cjoint

Publicité


Publicité

Format du document : application/octet-stream

Prévisualisation

RogueKiller V10.8.6.0 [Jun 22 2015] par Adlice Software
email : http://www.adlice.com/contact/
Remontées : http://forum.adlice.com
Site web : http://www.adlice.com/fr/logiciels/roguekiller/
Blog : http://www.adlice.com

Système d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Démarré en : Mode normal
Utilisateur : carlex [Administrateur]
Démarré depuis : C:\Program Files\RogueKiller\RogueKiller.exe
Mode : Suppression -- Date : 06/25/2015 19:16:17

¤¤¤ Processus : 0 ¤¤¤

¤¤¤ Registre : 0 ¤¤¤

¤¤¤ Tâches : 0 ¤¤¤

¤¤¤ Fichiers : 0 ¤¤¤

¤¤¤ Fichier Hosts : 0 ¤¤¤

¤¤¤ Antirootkit : 39 (Driver: Chargé) ¤¤¤
[IAT:Inl(Hook.IEAT)] (explorer.exe) ADVAPI32.dll - CloseServiceHandle : Unknown @ 0x74b72859 (jmp 0xfcfaf25d|jmp 0xffffdd32|call 0x1fe)
[IAT:Inl(Hook.IEAT)] (explorer.exe) ADVAPI32.dll - OpenServiceW : Unknown @ 0x74b72431 (jmp 0xfcfb5a45|jmp 0xffffe15a|call 0x1fe)
[IAT:Inl(Hook.IEAT)] (explorer.exe) ADVAPI32.dll - CryptAcquireContextW : Unknown @ 0x74b73699 (jmp 0xfcfb57e5|jmp 0xffffcef2|call 0x1fe)
[IAT:Inl(Hook.IEAT)] (explorer.exe) ADVAPI32.dll - CryptCreateHash : Unknown @ 0x74b73861 (jmp 0xfcfb5973|jmp 0xffffcd2a|call 0x1fe)
[IAT:Inl(Hook.IEAT)] (explorer.exe) ADVAPI32.dll - CryptHashData : Unknown @ 0x74b73a29 (jmp 0xfcfb5b53|jmp 0xffffcb62|call 0x1fe)
[IAT:Inl(Hook.IEAT)] (explorer.exe) ADVAPI32.dll - CryptGetHashParam : Unknown @ 0x74b73991 (jmp 0xfcfb5a73|jmp 0xffffcbfa|call 0x1fe)
[IAT:Inl(Hook.IEAT)] (explorer.exe) USER32.dll - SetWindowsHookExW : Unknown @ 0x74b717b9 (jmp 0xfe9b34ad|jmp 0xffffedd2|call 0x1fe)
[IAT:Inl(Hook.IEAT)] (explorer.exe) USER32.dll - GetMessageW : Unknown @ 0x74b74019 (jmp 0xfe9a7231|jmp 0xffffc572|call 0x1fe)
[IAT:Inl(Hook.IEAT)] (explorer.exe) USER32.dll - SetWinEventHook : Unknown @ 0x74b721d1 (jmp 0xfe9afcf5|jmp 0xffffe3ba|call 0x1fe)
[IAT:Inl(Hook.IEAT)] (explorer.exe) ntdll.dll - NtSetInformationProcess : Unknown @ 0x74b72be9 (jmp 0xfd11c514|jmp 0xffffd9a2|call 0x1fe)
[IAT:Inl(Hook.IEAT)] (explorer.exe) ntdll.dll - NtOpenProcessToken : Unknown @ 0x74b73bf1 (jmp 0xfd11ddfc|jmp 0xffffc99a|call 0x1fe)
[IAT:Inl(Hook.IEAT)] (explorer.exe) ntdll.dll - NtSetSystemInformation : Unknown @ 0x74b72d19 (jmp 0xfd11c534|jmp 0xffffd872|call 0x1fe)
[IAT:Inl(Hook.IEAT)] (explorer.exe) ntdll.dll - NtQueryInformationToken : Unknown @ 0x74b73c89 (jmp 0xfd11dbb4|jmp 0xffffc902|call 0x1fe)
[IAT:Inl(Hook.IEAT)] (explorer.exe) ntdll.dll - NtDuplicateObject : Unknown @ 0x74b71ed9 (jmp 0xfd11c5e4|jmp 0xffffe6b2|call 0x1fe)
[IAT:Inl(Hook.IEAT)] (explorer.exe) ntdll.dll - NtTerminateProcess : Unknown @ 0x74b72b51 (jmp 0xfd11c22c|jmp 0xffffda3a|call 0x1fe)
[IAT:Inl(Hook.IEAT)] (explorer.exe) ntdll.dll - NtMapViewOfSection : Unknown @ 0x74b715f1 (jmp 0xfd11b96c|jmp 0xffffef9a|call 0x1fe)
[IAT:Inl(Hook.IEAT)] (explorer.exe) ntdll.dll - NtUnmapViewOfSection : Unknown @ 0x74b71689 (jmp 0xfd11ac74|jmp 0xffffef02|call 0x1fe)
