Sujet Précédent Sujet Suivant

Impossible d'afficher le script c:/kernel/r00t3r

Fermé
fabaxy Messages postés 2 Date d'inscription jeudi 20 mars 2014 Statut Membre Dernière intervention 30 mars 2014 - 20 mars 2014 à 20:54
fabaxy Messages postés 2 Date d'inscription jeudi 20 mars 2014 Statut Membre Dernière intervention 30 mars 2014 - 30 mars 2014 à 19:30
Bonjour,
depuis un certain temps mon ordinateur affiche ce message apres chaque demarrage de windows: Le fichier script"C:\kernel\r00t3r"
Aidez moi svp.
en lisant un sujet similaire sur le forum j'ai anticipé la premiere étape en telechargant rogue killer. Voici le rapport de Rogue Killer

P.S: Je n'ai rien supprimé avec Rogue Killer de peur de faire une mauvaise manoeuvre qui pourrais m'etre fatale. Merci

RogueKiller V8.8.12 [Mar 20 2014] par Adlice Software
mail : https://www.adlice.com/contact/
Remontees : https://forum.adlice.com/
Site Web : http://www.surlatoile.org/RogueKiller/
Blog : https://www.adlice.com/

Systeme d'exploitation : Windows 7 (6.1.7600 ) 32 bits version
Demarrage : Mode normal
Utilisateur : Kirikou [Droits d'admin]
Mode : Recherche -- Date : 03/20/2014 19:44:52
| ARK || FAK || MBR |

¤¤¤ Processus malicieux : 4 ¤¤¤
[HJNAME] svchost.exe -- C:\Windows\System32\system\svchost.exe [-] -> TUÉ [TermProc]
[SVCHOST] svchost.exe -- C:\security\svchost.exe [7] -> TUÉ [TermProc]
[SUSP PATH] WebPlayer.exe -- C:\Users\Kirikou\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe [-] -> TUÉ [TermProc]
[SUSP PATH] update_checker.exe -- C:\Users\Kirikou\AppData\Local\FilesFrog Update Checker\update_checker.exe [7] -> TUÉ [TermProc]

¤¤¤ Entrees de registre : 13 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : FLV Player (C:\Users\Kirikou\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe [-]) -> TROUVÉ
[RUN][SUSP PATH] HKUS\S-1-5-21-1411028462-1175006627-2301370370-1000\[...]\Run : FLV Player (C:\Users\Kirikou\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe [-]) -> TROUVÉ
[RUN][SUSP PATH] HKLM\[...]\Run : rescue ("C:\ProgramData\rescue.vbe" [-]) -> TROUVÉ
[SERVICE][HJNAME] HKLM\[...]\CCSet\[...]\Services : system (C:\Windows\System32\system\svchost.exe msg [-]) -> TROUVÉ
[SERVICE][HJNAME] HKLM\[...]\CS001\[...]\Services : system (C:\Windows\System32\system\svchost.exe msg [-]) -> TROUVÉ
[SERVICE][HJNAME] HKLM\[...]\CS002\[...]\Services : system (C:\Windows\System32\system\svchost.exe msg [-]) -> TROUVÉ
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> TROUVÉ
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> TROUVÉ
[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> TROUVÉ
[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorUser (0) -> TROUVÉ
[HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> TROUVÉ
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> TROUVÉ
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> TROUVÉ

¤¤¤ Tâches planifiées : 3 ¤¤¤
[V1][SUSP PATH] GoogleUpdateTaskMachineUA.job : C:\Program Files\Google\Update\GoogleUpdate.exe - /ua /installsource scheduler [7][-] -> TROUVÉ
[V2][SUSP PATH] GoogleUpdateTaskMachineUA : C:\Program Files\Google\Update\GoogleUpdate.exe - /ua /installsource scheduler [7][-] -> TROUVÉ
[V2][SUSP PATH] SomotoUpdateCheckerAutoStart : C:\Users\Kirikou\AppData\Local\FilesFrog Update Checker\update_checker.exe - /auto [7] -> TROUVÉ

¤¤¤ Entrées Startup : 0 ¤¤¤

¤¤¤ Navigateurs web : 0 ¤¤¤

¤¤¤ Addons navigateur : 2 ¤¤¤
[FF][PUP] deb7a6li.default : AVG Security Toolbar
[CHR][PUP] Default : AVG Security Toolbar

¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤

¤¤¤ Driver : [CHARGE] ¤¤¤

¤¤¤ Ruches Externes: ¤¤¤

¤¤¤ Infection : PUP ¤¤¤

¤¤¤ Fichier HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 www.iobit.com
127.0.0.1 www.asc55.iobit.com


¤¤¤ MBR Verif: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ATA TOSHIBA MK3263GS SCSI Disk Device +++++
--- User ---
[MBR] 12aaf232c4a270d640fc4ef157fd4c3a
[BSP] 97268fdcf896ac0800323a692a9c27ef : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 39900 MB
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 81922048 | Size: 100000 MB
3 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 286722048 | Size: 165243 MB
User = LL1 ... OK!
User = LL2 ... OK!

Termine : << RKreport[0]_S_03202014_194452.txt >>







A voir également:

1 réponse

Réponse 1 / 1
lilidurhone Messages postés 43347 Date d'inscription lundi 25 avril 2011 Statut Contributeur sécurité Dernière intervention 31 octobre 2024 3 807
20 mars 2014 à 21:06
* Quitte tous tes programmes en cours

* Sous Vista/Seven , clique droit -> lancer en tant qu'administrateur

* Sinon lance simplement RogueKiller.exe

* Patiente pendant le pre-scan, clique sur Scan

* Vérifie que tous les éléments sont cochés puis clique sur Suppression

* Poste le rapport RKreport.txt présent sur le bureau.
0
fabaxy Messages postés 2 Date d'inscription jeudi 20 mars 2014 Statut Membre Dernière intervention 30 mars 2014
30 mars 2014 à 19:30
RogueKiller V8.8.15 [Mar 27 2014] par Adlice Software
mail : https://www.adlice.com/contact/
Remontees : https://forum.adlice.com/
Site Web : http://www.surlatoile.org/RogueKiller/
Blog : https://www.adlice.com/

Systeme d'exploitation : Windows 7 (6.1.7600 ) 32 bits version
Demarrage : Mode normal
Utilisateur : Kirikou [Droits d'admin]
Mode : Suppression -- Date : 03/30/2014 17:29:54
| ARK || FAK || MBR |

¤¤¤ Processus malicieux : 0 ¤¤¤

¤¤¤ Entrees de registre : 13 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : FLV Player (C:\Users\Kirikou\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe [-]) -> SUPPRIMÉ
[RUN][SUSP PATH] HKUS\S-1-5-21-1411028462-1175006627-2301370370-1000\[...]\Run : FLV Player (C:\Users\Kirikou\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe [-]) -> [0x2] Le fichier spécifié est introuvable.
[RUN][SUSP PATH] HKLM\[...]\Run : rescue ("C:\ProgramData\rescue.vbe" [-]) -> SUPPRIMÉ
[SERVICE][HJNAME] HKLM\[...]\CCSet\[...]\Services : system (C:\Windows\System32\system\svchost.exe msg [-]) -> SUPPRIMÉ
[SERVICE][HJNAME] HKLM\[...]\CS001\[...]\Services : system (C:\Windows\System32\system\svchost.exe msg [-]) -> [0x2] Le fichier spécifié est introuvable.
[SERVICE][HJNAME] HKLM\[...]\CS002\[...]\Services : system (C:\Windows\System32\system\svchost.exe msg [-]) -> SUPPRIMÉ
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> SUPPRIMÉ
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> SUPPRIMÉ
[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> REMPLACÉ (2)
[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorUser (0) -> REMPLACÉ (1)
[HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> REMPLACÉ (1)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REMPLACÉ (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REMPLACÉ (0)

¤¤¤ Tâches planifiées : 3 ¤¤¤
[V1][SUSP PATH] GoogleUpdateTaskMachineUA.job : C:\Program Files\Google\Update\GoogleUpdate.exe - /ua /installsource scheduler [7][-] -> SUPPRIMÉ
[V2][SUSP PATH] GoogleUpdateTaskMachineUA : C:\Program Files\Google\Update\GoogleUpdate.exe - /ua /installsource scheduler [7][-] -> SUPPRIMÉ
[V2][SUSP PATH] SomotoUpdateCheckerAutoStart : C:\Users\Kirikou\AppData\Local\FilesFrog Update Checker\update_checker.exe - /auto [7] -> SUPPRIMÉ

¤¤¤ Entrées Startup : 0 ¤¤¤

¤¤¤ Navigateurs web : 0 ¤¤¤

¤¤¤ Addons navigateur : 2 ¤¤¤
[FF][PUP] deb7a6li.default : AVG Security Toolbar
[CHR][PUP] Default : AVG Security Toolbar

¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤

¤¤¤ Driver : [CHARGE] ¤¤¤
[Address] EAT @explorer.exe (BeginBufferedAnimation) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746C09AE)
[Address] EAT @explorer.exe (BeginBufferedPaint) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746B49A1)
[Address] EAT @explorer.exe (BeginPanningFeedback) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746E0731)
[Address] EAT @explorer.exe (BufferedPaintClear) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746B6395)
[Address] EAT @explorer.exe (BufferedPaintInit) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746B940E)
[Address] EAT @explorer.exe (BufferedPaintRenderAnimation) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746C08ED)
[Address] EAT @explorer.exe (BufferedPaintSetAlpha) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746CE6B3)
[Address] EAT @explorer.exe (BufferedPaintStopAllAnimations) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746CD395)
[Address] EAT @explorer.exe (BufferedPaintUnInit) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746B94AB)
[Address] EAT @explorer.exe (CloseThemeData) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746B6A18)
[Address] EAT @explorer.exe (DrawThemeBackground) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746B3982)
[Address] EAT @explorer.exe (DrawThemeBackgroundEx) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746CD9DA)
[Address] EAT @explorer.exe (DrawThemeEdge) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746D3B52)
[Address] EAT @explorer.exe (DrawThemeIcon) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746E35E7)
[Address] EAT @explorer.exe (DrawThemeParentBackground) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746B53E5)
[Address] EAT @explorer.exe (DrawThemeParentBackgroundEx) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746B51BF)
[Address] EAT @explorer.exe (DrawThemeText) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746B4EA1)
[Address] EAT @explorer.exe (DrawThemeTextEx) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746B63E6)
[Address] EAT @explorer.exe (EnableThemeDialogTexture) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746BFCAF)
[Address] EAT @explorer.exe (EnableTheming) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746E2FEB)
[Address] EAT @explorer.exe (EndBufferedAnimation) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746B3F9A)
[Address] EAT @explorer.exe (EndBufferedPaint) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746B3F9A)
[Address] EAT @explorer.exe (EndPanningFeedback) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746E06CC)
[Address] EAT @explorer.exe (GetBufferedPaintBits) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746B4BAF)
[Address] EAT @explorer.exe (GetBufferedPaintDC) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746C04BC)
[Address] EAT @explorer.exe (GetBufferedPaintTargetDC) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746C0473)
[Address] EAT @explorer.exe (GetBufferedPaintTargetRect) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746E2E7F)
[Address] EAT @explorer.exe (GetCurrentThemeName) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746C05DD)
[Address] EAT @explorer.exe (GetThemeAppProperties) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746C0FB1)
[Address] EAT @explorer.exe (GetThemeBackgroundContentRect) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746BCD2E)
[Address] EAT @explorer.exe (GetThemeBackgroundExtent) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746BF8BF)
[Address] EAT @explorer.exe (GetThemeBackgroundRegion) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746C165D)
[Address] EAT @explorer.exe (GetThemeBitmap) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746BBF93)
[Address] EAT @explorer.exe (GetThemeBool) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746B7C1F)
[Address] EAT @explorer.exe (GetThemeColor) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746B616C)
[Address] EAT @explorer.exe (GetThemeDocumentationProperty) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746E2932)
[Address] EAT @explorer.exe (GetThemeEnumValue) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746B616C)
[Address] EAT @explorer.exe (GetThemeFilename) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746E2412)
[Address] EAT @explorer.exe (GetThemeFont) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746BFF21)
[Address] EAT @explorer.exe (GetThemeInt) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746B616C)
[Address] EAT @explorer.exe (GetThemeIntList) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746E23B1)
[Address] EAT @explorer.exe (GetThemeMargins) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746B86E9)
[Address] EAT @explorer.exe (GetThemeMetric) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746C06E2)
[Address] EAT @explorer.exe (GetThemePartSize) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746BCDB1)
[Address] EAT @explorer.exe (GetThemePosition) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746E2350)
[Address] EAT @explorer.exe (GetThemePropertyOrigin) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746D3FBB)
[Address] EAT @explorer.exe (GetThemeRect) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746C3611)
[Address] EAT @explorer.exe (GetThemeStream) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746C39D9)
[Address] EAT @explorer.exe (GetThemeString) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746E22E4)
[Address] EAT @explorer.exe (GetThemeSysBool) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746E3172)
[Address] EAT @explorer.exe (GetThemeSysColor) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746D3274)
[Address] EAT @explorer.exe (GetThemeSysColorBrush) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746E301E)
[Address] EAT @explorer.exe (GetThemeSysFont) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746E29C4)
[Address] EAT @explorer.exe (GetThemeSysInt) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746E2BD3)
[Address] EAT @explorer.exe (GetThemeSysSize) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746E320B)
[Address] EAT @explorer.exe (GetThemeSysString) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746E2B3F)
[Address] EAT @explorer.exe (GetThemeTextExtent) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746B2D57)
[Address] EAT @explorer.exe (GetThemeTextMetrics) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746BF992)
[Address] EAT @explorer.exe (GetThemeTransitionDuration) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746C1081)
[Address] EAT @explorer.exe (GetWindowTheme) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746BDF46)
[Address] EAT @explorer.exe (HitTestThemeBackground) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746C3CE3)
[Address] EAT @explorer.exe (IsAppThemed) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746BF869)
[Address] EAT @explorer.exe (IsCompositionActive) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746B2E9A)
[Address] EAT @explorer.exe (IsThemeActive) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746BF785)
[Address] EAT @explorer.exe (IsThemeBackgroundPartiallyTransparent) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746B60AB)
[Address] EAT @explorer.exe (IsThemeDialogTextureEnabled) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746E312B)
[Address] EAT @explorer.exe (IsThemePartDefined) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746B85B4)
[Address] EAT @explorer.exe (OpenThemeData) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746B73D2)
[Address] EAT @explorer.exe (OpenThemeDataEx) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746D3D43)
[Address] EAT @explorer.exe (SetThemeAppProperties) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746E3296)
[Address] EAT @explorer.exe (SetWindowTheme) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746C0134)
[Address] EAT @explorer.exe (SetWindowThemeAttribute) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746CCFE6)
[Address] EAT @explorer.exe (ThemeInitApiHook) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746BB176)
[Address] EAT @explorer.exe (UpdatePanningFeedback) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746E068D)
[Address] EAT @firefox.exe (BeginBufferedAnimation) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746C09AE)
[Address] EAT @firefox.exe (BeginBufferedPaint) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746B49A1)
[Address] EAT @firefox.exe (BeginPanningFeedback) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746E0731)
[Address] EAT @firefox.exe (BufferedPaintClear) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746B6395)
[Address] EAT @firefox.exe (BufferedPaintInit) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746B940E)
[Address] EAT @firefox.exe (BufferedPaintRenderAnimation) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746C08ED)
[Address] EAT @firefox.exe (BufferedPaintSetAlpha) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746CE6B3)
[Address] EAT @firefox.exe (BufferedPaintStopAllAnimations) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746CD395)
[Address] EAT @firefox.exe (BufferedPaintUnInit) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746B94AB)
[Address] EAT @firefox.exe (CloseThemeData) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746B6A18)
[Address] EAT @firefox.exe (DrawThemeBackground) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746B3982)
[Address] EAT @firefox.exe (DrawThemeBackgroundEx) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746CD9DA)
[Address] EAT @firefox.exe (DrawThemeEdge) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746D3B52)
[Address] EAT @firefox.exe (DrawThemeIcon) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746E35E7)
[Address] EAT @firefox.exe (DrawThemeParentBackground) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746B53E5)
[Address] EAT @firefox.exe (DrawThemeParentBackgroundEx) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746B51BF)
[Address] EAT @firefox.exe (DrawThemeText) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746B4EA1)
[Address] EAT @firefox.exe (DrawThemeTextEx) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746B63E6)
[Address] EAT @firefox.exe (EnableThemeDialogTexture) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746BFCAF)
[Address] EAT @firefox.exe (EnableTheming) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746E2FEB)
[Address] EAT @firefox.exe (EndBufferedAnimation) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746B3F9A)
[Address] EAT @firefox.exe (EndBufferedPaint) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746B3F9A)
[Address] EAT @firefox.exe (EndPanningFeedback) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746E06CC)
[Address] EAT @firefox.exe (GetBufferedPaintBits) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746B4BAF)
[Address] EAT @firefox.exe (GetBufferedPaintDC) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746C04BC)
[Address] EAT @firefox.exe (GetBufferedPaintTargetDC) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746C0473)
[Address] EAT @firefox.exe (GetBufferedPaintTargetRect) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746E2E7F)
[Address] EAT @firefox.exe (GetCurrentThemeName) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746C05DD)
[Address] EAT @firefox.exe (GetThemeAppProperties) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746C0FB1)
[Address] EAT @firefox.exe (GetThemeBackgroundContentRect) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746BCD2E)
[Address] EAT @firefox.exe (GetThemeBackgroundExtent) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746BF8BF)
[Address] EAT @firefox.exe (GetThemeBackgroundRegion) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746C165D)
[Address] EAT @firefox.exe (GetThemeBitmap) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746BBF93)
[Address] EAT @firefox.exe (GetThemeBool) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746B7C1F)
[Address] EAT @firefox.exe (GetThemeColor) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746B616C)
[Address] EAT @firefox.exe (GetThemeDocumentationProperty) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746E2932)
[Address] EAT @firefox.exe (GetThemeEnumValue) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746B616C)
[Address] EAT @firefox.exe (GetThemeFilename) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746E2412)
[Address] EAT @firefox.exe (GetThemeFont) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746BFF21)
[Address] EAT @firefox.exe (GetThemeInt) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746B616C)
[Address] EAT @firefox.exe (GetThemeIntList) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746E23B1)
[Address] EAT @firefox.exe (GetThemeMargins) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746B86E9)
[Address] EAT @firefox.exe (GetThemeMetric) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746C06E2)
[Address] EAT @firefox.exe (GetThemePartSize) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746BCDB1)
[Address] EAT @firefox.exe (GetThemePosition) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746E2350)
[Address] EAT @firefox.exe (GetThemePropertyOrigin) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746D3FBB)
[Address] EAT @firefox.exe (GetThemeRect) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746C3611)
[Address] EAT @firefox.exe (GetThemeStream) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746C39D9)
[Address] EAT @firefox.exe (GetThemeString) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746E22E4)
[Address] EAT @firefox.exe (GetThemeSysBool) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746E3172)
[Address] EAT @firefox.exe (GetThemeSysColor) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746D3274)
[Address] EAT @firefox.exe (GetThemeSysColorBrush) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746E301E)
[Address] EAT @firefox.exe (GetThemeSysFont) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746E29C4)
[Address] EAT @firefox.exe (GetThemeSysInt) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746E2BD3)
[Address] EAT @firefox.exe (GetThemeSysSize) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746E320B)
[Address] EAT @firefox.exe (GetThemeSysString) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746E2B3F)
[Address] EAT @firefox.exe (GetThemeTextExtent) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746B2D57)
[Address] EAT @firefox.exe (GetThemeTextMetrics) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746BF992)
[Address] EAT @firefox.exe (GetThemeTransitionDuration) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746C1081)
[Address] EAT @firefox.exe (GetWindowTheme) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746BDF46)
[Address] EAT @firefox.exe (HitTestThemeBackground) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746C3CE3)
[Address] EAT @firefox.exe (IsAppThemed) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746BF869)
[Address] EAT @firefox.exe (IsCompositionActive) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746B2E9A)
[Address] EAT @firefox.exe (IsThemeActive) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746BF785)
[Address] EAT @firefox.exe (IsThemeBackgroundPartiallyTransparent) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746B60AB)
[Address] EAT @firefox.exe (IsThemeDialogTextureEnabled) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746E312B)
[Address] EAT @firefox.exe (IsThemePartDefined) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746B85B4)
[Address] EAT @firefox.exe (OpenThemeData) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746B73D2)
[Address] EAT @firefox.exe (OpenThemeDataEx) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746D3D43)
[Address] EAT @firefox.exe (SetThemeAppProperties) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746E3296)
[Address] EAT @firefox.exe (SetWindowTheme) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746C0134)
[Address] EAT @firefox.exe (SetWindowThemeAttribute) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746CCFE6)
[Address] EAT @firefox.exe (ThemeInitApiHook) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746BB176)
[Address] EAT @firefox.exe (UpdatePanningFeedback) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746E068D)

¤¤¤ Ruches Externes: ¤¤¤

¤¤¤ Infection : PUP ¤¤¤

¤¤¤ Fichier HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 www.iobit.com
127.0.0.1 www.asc55.iobit.com


¤¤¤ MBR Verif: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ATA TOSHIBA MK3263GS SCSI Disk Device +++++
--- User ---
[MBR] 12aaf232c4a270d640fc4ef157fd4c3a
[BSP] 97268fdcf896ac0800323a692a9c27ef : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 39900 MB
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 81922048 | Size: 100000 MB
3 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 286722048 | Size: 165243 MB
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) Imation ImationFlashDriv USB Device +++++
--- User ---
[MBR] ab108315a8eed832a8f1e11dc0949bdf
[BSP] ef3177ea6997481f5647d45aa222b26f : Empty MBR Code
Partition table:
0 - [ACTIVE] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 8064 | Size: 3692 MB
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Cette demande n?est pas prise en charge. )

Termine : << RKreport[0]_D_03302014_172953.txt >>
RKreport[0]_S_03202014_194452.txt;RKreport[0]_S_03302014_172908.txt
0

Discussions similaires

Afficher toutes les lignes masquées excel
livlarsen -
esicom -

26 réponses
affichage tableau sous C
Utilisateur anonyme -
fonceurweb -

2 réponses