Invasion de pub
Résolu/Fermé
cessna172
Messages postés
26
Date d'inscription
vendredi 2 janvier 2015
Statut
Membre
Dernière intervention
6 janvier 2015
-
4 janv. 2015 à 12:03
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 - 6 janv. 2015 à 22:53
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 - 6 janv. 2015 à 22:53
A voir également:
- Invasion de pub
- Bloqueur de pub youtube - Guide
- Netflix standard avec pub - Guide
- YT Siphon : une extension pour contourner la pub sur YouTube - Guide
- Youtube sans pub - Guide
- Stop pub gratuit - Télécharger - Divers Utilitaires
15 réponses
cessna172
Messages postés
26
Date d'inscription
vendredi 2 janvier 2015
Statut
Membre
Dernière intervention
6 janvier 2015
1
6 janv. 2015 à 18:55
6 janv. 2015 à 18:55
youpiiiiiiiii c'est revenu j'ai tout qui re-fonctionne. Un grand bravo à toi Mille merci tu es un As Bravo bravo bravo merci merci merci
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 629
4 janv. 2015 à 12:04
4 janv. 2015 à 12:04
Salut,
Tu as installé des adwares et programmes parasites sur ton PC.
Voici la procédure à suivre pour les supprimer :
Commence par ceci :
Suis le tutorial AdwCleaner https://www.malekal.com/adwcleaner-supprimer-virus-adwares-pup/?t=33839&start= AdwCleaner ( d'Xplode )
Télécharge AdwCleaner sur ton bureau.
Lance AdwCleaner, clique sur [Scanner].
Le scan peux durer plusieurs minutes, patienter.
Une fois le scan terminé, clique sur [Nettoyer]
Une fois le nettoyage terminé, un rapport s'ouvrira. Copie/colle le contenu du rapport dans ta prochaine réponse par un copier/coller.
Si cela ne fonctionne pas, utilise le site http://pjjoint.malekal.com pour héberger le rapport, donne le lien du rapport dans un nouveau message.
Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt
puis :
Suis ce tutorial : https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/
Cela va générer deux rapports FRST.
Envoie comme expliqué, ces deux rapports sur le site http://pjjoint.malekal.com et donne les trois liens pjjoint de ces rapports afin qu'ils puissent être consultés.
Tu as installé des adwares et programmes parasites sur ton PC.
Voici la procédure à suivre pour les supprimer :
Commence par ceci :
Suis le tutorial AdwCleaner https://www.malekal.com/adwcleaner-supprimer-virus-adwares-pup/?t=33839&start= AdwCleaner ( d'Xplode )
Télécharge AdwCleaner sur ton bureau.
Lance AdwCleaner, clique sur [Scanner].
Le scan peux durer plusieurs minutes, patienter.
Une fois le scan terminé, clique sur [Nettoyer]
Une fois le nettoyage terminé, un rapport s'ouvrira. Copie/colle le contenu du rapport dans ta prochaine réponse par un copier/coller.
Si cela ne fonctionne pas, utilise le site http://pjjoint.malekal.com pour héberger le rapport, donne le lien du rapport dans un nouveau message.
Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt
puis :
Suis ce tutorial : https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/
Cela va générer deux rapports FRST.
Envoie comme expliqué, ces deux rapports sur le site http://pjjoint.malekal.com et donne les trois liens pjjoint de ces rapports afin qu'ils puissent être consultés.
cessna172
Messages postés
26
Date d'inscription
vendredi 2 janvier 2015
Statut
Membre
Dernière intervention
6 janvier 2015
1
4 janv. 2015 à 14:08
4 janv. 2015 à 14:08
je pense avoir suivi le déroulement
cessna172
Messages postés
26
Date d'inscription
vendredi 2 janvier 2015
Statut
Membre
Dernière intervention
6 janvier 2015
1
4 janv. 2015 à 12:16
4 janv. 2015 à 12:16
ok merci je vais suivre la procédure.
cessna172
Messages postés
26
Date d'inscription
vendredi 2 janvier 2015
Statut
Membre
Dernière intervention
6 janvier 2015
1
4 janv. 2015 à 12:40
4 janv. 2015 à 12:40
# AdwCleaner v4.106 - Rapport créé le 04/01/2015 à 12:31:58
# Mis à jour le 21/12/2014 par Xplode
# Database : 2015-01-03.1 [Live]
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : jean-françois - NOTREORDINATEUR
# Exécuté depuis : C:\Users\jean-françois\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ABJZX1CB\adwcleaner_4.106.exe
# Option : Nettoyer
***** [ Services ] *****
***** [ Fichiers / Dossiers ] *****
Dossier Supprimé : C:\TVWizard
Dossier Supprimé : C:\Users\jean-françois\AppData\Local\TVWizard
***** [ Tâches planifiées ] *****
***** [ Raccourcis ] *****
***** [ Registre ] *****
Clé Supprimée : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
***** [ Navigateurs ] *****
-\\ Internet Explorer v11.0.9600.17496
-\\ Mozilla Firefox v33.1.1 (x86 en-US)
-\\ Google Chrome v39.0.2171.95
*************************
# Mis à jour le 21/12/2014 par Xplode
# Database : 2015-01-03.1 [Live]
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : jean-françois - NOTREORDINATEUR
# Exécuté depuis : C:\Users\jean-françois\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ABJZX1CB\adwcleaner_4.106.exe
# Option : Nettoyer
***** [ Services ] *****
***** [ Fichiers / Dossiers ] *****
Dossier Supprimé : C:\TVWizard
Dossier Supprimé : C:\Users\jean-françois\AppData\Local\TVWizard
***** [ Tâches planifiées ] *****
***** [ Raccourcis ] *****
***** [ Registre ] *****
Clé Supprimée : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
***** [ Navigateurs ] *****
-\\ Internet Explorer v11.0.9600.17496
-\\ Mozilla Firefox v33.1.1 (x86 en-US)
-\\ Google Chrome v39.0.2171.95
*************************
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
cessna172
Messages postés
26
Date d'inscription
vendredi 2 janvier 2015
Statut
Membre
Dernière intervention
6 janvier 2015
1
4 janv. 2015 à 14:09
4 janv. 2015 à 14:09
les rapports envoyés
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 629
4 janv. 2015 à 14:16
4 janv. 2015 à 14:16
il faut donner les liens FRST ici.
cessna172
Messages postés
26
Date d'inscription
vendredi 2 janvier 2015
Statut
Membre
Dernière intervention
6 janvier 2015
1
>
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
4 janv. 2015 à 14:25
4 janv. 2015 à 14:25
ok
cessna172
Messages postés
26
Date d'inscription
vendredi 2 janvier 2015
Statut
Membre
Dernière intervention
6 janvier 2015
1
>
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
Modifié par cessna172 le 4/01/2015 à 15:20
Modifié par cessna172 le 4/01/2015 à 15:20
cessna172
Messages postés
26
Date d'inscription
vendredi 2 janvier 2015
Statut
Membre
Dernière intervention
6 janvier 2015
1
>
cessna172
Messages postés
26
Date d'inscription
vendredi 2 janvier 2015
Statut
Membre
Dernière intervention
6 janvier 2015
4 janv. 2015 à 15:14
4 janv. 2015 à 15:14
cessna172
Messages postés
26
Date d'inscription
vendredi 2 janvier 2015
Statut
Membre
Dernière intervention
6 janvier 2015
1
>
cessna172
Messages postés
26
Date d'inscription
vendredi 2 janvier 2015
Statut
Membre
Dernière intervention
6 janvier 2015
4 janv. 2015 à 15:25
4 janv. 2015 à 15:25
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 629
4 janv. 2015 à 15:12
4 janv. 2015 à 15:12
Voici la correction à effectuer avec FRST.
Tu peux t'inspirer de cette note explicative avec des captures d'écran pour t'aider: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/#fix
Ouvre le bloc-notes : Touche Windows + R, dans le champs executer, tape notepad et OK.
Copie/colle dedans ce qui suit :
HKLM-x32\...\Run: [Allin1Convert EPM Support] => C:\PROGRA~2\ALLIN1~2\bar\1.bin\8hmedint.exe T8EPMSUP.DLL,S
KLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [gmsd_fr_20] => [X]
HKU\S-1-5-21-810972424-405733510-3077923903-1001\...\Run: [Super Optimizer] => C:\Program Files (x86)\Super Optimizer\SupOptLauncher.exe
FF Extension: No Name - C:\Users\jean-françois\AppData\Roaming\Mozilla\Firefox\Profiles\h19qpssn.default\extensions\MGKN37049485@ACPSC11936960.com [Not Found]
FF Extension: No Name - C:\Users\jean-françois\AppData\Roaming\Mozilla\Firefox\Profiles\h19qpssn.default\extensions\MGKN37049485@ACPSC11936960.com [Not Found]
CHR HomePage: Default -> hxxp://isearch.omiga-plus.com/?type=hp&ts=1420282079&from=adks&uid=HitachiXHTS547564A9E384_J21A0053GKB77NGKB77NX [Pays US - 50.22.218.160]
CHR StartupUrls: Default -> hxxp://isearch.omiga-plus.com/?type=hp&ts=1420282079&from=adks&uid=HitachiXHTS547564A9E384_J21A0053GKB77NGKB77NX [Pays US - 50.22.218.160]
CHR DefaultSearchKeyword: Default -> omiga-plus
CHR DefaultSearchURL: Default -> https://www.google.com/webhp?gws_rd=ssl{searchTerms} [Pays US - 50.22.218.160]
R2 tpRsDv; C:\ProgramData\SNEYXBl\tpRsDv.exe [2726256 2014-12-19] (Small Island Development)
S2 cae99edb; C:\Windows\system32\rundll32.exe c:\Program Files (x86)\Super Optimizer\SupOptCrash.dll,ENT
2015-01-04 12:38 - 2015-01-04 12:38 - 00000000 ____D () C:\Users\jean-françois\AppData\Local\TVWizard
2015-01-02 02:03 - 2015-01-04 10:30 - 00000000 ____D () C:\ProgramData\1887373585
2015-01-02 01:54 - 2015-01-02 01:54 - 00000000 ____D () C:\Program Files (x86)\1a5c9565-36e8-4c6b-98dd-8ae6c0e5c294
2015-01-02 01:52 - 2015-01-02 01:52 - 00003800 _____ () C:\Windows\System32\Tasks\PostPoneInstall
2015-01-02 01:51 - 2015-01-02 01:51 - 00000000 ____D () C:\Program Files (x86)\gmsd_fr_52
2014-12-19 15:06 - 2014-12-19 15:07 - 00000000 ____D () C:\Program Files (x86)\89663f09-b436-429e-ab9c-6b694fdcf121
2014-12-19 15:05 - 2015-01-03 12:26 - 00000000 ____D () C:\Program Files (x86)\Media+PlayerVidEd2.1
2014-12-19 15:05 - 2014-12-19 15:05 - 00000000 ____D () C:\ProgramData\SNEYXBl
2014-12-19 15:05 - 2014-12-19 15:05 - 00000000 ____D () C:\ProgramData\FellowSky
Une fois, le texte coller dans le bloc-note.
Menu Fichier puis Enregistrer sous.
A gauche, place toi sur le bureau.
Dans le champs en bas, nom du fichier mets : fixlist.txt
Clic sur Enregistrer - cela va créer un fichier fixlist.txt sur le bureau.
Relance FRST et clic sur le bouton Fix
Selon comment un redémarrage est nécessaire (pas obligatoire).
Un fichier texte apparaît, copie/colle le contenu ici dans un nouveau message.
Redémarre l'ordinateur
Supprime les PUM.DNS avec RogueKiller : https://forum.malekal.com/viewtopic.php?t=48312&start=
Donne le rapport de suppression RogueKiller ici.
Tu peux t'inspirer de cette note explicative avec des captures d'écran pour t'aider: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/#fix
Ouvre le bloc-notes : Touche Windows + R, dans le champs executer, tape notepad et OK.
Copie/colle dedans ce qui suit :
HKLM-x32\...\Run: [Allin1Convert EPM Support] => C:\PROGRA~2\ALLIN1~2\bar\1.bin\8hmedint.exe T8EPMSUP.DLL,S
KLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [gmsd_fr_20] => [X]
HKU\S-1-5-21-810972424-405733510-3077923903-1001\...\Run: [Super Optimizer] => C:\Program Files (x86)\Super Optimizer\SupOptLauncher.exe
FF Extension: No Name - C:\Users\jean-françois\AppData\Roaming\Mozilla\Firefox\Profiles\h19qpssn.default\extensions\MGKN37049485@ACPSC11936960.com [Not Found]
FF Extension: No Name - C:\Users\jean-françois\AppData\Roaming\Mozilla\Firefox\Profiles\h19qpssn.default\extensions\MGKN37049485@ACPSC11936960.com [Not Found]
CHR HomePage: Default -> hxxp://isearch.omiga-plus.com/?type=hp&ts=1420282079&from=adks&uid=HitachiXHTS547564A9E384_J21A0053GKB77NGKB77NX [Pays US - 50.22.218.160]
CHR StartupUrls: Default -> hxxp://isearch.omiga-plus.com/?type=hp&ts=1420282079&from=adks&uid=HitachiXHTS547564A9E384_J21A0053GKB77NGKB77NX [Pays US - 50.22.218.160]
CHR DefaultSearchKeyword: Default -> omiga-plus
CHR DefaultSearchURL: Default -> https://www.google.com/webhp?gws_rd=ssl{searchTerms} [Pays US - 50.22.218.160]
R2 tpRsDv; C:\ProgramData\SNEYXBl\tpRsDv.exe [2726256 2014-12-19] (Small Island Development)
S2 cae99edb; C:\Windows\system32\rundll32.exe c:\Program Files (x86)\Super Optimizer\SupOptCrash.dll,ENT
2015-01-04 12:38 - 2015-01-04 12:38 - 00000000 ____D () C:\Users\jean-françois\AppData\Local\TVWizard
2015-01-02 02:03 - 2015-01-04 10:30 - 00000000 ____D () C:\ProgramData\1887373585
2015-01-02 01:54 - 2015-01-02 01:54 - 00000000 ____D () C:\Program Files (x86)\1a5c9565-36e8-4c6b-98dd-8ae6c0e5c294
2015-01-02 01:52 - 2015-01-02 01:52 - 00003800 _____ () C:\Windows\System32\Tasks\PostPoneInstall
2015-01-02 01:51 - 2015-01-02 01:51 - 00000000 ____D () C:\Program Files (x86)\gmsd_fr_52
2014-12-19 15:06 - 2014-12-19 15:07 - 00000000 ____D () C:\Program Files (x86)\89663f09-b436-429e-ab9c-6b694fdcf121
2014-12-19 15:05 - 2015-01-03 12:26 - 00000000 ____D () C:\Program Files (x86)\Media+PlayerVidEd2.1
2014-12-19 15:05 - 2014-12-19 15:05 - 00000000 ____D () C:\ProgramData\SNEYXBl
2014-12-19 15:05 - 2014-12-19 15:05 - 00000000 ____D () C:\ProgramData\FellowSky
Une fois, le texte coller dans le bloc-note.
Menu Fichier puis Enregistrer sous.
A gauche, place toi sur le bureau.
Dans le champs en bas, nom du fichier mets : fixlist.txt
Clic sur Enregistrer - cela va créer un fichier fixlist.txt sur le bureau.
Relance FRST et clic sur le bouton Fix
Selon comment un redémarrage est nécessaire (pas obligatoire).
Un fichier texte apparaît, copie/colle le contenu ici dans un nouveau message.
Redémarre l'ordinateur
Supprime les PUM.DNS avec RogueKiller : https://forum.malekal.com/viewtopic.php?t=48312&start=
Donne le rapport de suppression RogueKiller ici.
cessna172
Messages postés
26
Date d'inscription
vendredi 2 janvier 2015
Statut
Membre
Dernière intervention
6 janvier 2015
1
5 janv. 2015 à 21:36
5 janv. 2015 à 21:36
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 03-01-2015 03
Ran by jean-françois at 2015-01-05 21:30:28 Run:1
Running from C:\Users\jean-françois\Desktop
Loaded Profile: jean-françois (Available profiles: jean-françois & christelle & Invité)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
HKLM-x32\...\Run: [Allin1Convert EPM Support] => C:\PROGRA~2\ALLIN1~2\bar\1.bin\8hmedint.exe T8EPMSUP.DLL,S
KLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [gmsd_fr_20] => [X]
HKU\S-1-5-21-810972424-405733510-3077923903-1001\...\Run: [Super Optimizer] => C:\Program Files (x86)\Super Optimizer\SupOptLauncher.exe
FF Extension: No Name - C:\Users\jean-françois\AppData\Roaming\Mozilla\Firefox\Profiles\h19qpssn.default\extensions\MGKN37049485@ACPSC11936960.com [Not Found]
FF Extension: No Name - C:\Users\jean-françois\AppData\Roaming\Mozilla\Firefox\Profiles\h19qpssn.default\extensions\MGKN37049485@ACPSC11936960.com [Not Found]
CHR HomePage: Default -> hxxp://isearch.omiga-plus.com/?type=hp&ts=1420282079&from=adks&uid=HitachiXHTS547564A9E384_J21A0053GKB77NGKB77NX [Pays US - 50.22.218.160]
CHR StartupUrls: Default -> hxxp://isearch.omiga-plus.com/?type=hp&ts=1420282079&from=adks&uid=HitachiXHTS547564A9E384_J21A0053GKB77NGKB77NX [Pays US - 50.22.218.160]
CHR DefaultSearchKeyword: Default -> omiga-plus
CHR DefaultSearchURL: Default -> https://www.google.com/webhp?gws_rd=ssl{searchTerms} [Pays US - 50.22.218.160]
R2 tpRsDv; C:\ProgramData\SNEYXBl\tpRsDv.exe [2726256 2014-12-19] (Small Island Development)
S2 cae99edb; C:\Windows\system32\rundll32.exe c:\Program Files (x86)\Super Optimizer\SupOptCrash.dll,ENT
2015-01-04 12:38 - 2015-01-04 12:38 - 00000000 ____D () C:\Users\jean-françois\AppData\Local\TVWizard
2015-01-02 02:03 - 2015-01-04 10:30 - 00000000 ____D () C:\ProgramData\1887373585
2015-01-02 01:54 - 2015-01-02 01:54 - 00000000 ____D () C:\Program Files (x86)\1a5c9565-36e8-4c6b-98dd-8ae6c0e5c294
2015-01-02 01:52 - 2015-01-02 01:52 - 00003800 _____ () C:\Windows\System32\Tasks\PostPoneInstall
2015-01-02 01:51 - 2015-01-02 01:51 - 00000000 ____D () C:\Program Files (x86)\gmsd_fr_52
2014-12-19 15:06 - 2014-12-19 15:07 - 00000000 ____D () C:\Program Files (x86)\89663f09-b436-429e-ab9c-6b694fdcf121
2014-12-19 15:05 - 2015-01-03 12:26 - 00000000 ____D () C:\Program Files (x86)\Media+PlayerVidEd2.1
2014-12-19 15:05 - 2014-12-19 15:05 - 00000000 ____D () C:\ProgramData\SNEYXBl
2014-12-19 15:05 - 2014-12-19 15:05 - 00000000 ____D () C:\ProgramData\FellowSky
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Allin1Convert EPM Support => value deleted successfully.
KLM-x32\...\Run: [] => [X] => Error: No automatic fix found for this entry.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\gmsd_fr_20 => value deleted successfully.
HKU\S-1-5-21-810972424-405733510-3077923903-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Super Optimizer => value deleted successfully.
C:\Users\jean-françois\AppData\Roaming\Mozilla\Firefox\Profiles\h19qpssn.default\extensions\MGKN37049485@ACPSC11936960.com not found.
C:\Users\jean-françois\AppData\Roaming\Mozilla\Firefox\Profiles\h19qpssn.default\extensions\MGKN37049485@ACPSC11936960.com not found.
Chrome HomePage deleted successfully.
Chrome StartupUrls deleted successfully.
Chrome DefaultSearchKeyword not detected.
Chrome DefaultSearchURL not detected.
tpRsDv => Unable to stop service
tpRsDv => Service deleted successfully.
cae99edb => Service deleted successfully.
C:\Users\jean-françois\AppData\Local\TVWizard => Moved successfully.
C:\ProgramData\1887373585 => Moved successfully.
C:\Program Files (x86)\1a5c9565-36e8-4c6b-98dd-8ae6c0e5c294 => Moved successfully.
C:\Windows\System32\Tasks\PostPoneInstall => Moved successfully.
C:\Program Files (x86)\gmsd_fr_52 => Moved successfully.
C:\Program Files (x86)\89663f09-b436-429e-ab9c-6b694fdcf121 => Moved successfully.
C:\Program Files (x86)\Media+PlayerVidEd2.1 => Moved successfully.
"C:\ProgramData\SNEYXBl" directory move:
Could not move "C:\ProgramData\SNEYXBl\info.dat" => Scheduled to move on reboot.
Could not move "C:\ProgramData\SNEYXBl\tpRsDv.dat" => Scheduled to move on reboot.
C:\ProgramData\SNEYXBl\tpRsDv.exe => Moved successfully.
C:\ProgramData\SNEYXBl\tpRsDv.exe.config => Moved successfully.
Could not move "C:\ProgramData\SNEYXBl\dat\desmOagsiUq.dll" => Scheduled to move on reboot.
Could not move "C:\ProgramData\SNEYXBl\dat\EDeuZyAF.exe" => Scheduled to move on reboot.
Could not move "C:\ProgramData\SNEYXBl\dat\EDeuZyAF.exe.config" => Scheduled to move on reboot.
Could not move "C:\ProgramData\SNEYXBl\dat\OPTxRIkeAVG.exe" => Scheduled to move on reboot.
Could not move "C:\ProgramData\SNEYXBl\dat\OPTxRIkeAVG.exe.config" => Scheduled to move on reboot.
Could not move "C:\ProgramData\SNEYXBl\dat\ULGaxGVC.dll" => Scheduled to move on reboot.
Could not move "C:\ProgramData\SNEYXBl" directory. => Scheduled to move on reboot.
C:\ProgramData\FellowSky => Moved successfully.
=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2015-01-05 21:33:07)<=
C:\ProgramData\SNEYXBl\info.dat => Is moved successfully.
C:\ProgramData\SNEYXBl\tpRsDv.dat => Is moved successfully.
C:\ProgramData\SNEYXBl\dat\desmOagsiUq.dll => Is moved successfully.
C:\ProgramData\SNEYXBl\dat\EDeuZyAF.exe => Is moved successfully.
C:\ProgramData\SNEYXBl\dat\EDeuZyAF.exe.config => Is moved successfully.
C:\ProgramData\SNEYXBl\dat\OPTxRIkeAVG.exe => Is moved successfully.
C:\ProgramData\SNEYXBl\dat\OPTxRIkeAVG.exe.config => Is moved successfully.
C:\ProgramData\SNEYXBl\dat\ULGaxGVC.dll => Is moved successfully.
C:\ProgramData\SNEYXBl => Is moved successfully.
==== End of Fixlog 21:33:07 ====
Ran by jean-françois at 2015-01-05 21:30:28 Run:1
Running from C:\Users\jean-françois\Desktop
Loaded Profile: jean-françois (Available profiles: jean-françois & christelle & Invité)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
HKLM-x32\...\Run: [Allin1Convert EPM Support] => C:\PROGRA~2\ALLIN1~2\bar\1.bin\8hmedint.exe T8EPMSUP.DLL,S
KLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [gmsd_fr_20] => [X]
HKU\S-1-5-21-810972424-405733510-3077923903-1001\...\Run: [Super Optimizer] => C:\Program Files (x86)\Super Optimizer\SupOptLauncher.exe
FF Extension: No Name - C:\Users\jean-françois\AppData\Roaming\Mozilla\Firefox\Profiles\h19qpssn.default\extensions\MGKN37049485@ACPSC11936960.com [Not Found]
FF Extension: No Name - C:\Users\jean-françois\AppData\Roaming\Mozilla\Firefox\Profiles\h19qpssn.default\extensions\MGKN37049485@ACPSC11936960.com [Not Found]
CHR HomePage: Default -> hxxp://isearch.omiga-plus.com/?type=hp&ts=1420282079&from=adks&uid=HitachiXHTS547564A9E384_J21A0053GKB77NGKB77NX [Pays US - 50.22.218.160]
CHR StartupUrls: Default -> hxxp://isearch.omiga-plus.com/?type=hp&ts=1420282079&from=adks&uid=HitachiXHTS547564A9E384_J21A0053GKB77NGKB77NX [Pays US - 50.22.218.160]
CHR DefaultSearchKeyword: Default -> omiga-plus
CHR DefaultSearchURL: Default -> https://www.google.com/webhp?gws_rd=ssl{searchTerms} [Pays US - 50.22.218.160]
R2 tpRsDv; C:\ProgramData\SNEYXBl\tpRsDv.exe [2726256 2014-12-19] (Small Island Development)
S2 cae99edb; C:\Windows\system32\rundll32.exe c:\Program Files (x86)\Super Optimizer\SupOptCrash.dll,ENT
2015-01-04 12:38 - 2015-01-04 12:38 - 00000000 ____D () C:\Users\jean-françois\AppData\Local\TVWizard
2015-01-02 02:03 - 2015-01-04 10:30 - 00000000 ____D () C:\ProgramData\1887373585
2015-01-02 01:54 - 2015-01-02 01:54 - 00000000 ____D () C:\Program Files (x86)\1a5c9565-36e8-4c6b-98dd-8ae6c0e5c294
2015-01-02 01:52 - 2015-01-02 01:52 - 00003800 _____ () C:\Windows\System32\Tasks\PostPoneInstall
2015-01-02 01:51 - 2015-01-02 01:51 - 00000000 ____D () C:\Program Files (x86)\gmsd_fr_52
2014-12-19 15:06 - 2014-12-19 15:07 - 00000000 ____D () C:\Program Files (x86)\89663f09-b436-429e-ab9c-6b694fdcf121
2014-12-19 15:05 - 2015-01-03 12:26 - 00000000 ____D () C:\Program Files (x86)\Media+PlayerVidEd2.1
2014-12-19 15:05 - 2014-12-19 15:05 - 00000000 ____D () C:\ProgramData\SNEYXBl
2014-12-19 15:05 - 2014-12-19 15:05 - 00000000 ____D () C:\ProgramData\FellowSky
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Allin1Convert EPM Support => value deleted successfully.
KLM-x32\...\Run: [] => [X] => Error: No automatic fix found for this entry.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\gmsd_fr_20 => value deleted successfully.
HKU\S-1-5-21-810972424-405733510-3077923903-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Super Optimizer => value deleted successfully.
C:\Users\jean-françois\AppData\Roaming\Mozilla\Firefox\Profiles\h19qpssn.default\extensions\MGKN37049485@ACPSC11936960.com not found.
C:\Users\jean-françois\AppData\Roaming\Mozilla\Firefox\Profiles\h19qpssn.default\extensions\MGKN37049485@ACPSC11936960.com not found.
Chrome HomePage deleted successfully.
Chrome StartupUrls deleted successfully.
Chrome DefaultSearchKeyword not detected.
Chrome DefaultSearchURL not detected.
tpRsDv => Unable to stop service
tpRsDv => Service deleted successfully.
cae99edb => Service deleted successfully.
C:\Users\jean-françois\AppData\Local\TVWizard => Moved successfully.
C:\ProgramData\1887373585 => Moved successfully.
C:\Program Files (x86)\1a5c9565-36e8-4c6b-98dd-8ae6c0e5c294 => Moved successfully.
C:\Windows\System32\Tasks\PostPoneInstall => Moved successfully.
C:\Program Files (x86)\gmsd_fr_52 => Moved successfully.
C:\Program Files (x86)\89663f09-b436-429e-ab9c-6b694fdcf121 => Moved successfully.
C:\Program Files (x86)\Media+PlayerVidEd2.1 => Moved successfully.
"C:\ProgramData\SNEYXBl" directory move:
Could not move "C:\ProgramData\SNEYXBl\info.dat" => Scheduled to move on reboot.
Could not move "C:\ProgramData\SNEYXBl\tpRsDv.dat" => Scheduled to move on reboot.
C:\ProgramData\SNEYXBl\tpRsDv.exe => Moved successfully.
C:\ProgramData\SNEYXBl\tpRsDv.exe.config => Moved successfully.
Could not move "C:\ProgramData\SNEYXBl\dat\desmOagsiUq.dll" => Scheduled to move on reboot.
Could not move "C:\ProgramData\SNEYXBl\dat\EDeuZyAF.exe" => Scheduled to move on reboot.
Could not move "C:\ProgramData\SNEYXBl\dat\EDeuZyAF.exe.config" => Scheduled to move on reboot.
Could not move "C:\ProgramData\SNEYXBl\dat\OPTxRIkeAVG.exe" => Scheduled to move on reboot.
Could not move "C:\ProgramData\SNEYXBl\dat\OPTxRIkeAVG.exe.config" => Scheduled to move on reboot.
Could not move "C:\ProgramData\SNEYXBl\dat\ULGaxGVC.dll" => Scheduled to move on reboot.
Could not move "C:\ProgramData\SNEYXBl" directory. => Scheduled to move on reboot.
C:\ProgramData\FellowSky => Moved successfully.
=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2015-01-05 21:33:07)<=
C:\ProgramData\SNEYXBl\info.dat => Is moved successfully.
C:\ProgramData\SNEYXBl\tpRsDv.dat => Is moved successfully.
C:\ProgramData\SNEYXBl\dat\desmOagsiUq.dll => Is moved successfully.
C:\ProgramData\SNEYXBl\dat\EDeuZyAF.exe => Is moved successfully.
C:\ProgramData\SNEYXBl\dat\EDeuZyAF.exe.config => Is moved successfully.
C:\ProgramData\SNEYXBl\dat\OPTxRIkeAVG.exe => Is moved successfully.
C:\ProgramData\SNEYXBl\dat\OPTxRIkeAVG.exe.config => Is moved successfully.
C:\ProgramData\SNEYXBl\dat\ULGaxGVC.dll => Is moved successfully.
C:\ProgramData\SNEYXBl => Is moved successfully.
==== End of Fixlog 21:33:07 ====
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 629
5 janv. 2015 à 21:38
5 janv. 2015 à 21:38
ca va mieux ?
Si tu as encore des pubs, indique sur quel navigateur WEB.
Si tu as encore des pubs, indique sur quel navigateur WEB.
cessna172
Messages postés
26
Date d'inscription
vendredi 2 janvier 2015
Statut
Membre
Dernière intervention
6 janvier 2015
1
5 janv. 2015 à 21:48
5 janv. 2015 à 21:48
légèrement mieux mais ce n'est pas ça je vais faire ton tuto Roguekiller car j'ai toujours ces demandes de mise à jour soit disant de flash player et j'utilise internet exporer.Je posterai ici le rapport à l'issue de roguekiller
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 629
5 janv. 2015 à 22:40
5 janv. 2015 à 22:40
yep il faut supprimer les PUM.DNS, ça ouvre des pubs, ces mauvais DNS.
cessna172
Messages postés
26
Date d'inscription
vendredi 2 janvier 2015
Statut
Membre
Dernière intervention
6 janvier 2015
1
5 janv. 2015 à 22:56
5 janv. 2015 à 22:56
RogueKiller V10.1.1.0 (x64) [Dec 23 2014] par Adlice Software
email : https://www.adlice.com/contact/
Remontées : https://forum.adlice.com/
Site web : https://www.adlice.com/fr/roguekiller/
Blog : https://www.adlice.com/
Système d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Démarré en : Mode normal
Utilisateur : jean-françois [Administrateur]
Mode : Suppression -- Date : 01/05/2015 22:54:32
¤¤¤ Processus : 0 ¤¤¤
¤¤¤ Registre : 11 ¤¤¤
[Suspicious.Path] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | Magic Desktop for HP notification : "C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe" [7] -> ERROR [0]
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{0020C4E3-95AA-4AF8-BAF1-1253FE26FDFF} | NameServer : [(Unknown Country?) (XX)][(Unknown Country?) (XX)] -> Remplacé(e) ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{7608C2F4-98ED-4EC2-AD35-AD31CC70CCDA} | NameServer : [(Unknown Country?) (XX)][(Unknown Country?) (XX)] -> Remplacé(e) ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{0020C4E3-95AA-4AF8-BAF1-1253FE26FDFF} | NameServer : [(Unknown Country?) (XX)][(Unknown Country?) (XX)] -> Remplacé(e) ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{7608C2F4-98ED-4EC2-AD35-AD31CC70CCDA} | NameServer : [(Unknown Country?) (XX)][(Unknown Country?) (XX)] -> Remplacé(e) ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{0020C4E3-95AA-4AF8-BAF1-1253FE26FDFF} | NameServer : [(Unknown Country?) (XX)][(Unknown Country?) (XX)] -> Remplacé(e) ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{7608C2F4-98ED-4EC2-AD35-AD31CC70CCDA} | NameServer : [(Unknown Country?) (XX)][(Unknown Country?) (XX)] -> Remplacé(e) ()
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 2 -> Remplacé(e) (2)
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 2 -> Remplacé(e) (2)
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 0 -> Remplacé(e) (0)
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 0 -> Remplacé(e) (0)
¤¤¤ Tâches : 0 ¤¤¤
¤¤¤ Fichiers : 0 ¤¤¤
¤¤¤ Fichier Hosts : 2 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost
[C:\Windows\System32\drivers\etc\hosts] ::1 localhost
¤¤¤ Antirootkit : 270 (Driver: Chargé) ¤¤¤
[IAT:Inl] (explorer.exe) ntdll.dll - NtSetSystemInformation : Unknown @ 0x7783010a (jmp 0x15d850|jmp 0xfffffffffffffe09|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtWriteVirtualMemory : Unknown @ 0x7783010a (jmp 0x15ed60|jmp 0xfffffffffffffc49|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtDuplicateObject : Unknown @ 0x7783010a (jmp 0x15ed20|jmp 0xfffffffffffffc69|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtCreateEvent : Unknown @ 0x7783010a (jmp 0x15eba0|jmp 0xfffffffffffffd29|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtNotifyChangeKey : Unknown @ 0x7783010a (jmp 0x15e300|jmp 0xfffffffffffffb69|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtTerminateProcess : Unknown @ 0x7783010a (jmp 0x15ee70|jmp 0xfffffffffffffc19|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtOpenEvent : Unknown @ 0x7783010a (jmp 0x15ec30|jmp 0xfffffffffffffd19|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtAssignProcessToJobObject : Unknown @ 0x7783010a (jmp 0x15e870|jmp 0xfffffffffffffc59|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtSetContextThread : Unknown @ 0x7783010a (jmp 0x15dc20|jmp 0xfffffffffffffbf9|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtCreateSection : Unknown @ 0x7783010a (jmp 0x15ebc0|jmp 0xfffffffffffffce9|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtOpenProcess : Unknown @ 0x7783010a (jmp 0x15ee60|jmp 0xfffffffffffffc89|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtNotifyChangeMultipleKeys : Unknown @ 0x7783010a (jmp 0x15e300|jmp 0xfffffffffffffb59|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtQueryObject : Unknown @ 0x7783010a (jmp 0x15f0a0|jmp 0xfffffffffffffba9|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtCreateIoCompletion : Unknown @ 0x7783010a (jmp 0x15e730|jmp 0xfffffffffffffca9|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtOpenSection : Unknown @ 0x7783010a (jmp 0x15ed00|jmp 0xfffffffffffffcd9|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtCreateSemaphore : Unknown @ 0x7783010a (jmp 0x15e5a0|jmp 0xfffffffffffffd49|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtOpenSemaphore : Unknown @ 0x7783010a (jmp 0x15e030|jmp 0xfffffffffffffd39|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtCreateMutant : Unknown @ 0x7783010a (jmp 0x15e610|jmp 0xfffffffffffffd69|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtOpenMutant : Unknown @ 0x7783010a (jmp 0x15e060|jmp 0xfffffffffffffd59|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtCreateTimer : Unknown @ 0x7783010a (jmp 0x15e5f0|jmp 0xfffffffffffffcc9|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtOpenTimer : Unknown @ 0x7783010a (jmp 0x15e070|jmp 0xfffffffffffffcb9|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtCreateThreadEx : Unknown @ 0x7783010a (jmp 0x15e6a0|jmp 0xfffffffffffffc29|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtTerminateThread : Unknown @ 0x7783010a (jmp 0x15ec10|jmp 0xfffffffffffffc09|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtOpenThread : Unknown @ 0x7783010a (jmp 0x15e0c0|jmp 0xfffffffffffffc79|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtSuspendThread : Unknown @ 0x7783010a (jmp 0x15d9a0|jmp 0xfffffffffffffbc9|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtAlpcSendWaitReceivePort : Unknown @ 0x7783010a (jmp 0x15e980|jmp 0xfffffffffffffb79|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtQueueApcThreadEx : Unknown @ 0x7783010a (jmp 0x15de80|jmp 0xfffffffffffffbb9|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtVdmControl : Unknown @ 0x7783010a (jmp 0x15d700|jmp 0xfffffffffffffd79|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtLoadDriver : Unknown @ 0x7783010a (jmp 0x15e140|jmp 0xfffffffffffffe19|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtOpenEventPair : Unknown @ 0x7783010a (jmp 0x15e130|jmp 0xfffffffffffffcf9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtWriteVirtualMemory : Unknown @ 0x7783010a (jmp 0x15ed60|jmp 0xfffffffffffffc49|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtDuplicateObject : Unknown @ 0x7783010a (jmp 0x15ed20|jmp 0xfffffffffffffc69|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateEvent : Unknown @ 0x7783010a (jmp 0x15eba0|jmp 0xfffffffffffffd29|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtNotifyChangeKey : Unknown @ 0x7783010a (jmp 0x15e300|jmp 0xfffffffffffffb69|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtTerminateProcess : Unknown @ 0x7783010a (jmp 0x15ee70|jmp 0xfffffffffffffc19|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenEvent : Unknown @ 0x7783010a (jmp 0x15ec30|jmp 0xfffffffffffffd19|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtAssignProcessToJobObject : Unknown @ 0x7783010a (jmp 0x15e870|jmp 0xfffffffffffffc59|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtSetContextThread : Unknown @ 0x7783010a (jmp 0x15dc20|jmp 0xfffffffffffffbf9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - LdrUnloadDll : Unknown @ 0x22075c (jmp 0xffffffff88b7cc4b)
[IAT:Inl] (iexplore.exe) ntdll.dll - LdrLoadDll : Unknown @ 0x2203a4 (jmp 0xffffffff88b788e3)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateSection : Unknown @ 0x7783010a (jmp 0x15ebc0|jmp 0xfffffffffffffce9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenProcess : Unknown @ 0x7783010a (jmp 0x15ee60|jmp 0xfffffffffffffc89|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtSetSystemInformation : Unknown @ 0x7783010a (jmp 0x15d850|jmp 0xfffffffffffffe09|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtNotifyChangeMultipleKeys : Unknown @ 0x7783010a (jmp 0x15e300|jmp 0xfffffffffffffb59|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtQueryObject : Unknown @ 0x7783010a (jmp 0x15f0a0|jmp 0xfffffffffffffba9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateIoCompletion : Unknown @ 0x7783010a (jmp 0x15e730|jmp 0xfffffffffffffca9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenSection : Unknown @ 0x7783010a (jmp 0x15ed00|jmp 0xfffffffffffffcd9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateSemaphore : Unknown @ 0x7783010a (jmp 0x15e5a0|jmp 0xfffffffffffffd49|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenSemaphore : Unknown @ 0x7783010a (jmp 0x15e030|jmp 0xfffffffffffffd39|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateMutant : Unknown @ 0x7783010a (jmp 0x15e610|jmp 0xfffffffffffffd69|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenMutant : Unknown @ 0x7783010a (jmp 0x15e060|jmp 0xfffffffffffffd59|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateTimer : Unknown @ 0x7783010a (jmp 0x15e5f0|jmp 0xfffffffffffffcc9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenTimer : Unknown @ 0x7783010a (jmp 0x15e070|jmp 0xfffffffffffffcb9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateThreadEx : Unknown @ 0x7783010a (jmp 0x15e6a0|jmp 0xfffffffffffffc29|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtTerminateThread : Unknown @ 0x7783010a (jmp 0x15ec10|jmp 0xfffffffffffffc09|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenThread : Unknown @ 0x7783010a (jmp 0x15e0c0|jmp 0xfffffffffffffc79|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtSuspendThread : Unknown @ 0x7783010a (jmp 0x15d9a0|jmp 0xfffffffffffffbc9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtVdmControl : Unknown @ 0x7783010a (jmp 0x15d700|jmp 0xfffffffffffffd79|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtAlpcSendWaitReceivePort : Unknown @ 0x7783010a (jmp 0x15e980|jmp 0xfffffffffffffb79|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtQueueApcThreadEx : Unknown @ 0x7783010a (jmp 0x15de80|jmp 0xfffffffffffffbb9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtLoadDriver : Unknown @ 0x7783010a (jmp 0x15e140|jmp 0xfffffffffffffe19|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenEventPair : Unknown @ 0x7783010a (jmp 0x15e130|jmp 0xfffffffffffffcf9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateSection : Unknown @ 0x9010a (jmp 0xffffffff889bebc0|jmp 0xfffffffffffffce9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtTerminateThread : Unknown @ 0x9010a (jmp 0xffffffff889bec10|jmp 0xfffffffffffffc09|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtQueryObject : Unknown @ 0x9010a (jmp 0xffffffff889bf0a0|jmp 0xfffffffffffffba9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenProcess : Unknown @ 0x9010a (jmp 0xffffffff889bee60|jmp 0xfffffffffffffc89|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenThread : Unknown @ 0x9010a (jmp 0xffffffff889be0c0|jmp 0xfffffffffffffc79|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtWriteVirtualMemory : Unknown @ 0x9010a (jmp 0xffffffff889bed60|jmp 0xfffffffffffffc49|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtTerminateProcess : Unknown @ 0x9010a (jmp 0xffffffff889bee70|jmp 0xfffffffffffffc19|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateThreadEx : Unknown @ 0x9010a (jmp 0xffffffff889be6a0|jmp 0xfffffffffffffc29|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateThread : Unknown @ 0x9010a (jmp 0xffffffff889bec30|jmp 0xfffffffffffffc39|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtSuspendThread : Unknown @ 0x9010a (jmp 0xffffffff889bd9a0|jmp 0xfffffffffffffbc9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtSetContextThread : Unknown @ 0x9010a (jmp 0xffffffff889bdc20|jmp 0xfffffffffffffbf9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtSetBootOptions : Unknown @ 0x9010a (jmp 0xffffffff889bdaa0|jmp 0xfffffffffffffd89|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenTimer : Unknown @ 0x9010a (jmp 0xffffffff889be070|jmp 0xfffffffffffffcb9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtNotifyChangeMultipleKeys : Unknown @ 0x9010a (jmp 0xffffffff889be300|jmp 0xfffffffffffffb59|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtSuspendProcess : Unknown @ 0x9010a (jmp 0xffffffff889bd9a0|jmp 0xfffffffffffffbd9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateTimer : Unknown @ 0x9010a (jmp 0xffffffff889be5f0|jmp 0xfffffffffffffcc9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtSetSystemInformation : Unknown @ 0x9010a (jmp 0xffffffff889bd850|jmp 0xfffffffffffffe09|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateIoCompletion : Unknown @ 0x9010a (jmp 0xffffffff889be730|jmp 0xfffffffffffffca9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtModifyBootEntry : Unknown @ 0x9010a (jmp 0xffffffff889be0f0|jmp 0xfffffffffffffda9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenMutant : Unknown @ 0x9010a (jmp 0xffffffff889be060|jmp 0xfffffffffffffd59|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtSetSystemPowerState : Unknown @ 0x9010a (jmp 0xffffffff889bd860|jmp 0xfffffffffffffde9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtReplyWaitReceivePortEx : Unknown @ 0x9010a (jmp 0xffffffff889bef10|jmp 0xfffffffffffffb89|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtShutdownSystem : Unknown @ 0x9010a (jmp 0xffffffff889bd7e0|jmp 0xfffffffffffffdf9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenIoCompletion : Unknown @ 0x9010a (jmp 0xffffffff889be180|jmp 0xfffffffffffffc99|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtAddBootEntry : Unknown @ 0x9010a (jmp 0xffffffff889be8f0|jmp 0xfffffffffffffdc9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtReplyWaitReceivePort : Unknown @ 0x9010a (jmp 0xffffffff889bf100|jmp 0xfffffffffffffb99|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtDeleteBootEntry : Unknown @ 0x9010a (jmp 0xffffffff889be460|jmp 0xfffffffffffffdb9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtSetBootEntryOrder : Unknown @ 0x9010a (jmp 0xffffffff889bdaa0|jmp 0xfffffffffffffd99|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenSection : Unknown @ 0x9010a (jmp 0xffffffff889bed00|jmp 0xfffffffffffffcd9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtDebugActiveProcess : Unknown @ 0x9010a (jmp 0xffffffff889be660|jmp 0xfffffffffffffbe9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtAssignProcessToJobObject : Unknown @ 0x9010a (jmp 0xffffffff889be870|jmp 0xfffffffffffffc59|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenEvent : Unknown @ 0x9010a (jmp 0xffffffff889bec30|jmp 0xfffffffffffffd19|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtAlpcSendWaitReceivePort : Unknown @ 0x9010a (jmp 0xffffffff889be980|jmp 0xfffffffffffffb79|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtNotifyChangeKey : Unknown @ 0x9010a (jmp 0xffffffff889be300|jmp 0xfffffffffffffb69|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenEventPair : Unknown @ 0x9010a (jmp 0xffffffff889be130|jmp 0xfffffffffffffcf9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateEvent : Unknown @ 0x9010a (jmp 0xffffffff889beba0|jmp 0xfffffffffffffd29|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateSemaphore : Unknown @ 0x9010a (jmp 0xffffffff889be5a0|jmp 0xfffffffffffffd49|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtSystemDebugControl : Unknown @ 0x9010a (jmp 0xffffffff889bd780|jmp 0xfffffffffffffdd9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateMutant : Unknown @ 0x9010a (jmp 0xffffffff889be610|jmp 0xfffffffffffffd69|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtLoadDriver : Unknown @ 0x9010a (jmp 0xffffffff889be140|jmp 0xfffffffffffffe19|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateEventPair : Unknown @ 0x9010a (jmp 0xffffffff889be6e0|jmp 0xfffffffffffffd09|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtQueueApcThreadEx : Unknown @ 0x9010a (jmp 0xffffffff889bde80|jmp 0xfffffffffffffbb9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtDuplicateObject : Unknown @ 0x9010a (jmp 0xffffffff889bed20|jmp 0xfffffffffffffc69|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenSemaphore : Unknown @ 0x9010a (jmp 0xffffffff889be030|jmp 0xfffffffffffffd39|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateSection : Unknown @ 0x9010a (jmp 0xffffffff889bebc0|jmp 0xfffffffffffffce9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtTerminateThread : Unknown @ 0x9010a (jmp 0xffffffff889bec10|jmp 0xfffffffffffffc09|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtQueryObject : Unknown @ 0x9010a (jmp 0xffffffff889bf0a0|jmp 0xfffffffffffffba9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenProcess : Unknown @ 0x9010a (jmp 0xffffffff889bee60|jmp 0xfffffffffffffc89|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenThread : Unknown @ 0x9010a (jmp 0xffffffff889be0c0|jmp 0xfffffffffffffc79|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtWriteVirtualMemory : Unknown @ 0x9010a (jmp 0xffffffff889bed60|jmp 0xfffffffffffffc49|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtTerminateProcess : Unknown @ 0x9010a (jmp 0xffffffff889bee70|jmp 0xfffffffffffffc19|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateThreadEx : Unknown @ 0x9010a (jmp 0xffffffff889be6a0|jmp 0xfffffffffffffc29|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateThread : Unknown @ 0x9010a (jmp 0xffffffff889bec30|jmp 0xfffffffffffffc39|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtSuspendThread : Unknown @ 0x9010a (jmp 0xffffffff889bd9a0|jmp 0xfffffffffffffbc9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtSetContextThread : Unknown @ 0x9010a (jmp 0xffffffff889bdc20|jmp 0xfffffffffffffbf9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtSetBootOptions : Unknown @ 0x9010a (jmp 0xffffffff889bdaa0|jmp 0xfffffffffffffd89|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenTimer : Unknown @ 0x9010a (jmp 0xffffffff889be070|jmp 0xfffffffffffffcb9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtNotifyChangeMultipleKeys : Unknown @ 0x9010a (jmp 0xffffffff889be300|jmp 0xfffffffffffffb59|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtSuspendProcess : Unknown @ 0x9010a (jmp 0xffffffff889bd9a0|jmp 0xfffffffffffffbd9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateTimer : Unknown @ 0x9010a (jmp 0xffffffff889be5f0|jmp 0xfffffffffffffcc9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtSetSystemInformation : Unknown @ 0x9010a (jmp 0xffffffff889bd850|jmp 0xfffffffffffffe09|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateIoCompletion : Unknown @ 0x9010a (jmp 0xffffffff889be730|jmp 0xfffffffffffffca9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtModifyBootEntry : Unknown @ 0x9010a (jmp 0xffffffff889be0f0|jmp 0xfffffffffffffda9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenMutant : Unknown @ 0x9010a (jmp 0xffffffff889be060|jmp 0xfffffffffffffd59|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtSetSystemPowerState : Unknown @ 0x9010a (jmp 0xffffffff889bd860|jmp 0xfffffffffffffde9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtReplyWaitReceivePortEx : Unknown @ 0x9010a (jmp 0xffffffff889bef10|jmp 0xfffffffffffffb89|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtShutdownSystem : Unknown @ 0x9010a (jmp 0xffffffff889bd7e0|jmp 0xfffffffffffffdf9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenIoCompletion : Unknown @ 0x9010a (jmp 0xffffffff889be180|jmp 0xfffffffffffffc99|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtAddBootEntry : Unknown @ 0x9010a (jmp 0xffffffff889be8f0|jmp 0xfffffffffffffdc9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtReplyWaitReceivePort : Unknown @ 0x9010a (jmp 0xffffffff889bf100|jmp 0xfffffffffffffb99|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtDeleteBootEntry : Unknown @ 0x9010a (jmp 0xffffffff889be460|jmp 0xfffffffffffffdb9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtSetBootEntryOrder : Unknown @ 0x9010a (jmp 0xffffffff889bdaa0|jmp 0xfffffffffffffd99|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenSection : Unknown @ 0x9010a (jmp 0xffffffff889bed00|jmp 0xfffffffffffffcd9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtDebugActiveProcess : Unknown @ 0x9010a (jmp 0xffffffff889be660|jmp 0xfffffffffffffbe9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtAssignProcessToJobObject : Unknown @ 0x9010a (jmp 0xffffffff889be870|jmp 0xfffffffffffffc59|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenEvent : Unknown @ 0x9010a (jmp 0xffffffff889bec30|jmp 0xfffffffffffffd19|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtAlpcSendWaitReceivePort : Unknown @ 0x9010a (jmp 0xffffffff889be980|jmp 0xfffffffffffffb79|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtNotifyChangeKey : Unknown @ 0x9010a (jmp 0xffffffff889be300|jmp 0xfffffffffffffb69|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenEventPair : Unknown @ 0x9010a (jmp 0xffffffff889be130|jmp 0xfffffffffffffcf9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateEvent : Unknown @ 0x9010a (jmp 0xffffffff889beba0|jmp 0xfffffffffffffd29|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateSemaphore : Unknown @ 0x9010a (jmp 0xffffffff889be5a0|jmp 0xfffffffffffffd49|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtSystemDebugControl : Unknown @ 0x9010a (jmp 0xffffffff889bd780|jmp 0xfffffffffffffdd9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateMutant : Unknown @ 0x9010a (jmp 0xffffffff889be610|jmp 0xfffffffffffffd69|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtLoadDriver : Unknown @ 0x9010a (jmp 0xffffffff889be140|jmp 0xfffffffffffffe19|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateEventPair : Unknown @ 0x9010a (jmp 0xffffffff889be6e0|jmp 0xfffffffffffffd09|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtQueueApcThreadEx : Unknown @ 0x9010a (jmp 0xffffffff889bde80|jmp 0xfffffffffffffbb9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtDuplicateObject : Unknown @ 0x9010a (jmp 0xffffffff889bed20|jmp 0xfffffffffffffc69|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenSemaphore : Unknown @ 0x9010a (jmp 0xffffffff889be030|jmp 0xfffffffffffffd39|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateSection : Unknown @ 0x16010a (jmp 0xffffffff88a8ebc0|jmp 0xfffffffffffffce9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtTerminateThread : Unknown @ 0x16010a (jmp 0xffffffff88a8ec10|jmp 0xfffffffffffffc09|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtQueryObject : Unknown @ 0x16010a (jmp 0xffffffff88a8f0a0|jmp 0xfffffffffffffba9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenProcess : Unknown @ 0x16010a (jmp 0xffffffff88a8ee60|jmp 0xfffffffffffffc89|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenThread : Unknown @ 0x16010a (jmp 0xffffffff88a8e0c0|jmp 0xfffffffffffffc79|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtWriteVirtualMemory : Unknown @ 0x16010a (jmp 0xffffffff88a8ed60|jmp 0xfffffffffffffc49|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtTerminateProcess : Unknown @ 0x16010a (jmp 0xffffffff88a8ee70|jmp 0xfffffffffffffc19|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateThreadEx : Unknown @ 0x16010a (jmp 0xffffffff88a8e6a0|jmp 0xfffffffffffffc29|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateThread : Unknown @ 0x16010a (jmp 0xffffffff88a8ec30|jmp 0xfffffffffffffc39|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtSuspendThread : Unknown @ 0x16010a (jmp 0xffffffff88a8d9a0|jmp 0xfffffffffffffbc9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtSetContextThread : Unknown @ 0x16010a (jmp 0xffffffff88a8dc20|jmp 0xfffffffffffffbf9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtSetBootOptions : Unknown @ 0x16010a (jmp 0xffffffff88a8daa0|jmp 0xfffffffffffffd89|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenTimer : Unknown @ 0x16010a (jmp 0xffffffff88a8e070|jmp 0xfffffffffffffcb9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtNotifyChangeMultipleKeys : Unknown @ 0x16010a (jmp 0xffffffff88a8e300|jmp 0xfffffffffffffb59|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtSuspendProcess : Unknown @ 0x16010a (jmp 0xffffffff88a8d9a0|jmp 0xfffffffffffffbd9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateTimer : Unknown @ 0x16010a (jmp 0xffffffff88a8e5f0|jmp 0xfffffffffffffcc9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtSetSystemInformation : Unknown @ 0x16010a (jmp 0xffffffff88a8d850|jmp 0xfffffffffffffe09|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateIoCompletion : Unknown @ 0x16010a (jmp 0xffffffff88a8e730|jmp 0xfffffffffffffca9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtModifyBootEntry : Unknown @ 0x16010a (jmp 0xffffffff88a8e0f0|jmp 0xfffffffffffffda9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenMutant : Unknown @ 0x16010a (jmp 0xffffffff88a8e060|jmp 0xfffffffffffffd59|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtSetSystemPowerState : Unknown @ 0x16010a (jmp 0xffffffff88a8d860|jmp 0xfffffffffffffde9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtReplyWaitReceivePortEx : Unknown @ 0x16010a (jmp 0xffffffff88a8ef10|jmp 0xfffffffffffffb89|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtShutdownSystem : Unknown @ 0x16010a (jmp 0xffffffff88a8d7e0|jmp 0xfffffffffffffdf9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenIoCompletion : Unknown @ 0x16010a (jmp 0xffffffff88a8e180|jmp 0xfffffffffffffc99|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtAddBootEntry : Unknown @ 0x16010a (jmp 0xffffffff88a8e8f0|jmp 0xfffffffffffffdc9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtReplyWaitReceivePort : Unknown @ 0x16010a (jmp 0xffffffff88a8f100|jmp 0xfffffffffffffb99|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtDeleteBootEntry : Unknown @ 0x16010a (jmp 0xffffffff88a8e460|jmp 0xfffffffffffffdb9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtSetBootEntryOrder : Unknown @ 0x16010a (jmp 0xffffffff88a8daa0|jmp 0xfffffffffffffd99|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenSection : Unknown @ 0x16010a (jmp 0xffffffff88a8ed00|jmp 0xfffffffffffffcd9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtDebugActiveProcess : Unknown @ 0x16010a (jmp 0xffffffff88a8e660|jmp 0xfffffffffffffbe9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtAssignProcessToJobObject : Unknown @ 0x16010a (jmp 0xffffffff88a8e870|jmp 0xfffffffffffffc59|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenEvent : Unknown @ 0x16010a (jmp 0xffffffff88a8ec30|jmp 0xfffffffffffffd19|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtAlpcSendWaitReceivePort : Unknown @ 0x16010a (jmp 0xffffffff88a8e980|jmp 0xfffffffffffffb79|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtNotifyChangeKey : Unknown @ 0x16010a (jmp 0xffffffff88a8e300|jmp 0xfffffffffffffb69|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenEventPair : Unknown @ 0x16010a (jmp 0xffffffff88a8e130|jmp 0xfffffffffffffcf9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateEvent : Unknown @ 0x16010a (jmp 0xffffffff88a8eba0|jmp 0xfffffffffffffd29|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateSemaphore : Unknown @ 0x16010a (jmp 0xffffffff88a8e5a0|jmp 0xfffffffffffffd49|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtSystemDebugControl : Unknown @ 0x16010a (jmp 0xffffffff88a8d780|jmp 0xfffffffffffffdd9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateMutant : Unknown @ 0x16010a (jmp 0xffffffff88a8e610|jmp 0xfffffffffffffd69|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtLoadDriver : Unknown @ 0x16010a (jmp 0xffffffff88a8e140|jmp 0xfffffffffffffe19|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateEventPair : Unknown @ 0x16010a (jmp 0xffffffff88a8e6e0|jmp 0xfffffffffffffd09|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtQueueApcThreadEx : Unknown @ 0x16010a (jmp 0xffffffff88a8de80|jmp 0xfffffffffffffbb9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtDuplicateObject : Unknown @ 0x16010a (jmp 0xffffffff88a8ed20|jmp 0xfffffffffffffc69|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenSemaphore : Unknown @ 0x16010a (jmp 0xffffffff88a8e030|jmp 0xfffffffffffffd39|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtWriteVirtualMemory : Unknown @ 0x7783010a (jmp 0x15ed60|jmp 0xfffffffffffffc49|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtDuplicateObject : Unknown @ 0x7783010a (jmp 0x15ed20|jmp 0xfffffffffffffc69|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateEvent : Unknown @ 0x7783010a (jmp 0x15eba0|jmp 0xfffffffffffffd29|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtNotifyChangeKey : Unknown @ 0x7783010a (jmp 0x15e300|jmp 0xfffffffffffffb69|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtTerminateProcess : Unknown @ 0x7783010a (jmp 0x15ee70|jmp 0xfffffffffffffc19|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenEvent : Unknown @ 0x7783010a (jmp 0x15ec30|jmp 0xfffffffffffffd19|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtAssignProcessToJobObject : Unknown @ 0x7783010a (jmp 0x15e870|jmp 0xfffffffffffffc59|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtSetContextThread : Unknown @ 0x7783010a (jmp 0x15dc20|jmp 0xfffffffffffffbf9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - LdrUnloadDll : Unknown @ 0x31075c (jmp 0xffffffff88c6cc4b)
[IAT:Inl] (iexplore.exe) ntdll.dll - LdrLoadDll : Unknown @ 0x3103a4 (jmp 0xffffffff88c688e3)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateSection : Unknown @ 0x7783010a (jmp 0x15ebc0|jmp 0xfffffffffffffce9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenProcess : Unknown @ 0x7783010a (jmp 0x15ee60|jmp 0xfffffffffffffc89|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtSetSystemInformation : Unknown @ 0x7783010a (jmp 0x15d850|jmp 0xfffffffffffffe09|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtNotifyChangeMultipleKeys : Unknown @ 0x7783010a (jmp 0x15e300|jmp 0xfffffffffffffb59|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtQueryObject : Unknown @ 0x7783010a (jmp 0x15f0a0|jmp 0xfffffffffffffba9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateIoCompletion : Unknown @ 0x7783010a (jmp 0x15e730|jmp 0xfffffffffffffca9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenSection : Unknown @ 0x7783010a (jmp 0x15ed00|jmp 0xfffffffffffffcd9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateSemaphore : Unknown @ 0x7783010a (jmp 0x15e5a0|jmp 0xfffffffffffffd49|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenSemaphore : Unknown @ 0x7783010a (jmp 0x15e030|jmp 0xfffffffffffffd39|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateMutant : Unknown @ 0x7783010a (jmp 0x15e610|jmp 0xfffffffffffffd69|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenMutant : Unknown @ 0x7783010a (jmp 0x15e060|jmp 0xfffffffffffffd59|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateTimer : Unknown @ 0x7783010a (jmp 0x15e5f0|jmp 0xfffffffffffffcc9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenTimer : Unknown @ 0x7783010a (jmp 0x15e070|jmp 0xfffffffffffffcb9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateThreadEx : Unknown @ 0x7783010a (jmp 0x15e6a0|jmp 0xfffffffffffffc29|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtTerminateThread : Unknown @ 0x7783010a (jmp 0x15ec10|jmp 0xfffffffffffffc09|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenThread : Unknown @ 0x7783010a (jmp 0x15e0c0|jmp 0xfffffffffffffc79|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtSuspendThread : Unknown @ 0x7783010a (jmp 0x15d9a0|jmp 0xfffffffffffffbc9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtVdmControl : Unknown @ 0x7783010a (jmp 0x15d700|jmp 0xfffffffffffffd79|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtAlpcSendWaitReceivePort : Unknown @ 0x7783010a (jmp 0x15e980|jmp 0xfffffffffffffb79|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtQueueApcThreadEx : Unknown @ 0x7783010a (jmp 0x15de80|jmp 0xfffffffffffffbb9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtLoadDriver : Unknown @ 0x7783010a (jmp 0x15e140|jmp 0xfffffffffffffe19|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenEventPair : Unknown @ 0x7783010a (jmp 0x15e130|jmp 0xfffffffffffffcf9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateSection : Unknown @ 0x1c010a (jmp 0xffffffff88aeebc0|jmp 0xfffffffffffffce9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtTerminateThread : Unknown @ 0x1c010a (jmp 0xffffffff88aeec10|jmp 0xfffffffffffffc09|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtQueryObject : Unknown @ 0x1c010a (jmp 0xffffffff88aef0a0|jmp 0xfffffffffffffba9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenProcess : Unknown @ 0x1c010a (jmp 0xffffffff88aeee60|jmp 0xfffffffffffffc89|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenThread : Unknown @ 0x1c010a (jmp 0xffffffff88aee0c0|jmp 0xfffffffffffffc79|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtWriteVirtualMemory : Unknown @ 0x1c010a (jmp 0xffffffff88aeed60|jmp 0xfffffffffffffc49|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtTerminateProcess : Unknown @ 0x1c010a (jmp 0xffffffff88aeee70|jmp 0xfffffffffffffc19|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateThreadEx : Unknown @ 0x1c010a (jmp 0xffffffff88aee6a0|jmp 0xfffffffffffffc29|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateThread : Unknown @ 0x1c010a (jmp 0xffffffff88aeec30|jmp 0xfffffffffffffc39|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtSuspendThread : Unknown @ 0x1c010a (jmp 0xffffffff88aed9a0|jmp 0xfffffffffffffbc9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtSetContextThread : Unknown @ 0x1c010a (jmp 0xffffffff88aedc20|jmp 0xfffffffffffffbf9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtSetBootOptions : Unknown @ 0x1c010a (jmp 0xffffffff88aedaa0|jmp 0xfffffffffffffd89|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenTimer : Unknown @ 0x1c010a (jmp 0xffffffff88aee070|jmp 0xfffffffffffffcb9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtNotifyChangeMultipleKeys : Unknown @ 0x1c010a (jmp 0xffffffff88aee300|jmp 0xfffffffffffffb59|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtSuspendProcess : Unknown @ 0x1c010a (jmp 0xffffffff88aed9a0|jmp 0xfffffffffffffbd9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateTimer : Unknown @ 0x1c010a (jmp 0xffffffff88aee5f0|jmp 0xfffffffffffffcc9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtSetSystemInformation : Unknown @ 0x1c010a (jmp 0xffffffff88aed850|jmp 0xfffffffffffffe09|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateIoCompletion : Unknown @ 0x1c010a (jmp 0xffffffff88aee730|jmp 0xfffffffffffffca9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtModifyBootEntry : Unknown @ 0x1c010a (jmp 0xffffffff88aee0f0|jmp 0xfffffffffffffda9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenMutant : Unknown @ 0x1c010a (jmp 0xffffffff88aee060|jmp 0xfffffffffffffd59|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtSetSystemPowerState : Unknown @ 0x1c010a (jmp 0xffffffff88aed860|jmp 0xfffffffffffffde9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtReplyWaitReceivePortEx : Unknown @ 0x1c010a (jmp 0xffffffff88aeef10|jmp 0xfffffffffffffb89|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtShutdownSystem : Unknown @ 0x1c010a (jmp 0xffffffff88aed7e0|jmp 0xfffffffffffffdf9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenIoCompletion : Unknown @ 0x1c010a (jmp 0xffffffff88aee180|jmp 0xfffffffffffffc99|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtAddBootEntry : Unknown @ 0x1c010a (jmp 0xffffffff88aee8f0|jmp 0xfffffffffffffdc9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtReplyWaitReceivePort : Unknown @ 0x1c010a (jmp 0xffffffff88aef100|jmp 0xfffffffffffffb99|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtDeleteBootEntry : Unknown @ 0x1c010a (jmp 0xffffffff88aee460|jmp 0xfffffffffffffdb9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtSetBootEntryOrder : Unknown @ 0x1c010a (jmp 0xffffffff88aedaa0|jmp 0xfffffffffffffd99|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenSection : Unknown @ 0x1c010a (jmp 0xffffffff88aeed00|jmp 0xfffffffffffffcd9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtDebugActiveProcess : Unknown @ 0x1c010a (jmp 0xffffffff88aee660|jmp 0xfffffffffffffbe9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtAssignProcessToJobObject : Unknown @ 0x1c010a (jmp 0xffffffff88aee870|jmp 0xfffffffffffffc59|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenEvent : Unknown @ 0x1c010a (jmp 0xffffffff88aeec30|jmp 0xfffffffffffffd19|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtAlpcSendWaitReceivePort : Unknown @ 0x1c010a (jmp 0xffffffff88aee980|jmp 0xfffffffffffffb79|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtNotifyChangeKey : Unknown @ 0x1c010a (jmp 0xffffffff88aee300|jmp 0xfffffffffffffb69|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenEventPair : Unknown @ 0x1c010a (jmp 0xffffffff88aee130|jmp 0xfffffffffffffcf9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateEvent : Unknown @ 0x1c010a (jmp 0xffffffff88aeeba0|jmp 0xfffffffffffffd29|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateSemaphore : Unknown @ 0x1c010a (jmp 0xffffffff88aee5a0|jmp 0xfffffffffffffd49|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtSystemDebugControl : Unknown @ 0x1c010a (jmp 0xffffffff88aed780|jmp 0xfffffffffffffdd9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateMutant : Unknown @ 0x1c010a (jmp 0xffffffff88aee610|jmp 0xfffffffffffffd69|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtLoadDriver : Unknown @ 0x1c010a (jmp 0xffffffff88aee140|jmp 0xfffffffffffffe19|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateEventPair : Unknown @ 0x1c010a (jmp 0xffffffff88aee6e0|jmp 0xfffffffffffffd09|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtQueueApcThreadEx : Unknown @ 0x1c010a (jmp 0xffffffff88aede80|jmp 0xfffffffffffffbb9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtDuplicateObject : Unknown @ 0x1c010a (jmp 0xffffffff88aeed20|jmp 0xfffffffffffffc69|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenSemaphore : Unknown @ 0x1c010a (jmp 0xffffffff88aee030|jmp 0xfffffffffffffd39|jmp 0xfffffffffffffff0)
¤¤¤ Navigateurs web : 0 ¤¤¤
¤¤¤ Vérification MBR : ¤¤¤
+++++ PhysicalDrive0: Hitachi HTS547564A9E384 SATA Disk Device +++++
--- User ---
[MBR] 848cb1f4eac3b7ad312756f9cf46a512
[BSP] ddd2d81b5a29a7518ddd6ca6da314989 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 199 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 409600 | Size: 594805 MB
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 1218570240 | Size: 15371 MB
3 - [XXXXXX] FAT32-LBA (0xc) [VISIBLE] Offset (sectors): 1250050048 | Size: 103 MB
User = LL1 ... OK
User != LL2 ... KO!
--- LL2 ---
[MBR] 028b9a1b9ea2e09ba85a9cd383fb78ea
[BSP] cf9cf52156668724161933bc11a9a364 : Unknown MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 409600 | Size: 77824 MB
1 - [ACTIVE] FAT32-LBA (0xc) [VISIBLE] Offset (sectors): 159793152 | Size: 400 MB
============================================
RKreport_SCN_01052015_224958.log - RKreport_DEL_01052015_225356.log
email : https://www.adlice.com/contact/
Remontées : https://forum.adlice.com/
Site web : https://www.adlice.com/fr/roguekiller/
Blog : https://www.adlice.com/
Système d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Démarré en : Mode normal
Utilisateur : jean-françois [Administrateur]
Mode : Suppression -- Date : 01/05/2015 22:54:32
¤¤¤ Processus : 0 ¤¤¤
¤¤¤ Registre : 11 ¤¤¤
[Suspicious.Path] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | Magic Desktop for HP notification : "C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe" [7] -> ERROR [0]
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{0020C4E3-95AA-4AF8-BAF1-1253FE26FDFF} | NameServer : [(Unknown Country?) (XX)][(Unknown Country?) (XX)] -> Remplacé(e) ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{7608C2F4-98ED-4EC2-AD35-AD31CC70CCDA} | NameServer : [(Unknown Country?) (XX)][(Unknown Country?) (XX)] -> Remplacé(e) ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{0020C4E3-95AA-4AF8-BAF1-1253FE26FDFF} | NameServer : [(Unknown Country?) (XX)][(Unknown Country?) (XX)] -> Remplacé(e) ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{7608C2F4-98ED-4EC2-AD35-AD31CC70CCDA} | NameServer : [(Unknown Country?) (XX)][(Unknown Country?) (XX)] -> Remplacé(e) ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{0020C4E3-95AA-4AF8-BAF1-1253FE26FDFF} | NameServer : [(Unknown Country?) (XX)][(Unknown Country?) (XX)] -> Remplacé(e) ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{7608C2F4-98ED-4EC2-AD35-AD31CC70CCDA} | NameServer : [(Unknown Country?) (XX)][(Unknown Country?) (XX)] -> Remplacé(e) ()
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 2 -> Remplacé(e) (2)
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 2 -> Remplacé(e) (2)
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 0 -> Remplacé(e) (0)
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 0 -> Remplacé(e) (0)
¤¤¤ Tâches : 0 ¤¤¤
¤¤¤ Fichiers : 0 ¤¤¤
¤¤¤ Fichier Hosts : 2 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost
[C:\Windows\System32\drivers\etc\hosts] ::1 localhost
¤¤¤ Antirootkit : 270 (Driver: Chargé) ¤¤¤
[IAT:Inl] (explorer.exe) ntdll.dll - NtSetSystemInformation : Unknown @ 0x7783010a (jmp 0x15d850|jmp 0xfffffffffffffe09|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtWriteVirtualMemory : Unknown @ 0x7783010a (jmp 0x15ed60|jmp 0xfffffffffffffc49|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtDuplicateObject : Unknown @ 0x7783010a (jmp 0x15ed20|jmp 0xfffffffffffffc69|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtCreateEvent : Unknown @ 0x7783010a (jmp 0x15eba0|jmp 0xfffffffffffffd29|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtNotifyChangeKey : Unknown @ 0x7783010a (jmp 0x15e300|jmp 0xfffffffffffffb69|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtTerminateProcess : Unknown @ 0x7783010a (jmp 0x15ee70|jmp 0xfffffffffffffc19|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtOpenEvent : Unknown @ 0x7783010a (jmp 0x15ec30|jmp 0xfffffffffffffd19|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtAssignProcessToJobObject : Unknown @ 0x7783010a (jmp 0x15e870|jmp 0xfffffffffffffc59|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtSetContextThread : Unknown @ 0x7783010a (jmp 0x15dc20|jmp 0xfffffffffffffbf9|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtCreateSection : Unknown @ 0x7783010a (jmp 0x15ebc0|jmp 0xfffffffffffffce9|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtOpenProcess : Unknown @ 0x7783010a (jmp 0x15ee60|jmp 0xfffffffffffffc89|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtNotifyChangeMultipleKeys : Unknown @ 0x7783010a (jmp 0x15e300|jmp 0xfffffffffffffb59|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtQueryObject : Unknown @ 0x7783010a (jmp 0x15f0a0|jmp 0xfffffffffffffba9|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtCreateIoCompletion : Unknown @ 0x7783010a (jmp 0x15e730|jmp 0xfffffffffffffca9|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtOpenSection : Unknown @ 0x7783010a (jmp 0x15ed00|jmp 0xfffffffffffffcd9|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtCreateSemaphore : Unknown @ 0x7783010a (jmp 0x15e5a0|jmp 0xfffffffffffffd49|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtOpenSemaphore : Unknown @ 0x7783010a (jmp 0x15e030|jmp 0xfffffffffffffd39|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtCreateMutant : Unknown @ 0x7783010a (jmp 0x15e610|jmp 0xfffffffffffffd69|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtOpenMutant : Unknown @ 0x7783010a (jmp 0x15e060|jmp 0xfffffffffffffd59|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtCreateTimer : Unknown @ 0x7783010a (jmp 0x15e5f0|jmp 0xfffffffffffffcc9|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtOpenTimer : Unknown @ 0x7783010a (jmp 0x15e070|jmp 0xfffffffffffffcb9|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtCreateThreadEx : Unknown @ 0x7783010a (jmp 0x15e6a0|jmp 0xfffffffffffffc29|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtTerminateThread : Unknown @ 0x7783010a (jmp 0x15ec10|jmp 0xfffffffffffffc09|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtOpenThread : Unknown @ 0x7783010a (jmp 0x15e0c0|jmp 0xfffffffffffffc79|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtSuspendThread : Unknown @ 0x7783010a (jmp 0x15d9a0|jmp 0xfffffffffffffbc9|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtAlpcSendWaitReceivePort : Unknown @ 0x7783010a (jmp 0x15e980|jmp 0xfffffffffffffb79|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtQueueApcThreadEx : Unknown @ 0x7783010a (jmp 0x15de80|jmp 0xfffffffffffffbb9|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtVdmControl : Unknown @ 0x7783010a (jmp 0x15d700|jmp 0xfffffffffffffd79|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtLoadDriver : Unknown @ 0x7783010a (jmp 0x15e140|jmp 0xfffffffffffffe19|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtOpenEventPair : Unknown @ 0x7783010a (jmp 0x15e130|jmp 0xfffffffffffffcf9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtWriteVirtualMemory : Unknown @ 0x7783010a (jmp 0x15ed60|jmp 0xfffffffffffffc49|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtDuplicateObject : Unknown @ 0x7783010a (jmp 0x15ed20|jmp 0xfffffffffffffc69|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateEvent : Unknown @ 0x7783010a (jmp 0x15eba0|jmp 0xfffffffffffffd29|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtNotifyChangeKey : Unknown @ 0x7783010a (jmp 0x15e300|jmp 0xfffffffffffffb69|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtTerminateProcess : Unknown @ 0x7783010a (jmp 0x15ee70|jmp 0xfffffffffffffc19|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenEvent : Unknown @ 0x7783010a (jmp 0x15ec30|jmp 0xfffffffffffffd19|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtAssignProcessToJobObject : Unknown @ 0x7783010a (jmp 0x15e870|jmp 0xfffffffffffffc59|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtSetContextThread : Unknown @ 0x7783010a (jmp 0x15dc20|jmp 0xfffffffffffffbf9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - LdrUnloadDll : Unknown @ 0x22075c (jmp 0xffffffff88b7cc4b)
[IAT:Inl] (iexplore.exe) ntdll.dll - LdrLoadDll : Unknown @ 0x2203a4 (jmp 0xffffffff88b788e3)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateSection : Unknown @ 0x7783010a (jmp 0x15ebc0|jmp 0xfffffffffffffce9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenProcess : Unknown @ 0x7783010a (jmp 0x15ee60|jmp 0xfffffffffffffc89|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtSetSystemInformation : Unknown @ 0x7783010a (jmp 0x15d850|jmp 0xfffffffffffffe09|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtNotifyChangeMultipleKeys : Unknown @ 0x7783010a (jmp 0x15e300|jmp 0xfffffffffffffb59|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtQueryObject : Unknown @ 0x7783010a (jmp 0x15f0a0|jmp 0xfffffffffffffba9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateIoCompletion : Unknown @ 0x7783010a (jmp 0x15e730|jmp 0xfffffffffffffca9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenSection : Unknown @ 0x7783010a (jmp 0x15ed00|jmp 0xfffffffffffffcd9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateSemaphore : Unknown @ 0x7783010a (jmp 0x15e5a0|jmp 0xfffffffffffffd49|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenSemaphore : Unknown @ 0x7783010a (jmp 0x15e030|jmp 0xfffffffffffffd39|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateMutant : Unknown @ 0x7783010a (jmp 0x15e610|jmp 0xfffffffffffffd69|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenMutant : Unknown @ 0x7783010a (jmp 0x15e060|jmp 0xfffffffffffffd59|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateTimer : Unknown @ 0x7783010a (jmp 0x15e5f0|jmp 0xfffffffffffffcc9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenTimer : Unknown @ 0x7783010a (jmp 0x15e070|jmp 0xfffffffffffffcb9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateThreadEx : Unknown @ 0x7783010a (jmp 0x15e6a0|jmp 0xfffffffffffffc29|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtTerminateThread : Unknown @ 0x7783010a (jmp 0x15ec10|jmp 0xfffffffffffffc09|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenThread : Unknown @ 0x7783010a (jmp 0x15e0c0|jmp 0xfffffffffffffc79|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtSuspendThread : Unknown @ 0x7783010a (jmp 0x15d9a0|jmp 0xfffffffffffffbc9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtVdmControl : Unknown @ 0x7783010a (jmp 0x15d700|jmp 0xfffffffffffffd79|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtAlpcSendWaitReceivePort : Unknown @ 0x7783010a (jmp 0x15e980|jmp 0xfffffffffffffb79|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtQueueApcThreadEx : Unknown @ 0x7783010a (jmp 0x15de80|jmp 0xfffffffffffffbb9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtLoadDriver : Unknown @ 0x7783010a (jmp 0x15e140|jmp 0xfffffffffffffe19|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenEventPair : Unknown @ 0x7783010a (jmp 0x15e130|jmp 0xfffffffffffffcf9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateSection : Unknown @ 0x9010a (jmp 0xffffffff889bebc0|jmp 0xfffffffffffffce9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtTerminateThread : Unknown @ 0x9010a (jmp 0xffffffff889bec10|jmp 0xfffffffffffffc09|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtQueryObject : Unknown @ 0x9010a (jmp 0xffffffff889bf0a0|jmp 0xfffffffffffffba9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenProcess : Unknown @ 0x9010a (jmp 0xffffffff889bee60|jmp 0xfffffffffffffc89|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenThread : Unknown @ 0x9010a (jmp 0xffffffff889be0c0|jmp 0xfffffffffffffc79|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtWriteVirtualMemory : Unknown @ 0x9010a (jmp 0xffffffff889bed60|jmp 0xfffffffffffffc49|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtTerminateProcess : Unknown @ 0x9010a (jmp 0xffffffff889bee70|jmp 0xfffffffffffffc19|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateThreadEx : Unknown @ 0x9010a (jmp 0xffffffff889be6a0|jmp 0xfffffffffffffc29|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateThread : Unknown @ 0x9010a (jmp 0xffffffff889bec30|jmp 0xfffffffffffffc39|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtSuspendThread : Unknown @ 0x9010a (jmp 0xffffffff889bd9a0|jmp 0xfffffffffffffbc9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtSetContextThread : Unknown @ 0x9010a (jmp 0xffffffff889bdc20|jmp 0xfffffffffffffbf9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtSetBootOptions : Unknown @ 0x9010a (jmp 0xffffffff889bdaa0|jmp 0xfffffffffffffd89|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenTimer : Unknown @ 0x9010a (jmp 0xffffffff889be070|jmp 0xfffffffffffffcb9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtNotifyChangeMultipleKeys : Unknown @ 0x9010a (jmp 0xffffffff889be300|jmp 0xfffffffffffffb59|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtSuspendProcess : Unknown @ 0x9010a (jmp 0xffffffff889bd9a0|jmp 0xfffffffffffffbd9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateTimer : Unknown @ 0x9010a (jmp 0xffffffff889be5f0|jmp 0xfffffffffffffcc9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtSetSystemInformation : Unknown @ 0x9010a (jmp 0xffffffff889bd850|jmp 0xfffffffffffffe09|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateIoCompletion : Unknown @ 0x9010a (jmp 0xffffffff889be730|jmp 0xfffffffffffffca9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtModifyBootEntry : Unknown @ 0x9010a (jmp 0xffffffff889be0f0|jmp 0xfffffffffffffda9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenMutant : Unknown @ 0x9010a (jmp 0xffffffff889be060|jmp 0xfffffffffffffd59|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtSetSystemPowerState : Unknown @ 0x9010a (jmp 0xffffffff889bd860|jmp 0xfffffffffffffde9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtReplyWaitReceivePortEx : Unknown @ 0x9010a (jmp 0xffffffff889bef10|jmp 0xfffffffffffffb89|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtShutdownSystem : Unknown @ 0x9010a (jmp 0xffffffff889bd7e0|jmp 0xfffffffffffffdf9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenIoCompletion : Unknown @ 0x9010a (jmp 0xffffffff889be180|jmp 0xfffffffffffffc99|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtAddBootEntry : Unknown @ 0x9010a (jmp 0xffffffff889be8f0|jmp 0xfffffffffffffdc9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtReplyWaitReceivePort : Unknown @ 0x9010a (jmp 0xffffffff889bf100|jmp 0xfffffffffffffb99|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtDeleteBootEntry : Unknown @ 0x9010a (jmp 0xffffffff889be460|jmp 0xfffffffffffffdb9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtSetBootEntryOrder : Unknown @ 0x9010a (jmp 0xffffffff889bdaa0|jmp 0xfffffffffffffd99|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenSection : Unknown @ 0x9010a (jmp 0xffffffff889bed00|jmp 0xfffffffffffffcd9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtDebugActiveProcess : Unknown @ 0x9010a (jmp 0xffffffff889be660|jmp 0xfffffffffffffbe9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtAssignProcessToJobObject : Unknown @ 0x9010a (jmp 0xffffffff889be870|jmp 0xfffffffffffffc59|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenEvent : Unknown @ 0x9010a (jmp 0xffffffff889bec30|jmp 0xfffffffffffffd19|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtAlpcSendWaitReceivePort : Unknown @ 0x9010a (jmp 0xffffffff889be980|jmp 0xfffffffffffffb79|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtNotifyChangeKey : Unknown @ 0x9010a (jmp 0xffffffff889be300|jmp 0xfffffffffffffb69|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenEventPair : Unknown @ 0x9010a (jmp 0xffffffff889be130|jmp 0xfffffffffffffcf9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateEvent : Unknown @ 0x9010a (jmp 0xffffffff889beba0|jmp 0xfffffffffffffd29|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateSemaphore : Unknown @ 0x9010a (jmp 0xffffffff889be5a0|jmp 0xfffffffffffffd49|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtSystemDebugControl : Unknown @ 0x9010a (jmp 0xffffffff889bd780|jmp 0xfffffffffffffdd9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateMutant : Unknown @ 0x9010a (jmp 0xffffffff889be610|jmp 0xfffffffffffffd69|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtLoadDriver : Unknown @ 0x9010a (jmp 0xffffffff889be140|jmp 0xfffffffffffffe19|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateEventPair : Unknown @ 0x9010a (jmp 0xffffffff889be6e0|jmp 0xfffffffffffffd09|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtQueueApcThreadEx : Unknown @ 0x9010a (jmp 0xffffffff889bde80|jmp 0xfffffffffffffbb9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtDuplicateObject : Unknown @ 0x9010a (jmp 0xffffffff889bed20|jmp 0xfffffffffffffc69|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenSemaphore : Unknown @ 0x9010a (jmp 0xffffffff889be030|jmp 0xfffffffffffffd39|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateSection : Unknown @ 0x9010a (jmp 0xffffffff889bebc0|jmp 0xfffffffffffffce9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtTerminateThread : Unknown @ 0x9010a (jmp 0xffffffff889bec10|jmp 0xfffffffffffffc09|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtQueryObject : Unknown @ 0x9010a (jmp 0xffffffff889bf0a0|jmp 0xfffffffffffffba9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenProcess : Unknown @ 0x9010a (jmp 0xffffffff889bee60|jmp 0xfffffffffffffc89|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenThread : Unknown @ 0x9010a (jmp 0xffffffff889be0c0|jmp 0xfffffffffffffc79|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtWriteVirtualMemory : Unknown @ 0x9010a (jmp 0xffffffff889bed60|jmp 0xfffffffffffffc49|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtTerminateProcess : Unknown @ 0x9010a (jmp 0xffffffff889bee70|jmp 0xfffffffffffffc19|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateThreadEx : Unknown @ 0x9010a (jmp 0xffffffff889be6a0|jmp 0xfffffffffffffc29|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateThread : Unknown @ 0x9010a (jmp 0xffffffff889bec30|jmp 0xfffffffffffffc39|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtSuspendThread : Unknown @ 0x9010a (jmp 0xffffffff889bd9a0|jmp 0xfffffffffffffbc9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtSetContextThread : Unknown @ 0x9010a (jmp 0xffffffff889bdc20|jmp 0xfffffffffffffbf9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtSetBootOptions : Unknown @ 0x9010a (jmp 0xffffffff889bdaa0|jmp 0xfffffffffffffd89|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenTimer : Unknown @ 0x9010a (jmp 0xffffffff889be070|jmp 0xfffffffffffffcb9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtNotifyChangeMultipleKeys : Unknown @ 0x9010a (jmp 0xffffffff889be300|jmp 0xfffffffffffffb59|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtSuspendProcess : Unknown @ 0x9010a (jmp 0xffffffff889bd9a0|jmp 0xfffffffffffffbd9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateTimer : Unknown @ 0x9010a (jmp 0xffffffff889be5f0|jmp 0xfffffffffffffcc9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtSetSystemInformation : Unknown @ 0x9010a (jmp 0xffffffff889bd850|jmp 0xfffffffffffffe09|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateIoCompletion : Unknown @ 0x9010a (jmp 0xffffffff889be730|jmp 0xfffffffffffffca9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtModifyBootEntry : Unknown @ 0x9010a (jmp 0xffffffff889be0f0|jmp 0xfffffffffffffda9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenMutant : Unknown @ 0x9010a (jmp 0xffffffff889be060|jmp 0xfffffffffffffd59|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtSetSystemPowerState : Unknown @ 0x9010a (jmp 0xffffffff889bd860|jmp 0xfffffffffffffde9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtReplyWaitReceivePortEx : Unknown @ 0x9010a (jmp 0xffffffff889bef10|jmp 0xfffffffffffffb89|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtShutdownSystem : Unknown @ 0x9010a (jmp 0xffffffff889bd7e0|jmp 0xfffffffffffffdf9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenIoCompletion : Unknown @ 0x9010a (jmp 0xffffffff889be180|jmp 0xfffffffffffffc99|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtAddBootEntry : Unknown @ 0x9010a (jmp 0xffffffff889be8f0|jmp 0xfffffffffffffdc9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtReplyWaitReceivePort : Unknown @ 0x9010a (jmp 0xffffffff889bf100|jmp 0xfffffffffffffb99|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtDeleteBootEntry : Unknown @ 0x9010a (jmp 0xffffffff889be460|jmp 0xfffffffffffffdb9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtSetBootEntryOrder : Unknown @ 0x9010a (jmp 0xffffffff889bdaa0|jmp 0xfffffffffffffd99|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenSection : Unknown @ 0x9010a (jmp 0xffffffff889bed00|jmp 0xfffffffffffffcd9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtDebugActiveProcess : Unknown @ 0x9010a (jmp 0xffffffff889be660|jmp 0xfffffffffffffbe9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtAssignProcessToJobObject : Unknown @ 0x9010a (jmp 0xffffffff889be870|jmp 0xfffffffffffffc59|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenEvent : Unknown @ 0x9010a (jmp 0xffffffff889bec30|jmp 0xfffffffffffffd19|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtAlpcSendWaitReceivePort : Unknown @ 0x9010a (jmp 0xffffffff889be980|jmp 0xfffffffffffffb79|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtNotifyChangeKey : Unknown @ 0x9010a (jmp 0xffffffff889be300|jmp 0xfffffffffffffb69|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenEventPair : Unknown @ 0x9010a (jmp 0xffffffff889be130|jmp 0xfffffffffffffcf9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateEvent : Unknown @ 0x9010a (jmp 0xffffffff889beba0|jmp 0xfffffffffffffd29|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateSemaphore : Unknown @ 0x9010a (jmp 0xffffffff889be5a0|jmp 0xfffffffffffffd49|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtSystemDebugControl : Unknown @ 0x9010a (jmp 0xffffffff889bd780|jmp 0xfffffffffffffdd9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateMutant : Unknown @ 0x9010a (jmp 0xffffffff889be610|jmp 0xfffffffffffffd69|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtLoadDriver : Unknown @ 0x9010a (jmp 0xffffffff889be140|jmp 0xfffffffffffffe19|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateEventPair : Unknown @ 0x9010a (jmp 0xffffffff889be6e0|jmp 0xfffffffffffffd09|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtQueueApcThreadEx : Unknown @ 0x9010a (jmp 0xffffffff889bde80|jmp 0xfffffffffffffbb9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtDuplicateObject : Unknown @ 0x9010a (jmp 0xffffffff889bed20|jmp 0xfffffffffffffc69|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenSemaphore : Unknown @ 0x9010a (jmp 0xffffffff889be030|jmp 0xfffffffffffffd39|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateSection : Unknown @ 0x16010a (jmp 0xffffffff88a8ebc0|jmp 0xfffffffffffffce9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtTerminateThread : Unknown @ 0x16010a (jmp 0xffffffff88a8ec10|jmp 0xfffffffffffffc09|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtQueryObject : Unknown @ 0x16010a (jmp 0xffffffff88a8f0a0|jmp 0xfffffffffffffba9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenProcess : Unknown @ 0x16010a (jmp 0xffffffff88a8ee60|jmp 0xfffffffffffffc89|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenThread : Unknown @ 0x16010a (jmp 0xffffffff88a8e0c0|jmp 0xfffffffffffffc79|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtWriteVirtualMemory : Unknown @ 0x16010a (jmp 0xffffffff88a8ed60|jmp 0xfffffffffffffc49|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtTerminateProcess : Unknown @ 0x16010a (jmp 0xffffffff88a8ee70|jmp 0xfffffffffffffc19|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateThreadEx : Unknown @ 0x16010a (jmp 0xffffffff88a8e6a0|jmp 0xfffffffffffffc29|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateThread : Unknown @ 0x16010a (jmp 0xffffffff88a8ec30|jmp 0xfffffffffffffc39|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtSuspendThread : Unknown @ 0x16010a (jmp 0xffffffff88a8d9a0|jmp 0xfffffffffffffbc9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtSetContextThread : Unknown @ 0x16010a (jmp 0xffffffff88a8dc20|jmp 0xfffffffffffffbf9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtSetBootOptions : Unknown @ 0x16010a (jmp 0xffffffff88a8daa0|jmp 0xfffffffffffffd89|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenTimer : Unknown @ 0x16010a (jmp 0xffffffff88a8e070|jmp 0xfffffffffffffcb9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtNotifyChangeMultipleKeys : Unknown @ 0x16010a (jmp 0xffffffff88a8e300|jmp 0xfffffffffffffb59|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtSuspendProcess : Unknown @ 0x16010a (jmp 0xffffffff88a8d9a0|jmp 0xfffffffffffffbd9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateTimer : Unknown @ 0x16010a (jmp 0xffffffff88a8e5f0|jmp 0xfffffffffffffcc9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtSetSystemInformation : Unknown @ 0x16010a (jmp 0xffffffff88a8d850|jmp 0xfffffffffffffe09|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateIoCompletion : Unknown @ 0x16010a (jmp 0xffffffff88a8e730|jmp 0xfffffffffffffca9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtModifyBootEntry : Unknown @ 0x16010a (jmp 0xffffffff88a8e0f0|jmp 0xfffffffffffffda9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenMutant : Unknown @ 0x16010a (jmp 0xffffffff88a8e060|jmp 0xfffffffffffffd59|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtSetSystemPowerState : Unknown @ 0x16010a (jmp 0xffffffff88a8d860|jmp 0xfffffffffffffde9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtReplyWaitReceivePortEx : Unknown @ 0x16010a (jmp 0xffffffff88a8ef10|jmp 0xfffffffffffffb89|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtShutdownSystem : Unknown @ 0x16010a (jmp 0xffffffff88a8d7e0|jmp 0xfffffffffffffdf9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenIoCompletion : Unknown @ 0x16010a (jmp 0xffffffff88a8e180|jmp 0xfffffffffffffc99|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtAddBootEntry : Unknown @ 0x16010a (jmp 0xffffffff88a8e8f0|jmp 0xfffffffffffffdc9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtReplyWaitReceivePort : Unknown @ 0x16010a (jmp 0xffffffff88a8f100|jmp 0xfffffffffffffb99|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtDeleteBootEntry : Unknown @ 0x16010a (jmp 0xffffffff88a8e460|jmp 0xfffffffffffffdb9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtSetBootEntryOrder : Unknown @ 0x16010a (jmp 0xffffffff88a8daa0|jmp 0xfffffffffffffd99|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenSection : Unknown @ 0x16010a (jmp 0xffffffff88a8ed00|jmp 0xfffffffffffffcd9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtDebugActiveProcess : Unknown @ 0x16010a (jmp 0xffffffff88a8e660|jmp 0xfffffffffffffbe9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtAssignProcessToJobObject : Unknown @ 0x16010a (jmp 0xffffffff88a8e870|jmp 0xfffffffffffffc59|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenEvent : Unknown @ 0x16010a (jmp 0xffffffff88a8ec30|jmp 0xfffffffffffffd19|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtAlpcSendWaitReceivePort : Unknown @ 0x16010a (jmp 0xffffffff88a8e980|jmp 0xfffffffffffffb79|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtNotifyChangeKey : Unknown @ 0x16010a (jmp 0xffffffff88a8e300|jmp 0xfffffffffffffb69|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenEventPair : Unknown @ 0x16010a (jmp 0xffffffff88a8e130|jmp 0xfffffffffffffcf9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateEvent : Unknown @ 0x16010a (jmp 0xffffffff88a8eba0|jmp 0xfffffffffffffd29|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateSemaphore : Unknown @ 0x16010a (jmp 0xffffffff88a8e5a0|jmp 0xfffffffffffffd49|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtSystemDebugControl : Unknown @ 0x16010a (jmp 0xffffffff88a8d780|jmp 0xfffffffffffffdd9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateMutant : Unknown @ 0x16010a (jmp 0xffffffff88a8e610|jmp 0xfffffffffffffd69|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtLoadDriver : Unknown @ 0x16010a (jmp 0xffffffff88a8e140|jmp 0xfffffffffffffe19|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateEventPair : Unknown @ 0x16010a (jmp 0xffffffff88a8e6e0|jmp 0xfffffffffffffd09|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtQueueApcThreadEx : Unknown @ 0x16010a (jmp 0xffffffff88a8de80|jmp 0xfffffffffffffbb9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtDuplicateObject : Unknown @ 0x16010a (jmp 0xffffffff88a8ed20|jmp 0xfffffffffffffc69|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenSemaphore : Unknown @ 0x16010a (jmp 0xffffffff88a8e030|jmp 0xfffffffffffffd39|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtWriteVirtualMemory : Unknown @ 0x7783010a (jmp 0x15ed60|jmp 0xfffffffffffffc49|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtDuplicateObject : Unknown @ 0x7783010a (jmp 0x15ed20|jmp 0xfffffffffffffc69|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateEvent : Unknown @ 0x7783010a (jmp 0x15eba0|jmp 0xfffffffffffffd29|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtNotifyChangeKey : Unknown @ 0x7783010a (jmp 0x15e300|jmp 0xfffffffffffffb69|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtTerminateProcess : Unknown @ 0x7783010a (jmp 0x15ee70|jmp 0xfffffffffffffc19|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenEvent : Unknown @ 0x7783010a (jmp 0x15ec30|jmp 0xfffffffffffffd19|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtAssignProcessToJobObject : Unknown @ 0x7783010a (jmp 0x15e870|jmp 0xfffffffffffffc59|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtSetContextThread : Unknown @ 0x7783010a (jmp 0x15dc20|jmp 0xfffffffffffffbf9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - LdrUnloadDll : Unknown @ 0x31075c (jmp 0xffffffff88c6cc4b)
[IAT:Inl] (iexplore.exe) ntdll.dll - LdrLoadDll : Unknown @ 0x3103a4 (jmp 0xffffffff88c688e3)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateSection : Unknown @ 0x7783010a (jmp 0x15ebc0|jmp 0xfffffffffffffce9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenProcess : Unknown @ 0x7783010a (jmp 0x15ee60|jmp 0xfffffffffffffc89|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtSetSystemInformation : Unknown @ 0x7783010a (jmp 0x15d850|jmp 0xfffffffffffffe09|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtNotifyChangeMultipleKeys : Unknown @ 0x7783010a (jmp 0x15e300|jmp 0xfffffffffffffb59|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtQueryObject : Unknown @ 0x7783010a (jmp 0x15f0a0|jmp 0xfffffffffffffba9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateIoCompletion : Unknown @ 0x7783010a (jmp 0x15e730|jmp 0xfffffffffffffca9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenSection : Unknown @ 0x7783010a (jmp 0x15ed00|jmp 0xfffffffffffffcd9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateSemaphore : Unknown @ 0x7783010a (jmp 0x15e5a0|jmp 0xfffffffffffffd49|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenSemaphore : Unknown @ 0x7783010a (jmp 0x15e030|jmp 0xfffffffffffffd39|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateMutant : Unknown @ 0x7783010a (jmp 0x15e610|jmp 0xfffffffffffffd69|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenMutant : Unknown @ 0x7783010a (jmp 0x15e060|jmp 0xfffffffffffffd59|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateTimer : Unknown @ 0x7783010a (jmp 0x15e5f0|jmp 0xfffffffffffffcc9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenTimer : Unknown @ 0x7783010a (jmp 0x15e070|jmp 0xfffffffffffffcb9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateThreadEx : Unknown @ 0x7783010a (jmp 0x15e6a0|jmp 0xfffffffffffffc29|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtTerminateThread : Unknown @ 0x7783010a (jmp 0x15ec10|jmp 0xfffffffffffffc09|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenThread : Unknown @ 0x7783010a (jmp 0x15e0c0|jmp 0xfffffffffffffc79|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtSuspendThread : Unknown @ 0x7783010a (jmp 0x15d9a0|jmp 0xfffffffffffffbc9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtVdmControl : Unknown @ 0x7783010a (jmp 0x15d700|jmp 0xfffffffffffffd79|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtAlpcSendWaitReceivePort : Unknown @ 0x7783010a (jmp 0x15e980|jmp 0xfffffffffffffb79|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtQueueApcThreadEx : Unknown @ 0x7783010a (jmp 0x15de80|jmp 0xfffffffffffffbb9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtLoadDriver : Unknown @ 0x7783010a (jmp 0x15e140|jmp 0xfffffffffffffe19|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenEventPair : Unknown @ 0x7783010a (jmp 0x15e130|jmp 0xfffffffffffffcf9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateSection : Unknown @ 0x1c010a (jmp 0xffffffff88aeebc0|jmp 0xfffffffffffffce9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtTerminateThread : Unknown @ 0x1c010a (jmp 0xffffffff88aeec10|jmp 0xfffffffffffffc09|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtQueryObject : Unknown @ 0x1c010a (jmp 0xffffffff88aef0a0|jmp 0xfffffffffffffba9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenProcess : Unknown @ 0x1c010a (jmp 0xffffffff88aeee60|jmp 0xfffffffffffffc89|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenThread : Unknown @ 0x1c010a (jmp 0xffffffff88aee0c0|jmp 0xfffffffffffffc79|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtWriteVirtualMemory : Unknown @ 0x1c010a (jmp 0xffffffff88aeed60|jmp 0xfffffffffffffc49|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtTerminateProcess : Unknown @ 0x1c010a (jmp 0xffffffff88aeee70|jmp 0xfffffffffffffc19|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateThreadEx : Unknown @ 0x1c010a (jmp 0xffffffff88aee6a0|jmp 0xfffffffffffffc29|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateThread : Unknown @ 0x1c010a (jmp 0xffffffff88aeec30|jmp 0xfffffffffffffc39|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtSuspendThread : Unknown @ 0x1c010a (jmp 0xffffffff88aed9a0|jmp 0xfffffffffffffbc9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtSetContextThread : Unknown @ 0x1c010a (jmp 0xffffffff88aedc20|jmp 0xfffffffffffffbf9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtSetBootOptions : Unknown @ 0x1c010a (jmp 0xffffffff88aedaa0|jmp 0xfffffffffffffd89|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenTimer : Unknown @ 0x1c010a (jmp 0xffffffff88aee070|jmp 0xfffffffffffffcb9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtNotifyChangeMultipleKeys : Unknown @ 0x1c010a (jmp 0xffffffff88aee300|jmp 0xfffffffffffffb59|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtSuspendProcess : Unknown @ 0x1c010a (jmp 0xffffffff88aed9a0|jmp 0xfffffffffffffbd9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateTimer : Unknown @ 0x1c010a (jmp 0xffffffff88aee5f0|jmp 0xfffffffffffffcc9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtSetSystemInformation : Unknown @ 0x1c010a (jmp 0xffffffff88aed850|jmp 0xfffffffffffffe09|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateIoCompletion : Unknown @ 0x1c010a (jmp 0xffffffff88aee730|jmp 0xfffffffffffffca9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtModifyBootEntry : Unknown @ 0x1c010a (jmp 0xffffffff88aee0f0|jmp 0xfffffffffffffda9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenMutant : Unknown @ 0x1c010a (jmp 0xffffffff88aee060|jmp 0xfffffffffffffd59|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtSetSystemPowerState : Unknown @ 0x1c010a (jmp 0xffffffff88aed860|jmp 0xfffffffffffffde9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtReplyWaitReceivePortEx : Unknown @ 0x1c010a (jmp 0xffffffff88aeef10|jmp 0xfffffffffffffb89|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtShutdownSystem : Unknown @ 0x1c010a (jmp 0xffffffff88aed7e0|jmp 0xfffffffffffffdf9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenIoCompletion : Unknown @ 0x1c010a (jmp 0xffffffff88aee180|jmp 0xfffffffffffffc99|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtAddBootEntry : Unknown @ 0x1c010a (jmp 0xffffffff88aee8f0|jmp 0xfffffffffffffdc9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtReplyWaitReceivePort : Unknown @ 0x1c010a (jmp 0xffffffff88aef100|jmp 0xfffffffffffffb99|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtDeleteBootEntry : Unknown @ 0x1c010a (jmp 0xffffffff88aee460|jmp 0xfffffffffffffdb9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtSetBootEntryOrder : Unknown @ 0x1c010a (jmp 0xffffffff88aedaa0|jmp 0xfffffffffffffd99|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenSection : Unknown @ 0x1c010a (jmp 0xffffffff88aeed00|jmp 0xfffffffffffffcd9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtDebugActiveProcess : Unknown @ 0x1c010a (jmp 0xffffffff88aee660|jmp 0xfffffffffffffbe9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtAssignProcessToJobObject : Unknown @ 0x1c010a (jmp 0xffffffff88aee870|jmp 0xfffffffffffffc59|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenEvent : Unknown @ 0x1c010a (jmp 0xffffffff88aeec30|jmp 0xfffffffffffffd19|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtAlpcSendWaitReceivePort : Unknown @ 0x1c010a (jmp 0xffffffff88aee980|jmp 0xfffffffffffffb79|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtNotifyChangeKey : Unknown @ 0x1c010a (jmp 0xffffffff88aee300|jmp 0xfffffffffffffb69|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenEventPair : Unknown @ 0x1c010a (jmp 0xffffffff88aee130|jmp 0xfffffffffffffcf9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateEvent : Unknown @ 0x1c010a (jmp 0xffffffff88aeeba0|jmp 0xfffffffffffffd29|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateSemaphore : Unknown @ 0x1c010a (jmp 0xffffffff88aee5a0|jmp 0xfffffffffffffd49|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtSystemDebugControl : Unknown @ 0x1c010a (jmp 0xffffffff88aed780|jmp 0xfffffffffffffdd9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateMutant : Unknown @ 0x1c010a (jmp 0xffffffff88aee610|jmp 0xfffffffffffffd69|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtLoadDriver : Unknown @ 0x1c010a (jmp 0xffffffff88aee140|jmp 0xfffffffffffffe19|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtCreateEventPair : Unknown @ 0x1c010a (jmp 0xffffffff88aee6e0|jmp 0xfffffffffffffd09|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtQueueApcThreadEx : Unknown @ 0x1c010a (jmp 0xffffffff88aede80|jmp 0xfffffffffffffbb9|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtDuplicateObject : Unknown @ 0x1c010a (jmp 0xffffffff88aeed20|jmp 0xfffffffffffffc69|jmp 0xfffffffffffffff0)
[IAT:Inl] (iexplore.exe) ntdll.dll - NtOpenSemaphore : Unknown @ 0x1c010a (jmp 0xffffffff88aee030|jmp 0xfffffffffffffd39|jmp 0xfffffffffffffff0)
¤¤¤ Navigateurs web : 0 ¤¤¤
¤¤¤ Vérification MBR : ¤¤¤
+++++ PhysicalDrive0: Hitachi HTS547564A9E384 SATA Disk Device +++++
--- User ---
[MBR] 848cb1f4eac3b7ad312756f9cf46a512
[BSP] ddd2d81b5a29a7518ddd6ca6da314989 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 199 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 409600 | Size: 594805 MB
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 1218570240 | Size: 15371 MB
3 - [XXXXXX] FAT32-LBA (0xc) [VISIBLE] Offset (sectors): 1250050048 | Size: 103 MB
User = LL1 ... OK
User != LL2 ... KO!
--- LL2 ---
[MBR] 028b9a1b9ea2e09ba85a9cd383fb78ea
[BSP] cf9cf52156668724161933bc11a9a364 : Unknown MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 409600 | Size: 77824 MB
1 - [ACTIVE] FAT32-LBA (0xc) [VISIBLE] Offset (sectors): 159793152 | Size: 400 MB
============================================
RKreport_SCN_01052015_224958.log - RKreport_DEL_01052015_225356.log
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 629
5 janv. 2015 à 22:58
5 janv. 2015 à 22:58
ok :)
fais un nettoyage ZHPCleaner : https://forum.malekal.com/viewtopic.php?t=48954&start=
Lance l'analyse puis fais Réparer.
puis refais une analyse FRST et donne le fichier FRST.txt via pjjoint.
Vois ce que cela donne pour les pubs.
fais un nettoyage ZHPCleaner : https://forum.malekal.com/viewtopic.php?t=48954&start=
Lance l'analyse puis fais Réparer.
puis refais une analyse FRST et donne le fichier FRST.txt via pjjoint.
Vois ce que cela donne pour les pubs.
cessna172
Messages postés
26
Date d'inscription
vendredi 2 janvier 2015
Statut
Membre
Dernière intervention
6 janvier 2015
1
5 janv. 2015 à 23:16
5 janv. 2015 à 23:16
ok je fais cela de suite
cessna172
Messages postés
26
Date d'inscription
vendredi 2 janvier 2015
Statut
Membre
Dernière intervention
6 janvier 2015
1
6 janv. 2015 à 00:33
6 janv. 2015 à 00:33
je ne peux pas refaire FRST car il ne trouve pas le fichier. Il semblerait qu'un exe ait été supprimé
cessna172
Messages postés
26
Date d'inscription
vendredi 2 janvier 2015
Statut
Membre
Dernière intervention
6 janvier 2015
1
6 janv. 2015 à 00:35
6 janv. 2015 à 00:35
window ne peut pas ouvrir ce fichier
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 629
6 janv. 2015 à 09:15
6 janv. 2015 à 09:15
Comment ça ?
Bloqué par Smartscreen ?
Bloqué par Smartscreen ?
cessna172
Messages postés
26
Date d'inscription
vendredi 2 janvier 2015
Statut
Membre
Dernière intervention
6 janvier 2015
1
>
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
6 janv. 2015 à 15:00
6 janv. 2015 à 15:00
non je pense qu'il faut que je réinstalle window7 j'ai du supprimer par inadvertance des programmes
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 629
6 janv. 2015 à 15:02
6 janv. 2015 à 15:02
Qu'est ce qui s'est passé ?
Tu as quoi comme erreur ?
Tu as quoi comme erreur ?
cessna172
Messages postés
26
Date d'inscription
vendredi 2 janvier 2015
Statut
Membre
Dernière intervention
6 janvier 2015
1
>
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
6 janv. 2015 à 15:20
6 janv. 2015 à 15:20
je n'ai plus de exe il marque window ne peut pas ouvrir ce fichier ni de Ink
cessna172
Messages postés
26
Date d'inscription
vendredi 2 janvier 2015
Statut
Membre
Dernière intervention
6 janvier 2015
1
>
cessna172
Messages postés
26
Date d'inscription
vendredi 2 janvier 2015
Statut
Membre
Dernière intervention
6 janvier 2015
6 janv. 2015 à 15:20
6 janv. 2015 à 15:20
tout ce qui était sur le bureau est en page blanche
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 629
6 janv. 2015 à 22:53
6 janv. 2015 à 22:53
De rien :)
Voila, c'est terminé, tu peux supprimer les programmes utilisés.
Quelques conseils :
Installe Malwarebyte's Anti-Malware : https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
Fais des scans réguliers avec, il est efficace.
(sauf si tu es sur un netbook)
Pour prévenir les sites malicieux, tu peux installer Blockulicious : https://forum.malekal.com/viewtopic.php?t=46656&start=
Pour ne plus te faire avoir.
A lire - Programmes parasites / PUPs : https://www.malekal.com/adwares-pup-protection/
Voila, c'est terminé, tu peux supprimer les programmes utilisés.
Quelques conseils :
Installe Malwarebyte's Anti-Malware : https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
Fais des scans réguliers avec, il est efficace.
(sauf si tu es sur un netbook)
Pour prévenir les sites malicieux, tu peux installer Blockulicious : https://forum.malekal.com/viewtopic.php?t=46656&start=
Pour ne plus te faire avoir.
A lire - Programmes parasites / PUPs : https://www.malekal.com/adwares-pup-protection/
