VIRUS SYSTEM FIX
beathbox
Messages postés
11
Statut
Membre
-
Tigzy Messages postés 7983 Statut Contributeur sécurité -
Tigzy Messages postés 7983 Statut Contributeur sécurité -
Bonjour,
J'ai été infecté par le bien connu virus "system fix" , j'ai donc nettoyé mon pc avec
RogueKiller, ComboFix, AdwCleaner, puis j'ai fait plusieurs scan complet avec TrojanKiller, Malwarebytes, Avira free et Panda Cloud free .
Mais mon PC est encore infecté par des publicités et internet semble moins rapide, pouvez m'aider ? Merci
J'ai été infecté par le bien connu virus "system fix" , j'ai donc nettoyé mon pc avec
RogueKiller, ComboFix, AdwCleaner, puis j'ai fait plusieurs scan complet avec TrojanKiller, Malwarebytes, Avira free et Panda Cloud free .
Mais mon PC est encore infecté par des publicités et internet semble moins rapide, pouvez m'aider ? Merci
A voir également:
- VIRUS SYSTEM FIX
- Reboot system now - Guide
- Fix it - Télécharger - Optimisation
- Virus mcafee - Accueil - Piratage
- Cette action ne peut pas être réalisée car le fichier est ouvert dans system - Guide
- Microsoft fix it - Télécharger - Utilitaires
11 réponses
voici les rapports RogueKiller
RogueKiller V6.2.0 [12/12/2011] par Tigzy
mail: tigzyRK<at>gmail<dot>com
Remontees: https://www.luanagames.com/index.fr.html
Blog: http://tigzyrk.blogspot.com
Systeme d'exploitation: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur: Yogui [Droits d'admin]
Mode: Recherche -- Date : 14/12/2011 02:20:10
¤¤¤ Processus malicieux: 0 ¤¤¤
¤¤¤ Entrees de registre: 12 ¤¤¤
[SUSP PATH] HKLM\[...]\Wow6432Node\Run : PvrtVtYGxyGUr.exe (C:\ProgramData\PvrtVtYGxyGUr.exe) -> FOUND
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND
[WallPP] HKCU\[...]\Desktop : Wallpaper () -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowMyComputer (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowSearch (0) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver: [NOT LOADED] ¤¤¤
¤¤¤ Infection : Root.MBR ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
¤¤¤ MBR Verif: ¤¤¤
--- User ---
[MBR] c1a88fa06f58bb977699a103006c040d
[BSP] 4a1d81b41d201190399920354521e3f8 : MBR Code unknown
Partition table:
0 - [ACTIVE] NTFS [VISIBLE] Offset (sectors): 2048 | Size: 208 Mo
1 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 409600 | Size: 639922 Mo
User != LL1 ... KO!
--- LL1 ---
[MBR] 27abab23331fb310b3561016602e9aa1
[BSP] 4a1d81b41d201190399920354521e3f8 : MBR Code unknown
Partition table:
0 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 2048 | Size: 208 Mo
1 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 409600 | Size: 639922 Mo
2 - [ACTIVE] NTFS [HIDDEN!] Offset (sectors): 1250258944 | Size: 2 Mo
User != LL2 ... KO!
--- LL2 ---
[MBR] 27abab23331fb310b3561016602e9aa1
[BSP] 4a1d81b41d201190399920354521e3f8 : MBR Code unknown
Partition table:
0 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 2048 | Size: 208 Mo
1 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 409600 | Size: 639922 Mo
2 - [ACTIVE] NTFS [HIDDEN!] Offset (sectors): 1250258944 | Size: 2 Mo
Termine : << RKreport[1].txt >>
RKreport[1].txt
RogueKiller V6.2.0 [12/12/2011] par Tigzy
mail: tigzyRK<at>gmail<dot>com
Remontees: https://www.luanagames.com/index.fr.html
Blog: http://tigzyrk.blogspot.com
Systeme d'exploitation: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur: Yogui [Droits d'admin]
Mode: Suppression -- Date : 14/12/2011 02:24:18
¤¤¤ Processus malicieux: 0 ¤¤¤
¤¤¤ Entrees de registre: 12 ¤¤¤
[SUSP PATH] HKLM\[...]\Wow6432Node\Run : PvrtVtYGxyGUr.exe (C:\ProgramData\PvrtVtYGxyGUr.exe) -> DELETED
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> REPLACED (2)
[HJ] HKLM\[...]\System : EnableLUA (0) -> REPLACED (1)
[WallPP] HKCU\[...]\Desktop : Wallpaper () -> REPLACED (C:\Users\Yogui\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg)
[HJ] HKCU\[...]\Advanced : Start_ShowMyComputer (0) -> REPLACED (1)
[HJ] HKCU\[...]\Advanced : Start_ShowSearch (0) -> REPLACED (1)
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[HJ] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[HJ] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[HJ] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> REPLACED (0)
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver: [NOT LOADED] ¤¤¤
¤¤¤ Infection : Root.MBR ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
¤¤¤ MBR Verif: ¤¤¤
--- User ---
[MBR] c1a88fa06f58bb977699a103006c040d
[BSP] 4a1d81b41d201190399920354521e3f8 : MBR Code unknown
Partition table:
0 - [ACTIVE] NTFS [VISIBLE] Offset (sectors): 2048 | Size: 208 Mo
1 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 409600 | Size: 639922 Mo
User != LL1 ... KO!
--- LL1 ---
[MBR] 27abab23331fb310b3561016602e9aa1
[BSP] 4a1d81b41d201190399920354521e3f8 : MBR Code unknown
Partition table:
0 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 2048 | Size: 208 Mo
1 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 409600 | Size: 639922 Mo
2 - [ACTIVE] NTFS [HIDDEN!] Offset (sectors): 1250258944 | Size: 2 Mo
User != LL2 ... KO!
