cjoint

Publicité


Publicité

Format du document : text/x-log

Prévisualisation

RogueKiller V10.0.4.0 (x64) [Oct 29 2014] par Adlice Software
email : http://www.adlice.com/contact/
Remontées : http://forum.adlice.com
Site web : https://www.surlatoile.org/RogueKiller/
Blog : http://www.adlice.com

Système d'exploitation : Windows 8.1 (6.3.9200 ) 64 bits version
Démarré en : Mode normal
Utilisateur : Michelle [Administrateur]
Mode : Suppression -- Date : 11/02/2014 20:08:01

¤¤¤ Processus : 0 ¤¤¤

¤¤¤ Registre : 23 ¤¤¤
[Hidden.From.SCM] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\BthAvrcpTg -> ERROR [2]
[Hidden.From.SCM] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\BthHFEnum -> ERROR [2]
[Hidden.From.SCM] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\bthhfhid -> ERROR [2]
[PUM.HomePage] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Start Page : http://go.microsoft.com/fwlink/p/?LinkId=255141 -> Remplacé(e) (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Start Page : http://go.microsoft.com/fwlink/p/?LinkId=255141 -> Remplacé(e) (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-752061620-813652355-3721536411-1001\Software\Microsoft\Internet Explorer\Main | Start Page : http://go.microsoft.com/fwlink/p/?LinkId=255141 -> Remplacé(e) (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-752061620-813652355-3721536411-1001\Software\Microsoft\Internet Explorer\Main | Start Page : http://go.microsoft.com/fwlink/p/?LinkId=255141 -> Remplacé(e) (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.SearchPage] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Search Page : http://go.microsoft.com/fwlink/?LinkId=54896 -> Remplacé(e) (http://go.microsoft.com/fwlink/?LinkId=54896)
[PUM.SearchPage] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Search Page : http://go.microsoft.com/fwlink/?LinkId=54896 -> Remplacé(e) (http://go.microsoft.com/fwlink/?LinkId=54896)
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-752061620-813652355-3721536411-1001\Software\Microsoft\Internet Explorer\Main | Search Page : http://go.microsoft.com/fwlink/?LinkId=54896 -> Remplacé(e) (http://go.microsoft.com/fwlink/?LinkId=54896)
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-752061620-813652355-3721536411-1001\Software\Microsoft\Internet Explorer\Main | Search Page : http://go.microsoft.com/fwlink/?LinkId=54896 -> Remplacé(e) (http://go.microsoft.com/fwlink/?LinkId=54896)
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-752061620-813652355-3721536411-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 0 -> Remplacé(e) (0)
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-752061620-813652355-3721536411-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 0 -> Remplacé(e) (0)
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-752061620-813652355-3721536411-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 0 -> Remplacé(e) (0)
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-752061620-813652355-3721536411-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 0 -> Remplacé(e) (0)
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 0 -> Remplacé(e) (0)
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 0 -> Remplacé(e) (0)
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 0 -> Remplacé(e) (0)
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 0 -> Remplacé(e) (0)
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-752061620-813652355-3721536411-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 0 -> Remplacé(e) (0)
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-752061620-813652355-3721536411-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 0 -> Remplacé(e) (0)
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-752061620-813652355-3721536411-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 0 -> Remplacé(e) (0)
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-752061620-813652355-3721536411-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 0 -> Remplacé(e) (0)

¤¤¤ Tâches : 0 ¤¤¤

¤¤¤ Fichiers : 0 ¤¤¤

¤¤¤ Fichier Hosts : 0 ¤¤¤

¤¤¤ Antirootkit : 121 (Driver: Non chargé [0x20]) ¤¤¤
[IAT:Inl] (explorer.exe) ntdll.dll - NtSetSystemInformation : Unknown @ 0x7fff154b01f0 (jmp 0xffffffff8012d310)
[IAT:Inl] (explorer.exe @ KERNEL32.DLL) ntdll.dll - NtAssignProcessToJobObject : Unknown @ 0x7fff154b03a0 (jmp 0xffffffff8012e480)
[IAT:Inl] (explorer.exe @ KERNEL32.DLL) ntdll.dll - NtOpenEvent : Unknown @ 0x7fff154b02e0 (jmp 0xffffffff8012e870)
[IAT:Inl] (explorer.exe @ KERNEL32.DLL) ntdll.dll - NtCreateEvent : Unknown @ 0x7fff154b02d0 (jmp 0xffffffff8012e7e0)
[IAT:Inl] (explorer.exe @ KERNEL32.DLL) ntdll.dll - NtCreateSection : Unknown @ 0x7fff154b0310 (jmp 0xffffffff8012e800)
[IAT:Inl] (explorer.exe @ KERNEL32.DLL) ntdll.dll - NtSetSystemInformation : Unknown @ 0x7fff154b01f0 (jmp 0xffffffff8012d310)
[IAT:Inl] (explorer.exe @ KERNEL32.DLL) ntdll.dll - NtTerminateProcess : Unknown @ 0x7fff154b03e0 (jmp 0xffffffff8012eab0)
[IAT:Inl] (explorer.exe @ KERNELBASE.dll) ntdll.dll - NtCreateEvent : Unknown @ 0x7fff154b02d0 (jmp 0xffffffff8012e7e0)
[IAT:Inl] (explorer.exe @ KERNELBASE.dll) ntdll.dll - NtOpenMutant : Unknown @ 0x7fff154b02a0 (jmp 0xffffffff8012db70)
[IAT:Inl] (explorer.exe @ KERNELBASE.dll) ntdll.dll - NtTerminateProcess : Unknown @ 0x7fff154b03e0 (jmp 0xffffffff8012eab0)
[IAT:Inl] (explorer.exe @ KERNELBASE.dll) ntdll.dll - NtCreateSection : Unknown @ 0x7fff154b0310 (jmp 0xffffffff8012e800)
[IAT:Inl] (explorer.exe @ KERNELBASE.dll) ntdll.dll - NtNotifyChangeKey : Unknown @ 0x7fff154b0490 (jmp 0xffffffff8012de10)
[IAT:Inl] (explorer.exe @ KERNELBASE.dll) ntdll.dll - NtDuplicateObject : Unknown @ 0x7fff154b0390 (jmp 0xffffffff8012e960)
[IAT:Inl] (explorer.exe @ KERNELBASE.dll) ntdll.dll - NtSetSystemInformation : Unknown @ 0x7fff154b01f0 (jmp 0xffffffff8012d310)
[IAT:Inl] (explorer.exe @ KERNELBASE.dll) ntdll.dll - NtWriteVirtualMemory : Unknown @ 0x7fff154b03b0 (jmp 0xffffffff8012e9a0)
[IAT:Inl] (explorer.exe @ KERNELBASE.dll) ntdll.dll - NtOpenEvent : Unknown @ 0x7fff154b02e0 (jmp 0xffffffff8012e870)
[IAT:Inl] (explorer.exe @ KERNELBASE.dll) ntdll.dll - NtQueryObject : Unknown @ 0x7fff154b0450 (jmp 0xffffffff8012ece0)
[IAT:Inl] (explorer.exe @ KERNELBASE.dll) ntdll.dll - NtCreateSemaphore : Unknown @ 0x7fff154b02b0 (jmp 0xffffffff8012e150)
[IAT:Inl] (explorer.exe @ KERNELBASE.dll) ntdll.dll - NtOpenSemaphore : Unknown @ 0x7fff154b02c0 (jmp 0xffffffff8012db40)
[IAT:Inl] (explorer.exe @ KERNELBASE.dll) ntdll.dll - NtCreateMutant : Unknown @ 0x7fff154b0290 (jmp 0xffffffff8012e1c0)
[IAT:Inl] (explorer.exe @ KERNELBASE.dll) ntdll.dll - NtCreateTimer : Unknown @ 0x7fff154b0330 (jmp 0xffffffff8012e1a0)
[IAT:Inl] (explorer.exe @ KERNELBASE.dll) ntdll.dll - NtOpenTimer : Unknown @ 0x7fff154b0340 (jmp 0xffffffff8012db80)
[IAT:Inl] (explorer.exe @ KERNELBASE.dll) ntdll.dll - NtOpenProcess : Unknown @ 0x7fff154b0370 (jmp 0xffffffff8012eaa0)
[IAT:Inl] (explorer.exe @ KERNELBASE.dll) ntdll.dll - NtOpenSection : Unknown @ 0x7fff154b0320 (jmp 0xffffffff8012e940)
[IAT:Inl] (explorer.exe @ KERNELBASE.dll) ntdll.dll - NtCreateIoCompletion : Unknown @ 0x7fff154b0350 (jmp 0xffffffff8012e2f0)
[IAT:Inl] (explorer.exe @ KERNELBASE.dll) ntdll.dll - NtCreateThreadEx : Unknown @ 0x7fff154b03d0 (jmp 0xffffffff8012e250)
[IAT:Inl] (explorer.exe @ KERNELBASE.dll) ntdll.dll - NtTerminateThread : Unknown @ 0x7fff154b03f0 (jmp 0xffffffff8012e850)
[IAT:Inl] (explorer.exe @ KERNELBASE.dll) ntdll.dll - NtOpenThread : Unknown @ 0x7fff154b0380 (jmp 0xffffffff8012dbd0)
[IAT:Inl] (explorer.exe @ KERNELBASE.dll) ntdll.dll - NtSuspendThread : Unknown @ 0x7fff154b0430 (jmp 0xffffffff8012d430)
[IAT:Inl] (explorer.exe @ KERNELBASE.dll) ntdll.dll - NtSetContextThread : Unknown @ 0x7fff154b0400 (jmp 0xffffffff8012d700)
[IAT:Inl] (explorer.exe @ KERNELBASE.dll) ntdll.dll - NtNotifyChangeMultipleKeys : Unknown @ 0x7fff154b04a0 (jmp 0xffffffff8012de10)
[IAT:Addr] (explorer.exe @ KERNELBASE.dll) ext-ms-win-gpapi-grouppolicy-l1-1-0.dll - RegisterGPNotificationInternalWorker : C:\WINDOWS\SYSTEM32\gpapi.dll @ 0x7fff91871540
[IAT:Inl] (explorer.exe @ apphelp.dll) ntdll.dll - NtCreateSection : Unknown @ 0x7fff154b0310 (jmp 0xffffffff8012e800)
[IAT:Inl] (explorer.exe @ apphelp.dll) ntdll.dll - NtQueryObject : Unknown @ 0x7fff154b0450 (jmp 0xffffffff8012ece0)
[IAT:Inl] (explorer.exe @ combase.dll) ntdll.dll - NtQueryObject : Unknown @ 0x7fff154b0450 (jmp 0xffffffff8012ece0)
[IAT:Inl] (explorer.exe @ combase.dll) ntdll.dll - NtTerminateProcess : Unknown @ 0x7fff154b03e0 (jmp 0xffffffff8012eab0)
[IAT:Inl] (explorer.exe @ combase.dll) ntdll.dll - NtDuplicateObject : Unknown @ 0x7fff154b0390 (jmp 0xffffffff8012e960)
[IAT:Addr] (explorer.exe @ combase.dll) ext-ms-win-com-clbcatq-l1-1-0.dll - GetCatalogObject2 : C:\WINDOWS\SYSTEM32\clbcatq.dll @ 0x7fff92d324b0
[IAT:Addr] (explorer.exe @ combase.dll) ext-ms-win-com-clbcatq-l1-1-0.dll - GetCatalogObject : C:\WINDOWS\SYSTEM32\clbcatq.dll @ 0x7fff92d323c0
[IAT:Inl] (explorer.exe @ powrprof.dll) ntdll.dll - ZwAlpcSendWaitReceivePort : Unknown @ 0x7fff154b0480 (jmp 0xffffffff8012e590)
[IAT:Inl] (explorer.exe @ advapi32.dll) ntdll.dll - NtSetSystemInformation : Unknown @ 0x7fff154b01f0 (jmp 0xffffffff8012d310)
[IAT:Inl] (explorer.exe @ advapi32.dll) ntdll.dll - NtQueryObject : Unknown @ 0x7fff154b0450 (jmp 0xffffffff8012ece0)
[IAT:Inl] (explorer.exe @ USER32.dll) ntdll.dll - NtVdmControl : Unknown @ 0x7fff154b0280 (jmp 0xffffffff8012d160)
[IAT:Inl] (explorer.exe @ GDI32.dll) ntdll.dll - NtCreateSection : Unknown @ 0x7fff154b0310 (jmp 0xffffffff8012e800)
[IAT:Inl] (explorer.exe @ GDI32.dll) ntdll.dll - NtVdmControl : Unknown @ 0x7fff154b0280 (jmp 0xffffffff8012d160)
[IAT:Inl] (explorer.exe @ SHELL32.dll) ntdll.dll - NtQueryObject : Unknown @ 0x7fff154b0450 (jmp 0xffffffff8012ece0)
[IAT:Inl] (explorer.exe @ UxTheme.dll) ntdll.dll - NtCreateSection : Unknown @ 0x7fff154b0310 (jmp 0xffffffff8012e800)
[IAT:Inl] (explorer.exe @ UxTheme.dll) ntdll.dll - NtOpenSection : Unknown @ 0x7fff154b0320 (jmp 0xffffffff8012e940)
[IAT:Inl] (explorer.exe @ dwmapi.dll) ntdll.dll - NtCreateSection : Unknown @ 0x7fff154b0310 (jmp 0xffffffff8012e800)
[IAT:Inl] (explorer.exe @ TWINAPI.dll) ntdll.dll - NtCreateSection : Unknown @ 0x7fff154b0310 (jmp 0xffffffff8012e800)
[IAT:Inl] (explorer.exe @ SspiCli.dll) ntdll.dll - NtOpenEvent : Unknown @ 0x7fff154b02e0 (jmp 0xffffffff8012e870)
[IAT:Inl] (explorer.exe @ SspiCli.dll) ntdll.dll - NtDuplicateObject : Unknown @ 0x7fff154b0390 (jmp 0xffffffff8012e960)
[IAT:Inl] (explorer.exe @ sechost.dll) ntdll.dll - NtSetSystemInformation : Unknown @ 0x7fff154b01f0 (jmp 0xffffffff8012d310)
[IAT:Inl] (explorer.exe @ sechost.dll) ntdll.dll - NtTerminateProcess : Unknown @ 0x7fff154b03e0 (jmp 0xffffffff8012eab0)
[IAT:Inl] (explorer.exe @ RPCRT4.dll) ntdll.dll - NtCreateSection : Unknown @ 0x7fff154b0310 (jmp 0xffffffff8012e800)
[IAT:Inl] (explorer.exe @ RPCRT4.dll) ntdll.dll - NtQueueApcThreadEx : Unknown @ 0x7fff154b0440 (jmp 0xffffffff8012d970)
[IAT:Inl] (explorer.exe @ RPCRT4.dll) ntdll.dll - NtAlpcSendWaitReceivePort : Unknown @ 0x7fff154b0480 (jmp 0xffffffff8012e590)
[IAT:Inl] (explorer.exe @ MSCTF.dll) ntdll.dll - NtAlpcSendWaitReceivePort : Unknown @ 0x7fff154b0480 (jmp 0xffffffff8012e590)
[IAT:Inl] (explorer.exe @ bcryptPrimitives.dll) ntdll.dll - NtTerminateProcess : Unknown @ 0x7fff154b03e0 (jmp 0xffffffff8012eab0)
[IAT:Inl] (explorer.exe @ ole32.dll) ntdll.dll - NtQueryObject : Unknown @ 0x7fff154b0450 (jmp 0xffffffff8012ece0)
[IAT:Inl] (explorer.exe @ clbcatq.dll) ntdll.dll - NtOpenEvent : Unknown @ 0x7fff154b02e0 (jmp 0xffffffff8012e870)
[IAT:Inl] (explorer.exe @ WINSTA.dll) ntdll.dll - NtOpenProcess : Unknown @ 0x7fff154b0370 (jmp 0xffffffff8012eaa0)
[IAT:Inl] (explorer.exe @ WINSTA.dll) ntdll.dll - NtTerminateProcess : Unknown @ 0x7fff154b03e0 (jmp 0xffffffff8012eab0)
[IAT:Inl] (explorer.exe @ DUI70.dll) ntdll.dll - NtCreateSection : Unknown @ 0x7fff154b0310 (jmp 0xffffffff8012e800)
