RogueKiller V9.0.2.0 [Jun 3 2014] par Adlice Software Mail : http://www.adlice.com/contact/ Remontées : http://forum.adlice.com Site Web : http://www.surlatoile.org/RogueKiller/ Blog : http://www.adlice.com Système d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 32 bits version Démarrage : Mode normal Utilisateur : jean-marcel [Droits d'admin] Mode : Recherche -- Date : 06/09/2014 12:28:21 ¤¤¤ Processus malicieux : 0 ¤¤¤ ¤¤¤ Entrées de registre : 0 ¤¤¤ ¤¤¤ Tâches planifiées : 0 ¤¤¤ ¤¤¤ Fichiers : 0 ¤¤¤ ¤¤¤ Fichier HOSTS : 1 ¤¤¤ [C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost ¤¤¤ Antirootkit : 42 ¤¤¤ [SSDT:Addr] NtAlertResumeThread[13] : Unknown @ 0x8693f258 [SSDT:Addr] NtAlertThread[14] : Unknown @ 0x8693f2f0 [SSDT:Addr] NtAllocateVirtualMemory[19] : Unknown @ 0x8692d4e0 [SSDT:Addr] NtAlpcConnectPort[22] : Unknown @ 0x86857108 [SSDT:Addr] NtAssignProcessToJobObject[43] : Unknown @ 0x869400d0 [SSDT:Addr] NtCreateMutant[74] : Unknown @ 0x86940480 [SSDT:Addr] NtCreateSymbolicLinkObject[86] : Unknown @ 0x869414a8 [SSDT:Addr] NtCreateThread[87] : Unknown @ 0x8692d720 [SSDT:Addr] NtCreateThreadEx[88] : Unknown @ 0x86941550 [SSDT:Addr] NtDebugActiveProcess[96] : Unknown @ 0x86940168 [SSDT:Addr] NtDuplicateObject[111] : Unknown @ 0x8692d5c8 [SSDT:Addr] NtFreeVirtualMemory[131] : Unknown @ 0x8692d370 [SSDT:Addr] NtImpersonateAnonymousToken[145] : Unknown @ 0x86940008 [SSDT:Addr] NtImpersonateThread[147] : Unknown @ 0x8693f1c0 [SSDT:Addr] NtLoadDriver[155] : Unknown @ 0x86857090 [SSDT:Addr] NtMapViewOfSection[168] : Unknown @ 0x8692d2b8 [SSDT:Addr] NtOpenEvent[177] : Unknown @ 0x869403e8 [SSDT:Addr] NtOpenProcess[190] : Unknown @ 0x8692c898 [SSDT:Addr] NtOpenProcessToken[191] : Unknown @ 0x8692c080 [SSDT:Addr] NtOpenSection[194] : Unknown @ 0x869402b8 [SSDT:Addr] NtOpenThread[198] : Unknown @ 0x8692dd58 [SSDT:Addr] NtProtectVirtualMemory[215] : Unknown @ 0x86941008 [SSDT:Addr] NtResumeThread[304] : Unknown @ 0x8693f388 [SSDT:Addr] NtSetContextThread[316] : Unknown @ 0x8693f550 [SSDT:Addr] NtSetInformationProcess[333] : Unknown @ 0x8693f5e8 [SSDT:Addr] NtSetSystemInformation[350] : Unknown @ 0x86940200 [SSDT:Addr] NtSuspendProcess[366] : Unknown @ 0x86940350 [SSDT:Addr] NtSuspendThread[367] : Unknown @ 0x8693f420 [SSDT:Addr] NtTerminateProcess[370] : Unknown @ 0x8692dbf0 [SSDT:Addr] NtTerminateThread[371] : Unknown @ 0x8693f4b8 [SSDT:Addr] NtUnmapViewOfSection[385] : Unknown @ 0x8692d220 [SSDT:Addr] NtWriteVirtualMemory[399] : Unknown @ 0x8692d418 [ShwSSDT:Addr] NtUserAttachThreadInput[318] : Unknown @ 0x8777eb38 [ShwSSDT:Addr] NtUserGetAsyncKeyState[402] : Unknown @ 0x8776b348 [ShwSSDT:Addr] NtUserGetKeyboardState[434] : Unknown @ 0x87759d10 [ShwSSDT:Addr] NtUserGetKeyState[436] : Unknown @ 0x87771208 [ShwSSDT:Addr] NtUserGetRawInputData[448] : Unknown @ 0x877850b0 [ShwSSDT:Addr] NtUserMessageCall[490] : Unknown @ 0x876def18 [ShwSSDT:Addr] NtUserPostMessage[508] : Unknown @ 0x871a9d68 [ShwSSDT:Addr] NtUserPostThreadMessage[509] : Unknown @ 0x87781c78 [ShwSSDT:Addr] NtUserSetWindowsHookEx[585] : Unknown @ 0x8773c0b0 [ShwSSDT:Addr] NtUserSetWinEventHook[588] : Unknown @ 0x87763590 ¤¤¤ Navigateurs web : 0 ¤¤¤ ¤¤¤ MBR Verif : ¤¤¤ +++++ PhysicalDrive0: ST3320820AS ATA Device +++++ --- User --- [MBR] 87963cd9076676c520c13d189901bf94 [BSP] 331549f47ce008f29bf8f7fc3ee375f2 : Windows Vista/7/8 MBR Code Partition table: 0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 63 | Size: 8197 MB 1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 16787925 | Size: 297047 MB User = LL1 ... OK User = LL2 ... OK +++++ PhysicalDrive1: Lexar USB Flash Drive USB Device +++++ --- User --- [MBR] 60fba36cf2e762f7b256841f6b7e0f3e [BSP] 33a07a59d299ab4ea9f4ab0156f9d86f : Windows XP MBR Code Partition table: 0 - [ACTIVE] FAT32 (0xb) [VISIBLE] Offset (sectors): 80 | Size: 7647 MB User = LL1 ... OK Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. ) ============================================ RKreport_DEL_05292014_183055.log - RKreport_DEL_05302014_150406.log - RKreport_DEL_06022014_073913.log - RKreport_DEL_06052014_091256.log RKreport_DEL_06072014_140822.log - RKreport_DEL_06082014_102120.log - RKreport_DEL_06082014_104848.log - RKreport_DEL_06082014_183749.log RKreport_DEL_06082014_213645.log - RKreport_SCN_05292014_182816.log - RKreport_SCN_05302014_150312.log - RKreport_SCN_06022014_073636.log RKreport_SCN_06042014_201947.log - RKreport_SCN_06052014_091226.log - RKreport_SCN_06052014_204512.log - RKreport_SCN_06052014_210633.log RKreport_SCN_06072014_140653.log - RKreport_SCN_06072014_142556.log - RKreport_SCN_06082014_102054.log - RKreport_SCN_06082014_104757.log RKreport_SCN_06082014_183720.log - RKreport_SCN_06082014_213621.log - RKreport_SCN_06092014_071509.log