Publicité
Publicité
Format du document : text/x-log
Prévisualisation
RogueKiller V9.0.3.0 (x64) [Jun 17 2014] par Adlice Software
Mail : http://www.adlice.com/contact/
Remontées : http://forum.adlice.com
Site Web : http://www.surlatoile.org/RogueKiller/
Blog : http://www.adlice.com
Système d'exploitation : Windows 8.1 (6.3.9200 ) 64 bits version
Démarrage : Mode normal
Utilisateur : Jean [Droits d'admin]
Mode : Recherche -- Date : 06/19/2014 08:24:37
¤¤¤ Processus malicieux : 0 ¤¤¤
¤¤¤ Entrées de registre : 10 ¤¤¤
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 192.168.2.1 192.168.2.1 -> TROUVÉ
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 192.168.2.1 192.168.2.1 -> TROUVÉ
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{8C9326E2-566D-4E2B-9958-B30FB5CB6920} | DhcpNameServer : 192.168.2.1 192.168.2.1 -> TROUVÉ
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{CF605398-A451-497E-BF10-469D754CDA7D} | DhcpNameServer : 192.168.2.1 192.168.2.1 -> TROUVÉ
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{8C9326E2-566D-4E2B-9958-B30FB5CB6920} | DhcpNameServer : 192.168.2.1 192.168.2.1 -> TROUVÉ
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{CF605398-A451-497E-BF10-469D754CDA7D} | DhcpNameServer : 192.168.2.1 192.168.2.1 -> TROUVÉ
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> TROUVÉ
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> TROUVÉ
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> TROUVÉ
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> TROUVÉ
¤¤¤ Tâches planifiées : 0 ¤¤¤
¤¤¤ Fichiers : 0 ¤¤¤
¤¤¤ Fichier HOSTS : 2 ¤¤¤
[C:\WINDOWS\System32\drivers\etc\hosts] 127.0.0.1 localhost
[C:\WINDOWS\System32\drivers\etc\hosts] ::1 localhost
¤¤¤ Antirootkit : 30 ¤¤¤
[EAT:Addr] (explorer.exe) MPR.dll - CscNetApiGetInterface : C:\WINDOWS\SYSTEM32\cscapi.dll @ 0x7ff900081530
[EAT:Addr] (explorer.exe) MPR.dll - CscSearchApiGetInterface : C:\WINDOWS\SYSTEM32\cscapi.dll @ 0x7ff900083cb8
[EAT:Addr] (explorer.exe) MPR.dll - OfflineFilesEnable : C:\WINDOWS\SYSTEM32\cscapi.dll @ 0x7ff900086fa0
[EAT:Addr] (explorer.exe) MPR.dll - OfflineFilesGetShareCachingMode : C:\WINDOWS\SYSTEM32\cscapi.dll @ 0x7ff900087434
[EAT:Addr] (explorer.exe) MPR.dll - OfflineFilesQueryStatus : C:\WINDOWS\SYSTEM32\cscapi.dll @ 0x7ff900082f50
[EAT:Addr] (explorer.exe) MPR.dll - OfflineFilesQueryStatusEx : C:\WINDOWS\SYSTEM32\cscapi.dll @ 0x7ff900082d50
[EAT:Addr] (explorer.exe) MPR.dll - OfflineFilesStart : C:\WINDOWS\SYSTEM32\cscapi.dll @ 0x7ff9000874f0
[IAT:Addr] (iexplore.exe) api-ms-win-downlevel-shell32-l1-1-0.dll - SetCurrentProcessExplicitAppUserModelID : C:\WINDOWS\SYSTEM32\shcore.dll @ 0x7ff9044d6d08
[IAT:Addr] (iexplore.exe) api-ms-win-downlevel-shell32-l1-1-0.dll - CommandLineToArgvW : C:\WINDOWS\SYSTEM32\shcore.dll @ 0x7ff9044b48e8
[EAT:Addr] (iexplore.exe) MPR.dll - CscNetApiGetInterface : C:\WINDOWS\SYSTEM32\cscapi.dll @ 0x7ff900081530
[EAT:Addr] (iexplore.exe) MPR.dll - CscSearchApiGetInterface : C:\WINDOWS\SYSTEM32\cscapi.dll @ 0x7ff900083cb8
[EAT:Addr] (iexplore.exe) MPR.dll - OfflineFilesEnable : C:\WINDOWS\SYSTEM32\cscapi.dll @ 0x7ff900086fa0
[EAT:Addr] (iexplore.exe) MPR.dll - OfflineFilesGetShareCachingMode : C:\WINDOWS\SYSTEM32\cscapi.dll @ 0x7ff900087434
[EAT:Addr] (iexplore.exe) MPR.dll - OfflineFilesQueryStatus : C:\WINDOWS\SYSTEM32\cscapi.dll @ 0x7ff900082f50
[EAT:Addr] (iexplore.exe) MPR.dll - OfflineFilesQueryStatusEx : C:\WINDOWS\SYSTEM32\cscapi.dll @ 0x7ff900082d50
[EAT:Addr] (iexplore.exe) MPR.dll - OfflineFilesStart : C:\WINDOWS\SYSTEM32\cscapi.dll @ 0x7ff9000874f0
[EAT:Addr] (iexplore.exe) msxml6.dll - DllCanUnloadNow : C:\WINDOWS\SysWOW64\ieapfltr.dll @ 0x665d1845
[EAT:Addr] (iexplore.exe) msxml6.dll - DllGetClassObject : C:\WINDOWS\SysWOW64\ieapfltr.dll @ 0x665c7390
[EAT:Addr] (iexplore.exe) msxml6.dll - DllRegisterServer : C:\WINDOWS\SysWOW64\ieapfltr.dll @ 0x66600fe0
[EAT:Addr] (iexplore.exe) msxml6.dll - DllUnregisterServer : C:\WINDOWS\SysWOW64\ieapfltr.dll @ 0x66601042
[EAT:Addr] (iexplore.exe) msxml6.dll - DllCanUnloadNow : C:\WINDOWS\SysWOW64\ieapfltr.dll @ 0x665d1845
[EAT:Addr] (iexplore.exe) msxml6.dll - DllGetClassObject : C:\WINDOWS\SysWOW64\ieapfltr.dll @ 0x665c7390
[EAT:Addr] (iexplore.exe) msxml6.dll - DllRegisterServer : C:\WINDOWS\SysWOW64\ieapfltr.dll @ 0x66600fe0
[EAT:Addr] (iexplore.exe) msxml6.dll - DllUnregisterServer : C:\WINDOWS\SysWOW64\ieapfltr.dll @ 0x66601042
[IAT:Addr] (iexplore.exe) api-ms-win-downlevel-shell32-l1-1-0.dll - SetCurrentProcessExplicitAppUserModelID : C:\WINDOWS\SYSTEM32\shcore.dll @ 0x7ff9044d6d08
[IAT:Addr] (iexplore.exe) api-ms-win-downlevel-shell32-l1-1-0.dll - CommandLineToArgvW : C:\WINDOWS\SYSTEM32\shcore.dll @ 0x7ff9044b48e8
[EAT:Addr] (iexplore.exe) msxml6.dll - DllCanUnloadNow : C:\WINDOWS\SysWOW64\ieapfltr.dll @ 0x665d1845
[EAT:Addr] (iexplore.exe) msxml6.dll - DllGetClassObject : C:\WINDOWS\SysWOW64\ieapfltr.dll @ 0x665c7390
[EAT:Addr] (iexplore.exe) msxml6.dll - DllRegisterServer : C:\WINDOWS\SysWOW64\ieapfltr.dll @ 0x66600fe0
[EAT:Addr] (iexplore.exe) msxml6.dll - DllUnregisterServer : C:\WINDOWS\SysWOW64\ieapfltr.dll @ 0x66601042
¤¤¤ Navigateurs web : 0 ¤¤¤
¤¤¤ MBR Verif : ¤¤¤
+++++ PhysicalDrive0: Hitachi HTS547564A9E384 SATA Disk Device +++++
--- User ---
[MBR] 7ddf19f03d52f4155cd3cb1375d87c62
[BSP] fb924ff2fd824482cb78262ff6ca589e : Unknown MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x0) [VISIBLE] Offset (sectors): 1 | Size: 610480 MB