[IAT:Inl] (explorer.exe @ DEVOBJ.dll) ntdll.dll - NtQueryObject : Unknown @ 0x7fff154b0450 (jmp 0xffffffff8012ece0)
[IAT:Inl] (explorer.exe @ twinui.dll) ntdll.dll - NtSetSystemInformation : Unknown @ 0x7fff154b01f0 (jmp 0xffffffff8012d310)
[IAT:Inl] (explorer.exe @ twinui.dll) ntdll.dll - ZwAlpcSendWaitReceivePort : Unknown @ 0x7fff154b0480 (jmp 0xffffffff8012e590)
[IAT:Inl] (explorer.exe @ ntmarta.dll) ntdll.dll - NtOpenTimer : Unknown @ 0x7fff154b0340 (jmp 0xffffffff8012db80)
[IAT:Inl] (explorer.exe @ ntmarta.dll) ntdll.dll - NtOpenThread : Unknown @ 0x7fff154b0380 (jmp 0xffffffff8012dbd0)
[IAT:Inl] (explorer.exe @ ntmarta.dll) ntdll.dll - NtOpenSemaphore : Unknown @ 0x7fff154b02c0 (jmp 0xffffffff8012db40)
[IAT:Inl] (explorer.exe @ ntmarta.dll) ntdll.dll - NtOpenSection : Unknown @ 0x7fff154b0320 (jmp 0xffffffff8012e940)
[IAT:Inl] (explorer.exe @ ntmarta.dll) ntdll.dll - NtOpenProcess : Unknown @ 0x7fff154b0370 (jmp 0xffffffff8012eaa0)
[IAT:Inl] (explorer.exe @ ntmarta.dll) ntdll.dll - NtOpenMutant : Unknown @ 0x7fff154b02a0 (jmp 0xffffffff8012db70)
[IAT:Inl] (explorer.exe @ ntmarta.dll) ntdll.dll - NtOpenEvent : Unknown @ 0x7fff154b02e0 (jmp 0xffffffff8012e870)
[IAT:Inl] (explorer.exe @ ntmarta.dll) ntdll.dll - NtQueryObject : Unknown @ 0x7fff154b0450 (jmp 0xffffffff8012ece0)
[IAT:Inl] (explorer.exe @ CRYPTSP.dll) ntdll.dll - NtTerminateProcess : Unknown @ 0x7fff154b03e0 (jmp 0xffffffff8012eab0)
[IAT:Inl] (explorer.exe @ rsaenh.dll) ntdll.dll - NtTerminateProcess : Unknown @ 0x7fff154b03e0 (jmp 0xffffffff8012eab0)
[IAT:Inl] (explorer.exe @ bcrypt.dll) ntdll.dll - NtTerminateProcess : Unknown @ 0x7fff154b03e0 (jmp 0xffffffff8012eab0)
[IAT:Inl] (explorer.exe @ twinui.appcore.dll) ntdll.dll - ZwAlpcSendWaitReceivePort : Unknown @ 0x7fff154b0480 (jmp 0xffffffff8012e590)
[IAT:Addr] (explorer.exe @ twinui.appcore.dll) ext-ms-win-session-wtsapi32-l1-1-0.dll - WTSRegisterSessionNotification : C:\WINDOWS\SYSTEM32\WTSAPI32.dll @ 0x7fff91281be0
[IAT:Inl] (explorer.exe @ wpncore.dll) ntdll.dll - ZwAlpcSendWaitReceivePort : Unknown @ 0x7fff154b0480 (jmp 0xffffffff8012e590)
[IAT:Addr] (explorer.exe @ wpncore.dll) ext-ms-win-session-wtsapi32-l1-1-0.dll - WTSQuerySessionInformationW : C:\WINDOWS\SYSTEM32\WTSAPI32.dll @ 0x7fff912816a0
[IAT:Addr] (explorer.exe @ wpncore.dll) ext-ms-win-session-wtsapi32-l1-1-0.dll - WTSRegisterSessionNotification : C:\WINDOWS\SYSTEM32\WTSAPI32.dll @ 0x7fff91281be0
[IAT:Addr] (explorer.exe @ wpncore.dll) ext-ms-win-session-wtsapi32-l1-1-0.dll - WTSFreeMemory : C:\WINDOWS\SYSTEM32\WTSAPI32.dll @ 0x7fff91281330
[IAT:Addr] (explorer.exe @ wpncore.dll) ext-ms-win-session-winsta-l1-1-0.dll - WinStationQueryInformationW : C:\WINDOWS\SYSTEM32\WINSTA.dll @ 0x7fff92591160
[IAT:Inl] (explorer.exe @ dwrite.dll) ntdll.dll - NtAlpcSendWaitReceivePort : Unknown @ 0x7fff154b0480 (jmp 0xffffffff8012e590)
[IAT:Inl] (explorer.exe @ ncrypt.dll) ntdll.dll - NtTerminateProcess : Unknown @ 0x7fff154b03e0 (jmp 0xffffffff8012eab0)
[IAT:Addr] (explorer.exe @ SettingSyncCore.dll) ext-ms-win-shell-settingsync-l1-1-0.dll - SettingSync_IsAllowedByGroupPolicy : C:\WINDOWS\SYSTEM32\SETTINGSYNCPOLICY.dll @ 0x7fff8f182e44
[IAT:Inl] (explorer.exe @ SETUPAPI.dll) ntdll.dll - NtQueryObject : Unknown @ 0x7fff154b0450 (jmp 0xffffffff8012ece0)
[IAT:Inl] (explorer.exe @ CRYPT32.dll) ntdll.dll - NtQueryObject : Unknown @ 0x7fff154b0450 (jmp 0xffffffff8012ece0)
[IAT:Inl] (explorer.exe @ es.dll) ntdll.dll - NtOpenEvent : Unknown @ 0x7fff154b02e0 (jmp 0xffffffff8012e870)
[IAT:Inl] (explorer.exe @ AUDIOSES.DLL) ntdll.dll - NtAlpcSendWaitReceivePort : Unknown @ 0x7fff154b0480 (jmp 0xffffffff8012e590)
[IAT:Inl] (explorer.exe @ cscapi.dll) ntdll.dll - NtCreateEvent : Unknown @ 0x7fff154b02d0 (jmp 0xffffffff8012e7e0)
[IAT:Inl] (explorer.exe @ NSI.dll) ntdll.dll - NtTerminateProcess : Unknown @ 0x7fff154b03e0 (jmp 0xffffffff8012eab0)
[IAT:Addr] (explorer.exe @ PackageStateRoaming.dll) ext-ms-win-shell-settingsync-l1-1-0.dll - SettingSync_IsAppDataBackupRestoreEnabled : C:\WINDOWS\SYSTEM32\SETTINGSYNCPOLICY.dll @ 0x7fff8f18204c
[IAT:Inl] (explorer.exe @ Secur32.dll) ntdll.dll - NtOpenSection : Unknown @ 0x7fff154b0320 (jmp 0xffffffff8012e940)
[IAT:Inl] (explorer.exe @ wpnprv.dll) ntdll.dll - ZwAlpcSendWaitReceivePort : Unknown @ 0x7fff154b0480 (jmp 0xffffffff8012e590)
[IAT:Inl] (explorer.exe @ WS2_32.dll) ntdll.dll - NtLoadDriver : Unknown @ 0x7fff154b01e0 (jmp 0xffffffff8012dc50)
[IAT:Inl] (explorer.exe @ mswsock.dll) ntdll.dll - NtCreateIoCompletion : Unknown @ 0x7fff154b0350 (jmp 0xffffffff8012e2f0)
[IAT:Inl] (explorer.exe @ mswsock.dll) ntdll.dll - NtLoadDriver : Unknown @ 0x7fff154b01e0 (jmp 0xffffffff8012dc50)
[IAT:Inl] (explorer.exe @ mswsock.dll) ntdll.dll - NtCreateEvent : Unknown @ 0x7fff154b02d0 (jmp 0xffffffff8012e7e0)
[IAT:Inl] (explorer.exe @ authui.dll) ntdll.dll - NtOpenProcess : Unknown @ 0x7fff154b0370 (jmp 0xffffffff8012eaa0)
[IAT:Inl] (explorer.exe @ authui.dll) ntdll.dll - NtSetSystemInformation : Unknown @ 0x7fff154b01f0 (jmp 0xffffffff8012d310)
[IAT:Inl] (explorer.exe @ WSClient.dll) ntdll.dll - NtSetSystemInformation : Unknown @ 0x7fff154b01f0 (jmp 0xffffffff8012d310)
[IAT:Inl] (explorer.exe @ wer.dll) ntdll.dll - NtOpenEvent : Unknown @ 0x7fff154b02e0 (jmp 0xffffffff8012e870)
[IAT:Inl] (explorer.exe @ wer.dll) ntdll.dll - NtAlpcSendWaitReceivePort : Unknown @ 0x7fff154b0480 (jmp 0xffffffff8012e590)
