RogueKiller V8.8.15 [Mar 27 2014] par Adlice Software mail : http://www.adlice.com/contact/ Remontees : http://forum.adlice.com Site Web : http://www.surlatoile.org/RogueKiller/ Blog : http://www.adlice.com Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Demarrage : Mode normal Utilisateur : CDA56 Lorient [Droits d'admin] Mode : Recherche -- Date : 04/17/2014 13:26:39 | ARK || FAK || MBR | ¤¤¤ Processus malicieux : 0 ¤¤¤ ¤¤¤ Entrees de registre : 9 ¤¤¤ [RUN][SUSP PATH] HKLM\[...]\Wow6432Node\[...]\Run : Search Protection (C:\ProgramData\Search Protection\SearchProtection.exe [x][x]) -> TROUVÉ [PROXY IE][PUM] HKCU\[...]\Internet Settings : ProxyServer (hxxp=127.0.0.1:13828 [Country: (Private Address) (XX), City: (Private Address)]) -> TROUVÉ [PROXY IE][PUM] HKCU\[...]\Internet Settings : ProxyEnable (1) -> TROUVÉ [HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> TROUVÉ [HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> TROUVÉ [HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> TROUVÉ [HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> TROUVÉ [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> TROUVÉ [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> TROUVÉ ¤¤¤ Tâches planifiées : 7 ¤¤¤ [V2][ROGUE ST] 0b09b8b1-b267-4ac3-a1e3-c3f904efd354-4 : C:\Program Files (x86)\MediaPlayerplus\0b09b8b1-b267-4ac3-a1e3-c3f904efd354-4.exe - /LgAbfmS /VOFkgLE='MediaPlayerplus' /fnUTN='C:\Program Files (x86)\MediaPlayerplus\54246.xpi' /AJmxLGGiG=54246 /ilDJdgSs='001359' /JGdxZ='verticals-ads,intext,shopping,pops,' /ubjiX='0' /ZxjGj=F6AC43B5AC8348CE9F2402685FAF7942IE /LDjQP=da3154a016613ccf7b41e4edef95f627 /iBxdbHE=1_34_04_10 /AxbEErh=1.34.4.10 /AMYLTzA=1397381565 /cJhtxy=hxxp://stats.clientdemocloud.com /UvNiZZa=hxxp://errors.clientdemocloud.com /iYNUUStPB=300 /ljODeLoz=a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com /gyRtNns=0.94 /WAoEwcx=aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246 /dpmuKhg=hxxps://w9u6a2p6.ssl.hwcdn.net/plugin/ff/update/54246.rdf /NouXSGFB='MediaPlayerplus' /PxTECzRGU='MediaPlayerEnhance Extension' /cghKQXPH='Freeven' /wknfV=ff /dnRWMKDT /iekkpAZ /GMoNcoH /ufEHUJT='hxxp://update.clientdemocloud.com/ff_agent_updates/{CAMP_ID}/update.json' /xGnmCEnp='task' /UbmntEKC='' [x][x][x][x][x][x][x][x][x][x][x][x] -> TROUVÉ [V2][ROGUE ST] 70a9ab1c-a39e-42fa-9b09-ed1ac8269bd7-4 : C:\Program Files (x86)\Deeal_fr 0.2\70a9ab1c-a39e-42fa-9b09-ed1ac8269bd7-4.exe - /wbaahKcq /PqIrqapH='Deeal_fr 0.2' /pvpLu='C:\Program Files (x86)\Deeal_fr 0.2\43960.xpi' /qvuknbD=43960 /mPfeE='000553' /VWBvj='0' /Qfxvb='0' /qjyPN=F6AC43B5AC8348CE9F2402685FAF7942IE /gdeiYqZ=da3154a016613ccf7b41e4edef95f627 /ZWymqRBu=1_34_3_28 /gukMUQCTg=1.34.3.28 /SNbNI=1397413640 /knezZvLkW=hxxp://stats.clientdemocloud.com /uZppqMa=hxxp://errors.clientdemocloud.com /YjRKQ=300 /itzxe=05c59a23-5de8-4e60-a845-f8c7eb34dd0a@8f62e428-d6f3-4e59-bd99-de88d153fc76.com /LmZEmqAax=0.94 /dKsVuexKa=a05c59a235de84e60a845f8c7eb34dd0a8f62e428d6f34e59bd99de88d153fc76com43960 /WMYsjvS=hxxps://w9u6a2p6.ssl.hwcdn.net/plugin/ff/update/43960.rdf /sypTP='Deeal_fr 0.2' /TsEJmx='Price comparaison' /BMonGUri='Corporate Inc' /drmfHeoiq=ff /gUTAyEFf /ZoIItSM /iXqmDAjaC /apQmYjyfs='hxxp://update.clientdemocloud.com/ff_agent_updates/{CAMP_ID}/update.json' /AxLDvmGIT='task' /dVAcLDLl='' [x][x][x][x][x][x][x][x][x][x][x][x][x] -> TROUVÉ [V2][ROGUE ST] 876060ec-8e3d-4a92-b7d2-5d482f38874c-4 : C:\Program Files (x86)\Freeven pro 1.2\876060ec-8e3d-4a92-b7d2-5d482f38874c-4.exe - /CxUMrfEn /PkmGV='Freeven pro 1.2' /jlKZspZS='C:\Program Files (x86)\Freeven pro 1.2\54253.xpi' /vtIuwGaS=54253 /sGxMrM='001361' /ISgvpOV='verticals-' /SGavXyvge='0' /WRnZhx=F6AC43B5AC8348CE9F2402685FAF7942IE /NHcDa=da3154a016613ccf7b41e4edef95f627 /IxuAy=1_34_04_10 /qPLkguvsO=1.34.4.10 /Ayahbj=1397381491 /Vvhyk=hxxp://stats.clientdemocloud.com /AoOEl=hxxp://errors.clientdemocloud.com /gHVljcXjk=300 /FXJNlNvj=2ab9302c-551a-4804-9971-9932d6d5b0f9@2bfa4cf8-298a-4792-80d5-75352ee81de1.com /mLuSYmU=0.94 /MjZkbyN=a2ab9302c551a480499719932d6d5b0f92bfa4cf8298a479280d575352ee81de1com54253 /jkHCcH=hxxps://w9u6a2p6.ssl.hwcdn.net/plugin/ff/update/54253.rdf /CUdGUxWP='Freeven pro 1.2' /rdcFvEJzv='Feven Shopping Companion' /XGYbUrPIY='Freeven' /mXdiSf=ff /gXQLuL /klOUMyJV /reqVrua /KMnBzU='hxxp://update.clientdemocloud.com/ff_agent_updates/{CAMP_ID}/update.json' /kzaKpU='task' /uQMzb='' [x][x][x][x][x][x][x][x][x][x][x][x][x][x] -> TROUVÉ [V2][ROGUE ST] cf5e64e3-8c82-4a2c-9310-db0821db11bd-4 : C:\Program Files (x86)\MediaPlayerplus\cf5e64e3-8c82-4a2c-9310-db0821db11bd-4.exe - /Njgsl /oWpFh='MediaPlayerplus' /qHRNVb='C:\Program Files (x86)\MediaPlayerplus\54246.xpi' /Fjhgug=54246 /iOyxBLQrn='001359' /EovrW='verticals-ads,shopping,intext,pops' /BhtPQ='0' /zWwWlCB=8203289DCC4E4B53873B52DAE601B1FAIE /YApvmN=9ecff4e11d644885c7a12fdb84e314e6 /HvRMs=1_34_04_10 /lqYnwfp=1.34.4.10 /FCdTCfZLM=1397677178 /GfPcN=hxxp://stats.clientdemocloud.com /IqZbvid=hxxp://errors.clientdemocloud.com /EsTRfgz=300 /aYxefCk=a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com /wMlsVvNj=0.94 /Cvxuua=aa9719e64232b4695ae9ca89cd7f2aa84ca1279dfbc0d44a897ef19301c922b68com54246 /bYPgGrlCZ=hxxps://w9u6a2p6.ssl.hwcdn.net/plugin/ff/update/54246.rdf /pnnNAQjd='MediaPlayerplus' /mBFADiv='MediaPlayerEnhance Extension' /QTpjDb='Freeven' /yARFTqKvg=ff /zrhiNfH /VVcfCP /hXQToEy /dxvLXFmom='hxxp://update.clientdemocloud.com/ff_agent_updates/{CAMP_ID}/update.json' /rmzjl='task' /SfKXbYK='' [x][x][x][x][x][x][x][x][x][x][x][x] -> TROUVÉ [V2][SUSP PATH] EPUpdater : C:\Users\CDA56L~1\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe [x] -> TROUVÉ [V2][ROGUE ST] f53b49a1-8770-4d7e-ad76-52062595956c-4 : C:\Program Files (x86)\Freeven pro 1.2\f53b49a1-8770-4d7e-ad76-52062595956c-4.exe - /Njgsl /oWpFh='Freeven pro 1.2' /qHRNVb='C:\Program Files (x86)\Freeven pro 1.2\54253.xpi' /Fjhgug=54253 /iOyxBLQrn='001361' /EovrW='verticals-' /BhtPQ='0' /zWwWlCB=8203289DCC4E4B53873B52DAE601B1FAIE /YApvmN=9ecff4e11d644885c7a12fdb84e314e6 /HvRMs=1_34_04_10 /lqYnwfp=1.34.4.10 /FCdTCfZLM=1397677084 /GfPcN=hxxp://stats.clientdemocloud.com /IqZbvid=hxxp://errors.clientdemocloud.com /EsTRfgz=300 /aYxefCk=2ab9302c-551a-4804-9971-9932d6d5b0f9@2bfa4cf8-298a-4792-80d5-75352ee81de1.com /wMlsVvNj=0.94 /Cvxuua=a2ab9302c551a480499719932d6d5b0f92bfa4cf8298a479280d575352ee81de1com54253 /bYPgGrlCZ=hxxps://w9u6a2p6.ssl.hwcdn.net/plugin/ff/update/54253.rdf /pnnNAQjd='Freeven pro 1.2' /mBFADiv='Feven Shopping Companion' /QTpjDb='Freeven' /yARFTqKvg=ff /zrhiNfH /VVcfCP /hXQToEy /dxvLXFmom='hxxp://update.clientdemocloud.com/ff_agent_updates/{CAMP_ID}/update.json' /rmzjl='task' /SfKXbYK='' [x][x][x][x][x][x][x][x][x][x][x][x][x][x] -> TROUVÉ [V2][SUSP PATH] PeriodicScanRetry : %windir%\ehome\MCUpdate.exe - -pscn 0 [7][-] -> TROUVÉ ¤¤¤ Entrées Startup : 0 ¤¤¤ ¤¤¤ Navigateurs web : 0 ¤¤¤ ¤¤¤ Addons navigateur : 1 ¤¤¤ [FF][PUP] iw8lt7ws.default-1397466677602 : Quick Start ¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤ ¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤ [Address] EAT @firefox.exe (BeginBufferedAnimation) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7404DF38) [Address] EAT @firefox.exe (BeginBufferedPaint) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7404B741) [Address] EAT @firefox.exe (BeginPanningFeedback) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x740676AF) [Address] EAT @firefox.exe (BufferedPaintClear) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7404BBDB) [Address] EAT @firefox.exe (BufferedPaintInit) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7404B8D4) [Address] EAT @firefox.exe (BufferedPaintRenderAnimation) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7404DE83) [Address] EAT @firefox.exe (BufferedPaintSetAlpha) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7406CE19) [Address] EAT @firefox.exe (BufferedPaintStopAllAnimations) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7404E428) [Address] EAT @firefox.exe (BufferedPaintUnInit) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74057525) [Address] EAT @firefox.exe (CloseThemeData) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74041FA1) [Address] EAT @firefox.exe (DrawThemeBackground) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7404D464) [Address] EAT @firefox.exe (DrawThemeBackgroundEx) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7405436D) [Address] EAT @firefox.exe (DrawThemeEdge) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7406C01C) [Address] EAT @firefox.exe (DrawThemeIcon) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7406D123) [Address] EAT @firefox.exe (DrawThemeParentBackground) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7404E776) [Address] EAT @firefox.exe (DrawThemeParentBackgroundEx) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7404E5C5) [Address] EAT @firefox.exe (DrawThemeText) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7404DB21) [Address] EAT @firefox.exe (DrawThemeTextEx) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7404A70C) [Address] EAT @firefox.exe (EnableThemeDialogTexture) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7405786D) [Address] EAT @firefox.exe (EnableTheming) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7406C9FF) [Address] EAT @firefox.exe (EndBufferedAnimation) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7404ACE8) [Address] EAT @firefox.exe (EndBufferedPaint) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7404ACE8) [Address] EAT @firefox.exe (EndPanningFeedback) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7406762C) [Address] EAT @firefox.exe (GetBufferedPaintBits) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7404CF26) [Address] EAT @firefox.exe (GetBufferedPaintDC) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7406CDCF) [Address] EAT @firefox.exe (GetBufferedPaintTargetDC) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7406CD86) [Address] EAT @firefox.exe (GetBufferedPaintTargetRect) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7406C893) [Address] EAT @firefox.exe (GetCurrentThemeName) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x740563AE) [Address] EAT @firefox.exe (GetThemeAppProperties) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7404EBD6) [Address] EAT @firefox.exe (GetThemeBackgroundContentRect) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7404DA9E) [Address] EAT @firefox.exe (GetThemeBackgroundExtent) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74057155) [Address] EAT @firefox.exe (GetThemeBackgroundRegion) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74050190) [Address] EAT @firefox.exe (GetThemeBitmap) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74044B9C) [Address] EAT @firefox.exe (GetThemeBool) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74046651) [Address] EAT @firefox.exe (GetThemeColor) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x740427C0) [Address] EAT @firefox.exe (GetThemeDocumentationProperty) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7406C346) [Address] EAT @firefox.exe (GetThemeEnumValue) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x740427C0) [Address] EAT @firefox.exe (GetThemeFilename) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7406B997) [Address] EAT @firefox.exe (GetThemeFont) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x740576A2) [Address] EAT @firefox.exe (GetThemeInt) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x740427C0) [Address] EAT @firefox.exe (GetThemeIntList) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7406B86E) [Address] EAT @firefox.exe (GetThemeMargins) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74042F97) [Address] EAT @firefox.exe (GetThemeMetric) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x740555B4) [Address] EAT @firefox.exe (GetThemePartSize) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7404289F) [Address] EAT @firefox.exe (GetThemePosition) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7406B80D) [Address] EAT @firefox.exe (GetThemePropertyOrigin) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74050923) [Address] EAT @firefox.exe (GetThemeRect) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7406B936) [Address] EAT @firefox.exe (GetThemeStream) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7406B8CF) [Address] EAT @firefox.exe (GetThemeString) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7406B7A1) [Address] EAT @firefox.exe (GetThemeSysBool) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7406CB86) [Address] EAT @firefox.exe (GetThemeSysColor) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74055530) [Address] EAT @firefox.exe (GetThemeSysColorBrush) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7406CA32) [Address] EAT @firefox.exe (GetThemeSysFont) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7406C3D8) [Address] EAT @firefox.exe (GetThemeSysInt) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7406C5E7) [Address] EAT @firefox.exe (GetThemeSysSize) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7406CC61) [Address] EAT @firefox.exe (GetThemeSysString) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7406C553) [Address] EAT @firefox.exe (GetThemeTextExtent) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x740489FE) [Address] EAT @firefox.exe (GetThemeTextMetrics) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7405778C) [Address] EAT @firefox.exe (GetThemeTransitionDuration) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7404E1A1) [Address] EAT @firefox.exe (GetWindowTheme) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7405535B) [Address] EAT @firefox.exe (HitTestThemeBackground) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74052DC1) [Address] EAT @firefox.exe (IsAppThemed) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74057009) [Address] EAT @firefox.exe (IsCompositionActive) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x740465DF) [Address] EAT @firefox.exe (IsThemeActive) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74056F36) [Address] EAT @firefox.exe (IsThemeBackgroundPartiallyTransparent) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7404281C) [Address] EAT @firefox.exe (IsThemeDialogTextureEnabled) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7406CB3F) [Address] EAT @firefox.exe (IsThemePartDefined) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x740430CF) [Address] EAT @firefox.exe (OpenThemeData) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74045F29) [Address] EAT @firefox.exe (OpenThemeDataEx) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x740506FE) [Address] EAT @firefox.exe (SetThemeAppProperties) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7406CCEC) [Address] EAT @firefox.exe (SetWindowTheme) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74057AFC) [Address] EAT @firefox.exe (SetWindowThemeAttribute) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74049E39) [Address] EAT @firefox.exe (ThemeInitApiHook) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74044571) [Address] EAT @firefox.exe (UpdatePanningFeedback) : api-ms-win-downlevel-shlwapi-l2-1-0.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x740675ED) ¤¤¤ Ruches Externes: ¤¤¤ ¤¤¤ Infection : PUP ¤¤¤ ¤¤¤ Fichier HOSTS: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts 127.0.0.1 localhost ::1 localhost ¤¤¤ MBR Verif: ¤¤¤ +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD5000BEVT-80A0RT1 +++++ --- User --- [MBR] 5275c8427b66ee1565afcdf4f9f41c9e [BSP] b8e681ec20f3f51e484d81d4ade624cc : Windows 7/8 MBR Code Partition table: 0 - [XXXXXX] FAT32-LBA (0x1c) [HIDDEN!] Offset (sectors): 63 | Size: 22003 MB 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 45062328 | Size: 119235 MB 2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 289257472 | Size: 335700 MB User = LL1 ... OK! User = LL2 ... OK! +++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) Generic Flash-Disk USB Device +++++ --- User --- [MBR] b13f644fa9f04432dbb81a4ee669edaf [BSP] 9e3b3c473b1db0daa516427cdae6e1cc : Windows 7/8 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 8192 | Size: 30426 MB User = LL1 ... OK! Error reading LL2 MBR! ([0x32] Cette demande n?est pas prise en charge. ) Termine : << RKreport[0]_S_04172014_132639.txt >>