ROOTKIT ENNEMI OU PAS?
Résolu
CALME4
Messages postés
128
Date d'inscription
Statut
Membre
Dernière intervention
-
CALME4 Messages postés 128 Date d'inscription Statut Membre Dernière intervention -
CALME4 Messages postés 128 Date d'inscription Statut Membre Dernière intervention -
Bonjour, je viens de télécharger McAfee rootkit detective je ne sais pas si je doit supprimer quelque chose ou pas, voici le rapport
McAfee(R) Rootkit Detective 1.1 scan report
On 06-01-2009 at 19:15:50
OS-Version 5.1.2600
Service Pack 3.0
====================================
Object-Type: SSDT-hook
Object-Name: ZwAlertResumeThread
Object-Path: (NULL)
Object-Type: SSDT-hook
Object-Name: ZwAlertThread
Object-Path: (NULL)
Object-Type: SSDT-hook
Object-Name: ZwAllocateVirtualMemory
Object-Path: (NULL)
Object-Type: SSDT-hook
Object-Name: ZwConnectPort
Object-Path: (NULL)
Object-Type: SSDT-hook
Object-Name: ZwCreateKey
Object-Path: C:\WINDOWS\system32\drivers\SYMEVENT.SYS
Object-Type: SSDT-hook
Object-Name: ZwCreateMutant
Object-Path: (NULL)
Object-Type: SSDT-hook
Object-Name: ZwCreateThread
Object-Path: (NULL)
Object-Type: SSDT-hook
Object-Name: ZwDebugActiveProcess
Object-Path: (NULL)
Object-Type: SSDT-hook
Object-Name: ZwDeleteKey
Object-Path: C:\WINDOWS\system32\drivers\SYMEVENT.SYS
Object-Type: SSDT-hook
Object-Name: ZwDeleteValueKey
Object-Path: C:\WINDOWS\system32\drivers\SYMEVENT.SYS
Object-Type: SSDT-hook
Object-Name: ZwFreeVirtualMemory
Object-Path: (NULL)
Object-Type: SSDT-hook
Object-Name: ZwImpersonateAnonymousToken
Object-Path: (NULL)
Object-Type: SSDT-hook
Object-Name: ZwImpersonateThread
Object-Path: (NULL)
Object-Type: SSDT-hook
Object-Name: ZwMapViewOfSection
Object-Path: (NULL)
Object-Type: SSDT-hook
Object-Name: ZwOpenEvent
Object-Path: (NULL)
Object-Type: SSDT-hook
Object-Name: ZwOpenProcessToken
Object-Path: (NULL)
Object-Type: SSDT-hook
Object-Name: ZwOpenSection
Object-Path: (NULL)
Object-Type: SSDT-hook
Object-Name: ZwOpenThreadToken
Object-Path: (NULL)
Object-Type: SSDT-hook
Object-Name: ZwResumeThread
Object-Path: (NULL)
Object-Type: SSDT-hook
Object-Name: ZwSetContextThread
Object-Path: (NULL)
Object-Type: SSDT-hook
Object-Name: ZwSetInformationProcess
Object-Path: (NULL)
Object-Type: SSDT-hook
Object-Name: ZwSetInformationThread
Object-Path: (NULL)
Object-Type: SSDT-hook
Object-Name: ZwSetValueKey
Object-Path: C:\WINDOWS\system32\drivers\SYMEVENT.SYS
Object-Type: SSDT-hook
Object-Name: ZwSuspendProcess
Object-Path: (NULL)
Object-Type: SSDT-hook
Object-Name: ZwSuspendThread
Object-Path: (NULL)
Object-Type: SSDT-hook
Object-Name: ZwTerminateProcess
Object-Path: C:\WINDOWS\system32\drivers\CO_Mon.sys
Object-Type: SSDT-hook
Object-Name: ZwTerminateThread
Object-Path: (NULL)
Object-Type: SSDT-hook
Object-Name: ZwUnmapViewOfSection
Object-Path: (NULL)
Object-Type: SSDT-hook
Object-Name: ZwWriteVirtualMemory
Object-Path: (NULL)
Object-Type: Process
Object-Name: lsass.exe
Pid: 1332
Object-Path: C:\WINDOWS\system32\lsass.exe
Status: Visible
Object-Type: Process
Object-Name: QLBCTRL.exe
Pid: 960
Object-Path: C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
Status: Visible
Object-Type: Process
Object-Name: wdfmgr.exe
Pid: 3192
Object-Path: C:\WINDOWS\system32\wdfmgr.exe
Status: Visible
Object-Type: Process
Object-Name: System Idle Process
Pid: 0
Object-Path:
Status: Visible
Object-Type: Process
Object-Name: spoolsv.exe
Pid: 620
Object-Path: C:\WINDOWS\system32\spoolsv.exe
Status: Visible
Object-Type: Process
Object-Name: AGRSMMSG.exe
Pid: 1148
Object-Path: C:\WINDOWS\AGRSMMSG.exe
Status: Visible
Object-Type: Process
Object-Name: dllhost.exe
Pid: 312
Object-Path: C:\WINDOWS\system32\DllHost.exe
Status: Visible
Object-Type: Process
Object-Name: CCSVCHST.EXE
Pid: 1428
Object-Path: C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
Status: Visible
Object-Type: Process
Object-Name: alg.exe
Pid: 2792
Object-Path: C:\WINDOWS\System32\alg.exe
Status: Visible
Object-Type: Process
Object-Name: svchost.exe
Pid: 1708
Object-Path: C:\WINDOWS\system32\svchost.exe
Status: Visible
Object-Type: Process
Object-Name: explorer.exe
Pid: 964
Object-Path: C:\WINDOWS\Explorer.EXE
Status: Visible
Object-Type: Process
Object-Name: BTTray.exe
Pid: 1956
Object-Path: C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe
Status: Visible
Object-Type: Process
Object-Name: System
Pid: 4
Object-Path:
Status: Visible
Object-Type: Process
Object-Name: svchost.exe
Pid: 1616
Object-Path: C:\WINDOWS\System32\svchost.exe
Status: Visible
Object-Type: Process
Object-Name: winlogon.exe
Pid: 1276
Object-Path: C:\WINDOWS\system32\winlogon.exe
Status: Visible
Object-Type: Process
Object-Name: btwdins.exe
Pid: 2392
Object-Path: C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
Status: Visible
Object-Type: Process
Object-Name: MDM.EXE
Pid: 2672
Object-Path: C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
Status: Visible
Object-Type: File/Folder
Object-Name: 0B1CC7BF.TMP
Pid: n/a
Object-Path: C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtETmp\0B1CC7BF.TMP
Status: Hidden
Object-Type: Process
Object-Name: csrss.exe
Pid: 1248
Object-Path: C:\WINDOWS\system32\csrss.exe
Status: Visible
Object-Type: Process
Object-Name: igfxpers.exe
Pid: 164
Object-Path: C:\WINDOWS\system32\igfxpers.exe
Status: Visible
Object-Type: Process
Object-Name: AluSchedulerSvc
Pid: 2304
Object-Path: C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
Status: Visible
Object-Type: Process
Object-Name: asghost.exe
Pid: 632
Object-Path: C:\Program Files\HPQ\IAM\bin\asghost.exe
Status: Visible
Object-Type: Process
Object-Name: ctfmon.exe
Pid: 1128
Object-Path: C:\WINDOWS\system32\ctfmon.exe
Status: Visible
Object-Type: Process
Object-Name: LSSrvc.exe
Pid: 2492
Object-Path: C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
Status: Visible
Object-Type: Process
Object-Name: HPQTOA~1.EXE
Pid: 2120
Object-Path: C:\PROGRA~1\hpq\Shared\HPQTOA~1.EXE
Status: Visible
Object-Type: Process
Object-Name: smss.exe
Pid: 1160
Object-Path: C:\WINDOWS\System32\smss.exe
Status: Visible
Object-Type: Process
Object-Name: BTStackServer.e
Pid: 2772
Object-Path: C:\PROGRA~1\WIDCOMM\LOGICI~1\BTSTAC~1.EXE
Status: Visible
Object-Type: Process
Object-Name: hpqwmiex.exe
Pid: 3392
Object-Path: C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
Status: Visible
Object-Type: File/Folder
Object-Name: PRELOAD
Pid: n/a
Object-Path: C:\System Recovery\PRELOAD
Status: Hidden
Object-Type: Process
Object-Name: jqs.exe
Pid: 2432
Object-Path: C:\Program Files\Java\jre6\bin\jqs.exe
Status: Visible
Object-Type: Process
Object-Name: DLACTRLW.EXE
Pid: 140
Object-Path: C:\WINDOWS\System32\DLA\DLACTRLW.EXE
Status: Visible
Object-Type: Process
Object-Name: hkcmd.exe
Pid: 1008
Object-Path: C:\WINDOWS\system32\hkcmd.exe
Status: Visible
Object-Type: Process
Object-Name: firefox.exe
Pid: 3860
Object-Path: C:\Program Files\Mozilla Firefox\firefox.exe
Status: Visible
Object-Type: Process
Object-Name: agrsmsvc.exe
Pid: 2280
Object-Path: C:\WINDOWS\system32\agrsmsvc.exe
Status: Visible
Object-Type: Process
Object-Name: services.exe
Pid: 1320
Object-Path: C:\WINDOWS\system32\services.exe
Status: Visible
Object-Type: Process
Object-Name: SynTPEnh.exe
Pid: 1692
Object-Path: C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Status: Visible
Object-Type: Process
Object-Name: Scheduler.exe
Pid: 1940
Object-Path: C:\WINDOWS\SMINST\Scheduler.exe
Status: Visible
Object-Type: Process
Object-Name: DVDCheck.exe
Pid: 1972
Object-Path: C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
Status: Visible
Object-Type: Process
Object-Name: wmiapsrv.exe
Pid: 2964
Object-Path: C:\WINDOWS\system32\wbem\wmiapsrv.exe
Status: Visible
Object-Type: Process
Object-Name: symlcsvc.exe
Pid: 3956
Object-Path: C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe
Status: Visible
Object-Type: Process
Object-Name: svchost.exe
Pid: 1508
Object-Path: C:\WINDOWS\system32\svchost.exe
Status: Visible
Object-Type: Process
Object-Name: wmiprvse.exe
Pid: 1756
Object-Path: C:\WINDOWS\system32\wbem\wmiprvse.exe
Status: Visible
Object-Type: Process
Object-Name: smax4pnp.exe
Pid: 1076
Object-Path: C:\Program Files\Analog Devices\Core\smax4pnp.exe
Status: Visible
Object-Type: File/Folder
Object-Name: MASTER.LOG
Pid: n/a
Object-Path: C:\System Recovery\MASTER.LOG
Status: Hidden
Object-Type: Process
Object-Name: CCSVCHST.EXE
Pid: 180
Object-Path: C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
Status: Visible
Object-Type: Process
Object-Name: svchost.exe
Pid: 1576
Object-Path: C:\WINDOWS\system32\svchost.exe
Status: Visible
Object-Type: Process
Object-Name: HP Wireless Ass
Pid: 1732
Object-Path: C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
Status: Visible
Object-Type: Process
Object-Name: igfxsrvc.exe
Pid: 1640
Object-Path: C:\WINDOWS\system32\igfxsrvc.exe
Status: Visible
Object-Type: Process
Object-Name: svchost.exe
Pid: 1796
Object-Path: C:\WINDOWS\system32\svchost.exe
Status: Visible
Object-Type: Process
Object-Name: svchost.exe
Pid: 2292
Object-Path: C:\WINDOWS\System32\svchost.exe
Status: Visible
Object-Type: Process
Object-Name: svchost.exe
Pid: 2912
Object-Path: C:\WINDOWS\System32\svchost.exe
Status: Visible
Object-Type: Process
Object-Name: Rootkit_Detecti
Pid: 2788
Object-Path: C:\Documents and Settings\Administrateur\Bureau\McafeeRootkitDetective\Rootkit_Detective.exe
Status: Visible
Scan complete. Found hidden Processes and Files: 3 .
Total files scanned: 53161
McAfee(R) Rootkit Detective 1.1 scan report
On 06-01-2009 at 19:15:50
OS-Version 5.1.2600
Service Pack 3.0
====================================
Object-Type: SSDT-hook
Object-Name: ZwAlertResumeThread
Object-Path: (NULL)
Object-Type: SSDT-hook
Object-Name: ZwAlertThread
Object-Path: (NULL)
Object-Type: SSDT-hook
Object-Name: ZwAllocateVirtualMemory
Object-Path: (NULL)
Object-Type: SSDT-hook
Object-Name: ZwConnectPort
Object-Path: (NULL)
Object-Type: SSDT-hook
Object-Name: ZwCreateKey
Object-Path: C:\WINDOWS\system32\drivers\SYMEVENT.SYS
Object-Type: SSDT-hook
Object-Name: ZwCreateMutant
Object-Path: (NULL)
Object-Type: SSDT-hook
Object-Name: ZwCreateThread
Object-Path: (NULL)
Object-Type: SSDT-hook
Object-Name: ZwDebugActiveProcess
Object-Path: (NULL)
Object-Type: SSDT-hook
Object-Name: ZwDeleteKey
Object-Path: C:\WINDOWS\system32\drivers\SYMEVENT.SYS
Object-Type: SSDT-hook
Object-Name: ZwDeleteValueKey
Object-Path: C:\WINDOWS\system32\drivers\SYMEVENT.SYS
Object-Type: SSDT-hook
Object-Name: ZwFreeVirtualMemory
Object-Path: (NULL)
Object-Type: SSDT-hook
Object-Name: ZwImpersonateAnonymousToken
Object-Path: (NULL)
Object-Type: SSDT-hook
Object-Name: ZwImpersonateThread
Object-Path: (NULL)
Object-Type: SSDT-hook
Object-Name: ZwMapViewOfSection
Object-Path: (NULL)
Object-Type: SSDT-hook
Object-Name: ZwOpenEvent
Object-Path: (NULL)
Object-Type: SSDT-hook
Object-Name: ZwOpenProcessToken
Object-Path: (NULL)
Object-Type: SSDT-hook
Object-Name: ZwOpenSection
Object-Path: (NULL)
Object-Type: SSDT-hook
Object-Name: ZwOpenThreadToken
Object-Path: (NULL)
Object-Type: SSDT-hook
Object-Name: ZwResumeThread
Object-Path: (NULL)
Object-Type: SSDT-hook
Object-Name: ZwSetContextThread
Object-Path: (NULL)
Object-Type: SSDT-hook
Object-Name: ZwSetInformationProcess
Object-Path: (NULL)
Object-Type: SSDT-hook
Object-Name: ZwSetInformationThread
Object-Path: (NULL)
Object-Type: SSDT-hook
Object-Name: ZwSetValueKey
Object-Path: C:\WINDOWS\system32\drivers\SYMEVENT.SYS
Object-Type: SSDT-hook
Object-Name: ZwSuspendProcess
Object-Path: (NULL)
Object-Type: SSDT-hook
Object-Name: ZwSuspendThread
Object-Path: (NULL)
Object-Type: SSDT-hook
Object-Name: ZwTerminateProcess
Object-Path: C:\WINDOWS\system32\drivers\CO_Mon.sys
Object-Type: SSDT-hook
Object-Name: ZwTerminateThread
Object-Path: (NULL)
Object-Type: SSDT-hook
Object-Name: ZwUnmapViewOfSection
Object-Path: (NULL)
Object-Type: SSDT-hook
Object-Name: ZwWriteVirtualMemory
Object-Path: (NULL)
Object-Type: Process
Object-Name: lsass.exe
Pid: 1332
Object-Path: C:\WINDOWS\system32\lsass.exe
Status: Visible
Object-Type: Process
Object-Name: QLBCTRL.exe
Pid: 960
Object-Path: C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
Status: Visible
Object-Type: Process
Object-Name: wdfmgr.exe
Pid: 3192
Object-Path: C:\WINDOWS\system32\wdfmgr.exe
Status: Visible
Object-Type: Process
Object-Name: System Idle Process
Pid: 0
Object-Path:
Status: Visible
Object-Type: Process
Object-Name: spoolsv.exe
Pid: 620
Object-Path: C:\WINDOWS\system32\spoolsv.exe
Status: Visible
Object-Type: Process
Object-Name: AGRSMMSG.exe
Pid: 1148
Object-Path: C:\WINDOWS\AGRSMMSG.exe
Status: Visible
Object-Type: Process
Object-Name: dllhost.exe
Pid: 312
Object-Path: C:\WINDOWS\system32\DllHost.exe
Status: Visible
Object-Type: Process
Object-Name: CCSVCHST.EXE
Pid: 1428
Object-Path: C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
Status: Visible
Object-Type: Process
Object-Name: alg.exe
Pid: 2792
Object-Path: C:\WINDOWS\System32\alg.exe
Status: Visible
Object-Type: Process
Object-Name: svchost.exe
Pid: 1708
Object-Path: C:\WINDOWS\system32\svchost.exe
Status: Visible
Object-Type: Process
Object-Name: explorer.exe
Pid: 964
Object-Path: C:\WINDOWS\Explorer.EXE
Status: Visible
Object-Type: Process
Object-Name: BTTray.exe
Pid: 1956
Object-Path: C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe
Status: Visible
Object-Type: Process
Object-Name: System
Pid: 4
Object-Path:
Status: Visible
Object-Type: Process
Object-Name: svchost.exe
Pid: 1616
Object-Path: C:\WINDOWS\System32\svchost.exe
Status: Visible
Object-Type: Process
Object-Name: winlogon.exe
Pid: 1276
Object-Path: C:\WINDOWS\system32\winlogon.exe
Status: Visible
Object-Type: Process
Object-Name: btwdins.exe
Pid: 2392
Object-Path: C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
Status: Visible
Object-Type: Process
Object-Name: MDM.EXE
Pid: 2672
Object-Path: C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
Status: Visible
Object-Type: File/Folder
Object-Name: 0B1CC7BF.TMP
Pid: n/a
Object-Path: C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtETmp\0B1CC7BF.TMP
Status: Hidden
Object-Type: Process
Object-Name: csrss.exe
Pid: 1248
Object-Path: C:\WINDOWS\system32\csrss.exe
Status: Visible
Object-Type: Process
Object-Name: igfxpers.exe
Pid: 164
Object-Path: C:\WINDOWS\system32\igfxpers.exe
Status: Visible
Object-Type: Process
Object-Name: AluSchedulerSvc
Pid: 2304
Object-Path: C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
Status: Visible
Object-Type: Process
Object-Name: asghost.exe
Pid: 632
Object-Path: C:\Program Files\HPQ\IAM\bin\asghost.exe
Status: Visible
Object-Type: Process
Object-Name: ctfmon.exe
Pid: 1128
Object-Path: C:\WINDOWS\system32\ctfmon.exe
Status: Visible
Object-Type: Process
Object-Name: LSSrvc.exe
Pid: 2492
Object-Path: C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
Status: Visible
Object-Type: Process
Object-Name: HPQTOA~1.EXE
Pid: 2120
Object-Path: C:\PROGRA~1\hpq\Shared\HPQTOA~1.EXE
Status: Visible
Object-Type: Process
Object-Name: smss.exe
Pid: 1160
Object-Path: C:\WINDOWS\System32\smss.exe
Status: Visible
Object-Type: Process
Object-Name: BTStackServer.e
Pid: 2772
Object-Path: C:\PROGRA~1\WIDCOMM\LOGICI~1\BTSTAC~1.EXE
Status: Visible
Object-Type: Process
Object-Name: hpqwmiex.exe
Pid: 3392
Object-Path: C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
Status: Visible
Object-Type: File/Folder
Object-Name: PRELOAD
Pid: n/a
Object-Path: C:\System Recovery\PRELOAD
Status: Hidden
Object-Type: Process
Object-Name: jqs.exe
Pid: 2432
Object-Path: C:\Program Files\Java\jre6\bin\jqs.exe
Status: Visible
Object-Type: Process
Object-Name: DLACTRLW.EXE
Pid: 140
Object-Path: C:\WINDOWS\System32\DLA\DLACTRLW.EXE
Status: Visible
Object-Type: Process
Object-Name: hkcmd.exe
Pid: 1008
Object-Path: C:\WINDOWS\system32\hkcmd.exe
Status: Visible
Object-Type: Process
Object-Name: firefox.exe
Pid: 3860
Object-Path: C:\Program Files\Mozilla Firefox\firefox.exe
Status: Visible
Object-Type: Process
Object-Name: agrsmsvc.exe
Pid: 2280
Object-Path: C:\WINDOWS\system32\agrsmsvc.exe
Status: Visible
Object-Type: Process
Object-Name: services.exe
Pid: 1320
Object-Path: C:\WINDOWS\system32\services.exe
Status: Visible
Object-Type: Process
Object-Name: SynTPEnh.exe
Pid: 1692
Object-Path: C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Status: Visible
Object-Type: Process
Object-Name: Scheduler.exe
Pid: 1940
Object-Path: C:\WINDOWS\SMINST\Scheduler.exe
Status: Visible
Object-Type: Process
Object-Name: DVDCheck.exe
Pid: 1972
Object-Path: C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
Status: Visible
Object-Type: Process
Object-Name: wmiapsrv.exe
Pid: 2964
Object-Path: C:\WINDOWS\system32\wbem\wmiapsrv.exe
Status: Visible
Object-Type: Process
Object-Name: symlcsvc.exe
Pid: 3956
Object-Path: C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe
Status: Visible
Object-Type: Process
Object-Name: svchost.exe
Pid: 1508
Object-Path: C:\WINDOWS\system32\svchost.exe
Status: Visible
Object-Type: Process
Object-Name: wmiprvse.exe
Pid: 1756
Object-Path: C:\WINDOWS\system32\wbem\wmiprvse.exe
Status: Visible
Object-Type: Process
Object-Name: smax4pnp.exe
Pid: 1076
Object-Path: C:\Program Files\Analog Devices\Core\smax4pnp.exe
Status: Visible
Object-Type: File/Folder
Object-Name: MASTER.LOG
Pid: n/a
Object-Path: C:\System Recovery\MASTER.LOG
Status: Hidden
Object-Type: Process
Object-Name: CCSVCHST.EXE
Pid: 180
Object-Path: C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
Status: Visible
Object-Type: Process
Object-Name: svchost.exe
Pid: 1576
Object-Path: C:\WINDOWS\system32\svchost.exe
Status: Visible
Object-Type: Process
Object-Name: HP Wireless Ass
Pid: 1732
Object-Path: C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
Status: Visible
Object-Type: Process
Object-Name: igfxsrvc.exe
Pid: 1640
Object-Path: C:\WINDOWS\system32\igfxsrvc.exe
Status: Visible
Object-Type: Process
Object-Name: svchost.exe
Pid: 1796
Object-Path: C:\WINDOWS\system32\svchost.exe
Status: Visible
Object-Type: Process
Object-Name: svchost.exe
Pid: 2292
Object-Path: C:\WINDOWS\System32\svchost.exe
Status: Visible
Object-Type: Process
Object-Name: svchost.exe
Pid: 2912
Object-Path: C:\WINDOWS\System32\svchost.exe
Status: Visible
Object-Type: Process
Object-Name: Rootkit_Detecti
Pid: 2788
Object-Path: C:\Documents and Settings\Administrateur\Bureau\McafeeRootkitDetective\Rootkit_Detective.exe
Status: Visible
Scan complete. Found hidden Processes and Files: 3 .
Total files scanned: 53161
A voir également:
- ROOTKIT ENNEMI OU PAS?
- Assassin's creed 2 confrontés a l'ennemi ✓ - Forum Jeux vidéo
- Rootkit - Télécharger - Antivirus & Antimalwares
- Rootkit hunter - Télécharger - Antivirus & Antimalwares
- Confrontés à l'ennemi ils tranchaient dans le vif - Forum Jeux vidéo
- Sophos anti rootkit - Télécharger - Antivirus & Antimalwares