cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ÿþRogueKiller V10.10.9.0 (x64) [Oct 5 2015] par Adlice Software
email : http://www.adlice.com/contact/
Remontées : http://forum.adlice.com
Site web : http://www.adlice.com/software/roguekiller/
Blog : http://www.adlice.com

Système d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Démarré en : Mode normal
Utilisateur : Liard [Administrateur]
Démarré depuis : C:\Program Files\RogueKiller\RogueKiller.exe
Mode : Scan -- Date : 10/06/2015 19:52:00

¤¤¤ Processus : 0 ¤¤¤

¤¤¤ Registre : 0 ¤¤¤

¤¤¤ Tâches : 0 ¤¤¤

¤¤¤ Fichiers : 0 ¤¤¤

¤¤¤ Fichier Hosts : 35 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 media.opencandy.com
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.opencandy.com
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 tracking.opencandy.com
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 api.opencandy.com
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 installer.betterinstaller.com
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 installer.filebulldog.com
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 inno.bisrv.com
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 nsis.bisrv.com
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.file2desktop.com
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.goateastcach.us
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.guttastatdk.us
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.inskinmedia.com
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.insta.oibundles2.com
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.insta.playbryte.com
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.llogetfastcach.us
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.montiera.com
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.msdwnld.com
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.mypcbackup.com
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.ppdownload.com
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.riceateastcach.us
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.shyapotato.us
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.solimba.com
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.tuto4pc.com
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.appround.biz
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.bigspeedpro.com
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.bispd.com
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.bisrv.com
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.cdndp.com
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.download.sweetpacks.com
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.dpdownload.com
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.visualbee.net