[IAT:Inl(Hook.IEAT)] (explorer.exe) ntdll.dll - RtlEqualSid : Unknown @ 0x74b73d21 (jmp 0xfd0f58ed|jmp 0xffffc86a|call 0x1fe)
[IAT:Inl(Hook.IEAT)] (explorer.exe) ntdll.dll - RtlCreateProcessParametersEx : Unknown @ 0x74b72989 (jmp 0xfd0fb838|jmp 0xffffdc02|call 0x1fe)
[IAT:Inl(Hook.IEAT)] (explorer.exe) ntdll.dll - NtWriteVirtualMemory : Unknown @ 0x74b71c79 (jmp 0xfd11b184|jmp 0xffffe912|call 0x1fe)
[IAT:Inl(Hook.IEAT)] (explorer.exe) ntdll.dll - NtSuspendThread : Unknown @ 0x74b720a1 (jmp 0xfd11b7ac|jmp 0xffffe4ea|call 0x1fe)
[IAT:Inl(Hook.IEAT)] (explorer.exe) ntdll.dll - NtQueueApcThread : Unknown @ 0x74b71e41 (jmp 0xfd11bb6c|jmp 0xffffe74a|call 0x1fe)
[IAT:Inl(Hook.IEAT)] (explorer.exe) ntdll.dll - NtCreateThreadEx : Unknown @ 0x74b718e9 (jmp 0xfd11c164|jmp 0xffffeca2|call 0x1fe)
[IAT:Inl(Hook.IEAT)] (explorer.exe) ntdll.dll - NtAdjustPrivilegesToken : Unknown @ 0x74b73309 (jmp 0xfd11e044|jmp 0xffffd282|call 0x1fe)
[IAT:Inl(Hook.IEAT)] (explorer.exe) kernel32.dll - CreateToolhelp32Snapshot : Unknown @ 0x74b72009 (jmp 0xfdb621cf|jmp 0xffffe582|call 0x1fe)
[IAT:Inl(Hook.IEAT)] (explorer.exe) ntdll.dll - NtVdmControl : Unknown @ 0x74b73ee9 (jmp 0xfd11d4c4|jmp 0xffffc6a2|call 0x1fe)
[IAT:Inl(Hook.IEAT)] (explorer.exe) USER32.dll - GetMessageA : Unknown @ 0x74b73f81 (jmp 0xfe9b26e8|jmp 0xffffc60a|call 0x1fe)
[IAT:Inl(Hook.IEAT)] (explorer.exe) kernel32.dll - MoveFileExW : Unknown @ 0x74b73011 (jmp 0xfdb5a109|jmp 0xffffd57a|call 0x1fe)
[IAT:Inl(Hook.IEAT)] (explorer.exe) ADVAPI32.dll - CryptAcquireContextA : Unknown @ 0x74b73601 (jmp 0xfcfba488|jmp 0xffffcf8a|call 0x1fe)
[IAT:Inl(Hook.IEAT)] (explorer.exe) kernel32.dll - GetStartupInfoA : Unknown @ 0x74b73e51 (jmp 0xfdba2041|jmp 0xffffc73a|call 0x1fe)
[IAT:Inl(Hook.IEAT)] (explorer.exe) USER32.dll - PostMessageW : Unknown @ 0x74b74149 (jmp 0xfe9afcce|jmp 0xffffc442|call 0x1fe)
[IAT:Inl(Hook.IEAT)] (explorer.exe) USER32.dll - PostMessageA : Unknown @ 0x74b740b1 (jmp 0xfe9b8c6b|jmp 0xffffc4da|call 0x1fe)
[IAT:Inl(Hook.IEAT)] (explorer.exe) ADVAPI32.dll - ChangeServiceConfigW : Unknown @ 0x74b727c1 (jmp 0xfcf7f3f5|jmp 0xffffddca|call 0x1fe)
[IAT:Inl(Hook.IEAT)] (explorer.exe) ADVAPI32.dll - DeleteService : Unknown @ 0x74b72691 (jmp 0xfcf9b50d|jmp 0xffffdefa|call 0x1fe)
[IAT:Inl(Hook.IEAT)] (explorer.exe) ADVAPI32.dll - ControlService : Unknown @ 0x74b725f9 (jmp 0xfcf9b48d|jmp 0xffffdf92|call 0x1fe)
[IAT:Inl(Hook.IEAT)] (explorer.exe) ntdll.dll - NtLoadDriver : Unknown @ 0x74b72c81 (jmp 0xfd11d0cc|jmp 0xffffd90a|call 0x1fe)
[IAT:Inl(Hook.IEAT)] (explorer.exe) ADVAPI32.dll - CryptGenKey : Unknown @ 0x74b73731 (jmp 0xfcfba8a8|jmp 0xffffce5a|call 0x1fe)
[IAT:Inl(Hook.IEAT)] (explorer.exe) ADVAPI32.dll - CryptExportKey : Unknown @ 0x74b738f9 (jmp 0xfcfba773|jmp 0xffffcc92|call 0x1fe)
[IAT:Inl(Hook.IEAT)] (explorer.exe) ADVAPI32.dll - CryptImportKey : Unknown @ 0x74b73ac1 (jmp 0xfcfb75ef|jmp 0xffffcaca|call 0x1fe)

