cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

RogueKiller V10.11.3.0 (x64) [Oct 26 2015] (Gratuit) par Adlice Software
email : http://www.adlice.com/contact/
Remontées : http://forum.adlice.com
Site web : http://www.adlice.com/fr/logiciels/roguekiller/
Blog : http://www.adlice.com

Système d'exploitation : Windows 8.1 (6.3.9600) 64 bits version
Démarré en : Mode normal
Utilisateur : Bernard64 [Administrateur]
Démarré depuis : C:\Users\Bernard64\Desktop\ROGUEKILLERX64.EXE
Mode : Scan -- Date : 10/27/2015 21:33:46

¤¤¤ Processus : 0 ¤¤¤

¤¤¤ Registre : 4 ¤¤¤
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-373255198-3491330068-4285058765-1001\Software\Microsoft\Internet Explorer\Main | Search Bar : res://C:\Program Files (x86)\Copernic Agent\CopernicAgentExt.rdl/INTEGRATION_BAND_SEARCHBAR_HTML -> Trouvé(e)
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-373255198-3491330068-4285058765-1001\Software\Microsoft\Internet Explorer\Main | Search Bar : res://C:\Program Files (x86)\Copernic Agent\CopernicAgentExt.rdl/INTEGRATION_BAND_SEARCHBAR_HTML -> Trouvé(e)
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Trouvé(e)
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Trouvé(e)

¤¤¤ Tâches : 0 ¤¤¤

¤¤¤ Fichiers : 0 ¤¤¤

¤¤¤ Fichier Hosts : 0 ¤¤¤

¤¤¤ Antirootkit : 29 (Driver: Chargé) ¤¤¤
[IAT:Inl(Hook.IEAT)] (explorer.exe) ntdll!NtSetSystemInformation : Unknown @ 0x7ffb1f1c01e0 (jmp 0xffffffff8012d7a0|jmp 0xfffffffffffffe19|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ kernel32.dll) ntdll!NtAssignProcessToJobObject : Unknown @ 0x7ffb1f1c0390 (jmp 0xffffffff8012e910|jmp 0xfffffffffffffc69|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ kernel32.dll) ntdll!NtOpenEvent : Unknown @ 0x7ffb1f1c02d0 (jmp 0xffffffff8012ed00|jmp 0xfffffffffffffd29|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ kernel32.dll) ntdll!NtCreateEvent : Unknown @ 0x7ffb1f1c02c0 (jmp 0xffffffff8012ec70|jmp 0xfffffffffffffd39|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ kernel32.dll) ntdll!NtCreateSection : Unknown @ 0x7ffb1f1c0300 (jmp 0xffffffff8012ec90|jmp 0xfffffffffffffcf9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ kernel32.dll) ntdll!NtTerminateProcess : Unknown @ 0x7ffb1f1c03d0 (jmp 0xffffffff8012ef40|jmp 0xfffffffffffffc29|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll!NtOpenMutant : Unknown @ 0x7ffb1f1c0290 (jmp 0xffffffff8012e000|jmp 0xfffffffffffffd69|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll!NtNotifyChangeKey : Unknown @ 0x7ffb1f1c0480 (jmp 0xffffffff8012e2a0|jmp 0xfffffffffffffb79|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll!NtDuplicateObject : Unknown @ 0x7ffb1f1c0380 (jmp 0xffffffff8012edf0|jmp 0xfffffffffffffc79|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll!NtWriteVirtualMemory : Unknown @ 0x7ffb1f1c03a0 (jmp 0xffffffff8012ee30|jmp 0xfffffffffffffc59|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll!NtQueryObject : Unknown @ 0x7ffb1f1c0440 (jmp 0xffffffff8012f170|jmp 0xfffffffffffffbb9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll!NtCreateSemaphore : Unknown @ 0x7ffb1f1c02a0 (jmp 0xffffffff8012e5e0|jmp 0xfffffffffffffd59|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll!NtOpenSemaphore : Unknown @ 0x7ffb1f1c02b0 (jmp 0xffffffff8012dfd0|jmp 0xfffffffffffffd49|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll!NtCreateMutant : Unknown @ 0x7ffb1f1c0280 (jmp 0xffffffff8012e650|jmp 0xfffffffffffffd79|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll!NtCreateTimer : Unknown @ 0x7ffb1f1c0320 (jmp 0xffffffff8012e630|jmp 0xfffffffffffffcd9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll!NtOpenTimer : Unknown @ 0x7ffb1f1c0330 (jmp 0xffffffff8012e010|jmp 0xfffffffffffffcc9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll!NtOpenProcess : Unknown @ 0x7ffb1f1c0360 (jmp 0xffffffff8012ef30|jmp 0xfffffffffffffc99|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll!NtOpenSection : Unknown @ 0x7ffb1f1c0310 (jmp 0xffffffff8012edd0|jmp 0xfffffffffffffce9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll!NtCreateIoCompletion : Unknown @ 0x7ffb1f1c0340 (jmp 0xffffffff8012e780|jmp 0xfffffffffffffcb9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll!NtCreateThreadEx : Unknown @ 0x7ffb1f1c03c0 (jmp 0xffffffff8012e6e0|jmp 0xfffffffffffffc39|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll!NtTerminateThread : Unknown @ 0x7ffb1f1c03e0 (jmp 0xffffffff8012ece0|jmp 0xfffffffffffffc19|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll!NtOpenThread : Unknown @ 0x7ffb1f1c0370 (jmp 0xffffffff8012e060|jmp 0xfffffffffffffc89|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll!NtSuspendThread : Unknown @ 0x7ffb1f1c0420 (jmp 0xffffffff8012d8c0|jmp 0xfffffffffffffbd9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll!NtSetContextThread : Unknown @ 0x7ffb1f1c03f0 (jmp 0xffffffff8012db90|jmp 0xfffffffffffffc09|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll!NtNotifyChangeMultipleKeys : Unknown @ 0x7ffb1f1c0490 (jmp 0xffffffff8012e2a0|jmp 0xfffffffffffffb69|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ powrprof.dll) ntdll!ZwAlpcSendWaitReceivePort : Unknown @ 0x7ffb1f1c0470 (jmp 0xffffffff8012ea20|jmp 0xfffffffffffffb89|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ user32.dll) ntdll!NtVdmControl : Unknown @ 0x7ffb1f1c0270 (jmp 0xffffffff8012d5f0|jmp 0xfffffffffffffd89|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ rpcrt4.dll) ntdll!NtQueueApcThreadEx : Unknown @ 0x7ffb1f1c0430 (jmp 0xffffffff8012de00|jmp 0xfffffffffffffbc9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ ws2_32.dll) ntdll!NtLoadDriver : Unknown @ 0x7ffb1f1c01d0 (jmp 0xffffffff8012e0e0|jmp 0xfffffffffffffe29|jmp 0x19b)

¤¤¤ Navigateurs web : 1 ¤¤¤
[PUM.HomePage][FIREFX:Config] i5z4cnje.default : user_pref("browser.startup.homepage", "www.lemonde.fr"); -> Trouvé(e)

¤¤¤ Vérification MBR : ¤¤¤
+++++ PhysicalDrive0: +++++
--- User ---
[MBR] 24f1945d695c5e5b8212651ddea1ca68
[BSP] 55f0324856f024e5c88c68747587703f : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 476939 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: +++++
--- User ---
[MBR] 53fbd19e423c09c29c243791b5b9ffb5
[BSP] 56639834b912c101c22313ba6571f973 : Legit.Unknown|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 722292 MB [Unknown Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 1479256064 | Size: 231575 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive2: +++++
Error reading User MBR! ([15] Le périphérique n?est pas prêt. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive3: +++++
--- User ---
[MBR] 34567c2fa7016e7a290613c0f7f3f110
[BSP] 52cde6c05a6452a85e59f41c96b59db9 : Windows XP|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] FAT32 (0xb) [VISIBLE] Offset (sectors): 8064 | Size: 7484 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive4: +++++
--- User ---
[MBR] 9df2d8d0bf1591ec7ab9646ea403d16a
[BSP] a08b60544f4a1176057a97aee51b1e0d : Empty|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0xc) [VISIBLE] Offset (sectors): 32 | Size: 15282 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )


Publicité


Signaler le contenu de ce document

Publicité