Rooter.exe (v1.0.2) by Eric_71
.
SeDebugPrivilege granted successfully ...
.
Windows XP . (5.1.2600) Service Pack 3
[32_bits] - x86 Family 6 Model 23 Stepping 10, GenuineIntel
.
[wscsvc] (Security Center) RUNNING (state:4)
[SharedAccess] RUNNING (state:4)
Windows Firewall -> Enabled
.
Internet Explorer 8.0.6001.18702
Mozilla Firefox 3.0.11 (en-US)
.
C:\  [Fixed-NTFS] .. ( Total:149 Go - Free:136 Go )
D:\  [CD_Rom]
E:\  [Fixed-FAT32] .. ( Total:111 Go - Free:16 Go )
F:\  [Fixed-FAT32] .. ( Total:465 Go - Free:201 Go )
.
Scan : 12:37.17
Path : C:\Documents and Settings\Owner\Desktop\Rooter.exe
User : Owner ( Administrator -> YES )
.
----------------------\\ Processes
.
Locked [System Process] (0)
______ System (4)
______ \SystemRoot\System32\smss.exe (632)
______ \??\C:\WINDOWS\system32\csrss.exe (680)
______ \??\C:\WINDOWS\system32\winlogon.exe (712)
______ C:\WINDOWS\system32\services.exe (756)
______ C:\WINDOWS\system32\lsass.exe (768)
______ C:\WINDOWS\system32\Ati2evxx.exe (940)
______ C:\WINDOWS\system32\svchost.exe (960)
______ C:\WINDOWS\system32\svchost.exe (1028)
______ C:\WINDOWS\System32\svchost.exe (1132)
______ C:\WINDOWS\system32\svchost.exe (1288)
______ C:\WINDOWS\system32\svchost.exe (1344)
______ C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (1392)
______ C:\Program Files\Alwil Software\Avast4\ashServ.exe (1440)
______ C:\WINDOWS\system32\Ati2evxx.exe (1496)
______ C:\WINDOWS\system32\spoolsv.exe (1796)
______ C:\WINDOWS\Explorer.EXE (244)
______ C:\Program Files\Java\jre6\bin\jusched.exe (540)
______ C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe (548)
______ C:\WINDOWS\RTHDCPL.EXE (612)
______ C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (684)
______ C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe (772)
______ C:\Program Files\HP\hpcoretech\hpcmpmgr.exe (980)
______ C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (1012)
______ C:\Program Files\Logitech\iTouch\iTouch.exe (1084)
______ C:\WINDOWS\system32\ctfmon.exe (1104)
______ C:\Program Files\Corel\Print Office 2000\Register\Remind32.exe (1232)
______ C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (1492)
______ C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe (364)
______ C:\WINDOWS\system32\svchost.exe (2484)
______ C:\Program Files\Bonjour\mDNSResponder.exe (2532)
______ C:\Program Files\Java\jre6\bin\jqs.exe (2592)
______ C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (2688)
______ C:\WINDOWS\system32\svchost.exe (2856)
______ C:\WINDOWS\system32\Tablet.exe (2948)
______ C:\WINDOWS\system32\BRMFRSMG.EXE (3060)
______ C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (3304)
______ C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (3360)
______ C:\WINDOWS\System32\alg.exe (3988)
______ C:\Documents and Settings\Owner\Desktop\Rooter.exe (824)
______ C:\Program Files\Microsoft Office\Office12\WINWORD.EXE (3524)
.
----------------------\\ Device\Harddisk0\
.
\Device\Harddisk0 [Sectors : 63 x 512 Bytes]
.
\Device\Harddisk0\Partition1 --[ MBR ]-- (Start_Offset:32256 | Length:159989889024)
.
----------------------\\ Scheduled Tasks
.
C:\WINDOWS\Tasks\desktop.ini
C:\WINDOWS\Tasks\SA.DAT
.
----------------------\\ Registry
.
.
----------------------\\ Files & Folders
.
----------------------\\ Scan completed at 12:37.29
.
C:\Rooter$\Rooter_1.txt - (29/06/2009 | 12:37.29)