cjoint

Publicité

Cliquez pour partager vos propres fichiers

Publicité

Format du document : text/plain

Prévisualisation

ÿþRogueKiller V11.0.5.0 (x64) [Dec 28 2015] (Gratuit) par Adlice Software
email : http://www.adlice.com/contact/
Remontées : http://forum.adlice.com
Site web : http://www.adlice.com/fr/logiciels/roguekiller/
Blog : http://www.adlice.com

Système d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Démarré en : Mode normal
Utilisateur : stephanie [Administrateur]
Démarré depuis : C:\Users\stephanie\Desktop\RogueKillerX64(1).exe
Mode : Suppression -- Date : 01/03/2016 22:10:48

¤¤¤ Processus : 0 ¤¤¤

¤¤¤ Registre : 8 ¤¤¤
[PUP] (X64) HKEY_USERS\S-1-5-21-3274292380-3939228260-4248916288-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser | {21FA44EF-376D-4D53-9B0F-8A89D3229068} : -> Non sélectionné
[PUP] (X86) HKEY_USERS\S-1-5-21-3274292380-3939228260-4248916288-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser | {21FA44EF-376D-4D53-9B0F-8A89D3229068} : -> Non sélectionné
[VT.Unknown] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | Boingo Wi-Fi : "C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk" [-] -> Non sélectionné
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\catchme (\??\C:\Users\STEPHA~1\AppData\Local\Temp\catchme.sys) -> Supprimé(e)
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\catchme (\??\C:\Users\STEPHA~1\AppData\Local\Temp\catchme.sys) -> Supprimé(e)
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\catchme (\??\C:\Users\STEPHA~1\AppData\Local\Temp\catchme.sys) -> Supprimé(e)
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-3274292380-3939228260-4248916288-1001\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://asus.msn.com -> Non sélectionné
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-3274292380-3939228260-4248916288-1001\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://asus.msn.com -> Non sélectionné

¤¤¤ Tâches : 0 ¤¤¤

¤¤¤ Fichiers : 0 ¤¤¤

¤¤¤ Fichier Hosts : 0 [Too big!] ¤¤¤

¤¤¤ Antirootkit : 45 (Driver: Chargé) ¤¤¤
[IAT:Inl(Hook.IEAT)] (firefox.exe @ kernel32.dll) ntdll!LdrUnloadDll : Unknown @ 0x303fc (jmp 0x8849c870|jmp 0x7025d334)
[IAT:Inl(Hook.IEAT)] (firefox.exe @ wow64.dll) ntdll!NtCreateSection : Unknown @ 0x280300 (jmp 0x888c24b0|jmp 0xfffffcf9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (firefox.exe @ wow64.dll) ntdll!NtTerminateThread : Unknown @ 0x2803e0 (jmp 0x888c2500|jmp 0xfffffc19|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (firefox.exe @ wow64.dll) ntdll!NtQueryObject : Unknown @ 0x280440 (jmp 0x888c2990|jmp 0xfffffbb9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (firefox.exe @ wow64.dll) ntdll!NtOpenProcess : Unknown @ 0x280360 (jmp 0x888c2750|jmp 0xfffffc99|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (firefox.exe @ wow64.dll) ntdll!NtOpenThread : Unknown @ 0x280370 (jmp 0x888c19b0|jmp 0xfffffc89|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (firefox.exe @ wow64.dll) ntdll!NtWriteVirtualMemory : Unknown @ 0x2803a0 (jmp 0x888c2650|jmp 0xfffffc59|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (firefox.exe @ wow64.dll) ntdll!NtTerminateProcess : Unknown @ 0x2803d0 (jmp 0x888c2760|jmp 0xfffffc29|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (firefox.exe @ wow64.dll) ntdll!NtCreateThreadEx : Unknown @ 0x2803c0 (jmp 0x888c1f90|jmp 0xfffffc39|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (firefox.exe @ wow64.dll) ntdll!NtCreateThread : Unknown @ 0x2803b0 (jmp 0x888c2520|jmp 0xfffffc49|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (firefox.exe @ wow64.dll) ntdll!NtSuspendThread : Unknown @ 0x280420 (jmp 0x888c1290|jmp 0xfffffbd9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (firefox.exe @ wow64.dll) ntdll!NtSetContextThread : Unknown @ 0x2803f0 (jmp 0x888c1510|jmp 0xfffffc09|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (firefox.exe @ wow64.dll) ntdll!NtSetBootOptions : Unknown @ 0x280260 (jmp 0x888c1390|jmp 0xfffffd99|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (firefox.exe @ wow64.dll) ntdll!NtOpenTimer : Unknown @ 0x280330 (jmp 0x888c1960|jmp 0xfffffcc9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (firefox.exe @ wow64.dll) ntdll!NtNotifyChangeMultipleKeys : Unknown @ 0x280490 (jmp 0x888c1bf0|jmp 0xfffffb69|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (firefox.exe @ wow64.dll) ntdll!NtSuspendProcess : Unknown @ 0x280410 (jmp 0x888c1290|jmp 0xfffffbe9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (firefox.exe @ wow64.dll) ntdll!NtCreateTimer : Unknown @ 0x280320 (jmp 0x888c1ee0|jmp 0xfffffcd9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (firefox.exe @ wow64.dll) ntdll!NtSetSystemInformation : Unknown @ 0x2801e0 (jmp 0x888c1140|jmp 0xfffffe19|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (firefox.exe @ wow64.dll) ntdll!NtCreateIoCompletion : Unknown @ 0x280340 (jmp 0x888c2020|jmp 0xfffffcb9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (firefox.exe @ wow64.dll) ntdll!NtModifyBootEntry : Unknown @ 0x280240 (jmp 0x888c19e0|jmp 0xfffffdb9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (firefox.exe @ wow64.dll) ntdll!NtOpenMutant : Unknown @ 0x280290 (jmp 0x888c1950|jmp 0xfffffd69|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (firefox.exe @ wow64.dll) ntdll!NtSetSystemPowerState : Unknown @ 0x280200 (jmp 0x888c1150|jmp 0xfffffdf9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (firefox.exe @ wow64.dll) ntdll!NtReplyWaitReceivePortEx : Unknown @ 0x280460 (jmp 0x888c2800|jmp 0xfffffb99|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (firefox.exe @ wow64.dll) ntdll!NtShutdownSystem : Unknown @ 0x2801f0 (jmp 0x888c10d0|jmp 0xfffffe09|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (firefox.exe @ wow64.dll) ntdll!NtOpenIoCompletion : Unknown @ 0x280350 (jmp 0x888c1a70|jmp 0xfffffca9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (firefox.exe @ wow64.dll) ntdll!NtAddBootEntry : Unknown @ 0x280220 (jmp 0x888c21e0|jmp 0xfffffdd9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (firefox.exe @ wow64.dll) ntdll!NtReplyWaitReceivePort : Unknown @ 0x280450 (jmp 0x888c29f0|jmp 0xfffffba9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (firefox.exe @ wow64.dll) ntdll!NtDeleteBootEntry : Unknown @ 0x280230 (jmp 0x888c1d50|jmp 0xfffffdc9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (firefox.exe @ wow64.dll) ntdll!NtSetBootEntryOrder : Unknown @ 0x280250 (jmp 0x888c1390|jmp 0xfffffda9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (firefox.exe @ wow64.dll) ntdll!NtOpenSection : Unknown @ 0x280310 (jmp 0x888c25f0|jmp 0xfffffce9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (firefox.exe @ wow64.dll) ntdll!NtDebugActiveProcess : Unknown @ 0x280400 (jmp 0x888c1f50|jmp 0xfffffbf9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (firefox.exe @ wow64.dll) ntdll!NtAssignProcessToJobObject : Unknown @ 0x280390 (jmp 0x888c2160|jmp 0xfffffc69|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (firefox.exe @ wow64.dll) ntdll!NtOpenEvent : Unknown @ 0x2802d0 (jmp 0x888c2520|jmp 0xfffffd29|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (firefox.exe @ wow64.dll) ntdll!NtAlpcSendWaitReceivePort : Unknown @ 0x280470 (jmp 0x888c2270|jmp 0xfffffb89|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (firefox.exe @ wow64.dll) ntdll!NtNotifyChangeKey : Unknown @ 0x280480 (jmp 0x888c1bf0|jmp 0xfffffb79|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (firefox.exe @ wow64.dll) ntdll!NtOpenEventPair : Unknown @ 0x2802f0 (jmp 0x888c1a20|jmp 0xfffffd09|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (firefox.exe @ wow64.dll) ntdll!NtCreateEvent : Unknown @ 0x2802c0 (jmp 0x888c2490|jmp 0xfffffd39|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (firefox.exe @ wow64.dll) ntdll!NtCreateSemaphore : Unknown @ 0x2802a0 (jmp 0x888c1e90|jmp 0xfffffd59|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (firefox.exe @ wow64.dll) ntdll!NtSystemDebugControl : Unknown @ 0x280210 (jmp 0x888c1070|jmp 0xfffffde9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (firefox.exe @ wow64.dll) ntdll!NtCreateMutant : Unknown @ 0x280280 (jmp 0x888c1f00|jmp 0xfffffd79|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (firefox.exe @ wow64.dll) ntdll!NtLoadDriver : Unknown @ 0x2801d0 (jmp 0x888c1a30|jmp 0xfffffe29|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (firefox.exe @ wow64.dll) ntdll!NtCreateEventPair : Unknown @ 0x2802e0 (jmp 0x888c1fd0|jmp 0xfffffd19|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (firefox.exe @ wow64.dll) ntdll!NtQueueApcThreadEx : Unknown @ 0x280430 (jmp 0x888c1770|jmp 0xfffffbc9|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (firefox.exe @ wow64.dll) ntdll!NtDuplicateObject : Unknown @ 0x280380 (jmp 0x888c2610|jmp 0xfffffc79|jmp 0x19b)
[IAT:Inl(Hook.IEAT)] (firefox.exe @ wow64.dll) ntdll!NtOpenSemaphore : Unknown @ 0x2802b0 (jmp 0x888c1920|jmp 0xfffffd49|jmp 0x19b)

¤¤¤ Navigateurs web : 0 ¤¤¤

¤¤¤ Vérification MBR : ¤¤¤
+++++ PhysicalDrive0: ST950032 5AS SCSI Disk Device +++++
--- User ---
[MBR] e728099f237684fda1c891f204e5fc5a
[BSP] b8e681ec20f3f51e484d81d4ade624cc : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0x1c) [HIDDEN!] Offset (sectors): 63 | Size: 20002 MB
1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 40965752 | Size: 119235 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] EXTEN-LBA (0xf) [VISIBLE] Offset (sectors): 285159424 | Size: 337701 MB
User = LL1 ... OK
Error reading LL2 MBR! ([1] Fonction incorrecte. )

Publicité

Signaler le contenu de ce document

Publicité