Bonjour,
qui peut m'aider ; apparemment problème IAT
roguekiller me renvoie vers un tutoriel mais je comprends rien...
Voilas le rapport
RogueKiller V10.0.4.0 (x64) [Oct 29 2014] par Adlice Software
email :
https://www.adlice.com/contact/
Remontées :
https://forum.adlice.com/
Site web : https://www.surlatoile.org/RogueKiller/
Blog :
https://www.adlice.com/
Système d'exploitation : Windows 8.1 (6.3.9200 ) 64 bits version
Démarré en : Mode normal
Utilisateur : lozoic2 [Administrateur]
Mode : Suppression -- Date : 11/06/2014 11:20:57
¤¤¤ Processus : 0 ¤¤¤
¤¤¤ Registre : 8 ¤¤¤
[PUM.SearchPage] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Search Page :
https://www.google.com/?gws_rd=ssl -> Non sélectionné
[PUM.SearchPage] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Search Page :
https://www.google.com/?gws_rd=ssl -> Non sélectionné
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-4141608515-285612891-1013182166-1001\Software\Microsoft\Internet Explorer\Main | Search Page :
https://www.google.com/?gws_rd=ssl -> Non sélectionné
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-4141608515-285612891-1013182166-1001\Software\Microsoft\Internet Explorer\Main | Search Page :
https://www.google.com/?gws_rd=ssl -> Non sélectionné
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-4141608515-285612891-1013182166-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> Non sélectionné
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-4141608515-285612891-1013182166-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> Non sélectionné
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-4141608515-285612891-1013182166-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> Non sélectionné
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-4141608515-285612891-1013182166-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> Non sélectionné
¤¤¤ Tâches : 0 ¤¤¤
¤¤¤ Fichiers : 0 ¤¤¤
¤¤¤ Fichier Hosts : 36 ¤¤¤
[C:\WINDOWS\System32\drivers\etc\hosts] 127.0.0.1 localhost
[C:\WINDOWS\System32\drivers\etc\hosts] ::1 localhost
[C:\WINDOWS\System32\drivers\etc\hosts] 0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
[C:\WINDOWS\System32\drivers\etc\hosts] 0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
[C:\WINDOWS\System32\drivers\etc\hosts] 0.0.0.0 media.opencandy.com
[C:\WINDOWS\System32\drivers\etc\hosts] 0.0.0.0 cdn.opencandy.com
[C:\WINDOWS\System32\drivers\etc\hosts] 0.0.0.0 tracking.opencandy.com
[C:\WINDOWS\System32\drivers\etc\hosts] 0.0.0.0 api.opencandy.com
[C:\WINDOWS\System32\drivers\etc\hosts] 0.0.0.0 installer.betterinstaller.com
[C:\WINDOWS\System32\drivers\etc\hosts] 0.0.0.0 installer.filebulldog.com
[C:\WINDOWS\System32\drivers\etc\hosts] 0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
[C:\WINDOWS\System32\drivers\etc\hosts] 0.0.0.0 inno.bisrv.com
[C:\WINDOWS\System32\drivers\etc\hosts] 0.0.0.0 nsis.bisrv.com
[C:\WINDOWS\System32\drivers\etc\hosts] 0.0.0.0 cdn.file2desktop.com
[C:\WINDOWS\System32\drivers\etc\hosts] 0.0.0.0 cdn.goateastcach.us
[C:\WINDOWS\System32\drivers\etc\hosts] 0.0.0.0 cdn.guttastatdk.us
[C:\WINDOWS\System32\drivers\etc\hosts] 0.0.0.0 cdn.inskinmedia.com
[C:\WINDOWS\System32\drivers\etc\hosts] 0.0.0.0 cdn.insta.oibundles2.com
[C:\WINDOWS\System32\drivers\etc\hosts] 0.0.0.0 cdn.insta.playbryte.com
[C:\WINDOWS\System32\drivers\etc\hosts] 0.0.0.0 cdn.llogetfastcach.us
[C:\WINDOWS\System32\drivers\etc\hosts] 0.0.0.0 cdn.montiera.com
[C:\WINDOWS\System32\drivers\etc\hosts] 0.0.0.0 cdn.msdwnld.com
[C:\WINDOWS\System32\drivers\etc\hosts] 0.0.0.0 cdn.mypcbackup.com
[C:\WINDOWS\System32\drivers\etc\hosts] 0.0.0.0 cdn.ppdownload.com
[C:\WINDOWS\System32\drivers\etc\hosts] 0.0.0.0 cdn.riceateastcach.us
[C:\WINDOWS\System32\drivers\etc\hosts] 0.0.0.0 cdn.shyapotato.us
[C:\WINDOWS\System32\drivers\etc\hosts] 0.0.0.0 cdn.solimba.com
[C:\WINDOWS\System32\drivers\etc\hosts] 0.0.0.0 cdn.tuto4pc.com
[C:\WINDOWS\System32\drivers\etc\hosts] 0.0.0.0 cdn.appround.biz
[C:\WINDOWS\System32\drivers\etc\hosts] 0.0.0.0 cdn.bigspeedpro.com
[C:\WINDOWS\System32\drivers\etc\hosts] 0.0.0.0 cdn.bispd.com
[C:\WINDOWS\System32\drivers\etc\hosts] 0.0.0.0 cdn.bisrv.com
[C:\WINDOWS\System32\drivers\etc\hosts] 0.0.0.0 cdn.cdndp.com
[C:\WINDOWS\System32\drivers\etc\hosts] 0.0.0.0 cdn.download.sweetpacks.com
[C:\WINDOWS\System32\drivers\etc\hosts] 0.0.0.0 cdn.dpdownload.com
[C:\WINDOWS\System32\drivers\etc\hosts] 0.0.0.0 cdn.visualbee.net
¤¤¤ Antirootkit : 10 (Driver: Chargé) ¤¤¤
[IAT:Addr] (explorer.exe @ combase.dll) ext-ms-win-com-clbcatq-l1-1-0.dll - GetCatalogObject2 : C:\WINDOWS\SYSTEM32\clbcatq.dll @ 0x7ffe577e24b0
[IAT:Addr] (explorer.exe @ combase.dll) ext-ms-win-com-clbcatq-l1-1-0.dll - GetCatalogObject : C:\WINDOWS\SYSTEM32\clbcatq.dll @ 0x7ffe577e23c0
[IAT:Addr] (explorer.exe @ twinui.appcore.dll) ext-ms-win-session-wtsapi32-l1-1-0.dll - WTSRegisterSessionNotification : C:\WINDOWS\SYSTEM32\WTSAPI32.dll @ 0x7ffe52871be0
[IAT:Addr] (explorer.exe @ wpncore.dll) ext-ms-win-session-wtsapi32-l1-1-0.dll - WTSQuerySessionInformationW : C:\WINDOWS\SYSTEM32\WTSAPI32.dll @ 0x7ffe528716a0
[IAT:Addr] (explorer.exe @ wpncore.dll) ext-ms-win-session-wtsapi32-l1-1-0.dll - WTSRegisterSessionNotification : C:\WINDOWS\SYSTEM32\WTSAPI32.dll @ 0x7ffe52871be0
[IAT:Addr] (explorer.exe @ wpncore.dll) ext-ms-win-session-wtsapi32-l1-1-0.dll - WTSFreeMemory : C:\WINDOWS\SYSTEM32\WTSAPI32.dll @ 0x7ffe52871330
[IAT:Addr] (explorer.exe @ wpncore.dll) ext-ms-win-session-winsta-l1-1-0.dll - WinStationQueryInformationW : C:\WINDOWS\SYSTEM32\WINSTA.dll @ 0x7ffe56611160
[IAT:Addr] (explorer.exe @ SettingSyncCore.dll) ext-ms-win-shell-settingsync-l1-1-0.dll - SettingSync_IsAllowedByGroupPolicy : C:\WINDOWS\SYSTEM32\SETTINGSYNCPOLICY.dll @ 0x7ffe44e92e44
[IAT:Addr] (explorer.exe @ PackageStateRoaming.dll) ext-ms-win-shell-settingsync-l1-1-0.dll - SettingSync_IsAppDataBackupRestoreEnabled : C:\WINDOWS\SYSTEM32\SETTINGSYNCPOLICY.dll @ 0x7ffe44e9204c
[IAT:Addr] (explorer.exe @ Windows.Globalization.dll) ext-ms-win-globalization-input-l1-1-0.dll - WGIGetCurrentInputLanguage : C:\WINDOWS\SYSTEM32\globinputhost.dll @ 0x7ffe434d62f4
¤¤¤ Navigateurs web : 0 ¤¤¤
¤¤¤ Vérification MBR : ¤¤¤
+++++ PhysicalDrive0: ST500LT012-9WS142 +++++
--- User ---
[MBR] b1a6a5b3cc5bbbd6421bea0bdf59172c
[BSP] 953496849aec15ce3772cdc4bcbaf610 : Empty MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x0) [VISIBLE] Offset (sectors): 1 | Size: 2097152 MB
User = LL1 ... OK
User = LL2 ... OK
============================================
RKreport_DEL_10162014_122316.log - RKreport_DEL_10172014_093552.log - RKreport_SCN_10162014_121340.log - RKreport_SCN_10172014_093246.log
RKreport_SCN_11062014_110719.log
Afficher la suite
