PUM.SearchPage] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> Trouvé(e) [PUM.SearchPage] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> Trouvé(e) [PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Trouvé(e) [PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Trouvé(e) ¤¤¤ Tâches : 0 ¤¤¤ ¤¤¤ Fichiers : 0 ¤¤¤ ¤¤¤ Fichier Hosts : 2 ¤¤¤ [C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost [C:\Windows\System32\drivers\etc\hosts] ::1 localhost ¤¤¤ Antirootkit : 140 (Driver: Chargé) ¤¤¤ [IAT:Inl] (explorer.exe) ntdll.dll - NtSetSystemInformation : Unknown @ 0x777201f0 (jmp 0x15d850) [IAT:Inl] (explorer.exe @ kernel32.dll) ntdll.dll - NtWriteVirtualMemory : Unknown @ 0x777203b0 (jmp 0x15ed60) [IAT:Inl] (explorer.exe @ kernel32.dll) ntdll.dll - NtDuplicateObject : Unknown @ 0x77720390 (jmp 0x15ed20) [IAT:Inl] (explorer.exe @ kernel32.dll) ntdll.dll - NtCreateEvent : Unknown @ 0x777202d0 (jmp 0x15eba0) [IAT:Inl] (explorer.exe @ kernel32.dll) ntdll.dll - NtNotifyChangeKey : Unknown @ 0x77720490 (jmp 0x15e300) [IAT:Inl] (explorer.exe @ kernel32.dll) ntdll.dll - NtTerminateProcess : Unknown @ 0x777203e0 (jmp 0x15ee70) [IAT:Inl] (explorer.exe @ kernel32.dll) ntdll.dll - NtOpenEvent : Unknown @ 0x777202e0 (jmp 0x15ec30) [IAT:Inl] (explorer.exe @ kernel32.dll) ntdll.dll - NtAssignProcessToJobObject : Unknown @ 0x777203a0 (jmp 0x15e870) [IAT:Inl] (explorer.exe @ kernel32.dll) ntdll.dll - NtSetContextThread : Unknown @ 0x77720400 (jmp 0x15dc20) [IAT:Inl] (explorer.exe @ kernel32.dll) ntdll.dll - NtCreateSection : Unknown @ 0x77720310 (jmp 0x15ebc0) [IAT:Inl] (explorer.exe @ kernel32.dll) ntdll.dll - NtOpenProcess : Unknown @ 0x77720370 (jmp 0x15ee60) [IAT:Inl] (explorer.exe @ kernel32.dll) ntdll.dll - NtSetSystemInformation : Unknown @ 0x777201f0 (jmp 0x15d850) [IAT:Inl] (explorer.exe @ kernel32.dll) ntdll.dll - NtNotifyChangeMultipleKeys : Unknown @ 0x777204a0 (jmp 0x15e300) [IAT:Inl] (explorer.exe @ kernel32.dll) ntdll.dll - NtQueryObject : Unknown @ 0x77720450 (jmp 0x15f0a0) [IAT:Inl] (explorer.exe @ KERNELBASE.dll) ntdll.dll - NtCreateIoCompletion : Unknown @ 0x77720350 (jmp 0x15e730) [IAT:Inl] (explorer.exe @ KERNELBASE.dll) ntdll.dll - NtCreateEvent : Unknown @ 0x777202d0 (jmp 0x15eba0) [IAT:Inl] (explorer.exe @ KERNELBASE.dll) ntdll.dll - NtDuplicateObject : Unknown @ 0x77720390 (jmp 0x15ed20) [IAT:Inl] (explorer.exe @ KERNELBASE.dll) ntdll.dll - NtQueryObject : Unknown @ 0x77720450 (jmp 0x15f0a0) [IAT:Inl] (explorer.exe @ KERNELBASE.dll) ntdll.dll - NtCreateSection : Unknown @ 0x77720310 (jmp 0x15ebc0) [IAT:Inl] (explorer.exe @ KERNELBASE.dll) ntdll.dll - NtOpenSection : Unknown @ 0x77720320 (jmp 0x15ed00) [IAT:Inl] (explorer.exe @ KERNELBASE.dll) ntdll.dll - NtWriteVirtualMemory : Unknown @ 0x777203b0 (jmp 0x15ed60) [IAT:Inl] (explorer.exe @ KERNELBASE.dll) ntdll.dll - NtOpenProcess : Unknown @ 0x77720370 (jmp 0x15ee60) [IAT:Inl] (explorer.exe @ KERNELBASE.dll) ntdll.dll - NtTerminateProcess : Unknown @ 0x777203e0 (jmp 0x15ee70) [IAT:Inl] (explorer.exe @ KERNELBASE.dll) ntdll.dll - NtOpenEvent : Unknown @ 0x777202e0 (jmp 0x15ec30) [IAT:Inl] (explorer.exe @ KERNELBASE.dll) ntdll.dll - NtCreateSemaphore : Unknown @ 0x777202b0 (jmp 0x15e5a0) [IAT:Inl] (explorer.exe @ KERNELBASE.dll) ntdll.dll - NtOpenSemaphore : Unknown @ 0x777202c0 (jmp 0x15e030) [IAT:Inl] (explorer.exe @ KERNELBASE.dll) ntdll.dll - NtCreateMutant : Unknown @ 0x77720290 (jmp 0x15e610) [IAT:Inl] (explorer.exe @ KERNELBASE.dll) ntdll.dll - NtOpenMutant : Unknown @ 0x777202a0 (jmp 0x15e060) [IAT:Inl] (explorer.exe @ KERNELBASE.dll) ntdll.dll - NtCreateTimer : Unknown @ 0x77720330 (jmp 0x15e5f0) [IAT:Inl] (explorer.exe @ KERNELBASE.dll) ntdll.dll - NtOpenTimer : Unknown @ 0x77720340 (jmp 0x15e070) [IAT:Inl] (explorer.exe @ KERNELBASE.dll) ntdll.dll - NtCreateThreadEx : Unknown @ 0x777203d0 (jmp 0x15e6a0) [IAT:Inl] (explorer.exe @ KERNELBASE.dll) ntdll.dll - NtTerminateThread : Unknown @ 0x777203f0 (jmp 0x15ec10) [IAT:Inl] (explorer.exe @ KERNELBASE.dll) ntdll.dll - NtOpenThread : Unknown @ 0x77720380 (jmp 0x15e0c0) [IAT:Inl] (explorer.exe @ KERNELBASE.dll) ntdll.dll - NtSuspendThread : Unknown @ 0x77720430 (jmp 0x15d9a0) [IAT:Inl] (explorer.exe @ KERNELBASE.dll) ntdll.dll - NtNotifyChangeKey : Unknown @ 0x77720490 (jmp 0x15e300) [IAT:Inl] (explorer.exe @ ADVAPI32.dll) ntdll.dll - NtTerminateThread : Unknown @ 0x777203f0 (jmp 0x15ec10) [IAT:Inl] (explorer.exe @ ADVAPI32.dll) ntdll.dll - NtCreateEvent : Unknown @ 0x777202d0 (jmp 0x15eba0) [IAT:Inl] (explorer.exe @ ADVAPI32.dll) ntdll.dll - NtDuplicateObject : Unknown @ 0x77720390 (jmp 0x15ed20) [IAT:Inl] (explorer.exe @ ADVAPI32.dll) ntdll.dll - NtSetSystemInformation : Unknown @ 0x777201f0 (jmp 0x15d850) [IAT:Inl] (explorer.exe @ ADVAPI32.dll) ntdll.dll - NtQueryObject : Unknown @ 0x77720450 (jmp 0x15f0a0) [IAT:Inl] (explorer.exe @ sechost.dll) ntdll.dll - NtTerminateProcess : Unknown @ 0x777203e0 (jmp 0x15ee70) [IAT:Inl] (explorer.exe @ RPCRT4.dll) ntdll.dll - NtAlpcSendWaitReceivePort : Unknown @ 0x77720480 (jmp 0x15e980) [IAT:Inl] (explorer.exe @ RPCRT4.dll) ntdll.dll - NtCreateSection : Unknown @ 0x77720310 (jmp 0x15ebc0) [IAT:Inl] (explorer.exe @ RPCRT4.dll) ntdll.dll - NtQueueApcThreadEx : Unknown @ 0x77720440 (jmp 0x15de80) [IAT:Inl] (explorer.exe @ GDI32.dll) ntdll.dll - NtVdmControl : Unknown @ 0x77720280 (jmp 0x15d700) [IAT:Inl] (explorer.exe @ GDI32.dll) ntdll.dll - NtCreateSection : Unknown @ 0x77720310 (jmp 0x15ebc0) [IAT:Inl] (explorer.exe @ USER32.dll) ntdll.dll - NtVdmControl : Unknown @ 0x77720280 (jmp 0x15d700) [IAT:Inl] (explorer.exe @ SHELL32.dll) ntdll.dll - NtQueryObject : Unknown @ 0x77720450 (jmp 0x15f0a0) [IAT:Inl] (explorer.exe @ ole32.dll) ntdll.dll - NtTerminateProcess : Unknown @ 0x777203e0 (jmp 0x15ee70) [IAT:Inl] (explorer.exe @ ole32.dll) ntdll.dll - NtQueryObject : Unknown @ 0x77720450 (jmp 0x15f0a0) [IAT:Inl] (explorer.exe @ MSCTF.dll) ntdll.dll - NtAlpcSendWaitReceivePort : Unknown @ 0x77720480 (jmp 0x15e980) [IAT:Inl] (explorer.exe @ UxTheme.dll) ntdll.dll - NtOpenEvent : Unknown @ 0x777202e0 (jmp 0x15ec30) [IAT:Inl] (explorer.exe @ SETUPAPI.dll) ntdll.dll - NtQueryObject : Unknown @ 0x77720450 (jmp 0x15f0a0) [IAT:Inl] (explorer.exe @ dwmapi.dll) ntdll.dll - NtCreateSection : Unknown @ 0x77720310 (jmp 0x15ebc0) [IAT:Inl] (explorer.exe @ Secur32.dll) ntdll.dll - NtOpenSection : Unknown @ 0x77720320 (jmp 0x15ed00) [IAT:Inl] (explorer.exe @ SSPICLI.DLL) ntdll.dll - NtDuplicateObject : Unknown @ 0x77720390 (jmp 0x15ed20) [IAT:Inl] (explorer.exe @ SSPICLI.DLL) ntdll.dll - NtOpenEvent : Unknown @ 0x777202e0 (jmp 0x15ec30) [IAT:Inl] (explorer.exe @ WINSTA.dll) ntdll.dll - NtOpenProcess : Unknown @ 0x77720370 (jmp 0x15ee60) [IAT:Inl] (explorer.exe @ WINSTA.dll) ntdll.dll - NtTerminateProcess : Unknown @ 0x777203e0 (jmp 0x15ee70) [IAT:Inl] (explorer.exe @ apphelp.dll) ntdll.dll - NtCreateSection : Unknown @ 0x77720310 (jmp 0x15ebc0) [IAT:Inl] (explorer.exe @ apphelp.dll) ntdll.dll - NtQueryObject : Unknown @ 0x77720450 (jmp 0x15f0a0) [IAT:Inl] (explorer.exe @ CLBCatQ.DLL) ntdll.dll - NtOpenEvent : Unknown @ 0x777202e0 (jmp 0x15ec30) [IAT:Inl] (explorer.exe @ dbghelp.dll) ntdll.dll - NtQueryObject : Unknown @ 0x77720450 (jmp 0x15f0a0) [IAT:Inl] (explorer.exe @ ntmarta.dll) ntdll.dll - NtOpenTimer : Unknown @ 0x77720340 (jmp 0x15e070) [IAT:Inl] (explorer.exe @ ntmarta.dll) ntdll.dll - NtOpenThread : Unknown @ 0x77720380 (jmp 0x15e0c0) [IAT:Inl] (explorer.exe @ ntmarta.dll) ntdll.dll - NtOpenSemaphore : Unknown @ 0x777202c0 (jmp 0x15e030) [IAT:Inl] (explorer.exe @ ntmarta.dll) ntdll.dll - NtOpenSection : Unknown @ 0x77720320 (jmp 0x15ed00) [IAT:Inl] (explorer.exe @ ntmarta.dll) ntdll.dll - NtOpenProcess : Unknown @ 0x77720370 (jmp 0x15ee60) [IAT:Inl] (explorer.exe @ ntmarta.dll) ntdll.dll - NtOpenMutant : Unknown @ 0x777202a0 (jmp 0x15e060) [IAT:Inl] (explorer.exe @ ntmarta.dll) ntdll.dll - NtOpenEventPair : Unknown @ 0x77720300 (jmp 0x15e130) [IAT:Inl] (explorer.exe @ ntmarta.dll) ntdll.dll - NtOpenEvent : Unknown @ 0x777202e0 (jmp 0x15ec30) [IAT:Inl] (explorer.exe @ ntmarta.dll) ntdll.dll - NtQueryObject : Unknown @ 0x77720450 (jmp 0x15f0a0) [IAT:Inl] (explorer.exe @ tiptsf.dll) ntdll.dll - NtAlpcSendWaitReceivePort : Unknown @ 0x77720480 (jmp 0x15e980) [IAT:Inl] (explorer.exe @ authui.dll) ntdll.dll - NtOpenProcess : Unknown @ 0x77720370 (jmp 0x15ee60) [IAT:Inl] (explorer.exe @ authui.dll) ntdll.dll - NtSetSystemInformation : Unknown @ 0x777201f0 (jmp 0x15d850) [IAT:Inl] (explorer.exe @ CRYPT32.dll) ntdll.dll - NtQueryObject : Unknown @ 0x77720450 (jmp 0x15f0a0) [IAT:Inl] (explorer.exe @ gameux.dll) ntdll.dll - NtCreateSection : Unknown @ 0x77720310 (jmp 0x15ebc0) [IAT:Inl] (explorer.exe @ wer.dll) ntdll.dll - NtOpenEvent : Unknown @ 0x777202e0 (jmp 0x15ec30) [IAT:Inl] (explorer.exe @ wer.dll) ntdll.dll - NtAlpcSendWaitReceivePort : Unknown @ 0x77720480 (jmp 0x15e980) [IAT:Inl] (explorer.exe @ es.dll) ntdll.dll - NtOpenEvent : Unknown @ 0x777202e0 (jmp 0x15ec30) [IAT:Inl] (explorer.exe @ WINMM.dll) ntdll.dll - NtCreateEvent : Unknown @ 0x777202d0 (jmp 0x15eba0) [IAT:Inl] (explorer.exe @ WINMM.dll) ntdll.dll - NtCreateTimer : Unknown @ 0x77720330 (jmp 0x15e5f0) [IAT:Inl] (explorer.exe @ AVRT.dll) ntdll.dll - NtOpenEvent : Unknown @ 0x777202e0 (jmp 0x15ec30) [IAT:Inl] (explorer.exe @ AVRT.dll) ntdll.dll - NtAlpcSendWaitReceivePort : Unknown @ 0x77720480 (jmp 0x15e980) [IAT:Inl] (explorer.exe @ AVRT.dll) ntdll.dll - NtCreateEvent : Unknown @ 0x777202d0 (jmp 0x15eba0) [IAT:Inl] (explorer.exe @ AVRT.dll) ntdll.dll - NtTerminateProcess : Unknown @ 0x777203e0 (jmp 0x15ee70) [IAT:Inl] (explorer.exe @ AUDIOSES.DLL) ntdll.dll - NtAlpcSendWaitReceivePort : Unknown @ 0x77720480 (jmp 0x15e980) [IAT:Inl] (explorer.exe @ cscapi.dll) ntdll.dll - NtCreateEvent : Unknown @ 0x777202d0 (jmp 0x15eba0) [IAT:Inl] (explorer.exe @ NSI.dll) ntdll.dll - NtTerminateProcess : Unknown @ 0x777203e0 (jmp 0x15ee70) [IAT:Inl] (explorer.exe @ WS2_32.dll) ntdll.dll - NtLoadDriver : Unknown @ 0x777201e0 (jmp 0x15e140) [IAT:Inl] (firefox.exe @ wow64.dll) ntdll.dll - NtCreateSection : Unknown @ 0x90310 (jmp 0xffffffff88acebc0) [IAT:Inl] (firefox.exe @ wow64.dll) ntdll.dll - NtTerminateThread : Unknown @ 0x903f0 (jmp 0xffffffff88acec10) [IAT:Inl] (firefox.exe @ wow64.dll) ntdll.dll - NtQueryObject : Unknown @ 0x90450 (jmp 0xffffffff88acf0a0) [IAT:Inl] (firefox.exe @ wow64.dll) ntdll.dll - NtOpenProcess : Unknown @ 0x90370 (jmp 0xffffffff88acee60) [IAT:Inl] (firefox.exe @ wow64.dll) ntdll.dll - NtOpenThread : Unknown @ 0x90380 (jmp 0xffffffff88ace0c0) [IAT:Inl] (firefox.exe @ wow64.dll) ntdll.dll - NtWriteVirtualMemory : Unknown @ 0x903b0 (jmp 0xffffffff88aced60) [IAT:Inl] (firefox.exe @ wow64.dll) ntdll.dll - NtTerminateProcess : Unknown @ 0x903e0 (jmp 0xffffffff88acee70) [IAT:Inl] (firefox.exe @ wow64.dll) ntdll.dll - NtCreateThreadEx : Unknown @ 0x903d0 (jmp 0xffffffff88ace6a0) [IAT:Inl] (firefox.exe @ wow64.dll) ntdll.dll - NtCreateThread : Unknown @ 0x903c0 (jmp 0xffffffff88acec30) [IAT:Inl] (firefox.exe @ wow64.dll) ntdll.dll - NtSuspendThread : Unknown @ 0x90430 (jmp 0xffffffff88acd9a0) [IAT:Inl] (firefox.exe @ wow64.dll) ntdll.dll - NtSetContextThread : Unknown @ 0x90400 (jmp 0xffffffff88acdc20) [IAT:Inl] (firefox.exe @ wow64.dll) ntdll.dll - NtSetBootOptions : Unknown @ 0x90270 (jmp 0xffffffff88acdaa0) [IAT:Inl] (firefox.exe @ wow64.dll) ntdll.dll - NtOpenTimer : Unknown @ 0x90340 (jmp 0xffffffff88ace070) [IAT:Inl] (firefox.exe @ wow64.dll) ntdll.dll - NtNotifyChangeMultipleKeys : Unknown @ 0x904a0 (jmp 0xffffffff88ace300) [IAT:Inl] (firefox.exe @ wow64.dll) ntdll.dll - NtSuspendProcess : Unknown @ 0x90420 (jmp 0xffffffff88acd9a0) [IAT:Inl] (firefox.exe @ wow64.dll) ntdll.dll - NtCreateTimer : Unknown @ 0x90330 (jmp 0xffffffff88ace5f0) [IAT:Inl] (firefox.exe @ wow64.dll) ntdll.dll - NtSetSystemInformation : Unknown @ 0x901f0 (jmp 0xffffffff88acd850) [IAT:Inl] (firefox.exe @ wow64.dll) ntdll.dll - NtCreateIoCompletion : Unknown @ 0x90350 (jmp 0xffffffff88ace730) [IAT:Inl] (firefox.exe @ wow64.dll) ntdll.dll - NtModifyBootEntry : Unknown @ 0x90250 (jmp 0xffffffff88ace0f0) [IAT:Inl] (firefox.exe @ wow64.dll) ntdll.dll - NtOpenMutant : Unknown @ 0x902a0 (jmp 0xffffffff88ace060) [IAT:Inl] (firefox.exe @ wow64.dll) ntdll.dll - NtSetSystemPowerState : Unknown @ 0x90210 (jmp 0xffffffff88acd860) [IAT:Inl] (firefox.exe @ wow64.dll) ntdll.dll - NtReplyWaitReceivePortEx : Unknown @ 0x90470 (jmp 0xffffffff88acef10) [IAT:Inl] (firefox.exe @ wow64.dll) ntdll.dll - NtShutdownSystem : Unknown @ 0x90200 (jmp 0xffffffff88acd7e0) [IAT:Inl] (firefox.exe @ wow64.dll) ntdll.dll - NtOpenIoCompletion : Unknown @ 0x90360 (jmp 0xffffffff88ace180) [IAT:Inl] (firefox.exe @ wow64.dll) ntdll.dll - NtAddBootEntry : Unknown @ 0x90230 (jmp 0xffffffff88ace8f0) [IAT:Inl] (firefox.exe @ wow64.dll) ntdll.dll - NtReplyWaitReceivePort : Unknown @ 0x90460 (jmp 0xffffffff88acf100) [IAT:Inl] (firefox.exe @ wow64.dll) ntdll.dll - NtDeleteBootEntry : Unknown @ 0x90240 (jmp 0xffffffff88ace460) [IAT:Inl] (firefox.exe @ wow64.dll) ntdll.dll - NtSetBootEntryOrder : Unknown @ 0x90260 (jmp 0xffffffff88acdaa0) [IAT:Inl] (firefox.exe @ wow64.dll) ntdll.dll - NtOpenSection : Unknown @ 0x90320 (jmp 0xffffffff88aced00) [IAT:Inl] (firefox.exe @ wow64.dll) ntdll.dll - NtDebugActiveProcess : Unknown @ 0x90410 (jmp 0xffffffff88ace660) [IAT:Inl] (firefox.exe @ wow64.dll) ntdll.dll - NtAssignProcessToJobObject : Unknown @ 0x903a0 (jmp 0xffffffff88ace870) [IAT:Inl] (firefox.exe @ wow64.dll) ntdll.dll - NtOpenEvent : Unknown @ 0x902e0 (jmp 0xffffffff88acec30) [IAT:Inl] (firefox.exe @ wow64.dll) ntdll.dll - NtAlpcSendWaitReceivePort : Unknown @ 0x90480 (jmp 0xffffffff88ace980) [IAT:Inl] (firefox.exe @ wow64.dll) ntdll.dll - NtNotifyChangeKey : Unknown @ 0x90490 (jmp 0xffffffff88ace300) [IAT:Inl] (firefox.exe @ wow64.dll) ntdll.dll - NtOpenEventPair : Unknown @ 0x90300 (jmp 0xffffffff88ace130) [IAT:Inl] (firefox.exe @ wow64.dll) ntdll.dll - NtCreateEvent : Unknown @ 0x902d0 (jmp 0xffffffff88aceba0) [IAT:Inl] (firefox.exe @ wow64.dll) ntdll.dll - NtCreateSemaphore : Unknown @ 0x902b0 (jmp 0xffffffff88ace5a0) [IAT:Inl] (firefox.exe @ wow64.dll) ntdll.dll - NtSystemDebugControl : Unknown @ 0x90220 (jmp 0xffffffff88acd780) [IAT:Inl] (firefox.exe @ wow64.dll) ntdll.dll - NtCreateMutant : Unknown @ 0x90290 (jmp 0xffffffff88ace610) [IAT:Inl] (firefox.exe @ wow64.dll) ntdll.dll - NtLoadDriver : Unknown @ 0x901e0 (jmp 0xffffffff88ace140) [IAT:Inl] (firefox.exe @ wow64.dll) ntdll.dll - NtCreateEventPair : Unknown @ 0x902f0 (jmp 0xffffffff88ace6e0) [IAT:Inl] (firefox.exe @ wow64.dll) ntdll.dll - NtQueueApcThreadEx : Unknown @ 0x90440 (jmp 0xffffffff88acde80) [IAT:Inl] (firefox.exe @ wow64.dll) ntdll.dll - NtDuplicateObject : Unknown @ 0x90390 (jmp 0xffffffff88aced20) [IAT:Inl] (firefox.exe @ wow64.dll) ntdll.dll - NtOpenSemaphore : Unknown @ 0x902c0 (jmp 0xffffffff88ace030) [IAT:Inl] (firefox.exe @ wow64win.dll) ntdll.dll - NtTerminateProcess : Unknown @ 0x903e0 (jmp 0xffffffff88acee70) [IAT:Inl] (firefox.exe @ wow64win.dll) ntdll.dll - NtCreateSection : Unknown @ 0x90310 (jmp 0xffffffff88acebc0) [IAT:Inl] (firefox.exe @ wow64win.dll) ntdll.dll - NtCreateEvent : Unknown @ 0x902d0 (jmp 0xffffffff88aceba0) [IAT:Inl] (firefox.exe @ wow64win.dll) ntdll.dll - NtOpenProcess : Unknown @ 0x90370 (jmp 0xffffffff88acee60) [IAT:Inl] (firefox.exe @ wow64cpu.dll) ntdll.dll - NtWriteVirtualMemory : Unknown @ 0x903b0 (jmp 0xffffffff88aced60) [IAT:Inl] (firefox.exe @ wow64cpu.dll) ntdll.dll - NtTerminateProcess : Unknown @ 0x903e0 (jmp 0xffffffff88acee70) ¤¤¤ Navigateurs web : 0 ¤¤¤ ¤¤¤ Vérification MBR : ¤¤¤ +++++ PhysicalDrive0: MD03200-NVDW-RO +++++ --- User --- [MBR] b83b63f300d9e9d0c0962bb23aaf4f7b [BSP] 0cecfd8c066860ed58d7f9246c55df34 : Linux MBR Code Partition table: 0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB 1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 162944 MB 2 - [XXXXXX] EXTEN (0x5) [VISIBLE] Offset (sectors): 333918206 | Size: 142199 MB User = LL1 ... OK User = LL2 ... OK ============================================ RKreport_DEL_06132014_205441.log - RKreport_DEL_06142014_124036.log - RKreport_DEL_06142014_160406.log - RKreport_DEL_06242014_171800.log RKreport_DEL_11062014_010019.log - RKreport_DEL_11062014_010111.log - RKreport_SCN_06132014_205032.log - RKreport_SCN_06142014_112109.log RKreport_SCN_06142014_124017.log - RKreport_SCN_06142014_160320.log - RKreport_SCN_06242014_171308.log - RKreport_SCN_11062014_005756.log RKreport_SCN_11062014_023738.log - RKreport_SCN_11062014_081626.log