[IAT:Inl] (explorer.exe @ fwpuclnt.dll) ntdll.dll - NtQueryObject : Unknown @ 0x7fff154b0450 (jmp 0xffffffff8012ece0)
[IAT:Inl] (explorer.exe @ schannel.DLL) ntdll.dll - NtCreateEvent : Unknown @ 0x7fff154b02d0 (jmp 0xffffffff8012e7e0)
[IAT:Inl] (explorer.exe @ schannel.DLL) ntdll.dll - NtOpenEvent : Unknown @ 0x7fff154b02e0 (jmp 0xffffffff8012e870)
[IAT:Inl] (explorer.exe @ schannel.DLL) ntdll.dll - NtDuplicateObject : Unknown @ 0x7fff154b0390 (jmp 0xffffffff8012e960)
[IAT:Inl] (explorer.exe @ ncryptsslp.dll) ntdll.dll - NtTerminateProcess : Unknown @ 0x7fff154b03e0 (jmp 0xffffffff8012eab0)
[IAT:Inl] (explorer.exe @ WINMM.dll) ntdll.dll - NtCreateEvent : Unknown @ 0x7fff154b02d0 (jmp 0xffffffff8012e7e0)
[IAT:Inl] (explorer.exe @ WINMM.dll) ntdll.dll - NtCreateTimer : Unknown @ 0x7fff154b0330 (jmp 0xffffffff8012e1a0)
[IAT:Inl] (explorer.exe @ AVRT.dll) ntdll.dll - NtAlpcSendWaitReceivePort : Unknown @ 0x7fff154b0480 (jmp 0xffffffff8012e590)
[IAT:Inl] (explorer.exe @ AVRT.dll) ntdll.dll - NtOpenEvent : Unknown @ 0x7fff154b02e0 (jmp 0xffffffff8012e870)
[IAT:Inl] (explorer.exe @ AVRT.dll) ntdll.dll - NtTerminateProcess : Unknown @ 0x7fff154b03e0 (jmp 0xffffffff8012eab0)
[IAT:Inl] (explorer.exe @ AVRT.dll) ntdll.dll - NtCreateEvent : Unknown @ 0x7fff154b02d0 (jmp 0xffffffff8012e7e0)
[IAT:Addr] (firefox.exe @ KERNELBASE.dll) ext-ms-win-gpapi-grouppolicy-l1-1-0.dll - RegisterGPNotificationInternalWorker : C:\WINDOWS\SysWOW64\gpapi.dll @ 0x743d1dae
[IAT:Addr] (firefox.exe @ RPCRT4.dll) ext-ms-win-gpapi-grouppolicy-l1-1-0.dll - RegisterGPNotificationInternalWorker : C:\WINDOWS\SysWOW64\gpapi.dll @ 0x743d1dae
[IAT:Addr] (firefox.exe @ combase.dll) ext-ms-win-com-clbcatq-l1-1-0.dll - GetCatalogObject2 : C:\WINDOWS\SysWOW64\clbcatq.dll @ 0x77663206
[IAT:Addr] (firefox.exe @ combase.dll) ext-ms-win-com-clbcatq-l1-1-0.dll - GetCatalogObject : C:\WINDOWS\SysWOW64\clbcatq.dll @ 0x7766278d

¤¤¤ Navigateurs web : 1 ¤¤¤
[PUM.HomePage][FIREFX:Config] 6sqe3mu9.default : user_pref("browser.startup.homepage", "http://portail.free.fr/"); -> Non sélectionné

¤¤¤ Vérification MBR : ¤¤¤
+++++ PhysicalDrive0: HGST HTS541010A9E680 +++++
--- User ---
[MBR] 1be177f18099da25ec446a3cf97d7514
[BSP] 9ae116ca9c6ee3039898d312cab59b74 : Empty MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x0) [VISIBLE] Offset (sectors): 1 | Size: 2097152 MB
User = LL1 ... OK
User = LL2 ... OK


============================================
RKreport_DEL_11022014_181139.log - RKreport_SCN_11022014_180944.log - RKreport_SCN_11022014_200150.log - RKreport_DEL_11022014_200613.log

Publicité


Signaler le contenu de ce document

Publicité