Publicité
Publicité
Format du document : text/plain
Prévisualisation
RogueKiller V8.8.6 [Feb 7 2014] par Tigzy
mail : tigzyRKgmailcom
Remontees : http://forum.adlice.com
Site Web : http://www.sur-la-toile.com/RogueKiller/
Blog : http://www.adlice.com
Systeme d'exploitation : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Demarrage : Mode normal
Utilisateur : Damingo [Droits d'admin]
Mode : Recherche -- Date : 02/09/2014 20:54:04
| ARK || FAK || MBR |
¤¤¤ Processus malicieux : 0 ¤¤¤
¤¤¤ Entrees de registre : 0 ¤¤¤
¤¤¤ Tâches planifiées : 0 ¤¤¤
¤¤¤ Entrées Startup : 0 ¤¤¤
¤¤¤ Navigateurs web : 0 ¤¤¤
¤¤¤ Addons navigateur : 0 ¤¤¤
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver : [CHARGE] ¤¤¤
[Inline] IAT @explorer.exe (CreateMutexW) : KERNEL32.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x19003140)
[Inline] IAT @explorer.exe (TerminateThread) : KERNEL32.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x19001C9C)
[Inline] EAT @explorer.exe (NtCreateProcess) : ntdll.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x1902E630)
[Inline] EAT @explorer.exe (NtCreateProcessEx) : ntdll.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x1902E560)
[Inline] EAT @explorer.exe (ZwCreateProcess) : ntdll.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x1902E630)
[Inline] EAT @explorer.exe (ZwCreateProcessEx) : ntdll.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x1902E560)
[Inline] EAT @explorer.exe (CopyFileExW) : kernel32.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x190034A9)
[Inline] EAT @explorer.exe (CreateDirectoryExW) : kernel32.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x19003383)
[Inline] EAT @explorer.exe (CreateDirectoryW) : kernel32.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x19003266)
[Inline] EAT @explorer.exe (CreateMutexW) : kernel32.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x19003140)
[Inline] EAT @explorer.exe (CreateRemoteThread) : kernel32.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x19002791)
[Inline] EAT @explorer.exe (GetFileSizeEx) : kernel32.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x19003973)
[Inline] EAT @explorer.exe (MoveFileWithProgressW) : kernel32.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x19003687)
[Inline] EAT @explorer.exe (OpenMutexA) : kernel32.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x19002ACF)
[Inline] EAT @explorer.exe (OpenMutexW) : kernel32.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x190029AB)
[Inline] EAT @explorer.exe (TerminateThread) : kernel32.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x19001C9C)
[Inline] EAT @explorer.exe (WriteProcessMemory) : kernel32.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x19002D71)
[Inline] EAT @explorer.exe (CloseServiceHandle) : ADVAPI32.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x19002110)
[Inline] EAT @explorer.exe (ControlService) : ADVAPI32.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x19001FC2)
[Inline] EAT @explorer.exe (CreateServiceA) : ADVAPI32.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x1900253D)
[Inline] EAT @explorer.exe (CreateServiceW) : ADVAPI32.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x19002572)
[Inline] EAT @explorer.exe (OpenServiceA) : ADVAPI32.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x19001F94)
[Inline] EAT @explorer.exe (OpenServiceW) : ADVAPI32.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x19001FAB)
[Inline] EAT @explorer.exe (SetWindowsHookExA) : USER32.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x19001E47)
[Inline] EAT @explorer.exe (SetWindowsHookExW) : USER32.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x19001E63)
[Inline] EAT @explorer.exe (recv) : WS2_32.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x190025A7)
[Inline] EAT @explorer.exe (send) : WS2_32.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x1900269C)
[Inline] EAT @iexplore.exe (NtCreateProcess) : ntdll.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x1902E630)
[Inline] EAT @iexplore.exe (NtCreateProcessEx) : ntdll.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x1902E560)
[Inline] EAT @iexplore.exe (ZwCreateProcess) : ntdll.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x1902E630)
[Inline] EAT @iexplore.exe (ZwCreateProcessEx) : ntdll.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x1902E560)
[Inline] EAT @iexplore.exe (TerminateThread) : kernel32.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x19001C9C)
[Inline] EAT @iexplore.exe (CloseServiceHandle) : ADVAPI32.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x19002110)
[Inline] EAT @iexplore.exe (ControlService) : ADVAPI32.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x19001FC2)
[Inline] EAT @iexplore.exe (OpenServiceA) : ADVAPI32.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x19001F94)
[Inline] EAT @iexplore.exe (OpenServiceW) : ADVAPI32.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x19001FAB)
[Inline] EAT @iexplore.exe (WSAAsyncSelect) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x02C29E2B)
[Inline] EAT @iexplore.exe (WSAConnect) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x02C29CF5)
[Inline] EAT @iexplore.exe (WSAGetOverlappedResult) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x02C29B26)
[Inline] EAT @iexplore.exe (WSAIoctl) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x02C29ACE)
[Inline] EAT @iexplore.exe (WSARecv) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x02C29F21)
[Inline] EAT @iexplore.exe (WSARecvFrom) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x02C29E82)
[Inline] EAT @iexplore.exe (WSASend) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x02C2A07C)
[Inline] EAT @iexplore.exe (WSASendTo) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x02C29FC5)
[Inline] EAT @iexplore.exe (WSASocketW) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x02C29C79)
[Inline] EAT @iexplore.exe (closesocket) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x02C29C57)
[Inline] EAT @iexplore.exe (connect) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x02C29D9E)
[Inline] EAT @iexplore.exe (ioctlsocket) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x02C29B00)
[Inline] EAT @iexplore.exe (recv) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x02C2A29D)
[Inline] EAT @iexplore.exe (recvfrom) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x02C2A214)
[Inline] EAT @iexplore.exe (select) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x02C29BBD)
[Inline] EAT @iexplore.exe (send) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x02C2A1A4)
[Inline] EAT @iexplore.exe (sendto) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x02C2A121)
[Inline] EAT @iexplore.exe (NtCreateProcess) : ntdll.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x1902E630)
[Inline] EAT @iexplore.exe (NtCreateProcessEx) : ntdll.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x1902E560)
[Inline] EAT @iexplore.exe (ZwCreateProcess) : ntdll.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x1902E630)
[Inline] EAT @iexplore.exe (ZwCreateProcessEx) : ntdll.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x1902E560)
[Inline] EAT @iexplore.exe (TerminateThread) : kernel32.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x19001C9C)
[Inline] EAT @iexplore.exe (CloseServiceHandle) : ADVAPI32.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x19002110)
[Inline] EAT @iexplore.exe (ControlService) : ADVAPI32.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x19001FC2)
[Inline] EAT @iexplore.exe (OpenServiceA) : ADVAPI32.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x19001F94)
[Inline] EAT @iexplore.exe (OpenServiceW) : ADVAPI32.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x19001FAB)
[Inline] EAT @iexplore.exe (WSAAsyncSelect) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x072C9E2B)
[Inline] EAT @iexplore.exe (WSAConnect) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x072C9CF5)
[Inline] EAT @iexplore.exe (WSAGetOverlappedResult) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x072C9B26)
[Inline] EAT @iexplore.exe (WSAIoctl) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x072C9ACE)
[Inline] EAT @iexplore.exe (WSARecv) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x072C9F21)
[Inline] EAT @iexplore.exe (WSARecvFrom) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x072C9E82)
[Inline] EAT @iexplore.exe (WSASend) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x072CA07C)
[Inline] EAT @iexplore.exe (WSASendTo) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x072C9FC5)
[Inline] EAT @iexplore.exe (WSASocketW) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x072C9C79)
[Inline] EAT @iexplore.exe (closesocket) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x072C9C57)
[Inline] EAT @iexplore.exe (connect) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x072C9D9E)
[Inline] EAT @iexplore.exe (ioctlsocket) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x072C9B00)
[Inline] EAT @iexplore.exe (recv) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x072CA29D)
[Inline] EAT @iexplore.exe (recvfrom) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x072CA214)
[Inline] EAT @iexplore.exe (select) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x072C9BBD)
[Inline] EAT @iexplore.exe (send) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x072CA1A4)
[Inline] EAT @iexplore.exe (sendto) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x072CA121)
[Inline] EAT @iexplore.exe (NtCreateProcess) : ntdll.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x1902E630)
[Inline] EAT @iexplore.exe (NtCreateProcessEx) : ntdll.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x1902E560)
[Inline] EAT @iexplore.exe (ZwCreateProcess) : ntdll.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x1902E630)
[Inline] EAT @iexplore.exe (ZwCreateProcessEx) : ntdll.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x1902E560)
[Inline] EAT @iexplore.exe (TerminateThread) : kernel32.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x19001C9C)
[Inline] EAT @iexplore.exe (CloseServiceHandle) : ADVAPI32.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x19002110)
[Inline] EAT @iexplore.exe (ControlService) : ADVAPI32.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x19001FC2)