--- LL2 ---
[MBR] 27abab23331fb310b3561016602e9aa1
[BSP] 4a1d81b41d201190399920354521e3f8 : MBR Code unknown
Partition table:
0 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 2048 | Size: 208 Mo
1 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 409600 | Size: 639922 Mo
2 - [ACTIVE] NTFS [HIDDEN!] Offset (sectors): 1250258944 | Size: 2 Mo
Termine : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt
RogueKiller V6.2.0 [12/12/2011] par Tigzy
mail: tigzyRK<at>gmail<dot>com
Remontees: https://www.luanagames.com/index.fr.html
Blog: http://tigzyrk.blogspot.com
Systeme d'exploitation: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur: Yogui [Droits d'admin]
Mode: Raccourcis RAZ -- Date : 14/12/2011 02:28:06
¤¤¤ Processus malicieux: 0 ¤¤¤
¤¤¤ Driver: [NOT LOADED] ¤¤¤
Attributs de fichiers restaures:
Bureau: Success 73 / Fail 0
Lancement rapide: Success 18 / Fail 0
Programmes: Success 16004 / Fail 0
Menu demarrer: Success 88 / Fail 0
Dossier utilisateur: Success 59305 / Fail 1
Mes documents: Success 4270 / Fail 0
Mes favoris: Success 29 / Fail 0
Mes images: Success 307 / Fail 0
Ma musique: Success 27410 / Fail 1
Mes videos: Success 150 / Fail 0
Disques locaux: Success 11339 / Fail 1
Sauvegarde: [FOUND] Success 16 / Fail 0
Lecteurs:
[C:] \Device\HarddiskVolume2 -- 0x3 --> Restored
[D:] \Device\CdRom1 -- 0x5 --> Skipped
[E:] \Device\CdRom0 -- 0x5 --> Skipped
¤¤¤ Infection : Rogue.FakeHDD ¤¤¤
Termine : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt
RogueKiller V6.2.0 [12/12/2011] par Tigzy
mail: tigzyRK<at>gmail<dot>com
Remontees: https://www.luanagames.com/index.fr.html
Blog: http://tigzyrk.blogspot.com
Systeme d'exploitation: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur: Yogui [Droits d'admin]
Mode: HOSTS RAZ -- Date : 14/12/2011 02:29:27
¤¤¤ Processus malicieux: 0 ¤¤¤
¤¤¤ Driver: [NOT LOADED] ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
¤¤¤ Nouveau fichier HOSTS: ¤¤¤
127.0.0.1 localhost
Termine : << RKreport[4].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt
RogueKiller V6.2.0 [12/12/2011] par Tigzy
mail: tigzyRK<at>gmail<dot>com
Remontees: https://www.luanagames.com/index.fr.html
Blog: http://tigzyrk.blogspot.com
Systeme d'exploitation: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur: Yogui [Droits d'admin]
Mode: Proxy RAZ -- Date : 14/12/2011 02:29:41
¤¤¤ Processus malicieux: 0 ¤¤¤
¤¤¤ Driver: [NOT LOADED] ¤¤¤
¤¤¤ Entrees de registre: 0 ¤¤¤
Termine : << RKreport[5].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt ; RKreport[5].txt
RogueKiller V6.2.0 [12/12/2011] par Tigzy
mail: tigzyRK<at>gmail<dot>com
Remontees: https://www.luanagames.com/index.fr.html
Blog: http://tigzyrk.blogspot.com
Systeme d'exploitation: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur: Yogui [Droits d'admin]
Mode: DNS RAZ -- Date : 14/12/2011 02:29:54
¤¤¤ Processus malicieux: 0 ¤¤¤
¤¤¤ Driver: [NOT LOADED] ¤¤¤
¤¤¤ Entrees de registre: 0 ¤¤¤
Termine : << RKreport[6].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt ; RKreport[5].txt ;
RKreport[6].txt
RogueKiller V6.2.0 [12/12/2011] par Tigzy
mail: tigzyRK<at>gmail<dot>com
Remontees: https://www.luanagames.com/index.fr.html
Blog: http://tigzyrk.blogspot.com
Systeme d'exploitation: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur: Yogui [Droits d'admin]
Mode: Recherche -- Date : 14/12/2011 02:20:10
¤¤¤ Processus malicieux: 0 ¤¤¤
¤¤¤ Entrees de registre: 12 ¤¤¤
[SUSP PATH] HKLM\[...]\Wow6432Node\Run : PvrtVtYGxyGUr.exe (C:\ProgramData\PvrtVtYGxyGUr.exe) -> FOUND
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND
[WallPP] HKCU\[...]\Desktop : Wallpaper () -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowMyComputer (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowSearch (0) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver: [NOT LOADED] ¤¤¤
¤¤¤ Infection : Root.MBR ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
¤¤¤ MBR Verif: ¤¤¤
--- User ---
[MBR] c1a88fa06f58bb977699a103006c040d
[BSP] 4a1d81b41d201190399920354521e3f8 : MBR Code unknown
Partition table:
0 - [ACTIVE] NTFS [VISIBLE] Offset (sectors): 2048 | Size: 208 Mo
1 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 409600 | Size: 639922 Mo
User != LL1 ... KO!
--- LL1 ---
[MBR] 27abab23331fb310b3561016602e9aa1
[BSP] 4a1d81b41d201190399920354521e3f8 : MBR Code unknown
Partition table:
0 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 2048 | Size: 208 Mo
1 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 409600 | Size: 639922 Mo
2 - [ACTIVE] NTFS [HIDDEN!] Offset (sectors): 1250258944 | Size: 2 Mo
User != LL2 ... KO!
--- LL2 ---
[MBR] 27abab23331fb310b3561016602e9aa1
[BSP] 4a1d81b41d201190399920354521e3f8 : MBR Code unknown
Partition table:
0 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 2048 | Size: 208 Mo
1 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 409600 | Size: 639922 Mo
2 - [ACTIVE] NTFS [HIDDEN!] Offset (sectors): 1250258944 | Size: 2 Mo
Termine : << RKreport[1].txt >>
RKreport[1].txt
RogueKiller V6.2.0 [12/12/2011] par Tigzy
mail: tigzyRK<at>gmail<dot>com
Remontees: https://www.luanagames.com/index.fr.html
Blog: http://tigzyrk.blogspot.com
Systeme d'exploitation: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur: Yogui [Droits d'admin]
Mode: Suppression -- Date : 14/12/2011 02:24:18
¤¤¤ Processus malicieux: 0 ¤¤¤
¤¤¤ Entrees de registre: 12 ¤¤¤
[SUSP PATH] HKLM\[...]\Wow6432Node\Run : PvrtVtYGxyGUr.exe (C:\ProgramData\PvrtVtYGxyGUr.exe) -> DELETED
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> REPLACED (2)
[HJ] HKLM\[...]\System : EnableLUA (0) -> REPLACED (1)
[WallPP] HKCU\[...]\Desktop : Wallpaper () -> REPLACED (C:\Users\Yogui\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg)
[HJ] HKCU\[...]\Advanced : Start_ShowMyComputer (0) -> REPLACED (1)
[HJ] HKCU\[...]\Advanced : Start_ShowSearch (0) -> REPLACED (1)
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[HJ] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[HJ] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[HJ] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> REPLACED (0)
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver: [NOT LOADED] ¤¤¤
¤¤¤ Infection : Root.MBR ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
¤¤¤ MBR Verif: ¤¤¤
--- User ---
[MBR] c1a88fa06f58bb977699a103006c040d
[BSP] 4a1d81b41d201190399920354521e3f8 : MBR Code unknown
Partition table:
0 - [ACTIVE] NTFS [VISIBLE] Offset (sectors): 2048 | Size: 208 Mo
1 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 409600 | Size: 639922 Mo
User != LL1 ... KO!
--- LL1 ---
[MBR] 27abab23331fb310b3561016602e9aa1
[BSP] 4a1d81b41d201190399920354521e3f8 : MBR Code unknown
Partition table:
0 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 2048 | Size: 208 Mo
1 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 409600 | Size: 639922 Mo
2 - [ACTIVE] NTFS [HIDDEN!] Offset (sectors): 1250258944 | Size: 2 Mo
User != LL2 ... KO!
