A voir également:
- Problème avec system check
- Reboot system now - Guide
- Check flash - Télécharger - Sécurité
- Cd check - Télécharger - Récupération de données
- Media test failure check cable ✓ - Forum Matériel & Système
- Check cable connection - Forum Matériel & Système
1 réponse
Voici le premier rapport Rogue killer
RogueKiller V7.3.2 [20/03/2012] par Tigzy
mail: tigzyRK<at>gmail<dot>com
Remontees: http://www.sur-la-toile.com/discussion-193725-1-BRogueKillerD-Remontees.html
Blog: http://tigzyrk.blogspot.com
Systeme d'exploitation: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Demarrage : Mode normal
Utilisateur: Utilisateur [Droits d'admin]
Mode: Recherche -- Date: 28/03/2012 17:43:07
¤¤¤ Processus malicieux: 2 ¤¤¤
[WINDOW : System Check] yjys2HnVDzDgvs.exe -- C:\Documents and Settings\All Users\Application Data\yjys2HnVDzDgvs.exe -> KILLED [TermProc]
[SUSP PATH] kOVWhuUpjWR.exe -- C:\Documents and Settings\All Users\Application Data\kOVWhuUpjWR.exe -> KILLED [TermProc]
¤¤¤ Entrees de registre: 20 ¤¤¤
[SUSP PATH] HKLM\[...]\Run : kOVWhuUpjWR.exe (C:\Documents and Settings\All Users\Application Data\kOVWhuUpjWR.exe) -> FOUND
[HJPOL] HKCU\[...]\System : DisableTaskMgr (1) -> FOUND
[HJPOL] HKLM\[...]\System : DisableTaskMgr (1) -> FOUND
[HJPOL] HKCU\[...]\Explorer : NoDesktop (1) -> FOUND
[HJ] HKCU\[...]\Internet Settings : WarnOnHTTPSToHTTPRedirect (0) -> FOUND
[WallPP] HKCU\[...]\Desktop : Wallpaper () -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowMyComputer (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowSearch (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowMyDocs (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowRecentDocs (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowUser (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowMyPics (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowMyMusic (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowControlPanel (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowHelp (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowPrinters (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowRun (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver: [CHARGE] ¤¤¤
¤¤¤ Infection : Rogue.FakeHDD ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
127.0.0.1 localhost
¤¤¤ MBR Verif: ¤¤¤
+++++ PhysicalDrive0: STM3320418AS +++++
--- User ---
[MBR] 7ad2e957f7e817f476df11c0ffca4005
[BSP] 197055e63bb47850ab8aa60af9e2b295 : Windows XP MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 305234 Mo
1 - [ACTIVE] NTFS (0x17) [HIDDEN!] Offset (sectors): 625121280 | Size: 10 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Termine : << RKreport[1].txt >>
RKreport[1].txt
RogueKiller V7.3.2 [20/03/2012] par Tigzy
mail: tigzyRK<at>gmail<dot>com
Remontees: http://www.sur-la-toile.com/discussion-193725-1-BRogueKillerD-Remontees.html
Blog: http://tigzyrk.blogspot.com
Systeme d'exploitation: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Demarrage : Mode normal
Utilisateur: Utilisateur [Droits d'admin]
Mode: Recherche -- Date: 28/03/2012 17:43:07
¤¤¤ Processus malicieux: 2 ¤¤¤
[WINDOW : System Check] yjys2HnVDzDgvs.exe -- C:\Documents and Settings\All Users\Application Data\yjys2HnVDzDgvs.exe -> KILLED [TermProc]
[SUSP PATH] kOVWhuUpjWR.exe -- C:\Documents and Settings\All Users\Application Data\kOVWhuUpjWR.exe -> KILLED [TermProc]
¤¤¤ Entrees de registre: 20 ¤¤¤
[SUSP PATH] HKLM\[...]\Run : kOVWhuUpjWR.exe (C:\Documents and Settings\All Users\Application Data\kOVWhuUpjWR.exe) -> FOUND
[HJPOL] HKCU\[...]\System : DisableTaskMgr (1) -> FOUND
[HJPOL] HKLM\[...]\System : DisableTaskMgr (1) -> FOUND
[HJPOL] HKCU\[...]\Explorer : NoDesktop (1) -> FOUND
[HJ] HKCU\[...]\Internet Settings : WarnOnHTTPSToHTTPRedirect (0) -> FOUND
[WallPP] HKCU\[...]\Desktop : Wallpaper () -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowMyComputer (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowSearch (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowMyDocs (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowRecentDocs (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowUser (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowMyPics (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowMyMusic (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowControlPanel (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowHelp (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowPrinters (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowRun (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver: [CHARGE] ¤¤¤
¤¤¤ Infection : Rogue.FakeHDD ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
127.0.0.1 localhost
¤¤¤ MBR Verif: ¤¤¤
+++++ PhysicalDrive0: STM3320418AS +++++
--- User ---
[MBR] 7ad2e957f7e817f476df11c0ffca4005
[BSP] 197055e63bb47850ab8aa60af9e2b295 : Windows XP MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 305234 Mo
1 - [ACTIVE] NTFS (0x17) [HIDDEN!] Offset (sectors): 625121280 | Size: 10 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Termine : << RKreport[1].txt >>
RKreport[1].txt
