Répondre à : AVG Secure Search .. 2016-09-08T13:34:40+00:00
Gigijack
Participant
Nombre d'articles : 31

Voici les rapports RK (Je n’ai pas trouvé le moyen d’héberger les rapports sur SOSupload,je me suis permis de les mettre ci-dessous..En espérant qu’il n’y aura pas de soucis..)

RogueKiller V8.8.15 [Mar 27 2014] par Adlice Software
mail : http://www.adlice.com/contact/” onclick=”window.open(this.href);return false;
Remontees : http://forum.adlice.com” onclick=”window.open(this.href);return false;
Site Web : http://www.surlatoile.org/RogueKiller/” onclick=”window.open(this.href);return false;
Blog : http://www.adlice.com” onclick=”window.open(this.href);return false;

Systeme d’exploitation : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Demarrage : Mode normal
Utilisateur : jacky [Droits d’admin]
Mode : Recherche — Date : 04/16/2014 16:28:42
| ARK || FAK || MBR |

¤¤¤ Processus malicieux : 0 ¤¤¤

¤¤¤ Entrees de registre : 4 ¤¤¤
[HJ DESK][PUM] HKCU[…]ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> TROUVÉ
[HJ DESK][PUM] HKCU[…]ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> TROUVÉ
[HJ DESK][PUM] HKCU[…]NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> TROUVÉ
[HJ DESK][PUM] HKCU[…]NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> TROUVÉ

¤¤¤ Tâches planifiées : 0 ¤¤¤

¤¤¤ Entrées Startup : 0 ¤¤¤

¤¤¤ Navigateurs web : 0 ¤¤¤

¤¤¤ Addons navigateur : 0 ¤¤¤

¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤

¤¤¤ Driver : [CHARGE] ¤¤¤
[Address] IRP[IRP_MJ_CREATE] : C:WindowsSystem32driversmountmgr.sys -> HOOKED (Unknown @ 0x84E0D1F8)
[Address] IRP[IRP_MJ_CLOSE] : C:WindowsSystem32driversmountmgr.sys -> HOOKED (Unknown @ 0x84E0D1F8)
[Address] IRP[IRP_MJ_DEVICE_CONTROL] : C:WindowsSystem32driversmountmgr.sys -> HOOKED (Unknown @ 0x84E0D1F8)
[Address] IRP[IRP_MJ_INTERNAL_DEVICE_CONTROL] : C:WindowsSystem32driversmountmgr.sys -> HOOKED (Unknown @ 0x84E0D1F8)
[Address] IRP[IRP_MJ_POWER] : C:WindowsSystem32driversmountmgr.sys -> HOOKED (Unknown @ 0x84E0D1F8)
[Address] IRP[IRP_MJ_SYSTEM_CONTROL] : C:WindowsSystem32driversmountmgr.sys -> HOOKED (Unknown @ 0x84E0D1F8)
[Address] IRP[IRP_MJ_PNP] : C:WindowsSystem32driversmountmgr.sys -> HOOKED (Unknown @ 0x84E0D1F8)
[Address] EAT @explorer.exe (DllCanUnloadNow) : XmlLite.dll -> HOOKED (C:WindowsSystem32SndVolSSO.dll @ 0x7401155F)
[Address] EAT @explorer.exe (DllGetClassObject) : XmlLite.dll -> HOOKED (C:WindowsSystem32SndVolSSO.dll @ 0x74014852)
[Address] EAT @explorer.exe (DllMain) : XmlLite.dll -> HOOKED (C:WindowsSystem32SndVolSSO.dll @ 0x740112FB)

¤¤¤ Ruches Externes: ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ Fichier HOSTS: ¤¤¤
–> %SystemRoot%System32driversetchosts

127.0.0.1 localhost
::1 localhost

¤¤¤ MBR Verif: ¤¤¤

+++++ PhysicalDrive0: (\.PHYSICALDRIVE0 @ IDE) WDC WD2500BEVS-22UST0 ATA Device +++++
— User —
[MBR] 5fadba69ec593da05bba5ccd11669cd2
[BSP] 14110ba3b2c4a6720a7571ece2b9e8a7 : Acer MBR Code
Partition table:
0 – [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 63 | Size: 9993 MB
1 – [ACTIVE] FAT16 (0x06) [VISIBLE] Offset (sectors): 20467712 | Size: 114372 MB
2 – [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 254701568 | Size: 114108 MB
User = LL1 … OK!
User = LL2 … OK!

