Anonyme
Nombre d'articles : 0

j’ai fait un scan avec rogue killer et je te poste le rapport

RogueKiller V8.7.6 [Oct 28 2013] par Tigzy
mail : tigzyRKgmailcom
Remontees : http://www.adlice.com/forum/” onclick=”window.open(this.href);return false;
Site Web : http://www.sur-la-toile.com/RogueKiller/” onclick=”window.open(this.href);return false;
Blog : http://tigzyrk.blogspot.com/” onclick=”window.open(this.href);return false;

Systeme d’exploitation : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Demarrage : Mode normal
Utilisateur : Quentin [Droits d’admin]
Mode : Recherche — Date : 11/09/2013 10:44:29
| ARK || FAK || MBR |

¤¤¤ Processus malicieux : 0 ¤¤¤

¤¤¤ Entrees de registre : 0 ¤¤¤

¤¤¤ Tâches planifiées : 0 ¤¤¤

¤¤¤ Entrées Startup : 0 ¤¤¤

¤¤¤ Navigateurs web : 0 ¤¤¤

¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤

¤¤¤ Driver : [CHARGE] ¤¤¤
[Address] IAT @explorer.exe (GetProcAddress) : KERNEL32.dll -> HOOKED (C:Windowssystem32apphelp.dll @ 0x74EBFFF6)
[Inline] EAT @explorer.exe (RegCreateKeyExW) : pkmws.dll -> HOOKED (C:Windowssystem32ADVAPI32.dll @ 0x7559407E)
[Inline] EAT @explorer.exe (RegEnumKeyW) : pkmws.dll -> HOOKED (C:Windowssystem32ADVAPI32.dll @ 0x755943DB)
[Inline] EAT @explorer.exe (RegOpenKeyExW) : pkmws.dll -> HOOKED (C:Windowssystem32ADVAPI32.dll @ 0x7559460D)
[Inline] EAT @explorer.exe (RegQueryValueExW) : pkmws.dll -> HOOKED (C:Windowssystem32ADVAPI32.dll @ 0x7559462D)
[Inline] EAT @explorer.exe (RegisterClipboardFormatW) : pkmws.dll -> HOOKED (C:Windowssystem32USER32.dll @ 0x759FDF8D)

¤¤¤ Ruches Externes: ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ Fichier HOSTS: ¤¤¤
–> %SystemRoot%System32driversetchosts

127.0.0.1 localhost

¤¤¤ MBR Verif: ¤¤¤

+++++ PhysicalDrive0: (\.PHYSICALDRIVE0 @ SCSI) WDC WD10EADS-65L5B1 +++++
— User —
[MBR] 0dacc6f80ab7bea0ab0f1ab47ab99b7e
[BSP] ceb84c3e7b096f62a58a22cb4210973b : Windows 7/8 MBR Code
Partition table:
0 – [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 – [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 516870 Mo
2 – [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 1058756608 | Size: 422000 Mo
3 – [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1923012630 | Size: 14896 Mo
User = LL1 … OK!
User != LL2 … KO!
— LL2 —
[MBR] 88e42e907aec80f2e3f36dffeac43632
[BSP] 096ca65415799301792a33c93b5e78da : Windows XP MBR Code
Partition table:

+++++ PhysicalDrive1: (\.PHYSICALDRIVE1 @ USB) pny USB 2.0 FD USB Device +++++
— User —
[MBR] 988746e6ada614f289ae592cdf623b65
[BSP] ec038f3ca5091360f60d743d6f1c7fdb : MBR Code unknown
Partition table:
0 – [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 51304 | Size: 30646 Mo
User = LL1 … OK!
Error reading LL2 MBR!

+++++ PhysicalDrive2: (\.PHYSICALDRIVE2 @ USB) Kingston DataTraveler 102 USB Device +++++
— User —
[MBR] 85a2de851ec880b3f234677456bff9b7
[BSP] 33a07a59d299ab4ea9f4ab0156f9d86f : Windows XP MBR Code
Partition table:
0 – [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 8064 | Size: 7636 Mo
User = LL1 … OK!
Error reading LL2 MBR!

+++++ PhysicalDrive3: (\.PHYSICALDRIVE3 @ USB) USB Device +++++
— User —
[MBR] 1e0d13c4ec90f89328e776048f07103a
[BSP] 4b8b702b557e3455c4e0f1b634afd5c4 : MBR Code unknown
Partition table:
0 – [XXXXXX] FAT32 (0x0b) [VISIBLE] Offset (sectors): 2256 | Size: 15235 Mo
User = LL1 … OK!
Error reading LL2 MBR!

Termine : <>

est ce que je suis infectée……