Deux chevaux de troie!!! Résolu
Dernière réponse : dans Sécurité
Bonjour,
En allumant mon PC, Antivir detecte deux chevaux de troie: TR/Menti.qokk.1 et TR/Dldr.tracur.B.84.
A chaque fois que je lance un programme, La fenetre Antivir s'allume.
Merci pour votre aide!!!
En allumant mon PC, Antivir detecte deux chevaux de troie: TR/Menti.qokk.1 et TR/Dldr.tracur.B.84.
A chaque fois que je lance un programme, La fenetre Antivir s'allume.
Merci pour votre aide!!!
Autres pages sur : chevaux troie resolu
Lassé par la pub ? Créez un compte
http://www.malekal.com/2010/11/12/tutorial-malwarebyte-...
Bonjour,
Voici le rapport de Malware
Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org
Version de la base de données: 6785
Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13
06/06/2011 20:49:28
mbam-log-2011-06-06 (20-49-13).txt
Type d'examen: Examen complet (C:\|)
Elément(s) analysé(s): 292821
Temps écoulé: 2 heure(s), 10 minute(s), 29 seconde(s)
Processus mémoire infecté(s): 3
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 5
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 2
Fichier(s) infecté(s): 69
Processus mémoire infecté(s):
c:\WINDOWS\system32\perfctrs32.exe (Trojan.Tracur.SGen) -> 1412 -> No action taken.
c:\WINDOWS\system32\103.tmp (Trojan.Tracur) -> 404 -> No action taken.
c:\WINDOWS\system32\cabview32.exe (Trojan.Tracur.SGen) -> 400 -> No action taken.
Module(s) mémoire infecté(s):
c:\WINDOWS\system32\jet50032.dll (Trojan.Tracur.S) -> No action taken.
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache32 (Trojan.Tracur.SGen) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{01B81803-3146-418B-A58C-6AC627C670Ee} (Trojan.Tracur.S) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{01B81803-3146-418B-A58C-6AC627C670EE} (Trojan.Tracur.S) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{01B81803-3146-418B-A58C-6AC627C670EE} (Trojan.Tracur.S) -> No action taken.
HKEY_CLASSES_ROOT\.fsharproj (Trojan.BHO) -> No action taken.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\RTHDBPL (Trojan.Tracur.SGen) -> Value: RTHDBPL -> No action taken.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Tracur.S) -> Bad: (C:\WINDOWS\system32\jet50032.dll) Good: () -> No action taken.
Dossier(s) infecté(s):
c:\WINDOWS\system32\SysWoW32 (Trojan.Tracur) -> No action taken.
c:\documents and settings\nous\application data\SysWin (Trojan.Agent) -> No action taken.
Fichier(s) infecté(s):
c:\WINDOWS\system32\perfctrs32.exe (Trojan.Tracur.SGen) -> No action taken.
c:\WINDOWS\system32\jet50032.dll (Trojan.Tracur.S) -> No action taken.
c:\WINDOWS\system32\103.tmp (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\cabview32.exe (Trojan.Tracur.SGen) -> No action taken.
c:\documents and settings\nous\application data\SysWin\lsass.exe (Trojan.Tracur.SGen) -> No action taken.
c:\WINDOWS\system32\atkctrs32.dll (Trojan.Tracur.S) -> No action taken.
c:\documents and settings\nous\Bureau\quicktime_update_kb829486.exe (Malware.Tracur.PGen) -> No action taken.
c:\documents and settings\nous\mes documents\autocad 2008 fra\Crack\autocad-2008-keygen.exe (RiskWare.Tool.CK) -> No action taken.
c:\documents and settings\nous\mes documents\autocad 2008 fra\Crack\kiss_cad08.exe (RiskWare.Tool.CK) -> No action taken.
c:\system volume information\_restore{c75d780b-5cd4-494e-ab96-5da2a6677439}\RP419\A0121912.exe (Trojan.Tracur.SGen) -> No action taken.
c:\system volume information\_restore{c75d780b-5cd4-494e-ab96-5da2a6677439}\RP419\A0122850.exe (Trojan.Tracur.SGen) -> No action taken.
c:\WINDOWS\profmapwow.exe (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\javart32.exe (Trojan.Tracur.SGen) -> No action taken.
c:\WINDOWS\system32\jet50032.exe (Trojan.Tracur.SGen) -> No action taken.
c:\WINDOWS\system32\195.tmp (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\18c27d83b1bf3d26ff0a684042b8ea1c\update.exe (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\020000009d33efd51318c.manifest (Malware.Trace) -> No action taken.
c:\WINDOWS\system32\020000009d33efd51318o.manifest (Malware.Trace) -> No action taken.
c:\WINDOWS\system32\020000009d33efd51318p.manifest (Malware.Trace) -> No action taken.
c:\WINDOWS\system32\020000009d33efd51318s.manifest (Malware.Trace) -> No action taken.
c:\WINDOWS\system32\gnuhashes.ini (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\mu707759776v12.kwd (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\mu707759776v7 (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\wu707759776v0.kwd (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\@u707759776v0 (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\@u707759776v1 (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\@u707759776v10 (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\@u707759776v11 (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\@u707759776v2 (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\@u707759776v3 (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\@u707759776v8 (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\@u707759776v9 (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\mu707759776v12 (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\mu707759776v13 (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\mu707759776v13.kwd (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\mu707759776v14 (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\mu707759776v14.kwd (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\mu707759776v15 (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\mu707759776v15.kwd (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\mu707759776v4 (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\mu707759776v4.kwd (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\mu707759776v5 (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\mu707759776v5.kwd (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\mu707759776v6 (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\mu707759776v6.kwd (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\wu707759776v1 (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\wu707759776v1.kwd (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\wu707759776v10 (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\wu707759776v10.kwd (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\wu707759776v11 (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\wu707759776v11.kwd (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\wu707759776v2 (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\wu707759776v2.kwd (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\wu707759776v3 (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\wu707759776v3.kwd (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\wu707759776v8 (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\wu707759776v8.kwd (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\wu707759776v9 (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\wu707759776v9.kwd (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\mu707759776v7.kwd (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\wu707759776v0 (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\_u707759776v0 (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\_u707759776v1 (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\_u707759776v10 (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\_u707759776v11 (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\_u707759776v2 (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\_u707759776v3 (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\_u707759776v8 (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\_u707759776v9 (Trojan.Tracur) -> No action taken.
Voici le rapport de Malware
Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org
Version de la base de données: 6785
Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13
06/06/2011 20:49:28
mbam-log-2011-06-06 (20-49-13).txt
Type d'examen: Examen complet (C:\|)
Elément(s) analysé(s): 292821
Temps écoulé: 2 heure(s), 10 minute(s), 29 seconde(s)
Processus mémoire infecté(s): 3
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 5
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 2
Fichier(s) infecté(s): 69
Processus mémoire infecté(s):
c:\WINDOWS\system32\perfctrs32.exe (Trojan.Tracur.SGen) -> 1412 -> No action taken.
c:\WINDOWS\system32\103.tmp (Trojan.Tracur) -> 404 -> No action taken.
c:\WINDOWS\system32\cabview32.exe (Trojan.Tracur.SGen) -> 400 -> No action taken.
Module(s) mémoire infecté(s):
c:\WINDOWS\system32\jet50032.dll (Trojan.Tracur.S) -> No action taken.
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache32 (Trojan.Tracur.SGen) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{01B81803-3146-418B-A58C-6AC627C670Ee} (Trojan.Tracur.S) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{01B81803-3146-418B-A58C-6AC627C670EE} (Trojan.Tracur.S) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{01B81803-3146-418B-A58C-6AC627C670EE} (Trojan.Tracur.S) -> No action taken.
HKEY_CLASSES_ROOT\.fsharproj (Trojan.BHO) -> No action taken.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\RTHDBPL (Trojan.Tracur.SGen) -> Value: RTHDBPL -> No action taken.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Tracur.S) -> Bad: (C:\WINDOWS\system32\jet50032.dll) Good: () -> No action taken.
Dossier(s) infecté(s):
c:\WINDOWS\system32\SysWoW32 (Trojan.Tracur) -> No action taken.
c:\documents and settings\nous\application data\SysWin (Trojan.Agent) -> No action taken.
Fichier(s) infecté(s):
c:\WINDOWS\system32\perfctrs32.exe (Trojan.Tracur.SGen) -> No action taken.
c:\WINDOWS\system32\jet50032.dll (Trojan.Tracur.S) -> No action taken.
c:\WINDOWS\system32\103.tmp (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\cabview32.exe (Trojan.Tracur.SGen) -> No action taken.
c:\documents and settings\nous\application data\SysWin\lsass.exe (Trojan.Tracur.SGen) -> No action taken.
c:\WINDOWS\system32\atkctrs32.dll (Trojan.Tracur.S) -> No action taken.
c:\documents and settings\nous\Bureau\quicktime_update_kb829486.exe (Malware.Tracur.PGen) -> No action taken.
c:\documents and settings\nous\mes documents\autocad 2008 fra\Crack\autocad-2008-keygen.exe (RiskWare.Tool.CK) -> No action taken.
c:\documents and settings\nous\mes documents\autocad 2008 fra\Crack\kiss_cad08.exe (RiskWare.Tool.CK) -> No action taken.
c:\system volume information\_restore{c75d780b-5cd4-494e-ab96-5da2a6677439}\RP419\A0121912.exe (Trojan.Tracur.SGen) -> No action taken.
c:\system volume information\_restore{c75d780b-5cd4-494e-ab96-5da2a6677439}\RP419\A0122850.exe (Trojan.Tracur.SGen) -> No action taken.
c:\WINDOWS\profmapwow.exe (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\javart32.exe (Trojan.Tracur.SGen) -> No action taken.
c:\WINDOWS\system32\jet50032.exe (Trojan.Tracur.SGen) -> No action taken.
c:\WINDOWS\system32\195.tmp (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\18c27d83b1bf3d26ff0a684042b8ea1c\update.exe (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\020000009d33efd51318c.manifest (Malware.Trace) -> No action taken.
c:\WINDOWS\system32\020000009d33efd51318o.manifest (Malware.Trace) -> No action taken.
c:\WINDOWS\system32\020000009d33efd51318p.manifest (Malware.Trace) -> No action taken.
c:\WINDOWS\system32\020000009d33efd51318s.manifest (Malware.Trace) -> No action taken.
c:\WINDOWS\system32\gnuhashes.ini (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\mu707759776v12.kwd (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\mu707759776v7 (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\wu707759776v0.kwd (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\@u707759776v0 (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\@u707759776v1 (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\@u707759776v10 (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\@u707759776v11 (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\@u707759776v2 (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\@u707759776v3 (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\@u707759776v8 (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\@u707759776v9 (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\mu707759776v12 (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\mu707759776v13 (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\mu707759776v13.kwd (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\mu707759776v14 (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\mu707759776v14.kwd (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\mu707759776v15 (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\mu707759776v15.kwd (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\mu707759776v4 (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\mu707759776v4.kwd (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\mu707759776v5 (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\mu707759776v5.kwd (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\mu707759776v6 (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\mu707759776v6.kwd (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\wu707759776v1 (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\wu707759776v1.kwd (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\wu707759776v10 (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\wu707759776v10.kwd (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\wu707759776v11 (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\wu707759776v11.kwd (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\wu707759776v2 (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\wu707759776v2.kwd (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\wu707759776v3 (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\wu707759776v3.kwd (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\wu707759776v8 (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\wu707759776v8.kwd (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\wu707759776v9 (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\wu707759776v9.kwd (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\mu707759776v7.kwd (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\wu707759776v0 (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\_u707759776v0 (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\_u707759776v1 (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\_u707759776v10 (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\_u707759776v11 (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\_u707759776v2 (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\_u707759776v3 (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\_u707759776v8 (Trojan.Tracur) -> No action taken.
c:\WINDOWS\system32\SysWoW32\_u707759776v9 (Trojan.Tracur) -> No action taken.
Voici le rapport, au redemarrage antivir n'a plus rien détecté
Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org
Version de la base de données: 6785
Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13
08/06/2011 21:20:31
mbam-log-2011-06-08 (21-20-31).txt
Type d'examen: Examen complet (C:\|)
Elément(s) analysé(s): 292239
Temps écoulé: 3 heure(s), 45 minute(s), 39 seconde(s)
Processus mémoire infecté(s): 3
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 5
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 2
Fichier(s) infecté(s): 71
Processus mémoire infecté(s):
c:\WINDOWS\system32\perfctrs32.exe (Trojan.Tracur.SGen) -> 1420 -> Unloaded process successfully.
c:\WINDOWS\system32\cabview32.exe (Trojan.Tracur.SGen) -> 1908 -> Unloaded process successfully.
c:\WINDOWS\system32\13.tmp (Trojan.Tracur) -> 1924 -> Unloaded process successfully.
Module(s) mémoire infecté(s):
c:\WINDOWS\system32\jet50032.dll (Trojan.Tracur.S) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache32 (Trojan.Tracur.SGen) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{01B81803-3146-418B-A58C-6AC627C670Ee} (Trojan.Tracur.S) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{01B81803-3146-418B-A58C-6AC627C670EE} (Trojan.Tracur.S) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{01B81803-3146-418B-A58C-6AC627C670EE} (Trojan.Tracur.S) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\.fsharproj (Trojan.BHO) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\RTHDBPL (Trojan.Tracur.SGen) -> Value: RTHDBPL -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Tracur.S) -> Bad: (C:\WINDOWS\system32\jet50032.dll) Good: () -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
c:\WINDOWS\system32\SysWoW32 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\documents and settings\nous\application data\SysWin (Trojan.Agent) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
c:\WINDOWS\system32\perfctrs32.exe (Trojan.Tracur.SGen) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\jet50032.dll (Trojan.Tracur.S) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\cabview32.exe (Trojan.Tracur.SGen) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\13.tmp (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\documents and settings\nous\application data\SysWin\lsass.exe (Trojan.Tracur.SGen) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\atkctrs32.dll (Trojan.Tracur.S) -> Quarantined and deleted successfully.
c:\documents and settings\nous\Bureau\quicktime_update_kb829486.exe (Malware.Tracur.PGen) -> Quarantined and deleted successfully.
c:\documents and settings\nous\mes documents\autocad 2008 fra\Crack\autocad-2008-keygen.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.
c:\documents and settings\nous\mes documents\autocad 2008 fra\Crack\kiss_cad08.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.
c:\system volume information\_restore{c75d780b-5cd4-494e-ab96-5da2a6677439}\RP419\A0121912.exe (Trojan.Tracur.SGen) -> Quarantined and deleted successfully.
c:\system volume information\_restore{c75d780b-5cd4-494e-ab96-5da2a6677439}\RP419\A0122850.exe (Trojan.Tracur.SGen) -> Quarantined and deleted successfully.
c:\WINDOWS\profmapwow.exe (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\103.tmp (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\javart32.exe (Trojan.Tracur.SGen) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\jet50032.exe (Trojan.Tracur.SGen) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\195.tmp (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\18c27d83b1bf3d26ff0a684042b8ea1c\update.exe (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\Temp\14.tmp (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\020000009d33efd51318c.manifest (Malware.Trace) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\020000009d33efd51318o.manifest (Malware.Trace) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\020000009d33efd51318p.manifest (Malware.Trace) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\020000009d33efd51318s.manifest (Malware.Trace) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\gnuhashes.ini (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\mu707759776v12.kwd (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\mu707759776v7 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\wu707759776v0.kwd (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\@u707759776v0 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\@u707759776v1 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\@u707759776v10 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\@u707759776v11 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\@u707759776v2 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\@u707759776v3 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\@u707759776v8 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\@u707759776v9 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\mu707759776v12 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\mu707759776v13 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\mu707759776v13.kwd (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\mu707759776v14 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\mu707759776v14.kwd (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\mu707759776v15 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\mu707759776v15.kwd (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\mu707759776v4 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\mu707759776v4.kwd (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\mu707759776v5 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\mu707759776v5.kwd (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\mu707759776v6 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\mu707759776v6.kwd (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\wu707759776v1 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\wu707759776v1.kwd (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\wu707759776v10 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\wu707759776v10.kwd (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\wu707759776v11 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\wu707759776v11.kwd (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\wu707759776v2 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\wu707759776v2.kwd (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\wu707759776v3 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\wu707759776v3.kwd (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\wu707759776v8 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\wu707759776v8.kwd (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\wu707759776v9 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\wu707759776v9.kwd (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\mu707759776v7.kwd (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\wu707759776v0 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\_u707759776v0 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\_u707759776v1 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\_u707759776v10 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\_u707759776v11 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\_u707759776v2 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\_u707759776v3 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\_u707759776v8 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\_u707759776v9 (Trojan.Tracur) -> Quarantined and deleted successfully.
Merci encore
Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org
Version de la base de données: 6785
Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13
08/06/2011 21:20:31
mbam-log-2011-06-08 (21-20-31).txt
Type d'examen: Examen complet (C:\|)
Elément(s) analysé(s): 292239
Temps écoulé: 3 heure(s), 45 minute(s), 39 seconde(s)
Processus mémoire infecté(s): 3
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 5
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 2
Fichier(s) infecté(s): 71
Processus mémoire infecté(s):
c:\WINDOWS\system32\perfctrs32.exe (Trojan.Tracur.SGen) -> 1420 -> Unloaded process successfully.
c:\WINDOWS\system32\cabview32.exe (Trojan.Tracur.SGen) -> 1908 -> Unloaded process successfully.
c:\WINDOWS\system32\13.tmp (Trojan.Tracur) -> 1924 -> Unloaded process successfully.
Module(s) mémoire infecté(s):
c:\WINDOWS\system32\jet50032.dll (Trojan.Tracur.S) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache32 (Trojan.Tracur.SGen) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{01B81803-3146-418B-A58C-6AC627C670Ee} (Trojan.Tracur.S) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{01B81803-3146-418B-A58C-6AC627C670EE} (Trojan.Tracur.S) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{01B81803-3146-418B-A58C-6AC627C670EE} (Trojan.Tracur.S) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\.fsharproj (Trojan.BHO) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\RTHDBPL (Trojan.Tracur.SGen) -> Value: RTHDBPL -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Tracur.S) -> Bad: (C:\WINDOWS\system32\jet50032.dll) Good: () -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
c:\WINDOWS\system32\SysWoW32 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\documents and settings\nous\application data\SysWin (Trojan.Agent) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
c:\WINDOWS\system32\perfctrs32.exe (Trojan.Tracur.SGen) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\jet50032.dll (Trojan.Tracur.S) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\cabview32.exe (Trojan.Tracur.SGen) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\13.tmp (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\documents and settings\nous\application data\SysWin\lsass.exe (Trojan.Tracur.SGen) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\atkctrs32.dll (Trojan.Tracur.S) -> Quarantined and deleted successfully.
c:\documents and settings\nous\Bureau\quicktime_update_kb829486.exe (Malware.Tracur.PGen) -> Quarantined and deleted successfully.
c:\documents and settings\nous\mes documents\autocad 2008 fra\Crack\autocad-2008-keygen.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.
c:\documents and settings\nous\mes documents\autocad 2008 fra\Crack\kiss_cad08.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.
c:\system volume information\_restore{c75d780b-5cd4-494e-ab96-5da2a6677439}\RP419\A0121912.exe (Trojan.Tracur.SGen) -> Quarantined and deleted successfully.
c:\system volume information\_restore{c75d780b-5cd4-494e-ab96-5da2a6677439}\RP419\A0122850.exe (Trojan.Tracur.SGen) -> Quarantined and deleted successfully.
c:\WINDOWS\profmapwow.exe (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\103.tmp (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\javart32.exe (Trojan.Tracur.SGen) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\jet50032.exe (Trojan.Tracur.SGen) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\195.tmp (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\18c27d83b1bf3d26ff0a684042b8ea1c\update.exe (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\Temp\14.tmp (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\020000009d33efd51318c.manifest (Malware.Trace) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\020000009d33efd51318o.manifest (Malware.Trace) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\020000009d33efd51318p.manifest (Malware.Trace) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\020000009d33efd51318s.manifest (Malware.Trace) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\gnuhashes.ini (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\mu707759776v12.kwd (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\mu707759776v7 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\wu707759776v0.kwd (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\@u707759776v0 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\@u707759776v1 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\@u707759776v10 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\@u707759776v11 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\@u707759776v2 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\@u707759776v3 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\@u707759776v8 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\@u707759776v9 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\mu707759776v12 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\mu707759776v13 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\mu707759776v13.kwd (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\mu707759776v14 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\mu707759776v14.kwd (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\mu707759776v15 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\mu707759776v15.kwd (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\mu707759776v4 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\mu707759776v4.kwd (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\mu707759776v5 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\mu707759776v5.kwd (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\mu707759776v6 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\mu707759776v6.kwd (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\wu707759776v1 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\wu707759776v1.kwd (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\wu707759776v10 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\wu707759776v10.kwd (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\wu707759776v11 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\wu707759776v11.kwd (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\wu707759776v2 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\wu707759776v2.kwd (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\wu707759776v3 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\wu707759776v3.kwd (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\wu707759776v8 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\wu707759776v8.kwd (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\wu707759776v9 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\wu707759776v9.kwd (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\mu707759776v7.kwd (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\wu707759776v0 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\_u707759776v0 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\_u707759776v1 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\_u707759776v10 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\_u707759776v11 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\_u707759776v2 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\_u707759776v3 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\_u707759776v8 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\_u707759776v9 (Trojan.Tracur) -> Quarantined and deleted successfully.
Merci encore
Citation :
c:\documents and settings\nous\mes documents\autocad 2008 fra\Crack\autocad-2008-keygen.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.c:\documents and settings\nous\mes documents\autocad 2008 fra\Crack\kiss_cad08.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.
--> Ça t'a viré le crack d'AutoCAD 2008 donc si un jour, tu veux le réinstaller... Il n'est pas forcément infecté mais par précaution, Malwarebytes' Anti-Malware l'a mis en quarantaine.
On va vérifier que c'est OK :
(Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)
Pour me transmettre les rapports :
Voici le lien, il n'y a qu'un seul fichier!
http://www.cijoint.fr/cjlink.php?file=cj201106/cijYce8K...
Merciii
http://www.cijoint.fr/cjlink.php?file=cj201106/cijYce8K...
Merciii
Citation :
http://www.sixnik.com --> Ce site est apparemment la page d'accueil sur Internet Explorer, c'est toi qui l'a mis ?
Citation :
Spybot - Search & Destroy--> Ce logiciel est obsolète.
Tu as des dossiers "bizarres", je vais regarder leur contenu.
:dir
C:\WINDOWS\System32\1876050277
C:\WINDOWS\System32\18C27D83B1BF3D26FF0A684042B8EA1C
C:\WINDOWS\System32\1111995293
C:\WINDOWS\System32\1027974
C:\WINDOWS\System32\539329706
C:\WINDOWS\System32\20f5d3fd
C:\WINDOWS\System32\182174605
C:\WINDOWS\System32\1876050277
C:\WINDOWS\System32\18C27D83B1BF3D26FF0A684042B8EA1C
C:\WINDOWS\System32\1111995293
C:\WINDOWS\System32\1027974
C:\WINDOWS\System32\539329706
C:\WINDOWS\System32\20f5d3fd
C:\WINDOWS\System32\182174605
Note : Le rapport peut aussi être trouvé sur ton Bureau sous le nom SystemLook.txt
Pour sixnik, je ne sais pas!
Dossiers bizarres? ....
Je supprimerais spybot
Voici le rapport
SystemLook 04.09.10 by jpshortstuff
Log created at 23:45 on 09/06/2011 by nous
Administrator - Elevation successful
========== dir ==========
C:\WINDOWS\System32\1876050277 - Parameters: "(none)"
---Files---
frt0.rar --a---- 1676 bytes [06:32 03/06/2011] [15:29 08/06/2011]
frt0.rar.ver --a---- 4 bytes [06:32 03/06/2011] [15:29 08/06/2011]
frt1.rar --a---- 1209724 bytes [06:36 03/06/2011] [15:29 08/06/2011]
frt1.rar.ver --a---- 4 bytes [06:36 03/06/2011] [15:29 08/06/2011]
frt10.rar --a---- 1194972 bytes [06:29 03/06/2011] [15:33 08/06/2011]
frt10.rar.ver --a---- 4 bytes [06:29 03/06/2011] [15:33 08/06/2011]
frt11.rar --a---- 1182764 bytes [07:39 06/06/2011] [15:34 08/06/2011]
frt11.rar.ver --a---- 4 bytes [06:31 03/06/2011] [15:34 08/06/2011]
frt12.rar --a---- 7516 bytes [06:31 03/06/2011] [06:31 03/06/2011]
frt12.rar.ver --a---- 4 bytes [06:31 03/06/2011] [06:31 03/06/2011]
frt13.rar --a---- 8332 bytes [06:32 03/06/2011] [06:32 03/06/2011]
frt13.rar.ver --a---- 4 bytes [06:32 03/06/2011] [06:32 03/06/2011]
frt14.rar --a---- 7196 bytes [06:32 03/06/2011] [06:32 03/06/2011]
frt14.rar.ver --a---- 4 bytes [06:32 03/06/2011] [06:32 03/06/2011]
frt15.rar --a---- 7804 bytes [06:32 03/06/2011] [06:32 03/06/2011]
frt15.rar.ver --a---- 4 bytes [06:32 03/06/2011] [06:32 03/06/2011]
frt2.rar --a---- 1216076 bytes [06:50 03/06/2011] [15:30 08/06/2011]
frt2.rar.ver --a---- 4 bytes [06:50 03/06/2011] [15:30 08/06/2011]
frt3.rar --a---- 1234284 bytes [06:50 03/06/2011] [15:31 08/06/2011]
frt3.rar.ver --a---- 4 bytes [06:50 03/06/2011] [15:31 08/06/2011]
frt4.rar --a---- 6828 bytes [07:03 03/06/2011] [07:03 03/06/2011]
frt4.rar.ver --a---- 4 bytes [07:03 03/06/2011] [07:03 03/06/2011]
frt5.rar --a---- 6908 bytes [06:56 03/06/2011] [06:56 03/06/2011]
frt5.rar.ver --a---- 4 bytes [06:56 03/06/2011] [06:56 03/06/2011]
frt6.rar --a---- 6300 bytes [06:53 03/06/2011] [06:53 03/06/2011]
frt6.rar.ver --a---- 4 bytes [06:53 03/06/2011] [06:53 03/06/2011]
frt7.rar --a---- 6716 bytes [06:53 03/06/2011] [06:53 03/06/2011]
frt7.rar.ver --a---- 4 bytes [06:53 03/06/2011] [06:53 03/06/2011]
frt8.rar --a---- 1676 bytes [06:53 03/06/2011] [15:31 08/06/2011]
frt8.rar.ver --a---- 4 bytes [06:53 03/06/2011] [15:31 08/06/2011]
frt9.rar --a---- 1204396 bytes [07:26 06/06/2011] [15:32 08/06/2011]
frt9.rar.ver --a---- 4 bytes [06:47 03/06/2011] [15:32 08/06/2011]
---Folders---
None found.
C:\WINDOWS\System32\18C27D83B1BF3D26FF0A684042B8EA1C - Parameters: "(none)"
---Files---
lock --a---- 0 bytes [20:46 02/06/2011] [20:46 02/06/2011]
ntuser.dat ---hs-- 64 bytes [20:47 02/06/2011] [20:47 02/06/2011]
unrar.exe ---hs-- 203776 bytes [20:46 02/06/2011] [20:46 02/06/2011]
---Folders---
b d--hs-- [20:46 02/06/2011]
h d--hs-- [20:46 02/06/2011]
C:\WINDOWS\System32\1111995293 - Parameters: "(none)"
---Files---
new.i0.kwd --a---- 1269 bytes [08:16 04/06/2011] [18:37 05/05/2011]
new.i1.kwd --a---- 438 bytes [08:31 04/06/2011] [19:49 05/05/2011]
new.i10.kwd --a---- 321 bytes [08:39 04/06/2011] [19:55 05/05/2011]
new.i11.kwd --a---- 593 bytes [08:53 04/06/2011] [19:55 05/05/2011]
new.i2.kwd --a---- 321 bytes [08:41 04/06/2011] [19:55 05/05/2011]
new.i3.kwd --a---- 593 bytes [08:33 04/06/2011] [19:55 05/05/2011]
new.i8.kwd --a---- 1269 bytes [08:33 04/06/2011] [18:37 05/05/2011]
new.i9.kwd --a---- 438 bytes [08:33 04/06/2011] [19:49 05/05/2011]
---Folders---
None found.
C:\WINDOWS\System32\1027974 - Unable to find folder.
C:\WINDOWS\System32\539329706 - Unable to find folder.
C:\WINDOWS\System32\20f5d3fd - Unable to find folder.
C:\WINDOWS\System32\182174605 - Unable to find folder.
Nota:
J'ai eu une nouvelle alerte de antivir, tout a l'heure. mais la fenetre s'est éteinte quasi aussitot, je n'ai pas pu lire le contenu....
Merci
Dossiers bizarres? ....
Je supprimerais spybot
Voici le rapport
SystemLook 04.09.10 by jpshortstuff
Log created at 23:45 on 09/06/2011 by nous
Administrator - Elevation successful
========== dir ==========
C:\WINDOWS\System32\1876050277 - Parameters: "(none)"
---Files---
frt0.rar --a---- 1676 bytes [06:32 03/06/2011] [15:29 08/06/2011]
frt0.rar.ver --a---- 4 bytes [06:32 03/06/2011] [15:29 08/06/2011]
frt1.rar --a---- 1209724 bytes [06:36 03/06/2011] [15:29 08/06/2011]
frt1.rar.ver --a---- 4 bytes [06:36 03/06/2011] [15:29 08/06/2011]
frt10.rar --a---- 1194972 bytes [06:29 03/06/2011] [15:33 08/06/2011]
frt10.rar.ver --a---- 4 bytes [06:29 03/06/2011] [15:33 08/06/2011]
frt11.rar --a---- 1182764 bytes [07:39 06/06/2011] [15:34 08/06/2011]
frt11.rar.ver --a---- 4 bytes [06:31 03/06/2011] [15:34 08/06/2011]
frt12.rar --a---- 7516 bytes [06:31 03/06/2011] [06:31 03/06/2011]
frt12.rar.ver --a---- 4 bytes [06:31 03/06/2011] [06:31 03/06/2011]
frt13.rar --a---- 8332 bytes [06:32 03/06/2011] [06:32 03/06/2011]
frt13.rar.ver --a---- 4 bytes [06:32 03/06/2011] [06:32 03/06/2011]
frt14.rar --a---- 7196 bytes [06:32 03/06/2011] [06:32 03/06/2011]
frt14.rar.ver --a---- 4 bytes [06:32 03/06/2011] [06:32 03/06/2011]
frt15.rar --a---- 7804 bytes [06:32 03/06/2011] [06:32 03/06/2011]
frt15.rar.ver --a---- 4 bytes [06:32 03/06/2011] [06:32 03/06/2011]
frt2.rar --a---- 1216076 bytes [06:50 03/06/2011] [15:30 08/06/2011]
frt2.rar.ver --a---- 4 bytes [06:50 03/06/2011] [15:30 08/06/2011]
frt3.rar --a---- 1234284 bytes [06:50 03/06/2011] [15:31 08/06/2011]
frt3.rar.ver --a---- 4 bytes [06:50 03/06/2011] [15:31 08/06/2011]
frt4.rar --a---- 6828 bytes [07:03 03/06/2011] [07:03 03/06/2011]
frt4.rar.ver --a---- 4 bytes [07:03 03/06/2011] [07:03 03/06/2011]
frt5.rar --a---- 6908 bytes [06:56 03/06/2011] [06:56 03/06/2011]
frt5.rar.ver --a---- 4 bytes [06:56 03/06/2011] [06:56 03/06/2011]
frt6.rar --a---- 6300 bytes [06:53 03/06/2011] [06:53 03/06/2011]
frt6.rar.ver --a---- 4 bytes [06:53 03/06/2011] [06:53 03/06/2011]
frt7.rar --a---- 6716 bytes [06:53 03/06/2011] [06:53 03/06/2011]
frt7.rar.ver --a---- 4 bytes [06:53 03/06/2011] [06:53 03/06/2011]
frt8.rar --a---- 1676 bytes [06:53 03/06/2011] [15:31 08/06/2011]
frt8.rar.ver --a---- 4 bytes [06:53 03/06/2011] [15:31 08/06/2011]
frt9.rar --a---- 1204396 bytes [07:26 06/06/2011] [15:32 08/06/2011]
frt9.rar.ver --a---- 4 bytes [06:47 03/06/2011] [15:32 08/06/2011]
---Folders---
None found.
C:\WINDOWS\System32\18C27D83B1BF3D26FF0A684042B8EA1C - Parameters: "(none)"
---Files---
lock --a---- 0 bytes [20:46 02/06/2011] [20:46 02/06/2011]
ntuser.dat ---hs-- 64 bytes [20:47 02/06/2011] [20:47 02/06/2011]
unrar.exe ---hs-- 203776 bytes [20:46 02/06/2011] [20:46 02/06/2011]
---Folders---
b d--hs-- [20:46 02/06/2011]
h d--hs-- [20:46 02/06/2011]
C:\WINDOWS\System32\1111995293 - Parameters: "(none)"
---Files---
new.i0.kwd --a---- 1269 bytes [08:16 04/06/2011] [18:37 05/05/2011]
new.i1.kwd --a---- 438 bytes [08:31 04/06/2011] [19:49 05/05/2011]
new.i10.kwd --a---- 321 bytes [08:39 04/06/2011] [19:55 05/05/2011]
new.i11.kwd --a---- 593 bytes [08:53 04/06/2011] [19:55 05/05/2011]
new.i2.kwd --a---- 321 bytes [08:41 04/06/2011] [19:55 05/05/2011]
new.i3.kwd --a---- 593 bytes [08:33 04/06/2011] [19:55 05/05/2011]
new.i8.kwd --a---- 1269 bytes [08:33 04/06/2011] [18:37 05/05/2011]
new.i9.kwd --a---- 438 bytes [08:33 04/06/2011] [19:49 05/05/2011]
---Folders---
None found.
C:\WINDOWS\System32\1027974 - Unable to find folder.
C:\WINDOWS\System32\539329706 - Unable to find folder.
C:\WINDOWS\System32\20f5d3fd - Unable to find folder.
C:\WINDOWS\System32\182174605 - Unable to find folder.
Nota:
J'ai eu une nouvelle alerte de antivir, tout a l'heure. mais la fenetre s'est éteinte quasi aussitot, je n'ai pas pu lire le contenu....
Merci
1/
Démarre Spybot, clique sur Mode, coche Mode avancé.
A gauche, clique sur Outils, puis sur Résident.
Décoche la case devant Résident "TeaTimer" :
![]()
Quitte Spybot.
2/
Double-clique sur OTL pour le lancer.
(Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)
Sous l'onglet Personnalisation en bas de la fenêtre, copie-colle le texte suivant (entre les deux espaces) :
Puis clique sur le bouton Correction en haut de la fenêtre.
Laisse le programme travailler, redémarre une fois le fix terminé.
Poste le rapport qui s'affichera après redémarrage.
2/
(Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)
:OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sixnik.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sixnik.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.sixnik.com
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {C17590D2-ECB4-4B15-8820-F58798DCC118} - No CLSID value found.
