Publicité
Publicité
Format du document : text/x-log
Prévisualisation
RogueKiller V9.0.2.0 [Jun 3 2014] par Adlice Software
Mail : http://www.adlice.com/contact/
Remontées : http://forum.adlice.com
Site Web : http://www.surlatoile.org/RogueKiller/
Blog : http://www.adlice.com
Système d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Démarrage : Mode normal
Utilisateur : jean-marcel [Droits d'admin]
Mode : Recherche -- Date : 06/09/2014 12:28:21
¤¤¤ Processus malicieux : 0 ¤¤¤
¤¤¤ Entrées de registre : 0 ¤¤¤
¤¤¤ Tâches planifiées : 0 ¤¤¤
¤¤¤ Fichiers : 0 ¤¤¤
¤¤¤ Fichier HOSTS : 1 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost
¤¤¤ Antirootkit : 42 ¤¤¤
[SSDT:Addr] NtAlertResumeThread[13] : Unknown @ 0x8693f258
[SSDT:Addr] NtAlertThread[14] : Unknown @ 0x8693f2f0
[SSDT:Addr] NtAllocateVirtualMemory[19] : Unknown @ 0x8692d4e0
[SSDT:Addr] NtAlpcConnectPort[22] : Unknown @ 0x86857108
[SSDT:Addr] NtAssignProcessToJobObject[43] : Unknown @ 0x869400d0
[SSDT:Addr] NtCreateMutant[74] : Unknown @ 0x86940480
[SSDT:Addr] NtCreateSymbolicLinkObject[86] : Unknown @ 0x869414a8
[SSDT:Addr] NtCreateThread[87] : Unknown @ 0x8692d720
[SSDT:Addr] NtCreateThreadEx[88] : Unknown @ 0x86941550
[SSDT:Addr] NtDebugActiveProcess[96] : Unknown @ 0x86940168
[SSDT:Addr] NtDuplicateObject[111] : Unknown @ 0x8692d5c8
[SSDT:Addr] NtFreeVirtualMemory[131] : Unknown @ 0x8692d370
[SSDT:Addr] NtImpersonateAnonymousToken[145] : Unknown @ 0x86940008
[SSDT:Addr] NtImpersonateThread[147] : Unknown @ 0x8693f1c0
[SSDT:Addr] NtLoadDriver[155] : Unknown @ 0x86857090
[SSDT:Addr] NtMapViewOfSection[168] : Unknown @ 0x8692d2b8
[SSDT:Addr] NtOpenEvent[177] : Unknown @ 0x869403e8
[SSDT:Addr] NtOpenProcess[190] : Unknown @ 0x8692c898
[SSDT:Addr] NtOpenProcessToken[191] : Unknown @ 0x8692c080
[SSDT:Addr] NtOpenSection[194] : Unknown @ 0x869402b8
[SSDT:Addr] NtOpenThread[198] : Unknown @ 0x8692dd58
[SSDT:Addr] NtProtectVirtualMemory[215] : Unknown @ 0x86941008
[SSDT:Addr] NtResumeThread[304] : Unknown @ 0x8693f388
[SSDT:Addr] NtSetContextThread[316] : Unknown @ 0x8693f550
[SSDT:Addr] NtSetInformationProcess[333] : Unknown @ 0x8693f5e8
[SSDT:Addr] NtSetSystemInformation[350] : Unknown @ 0x86940200
[SSDT:Addr] NtSuspendProcess[366] : Unknown @ 0x86940350
[SSDT:Addr] NtSuspendThread[367] : Unknown @ 0x8693f420
[SSDT:Addr] NtTerminateProcess[370] : Unknown @ 0x8692dbf0
[SSDT:Addr] NtTerminateThread[371] : Unknown @ 0x8693f4b8
[SSDT:Addr] NtUnmapViewOfSection[385] : Unknown @ 0x8692d220
[SSDT:Addr] NtWriteVirtualMemory[399] : Unknown @ 0x8692d418
[ShwSSDT:Addr] NtUserAttachThreadInput[318] : Unknown @ 0x8777eb38
[ShwSSDT:Addr] NtUserGetAsyncKeyState[402] : Unknown @ 0x8776b348
[ShwSSDT:Addr] NtUserGetKeyboardState[434] : Unknown @ 0x87759d10
[ShwSSDT:Addr] NtUserGetKeyState[436] : Unknown @ 0x87771208
[ShwSSDT:Addr] NtUserGetRawInputData[448] : Unknown @ 0x877850b0
[ShwSSDT:Addr] NtUserMessageCall[490] : Unknown @ 0x876def18
[ShwSSDT:Addr] NtUserPostMessage[508] : Unknown @ 0x871a9d68
[ShwSSDT:Addr] NtUserPostThreadMessage[509] : Unknown @ 0x87781c78
[ShwSSDT:Addr] NtUserSetWindowsHookEx[585] : Unknown @ 0x8773c0b0
[ShwSSDT:Addr] NtUserSetWinEventHook[588] : Unknown @ 0x87763590
¤¤¤ Navigateurs web : 0 ¤¤¤
¤¤¤ MBR Verif : ¤¤¤
+++++ PhysicalDrive0: ST3320820AS ATA Device +++++
--- User ---
[MBR] 87963cd9076676c520c13d189901bf94
[BSP] 331549f47ce008f29bf8f7fc3ee375f2 : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 63 | Size: 8197 MB
1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 16787925 | Size: 297047 MB
User = LL1 ... OK
User = LL2 ... OK
+++++ PhysicalDrive1: Lexar USB Flash Drive USB Device +++++
--- User ---
[MBR] 60fba36cf2e762f7b256841f6b7e0f3e
[BSP] 33a07a59d299ab4ea9f4ab0156f9d86f : Windows XP MBR Code
Partition table:
0 - [ACTIVE] FAT32 (0xb) [VISIBLE] Offset (sectors): 80 | Size: 7647 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )
============================================
RKreport_DEL_05292014_183055.log - RKreport_DEL_05302014_150406.log - RKreport_DEL_06022014_073913.log - RKreport_DEL_06052014_091256.log
RKreport_DEL_06072014_140822.log - RKreport_DEL_06082014_102120.log - RKreport_DEL_06082014_104848.log - RKreport_DEL_06082014_183749.log
RKreport_DEL_06082014_213645.log - RKreport_SCN_05292014_182816.log - RKreport_SCN_05302014_150312.log - RKreport_SCN_06022014_073636.log
RKreport_SCN_06042014_201947.log - RKreport_SCN_06052014_091226.log - RKreport_SCN_06052014_204512.log - RKreport_SCN_06052014_210633.log
RKreport_SCN_06072014_140653.log - RKreport_SCN_06072014_142556.log - RKreport_SCN_06082014_102054.log - RKreport_SCN_06082014_104757.log
RKreport_SCN_06082014_183720.log - RKreport_SCN_06082014_213621.log - RKreport_SCN_06092014_071509.log
Mail : http://www.adlice.com/contact/
Remontées : http://forum.adlice.com
Site Web : http://www.surlatoile.org/RogueKiller/
Blog : http://www.adlice.com
Système d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Démarrage : Mode normal
Utilisateur : jean-marcel [Droits d'admin]
Mode : Recherche -- Date : 06/09/2014 12:28:21
¤¤¤ Processus malicieux : 0 ¤¤¤
¤¤¤ Entrées de registre : 0 ¤¤¤
¤¤¤ Tâches planifiées : 0 ¤¤¤
¤¤¤ Fichiers : 0 ¤¤¤
¤¤¤ Fichier HOSTS : 1 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost
¤¤¤ Antirootkit : 42 ¤¤¤
[SSDT:Addr] NtAlertResumeThread[13] : Unknown @ 0x8693f258
[SSDT:Addr] NtAlertThread[14] : Unknown @ 0x8693f2f0
[SSDT:Addr] NtAllocateVirtualMemory[19] : Unknown @ 0x8692d4e0
[SSDT:Addr] NtAlpcConnectPort[22] : Unknown @ 0x86857108
[SSDT:Addr] NtAssignProcessToJobObject[43] : Unknown @ 0x869400d0
[SSDT:Addr] NtCreateMutant[74] : Unknown @ 0x86940480
[SSDT:Addr] NtCreateSymbolicLinkObject[86] : Unknown @ 0x869414a8
[SSDT:Addr] NtCreateThread[87] : Unknown @ 0x8692d720
[SSDT:Addr] NtCreateThreadEx[88] : Unknown @ 0x86941550
[SSDT:Addr] NtDebugActiveProcess[96] : Unknown @ 0x86940168
[SSDT:Addr] NtDuplicateObject[111] : Unknown @ 0x8692d5c8
[SSDT:Addr] NtFreeVirtualMemory[131] : Unknown @ 0x8692d370
[SSDT:Addr] NtImpersonateAnonymousToken[145] : Unknown @ 0x86940008
[SSDT:Addr] NtImpersonateThread[147] : Unknown @ 0x8693f1c0
[SSDT:Addr] NtLoadDriver[155] : Unknown @ 0x86857090
[SSDT:Addr] NtMapViewOfSection[168] : Unknown @ 0x8692d2b8
[SSDT:Addr] NtOpenEvent[177] : Unknown @ 0x869403e8
[SSDT:Addr] NtOpenProcess[190] : Unknown @ 0x8692c898
[SSDT:Addr] NtOpenProcessToken[191] : Unknown @ 0x8692c080
[SSDT:Addr] NtOpenSection[194] : Unknown @ 0x869402b8
[SSDT:Addr] NtOpenThread[198] : Unknown @ 0x8692dd58
[SSDT:Addr] NtProtectVirtualMemory[215] : Unknown @ 0x86941008
[SSDT:Addr] NtResumeThread[304] : Unknown @ 0x8693f388
[SSDT:Addr] NtSetContextThread[316] : Unknown @ 0x8693f550
[SSDT:Addr] NtSetInformationProcess[333] : Unknown @ 0x8693f5e8
[SSDT:Addr] NtSetSystemInformation[350] : Unknown @ 0x86940200
[SSDT:Addr] NtSuspendProcess[366] : Unknown @ 0x86940350
[SSDT:Addr] NtSuspendThread[367] : Unknown @ 0x8693f420
[SSDT:Addr] NtTerminateProcess[370] : Unknown @ 0x8692dbf0
[SSDT:Addr] NtTerminateThread[371] : Unknown @ 0x8693f4b8
[SSDT:Addr] NtUnmapViewOfSection[385] : Unknown @ 0x8692d220
[SSDT:Addr] NtWriteVirtualMemory[399] : Unknown @ 0x8692d418
[ShwSSDT:Addr] NtUserAttachThreadInput[318] : Unknown @ 0x8777eb38
[ShwSSDT:Addr] NtUserGetAsyncKeyState[402] : Unknown @ 0x8776b348
[ShwSSDT:Addr] NtUserGetKeyboardState[434] : Unknown @ 0x87759d10
[ShwSSDT:Addr] NtUserGetKeyState[436] : Unknown @ 0x87771208
[ShwSSDT:Addr] NtUserGetRawInputData[448] : Unknown @ 0x877850b0
[ShwSSDT:Addr] NtUserMessageCall[490] : Unknown @ 0x876def18
[ShwSSDT:Addr] NtUserPostMessage[508] : Unknown @ 0x871a9d68
[ShwSSDT:Addr] NtUserPostThreadMessage[509] : Unknown @ 0x87781c78
[ShwSSDT:Addr] NtUserSetWindowsHookEx[585] : Unknown @ 0x8773c0b0
[ShwSSDT:Addr] NtUserSetWinEventHook[588] : Unknown @ 0x87763590
¤¤¤ Navigateurs web : 0 ¤¤¤
¤¤¤ MBR Verif : ¤¤¤
+++++ PhysicalDrive0: ST3320820AS ATA Device +++++
--- User ---
[MBR] 87963cd9076676c520c13d189901bf94
[BSP] 331549f47ce008f29bf8f7fc3ee375f2 : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 63 | Size: 8197 MB
1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 16787925 | Size: 297047 MB
User = LL1 ... OK
User = LL2 ... OK
+++++ PhysicalDrive1: Lexar USB Flash Drive USB Device +++++
--- User ---
[MBR] 60fba36cf2e762f7b256841f6b7e0f3e
[BSP] 33a07a59d299ab4ea9f4ab0156f9d86f : Windows XP MBR Code
Partition table:
0 - [ACTIVE] FAT32 (0xb) [VISIBLE] Offset (sectors): 80 | Size: 7647 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )
============================================
RKreport_DEL_05292014_183055.log - RKreport_DEL_05302014_150406.log - RKreport_DEL_06022014_073913.log - RKreport_DEL_06052014_091256.log
RKreport_DEL_06072014_140822.log - RKreport_DEL_06082014_102120.log - RKreport_DEL_06082014_104848.log - RKreport_DEL_06082014_183749.log
RKreport_DEL_06082014_213645.log - RKreport_SCN_05292014_182816.log - RKreport_SCN_05302014_150312.log - RKreport_SCN_06022014_073636.log
RKreport_SCN_06042014_201947.log - RKreport_SCN_06052014_091226.log - RKreport_SCN_06052014_204512.log - RKreport_SCN_06052014_210633.log
RKreport_SCN_06072014_140653.log - RKreport_SCN_06072014_142556.log - RKreport_SCN_06082014_102054.log - RKreport_SCN_06082014_104757.log
RKreport_SCN_06082014_183720.log - RKreport_SCN_06082014_213621.log - RKreport_SCN_06092014_071509.log