Rooter.exe (v1.0.2) by Eric_71
.
SeDebugPrivilege granted successfully ...
.
Windows XP Home Edition (5.1.2600) Service Pack 2
[32_bits] - x86 Family 15 Model 4 Stepping 4, GenuineIntel
.
[wscsvc] (Security Center) RUNNING (state:4)
[SharedAccess] RUNNING (state:4)
Windows Firewall -> Disabled !
.
Internet Explorer 7.0.5730.13
.
C:\  [Fixed-NTFS] .. ( Total:145 Go - Free:129 Go )
D:\  [CD_Rom]
E:\  [CD_Rom]
.
Scan : 12:23.24
Path : C:\Documents and Settings\Scott\Desktop\Rooter.exe
User : Scott ( Administrator -> YES )
.
----------------------\\ Processes
.
Locked [System Process] (0)
______ System (4)
______ \SystemRoot\System32\smss.exe (588)
______ \??\C:\WINDOWS\system32\csrss.exe (644)
______ \??\C:\WINDOWS\system32\winlogon.exe (680)
______ C:\WINDOWS\system32\services.exe (724)
______ C:\WINDOWS\system32\lsass.exe (736)
______ C:\WINDOWS\system32\Ati2evxx.exe (888)
______ C:\WINDOWS\system32\svchost.exe (904)
______ C:\WINDOWS\system32\svchost.exe (996)
______ C:\WINDOWS\System32\svchost.exe (1096)
______ C:\WINDOWS\system32\svchost.exe (1188)
______ C:\WINDOWS\system32\svchost.exe (1296)
______ C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe (1436)
______ C:\WINDOWS\Explorer.EXE (1616)
______ C:\Program Files\Shaw Secure\Common\FSM32.EXE (1728)
______ C:\Program Files\Common Files\Real\Update_OB\realsched.exe (1760)
______ C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (1784)
______ C:\WINDOWS\system32\spoolsv.exe (2008)
______ C:\Program Files\Google\Update\GoogleUpdate.exe (328)
______ C:\Program Files\Shaw Secure\Anti-Virus\fsgk32st.exe (484)
______ C:\Program Files\Shaw Secure\Common\FSMA32.EXE (496)
______ C:\Program Files\Shaw Secure\Anti-Virus\FSGK32.EXE (512)
______ C:\Program Files\Shaw Secure\Common\FSMB32.EXE (516)
______ C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe (804)
______ C:\WINDOWS\system32\svchost.exe (932)
______ C:\Program Files\Shaw Secure\Common\FCH32.EXE (1536)
______ C:\Program Files\Shaw Secure\Common\FAMEH32.EXE (1780)
______ C:\Program Files\Shaw Secure\Anti-Virus\fsqh.exe (1848)
______ C:\Program Files\Shaw Secure\FSPC\fspc.exe (2040)
______ C:\Program Files\Shaw Secure\ORSP Client\fsorsp.exe (2332)
______ C:\Program Files\Shaw Secure\FSAUA\program\fsaua.exe (2392)
______ C:\Program Files\Shaw Secure\Anti-Virus\fssm32.exe (2516)
______ C:\Program Files\Shaw Secure\FSGUI\fsguidll.exe (2560)
______ C:\Program Files\Shaw Secure\FWES\Program\fsdfwd.exe (2604)
______ C:\WINDOWS\system32\wscntfy.exe (2836)
______ C:\WINDOWS\System32\alg.exe (2848)
______ C:\Program Files\Shaw Secure\FSAUA\program\fsus.exe (3220)
______ C:\Program Files\Shaw Secure\Anti-Virus\fsav32.exe (4012)
______ C:\Program Files\Shaw Secure\FSGUI\scanwizard.exe (3808)
______ C:\Documents and Settings\Scott\Desktop\Rooter.exe (3536)
.
----------------------\\ Device\Harddisk0\
.
\Device\Harddisk0 [Sectors : 63 x 512 Bytes]
.
\Device\Harddisk0\Partition1 (Start_Offset:32256 | Length:57544704)
\Device\Harddisk0\Partition2 --[ MBR ]-- (Start_Offset:57576960 | Length:156609331200)
\Device\Harddisk0\Partition3 (Start_Offset:156666908160 | Length:3331238400)
.
----------------------\\ Scheduled Tasks
.
C:\WINDOWS\Tasks\desktop.ini
C:\WINDOWS\Tasks\Google Software Updater.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachine.job
C:\WINDOWS\Tasks\SA.DAT
C:\WINDOWS\Tasks\User_Feed_Synchronization-{4ECF8245-347D-4305-934B-B97411273FF9}.job
.
----------------------\\ Registry
.
.
----------------------\\ Files & Folders
.
----------------------\\ Scan completed at 12:23.32
.
C:\Rooter$\Rooter_1.txt - (30/06/2009 | 12:23.32)