Et voilà
RogueKiller V7.6.2 [02/07/2012] par Tigzy
mail: tigzyRK<at>gmail<dot>com
Remontees:
http://www.sur-la-toile.com/discussion- ... ntees.htmlBlog:
http://tigzyrk.blogspot.comSysteme d'exploitation: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Demarrage : Mode normal
Utilisateur: jean claude [Droits d'admin]
Mode: Recherche -- Date: 05/07/2012 21:00:47
¤¤¤ Processus malicieux: 0 ¤¤¤
¤¤¤ Entrees de registre: 2 ¤¤¤
[WallPP] HKCU\[...]\Desktop : Wallpaper () -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver: [CHARGE] ¤¤¤
IRP[IRP_MJ_CREATE] : Unknown -> HOOKED ([MAJOR] atapi.sys @ 0xB9E08B40)
IRP[IRP_MJ_CLOSE] : Unknown -> HOOKED ([MAJOR] atapi.sys @ 0xB9E08B40)
IRP[IRP_MJ_DEVICE_CONTROL] : Unknown -> HOOKED ([MAJOR] atapi.sys @ 0xB9E08B40)
IRP[IRP_MJ_INTERNAL_DEVICE_CONTROL] : Unknown -> HOOKED ([MAJOR] atapi.sys @ 0xB9E08B40)
IRP[IRP_MJ_SYSTEM_CONTROL] : Unknown -> HOOKED ([MAJOR] atapi.sys @ 0xB9E08B40)
IRP[IRP_MJ_DEVICE_CHANGE] : Unknown -> HOOKED ([MAJOR] atapi.sys @ 0xB9E08B40)
¤¤¤ Infection : ZeroAccess ¤¤¤
[ZeroAccess] (LOCKED) windir\NtUpdateKBxxxx present!
¤¤¤ Fichier HOSTS: ¤¤¤
¤¤¤ MBR Verif: ¤¤¤
+++++ PhysicalDrive0: ST3250310AS +++++
--- User ---
[MBR] 629b4bd374e9bc19a443b3f59ee3678c
[BSP] c9a04da5601bccf8576b79d62b92b0db : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 60000 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 122881185 | Size: 178464 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Termine : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt