Publicité
Publicité
Format du document : text/x-log
Prévisualisation
RogueKiller V10.0.2.0 [Oct 16 2014] par Adlice Software
email : http://www.adlice.com/contact/
Remontées : http://forum.adlice.com
Site web : https://www.surlatoile.org/RogueKiller/
Blog : http://www.adlice.com
Système d'exploitation : Windows 8.1 (6.3.9200 ) 64 bits version
Démarré en : Mode normal
Utilisateur : Mathilde [Administrateur]
Mode : Scan -- Date : 10/16/2014 10:29:08
¤¤¤ Processus : 2 ¤¤¤
[ZeroAccess] mcshield.exe -- [x] -> ERROR [12]
[Suspicious.Path] scrncap.exe -- C:\Windows\Temp\irstrtsv\scrncap.exe[-] -> Tué(e) [TermProc]
¤¤¤ Registre : 18 ¤¤¤
[PUM.Proxy] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Trouvé(e)
[PUM.Proxy] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Trouvé(e)
[PUM.Proxy] (X64) HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Trouvé(e)
[PUM.Proxy] (X86) HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Trouvé(e)
[PUM.Proxy] (X64) HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Trouvé(e)
[PUM.Proxy] (X86) HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Trouvé(e)
[PUM.Proxy] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Trouvé(e)
[PUM.Proxy] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Trouvé(e)
[PUM.Proxy] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:50659;https=127.0.0.1:50659 -> Trouvé(e)
[PUM.Proxy] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:50659;https=127.0.0.1:50659 -> Trouvé(e)
[PUM.Proxy] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:50659;https=127.0.0.1:50659 -> Trouvé(e)
[PUM.Proxy] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:50659;https=127.0.0.1:50659 -> Trouvé(e)
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-3303563182-316830305-3265109527-1001\Software\Microsoft\Internet Explorer\Main | Search Page : www.google.com -> Trouvé(e)
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-3303563182-316830305-3265109527-1001\Software\Microsoft\Internet Explorer\Main | Search Page : www.google.com -> Trouvé(e)
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Trouvé(e)
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Trouvé(e)
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Trouvé(e)
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Trouvé(e)
¤¤¤ Tâches : 1 ¤¤¤
[Suspicious.Path] \\temp_2992df36-0b37-4ab0-a71d-5e2740c5bb28-2 -- C:\Users\Mathilde\AppData\Local\Temp\nsx6EDD.tmp\2992df36-0b37-4ab0-a71d-5e2740c5bb28-2.exe (/uaZSnzdfE /IQknOX='HD-Quality-v3' /Hiwfo=61788 /hPGUoYWdS='001915' /cmePmwvg='0' /ahZQYdu='0' /KPIEBIcB=17EF4D3B4EEE45478194E4D3DDE5A2ABIE /llDDf=1675e1e7c7df41127b3cd235490fef88 /XXochV=1_34_07_29 /oQlJzig=http://stats.infogenservice.com /wZPLMb=http://errors.infogenservice.com /pmabyG=11111111-1111-1111-1111-110611171188 /MnlHxl=ch /fnZCk=uninstaller /jkDOBjP='C:\Users\Mathilde\AppData\Local\Temp\HD-Quality-v3Uninstaller_1407438148.log') -> Trouvé(e)
¤¤¤ Fichiers : 0 ¤¤¤
¤¤¤ Fichier Hosts : 0 ¤¤¤
¤¤¤ Antirootkit : 0 (Driver: Non chargé [0xc000036b]) ¤¤¤
¤¤¤ Navigateurs web : 0 ¤¤¤
¤¤¤ Vérification MBR : ¤¤¤
+++++ PhysicalDrive0: LITEONIT LMT-128M6M mSATA 128GB +++++
--- User ---
[MBR] 078a1ac17756859ae9d2aedfa8182f68
[BSP] 1b2188c6063452a3c7083891e8c54ca4 : Empty MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x0) [VISIBLE] Offset (sectors): 1 | Size: 2097151 MB
User = LL1 ... OK
User = LL2 ... OK
email : http://www.adlice.com/contact/
Remontées : http://forum.adlice.com
Site web : https://www.surlatoile.org/RogueKiller/
Blog : http://www.adlice.com
Système d'exploitation : Windows 8.1 (6.3.9200 ) 64 bits version
Démarré en : Mode normal
Utilisateur : Mathilde [Administrateur]
Mode : Scan -- Date : 10/16/2014 10:29:08
¤¤¤ Processus : 2 ¤¤¤
[ZeroAccess] mcshield.exe -- [x] -> ERROR [12]
[Suspicious.Path] scrncap.exe -- C:\Windows\Temp\irstrtsv\scrncap.exe[-] -> Tué(e) [TermProc]
¤¤¤ Registre : 18 ¤¤¤
[PUM.Proxy] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Trouvé(e)
[PUM.Proxy] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Trouvé(e)
[PUM.Proxy] (X64) HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Trouvé(e)
[PUM.Proxy] (X86) HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Trouvé(e)
[PUM.Proxy] (X64) HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Trouvé(e)
[PUM.Proxy] (X86) HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Trouvé(e)
[PUM.Proxy] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Trouvé(e)
[PUM.Proxy] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Trouvé(e)
[PUM.Proxy] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:50659;https=127.0.0.1:50659 -> Trouvé(e)
[PUM.Proxy] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:50659;https=127.0.0.1:50659 -> Trouvé(e)
[PUM.Proxy] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:50659;https=127.0.0.1:50659 -> Trouvé(e)
[PUM.Proxy] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:50659;https=127.0.0.1:50659 -> Trouvé(e)
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-3303563182-316830305-3265109527-1001\Software\Microsoft\Internet Explorer\Main | Search Page : www.google.com -> Trouvé(e)
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-3303563182-316830305-3265109527-1001\Software\Microsoft\Internet Explorer\Main | Search Page : www.google.com -> Trouvé(e)
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Trouvé(e)
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Trouvé(e)
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Trouvé(e)
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Trouvé(e)
¤¤¤ Tâches : 1 ¤¤¤
[Suspicious.Path] \\temp_2992df36-0b37-4ab0-a71d-5e2740c5bb28-2 -- C:\Users\Mathilde\AppData\Local\Temp\nsx6EDD.tmp\2992df36-0b37-4ab0-a71d-5e2740c5bb28-2.exe (/uaZSnzdfE /IQknOX='HD-Quality-v3' /Hiwfo=61788 /hPGUoYWdS='001915' /cmePmwvg='0' /ahZQYdu='0' /KPIEBIcB=17EF4D3B4EEE45478194E4D3DDE5A2ABIE /llDDf=1675e1e7c7df41127b3cd235490fef88 /XXochV=1_34_07_29 /oQlJzig=http://stats.infogenservice.com /wZPLMb=http://errors.infogenservice.com /pmabyG=11111111-1111-1111-1111-110611171188 /MnlHxl=ch /fnZCk=uninstaller /jkDOBjP='C:\Users\Mathilde\AppData\Local\Temp\HD-Quality-v3Uninstaller_1407438148.log') -> Trouvé(e)
¤¤¤ Fichiers : 0 ¤¤¤
¤¤¤ Fichier Hosts : 0 ¤¤¤
¤¤¤ Antirootkit : 0 (Driver: Non chargé [0xc000036b]) ¤¤¤
¤¤¤ Navigateurs web : 0 ¤¤¤
¤¤¤ Vérification MBR : ¤¤¤
+++++ PhysicalDrive0: LITEONIT LMT-128M6M mSATA 128GB +++++
--- User ---
[MBR] 078a1ac17756859ae9d2aedfa8182f68
[BSP] 1b2188c6063452a3c7083891e8c54ca4 : Empty MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x0) [VISIBLE] Offset (sectors): 1 | Size: 2097151 MB
User = LL1 ... OK
User = LL2 ... OK