¤¤¤ Antirootkit : 30 (Driver: Chargé) ¤¤¤
[IAT:Inl(Hook.IEAT)] (explorer.exe) ntdll.dll - NtSetSystemInformation : Unknown @ 0x76f201e0 (jmp 0x161140|jmp 0xfffffffffffffe19|call 0x5)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ kernel32.dll) ntdll.dll - NtWriteVirtualMemory : Unknown @ 0x76f203a0 (jmp 0x162650|jmp 0xfffffffffffffc59|call 0x5)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ kernel32.dll) ntdll.dll - NtDuplicateObject : Unknown @ 0x76f20380 (jmp 0x162610|jmp 0xfffffffffffffc79|call 0x5)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ kernel32.dll) ntdll.dll - NtCreateEvent : Unknown @ 0x76f202c0 (jmp 0x162490|jmp 0xfffffffffffffd39|call 0x5)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ kernel32.dll) ntdll.dll - NtNotifyChangeKey : Unknown @ 0x76f20480 (jmp 0x161bf0|jmp 0xfffffffffffffb79|call 0x5)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ kernel32.dll) ntdll.dll - NtTerminateProcess : Unknown @ 0x76f203d0 (jmp 0x162760|jmp 0xfffffffffffffc29|call 0x5)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ kernel32.dll) ntdll.dll - NtOpenEvent : Unknown @ 0x76f202d0 (jmp 0x162520|jmp 0xfffffffffffffd29|call 0x5)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ kernel32.dll) ntdll.dll - NtAssignProcessToJobObject : Unknown @ 0x76f20390 (jmp 0x162160|jmp 0xfffffffffffffc69|call 0x5)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ kernel32.dll) ntdll.dll - NtSetContextThread : Unknown @ 0x76f203f0 (jmp 0x161510|jmp 0xfffffffffffffc09|call 0x5)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ kernel32.dll) ntdll.dll - NtCreateSection : Unknown @ 0x76f20300 (jmp 0x1624b0|jmp 0xfffffffffffffcf9|call 0x5)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ kernel32.dll) ntdll.dll - NtOpenProcess : Unknown @ 0x76f20360 (jmp 0x162750|jmp 0xfffffffffffffc99|call 0x5)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ kernel32.dll) ntdll.dll - NtNotifyChangeMultipleKeys : Unknown @ 0x76f20490 (jmp 0x161bf0|jmp 0xfffffffffffffb69|call 0x5)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ kernel32.dll) ntdll.dll - NtQueryObject : Unknown @ 0x76f20440 (jmp 0x162990|jmp 0xfffffffffffffbb9|call 0x5)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll.dll - NtCreateIoCompletion : Unknown @ 0x76f20340 (jmp 0x162020|jmp 0xfffffffffffffcb9|call 0x5)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll.dll - NtOpenSection : Unknown @ 0x76f20310 (jmp 0x1625f0|jmp 0xfffffffffffffce9|call 0x5)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll.dll - NtCreateSemaphore : Unknown @ 0x76f202a0 (jmp 0x161e90|jmp 0xfffffffffffffd59|call 0x5)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll.dll - NtOpenSemaphore : Unknown @ 0x76f202b0 (jmp 0x161920|jmp 0xfffffffffffffd49|call 0x5)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll.dll - NtCreateMutant : Unknown @ 0x76f20280 (jmp 0x161f00|jmp 0xfffffffffffffd79|call 0x5)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll.dll - NtOpenMutant : Unknown @ 0x76f20290 (jmp 0x161950|jmp 0xfffffffffffffd69|call 0x5)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll.dll - NtCreateTimer : Unknown @ 0x76f20320 (jmp 0x161ee0|jmp 0xfffffffffffffcd9|call 0x5)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll.dll - NtOpenTimer : Unknown @ 0x76f20330 (jmp 0x161960|jmp 0xfffffffffffffcc9|call 0x5)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll.dll - NtCreateThreadEx : Unknown @ 0x76f203c0 (jmp 0x161f90|jmp 0xfffffffffffffc39|call 0x5)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll.dll - NtTerminateThread : Unknown @ 0x76f203e0 (jmp 0x162500|jmp 0xfffffffffffffc19|call 0x5)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll.dll - NtOpenThread : Unknown @ 0x76f20370 (jmp 0x1619b0|jmp 0xfffffffffffffc89|call 0x5)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll.dll - NtSuspendThread : Unknown @ 0x76f20420 (jmp 0x161290|jmp 0xfffffffffffffbd9|call 0x5)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ RPCRT4.dll) ntdll.dll - NtAlpcSendWaitReceivePort : Unknown @ 0x76f20470 (jmp 0x162270|jmp 0xfffffffffffffb89|call 0x5)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ RPCRT4.dll) ntdll.dll - NtQueueApcThreadEx : Unknown @ 0x76f20430 (jmp 0x161770|jmp 0xfffffffffffffbc9|call 0x5)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ GDI32.dll) ntdll.dll - NtVdmControl : Unknown @ 0x76f20270 (jmp 0x160ff0|jmp 0xfffffffffffffd89|call 0x5)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ ntmarta.dll) ntdll.dll - NtOpenEventPair : Unknown @ 0x76f202f0 (jmp 0x161a20|jmp 0xfffffffffffffd09|call 0x5)
[IAT:Inl(Hook.IEAT)] (explorer.exe @ WS2_32.dll) ntdll.dll - NtLoadDriver : Unknown @ 0x76f201d0 (jmp 0x161a30|jmp 0xfffffffffffffe29|call 0x5)

¤¤¤ Navigateurs web : 0 ¤¤¤

¤¤¤ Vérification MBR : ¤¤¤
+++++ PhysicalDrive0: ST31000528AS +++++
--- User ---
[MBR] 6b7daa188d4a0b92c842464541af7c82
[BSP] d8c03e7ae5371fd6576c0f4223768707 : HP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 939603 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 1924513792 | Size: 14164 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: Multiple Card Reader USB Device +++++
Error reading User MBR! ([15] Le périphérique n?est pas prêt. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )


Publicité


Signaler le contenu de ce document

Publicité