RogueKiller V8.8.4 [Jan 27 2014] par Tigzy mail : tigzyRKgmailcom Remontees : http://www.adlice.com/forum/ Site Web : http://www.sur-la-toile.com/RogueKiller/ Blog : http://www.adlice.com Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Demarrage : Mode normal Utilisateur : Rudy-ds [Droits d'admin] Mode : Recherche -- Date : 02/01/2014 20:14:24 | ARK || FAK || MBR | ¤¤¤ Processus malicieux : 0 ¤¤¤ ¤¤¤ Entrees de registre : 10 ¤¤¤ [RUN][SUSP PATH] HKCU\[...]\Run : flashmemory (wscript.exe //B "C:\Users\Rudy-ds\AppData\Local\Temp\flashmemory.vbe" [x][-]) -> TROUVÉ [RUN][SUSP PATH] HKUS\S-1-5-21-465012693-2708230279-1097855847-1000\[...]\Run : flashmemory (wscript.exe //B "C:\Users\Rudy-ds\AppData\Local\Temp\flashmemory.vbe" [x][-]) -> TROUVÉ [IFEO] HKLM\[...]\bitguard.exe : Debugger (tasklist.exe [x]) -> TROUVÉ [IFEO] HKLM\[...]\bprotect.exe : Debugger (tasklist.exe [x]) -> TROUVÉ [IFEO] HKLM\[...]\browserdefender.exe : Debugger (tasklist.exe [x]) -> TROUVÉ [IFEO] HKLM\[...]\browserprotect.exe : Debugger (tasklist.exe [x]) -> TROUVÉ [HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> TROUVÉ [HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> TROUVÉ [HJ DESK][PUM] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> TROUVÉ [HJ DESK][PUM] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> TROUVÉ ¤¤¤ Tâches planifiées : 0 ¤¤¤ ¤¤¤ Entrées Startup : 0 ¤¤¤ ¤¤¤ Navigateurs web : 0 ¤¤¤ ¤¤¤ Addons navigateur : 0 ¤¤¤ ¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤ ¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤ ¤¤¤ Ruches Externes: ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ Fichier HOSTS: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts ¤¤¤ MBR Verif: ¤¤¤ +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST9750420AS +++++ --- User --- [MBR] cd2fd903ed4578a9f03a33bbf8f1d764 [BSP] 32684af898f092ee7d03a8d2e7af3743 : Windows 7/8 MBR Code Partition table: 0 - [XXXXXX] FAT32-LBA (0x1c) [HIDDEN!] Offset (sectors): 64 | Size: 22000 Mo 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 45056064 | Size: 186816 Mo 2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 427655898 | Size: 506588 Mo User = LL1 ... OK! User = LL2 ... OK! +++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) Wave723 sdcard USB Device +++++ --- User --- [MBR] f88b70e514c1edfae01ff8f50a59e496 [BSP] df4f83c1f72e36823a12b0dfc7617313 : Empty MBR Code Partition table: 0 - [XXXXXX] FAT16 (0x06) [VISIBLE] Offset (sectors): 137 | Size: 1875 Mo User = LL1 ... OK! Error reading LL2 MBR! ([0x32] Cette demande n?est pas prise en charge. ) +++++ PhysicalDrive2: (\\.\PHYSICALDRIVE2 @ USB) CBM Flash Disk USB Device +++++ --- User --- [MBR] a7193ca0cc1ac521ba8314b57f53caf4 [BSP] 1b32e15a8dd1a3cfa9a9a95daff4c905 : Empty MBR Code Partition table: 0 - [ACTIVE] FAT16 (0x06) [VISIBLE] Offset (sectors): 32 | Size: 2017 Mo User = LL1 ... OK! Error reading LL2 MBR! ([0x32] Cette demande n?est pas prise en charge. ) Termine : << RKreport[0]_S_02012014_201424.txt >>