Rogue smart hdd
Résolu/Fermé
A voir également:
- Rogue smart hdd
- Remplacer hdd par ssd - Guide
- Lenovo smart paper - Guide
- Test hdd - Télécharger - Informations & Diagnostic
- Clone hdd - Guide
- Impossible de connecter mi smart speaker - Forum Enceintes / HiFi
1 réponse
Si ca peut vous aider, le rapport de roguekiller:
RogueKiller V7.3.2 [20/03/2012] par Tigzy
mail: tigzyRK<at>gmail<dot>com
Remontees: http://www.sur-la-toile.com/discussion-193725-1-BRogueKillerD-Remontees.html
Blog: http://tigzyrk.blogspot.com
Systeme d'exploitation: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur: Soraya [Droits d'admin]
Mode: Recherche -- Date: 16/04/2012 19:32:18
¤¤¤ Processus malicieux: 2 ¤¤¤
[WINDOW : SMART HDD] FT0RFX2z5rrBfp.exe -- C:\ProgramData\FT0RFX2z5rrBfp.exe -> KILLED [TermProc]
[SUSP PATH] RgWtsvfNRFiS.exe -- C:\ProgramData\RgWtsvfNRFiS.exe -> KILLED [TermProc]
¤¤¤ Entrees de registre: 21 ¤¤¤
[SUSP PATH] HKCU\[...]\Run : RgWtsvfNRFiS.exe (C:\ProgramData\RgWtsvfNRFiS.exe) -> FOUND
[SUSP PATH] HKUS\S-1-5-21-3045858592-1313579368-4199864540-1001[...]\Run : RgWtsvfNRFiS.exe (C:\ProgramData\RgWtsvfNRFiS.exe) -> FOUND
[WallPP] HKCU\[...]\Desktop : Wallpaper () -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowMyComputer (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowSearch (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowMyDocs (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowRecentDocs (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowUser (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowMyPics (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowMyMusic (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowControlPanel (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowHelp (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowPrinters (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowRun (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver: [NON CHARGE] ¤¤¤
¤¤¤ Infection : Rogue.FakeHDD|Root.MBR ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
¤¤¤ MBR Verif: ¤¤¤
+++++ PhysicalDrive0: Hitachi HTS547575A9E384 +++++
--- User ---
[MBR] b64c48d797139c52b82ae74f48d232df
[BSP] 41f5bf7c0cd50a3a24aa558d5e0e8d48 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 694472 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1422688256 | Size: 16669 Mo
3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 1456826368 | Size: 4062 Mo
User = LL1 ... OK!
User != LL2 ... KO!
--- LL2 ---
[MBR] 1b8504b05f14489e85b7d6611506161d
[BSP] 41f5bf7c0cd50a3a24aa558d5e0e8d48 : Windows XP MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 409600 | Size: 77824 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 159793152 | Size: 40000 Mo
2 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 241713152 | Size: 800 Mo
+++++ PhysicalDrive1: SDHC Card +++++
--- User ---
[MBR] 5ed921ac9c57145f34199e90902ec12b
[BSP] df4f83c1f72e36823a12b0dfc7617313 : MBR Code unknown
Partition table:
0 - [XXXXXX] FAT32 (0x0b) [VISIBLE] Offset (sectors): 8192 | Size: 7640 Mo
User = LL1 ... OK!
Error reading LL2 MBR!
Termine : << RKreport[1].txt >>
RKreport[1].txt
2e rapport:
RogueKiller V7.3.2 [20/03/2012] par Tigzy
mail: tigzyRK<at>gmail<dot>com
Remontees: http://www.sur-la-toile.com/discussion-193725-1-BRogueKillerD-Remontees.html
Blog: http://tigzyrk.blogspot.com
Systeme d'exploitation: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur: Soraya [Droits d'admin]
Mode: Suppression -- Date: 16/04/2012 19:37:02
¤¤¤ Processus malicieux: 2 ¤¤¤
[WINDOW : SMART HDD] FT0RFX2z5rrBfp.exe -- C:\ProgramData\FT0RFX2z5rrBfp.exe -> KILLED [TermProc]
[SUSP PATH] RgWtsvfNRFiS.exe -- C:\ProgramData\RgWtsvfNRFiS.exe -> KILLED [TermProc]
¤¤¤ Entrees de registre: 20 ¤¤¤
[SUSP PATH] HKCU\[...]\Run : RgWtsvfNRFiS.exe (C:\ProgramData\RgWtsvfNRFiS.exe) -> DELETED
[WallPP] HKCU\[...]\Desktop : Wallpaper () -> REPLACED (C:\Users\Soraya\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg)
[HJ] HKCU\[...]\Advanced : Start_ShowMyComputer (0) -> REPLACED (1)
[HJ] HKCU\[...]\Advanced : Start_ShowSearch (0) -> REPLACED (1)
[HJ] HKCU\[...]\Advanced : Start_ShowMyDocs (0) -> REPLACED (1)
[HJ] HKCU\[...]\Advanced : Start_ShowRecentDocs (0) -> REPLACED (1)
[HJ] HKCU\[...]\Advanced : Start_ShowUser (0) -> REPLACED (1)
[HJ] HKCU\[...]\Advanced : Start_ShowMyPics (0) -> REPLACED (1)
[HJ] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> REPLACED (1)
[HJ] HKCU\[...]\Advanced : Start_ShowMyMusic (0) -> REPLACED (1)
[HJ] HKCU\[...]\Advanced : Start_ShowControlPanel (0) -> REPLACED (1)
[HJ] HKCU\[...]\Advanced : Start_ShowHelp (0) -> REPLACED (1)
[HJ] HKCU\[...]\Advanced : Start_ShowPrinters (0) -> REPLACED (1)
[HJ] HKCU\[...]\Advanced : Start_ShowRun (0) -> REPLACED (1)
[HJ] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> REPLACED (1)
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[HJ] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[HJ] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> REPLACED (0)
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver: [NON CHARGE] ¤¤¤
¤¤¤ Infection : Rogue.FakeHDD|Root.MBR ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
¤¤¤ MBR Verif: ¤¤¤
+++++ PhysicalDrive0: Hitachi HTS547575A9E384 +++++
--- User ---
[MBR] b64c48d797139c52b82ae74f48d232df
[BSP] 41f5bf7c0cd50a3a24aa558d5e0e8d48 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 694472 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1422688256 | Size: 16669 Mo
3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 1456826368 | Size: 4062 Mo
User = LL1 ... OK!
User != LL2 ... KO!
--- LL2 ---
[MBR] 1b8504b05f14489e85b7d6611506161d
[BSP] 41f5bf7c0cd50a3a24aa558d5e0e8d48 : Windows XP MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 409600 | Size: 77824 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 159793152 | Size: 40000 Mo
2 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 241713152 | Size: 800 Mo
+++++ PhysicalDrive1: SDHC Card +++++
--- User ---
[MBR] 5ed921ac9c57145f34199e90902ec12b
[BSP] df4f83c1f72e36823a12b0dfc7617313 : MBR Code unknown
Partition table:
0 - [XXXXXX] FAT32 (0x0b) [VISIBLE] Offset (sectors): 8192 | Size: 7640 Mo
User = LL1 ... OK!
Error reading LL2 MBR!
Termine : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt
3e rapport :
RogueKiller V7.3.2 [20/03/2012] par Tigzy
mail: tigzyRK<at>gmail<dot>com
Remontees: http://www.sur-la-toile.com/discussion-193725-1-BRogueKillerD-Remontees.html
Blog: http://tigzyrk.blogspot.com
Systeme d'exploitation: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur: Soraya [Droits d'admin]
Mode: Raccourcis RAZ -- Date: 16/04/2012 19:39:13
¤¤¤ Processus malicieux: 2 ¤¤¤
[WINDOW : SMART HDD] FT0RFX2z5rrBfp.exe -- C:\ProgramData\FT0RFX2z5rrBfp.exe -> KILLED [TermProc]
[SUSP PATH] RgWtsvfNRFiS.exe -- C:\ProgramData\RgWtsvfNRFiS.exe -> KILLED [TermProc]
¤¤¤ Driver: [NON CHARGE] ¤¤¤
¤¤¤ Attributs de fichiers restaures: ¤¤¤
Bureau: Success 31 / Fail 0
Lancement rapide: Success 21 / Fail 0
Programmes: Success 14512 / Fail 0
Menu demarrer: Success 37 / Fail 0
Dossier utilisateur: Success 12450 / Fail 0
Mes documents: Success 2761 / Fail 0
