Author Topic: Infected with some thing  (Read 4662 times)

0 Members and 1 Guest are viewing this topic.

July 08, 2016, 12:08:33 AM

Dimera

  • Newbie

  • Offline
  • *

  • 4
  • Reputation:
    0
    • View Profile
Infected with some thing
« on: July 08, 2016, 12:08:33 AM »
RogueKiller V12.3.2.0 [Jun  6 2016] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/software/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User : HP_Administrator [Administrator]
Started from : C:\Documents and Settings\HP_Administrator\Desktop\RogueKiller.exe
Mode : Scan -- Date : 01/01/2006 00:28:41

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 0 ¤¤¤

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 3 (Driver: Loaded) ¤¤¤
[SSDT:Addr(Hook.SSDT)] ZwOpenProcess[122] : C:\WINDOWS\system32\drivers\mbamchameleon.sys @ 0xffffffffa9e7027a
[SSDT:Addr(Hook.SSDT)] ZwOpenThread[128] : C:\WINDOWS\system32\drivers\mbamchameleon.sys @ 0xffffffffa9e70448
[Filter(Kernel.Filter)] \Driver\kbdclass @  : Elkbd.sys @  (\??\C:\WINDOWS\System32\Drivers\Elkbd.sys)

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: WDC WD2500JS-60NCB1 +++++
--- User ---
[MBR] eac73578d9cd2a18f8ce7d3f3e7227d2
[BSP] 05e3161cf4ce79602881f99911e8893d : Toshiba MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 229600 MB [Windows XP Bootstrap | Windows XP Bootloader]
1 - [XXXXXX] FAT32-LBA (0xc) [VISIBLE] Offset (sectors): 470238615 | Size: 8863 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: Generic USB SD Reader USB Device +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )

+++++ PhysicalDrive2: Generic USB CF Reader USB Device +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )

+++++ PhysicalDrive3: Generic USB SM Reader USB Device +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )

+++++ PhysicalDrive4: Generic USB MS Reader USB Device +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )

+++++ PhysicalDrive5: Kingston DataTraveler 2.0 USB Device +++++
--- User ---
[MBR] 5d8496c3ddfcfdb9f0abf956bf5166a4
[BSP] 5968ddfe53bf008fb694a71a17748eb9 : Unknown MBR Code
Partition table:
0 - [XXXXXX] FAT16 (0x6) [VISIBLE] Offset (sectors): 63 | Size: 1906 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] The request is not supported. )


Reply #1July 08, 2016, 12:35:15 AM

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2812
  • Reputation:
    100
    • View Profile
Re: Infected with some thing
« Reply #1 on: July 08, 2016, 12:35:15 AM »
Hi Dimera,

This thread is locked as duplicate.
Please continue here.

Regards.