¤¤¤ Navigateurs web : 0 ¤¤¤

¤¤¤ Vérification MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD2500AAJB-00J3A0 ATA Device +++++
--- User ---
[MBR] f00c199638d31a966268ed7552b3beec
[BSP] fb2b3e9830e514f6a79d481f9c0b49d9 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 238464 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK


============================================
RKreport_SCN_04192015_145855.log - RKreport_DEL_04192015_145959.log - RKreport_DEL_04192015_150031.log - RKreport_DEL_04192015_150103.log
RKreport_DEL_04192015_150106.log - RKreport_DEL_04192015_150109.log - RKreport_DEL_04192015_150115.log - RKreport_SCN_05132015_202814.log
RKreport_DEL_05132015_204131.log - RKreport_SCN_05242015_183811.log - RKreport_DEL_05242015_184048.log - RKreport_SCN_06182015_222138.log
RKreport_DEL_06182015_230024.log - RKreport_SCN_06252015_190635.log - RKreport_DEL_06252015_191539.log - RKreport_DEL_06252015_191601.log
RKreport_DEL_06252015_191604.log - RKreport_DEL_06252015_191608.log - RKreport_DEL_06252015_191609.log - RKreport_DEL_06252015_191611.log
RKreport_DEL_06252015_191613.log - RKreport_DEL_06252015_191615.log

Publicité


Signaler le contenu de ce document

Publicité