Mes favoris: Success 187 / Fail 0
Mes images: Success 654 / Fail 0
Ma musique: Success 1273 / Fail 0
Mes videos: Success 122 / Fail 0
Disques locaux: Success 8430 / Fail 13
Sauvegarde: [FOUND] Success 0 / Fail 247
Lecteurs:
[C:] \Device\HarddiskVolume2 -- 0x3 --> Restored
[D:] \Device\HarddiskVolume3 -- 0x3 --> Restored
[E:] \Device\HarddiskVolume4 -- 0x3 --> Restored
[F:] \Device\CdRom0 -- 0x5 --> Skipped
[G:] \Device\HarddiskVolume5 -- 0x2 --> Restored
[I:] \Device\CdRom1 -- 0x5 --> Skipped
[Q:] \Device\SftVol -- 0x3 --> Restored
¤¤¤ Infection : Rogue.FakeHDD ¤¤¤
Termine : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt
RogueKiller V7.3.2 [20/03/2012] par Tigzy
mail: tigzyRK<at>gmail<dot>com
Remontees: http://www.sur-la-toile.com/discussion-193725-1-BRogueKillerD-Remontees.html
Blog: http://tigzyrk.blogspot.com
Systeme d'exploitation: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur: Soraya [Droits d'admin]
Mode: Recherche -- Date: 16/04/2012 19:32:18
¤¤¤ Processus malicieux: 2 ¤¤¤
[WINDOW : SMART HDD] FT0RFX2z5rrBfp.exe -- C:\ProgramData\FT0RFX2z5rrBfp.exe -> KILLED [TermProc]
[SUSP PATH] RgWtsvfNRFiS.exe -- C:\ProgramData\RgWtsvfNRFiS.exe -> KILLED [TermProc]
¤¤¤ Entrees de registre: 21 ¤¤¤
[SUSP PATH] HKCU\[...]\Run : RgWtsvfNRFiS.exe (C:\ProgramData\RgWtsvfNRFiS.exe) -> FOUND
[SUSP PATH] HKUS\S-1-5-21-3045858592-1313579368-4199864540-1001[...]\Run : RgWtsvfNRFiS.exe (C:\ProgramData\RgWtsvfNRFiS.exe) -> FOUND
[WallPP] HKCU\[...]\Desktop : Wallpaper () -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowMyComputer (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowSearch (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowMyDocs (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowRecentDocs (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowUser (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowMyPics (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowMyMusic (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowControlPanel (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowHelp (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowPrinters (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowRun (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver: [NON CHARGE] ¤¤¤
¤¤¤ Infection : Rogue.FakeHDD|Root.MBR ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
¤¤¤ MBR Verif: ¤¤¤
+++++ PhysicalDrive0: Hitachi HTS547575A9E384 +++++
--- User ---
[MBR] b64c48d797139c52b82ae74f48d232df
[BSP] 41f5bf7c0cd50a3a24aa558d5e0e8d48 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 694472 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1422688256 | Size: 16669 Mo
3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 1456826368 | Size: 4062 Mo
User = LL1 ... OK!
User != LL2 ... KO!
--- LL2 ---
[MBR] 1b8504b05f14489e85b7d6611506161d
[BSP] 41f5bf7c0cd50a3a24aa558d5e0e8d48 : Windows XP MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 409600 | Size: 77824 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 159793152 | Size: 40000 Mo
2 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 241713152 | Size: 800 Mo
+++++ PhysicalDrive1: SDHC Card +++++
--- User ---
[MBR] 5ed921ac9c57145f34199e90902ec12b
[BSP] df4f83c1f72e36823a12b0dfc7617313 : MBR Code unknown
Partition table:
0 - [XXXXXX] FAT32 (0x0b) [VISIBLE] Offset (sectors): 8192 | Size: 7640 Mo
User = LL1 ... OK!
Error reading LL2 MBR!
Termine : << RKreport[1].txt >>
RKreport[1].txt
2e rapport:
RogueKiller V7.3.2 [20/03/2012] par Tigzy
mail: tigzyRK<at>gmail<dot>com
Remontees: http://www.sur-la-toile.com/discussion-193725-1-BRogueKillerD-Remontees.html
Blog: http://tigzyrk.blogspot.com
Systeme d'exploitation: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur: Soraya [Droits d'admin]
Mode: Suppression -- Date: 16/04/2012 19:37:02
¤¤¤ Processus malicieux: 2 ¤¤¤
[WINDOW : SMART HDD] FT0RFX2z5rrBfp.exe -- C:\ProgramData\FT0RFX2z5rrBfp.exe -> KILLED [TermProc]
[SUSP PATH] RgWtsvfNRFiS.exe -- C:\ProgramData\RgWtsvfNRFiS.exe -> KILLED [TermProc]
¤¤¤ Entrees de registre: 20 ¤¤¤
[SUSP PATH] HKCU\[...]\Run : RgWtsvfNRFiS.exe (C:\ProgramData\RgWtsvfNRFiS.exe) -> DELETED
[WallPP] HKCU\[...]\Desktop : Wallpaper () -> REPLACED (C:\Users\Soraya\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg)
[HJ] HKCU\[...]\Advanced : Start_ShowMyComputer (0) -> REPLACED (1)
[HJ] HKCU\[...]\Advanced : Start_ShowSearch (0) -> REPLACED (1)
[HJ] HKCU\[...]\Advanced : Start_ShowMyDocs (0) -> REPLACED (1)
[HJ] HKCU\[...]\Advanced : Start_ShowRecentDocs (0) -> REPLACED (1)
[HJ] HKCU\[...]\Advanced : Start_ShowUser (0) -> REPLACED (1)
[HJ] HKCU\[...]\Advanced : Start_ShowMyPics (0) -> REPLACED (1)
[HJ] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> REPLACED (1)
[HJ] HKCU\[...]\Advanced : Start_ShowMyMusic (0) -> REPLACED (1)
[HJ] HKCU\[...]\Advanced : Start_ShowControlPanel (0) -> REPLACED (1)
[HJ] HKCU\[...]\Advanced : Start_ShowHelp (0) -> REPLACED (1)
[HJ] HKCU\[...]\Advanced : Start_ShowPrinters (0) -> REPLACED (1)
[HJ] HKCU\[...]\Advanced : Start_ShowRun (0) -> REPLACED (1)
[HJ] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> REPLACED (1)
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[HJ] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[HJ] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> REPLACED (0)
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver: [NON CHARGE] ¤¤¤
¤¤¤ Infection : Rogue.FakeHDD|Root.MBR ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
¤¤¤ MBR Verif: ¤¤¤
+++++ PhysicalDrive0: Hitachi HTS547575A9E384 +++++
--- User ---
[MBR] b64c48d797139c52b82ae74f48d232df
[BSP] 41f5bf7c0cd50a3a24aa558d5e0e8d48 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 694472 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1422688256 | Size: 16669 Mo
3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 1456826368 | Size: 4062 Mo
User = LL1 ... OK!
User != LL2 ... KO!
--- LL2 ---
[MBR] 1b8504b05f14489e85b7d6611506161d
[BSP] 41f5bf7c0cd50a3a24aa558d5e0e8d48 : Windows XP MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 409600 | Size: 77824 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 159793152 | Size: 40000 Mo
2 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 241713152 | Size: 800 Mo
+++++ PhysicalDrive1: SDHC Card +++++
--- User ---
[MBR] 5ed921ac9c57145f34199e90902ec12b
[BSP] df4f83c1f72e36823a12b0dfc7617313 : MBR Code unknown
Partition table:
0 - [XXXXXX] FAT32 (0x0b) [VISIBLE] Offset (sectors): 8192 | Size: 7640 Mo
User = LL1 ... OK!
Error reading LL2 MBR!
Termine : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt
3e rapport :
RogueKiller V7.3.2 [20/03/2012] par Tigzy
mail: tigzyRK<at>gmail<dot>com
Remontees: http://www.sur-la-toile.com/discussion-193725-1-BRogueKillerD-Remontees.html
Blog: http://tigzyrk.blogspot.com
Systeme d'exploitation: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur: Soraya [Droits d'admin]
Mode: Raccourcis RAZ -- Date: 16/04/2012 19:39:13
¤¤¤ Processus malicieux: 2 ¤¤¤
[WINDOW : SMART HDD] FT0RFX2z5rrBfp.exe -- C:\ProgramData\FT0RFX2z5rrBfp.exe -> KILLED [TermProc]
[SUSP PATH] RgWtsvfNRFiS.exe -- C:\ProgramData\RgWtsvfNRFiS.exe -> KILLED [TermProc]
¤¤¤ Driver: [NON CHARGE] ¤¤¤
¤¤¤ Attributs de fichiers restaures: ¤¤¤
Bureau: Success 31 / Fail 0
Lancement rapide: Success 21 / Fail 0
Programmes: Success 14512 / Fail 0
Menu demarrer: Success 37 / Fail 0
Dossier utilisateur: Success 12450 / Fail 0
Mes documents: Success 2761 / Fail 0
Mes favoris: Success 187 / Fail 0
Mes images: Success 654 / Fail 0
Ma musique: Success 1273 / Fail 0
Mes videos: Success 122 / Fail 0
Disques locaux: Success 8430 / Fail 13
Sauvegarde: [FOUND] Success 0 / Fail 247
Lecteurs:
[C:] \Device\HarddiskVolume2 -- 0x3 --> Restored
[D:] \Device\HarddiskVolume3 -- 0x3 --> Restored
[E:] \Device\HarddiskVolume4 -- 0x3 --> Restored
[F:] \Device\CdRom0 -- 0x5 --> Skipped
[G:] \Device\HarddiskVolume5 -- 0x2 --> Restored
[I:] \Device\CdRom1 -- 0x5 --> Skipped
[Q:] \Device\SftVol -- 0x3 --> Restored
¤¤¤ Infection : Rogue.FakeHDD ¤¤¤
Termine : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt
