Sujet Précédent Sujet Suivant

Rogue Killer-Rootkit

Fermé
Claroo - 14 juin 2014 à 20:57
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 - 14 juin 2014 à 20:59
Bonjour,

Je viens de lancer rogue killer afin de vérifier l'état de mon ordinateur (l'aspect de mon bureau a changé) est j'ai remarqué que dans l'onglet antirookit certains éléments sont en orange, je crains donc avoir des éléments "malveillants".
Voici le rapport:

RogueKiller V9.0.2.0 [Jun 3 2014] par Adlice Software
Mail : http://www.adlice.com/contact/
Remontées : http://forum.adlice.com
Site Web : http://www.surlatoile.org/RogueKiller/
Blog : http://www.adlice.com

Système d'exploitation : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Démarrage : Mode normal
Utilisateur : vista [Droits d'admin]
Mode : Suppression -- Date : 06/14/2014 20:54:52

¤¤¤ Processus malicieux : 0 ¤¤¤

¤¤¤ Entrées de registre : 0 ¤¤¤

¤¤¤ Tâches planifiées : 0 ¤¤¤

¤¤¤ Fichiers : 0 ¤¤¤

¤¤¤ Fichier HOSTS : 1 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost

¤¤¤ Antirootkit : 123 ¤¤¤
[SSDT:Addr] NtCreateSection[75] : Unknown @ 0x8ce9ffbe
[SSDT:Addr] NtRequestWaitReplyPort[276] : Unknown @ 0x8ce9ffc8
[SSDT:Addr] NtSetContextThread[289] : Unknown @ 0x8ce9ffc3
[SSDT:Addr] NtSetSecurityObject[314] : Unknown @ 0x8ce9ffcd
[SSDT:Addr] NtSystemDebugControl[332] : Unknown @ 0x8ce9ffd2
[SSDT:Addr] NtTerminateProcess[334] : Unknown @ 0x8ce9ff5f
[ShwSSDT:Addr] NtUserSetWindowsHookEx[573] : Unknown @ 0x8ce9ffe6
[ShwSSDT:Addr] NtUserSetWinEventHook[576] : Unknown @ 0x8ce9ffeb
[EAT:Addr] (explorer.exe) comctl32.dll - AddGadgetMessageHandler : C:\Windows\system32\DUser.dll @ 0x7442152c
[EAT:Addr] (explorer.exe) comctl32.dll - AttachWndProcA : C:\Windows\system32\DUser.dll @ 0x7442c80a
[EAT:Addr] (explorer.exe) comctl32.dll - AttachWndProcW : C:\Windows\system32\DUser.dll @ 0x7441dd2c
[EAT:Addr] (explorer.exe) comctl32.dll - AutoTrace : C:\Windows\system32\DUser.dll @ 0x74427041
[EAT:Addr] (explorer.exe) comctl32.dll - BeginTransition : C:\Windows\system32\DUser.dll @ 0x7442c9a7
[EAT:Addr] (explorer.exe) comctl32.dll - BuildAnimation : C:\Windows\system32\DUser.dll @ 0x74421135
[EAT:Addr] (explorer.exe) comctl32.dll - BuildDropTarget : C:\Windows\system32\DUser.dll @ 0x74427131
[EAT:Addr] (explorer.exe) comctl32.dll - BuildInterpolation : C:\Windows\system32\DUser.dll @ 0x7442118c
[EAT:Addr] (explorer.exe) comctl32.dll - CreateAction : C:\Windows\system32\DUser.dll @ 0x74417339
[EAT:Addr] (explorer.exe) comctl32.dll - CreateGadget : C:\Windows\system32\DUser.dll @ 0x74415197
[EAT:Addr] (explorer.exe) comctl32.dll - CreateTransition : C:\Windows\system32\DUser.dll @ 0x7442c83a
[EAT:Addr] (explorer.exe) comctl32.dll - DUserBuildGadget : C:\Windows\system32\DUser.dll @ 0x7442b7e8
[EAT:Addr] (explorer.exe) comctl32.dll - DUserCastClass : C:\Windows\system32\DUser.dll @ 0x7442c776
[EAT:Addr] (explorer.exe) comctl32.dll - DUserCastDirect : C:\Windows\system32\DUser.dll @ 0x7442c7b9
[EAT:Addr] (explorer.exe) comctl32.dll - DUserCastHandle : C:\Windows\system32\DUser.dll @ 0x7442b81e
[EAT:Addr] (explorer.exe) comctl32.dll - DUserDeleteGadget : C:\Windows\system32\DUser.dll @ 0x7442b9c1
[EAT:Addr] (explorer.exe) comctl32.dll - DUserFindClass : C:\Windows\system32\DUser.dll @ 0x7442c6e7
[EAT:Addr] (explorer.exe) comctl32.dll - DUserFlushDeferredMessages : C:\Windows\system32\DUser.dll @ 0x74420020
[EAT:Addr] (explorer.exe) comctl32.dll - DUserFlushMessages : C:\Windows\system32\DUser.dll @ 0x74420096
[EAT:Addr] (explorer.exe) comctl32.dll - DUserGetAlphaPRID : C:\Windows\system32\DUser.dll @ 0x744278fd
[EAT:Addr] (explorer.exe) comctl32.dll - DUserGetGutsData : C:\Windows\system32\DUser.dll @ 0x7442c7c9
[EAT:Addr] (explorer.exe) comctl32.dll - DUserGetRectPRID : C:\Windows\system32\DUser.dll @ 0x74427908
[EAT:Addr] (explorer.exe) comctl32.dll - DUserGetRotatePRID : C:\Windows\system32\DUser.dll @ 0x74427913
[EAT:Addr] (explorer.exe) comctl32.dll - DUserGetScalePRID : C:\Windows\system32\DUser.dll @ 0x7442791e
[EAT:Addr] (explorer.exe) comctl32.dll - DUserInstanceOf : C:\Windows\system32\DUser.dll @ 0x7442c735
[EAT:Addr] (explorer.exe) comctl32.dll - DUserPostEvent : C:\Windows\system32\DUser.dll @ 0x7441630f
[EAT:Addr] (explorer.exe) comctl32.dll - DUserPostMethod : C:\Windows\system32\DUser.dll @ 0x7442b639
[EAT:Addr] (explorer.exe) comctl32.dll - DUserRegisterGuts : C:\Windows\system32\DUser.dll @ 0x7441a5b1
[EAT:Addr] (explorer.exe) comctl32.dll - DUserRegisterStub : C:\Windows\system32\DUser.dll @ 0x74419f93
[EAT:Addr] (explorer.exe) comctl32.dll - DUserRegisterSuper : C:\Windows\system32\DUser.dll @ 0x7441b046
[EAT:Addr] (explorer.exe) comctl32.dll - DUserSendEvent : C:\Windows\system32\DUser.dll @ 0x74413258
[EAT:Addr] (explorer.exe) comctl32.dll - DUserSendMethod : C:\Windows\system32\DUser.dll @ 0x7442b5b0
[EAT:Addr] (explorer.exe) comctl32.dll - DUserStopAnimation : C:\Windows\system32\DUser.dll @ 0x744284e4
[EAT:Addr] (explorer.exe) comctl32.dll - DeleteHandle : C:\Windows\system32\DUser.dll @ 0x74413ef8
[EAT:Addr] (explorer.exe) comctl32.dll - DetachWndProc : C:\Windows\system32\DUser.dll @ 0x7441657d
[EAT:Addr] (explorer.exe) comctl32.dll - DllMain : C:\Windows\system32\DUser.dll @ 0x744176f9
[EAT:Addr] (explorer.exe) comctl32.dll - DrawGadgetTree : C:\Windows\system32\DUser.dll @ 0x7442c646
[EAT:Addr] (explorer.exe) comctl32.dll - EndTransition : C:\Windows\system32\DUser.dll @ 0x7442ca90
[EAT:Addr] (explorer.exe) comctl32.dll - EnumGadgets : C:\Windows\system32\DUser.dll @ 0x7442c30f
[EAT:Addr] (explorer.exe) comctl32.dll - FindGadgetFromPoint : C:\Windows\system32\DUser.dll @ 0x74416da8
[EAT:Addr] (explorer.exe) comctl32.dll - FindGadgetMessages : C:\Windows\system32\DUser.dll @ 0x7442c19d
[EAT:Addr] (explorer.exe) comctl32.dll - FindStdColor : C:\Windows\system32\DUser.dll @ 0x7441dc66
[EAT:Addr] (explorer.exe) comctl32.dll - FireGadgetMessages : C:\Windows\system32\DUser.dll @ 0x7442c06b
[EAT:Addr] (explorer.exe) comctl32.dll - ForwardGadgetMessage : C:\Windows\system32\DUser.dll @ 0x74421cb5
[EAT:Addr] (explorer.exe) comctl32.dll - GetActionTimeslice : C:\Windows\system32\DUser.dll @ 0x7442cb05
[EAT:Addr] (explorer.exe) comctl32.dll - GetDebug : C:\Windows\system32\DUser.dll @ 0x7442705d
[EAT:Addr] (explorer.exe) comctl32.dll - GetGadget : C:\Windows\system32\DUser.dll @ 0x7442c527
[EAT:Addr] (explorer.exe) comctl32.dll - GetGadgetAnimation : C:\Windows\system32\DUser.dll @ 0x74417083
[EAT:Addr] (explorer.exe) comctl32.dll - GetGadgetBufferInfo : C:\Windows\system32\DUser.dll @ 0x74422d45
[EAT:Addr] (explorer.exe) comctl32.dll - GetGadgetCenterPoint : C:\Windows\system32\DUser.dll @ 0x7442be6f
[EAT:Addr] (explorer.exe) comctl32.dll - GetGadgetFocus : C:\Windows\system32\DUser.dll @ 0x7441ce28
[EAT:Addr] (explorer.exe) comctl32.dll - GetGadgetMessageFilter : C:\Windows\system32\DUser.dll @ 0x7442c5ba
[EAT:Addr] (explorer.exe) comctl32.dll - GetGadgetProperty : C:\Windows\system32\DUser.dll @ 0x74417135
[EAT:Addr] (explorer.exe) comctl32.dll - GetGadgetRect : C:\Windows\system32\DUser.dll @ 0x74412d8e
[EAT:Addr] (explorer.exe) comctl32.dll - GetGadgetRgn : C:\Windows\system32\DUser.dll @ 0x7441540a
[EAT:Addr] (explorer.exe) comctl32.dll - GetGadgetRootInfo : C:\Windows\system32\DUser.dll @ 0x7442bfbb
[EAT:Addr] (explorer.exe) comctl32.dll - GetGadgetRotation : C:\Windows\system32\DUser.dll @ 0x7442bd35
[EAT:Addr] (explorer.exe) comctl32.dll - GetGadgetScale : C:\Windows\system32\DUser.dll @ 0x7442bbe9
[EAT:Addr] (explorer.exe) comctl32.dll - GetGadgetSize : C:\Windows\system32\DUser.dll @ 0x7442c3ca
[EAT:Addr] (explorer.exe) comctl32.dll - GetGadgetStyle : C:\Windows\system32\DUser.dll @ 0x7442232c
[EAT:Addr] (explorer.exe) comctl32.dll - GetGadgetTicket : C:\Windows\system32\DUser.dll @ 0x7441c94f
[EAT:Addr] (explorer.exe) comctl32.dll - GetMessageExA : C:\Windows\system32\DUser.dll @ 0x7441f459
[EAT:Addr] (explorer.exe) comctl32.dll - GetMessageExW : C:\Windows\system32\DUser.dll @ 0x7442b6c3
[EAT:Addr] (explorer.exe) comctl32.dll - GetStdColorBrushF : C:\Windows\system32\DUser.dll @ 0x7442cbea
[EAT:Addr] (explorer.exe) comctl32.dll - GetStdColorBrushI : C:\Windows\system32\DUser.dll @ 0x74412c3b
[EAT:Addr] (explorer.exe) comctl32.dll - GetStdColorF : C:\Windows\system32\DUser.dll @ 0x7442ce45
[EAT:Addr] (explorer.exe) comctl32.dll - GetStdColorI : C:\Windows\system32\DUser.dll @ 0x7441faf7
[EAT:Addr] (explorer.exe) comctl32.dll - GetStdColorName : C:\Windows\system32\DUser.dll @ 0x7442cd46
[EAT:Addr] (explorer.exe) comctl32.dll - GetStdColorPenF : C:\Windows\system32\DUser.dll @ 0x7442ccd2
[EAT:Addr] (explorer.exe) comctl32.dll - GetStdColorPenI : C:\Windows\system32\DUser.dll @ 0x7442cc5e
[EAT:Addr] (explorer.exe) comctl32.dll - GetStdPalette : C:\Windows\system32\DUser.dll @ 0x7442b82e
[EAT:Addr] (explorer.exe) comctl32.dll - GetTransitionInterface : C:\Windows\system32\DUser.dll @ 0x7442c933
[EAT:Addr] (explorer.exe) comctl32.dll - InitGadgetComponent : C:\Windows\system32\DUser.dll @ 0x7442b8be
[EAT:Addr] (explorer.exe) comctl32.dll - InitGadgets : C:\Windows\system32\DUser.dll @ 0x7441e373
[EAT:Addr] (explorer.exe) comctl32.dll - InvalidateGadget : C:\Windows\system32\DUser.dll @ 0x74413de5
[EAT:Addr] (explorer.exe) comctl32.dll - IsGadgetParentChainStyle : C:\Windows\system32\DUser.dll @ 0x7442ba7f
[EAT:Addr] (explorer.exe) comctl32.dll - IsInsideContext : C:\Windows\system32\DUser.dll @ 0x7442b56c
[EAT:Addr] (explorer.exe) comctl32.dll - IsStartDelete : C:\Windows\system32\DUser.dll @ 0x7442121d
[EAT:Addr] (explorer.exe) comctl32.dll - LookupGadgetTicket : C:\Windows\system32\DUser.dll @ 0x7442cdbc
[EAT:Addr] (explorer.exe) comctl32.dll - MapGadgetPoints : C:\Windows\system32\DUser.dll @ 0x74423861
[EAT:Addr] (explorer.exe) comctl32.dll - PeekMessageExA : C:\Windows\system32\DUser.dll @ 0x7442b710
[EAT:Addr] (explorer.exe) comctl32.dll - PeekMessageExW : C:\Windows\system32\DUser.dll @ 0x7442b75e
[EAT:Addr] (explorer.exe) comctl32.dll - PlayTransition : C:\Windows\system32\DUser.dll @ 0x7442c8b0
[EAT:Addr] (explorer.exe) comctl32.dll - PrintTransition : C:\Windows\system32\DUser.dll @ 0x7442ca1c
[EAT:Addr] (explorer.exe) comctl32.dll - RegisterGadgetMessage : C:\Windows\system32\DUser.dll @ 0x74417ba3
[EAT:Addr] (explorer.exe) comctl32.dll - RegisterGadgetMessageString : C:\Windows\system32\DUser.dll @ 0x7442c149
[EAT:Addr] (explorer.exe) comctl32.dll - RegisterGadgetProperty : C:\Windows\system32\DUser.dll @ 0x74417d5d
[EAT:Addr] (explorer.exe) comctl32.dll - RemoveGadgetMessageHandler : C:\Windows\system32\DUser.dll @ 0x7442c21a
[EAT:Addr] (explorer.exe) comctl32.dll - RemoveGadgetProperty : C:\Windows\system32\DUser.dll @ 0x74420dee
[EAT:Addr] (explorer.exe) comctl32.dll - SetActionTimeslice : C:\Windows\system32\DUser.dll @ 0x7442cb82
[EAT:Addr] (explorer.exe) comctl32.dll - SetGadgetBufferInfo : C:\Windows\system32\DUser.dll @ 0x74422c09
[EAT:Addr] (explorer.exe) comctl32.dll - SetGadgetCenterPoint : C:\Windows\system32\DUser.dll @ 0x7442bf0a
[EAT:Addr] (explorer.exe) comctl32.dll - SetGadgetFillF : C:\Windows\system32\DUser.dll @ 0x7442bb47
[EAT:Addr] (explorer.exe) comctl32.dll - SetGadgetFillI : C:\Windows\system32\DUser.dll @ 0x74422149
[EAT:Addr] (explorer.exe) comctl32.dll - SetGadgetFocus : C:\Windows\system32\DUser.dll @ 0x7441cebb
[EAT:Addr] (explorer.exe) comctl32.dll - SetGadgetFocusEx : C:\Windows\system32\DUser.dll @ 0x74423188
[EAT:Addr] (explorer.exe) comctl32.dll - SetGadgetMessageFilter : C:\Windows\system32\DUser.dll @ 0x74415a70
[EAT:Addr] (explorer.exe) comctl32.dll - SetGadgetOrder : C:\Windows\system32\DUser.dll @ 0x7442c45d
[EAT:Addr] (explorer.exe) comctl32.dll - SetGadgetParent : C:\Windows\system32\DUser.dll @ 0x744155f8
[EAT:Addr] (explorer.exe) comctl32.dll - SetGadgetProperty : C:\Windows\system32\DUser.dll @ 0x74421284
[EAT:Addr] (explorer.exe) comctl32.dll - SetGadgetRect : C:\Windows\system32\DUser.dll @ 0x74415305
[EAT:Addr] (explorer.exe) comctl32.dll - SetGadgetRootInfo : C:\Windows\system32\DUser.dll @ 0x7441e857
[EAT:Addr] (explorer.exe) comctl32.dll - SetGadgetRotation : C:\Windows\system32\DUser.dll @ 0x7442bdc9
[EAT:Addr] (explorer.exe) comctl32.dll - SetGadgetScale : C:\Windows\system32\DUser.dll @ 0x7442bc84
[EAT:Addr] (explorer.exe) comctl32.dll - SetGadgetStyle : C:\Windows\system32\DUser.dll @ 0x74414c48
[EAT:Addr] (explorer.exe) comctl32.dll - UninitGadgetComponent : C:\Windows\system32\DUser.dll @ 0x7442b93f
[EAT:Addr] (explorer.exe) comctl32.dll - UnregisterGadgetMessage : C:\Windows\system32\DUser.dll @ 0x7442c171
[EAT:Addr] (explorer.exe) comctl32.dll - UnregisterGadgetMessageString : C:\Windows\system32\DUser.dll @ 0x7442c149
[EAT:Addr] (explorer.exe) comctl32.dll - UnregisterGadgetProperty : C:\Windows\system32\DUser.dll @ 0x7442c2e3
[EAT:Addr] (explorer.exe) comctl32.dll - UtilBuildFont : C:\Windows\system32\DUser.dll @ 0x7442b83a
[EAT:Addr] (explorer.exe) comctl32.dll - UtilDrawBlendRect : C:\Windows\system32\DUser.dll @ 0x7442b84a
[EAT:Addr] (explorer.exe) comctl32.dll - UtilDrawOutlineRect : C:\Windows\system32\DUser.dll @ 0x7442b85a
[EAT:Addr] (explorer.exe) comctl32.dll - UtilGetColor : C:\Windows\system32\DUser.dll @ 0x7442b86a
[EAT:Addr] (explorer.exe) comctl32.dll - UtilSetBackground : C:\Windows\system32\DUser.dll @ 0x7442cd78
[EAT:Addr] (explorer.exe) comctl32.dll - WaitMessageEx : C:\Windows\system32\DUser.dll @ 0x7442b7ac

¤¤¤ Navigateurs web : 0 ¤¤¤

¤¤¤ MBR Verif : ¤¤¤
+++++ PhysicalDrive0: Hitachi HTS543225L9SA00 +++++
--- User ---
[MBR] f25b2362a0f0c98108c922e7658e9a35
[BSP] 25587d3b3435cbe486b9831cba7b51e5 : Unknown MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 10095 MB
1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 20676608 | Size: 228378 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: Ricoh SD/MMC Disk Device +++++
Error reading User MBR! ([15] Le périphérique n'est pas prêt. )
Error reading LL1 MBR! ([32] Cette demande n'est pas prise en charge. )
Error reading LL2 MBR! ([32] Cette demande n'est pas prise en charge. )

+++++ PhysicalDrive2: Ricoh Memory Stick Disk Device +++++
Error reading User MBR! ([15] Le périphérique n'est pas prêt. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Cette demande n'est pas prise en charge. )


============================================
RKreport_SCN_06142014_204527.log - RKreport_DEL_06142014_204550.log - RKreport_SCN_06142014_205447.log



Qu'en pensez-vous?

Je vous remercie beaucoup pour votre aide
Bonne soirée
A voir également:

1 réponse

Réponse 1 / 1
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 656
14 juin 2014 à 20:59
Salut,

Rien de malicieux.
0

Discussions similaires

Harry Potter
louloutte27089 -
Livine -

5 réponses
Killer Network Manager
Baltaros -
SISI la familllleee -

21 réponses
Désinstaller killer network = Écran bleu
komenkonf -
contrariness -

1 réponse
Killer Network
Louis Loiseau -
bazfile -

1 réponse
installation killer network impossible
darthsaiyan -
kaneagle -

3 réponses