Publicité
Publicité
Format du document : text/plain
Prévisualisation
RogueKiller V8.5.1 [Feb 20 2013] par Tigzy
mail : tigzyRKgmailcom
Remontees : http://www.sur-la-toile.com/discussion-193725-1--RogueKiller-Remontees.html
Site Web : http://www.sur-la-toile.com/RogueKiller/
Blog : http://tigzyrk.blogspot.com/
Systeme d'exploitation : (4.0.950 ) 32 bits version
Demarrage : Mode normal
Utilisateur : FILLOZ [Droits d'admin]
Mode : Recherche -- Date : 20/02/2013 21:32:56
| ARK || FAK || MBR |
¤¤¤ Processus malicieux : 0 ¤¤¤
¤¤¤ Entrees de registre : 2 ¤¤¤
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowRecentDocs (0) -> TROUVÉ
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> TROUVÉ
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver : [CHARGE] ¤¤¤
SSDT[17] : NtAllocateVirtualMemory @ 0x80570BC5 -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CDFB2)
SSDT[19] : NtAssignProcessToJobObject @ 0x805E1DDB -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CEA76)
SSDT[25] : NtClose @ 0x8056F8D7 -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38D1972)
SSDT[31] : NtConnectPort @ 0x80590C5B -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38D01F2)
SSDT[37] : NtCreateFile @ 0x80573DFB -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CF740)
SSDT[41] : NtCreateKey @ 0x80578ABE -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38D08EA)
SSDT[47] : NtCreateProcess @ 0x805B7BF5 -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CECCC)
SSDT[48] : NtCreateProcessEx @ 0x8058B7F4 -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CED82)
SSDT[50] : NtCreateSection @ 0x8056DB66 -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CF06A)
SSDT[53] : NtCreateThread @ 0x805860C0 -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CD922)
SSDT[66] : NtDeviceIoControlFile @ 0x80588ABD -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38D0A5A)
SSDT[68] : NtDuplicateObject @ 0x8057DDAF -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38D4D3A)
SSDT[84] : NtFsControlFile @ 0x80582287 -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38D0D12)
SSDT[97] : NtLoadDriver @ 0x805B06F6 -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CE428)
SSDT[105] : NtMakeTemporaryObject @ 0x805E0BF1 -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38D170E)
SSDT[116] : NtOpenFile @ 0x80579E8D -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CF538)
SSDT[122] : NtOpenProcess @ 0x8057BB80 -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38D4792)
SSDT[125] : NtOpenSection @ 0x8057B96A -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CEE3C)
SSDT[128] : NtOpenThread @ 0x80596A0F -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38D4A42)
SSDT[137] : NtProtectVirtualMemory @ 0x80582621 -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CDE36)
SSDT[180] : NtQueueApcThread @ 0x8059A8E8 -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CEB9E)
SSDT[193] : NtReplaceKey @ 0x8065724C -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38D155C)
SSDT[199] : NtRequestPort @ 0x805E6AD1 -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38D0360)
SSDT[200] : NtRequestWaitReplyPort @ 0x8057D89E -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CFCF4)
SSDT[204] : NtRestoreKey @ 0x80656DE1 -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38D15E6)
SSDT[210] : NtSecureConnectPort @ 0x80587C11 -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38D077A)
SSDT[213] : NtSetContextThread @ 0x8063628D -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CDA92)
SSDT[237] : NtSetSecurityObject @ 0x8059EC29 -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38D14B6)
SSDT[240] : NtSetSystemInformation @ 0x805B2328 -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CE618)
SSDT[249] : NtShutdownSystem @ 0x8064F327 -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38D1678)
SSDT[253] : NtSuspendProcess @ 0x80637B6B -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CDD0E)
SSDT[254] : NtSuspendThread @ 0x80637A87 -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CDBE8)
SSDT[255] : NtSystemDebugControl @ 0x80651B27 -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CE9A8)
SSDT[257] : NtTerminateProcess @ 0x8058E6B9 -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38D468A)
SSDT[258] : NtTerminateThread @ 0x80582DDA -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38D4F2C)
SSDT[262] : NtUnloadDriver @ 0x80624BAC -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38D17A4)
SSDT[277] : NtWriteVirtualMemory @ 0x805873F6 -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CD7A6)
S_SSDT[307] : Unknown -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CD38E)
S_SSDT[322] : Unknown -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CD596)
S_SSDT[323] : Unknown -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CD4E8)
S_SSDT[347] : Unknown -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CD2F4)
S_SSDT[383] : Unknown -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CD290)
S_SSDT[414] : Unknown -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CD122)
S_SSDT[416] : Unknown -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CD0BE)
S_SSDT[460] : Unknown -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CCDC8)
S_SSDT[475] : Unknown -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CCBCE)
S_SSDT[476] : Unknown -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CCC4E)
S_SSDT[491] : Unknown -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CCE50)
S_SSDT[502] : Unknown -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CCB7C)
S_SSDT[549] : Unknown -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CC252)
S_SSDT[552] : Unknown -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CC6E0)
¤¤¤ Fichier HOSTS: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
¤¤¤ MBR Verif: ¤¤¤
+++++ PhysicalDrive0: WDC WD2500AAJS-00VTA0 +++++
--- User ---
[MBR] e75248b2bab80d75889ace968b16952c
[BSP] c5ffd4b680d2b70a9efb22301a50a409 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 238464 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Termine : << RKreport[1]_S_20022013_213256.txt >>
RKreport[1]_S_20022013_213256.txt
mail : tigzyRK
Remontees : http://www.sur-la-toile.com/discussion-193725-1--RogueKiller-Remontees.html
Site Web : http://www.sur-la-toile.com/RogueKiller/
Blog : http://tigzyrk.blogspot.com/
Systeme d'exploitation : (4.0.950 ) 32 bits version
Demarrage : Mode normal
Utilisateur : FILLOZ [Droits d'admin]
Mode : Recherche -- Date : 20/02/2013 21:32:56
| ARK || FAK || MBR |
¤¤¤ Processus malicieux : 0 ¤¤¤
¤¤¤ Entrees de registre : 2 ¤¤¤
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowRecentDocs (0) -> TROUVÉ
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> TROUVÉ
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver : [CHARGE] ¤¤¤
SSDT[17] : NtAllocateVirtualMemory @ 0x80570BC5 -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CDFB2)
SSDT[19] : NtAssignProcessToJobObject @ 0x805E1DDB -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CEA76)
SSDT[25] : NtClose @ 0x8056F8D7 -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38D1972)
SSDT[31] : NtConnectPort @ 0x80590C5B -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38D01F2)
SSDT[37] : NtCreateFile @ 0x80573DFB -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CF740)
SSDT[41] : NtCreateKey @ 0x80578ABE -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38D08EA)
SSDT[47] : NtCreateProcess @ 0x805B7BF5 -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CECCC)
SSDT[48] : NtCreateProcessEx @ 0x8058B7F4 -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CED82)
SSDT[50] : NtCreateSection @ 0x8056DB66 -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CF06A)
SSDT[53] : NtCreateThread @ 0x805860C0 -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CD922)
SSDT[66] : NtDeviceIoControlFile @ 0x80588ABD -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38D0A5A)
SSDT[68] : NtDuplicateObject @ 0x8057DDAF -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38D4D3A)
SSDT[84] : NtFsControlFile @ 0x80582287 -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38D0D12)
SSDT[97] : NtLoadDriver @ 0x805B06F6 -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CE428)
SSDT[105] : NtMakeTemporaryObject @ 0x805E0BF1 -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38D170E)
SSDT[116] : NtOpenFile @ 0x80579E8D -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CF538)
SSDT[122] : NtOpenProcess @ 0x8057BB80 -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38D4792)
SSDT[125] : NtOpenSection @ 0x8057B96A -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CEE3C)
SSDT[128] : NtOpenThread @ 0x80596A0F -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38D4A42)
SSDT[137] : NtProtectVirtualMemory @ 0x80582621 -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CDE36)
SSDT[180] : NtQueueApcThread @ 0x8059A8E8 -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CEB9E)
SSDT[193] : NtReplaceKey @ 0x8065724C -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38D155C)
SSDT[199] : NtRequestPort @ 0x805E6AD1 -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38D0360)
SSDT[200] : NtRequestWaitReplyPort @ 0x8057D89E -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CFCF4)
SSDT[204] : NtRestoreKey @ 0x80656DE1 -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38D15E6)
SSDT[210] : NtSecureConnectPort @ 0x80587C11 -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38D077A)
SSDT[213] : NtSetContextThread @ 0x8063628D -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CDA92)
SSDT[237] : NtSetSecurityObject @ 0x8059EC29 -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38D14B6)
SSDT[240] : NtSetSystemInformation @ 0x805B2328 -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CE618)
SSDT[249] : NtShutdownSystem @ 0x8064F327 -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38D1678)
SSDT[253] : NtSuspendProcess @ 0x80637B6B -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CDD0E)
SSDT[254] : NtSuspendThread @ 0x80637A87 -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CDBE8)
SSDT[255] : NtSystemDebugControl @ 0x80651B27 -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CE9A8)
SSDT[257] : NtTerminateProcess @ 0x8058E6B9 -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38D468A)
SSDT[258] : NtTerminateThread @ 0x80582DDA -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38D4F2C)
SSDT[262] : NtUnloadDriver @ 0x80624BAC -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38D17A4)
SSDT[277] : NtWriteVirtualMemory @ 0x805873F6 -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CD7A6)
S_SSDT[307] : Unknown -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CD38E)
S_SSDT[322] : Unknown -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CD596)
S_SSDT[323] : Unknown -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CD4E8)
S_SSDT[347] : Unknown -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CD2F4)
S_SSDT[383] : Unknown -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CD290)
S_SSDT[414] : Unknown -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CD122)
S_SSDT[416] : Unknown -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CD0BE)
S_SSDT[460] : Unknown -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CCDC8)
S_SSDT[475] : Unknown -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CCBCE)
S_SSDT[476] : Unknown -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CCC4E)
S_SSDT[491] : Unknown -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CCE50)
S_SSDT[502] : Unknown -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CCB7C)
S_SSDT[549] : Unknown -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CC252)
S_SSDT[552] : Unknown -> HOOKED (\??\C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys @ 0xF38CC6E0)
¤¤¤ Fichier HOSTS: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
¤¤¤ MBR Verif: ¤¤¤
+++++ PhysicalDrive0: WDC WD2500AAJS-00VTA0 +++++
--- User ---
[MBR] e75248b2bab80d75889ace968b16952c
[BSP] c5ffd4b680d2b70a9efb22301a50a409 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 238464 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Termine : << RKreport[1]_S_20022013_213256.txt >>
RKreport[1]_S_20022013_213256.txt