RogueKiller V10.11.7.0 (x64) [Nov 23 2015] (Gratuit) par Adlice Software email : http://www.adlice.com/contact/ Remontées : http://forum.adlice.com Site web : http://www.adlice.com/fr/logiciels/roguekiller/ Blog : http://www.adlice.com Système d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Démarré en : Mode normal Utilisateur : christian [Administrateur] Démarré depuis : C:\Users\christian\Downloads\RogueKillerX64.exe Mode : Scan -- Date : 11/26/2015 19:36:20 ¤¤¤ Processus : 1 ¤¤¤ [Proc.Injected] mdhpSUN.exe(4452) -- C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe[7] -> Tué(e) [TermProc] ¤¤¤ Registre : 5 ¤¤¤ [PUP] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115} -> Trouvé(e) [PUM.Proxy] (X64) HKEY_USERS\S-1-5-21-2922250893-3290508767-945020959-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Trouvé(e) [PUM.Proxy] (X86) HKEY_USERS\S-1-5-21-2922250893-3290508767-945020959-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Trouvé(e) [PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-2922250893-3290508767-945020959-1001\Software\Microsoft\Internet Explorer\Main | Start Page : http://mystart.incredimail.com/mb135?a=NUYbHC7IUA -> Trouvé(e) [PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-2922250893-3290508767-945020959-1001\Software\Microsoft\Internet Explorer\Main | Start Page : http://mystart.incredimail.com/mb135?a=NUYbHC7IUA -> Trouvé(e) ¤¤¤ Tâches : 0 ¤¤¤ ¤¤¤ Fichiers : 7 ¤¤¤ [PUP][Fichier] C:\ProgramData\Radio\prompt.exe -> Trouvé(e) [PUP][Répertoire] C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F} -> Trouvé(e) [PUP][Répertoire] C:\ProgramData\{2840BBCB-9BEC-47F6-BA0F-10D3C34BF151} -> Trouvé(e) [PUP][Répertoire] C:\ProgramData\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1} -> Trouvé(e) [PUP][Répertoire] C:\ProgramData\{B12D13C3-76FD-479D-AD99-8C6F18156BC9} -> Trouvé(e) [PUP][Répertoire] C:\ProgramData\{D5ABFFAD-D592-4F98-B02B-587125B4801F} -> Trouvé(e) [PUP][Répertoire] C:\ProgramData\{F01C14AE-F9C0-49DB-A28C-4C24EE6762FE} -> Trouvé(e) ¤¤¤ Fichier Hosts : 0 ¤¤¤ ¤¤¤ Antirootkit : 118 (Driver: Chargé) ¤¤¤ [IAT:Inl(Hook.IEAT)] (explorer.exe) ntdll!NtSetSystemInformation : Unknown @ 0x701e0 (jmp 0xffffffff88a61140|jmp 0xfffffffffffffe19|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (explorer.exe @ kernel32.dll) ntdll!NtWriteVirtualMemory : Unknown @ 0x703a0 (jmp 0xffffffff88a62650|jmp 0xfffffffffffffc59|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (explorer.exe @ kernel32.dll) ntdll!NtDuplicateObject : Unknown @ 0x70380 (jmp 0xffffffff88a62610|jmp 0xfffffffffffffc79|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (explorer.exe @ kernel32.dll) ntdll!NtCreateEvent : Unknown @ 0x702c0 (jmp 0xffffffff88a62490|jmp 0xfffffffffffffd39|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (explorer.exe @ kernel32.dll) ntdll!NtNotifyChangeKey : Unknown @ 0x70480 (jmp 0xffffffff88a61bf0|jmp 0xfffffffffffffb79|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (explorer.exe @ kernel32.dll) ntdll!NtTerminateProcess : Unknown @ 0x703d0 (jmp 0xffffffff88a62760|jmp 0xfffffffffffffc29|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (explorer.exe @ kernel32.dll) ntdll!NtOpenEvent : Unknown @ 0x702d0 (jmp 0xffffffff88a62520|jmp 0xfffffffffffffd29|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (explorer.exe @ kernel32.dll) ntdll!NtAssignProcessToJobObject : Unknown @ 0x70390 (jmp 0xffffffff88a62160|jmp 0xfffffffffffffc69|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (explorer.exe @ kernel32.dll) ntdll!NtSetContextThread : Unknown @ 0x703f0 (jmp 0xffffffff88a61510|jmp 0xfffffffffffffc09|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (explorer.exe @ kernel32.dll) ntdll!NtCreateSection : Unknown @ 0x70300 (jmp 0xffffffff88a624b0|jmp 0xfffffffffffffcf9|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (explorer.exe @ kernel32.dll) ntdll!NtOpenProcess : Unknown @ 0x70360 (jmp 0xffffffff88a62750|jmp 0xfffffffffffffc99|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (explorer.exe @ kernel32.dll) ntdll!NtNotifyChangeMultipleKeys : Unknown @ 0x70490 (jmp 0xffffffff88a61bf0|jmp 0xfffffffffffffb69|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (explorer.exe @ kernel32.dll) ntdll!NtQueryObject : Unknown @ 0x70440 (jmp 0xffffffff88a62990|jmp 0xfffffffffffffbb9|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll!NtCreateIoCompletion : Unknown @ 0x70340 (jmp 0xffffffff88a62020|jmp 0xfffffffffffffcb9|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll!NtOpenSection : Unknown @ 0x70310 (jmp 0xffffffff88a625f0|jmp 0xfffffffffffffce9|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll!NtCreateSemaphore : Unknown @ 0x702a0 (jmp 0xffffffff88a61e90|jmp 0xfffffffffffffd59|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll!NtOpenSemaphore : Unknown @ 0x702b0 (jmp 0xffffffff88a61920|jmp 0xfffffffffffffd49|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll!NtCreateMutant : Unknown @ 0x70280 (jmp 0xffffffff88a61f00|jmp 0xfffffffffffffd79|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll!NtOpenMutant : Unknown @ 0x70290 (jmp 0xffffffff88a61950|jmp 0xfffffffffffffd69|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll!NtCreateTimer : Unknown @ 0x70320 (jmp 0xffffffff88a61ee0|jmp 0xfffffffffffffcd9|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll!NtOpenTimer : Unknown @ 0x70330 (jmp 0xffffffff88a61960|jmp 0xfffffffffffffcc9|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll!NtCreateThreadEx : Unknown @ 0x703c0 (jmp 0xffffffff88a61f90|jmp 0xfffffffffffffc39|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll!NtTerminateThread : Unknown @ 0x703e0 (jmp 0xffffffff88a62500|jmp 0xfffffffffffffc19|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll!NtOpenThread : Unknown @ 0x70370 (jmp 0xffffffff88a619b0|jmp 0xfffffffffffffc89|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (explorer.exe @ KERNELBASE.dll) ntdll!NtSuspendThread : Unknown @ 0x70420 (jmp 0xffffffff88a61290|jmp 0xfffffffffffffbd9|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (explorer.exe @ rpcrt4.dll) ntdll!NtAlpcSendWaitReceivePort : Unknown @ 0x70470 (jmp 0xffffffff88a62270|jmp 0xfffffffffffffb89|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (explorer.exe @ rpcrt4.dll) ntdll!NtQueueApcThreadEx : Unknown @ 0x70430 (jmp 0xffffffff88a61770|jmp 0xfffffffffffffbc9|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (explorer.exe @ gdi32.dll) ntdll!NtVdmControl : Unknown @ 0x70270 (jmp 0xffffffff88a60ff0|jmp 0xfffffffffffffd89|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (explorer.exe @ ntmarta.dll) ntdll!NtOpenEventPair : Unknown @ 0x702f0 (jmp 0xffffffff88a61a20|jmp 0xfffffffffffffd09|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (explorer.exe @ ws2_32.dll) ntdll!NtLoadDriver : Unknown @ 0x701d0 (jmp 0xffffffff88a61a30|jmp 0xfffffffffffffe29|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtCreateSection : Unknown @ 0x1d0300 (jmp 0x88bc24b0|jmp 0xfffffcf9|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtTerminateThread : Unknown @ 0x1d03e0 (jmp 0x88bc2500|jmp 0xfffffc19|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtQueryObject : Unknown @ 0x1d0440 (jmp 0x88bc2990|jmp 0xfffffbb9|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtOpenProcess : Unknown @ 0x1d0360 (jmp 0x88bc2750|jmp 0xfffffc99|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtOpenThread : Unknown @ 0x1d0370 (jmp 0x88bc19b0|jmp 0xfffffc89|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtWriteVirtualMemory : Unknown @ 0x1d03a0 (jmp 0x88bc2650|jmp 0xfffffc59|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtTerminateProcess : Unknown @ 0x1d03d0 (jmp 0x88bc2760|jmp 0xfffffc29|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtCreateThreadEx : Unknown @ 0x1d03c0 (jmp 0x88bc1f90|jmp 0xfffffc39|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtCreateThread : Unknown @ 0x1d03b0 (jmp 0x88bc2520|jmp 0xfffffc49|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtSuspendThread : Unknown @ 0x1d0420 (jmp 0x88bc1290|jmp 0xfffffbd9|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtSetContextThread : Unknown @ 0x1d03f0 (jmp 0x88bc1510|jmp 0xfffffc09|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtSetBootOptions : Unknown @ 0x1d0260 (jmp 0x88bc1390|jmp 0xfffffd99|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtOpenTimer : Unknown @ 0x1d0330 (jmp 0x88bc1960|jmp 0xfffffcc9|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtNotifyChangeMultipleKeys : Unknown @ 0x1d0490 (jmp 0x88bc1bf0|jmp 0xfffffb69|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtSuspendProcess : Unknown @ 0x1d0410 (jmp 0x88bc1290|jmp 0xfffffbe9|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtCreateTimer : Unknown @ 0x1d0320 (jmp 0x88bc1ee0|jmp 0xfffffcd9|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtSetSystemInformation : Unknown @ 0x1d01e0 (jmp 0x88bc1140|jmp 0xfffffe19|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtCreateIoCompletion : Unknown @ 0x1d0340 (jmp 0x88bc2020|jmp 0xfffffcb9|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtModifyBootEntry : Unknown @ 0x1d0240 (jmp 0x88bc19e0|jmp 0xfffffdb9|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtOpenMutant : Unknown @ 0x1d0290 (jmp 0x88bc1950|jmp 0xfffffd69|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtSetSystemPowerState : Unknown @ 0x1d0200 (jmp 0x88bc1150|jmp 0xfffffdf9|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtReplyWaitReceivePortEx : Unknown @ 0x1d0460 (jmp 0x88bc2800|jmp 0xfffffb99|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtShutdownSystem : Unknown @ 0x1d01f0 (jmp 0x88bc10d0|jmp 0xfffffe09|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtOpenIoCompletion : Unknown @ 0x1d0350 (jmp 0x88bc1a70|jmp 0xfffffca9|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtAddBootEntry : Unknown @ 0x1d0220 (jmp 0x88bc21e0|jmp 0xfffffdd9|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtReplyWaitReceivePort : Unknown @ 0x1d0450 (jmp 0x88bc29f0|jmp 0xfffffba9|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtDeleteBootEntry : Unknown @ 0x1d0230 (jmp 0x88bc1d50|jmp 0xfffffdc9|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtSetBootEntryOrder : Unknown @ 0x1d0250 (jmp 0x88bc1390|jmp 0xfffffda9|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtOpenSection : Unknown @ 0x1d0310 (jmp 0x88bc25f0|jmp 0xfffffce9|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtDebugActiveProcess : Unknown @ 0x1d0400 (jmp 0x88bc1f50|jmp 0xfffffbf9|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtAssignProcessToJobObject : Unknown @ 0x1d0390 (jmp 0x88bc2160|jmp 0xfffffc69|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtOpenEvent : Unknown @ 0x1d02d0 (jmp 0x88bc2520|jmp 0xfffffd29|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtAlpcSendWaitReceivePort : Unknown @ 0x1d0470 (jmp 0x88bc2270|jmp 0xfffffb89|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtNotifyChangeKey : Unknown @ 0x1d0480 (jmp 0x88bc1bf0|jmp 0xfffffb79|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtOpenEventPair : Unknown @ 0x1d02f0 (jmp 0x88bc1a20|jmp 0xfffffd09|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtCreateEvent : Unknown @ 0x1d02c0 (jmp 0x88bc2490|jmp 0xfffffd39|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtCreateSemaphore : Unknown @ 0x1d02a0 (jmp 0x88bc1e90|jmp 0xfffffd59|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtSystemDebugControl : Unknown @ 0x1d0210 (jmp 0x88bc1070|jmp 0xfffffde9|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtCreateMutant : Unknown @ 0x1d0280 (jmp 0x88bc1f00|jmp 0xfffffd79|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtLoadDriver : Unknown @ 0x1d01d0 (jmp 0x88bc1a30|jmp 0xfffffe29|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtCreateEventPair : Unknown @ 0x1d02e0 (jmp 0x88bc1fd0|jmp 0xfffffd19|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtQueueApcThreadEx : Unknown @ 0x1d0430 (jmp 0x88bc1770|jmp 0xfffffbc9|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtDuplicateObject : Unknown @ 0x1d0380 (jmp 0x88bc2610|jmp 0xfffffc79|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtOpenSemaphore : Unknown @ 0x1d02b0 (jmp 0x88bc1920|jmp 0xfffffd49|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtCreateSection : Unknown @ 0xff0300 (jmp 0x899e24b0|jmp 0xfffffcf9|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtTerminateThread : Unknown @ 0xff03e0 (jmp 0x899e2500|jmp 0xfffffc19|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtQueryObject : Unknown @ 0xff0440 (jmp 0x899e2990|jmp 0xfffffbb9|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtOpenProcess : Unknown @ 0xff0360 (jmp 0x899e2750|jmp 0xfffffc99|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtOpenThread : Unknown @ 0xff0370 (jmp 0x899e19b0|jmp 0xfffffc89|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtWriteVirtualMemory : Unknown @ 0xff03a0 (jmp 0x899e2650|jmp 0xfffffc59|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtTerminateProcess : Unknown @ 0xff03d0 (jmp 0x899e2760|jmp 0xfffffc29|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtCreateThreadEx : Unknown @ 0xff03c0 (jmp 0x899e1f90|jmp 0xfffffc39|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtCreateThread : Unknown @ 0xff03b0 (jmp 0x899e2520|jmp 0xfffffc49|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtSuspendThread : Unknown @ 0xff0420 (jmp 0x899e1290|jmp 0xfffffbd9|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtSetContextThread : Unknown @ 0xff03f0 (jmp 0x899e1510|jmp 0xfffffc09|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtSetBootOptions : Unknown @ 0xff0260 (jmp 0x899e1390|jmp 0xfffffd99|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtOpenTimer : Unknown @ 0xff0330 (jmp 0x899e1960|jmp 0xfffffcc9|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtNotifyChangeMultipleKeys : Unknown @ 0xff0490 (jmp 0x899e1bf0|jmp 0xfffffb69|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtSuspendProcess : Unknown @ 0xff0410 (jmp 0x899e1290|jmp 0xfffffbe9|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtCreateTimer : Unknown @ 0xff0320 (jmp 0x899e1ee0|jmp 0xfffffcd9|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtSetSystemInformation : Unknown @ 0xff01e0 (jmp 0x899e1140|jmp 0xfffffe19|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtCreateIoCompletion : Unknown @ 0xff0340 (jmp 0x899e2020|jmp 0xfffffcb9|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtModifyBootEntry : Unknown @ 0xff0240 (jmp 0x899e19e0|jmp 0xfffffdb9|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtOpenMutant : Unknown @ 0xff0290 (jmp 0x899e1950|jmp 0xfffffd69|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtSetSystemPowerState : Unknown @ 0xff0200 (jmp 0x899e1150|jmp 0xfffffdf9|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtReplyWaitReceivePortEx : Unknown @ 0xff0460 (jmp 0x899e2800|jmp 0xfffffb99|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtShutdownSystem : Unknown @ 0xff01f0 (jmp 0x899e10d0|jmp 0xfffffe09|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtOpenIoCompletion : Unknown @ 0xff0350 (jmp 0x899e1a70|jmp 0xfffffca9|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtAddBootEntry : Unknown @ 0xff0220 (jmp 0x899e21e0|jmp 0xfffffdd9|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtReplyWaitReceivePort : Unknown @ 0xff0450 (jmp 0x899e29f0|jmp 0xfffffba9|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtDeleteBootEntry : Unknown @ 0xff0230 (jmp 0x899e1d50|jmp 0xfffffdc9|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtSetBootEntryOrder : Unknown @ 0xff0250 (jmp 0x899e1390|jmp 0xfffffda9|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtOpenSection : Unknown @ 0xff0310 (jmp 0x899e25f0|jmp 0xfffffce9|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtDebugActiveProcess : Unknown @ 0xff0400 (jmp 0x899e1f50|jmp 0xfffffbf9|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtAssignProcessToJobObject : Unknown @ 0xff0390 (jmp 0x899e2160|jmp 0xfffffc69|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtOpenEvent : Unknown @ 0xff02d0 (jmp 0x899e2520|jmp 0xfffffd29|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtAlpcSendWaitReceivePort : Unknown @ 0xff0470 (jmp 0x899e2270|jmp 0xfffffb89|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtNotifyChangeKey : Unknown @ 0xff0480 (jmp 0x899e1bf0|jmp 0xfffffb79|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtOpenEventPair : Unknown @ 0xff02f0 (jmp 0x899e1a20|jmp 0xfffffd09|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtCreateEvent : Unknown @ 0xff02c0 (jmp 0x899e2490|jmp 0xfffffd39|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtCreateSemaphore : Unknown @ 0xff02a0 (jmp 0x899e1e90|jmp 0xfffffd59|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtSystemDebugControl : Unknown @ 0xff0210 (jmp 0x899e1070|jmp 0xfffffde9|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtCreateMutant : Unknown @ 0xff0280 (jmp 0x899e1f00|jmp 0xfffffd79|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtLoadDriver : Unknown @ 0xff01d0 (jmp 0x899e1a30|jmp 0xfffffe29|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtCreateEventPair : Unknown @ 0xff02e0 (jmp 0x899e1fd0|jmp 0xfffffd19|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtQueueApcThreadEx : Unknown @ 0xff0430 (jmp 0x899e1770|jmp 0xfffffbc9|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtDuplicateObject : Unknown @ 0xff0380 (jmp 0x899e2610|jmp 0xfffffc79|jmp 0x19b) [IAT:Inl(Hook.IEAT)] (chrome.exe @ wow64.dll) ntdll!NtOpenSemaphore : Unknown @ 0xff02b0 (jmp 0x899e1920|jmp 0xfffffd49|jmp 0x19b) ¤¤¤ Navigateurs web : 1 ¤¤¤ [PUM.HomePage][FIREFX:Config] wrfbg969.default : user_pref("browser.startup.homepage", "http://mystart.incredimail.com/mb135?a=NUYbHC7IUA"); -> Trouvé(e) ¤¤¤ Vérification MBR : ¤¤¤ +++++ PhysicalDrive0: +++++ --- User --- [MBR] b49689fcfadc97c00f849bc82401be0e [BSP] 10b55d063b63639df48739c680c8fb94 : HP MBR Code Partition table: 0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] 1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 940808 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] 2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 1926981632 | Size: 12959 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] User = LL1 ... OK User = LL2 ... OK +++++ PhysicalDrive1: +++++ Error reading User MBR! ([15] Le périphérique n?est pas prêt. ) Error reading LL1 MBR! NOT VALID! Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. ) +++++ PhysicalDrive2: +++++ Error reading User MBR! ([15] Le périphérique n?est pas prêt. ) Error reading LL1 MBR! NOT VALID! Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. ) +++++ PhysicalDrive3: +++++ Error reading User MBR! ([15] Le périphérique n?est pas prêt. ) Error reading LL1 MBR! NOT VALID! Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. ) +++++ PhysicalDrive4: +++++ Error reading User MBR! ([15] Le périphérique n?est pas prêt. ) Error reading LL1 MBR! NOT VALID! Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. ) +++++ PhysicalDrive5: +++++ Error reading User MBR! ([15] Le périphérique n?est pas prêt. ) Error reading LL1 MBR! NOT VALID! Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )