RogueKiller V8.5.1 [Feb 20 2013] par Tigzy mail : tigzyRKgmailcom Remontees : http://www.sur-la-toile.com/discussion-193725-1--RogueKiller-Remontees.html Site Web : http://www.sur-la-toile.com/RogueKiller/ Blog : http://tigzyrk.blogspot.com/ Systeme d'exploitation : (4.0.950 ) 32 bits version Demarrage : Mode normal Utilisateur : FILLOZ [Droits d'admin] Mode : Recherche -- Date : 20/02/2013 21:32:56 | ARK || FAK || MBR | ¤¤¤ Processus malicieux : 0 ¤¤¤ ¤¤¤ Entrees de registre : 2 ¤¤¤ [HJ SMENU] HKCU\[...]\Advanced : Start_ShowRecentDocs (0) -> TROUVÉ [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> TROUVÉ ¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤ ¤¤¤ Driver : [CHARGE] ¤¤¤ SSDT[17] : NtAllocateVirtualMemory @ 0x80570BC5 -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CDFB2) SSDT[19] : NtAssignProcessToJobObject @ 0x805E1DDB -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CEA76) SSDT[25] : NtClose @ 0x8056F8D7 -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38D1972) SSDT[31] : NtConnectPort @ 0x80590C5B -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38D01F2) SSDT[37] : NtCreateFile @ 0x80573DFB -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CF740) SSDT[41] : NtCreateKey @ 0x80578ABE -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38D08EA) SSDT[47] : NtCreateProcess @ 0x805B7BF5 -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CECCC) SSDT[48] : NtCreateProcessEx @ 0x8058B7F4 -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CED82) SSDT[50] : NtCreateSection @ 0x8056DB66 -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CF06A) SSDT[53] : NtCreateThread @ 0x805860C0 -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CD922) SSDT[66] : NtDeviceIoControlFile @ 0x80588ABD -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38D0A5A) SSDT[68] : NtDuplicateObject @ 0x8057DDAF -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38D4D3A) SSDT[84] : NtFsControlFile @ 0x80582287 -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38D0D12) SSDT[97] : NtLoadDriver @ 0x805B06F6 -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CE428) SSDT[105] : NtMakeTemporaryObject @ 0x805E0BF1 -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38D170E) SSDT[116] : NtOpenFile @ 0x80579E8D -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CF538) SSDT[122] : NtOpenProcess @ 0x8057BB80 -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38D4792) SSDT[125] : NtOpenSection @ 0x8057B96A -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CEE3C) SSDT[128] : NtOpenThread @ 0x80596A0F -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38D4A42) SSDT[137] : NtProtectVirtualMemory @ 0x80582621 -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CDE36) SSDT[180] : NtQueueApcThread @ 0x8059A8E8 -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CEB9E) SSDT[193] : NtReplaceKey @ 0x8065724C -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38D155C) SSDT[199] : NtRequestPort @ 0x805E6AD1 -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38D0360) SSDT[200] : NtRequestWaitReplyPort @ 0x8057D89E -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CFCF4) SSDT[204] : NtRestoreKey @ 0x80656DE1 -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38D15E6) SSDT[210] : NtSecureConnectPort @ 0x80587C11 -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38D077A) SSDT[213] : NtSetContextThread @ 0x8063628D -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CDA92) SSDT[237] : NtSetSecurityObject @ 0x8059EC29 -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38D14B6) SSDT[240] : NtSetSystemInformation @ 0x805B2328 -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CE618) SSDT[249] : NtShutdownSystem @ 0x8064F327 -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38D1678) SSDT[253] : NtSuspendProcess @ 0x80637B6B -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CDD0E) SSDT[254] : NtSuspendThread @ 0x80637A87 -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CDBE8) SSDT[255] : NtSystemDebugControl @ 0x80651B27 -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CE9A8) SSDT[257] : NtTerminateProcess @ 0x8058E6B9 -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38D468A) SSDT[258] : NtTerminateThread @ 0x80582DDA -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38D4F2C) SSDT[262] : NtUnloadDriver @ 0x80624BAC -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38D17A4) SSDT[277] : NtWriteVirtualMemory @ 0x805873F6 -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CD7A6) S_SSDT[307] : Unknown -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CD38E) S_SSDT[322] : Unknown -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CD596) S_SSDT[323] : Unknown -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CD4E8) S_SSDT[347] : Unknown -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CD2F4) S_SSDT[383] : Unknown -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CD290) S_SSDT[414] : Unknown -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CD122) S_SSDT[416] : Unknown -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CD0BE) S_SSDT[460] : Unknown -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CCDC8) S_SSDT[475] : Unknown -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CCBCE) S_SSDT[476] : Unknown -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CCC4E) S_SSDT[491] : Unknown -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CCE50) S_SSDT[502] : Unknown -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CCB7C) S_SSDT[549] : Unknown -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CC252) S_SSDT[552] : Unknown -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CC6E0) ¤¤¤ Fichier HOSTS: ¤¤¤ --> C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 localhost ¤¤¤ MBR Verif: ¤¤¤ +++++ PhysicalDrive0: WDC WD2500AAJS-00VTA0 +++++ --- User --- [MBR] e75248b2bab80d75889ace968b16952c [BSP] c5ffd4b680d2b70a9efb22301a50a409 : Windows XP MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 238464 Mo User = LL1 ... OK! User = LL2 ... OK! Termine : << RKreport[1]_S_20022013_213256.txt >> RKreport[1]_S_20022013_213256.txt