bonjour,
quelqu'un pourrait il m'expliquer le contenu de ce rapport svp ?
je ne connais pas bien le logiciels Rogue Killer et ne sais pas interpréter le log/rapport. Est-ce qu'il y a des crasses à nettoyer? Merci
RogueKiller V10.4.3.0 (x64) [Feb 23 2015] par Adlice Software
email :
https://www.adlice.com/contact/
Remontées :
https://forum.adlice.com/
Site web :
https://www.adlice.com/fr/roguekiller/
Blog :
https://www.adlice.com/
Système d'exploitation : Windows 8.1 (6.3.9200 ) 64 bits version
Démarré en : Mode normal
Utilisateur : jules [Administrateur]
Mode : Scan -- Date : 02/23/2015 22:09:23
¤¤¤ Processus : 1 ¤¤¤
[ZeroAccess] mcshield.exe(2300) -- C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe[7] -> Tué(e) [DrvNtTerm]
¤¤¤ Registre : 14 ¤¤¤
[Suspicious.Path] (X64) HKEY_USERS\S-1-5-21-3528066013-2598538620-1448115290-1001\Software\Microsoft\Windows\CurrentVersion\Run | EPSON Stylus DX8400 : C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICEE.EXE /FU "C:\Users\jules\AppData\Local\Temp\E_SFA4F.tmp" /EF "HKCU" -> Trouvé(e)
[Suspicious.Path] (X64) HKEY_USERS\S-1-5-21-3528066013-2598538620-1448115290-1001\Software\Microsoft\Windows\CurrentVersion\Run | DellSystemDetect : C:\Users\jules\AppData\Local\Apps\2.0\A70OOMRT.QEJ\D0QKBO4T.L8T\dell..tion_e30b47f5d4a30e9e_0005.000d_4ab2a66cfade09be\DellSystemDetect.exe -> Trouvé(e)
[Suspicious.Path] (X86) HKEY_USERS\S-1-5-21-3528066013-2598538620-1448115290-1001\Software\Microsoft\Windows\CurrentVersion\Run | EPSON Stylus DX8400 : C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICEE.EXE /FU "C:\Users\jules\AppData\Local\Temp\E_SFA4F.tmp" /EF "HKCU" -> Trouvé(e)
[Suspicious.Path] (X86) HKEY_USERS\S-1-5-21-3528066013-2598538620-1448115290-1001\Software\Microsoft\Windows\CurrentVersion\Run | DellSystemDetect : C:\Users\jules\AppData\Local\Apps\2.0\A70OOMRT.QEJ\D0QKBO4T.L8T\dell..tion_e30b47f5d4a30e9e_0005.000d_4ab2a66cfade09be\DellSystemDetect.exe -> Trouvé(e)
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\0312011424366983mcinstcleanup (C:\Windows\TEMP\031201~1.EXE -cleanup -nolog) -> Trouvé(e)
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\0312011424366983mcinstcleanup (C:\Windows\TEMP\031201~1.EXE -cleanup -nolog) -> Trouvé(e)
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-3528066013-2598538620-1448115290-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> Trouvé(e)
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-3528066013-2598538620-1448115290-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Trouvé(e)
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-3528066013-2598538620-1448115290-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> Trouvé(e)
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-3528066013-2598538620-1448115290-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Trouvé(e)
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-3528066013-2598538620-1448115290-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> Trouvé(e)
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-3528066013-2598538620-1448115290-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Trouvé(e)
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-3528066013-2598538620-1448115290-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> Trouvé(e)
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-3528066013-2598538620-1448115290-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Trouvé(e)
¤¤¤ Tâches : 0 ¤¤¤
¤¤¤ Fichiers : 0 ¤¤¤
¤¤¤ Fichier Hosts : 1 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost
¤¤¤ Antirootkit : 0 (Driver: Chargé) ¤¤¤
¤¤¤ Navigateurs web : 0 ¤¤¤
¤¤¤ Vérification MBR : ¤¤¤
+++++ PhysicalDrive0: ST1000DM003-1CH162 +++++
--- User ---
[MBR] 50897bce4283fc2d0e2883b068c78025
[BSP] 4c13fc7947bb318ea7c84cb864d34ee7 : Empty MBR Code
Partition table:
0 - [MAN-MOUNT] EFI system partition | Offset (sectors): 2048 | Size: 500 MB
1 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 1026048 | Size: 40 MB
2 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 1107968 | Size: 128 MB
3 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 1370112 | Size: 2048 MB
4 - Basic data partition | Offset (sectors): 5564416 | Size: 938171 MB
5 - [SYSTEM][MAN-MOUNT] Microsoft recovery partition | Offset (sectors): 1926938624 | Size: 12980 MB
User = LL1 ... OK
User = LL2 ... OK
+++++ PhysicalDrive1: Hitachi HDT721010SLA360 USB Device +++++
--- User ---
[MBR] 16d7526e5b5bf2c6c740bb2377b04f66
[BSP] c06e70f1e391f272a8ee25fcf7f3d7d8 : Empty MBR Code
Partition table:
User = LL1 ... OK
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )
============================================
RKreport_DEL_01062015_222218.log - RKreport_SCN_01062015_221905.log
Afficher la suite