Termine : <>

RogueKiller V8.8.15 [Mar 27 2014] par Adlice Software
mail : http://www.adlice.com/contact/” onclick=”window.open(this.href);return false;
Remontees : http://forum.adlice.com” onclick=”window.open(this.href);return false;
Site Web : http://www.surlatoile.org/RogueKiller/” onclick=”window.open(this.href);return false;
Blog : http://www.adlice.com” onclick=”window.open(this.href);return false;

Systeme d’exploitation : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Demarrage : Mode normal
Utilisateur : jacky [Droits d’admin]
Mode : Suppression — Date : 04/16/2014 16:28:55
| ARK || FAK || MBR |

¤¤¤ Processus malicieux : 0 ¤¤¤

¤¤¤ Entrees de registre : 4 ¤¤¤
[HJ DESK][PUM] HKCU[…]ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REMPLACÉ (0)
[HJ DESK][PUM] HKCU[…]ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REMPLACÉ (0)
[HJ DESK][PUM] HKCU[…]NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REMPLACÉ (0)
[HJ DESK][PUM] HKCU[…]NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REMPLACÉ (0)

¤¤¤ Tâches planifiées : 0 ¤¤¤

¤¤¤ Entrées Startup : 0 ¤¤¤

¤¤¤ Navigateurs web : 0 ¤¤¤

¤¤¤ Addons navigateur : 0 ¤¤¤

¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤

¤¤¤ Driver : [CHARGE] ¤¤¤
[Address] IRP[IRP_MJ_CREATE] : C:WindowsSystem32driversmountmgr.sys -> HOOKED (Unknown @ 0x84E0D1F8)
[Address] IRP[IRP_MJ_CLOSE] : C:WindowsSystem32driversmountmgr.sys -> HOOKED (Unknown @ 0x84E0D1F8)
[Address] IRP[IRP_MJ_DEVICE_CONTROL] : C:WindowsSystem32driversmountmgr.sys -> HOOKED (Unknown @ 0x84E0D1F8)
[Address] IRP[IRP_MJ_INTERNAL_DEVICE_CONTROL] : C:WindowsSystem32driversmountmgr.sys -> HOOKED (Unknown @ 0x84E0D1F8)
[Address] IRP[IRP_MJ_POWER] : C:WindowsSystem32driversmountmgr.sys -> HOOKED (Unknown @ 0x84E0D1F8)
[Address] IRP[IRP_MJ_SYSTEM_CONTROL] : C:WindowsSystem32driversmountmgr.sys -> HOOKED (Unknown @ 0x84E0D1F8)
[Address] IRP[IRP_MJ_PNP] : C:WindowsSystem32driversmountmgr.sys -> HOOKED (Unknown @ 0x84E0D1F8)
[Address] EAT @explorer.exe (DllCanUnloadNow) : XmlLite.dll -> HOOKED (C:WindowsSystem32SndVolSSO.dll @ 0x7401155F)
[Address] EAT @explorer.exe (DllGetClassObject) : XmlLite.dll -> HOOKED (C:WindowsSystem32SndVolSSO.dll @ 0x74014852)
[Address] EAT @explorer.exe (DllMain) : XmlLite.dll -> HOOKED (C:WindowsSystem32SndVolSSO.dll @ 0x740112FB)

¤¤¤ Ruches Externes: ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ Fichier HOSTS: ¤¤¤
–> %SystemRoot%System32driversetchosts

127.0.0.1 localhost
::1 localhost

¤¤¤ MBR Verif: ¤¤¤

+++++ PhysicalDrive0: (\.PHYSICALDRIVE0 @ IDE) WDC WD2500BEVS-22UST0 ATA Device +++++
— User —
[MBR] 5fadba69ec593da05bba5ccd11669cd2
[BSP] 14110ba3b2c4a6720a7571ece2b9e8a7 : Acer MBR Code
Partition table:
0 – [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 63 | Size: 9993 MB
1 – [ACTIVE] FAT16 (0x06) [VISIBLE] Offset (sectors): 20467712 | Size: 114372 MB
2 – [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 254701568 | Size: 114108 MB
User = LL1 … OK!
User = LL2 … OK!

Termine : <>
RKreport[0]_S_04162014_162842.txt