--- LL2 ---
[MBR] 27abab23331fb310b3561016602e9aa1
[BSP] 4a1d81b41d201190399920354521e3f8 : MBR Code unknown
Partition table:
0 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 2048 | Size: 208 Mo
1 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 409600 | Size: 639922 Mo
2 - [ACTIVE] NTFS [HIDDEN!] Offset (sectors): 1250258944 | Size: 2 Mo
Termine : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt
RogueKiller V6.2.0 [12/12/2011] par Tigzy
mail: tigzyRK<at>gmail<dot>com
Remontees: https://www.luanagames.com/index.fr.html
Blog: http://tigzyrk.blogspot.com
Systeme d'exploitation: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur: Yogui [Droits d'admin]
Mode: Raccourcis RAZ -- Date : 14/12/2011 02:28:06
¤¤¤ Processus malicieux: 0 ¤¤¤
¤¤¤ Driver: [NOT LOADED] ¤¤¤
Attributs de fichiers restaures:
Bureau: Success 73 / Fail 0
Lancement rapide: Success 18 / Fail 0
Programmes: Success 16004 / Fail 0
Menu demarrer: Success 88 / Fail 0
Dossier utilisateur: Success 59305 / Fail 1
Mes documents: Success 4270 / Fail 0
Mes favoris: Success 29 / Fail 0
Mes images: Success 307 / Fail 0
Ma musique: Success 27410 / Fail 1
Mes videos: Success 150 / Fail 0
Disques locaux: Success 11339 / Fail 1
Sauvegarde: [FOUND] Success 16 / Fail 0
Lecteurs:
[C:] \Device\HarddiskVolume2 -- 0x3 --> Restored
[D:] \Device\CdRom1 -- 0x5 --> Skipped
[E:] \Device\CdRom0 -- 0x5 --> Skipped
¤¤¤ Infection : Rogue.FakeHDD ¤¤¤
Termine : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt
RogueKiller V6.2.0 [12/12/2011] par Tigzy
mail: tigzyRK<at>gmail<dot>com
Remontees: https://www.luanagames.com/index.fr.html
Blog: http://tigzyrk.blogspot.com
Systeme d'exploitation: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur: Yogui [Droits d'admin]
Mode: HOSTS RAZ -- Date : 14/12/2011 02:29:27
¤¤¤ Processus malicieux: 0 ¤¤¤
¤¤¤ Driver: [NOT LOADED] ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
¤¤¤ Nouveau fichier HOSTS: ¤¤¤
127.0.0.1 localhost
Termine : << RKreport[4].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt
RogueKiller V6.2.0 [12/12/2011] par Tigzy
mail: tigzyRK<at>gmail<dot>com
Remontees: https://www.luanagames.com/index.fr.html
Blog: http://tigzyrk.blogspot.com
Systeme d'exploitation: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur: Yogui [Droits d'admin]
Mode: Proxy RAZ -- Date : 14/12/2011 02:29:41
¤¤¤ Processus malicieux: 0 ¤¤¤
¤¤¤ Driver: [NOT LOADED] ¤¤¤
¤¤¤ Entrees de registre: 0 ¤¤¤
Termine : << RKreport[5].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt ; RKreport[5].txt
RogueKiller V6.2.0 [12/12/2011] par Tigzy
mail: tigzyRK<at>gmail<dot>com
Remontees: https://www.luanagames.com/index.fr.html
Blog: http://tigzyrk.blogspot.com
Systeme d'exploitation: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur: Yogui [Droits d'admin]
Mode: DNS RAZ -- Date : 14/12/2011 02:29:54
¤¤¤ Processus malicieux: 0 ¤¤¤
¤¤¤ Driver: [NOT LOADED] ¤¤¤
¤¤¤ Entrees de registre: 0 ¤¤¤
Termine : << RKreport[6].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt ; RKreport[5].txt ;
RKreport[6].txt
voici la 2ème série de rapport RogueKiller
RogueKiller V6.2.0 [12/12/2011] par Tigzy
mail: tigzyRK<at>gmail<dot>com
Remontees: https://www.luanagames.com/index.fr.html
Blog: http://tigzyrk.blogspot.com
Systeme d'exploitation: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur: Yogui [Droits d'admin]
Mode: Recherche -- Date : 14/12/2011 02:41:57
¤¤¤ Processus malicieux: 2 ¤¤¤
[WINDOW : System Fix] 13fYuXTjVRvWJe.exe -- C:\ProgramData\13fYuXTjVRvWJe.exe -> KILLED [TermProc]
[SUSP PATH] 13fYuXTjVRvWJe.exe -- C:\ProgramData\13fYuXTjVRvWJe.exe -> KILLED [TermProc]
¤¤¤ Entrees de registre: 2 ¤¤¤
[HJ] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver: [NOT LOADED] ¤¤¤
¤¤¤ Infection : Rogue.FakeHDD|Root.MBR ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
127.0.0.1 localhost
¤¤¤ MBR Verif: ¤¤¤
--- User ---
[MBR] c1a88fa06f58bb977699a103006c040d
[BSP] 4a1d81b41d201190399920354521e3f8 : MBR Code unknown
Partition table:
0 - [ACTIVE] NTFS [VISIBLE] Offset (sectors): 2048 | Size: 208 Mo
1 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 409600 | Size: 639922 Mo
User != LL1 ... KO!
--- LL1 ---
[MBR] 27abab23331fb310b3561016602e9aa1
[BSP] 4a1d81b41d201190399920354521e3f8 : MBR Code unknown
Partition table:
0 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 2048 | Size: 208 Mo
1 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 409600 | Size: 639922 Mo
2 - [ACTIVE] NTFS [HIDDEN!] Offset (sectors): 1250258944 | Size: 2 Mo
User != LL2 ... KO!
--- LL2 ---
[MBR] 27abab23331fb310b3561016602e9aa1
[BSP] 4a1d81b41d201190399920354521e3f8 : MBR Code unknown
Partition table:
0 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 2048 | Size: 208 Mo
1 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 409600 | Size: 639922 Mo
2 - [ACTIVE] NTFS [HIDDEN!] Offset (sectors): 1250258944 | Size: 2 Mo
Termine : << RKreport[1].txt >>
RKreport[1].txt
RogueKiller V6.2.0 [12/12/2011] par Tigzy
mail: tigzyRK<at>gmail<dot>com
Remontees: https://www.luanagames.com/index.fr.html
Blog: http://tigzyrk.blogspot.com
Systeme d'exploitation: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur: Yogui [Droits d'admin]
Mode: Suppression -- Date : 14/12/2011 02:42:19
¤¤¤ Processus malicieux: 0 ¤¤¤
¤¤¤ Entrees de registre: 2 ¤¤¤
[HJ] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[HJ] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver: [NOT LOADED] ¤¤¤
¤¤¤ Infection : Root.MBR ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
127.0.0.1 localhost
¤¤¤ MBR Verif: ¤¤¤
--- User ---
[MBR] c1a88fa06f58bb977699a103006c040d
[BSP] 4a1d81b41d201190399920354521e3f8 : MBR Code unknown
Partition table:
0 - [ACTIVE] NTFS [VISIBLE] Offset (sectors): 2048 | Size: 208 Mo
1 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 409600 | Size: 639922 Mo
User != LL1 ... KO!
--- LL1 ---
[MBR] 27abab23331fb310b3561016602e9aa1
[BSP] 4a1d81b41d201190399920354521e3f8 : MBR Code unknown
Partition table:
0 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 2048 | Size: 208 Mo
1 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 409600 | Size: 639922 Mo
2 - [ACTIVE] NTFS [HIDDEN!] Offset (sectors): 1250258944 | Size: 2 Mo
User != LL2 ... KO!
--- LL2 ---
[MBR] 27abab23331fb310b3561016602e9aa1
[BSP] 4a1d81b41d201190399920354521e3f8 : MBR Code unknown
Partition table:
0 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 2048 | Size: 208 Mo
1 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 409600 | Size: 639922 Mo
2 - [ACTIVE] NTFS [HIDDEN!] Offset (sectors): 1250258944 | Size: 2 Mo
Termine : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt
RogueKiller V6.2.0 [12/12/2011] par Tigzy
mail: tigzyRK<at>gmail<dot>com
Remontees: https://www.luanagames.com/index.fr.html
Blog: http://tigzyrk.blogspot.com
Systeme d'exploitation: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur: Yogui [Droits d'admin]
Mode: Raccourcis RAZ -- Date : 14/12/2011 02:43:33
¤¤¤ Processus malicieux: 0 ¤¤¤
¤¤¤ Driver: [NOT LOADED] ¤¤¤
Attributs de fichiers restaures:
Bureau: Success 0 / Fail 0
Lancement rapide: Success 0 / Fail 0
Programmes: Success 0 / Fail 0
Menu demarrer: Success 0 / Fail 0
Dossier utilisateur: Success 6 / Fail 1
Mes documents: Success 0 / Fail 0
Mes favoris: Success 0 / Fail 0
Mes images: Success 0 / Fail 0
Ma musique: Success 0 / Fail 1
Mes videos: Success 0 / Fail 0
Disques locaux: Success 0 / Fail 1
Sauvegarde: [FOUND] Success 0 / Fail 16
Lecteurs:
[C:] \Device\HarddiskVolume2 -- 0x3 --> Restored
[D:] \Device\CdRom1 -- 0x5 --> Skipped
[E:] \Device\CdRom0 -- 0x5 --> Skipped
¤¤¤ Infection : Rogue.FakeHDD ¤¤¤
Termine : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt
RogueKiller V6.2.0 [12/12/2011] par Tigzy
mail: tigzyRK<at>gmail<dot>com
Remontees: https://www.luanagames.com/index.fr.html
Blog: http://tigzyrk.blogspot.com
Systeme d'exploitation: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur: Yogui [Droits d'admin]
Mode: Recherche -- Date : 14/12/2011 02:41:57
¤¤¤ Processus malicieux: 2 ¤¤¤
[WINDOW : System Fix] 13fYuXTjVRvWJe.exe -- C:\ProgramData\13fYuXTjVRvWJe.exe -> KILLED [TermProc]
[SUSP PATH] 13fYuXTjVRvWJe.exe -- C:\ProgramData\13fYuXTjVRvWJe.exe -> KILLED [TermProc]
¤¤¤ Entrees de registre: 2 ¤¤¤
[HJ] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver: [NOT LOADED] ¤¤¤
¤¤¤ Infection : Rogue.FakeHDD|Root.MBR ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
127.0.0.1 localhost
¤¤¤ MBR Verif: ¤¤¤
--- User ---
[MBR] c1a88fa06f58bb977699a103006c040d
[BSP] 4a1d81b41d201190399920354521e3f8 : MBR Code unknown
Partition table:
0 - [ACTIVE] NTFS [VISIBLE] Offset (sectors): 2048 | Size: 208 Mo
1 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 409600 | Size: 639922 Mo
User != LL1 ... KO!
--- LL1 ---
[MBR] 27abab23331fb310b3561016602e9aa1
[BSP] 4a1d81b41d201190399920354521e3f8 : MBR Code unknown
Partition table:
0 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 2048 | Size: 208 Mo
1 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 409600 | Size: 639922 Mo
2 - [ACTIVE] NTFS [HIDDEN!] Offset (sectors): 1250258944 | Size: 2 Mo
User != LL2 ... KO!
--- LL2 ---
[MBR] 27abab23331fb310b3561016602e9aa1
[BSP] 4a1d81b41d201190399920354521e3f8 : MBR Code unknown
Partition table:
0 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 2048 | Size: 208 Mo
1 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 409600 | Size: 639922 Mo
2 - [ACTIVE] NTFS [HIDDEN!] Offset (sectors): 1250258944 | Size: 2 Mo
Termine : << RKreport[1].txt >>
RKreport[1].txt
RogueKiller V6.2.0 [12/12/2011] par Tigzy
mail: tigzyRK<at>gmail<dot>com
Remontees: https://www.luanagames.com/index.fr.html
Blog: http://tigzyrk.blogspot.com
Systeme d'exploitation: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur: Yogui [Droits d'admin]
Mode: Suppression -- Date : 14/12/2011 02:42:19
¤¤¤ Processus malicieux: 0 ¤¤¤
¤¤¤ Entrees de registre: 2 ¤¤¤
[HJ] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[HJ] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver: [NOT LOADED] ¤¤¤
¤¤¤ Infection : Root.MBR ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
127.0.0.1 localhost
¤¤¤ MBR Verif: ¤¤¤
--- User ---
[MBR] c1a88fa06f58bb977699a103006c040d
[BSP] 4a1d81b41d201190399920354521e3f8 : MBR Code unknown
Partition table:
0 - [ACTIVE] NTFS [VISIBLE] Offset (sectors): 2048 | Size: 208 Mo
1 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 409600 | Size: 639922 Mo
User != LL1 ... KO!
--- LL1 ---
[MBR] 27abab23331fb310b3561016602e9aa1
[BSP] 4a1d81b41d201190399920354521e3f8 : MBR Code unknown
Partition table:
0 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 2048 | Size: 208 Mo
1 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 409600 | Size: 639922 Mo
2 - [ACTIVE] NTFS [HIDDEN!] Offset (sectors): 1250258944 | Size: 2 Mo
User != LL2 ... KO!
--- LL2 ---
[MBR] 27abab23331fb310b3561016602e9aa1
[BSP] 4a1d81b41d201190399920354521e3f8 : MBR Code unknown
Partition table:
0 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 2048 | Size: 208 Mo
1 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 409600 | Size: 639922 Mo
2 - [ACTIVE] NTFS [HIDDEN!] Offset (sectors): 1250258944 | Size: 2 Mo
Termine : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt
RogueKiller V6.2.0 [12/12/2011] par Tigzy
mail: tigzyRK<at>gmail<dot>com
Remontees: https://www.luanagames.com/index.fr.html
Blog: http://tigzyrk.blogspot.com
Systeme d'exploitation: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur: Yogui [Droits d'admin]
Mode: Raccourcis RAZ -- Date : 14/12/2011 02:43:33
¤¤¤ Processus malicieux: 0 ¤¤¤
¤¤¤ Driver: [NOT LOADED] ¤¤¤
Attributs de fichiers restaures:
Bureau: Success 0 / Fail 0
Lancement rapide: Success 0 / Fail 0
Programmes: Success 0 / Fail 0
Menu demarrer: Success 0 / Fail 0
Dossier utilisateur: Success 6 / Fail 1
Mes documents: Success 0 / Fail 0
Mes favoris: Success 0 / Fail 0
Mes images: Success 0 / Fail 0
Ma musique: Success 0 / Fail 1
Mes videos: Success 0 / Fail 0
Disques locaux: Success 0 / Fail 1
Sauvegarde: [FOUND] Success 0 / Fail 16
Lecteurs:
[C:] \Device\HarddiskVolume2 -- 0x3 --> Restored
[D:] \Device\CdRom1 -- 0x5 --> Skipped
[E:] \Device\CdRom0 -- 0x5 --> Skipped
¤¤¤ Infection : Rogue.FakeHDD ¤¤¤
Termine : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt
et enfin la 3ème série de rapport RogueKiller
RogueKiller V6.2.0 [12/12/2011] par Tigzy
mail: tigzyRK<at>gmail<dot>com
Remontees: https://www.luanagames.com/index.fr.html
Blog: http://tigzyrk.blogspot.com
Systeme d'exploitation: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur: Yogui [Droits d'admin]
Mode: Recherche -- Date : 14/12/2011 02:52:59
¤¤¤ Processus malicieux: 0 ¤¤¤
¤¤¤ Entrees de registre: 0 ¤¤¤
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver: [NOT LOADED] ¤¤¤
¤¤¤ Infection : Root.MBR ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
127.0.0.1 localhost
¤¤¤ MBR Verif: ¤¤¤
--- User ---
[MBR] c1a88fa06f58bb977699a103006c040d
[BSP] 4a1d81b41d201190399920354521e3f8 : MBR Code unknown
Partition table:
0 - [ACTIVE] NTFS [VISIBLE] Offset (sectors): 2048 | Size: 208 Mo
1 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 409600 | Size: 639922 Mo
User != LL1 ... KO!
--- LL1 ---
[MBR] 27abab23331fb310b3561016602e9aa1
[BSP] 4a1d81b41d201190399920354521e3f8 : MBR Code unknown
Partition table:
0 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 2048 | Size: 208 Mo
1 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 409600 | Size: 639922 Mo
2 - [ACTIVE] NTFS [HIDDEN!] Offset (sectors): 1250258944 | Size: 2 Mo
User != LL2 ... KO!
--- LL2 ---
[MBR] 27abab23331fb310b3561016602e9aa1
[BSP] 4a1d81b41d201190399920354521e3f8 : MBR Code unknown
Partition table:
0 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 2048 | Size: 208 Mo
1 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 409600 | Size: 639922 Mo
2 - [ACTIVE] NTFS [HIDDEN!] Offset (sectors): 1250258944 | Size: 2 Mo
Termine : << RKreport[1].txt >>
RKreport[1].txt
RogueKiller V6.2.0 [12/12/2011] par Tigzy
mail: tigzyRK<at>gmail<dot>com
Remontees: https://www.luanagames.com/index.fr.html
Blog: http://tigzyrk.blogspot.com
Systeme d'exploitation: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur: Yogui [Droits d'admin]
Mode: Suppression -- Date : 14/12/2011 02:53:26
¤¤¤ Processus malicieux: 0 ¤¤¤
¤¤¤ Entrees de registre: 0 ¤¤¤
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver: [NOT LOADED] ¤¤¤
¤¤¤ Infection : Root.MBR ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
127.0.0.1 localhost
¤¤¤ MBR Verif: ¤¤¤
--- User ---
[MBR] c1a88fa06f58bb977699a103006c040d
[BSP] 4a1d81b41d201190399920354521e3f8 : MBR Code unknown
Partition table:
0 - [ACTIVE] NTFS [VISIBLE] Offset (sectors): 2048 | Size: 208 Mo
1 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 409600 | Size: 639922 Mo
User != LL1 ... KO!
--- LL1 ---
[MBR] 27abab23331fb310b3561016602e9aa1
[BSP] 4a1d81b41d201190399920354521e3f8 : MBR Code unknown
Partition table:
0 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 2048 | Size: 208 Mo
1 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 409600 | Size: 639922 Mo
2 - [ACTIVE] NTFS [HIDDEN!] Offset (sectors): 1250258944 | Size: 2 Mo
User != LL2 ... KO!
--- LL2 ---
[MBR] 27abab23331fb310b3561016602e9aa1
[BSP] 4a1d81b41d201190399920354521e3f8 : MBR Code unknown
Partition table:
0 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 2048 | Size: 208 Mo
1 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 409600 | Size: 639922 Mo
2 - [ACTIVE] NTFS [HIDDEN!] Offset (sectors): 1250258944 | Size: 2 Mo
Termine : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt
RogueKiller V6.2.0 [12/12/2011] par Tigzy
mail: tigzyRK<at>gmail<dot>com
Remontees: https://www.luanagames.com/index.fr.html
Blog: http://tigzyrk.blogspot.com
Systeme d'exploitation: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur: Yogui [Droits d'admin]
Mode: Raccourcis RAZ -- Date : 14/12/2011 02:54:28
¤¤¤ Processus malicieux: 0 ¤¤¤
¤¤¤ Driver: [NOT LOADED] ¤¤¤
Attributs de fichiers restaures:
Bureau: Success 0 / Fail 0
Lancement rapide: Success 0 / Fail 0
Programmes: Success 0 / Fail 0
Menu demarrer: Success 0 / Fail 0
Dossier utilisateur: Success 6 / Fail 1
Mes documents: Success 0 / Fail 0
Mes favoris: Success 0 / Fail 0
Mes images: Success 0 / Fail 0
Ma musique: Success 0 / Fail 1
Mes videos: Success 0 / Fail 0
Disques locaux: Success 0 / Fail 1
Sauvegarde: [FOUND] Success 0 / Fail 16
Lecteurs:
[C:] \Device\HarddiskVolume2 -- 0x3 --> Restored
[D:] \Device\CdRom1 -- 0x5 --> Skipped
[E:] \Device\CdRom0 -- 0x5 --> Skipped
¤¤¤ Infection : Rogue.FakeHDD ¤¤¤
Termine : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt
RogueKiller V6.2.0 [12/12/2011] par Tigzy
mail: tigzyRK<at>gmail<dot>com
Remontees: https://www.luanagames.com/index.fr.html
Blog: http://tigzyrk.blogspot.com
Systeme d'exploitation: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur: Yogui [Droits d'admin]
Mode: Recherche -- Date : 14/12/2011 02:52:59
¤¤¤ Processus malicieux: 0 ¤¤¤
¤¤¤ Entrees de registre: 0 ¤¤¤
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver: [NOT LOADED] ¤¤¤
¤¤¤ Infection : Root.MBR ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
127.0.0.1 localhost
¤¤¤ MBR Verif: ¤¤¤
--- User ---
[MBR] c1a88fa06f58bb977699a103006c040d
[BSP] 4a1d81b41d201190399920354521e3f8 : MBR Code unknown
Partition table:
0 - [ACTIVE] NTFS [VISIBLE] Offset (sectors): 2048 | Size: 208 Mo
1 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 409600 | Size: 639922 Mo
User != LL1 ... KO!
--- LL1 ---
[MBR] 27abab23331fb310b3561016602e9aa1
[BSP] 4a1d81b41d201190399920354521e3f8 : MBR Code unknown
Partition table:
0 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 2048 | Size: 208 Mo
1 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 409600 | Size: 639922 Mo
2 - [ACTIVE] NTFS [HIDDEN!] Offset (sectors): 1250258944 | Size: 2 Mo
User != LL2 ... KO!
--- LL2 ---
[MBR] 27abab23331fb310b3561016602e9aa1
[BSP] 4a1d81b41d201190399920354521e3f8 : MBR Code unknown
Partition table:
0 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 2048 | Size: 208 Mo
1 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 409600 | Size: 639922 Mo
2 - [ACTIVE] NTFS [HIDDEN!] Offset (sectors): 1250258944 | Size: 2 Mo
Termine : << RKreport[1].txt >>
RKreport[1].txt
RogueKiller V6.2.0 [12/12/2011] par Tigzy
mail: tigzyRK<at>gmail<dot>com
Remontees: https://www.luanagames.com/index.fr.html
Blog: http://tigzyrk.blogspot.com
Systeme d'exploitation: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur: Yogui [Droits d'admin]
Mode: Suppression -- Date : 14/12/2011 02:53:26
¤¤¤ Processus malicieux: 0 ¤¤¤
¤¤¤ Entrees de registre: 0 ¤¤¤
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver: [NOT LOADED] ¤¤¤
¤¤¤ Infection : Root.MBR ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
127.0.0.1 localhost
¤¤¤ MBR Verif: ¤¤¤
--- User ---
[MBR] c1a88fa06f58bb977699a103006c040d
[BSP] 4a1d81b41d201190399920354521e3f8 : MBR Code unknown
Partition table:
0 - [ACTIVE] NTFS [VISIBLE] Offset (sectors): 2048 | Size: 208 Mo
1 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 409600 | Size: 639922 Mo
User != LL1 ... KO!
--- LL1 ---
[MBR] 27abab23331fb310b3561016602e9aa1
[BSP] 4a1d81b41d201190399920354521e3f8 : MBR Code unknown
Partition table:
0 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 2048 | Size: 208 Mo
1 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 409600 | Size: 639922 Mo
2 - [ACTIVE] NTFS [HIDDEN!] Offset (sectors): 1250258944 | Size: 2 Mo
User != LL2 ... KO!
--- LL2 ---
[MBR] 27abab23331fb310b3561016602e9aa1
[BSP] 4a1d81b41d201190399920354521e3f8 : MBR Code unknown
Partition table:
0 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 2048 | Size: 208 Mo
1 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 409600 | Size: 639922 Mo
2 - [ACTIVE] NTFS [HIDDEN!] Offset (sectors): 1250258944 | Size: 2 Mo
Termine : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt
RogueKiller V6.2.0 [12/12/2011] par Tigzy
mail: tigzyRK<at>gmail<dot>com
Remontees: https://www.luanagames.com/index.fr.html
Blog: http://tigzyrk.blogspot.com
Systeme d'exploitation: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur: Yogui [Droits d'admin]
Mode: Raccourcis RAZ -- Date : 14/12/2011 02:54:28
¤¤¤ Processus malicieux: 0 ¤¤¤
¤¤¤ Driver: [NOT LOADED] ¤¤¤
Attributs de fichiers restaures:
Bureau: Success 0 / Fail 0
Lancement rapide: Success 0 / Fail 0
Programmes: Success 0 / Fail 0
Menu demarrer: Success 0 / Fail 0
Dossier utilisateur: Success 6 / Fail 1
Mes documents: Success 0 / Fail 0
Mes favoris: Success 0 / Fail 0
Mes images: Success 0 / Fail 0
Ma musique: Success 0 / Fail 1
Mes videos: Success 0 / Fail 0
Disques locaux: Success 0 / Fail 1
Sauvegarde: [FOUND] Success 0 / Fail 16
Lecteurs:
[C:] \Device\HarddiskVolume2 -- 0x3 --> Restored
[D:] \Device\CdRom1 -- 0x5 --> Skipped
[E:] \Device\CdRom0 -- 0x5 --> Skipped
¤¤¤ Infection : Rogue.FakeHDD ¤¤¤
Termine : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
voici maintenant les rapports Malwarebytes
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org
Version de la base de données: 7622
Windows 6.1.7601 Service Pack 1
Internet Explorer 8.0.7601.17514
14/12/2011 01:55:50
mbam-log-2011-12-14 (01-55-50).txt
Type d'examen: Examen rapide
Elément(s) analysé(s): 176679
Temps écoulé: 6 minute(s), 41 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 4
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyComputer (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowSearch (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (PUM.Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (PUM.Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org
Version de la base de données: 8378
Windows 6.1.7601 Service Pack 1
Internet Explorer 8.0.7601.17514
16/12/2011 14:51:07
mbam-log-2011-12-16 (14-51-07).txt
Type d'examen: Examen complet (C:\|D:\|E:\|F:\|H:\|)
Elément(s) analysé(s): 511506
Temps écoulé: 1 heure(s), 2 minute(s), 14 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 2
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
c:\Users\Yogui\AppData\LocalLow\Sun\Java\deployment\cache\6.0\16\76701bd0-292b2e91 (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Yogui\chat-land\chat-landmessenger.exe (Trojan.Hijacker) -> Quarantined and deleted successfully.
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org
Version de la base de données: 7622
Windows 6.1.7601 Service Pack 1
Internet Explorer 8.0.7601.17514
14/12/2011 01:55:50
mbam-log-2011-12-14 (01-55-50).txt
Type d'examen: Examen rapide
Elément(s) analysé(s): 176679
Temps écoulé: 6 minute(s), 41 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 4
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyComputer (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowSearch (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (PUM.Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (PUM.Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org
Version de la base de données: 8378
Windows 6.1.7601 Service Pack 1
Internet Explorer 8.0.7601.17514
16/12/2011 14:51:07
mbam-log-2011-12-16 (14-51-07).txt
Type d'examen: Examen complet (C:\|D:\|E:\|F:\|H:\|)
Elément(s) analysé(s): 511506
Temps écoulé: 1 heure(s), 2 minute(s), 14 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 2
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
c:\Users\Yogui\AppData\LocalLow\Sun\Java\deployment\cache\6.0\16\76701bd0-292b2e91 (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Yogui\chat-land\chat-landmessenger.exe (Trojan.Hijacker) -> Quarantined and deleted successfully.
Pour ce qui est des autres rapports je suis désolé je les ai supprimer en désinstallant les logiciels ....et je n'arrive pas à mettre la main sur le rapport Panda Cloud, mais il n'avait trouver qu'un seul virus "logiciel publicitaire" : C:\Users\Yogui\AppData\Local\Temp\test:reg
voila merci d'avance :-)
voila merci d'avance :-)
Hello
Juste pour signaler que ta version de RogueKiller est obsolète
Tu peux télécharger la nouvelle version et passer le mode 1?