User = LL1 ... OK
User = LL2 ... OK
Mail : http://www.adlice.com/contact/
Remontées : http://forum.adlice.com
Site Web : http://www.surlatoile.org/RogueKiller/
Blog : http://www.adlice.com
Système d'exploitation : Windows 8.1 (6.3.9200 ) 64 bits version
Démarrage : Mode normal
Utilisateur : Jean [Droits d'admin]
Mode : Recherche -- Date : 06/19/2014 08:24:37
¤¤¤ Processus malicieux : 0 ¤¤¤
¤¤¤ Entrées de registre : 10 ¤¤¤
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 192.168.2.1 192.168.2.1 -> TROUVÉ
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 192.168.2.1 192.168.2.1 -> TROUVÉ
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{8C9326E2-566D-4E2B-9958-B30FB5CB6920} | DhcpNameServer : 192.168.2.1 192.168.2.1 -> TROUVÉ
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{CF605398-A451-497E-BF10-469D754CDA7D} | DhcpNameServer : 192.168.2.1 192.168.2.1 -> TROUVÉ
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{8C9326E2-566D-4E2B-9958-B30FB5CB6920} | DhcpNameServer : 192.168.2.1 192.168.2.1 -> TROUVÉ
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{CF605398-A451-497E-BF10-469D754CDA7D} | DhcpNameServer : 192.168.2.1 192.168.2.1 -> TROUVÉ
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> TROUVÉ
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> TROUVÉ
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> TROUVÉ
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> TROUVÉ
¤¤¤ Tâches planifiées : 0 ¤¤¤
¤¤¤ Fichiers : 0 ¤¤¤
¤¤¤ Fichier HOSTS : 2 ¤¤¤
[C:\WINDOWS\System32\drivers\etc\hosts] 127.0.0.1 localhost
[C:\WINDOWS\System32\drivers\etc\hosts] ::1 localhost
¤¤¤ Antirootkit : 30 ¤¤¤
[EAT:Addr] (explorer.exe) MPR.dll - CscNetApiGetInterface : C:\WINDOWS\SYSTEM32\cscapi.dll @ 0x7ff900081530
[EAT:Addr] (explorer.exe) MPR.dll - CscSearchApiGetInterface : C:\WINDOWS\SYSTEM32\cscapi.dll @ 0x7ff900083cb8
[EAT:Addr] (explorer.exe) MPR.dll - OfflineFilesEnable : C:\WINDOWS\SYSTEM32\cscapi.dll @ 0x7ff900086fa0
[EAT:Addr] (explorer.exe) MPR.dll - OfflineFilesGetShareCachingMode : C:\WINDOWS\SYSTEM32\cscapi.dll @ 0x7ff900087434
[EAT:Addr] (explorer.exe) MPR.dll - OfflineFilesQueryStatus : C:\WINDOWS\SYSTEM32\cscapi.dll @ 0x7ff900082f50
[EAT:Addr] (explorer.exe) MPR.dll - OfflineFilesQueryStatusEx : C:\WINDOWS\SYSTEM32\cscapi.dll @ 0x7ff900082d50
[EAT:Addr] (explorer.exe) MPR.dll - OfflineFilesStart : C:\WINDOWS\SYSTEM32\cscapi.dll @ 0x7ff9000874f0
[IAT:Addr] (iexplore.exe) api-ms-win-downlevel-shell32-l1-1-0.dll - SetCurrentProcessExplicitAppUserModelID : C:\WINDOWS\SYSTEM32\shcore.dll @ 0x7ff9044d6d08
[IAT:Addr] (iexplore.exe) api-ms-win-downlevel-shell32-l1-1-0.dll - CommandLineToArgvW : C:\WINDOWS\SYSTEM32\shcore.dll @ 0x7ff9044b48e8
[EAT:Addr] (iexplore.exe) MPR.dll - CscNetApiGetInterface : C:\WINDOWS\SYSTEM32\cscapi.dll @ 0x7ff900081530
[EAT:Addr] (iexplore.exe) MPR.dll - CscSearchApiGetInterface : C:\WINDOWS\SYSTEM32\cscapi.dll @ 0x7ff900083cb8
[EAT:Addr] (iexplore.exe) MPR.dll - OfflineFilesEnable : C:\WINDOWS\SYSTEM32\cscapi.dll @ 0x7ff900086fa0
[EAT:Addr] (iexplore.exe) MPR.dll - OfflineFilesGetShareCachingMode : C:\WINDOWS\SYSTEM32\cscapi.dll @ 0x7ff900087434
[EAT:Addr] (iexplore.exe) MPR.dll - OfflineFilesQueryStatus : C:\WINDOWS\SYSTEM32\cscapi.dll @ 0x7ff900082f50
[EAT:Addr] (iexplore.exe) MPR.dll - OfflineFilesQueryStatusEx : C:\WINDOWS\SYSTEM32\cscapi.dll @ 0x7ff900082d50
[EAT:Addr] (iexplore.exe) MPR.dll - OfflineFilesStart : C:\WINDOWS\SYSTEM32\cscapi.dll @ 0x7ff9000874f0
[EAT:Addr] (iexplore.exe) msxml6.dll - DllCanUnloadNow : C:\WINDOWS\SysWOW64\ieapfltr.dll @ 0x665d1845
[EAT:Addr] (iexplore.exe) msxml6.dll - DllGetClassObject : C:\WINDOWS\SysWOW64\ieapfltr.dll @ 0x665c7390
[EAT:Addr] (iexplore.exe) msxml6.dll - DllRegisterServer : C:\WINDOWS\SysWOW64\ieapfltr.dll @ 0x66600fe0
[EAT:Addr] (iexplore.exe) msxml6.dll - DllUnregisterServer : C:\WINDOWS\SysWOW64\ieapfltr.dll @ 0x66601042
[EAT:Addr] (iexplore.exe) msxml6.dll - DllCanUnloadNow : C:\WINDOWS\SysWOW64\ieapfltr.dll @ 0x665d1845
[EAT:Addr] (iexplore.exe) msxml6.dll - DllGetClassObject : C:\WINDOWS\SysWOW64\ieapfltr.dll @ 0x665c7390
[EAT:Addr] (iexplore.exe) msxml6.dll - DllRegisterServer : C:\WINDOWS\SysWOW64\ieapfltr.dll @ 0x66600fe0
[EAT:Addr] (iexplore.exe) msxml6.dll - DllUnregisterServer : C:\WINDOWS\SysWOW64\ieapfltr.dll @ 0x66601042
[IAT:Addr] (iexplore.exe) api-ms-win-downlevel-shell32-l1-1-0.dll - SetCurrentProcessExplicitAppUserModelID : C:\WINDOWS\SYSTEM32\shcore.dll @ 0x7ff9044d6d08
[IAT:Addr] (iexplore.exe) api-ms-win-downlevel-shell32-l1-1-0.dll - CommandLineToArgvW : C:\WINDOWS\SYSTEM32\shcore.dll @ 0x7ff9044b48e8
[EAT:Addr] (iexplore.exe) msxml6.dll - DllCanUnloadNow : C:\WINDOWS\SysWOW64\ieapfltr.dll @ 0x665d1845
[EAT:Addr] (iexplore.exe) msxml6.dll - DllGetClassObject : C:\WINDOWS\SysWOW64\ieapfltr.dll @ 0x665c7390
[EAT:Addr] (iexplore.exe) msxml6.dll - DllRegisterServer : C:\WINDOWS\SysWOW64\ieapfltr.dll @ 0x66600fe0
[EAT:Addr] (iexplore.exe) msxml6.dll - DllUnregisterServer : C:\WINDOWS\SysWOW64\ieapfltr.dll @ 0x66601042
¤¤¤ Navigateurs web : 0 ¤¤¤
¤¤¤ MBR Verif : ¤¤¤
+++++ PhysicalDrive0: Hitachi HTS547564A9E384 SATA Disk Device +++++
--- User ---
[MBR] 7ddf19f03d52f4155cd3cb1375d87c62
[BSP] fb924ff2fd824482cb78262ff6ca589e : Unknown MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x0) [VISIBLE] Offset (sectors): 1 | Size: 610480 MB
User = LL1 ... OK
User = LL2 ... OK