[Inline] EAT @iexplore.exe (OpenServiceA) : ADVAPI32.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x19001F94)
[Inline] EAT @iexplore.exe (OpenServiceW) : ADVAPI32.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x19001FAB)
[Inline] EAT @iexplore.exe (WSAAsyncSelect) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x07379E2B)
[Inline] EAT @iexplore.exe (WSAConnect) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x07379CF5)
[Inline] EAT @iexplore.exe (WSAGetOverlappedResult) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x07379B26)
[Inline] EAT @iexplore.exe (WSAIoctl) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x07379ACE)
[Inline] EAT @iexplore.exe (WSARecv) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x07379F21)
[Inline] EAT @iexplore.exe (WSARecvFrom) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x07379E82)
[Inline] EAT @iexplore.exe (WSASend) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x0737A07C)
[Inline] EAT @iexplore.exe (WSASendTo) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x07379FC5)
[Inline] EAT @iexplore.exe (WSASocketW) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x07379C79)
[Inline] EAT @iexplore.exe (closesocket) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x07379C57)
[Inline] EAT @iexplore.exe (connect) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x07379D9E)
[Inline] EAT @iexplore.exe (ioctlsocket) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x07379B00)
[Inline] EAT @iexplore.exe (recv) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x0737A29D)
[Inline] EAT @iexplore.exe (recvfrom) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x0737A214)
[Inline] EAT @iexplore.exe (select) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x07379BBD)
[Inline] EAT @iexplore.exe (send) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x0737A1A4)
[Inline] EAT @iexplore.exe (sendto) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x0737A121)
¤¤¤ Ruches Externes: ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
127.0.0.1 localhost
¤¤¤ MBR Verif: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD5000AADS-00S9B0 +++++
--- User ---
[MBR] 7fbee3490a8103877b465cc2dca7cc7c
[BSP] 5ef5bb21ce8049d6ecab6fb9761b8413 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 99998 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 204796620 | Size: 376931 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Termine : << RKreport[0]_S_02092014_205404.txt >>
RKreport[0]_D_02092014_205304.txt;RKreport[0]_S_02092014_201216.txt
mail : tigzyRK
Remontees : http://forum.adlice.com
Site Web : http://www.sur-la-toile.com/RogueKiller/
Blog : http://www.adlice.com
Systeme d'exploitation : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Demarrage : Mode normal
Utilisateur : Damingo [Droits d'admin]
Mode : Recherche -- Date : 02/09/2014 20:54:04
| ARK || FAK || MBR |
¤¤¤ Processus malicieux : 0 ¤¤¤
¤¤¤ Entrees de registre : 0 ¤¤¤
¤¤¤ Tâches planifiées : 0 ¤¤¤
¤¤¤ Entrées Startup : 0 ¤¤¤
¤¤¤ Navigateurs web : 0 ¤¤¤
¤¤¤ Addons navigateur : 0 ¤¤¤
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver : [CHARGE] ¤¤¤
[Inline] IAT @explorer.exe (CreateMutexW) : KERNEL32.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x19003140)
[Inline] IAT @explorer.exe (TerminateThread) : KERNEL32.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x19001C9C)
[Inline] EAT @explorer.exe (NtCreateProcess) : ntdll.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x1902E630)
[Inline] EAT @explorer.exe (NtCreateProcessEx) : ntdll.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x1902E560)
[Inline] EAT @explorer.exe (ZwCreateProcess) : ntdll.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x1902E630)
[Inline] EAT @explorer.exe (ZwCreateProcessEx) : ntdll.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x1902E560)
[Inline] EAT @explorer.exe (CopyFileExW) : kernel32.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x190034A9)
[Inline] EAT @explorer.exe (CreateDirectoryExW) : kernel32.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x19003383)
[Inline] EAT @explorer.exe (CreateDirectoryW) : kernel32.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x19003266)
[Inline] EAT @explorer.exe (CreateMutexW) : kernel32.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x19003140)
[Inline] EAT @explorer.exe (CreateRemoteThread) : kernel32.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x19002791)
[Inline] EAT @explorer.exe (GetFileSizeEx) : kernel32.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x19003973)
[Inline] EAT @explorer.exe (MoveFileWithProgressW) : kernel32.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x19003687)
[Inline] EAT @explorer.exe (OpenMutexA) : kernel32.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x19002ACF)
[Inline] EAT @explorer.exe (OpenMutexW) : kernel32.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x190029AB)
[Inline] EAT @explorer.exe (TerminateThread) : kernel32.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x19001C9C)
[Inline] EAT @explorer.exe (WriteProcessMemory) : kernel32.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x19002D71)
[Inline] EAT @explorer.exe (CloseServiceHandle) : ADVAPI32.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x19002110)
[Inline] EAT @explorer.exe (ControlService) : ADVAPI32.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x19001FC2)
[Inline] EAT @explorer.exe (CreateServiceA) : ADVAPI32.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x1900253D)
[Inline] EAT @explorer.exe (CreateServiceW) : ADVAPI32.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x19002572)
[Inline] EAT @explorer.exe (OpenServiceA) : ADVAPI32.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x19001F94)
[Inline] EAT @explorer.exe (OpenServiceW) : ADVAPI32.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x19001FAB)
[Inline] EAT @explorer.exe (SetWindowsHookExA) : USER32.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x19001E47)
[Inline] EAT @explorer.exe (SetWindowsHookExW) : USER32.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x19001E63)
[Inline] EAT @explorer.exe (recv) : WS2_32.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x190025A7)
[Inline] EAT @explorer.exe (send) : WS2_32.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x1900269C)
[Inline] EAT @iexplore.exe (NtCreateProcess) : ntdll.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x1902E630)
[Inline] EAT @iexplore.exe (NtCreateProcessEx) : ntdll.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x1902E560)
[Inline] EAT @iexplore.exe (ZwCreateProcess) : ntdll.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x1902E630)
[Inline] EAT @iexplore.exe (ZwCreateProcessEx) : ntdll.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x1902E560)
[Inline] EAT @iexplore.exe (TerminateThread) : kernel32.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x19001C9C)
[Inline] EAT @iexplore.exe (CloseServiceHandle) : ADVAPI32.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x19002110)
[Inline] EAT @iexplore.exe (ControlService) : ADVAPI32.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x19001FC2)
[Inline] EAT @iexplore.exe (OpenServiceA) : ADVAPI32.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x19001F94)
[Inline] EAT @iexplore.exe (OpenServiceW) : ADVAPI32.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x19001FAB)
[Inline] EAT @iexplore.exe (WSAAsyncSelect) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x02C29E2B)
[Inline] EAT @iexplore.exe (WSAConnect) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x02C29CF5)
[Inline] EAT @iexplore.exe (WSAGetOverlappedResult) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x02C29B26)
[Inline] EAT @iexplore.exe (WSAIoctl) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x02C29ACE)
[Inline] EAT @iexplore.exe (WSARecv) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x02C29F21)
[Inline] EAT @iexplore.exe (WSARecvFrom) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x02C29E82)
[Inline] EAT @iexplore.exe (WSASend) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x02C2A07C)
[Inline] EAT @iexplore.exe (WSASendTo) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x02C29FC5)
[Inline] EAT @iexplore.exe (WSASocketW) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x02C29C79)
[Inline] EAT @iexplore.exe (closesocket) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x02C29C57)
[Inline] EAT @iexplore.exe (connect) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x02C29D9E)
[Inline] EAT @iexplore.exe (ioctlsocket) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x02C29B00)
[Inline] EAT @iexplore.exe (recv) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x02C2A29D)
[Inline] EAT @iexplore.exe (recvfrom) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x02C2A214)
[Inline] EAT @iexplore.exe (select) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x02C29BBD)
[Inline] EAT @iexplore.exe (send) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x02C2A1A4)
[Inline] EAT @iexplore.exe (sendto) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x02C2A121)
[Inline] EAT @iexplore.exe (NtCreateProcess) : ntdll.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x1902E630)
[Inline] EAT @iexplore.exe (NtCreateProcessEx) : ntdll.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x1902E560)
[Inline] EAT @iexplore.exe (ZwCreateProcess) : ntdll.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x1902E630)
[Inline] EAT @iexplore.exe (ZwCreateProcessEx) : ntdll.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x1902E560)
[Inline] EAT @iexplore.exe (TerminateThread) : kernel32.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x19001C9C)
[Inline] EAT @iexplore.exe (CloseServiceHandle) : ADVAPI32.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x19002110)
[Inline] EAT @iexplore.exe (ControlService) : ADVAPI32.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x19001FC2)
[Inline] EAT @iexplore.exe (OpenServiceA) : ADVAPI32.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x19001F94)
[Inline] EAT @iexplore.exe (OpenServiceW) : ADVAPI32.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x19001FAB)
[Inline] EAT @iexplore.exe (WSAAsyncSelect) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x072C9E2B)
