fredcloes

---- 04.10.2012 - 21h18 ---- Bonjour, Pouvez vous m'aider? Une page blanche prenant tout l'écran m'empêche d'utiliser mon pc Merci ---- 04.10.2012 - 21h33 ---- Voici le rapport du Scan: RogueKiller V8.1.1 [03/10/2012] par Tigzy mail: tigzyRK<at>gmail<dot>com Remontees: [RogueKiller] Remontées (1/60) Website: RogueKiller Blog: tigzy-RK Systeme d'exploitation: Windows XP (5.1.2600 Service Pack 3) 32 bits version Demarrage : Utilisateur : DELPERDANGE [Droits d'admin] Mode : Recherche -- Date : 04/10/2012 21:32:56 ¤¤¤ Processus malicieux : 0 ¤¤¤ ¤¤¤ Entrees de registre : 5 ¤¤¤ [RUN][sUSP PATH] HKCU\[...]\Run : fjvllaxyznzittw (C:\WINDOWS\fjvllaxy.exe) -> TROUVÉ [RUN][sUSP PATH] HKUS\S-1-5-21-436374069-1123561945-1801674531-1003[...]\Run : fjvllaxyznzittw (C:\WINDOWS\fjvllaxy.exe) -> TROUVÉ [HJ DESK] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> TROUVÉ [HJ DESK] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> TROUVÉ [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> TROUVÉ ¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤ ¤¤¤ Driver : [CHARGE] ¤¤¤ SSDT[41] : NtCreateKey @ 0x805737EF -> HOOKED (Unknown @ 0x86BA1700) SSDT[43] : NtCreateMutant @ 0x80577648 -> HOOKED (Unknown @ 0x86BBD4A0) SSDT[47] : NtCreateProcess @ 0x805B0232 -> HOOKED (Unknown @ 0x86BA0500) SSDT[48] : NtCreateProcessEx @ 0x8058304C -> HOOKED (Unknown @ 0x86BA0800) SSDT[52] : NtCreateSymbolicLinkObject @ 0x8059E6FE -> HOOKED (Unknown @ 0x86BBD860) SSDT[53] : NtCreateThread @ 0x8057888D -> HOOKED (Unknown @ 0x86BA2FA0) SSDT[63] : NtDeleteKey @ 0x80595A22 -> HOOKED (Unknown @ 0x86BA1D00) SSDT[65] : NtDeleteValueKey @ 0x80593642 -> HOOKED (Unknown @ 0x86BA2600) SSDT[68] : NtDuplicateObject @ 0x80574942 -> HOOKED (Unknown @ 0x86BBDA40) SSDT[97] : NtLoadDriver @ 0x805A2915 -> HOOKED (Unknown @ 0x86BBD1A0) SSDT[122] : NtOpenProcess @ 0x80574B29 -> HOOKED (Unknown @ 0x86BA0B00) SSDT[125] : NtOpenSection @ 0x8056E4E7 -> HOOKED (Unknown @ 0x86BA2BE0) SSDT[128] : NtOpenThread @ 0x80590C64 -> HOOKED (Unknown @ 0x86BA0E00) SSDT[192] : NtRenameKey @ 0x8064F4DC -> HOOKED (Unknown @ 0x86BA2000) SSDT[204] : NtRestoreKey @ 0x8064F9CD -> HOOKED (Unknown @ 0x86BA2300) SSDT[240] : NtSetSystemInformation @ 0x805A6A01 -> HOOKED (Unknown @ 0x86BBD680) SSDT[247] : NtSetValueKey @ 0x8057DA5B -> HOOKED (Unknown @ 0x86BA1A00) SSDT[257] : NtTerminateProcess @ 0x805857B9 -> HOOKED (Unknown @ 0x86BA1100) SSDT[258] : NtTerminateThread @ 0x80577F9F -> HOOKED (Unknown @ 0x86BA1400) SSDT[277] : NtWriteVirtualMemory @ 0x80581512 -> HOOKED (Unknown @ 0x86BA2DC0) S_SSDT[548] : Unknown -> HOOKED (Unknown @ 0x86BBEB20) S_SSDT[549] : Unknown -> HOOKED (Unknown @ 0x86BBE900) ¤¤¤ Fichier HOSTS: ¤¤¤ --> C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 localhost ¤¤¤ MBR Verif: ¤¤¤ +++++ PhysicalDrive0: MAXTOR STM3802110A +++++ --- User --- [MBR] 85434363aa561c183190eb2e1dbe6401 [bSP] 513c04a584a72b34244e2de0eaaa6071 : Windows XP MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 37997 Mo 1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 77818860 | Size: 38311 Mo User = LL1 ... OK! User = LL2 ... OK! +++++ PhysicalDrive1: SanDisk Cruzer Blade USB Device +++++ --- User --- [MBR] bb911892981bc6935029a9158aca45e5 [bSP] df4f83c1f72e36823a12b0dfc7617313 : MBR Code unknown Partition table: 0 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 32 | Size: 15258 Mo User = LL1 ... OK! Error reading LL2 MBR! Termine : << RKreport[1].txt >> RKreport[1].txt --------------- EDIT --------------- Regroupement des messages. Ne pas cumuler les Posts en démarrage de sujet. Ceci induit les Helpers en erreur, en leur donnant l'impression qu'une prise en charge a déjà été effectuée par l'un des leurs. Tonton.