Juste pour signaler que ta version de RogueKiller est obsolète
Tu peux télécharger la nouvelle version et passer le mode 1?
Bonne Année à toi ainsi qu à toute l équipe !
Voila les rapports avec le dernier RogueKiller
RogueKiller V6.2.2 [31/12/2011] par Tigzy
mail: tigzyRK<at>gmail<dot>com
Remontees: https://www.luanagames.com/index.fr.html
Blog: http://tigzyrk.blogspot.com
Systeme d'exploitation: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur: Yogui [Droits d'admin]
Mode: Recherche -- Date : 02/01/2012 00:50:59
¤¤¤ Processus malicieux: 0 ¤¤¤
¤¤¤ Entrees de registre: 5 ¤¤¤
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND
[HJ] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver: [NOT LOADED] ¤¤¤
¤¤¤ Infection : Root.MBR ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
127.0.0.1 localhost
¤¤¤ MBR Verif: ¤¤¤
+++++ PhysicalDrive0: +++++
--- User ---
[MBR] c1a88fa06f58bb977699a103006c040d
[BSP] 4a1d81b41d201190399920354521e3f8 : Windows Vista/7 MBR Code
Partition table:
0 - [ACTIVE] NTFS [VISIBLE] Offset (sectors): 2048 | Size: 208 Mo
1 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 409600 | Size: 639922 Mo
User != LL1 ... KO!
--- LL1 ---
[MBR] 27abab23331fb310b3561016602e9aa1
[BSP] 4a1d81b41d201190399920354521e3f8 : Windows Vista/7 MBR Code
Partition table:
0 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 2048 | Size: 208 Mo
1 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 409600 | Size: 639922 Mo
2 - [ACTIVE] NTFS [HIDDEN!] Offset (sectors): 1250258944 | Size: 2 Mo
User != LL2 ... KO!
--- LL2 ---
[MBR] 27abab23331fb310b3561016602e9aa1
[BSP] 4a1d81b41d201190399920354521e3f8 : Windows Vista/7 MBR Code
Partition table:
0 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 2048 | Size: 208 Mo
1 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 409600 | Size: 639922 Mo
2 - [ACTIVE] NTFS [HIDDEN!] Offset (sectors): 1250258944 | Size: 2 Mo
Termine : << RKreport[1].txt >>
RKreport[1].txt
RogueKiller V6.2.2 [31/12/2011] par Tigzy
mail: tigzyRK<at>gmail<dot>com
Remontees: https://www.luanagames.com/index.fr.html
Blog: http://tigzyrk.blogspot.com
Systeme d'exploitation: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur: Yogui [Droits d'admin]
Mode: Suppression -- Date : 02/01/2012 00:53:44
¤¤¤ Processus malicieux: 0 ¤¤¤
¤¤¤ Entrees de registre: 5 ¤¤¤
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> REPLACED (2)
[HJ] HKLM\[...]\System : EnableLUA (0) -> REPLACED (1)
[HJ] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[HJ] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver: [NOT LOADED] ¤¤¤
¤¤¤ Infection : Root.MBR ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
127.0.0.1 localhost
¤¤¤ MBR Verif: ¤¤¤
+++++ PhysicalDrive0: +++++
--- User ---
[MBR] c1a88fa06f58bb977699a103006c040d
[BSP] 4a1d81b41d201190399920354521e3f8 : Windows Vista/7 MBR Code
Partition table:
0 - [ACTIVE] NTFS [VISIBLE] Offset (sectors): 2048 | Size: 208 Mo
1 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 409600 | Size: 639922 Mo
User != LL1 ... KO!
--- LL1 ---
[MBR] 27abab23331fb310b3561016602e9aa1
[BSP] 4a1d81b41d201190399920354521e3f8 : Windows Vista/7 MBR Code
Partition table:
0 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 2048 | Size: 208 Mo
1 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 409600 | Size: 639922 Mo
2 - [ACTIVE] NTFS [HIDDEN!] Offset (sectors): 1250258944 | Size: 2 Mo
User != LL2 ... KO!
--- LL2 ---
[MBR] 27abab23331fb310b3561016602e9aa1
[BSP] 4a1d81b41d201190399920354521e3f8 : Windows Vista/7 MBR Code
Partition table:
0 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 2048 | Size: 208 Mo
1 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 409600 | Size: 639922 Mo
2 - [ACTIVE] NTFS [HIDDEN!] Offset (sectors): 1250258944 | Size: 2 Mo
Termine : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt
RogueKiller V6.2.2 [31/12/2011] par Tigzy
mail: tigzyRK<at>gmail<dot>com
Remontees: https://www.luanagames.com/index.fr.html
Blog: http://tigzyrk.blogspot.com
Systeme d'exploitation: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur: Yogui [Droits d'admin]
Mode: Raccourcis RAZ -- Date : 02/01/2012 01:07:06
¤¤¤ Processus malicieux: 0 ¤¤¤
¤¤¤ Driver: [NOT LOADED] ¤¤¤
Attributs de fichiers restaures:
Bureau: Success 2 / Fail 0
Lancement rapide: Success 0 / Fail 0
Programmes: Success 0 / Fail 0
Menu demarrer: Success 0 / Fail 0
Dossier utilisateur: Success 61 / Fail 1
Mes documents: Success 0 / Fail 0
Mes favoris: Success 0 / Fail 0
Mes images: Success 0 / Fail 0
Ma musique: Success 4 / Fail 1
Mes videos: Success 0 / Fail 0
Disques locaux: Success 4089 / Fail 1
Sauvegarde: [NOT FOUND]
Lecteurs:
[C:] \Device\HarddiskVolume2 -- 0x3 --> Restored
[D:] \Device\CdRom1 -- 0x5 --> Skipped
[E:] \Device\CdRom0 -- 0x5 --> Skipped
[H:] \Device\HarddiskVolume4 -- 0x3 --> Restored
¤¤¤ Infection : ¤¤¤
Termine : << RKreport[6].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt ; RKreport[5].txt ;
RKreport[6].txt
Voila les rapports avec le dernier RogueKiller
RogueKiller V6.2.2 [31/12/2011] par Tigzy
mail: tigzyRK<at>gmail<dot>com
Remontees: https://www.luanagames.com/index.fr.html
Blog: http://tigzyrk.blogspot.com
Systeme d'exploitation: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur: Yogui [Droits d'admin]
Mode: Recherche -- Date : 02/01/2012 00:50:59
¤¤¤ Processus malicieux: 0 ¤¤¤
¤¤¤ Entrees de registre: 5 ¤¤¤
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND
[HJ] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver: [NOT LOADED] ¤¤¤
¤¤¤ Infection : Root.MBR ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
127.0.0.1 localhost
¤¤¤ MBR Verif: ¤¤¤
+++++ PhysicalDrive0: +++++
--- User ---
[MBR] c1a88fa06f58bb977699a103006c040d
[BSP] 4a1d81b41d201190399920354521e3f8 : Windows Vista/7 MBR Code
Partition table:
0 - [ACTIVE] NTFS [VISIBLE] Offset (sectors): 2048 | Size: 208 Mo
1 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 409600 | Size: 639922 Mo
User != LL1 ... KO!
--- LL1 ---
[MBR] 27abab23331fb310b3561016602e9aa1
[BSP] 4a1d81b41d201190399920354521e3f8 : Windows Vista/7 MBR Code
Partition table:
0 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 2048 | Size: 208 Mo
1 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 409600 | Size: 639922 Mo
2 - [ACTIVE] NTFS [HIDDEN!] Offset (sectors): 1250258944 | Size: 2 Mo
User != LL2 ... KO!
--- LL2 ---
[MBR] 27abab23331fb310b3561016602e9aa1
[BSP] 4a1d81b41d201190399920354521e3f8 : Windows Vista/7 MBR Code
Partition table:
0 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 2048 | Size: 208 Mo
1 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 409600 | Size: 639922 Mo
2 - [ACTIVE] NTFS [HIDDEN!] Offset (sectors): 1250258944 | Size: 2 Mo
Termine : << RKreport[1].txt >>
RKreport[1].txt
RogueKiller V6.2.2 [31/12/2011] par Tigzy
mail: tigzyRK<at>gmail<dot>com
Remontees: https://www.luanagames.com/index.fr.html
Blog: http://tigzyrk.blogspot.com
Systeme d'exploitation: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur: Yogui [Droits d'admin]
Mode: Suppression -- Date : 02/01/2012 00:53:44
¤¤¤ Processus malicieux: 0 ¤¤¤
¤¤¤ Entrees de registre: 5 ¤¤¤
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> REPLACED (2)
[HJ] HKLM\[...]\System : EnableLUA (0) -> REPLACED (1)
[HJ] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[HJ] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver: [NOT LOADED] ¤¤¤
¤¤¤ Infection : Root.MBR ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
127.0.0.1 localhost
¤¤¤ MBR Verif: ¤¤¤
+++++ PhysicalDrive0: +++++
--- User ---
[MBR] c1a88fa06f58bb977699a103006c040d
[BSP] 4a1d81b41d201190399920354521e3f8 : Windows Vista/7 MBR Code
Partition table:
0 - [ACTIVE] NTFS [VISIBLE] Offset (sectors): 2048 | Size: 208 Mo
1 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 409600 | Size: 639922 Mo
User != LL1 ... KO!
--- LL1 ---
[MBR] 27abab23331fb310b3561016602e9aa1
[BSP] 4a1d81b41d201190399920354521e3f8 : Windows Vista/7 MBR Code
Partition table:
0 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 2048 | Size: 208 Mo
1 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 409600 | Size: 639922 Mo
2 - [ACTIVE] NTFS [HIDDEN!] Offset (sectors): 1250258944 | Size: 2 Mo
User != LL2 ... KO!
--- LL2 ---
[MBR] 27abab23331fb310b3561016602e9aa1
[BSP] 4a1d81b41d201190399920354521e3f8 : Windows Vista/7 MBR Code
Partition table:
0 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 2048 | Size: 208 Mo
1 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 409600 | Size: 639922 Mo
2 - [ACTIVE] NTFS [HIDDEN!] Offset (sectors): 1250258944 | Size: 2 Mo
Termine : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt
RogueKiller V6.2.2 [31/12/2011] par Tigzy
mail: tigzyRK<at>gmail<dot>com
Remontees: https://www.luanagames.com/index.fr.html
Blog: http://tigzyrk.blogspot.com
Systeme d'exploitation: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur: Yogui [Droits d'admin]
Mode: Raccourcis RAZ -- Date : 02/01/2012 01:07:06
¤¤¤ Processus malicieux: 0 ¤¤¤
¤¤¤ Driver: [NOT LOADED] ¤¤¤
Attributs de fichiers restaures:
Bureau: Success 2 / Fail 0
Lancement rapide: Success 0 / Fail 0
Programmes: Success 0 / Fail 0
Menu demarrer: Success 0 / Fail 0
Dossier utilisateur: Success 61 / Fail 1
Mes documents: Success 0 / Fail 0
Mes favoris: Success 0 / Fail 0
Mes images: Success 0 / Fail 0
Ma musique: Success 4 / Fail 1
Mes videos: Success 0 / Fail 0
Disques locaux: Success 4089 / Fail 1
Sauvegarde: [NOT FOUND]
Lecteurs:
[C:] \Device\HarddiskVolume2 -- 0x3 --> Restored
[D:] \Device\CdRom1 -- 0x5 --> Skipped
[E:] \Device\CdRom0 -- 0x5 --> Skipped
[H:] \Device\HarddiskVolume4 -- 0x3 --> Restored
¤¤¤ Infection : ¤¤¤
Termine : << RKreport[6].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt ; RKreport[5].txt ;
RKreport[6].txt
Tu as un rootkit MaxSS
Télécharger et dézipper sur le bureau TDSSKiller
= Lancer TDSSKiller en faisant un double clique
= Une fois le scan fini, un rapport s'ouvre
= Copier coller le contenu dans la prochaine réponse
= Le rapport se trouve également dans C:\TDSSKiller.XXXXXX_log.txt.( X correspondant a la version, la date et l'heure )
Télécharger et dézipper sur le bureau TDSSKiller
= Lancer TDSSKiller en faisant un double clique
= Une fois le scan fini, un rapport s'ouvre
= Copier coller le contenu dans la prochaine réponse
= Le rapport se trouve également dans C:\TDSSKiller.XXXXXX_log.txt.( X correspondant a la version, la date et l'heure )
J ai bien télécharger TDSSKiller mais impossible de le lancer, même en safe mode !
Je l ai bien autoriser au pare-feux et j ai aussi lancer l'application "résoudre les problème de compatibilité" ... mais toujours aucune réaction !
Que faire?
Je l ai bien autoriser au pare-feux et j ai aussi lancer l'application "résoudre les problème de compatibilité" ... mais toujours aucune réaction !
Que faire?
Télécharger et enregistrer sur le bureau
Combofix
=Desactiver l'antivirus
=Double-clic sur Combofix
= Presser 1 si demandé
= Attendre la fermeture de l'outil ( 5 -10 mn ou plus si infection importante)
=Copier/coller le rapport dans la réponse
Un rapport dans C:\Combofix.txt à mettre dans la réponse
Réactiver l'antivirus
RIP Jaxryley....
Contributeur SECURITE *** Développeur de RogueKiller ***
Pas de rapports par MP, hébergez les sur www.cijoint.fr. Pas de désinfection par MP, merci d'ouvrir un fil
Combofix
=Desactiver l'antivirus
=Double-clic sur Combofix
= Presser 1 si demandé
= Attendre la fermeture de l'outil ( 5 -10 mn ou plus si infection importante)
=Copier/coller le rapport dans la réponse
Un rapport dans C:\Combofix.txt à mettre dans la réponse
Réactiver l'antivirus
RIP Jaxryley....
Contributeur SECURITE *** Développeur de RogueKiller ***
Pas de rapports par MP, hébergez les sur www.cijoint.fr. Pas de désinfection par MP, merci d'ouvrir un fil