[Inline] EAT @iexplore.exe (WSAConnect) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x072C9CF5)
[Inline] EAT @iexplore.exe (WSAGetOverlappedResult) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x072C9B26)
[Inline] EAT @iexplore.exe (WSAIoctl) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x072C9ACE)
[Inline] EAT @iexplore.exe (WSARecv) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x072C9F21)
[Inline] EAT @iexplore.exe (WSARecvFrom) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x072C9E82)
[Inline] EAT @iexplore.exe (WSASend) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x072CA07C)
[Inline] EAT @iexplore.exe (WSASendTo) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x072C9FC5)
[Inline] EAT @iexplore.exe (WSASocketW) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x072C9C79)
[Inline] EAT @iexplore.exe (closesocket) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x072C9C57)
[Inline] EAT @iexplore.exe (connect) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x072C9D9E)
[Inline] EAT @iexplore.exe (ioctlsocket) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x072C9B00)
[Inline] EAT @iexplore.exe (recv) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x072CA29D)
[Inline] EAT @iexplore.exe (recvfrom) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x072CA214)
[Inline] EAT @iexplore.exe (select) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x072C9BBD)
[Inline] EAT @iexplore.exe (send) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x072CA1A4)
[Inline] EAT @iexplore.exe (sendto) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x072CA121)
[Inline] EAT @iexplore.exe (NtCreateProcess) : ntdll.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x1902E630)
[Inline] EAT @iexplore.exe (NtCreateProcessEx) : ntdll.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x1902E560)
[Inline] EAT @iexplore.exe (ZwCreateProcess) : ntdll.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x1902E630)
[Inline] EAT @iexplore.exe (ZwCreateProcessEx) : ntdll.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x1902E560)
[Inline] EAT @iexplore.exe (TerminateThread) : kernel32.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x19001C9C)
[Inline] EAT @iexplore.exe (CloseServiceHandle) : ADVAPI32.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x19002110)
[Inline] EAT @iexplore.exe (ControlService) : ADVAPI32.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x19001FC2)
[Inline] EAT @iexplore.exe (OpenServiceA) : ADVAPI32.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x19001F94)
[Inline] EAT @iexplore.exe (OpenServiceW) : ADVAPI32.dll -> HOOKED (c:\program files\sfr\pack_securite\apps\computersecurity\hips\fshook32.dll @ 0x19001FAB)
[Inline] EAT @iexplore.exe (WSAAsyncSelect) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x07379E2B)
[Inline] EAT @iexplore.exe (WSAConnect) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x07379CF5)
[Inline] EAT @iexplore.exe (WSAGetOverlappedResult) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x07379B26)
[Inline] EAT @iexplore.exe (WSAIoctl) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x07379ACE)
[Inline] EAT @iexplore.exe (WSARecv) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x07379F21)
[Inline] EAT @iexplore.exe (WSARecvFrom) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x07379E82)
[Inline] EAT @iexplore.exe (WSASend) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x0737A07C)
[Inline] EAT @iexplore.exe (WSASendTo) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x07379FC5)
[Inline] EAT @iexplore.exe (WSASocketW) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x07379C79)
[Inline] EAT @iexplore.exe (closesocket) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x07379C57)
[Inline] EAT @iexplore.exe (connect) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x07379D9E)
[Inline] EAT @iexplore.exe (ioctlsocket) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x07379B00)
[Inline] EAT @iexplore.exe (recv) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x0737A29D)
[Inline] EAT @iexplore.exe (recvfrom) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x0737A214)
[Inline] EAT @iexplore.exe (select) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x07379BBD)
[Inline] EAT @iexplore.exe (send) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x0737A1A4)
[Inline] EAT @iexplore.exe (sendto) : ws2_32.dll -> HOOKED (C:\Program Files\SFR\Pack_Securite\apps\CCF_Scanning\fs_ccf_ni_umh32.dll @ 0x0737A121)
¤¤¤ Ruches Externes: ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
127.0.0.1 localhost
¤¤¤ MBR Verif: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD5000AADS-00S9B0 +++++
--- User ---
[MBR] 7fbee3490a8103877b465cc2dca7cc7c
[BSP] 5ef5bb21ce8049d6ecab6fb9761b8413 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 99998 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 204796620 | Size: 376931 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Termine : << RKreport[0]_S_02092014_205404.txt >>
RKreport[0]_D_02092014_205304.txt;RKreport[0]_S_02092014_201216.txt