O4 - HKLM\..\Run: [BJCFD] File not found
O4 - HKLM\..\Run: [WINGwow.exe] File not found
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-wind... (Reg Error: Key error.)
[2011/06/03 08:29:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1876050277
[2011/06/02 22:46:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1111995293
[2011/06/08 21:13:47 | 000,001,265 | ---- | M] () -- C:\WINDOWS\System32\1027974
[2011/06/08 16:59:24 | 000,000,144 | -HS- | M] () -- C:\WINDOWS\System32\539329706
[2011/06/03 14:07:50 | 000,000,036 | ---- | M] () -- C:\WINDOWS\System32\20f5d3fd
[2011/06/02 22:44:51 | 000,000,095 | ---- | M] () -- C:\WINDOWS\System32\182174605
[2011/06/02 22:46:21 | 000,203,776 | -HS- | C] () -- C:\WINDOWS\System32\unrar.exe
[2011/06/02 22:46:23 | 000,000,000 | -HSD | C] -- C:\WINDOWS\System32\18C27D83B1BF3D26FF0A684042B8EA1C
:commands
[emptytemp]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sixnik.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sixnik.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.sixnik.com
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {C17590D2-ECB4-4B15-8820-F58798DCC118} - No CLSID value found.
O4 - HKLM\..\Run: [BJCFD] File not found
O4 - HKLM\..\Run: [WINGwow.exe] File not found
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-wind... (Reg Error: Key error.)
[2011/06/03 08:29:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1876050277
[2011/06/02 22:46:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1111995293
[2011/06/08 21:13:47 | 000,001,265 | ---- | M] () -- C:\WINDOWS\System32\1027974
[2011/06/08 16:59:24 | 000,000,144 | -HS- | M] () -- C:\WINDOWS\System32\539329706
[2011/06/03 14:07:50 | 000,000,036 | ---- | M] () -- C:\WINDOWS\System32\20f5d3fd
[2011/06/02 22:44:51 | 000,000,095 | ---- | M] () -- C:\WINDOWS\System32\182174605
[2011/06/02 22:46:21 | 000,203,776 | -HS- | C] () -- C:\WINDOWS\System32\unrar.exe
[2011/06/02 22:46:23 | 000,000,000 | -HSD | C] -- C:\WINDOWS\System32\18C27D83B1BF3D26FF0A684042B8EA1C
:commands
[emptytemp]
Bonjour,
1) j'ai deja supprimer spybot!
2) voici le rapport:
All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{C17590D2-ECB4-4B15-8820-F58798DCC118} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C17590D2-ECB4-4B15-8820-F58798DCC118}\ not found.
Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.
Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.
Starting removal of ActiveX control {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
C:\WINDOWS\System32\1876050277 folder moved successfully.
C:\WINDOWS\System32\1111995293 folder moved successfully.
C:\WINDOWS\system32\1027974 moved successfully.
C:\WINDOWS\system32\539329706 moved successfully.
C:\WINDOWS\system32\20f5d3fd moved successfully.
C:\WINDOWS\system32\182174605 moved successfully.
C:\WINDOWS\system32\unrar.exe moved successfully.
C:\WINDOWS\System32\18C27D83B1BF3D26FF0A684042B8EA1C\h folder moved successfully.
C:\WINDOWS\System32\18C27D83B1BF3D26FF0A684042B8EA1C\b folder moved successfully.
C:\WINDOWS\System32\18C27D83B1BF3D26FF0A684042B8EA1C folder moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrateur
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->FireFox cache emptied: 0 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: LocalService
->Temp folder emptied: 2179496 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 348 bytes
User: NetworkService
->Temp folder emptied: 2112360 bytes
->Temporary Internet Files folder emptied: 649579 bytes
User: nous
->Temp folder emptied: 392248901 bytes
->Temporary Internet Files folder emptied: 881591848 bytes
->Java cache emptied: 1286270 bytes
->FireFox cache emptied: 153366985 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 70483 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 12213567 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 80282714 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 8053 bytes
Total Files Cleaned = 1 455.00 mb
OTL by OldTimer - Version 3.2.23.0 log created on 06112011_192811
Files\Folders moved on Reboot...
C:\Documents and Settings\nous\Local Settings\Temp\~DF5A5D.tmp moved successfully.
C:\Documents and Settings\nous\Local Settings\Application Data\Mozilla\Firefox\Profiles\7edg6j96.default\startupCache\startupCache.4.little moved successfully.
C:\Documents and Settings\nous\Local Settings\Application Data\Mozilla\Firefox\Profiles\7edg6j96.default\Cache\_CACHE_001_ moved successfully.
C:\Documents and Settings\nous\Local Settings\Application Data\Mozilla\Firefox\Profiles\7edg6j96.default\Cache\_CACHE_002_ moved successfully.
C:\Documents and Settings\nous\Local Settings\Application Data\Mozilla\Firefox\Profiles\7edg6j96.default\Cache\_CACHE_003_ moved successfully.
C:\Documents and Settings\nous\Local Settings\Application Data\Mozilla\Firefox\Profiles\7edg6j96.default\Cache\_CACHE_MAP_ moved successfully.
C:\Documents and Settings\nous\Local Settings\Application Data\Mozilla\Firefox\Profiles\7edg6j96.default\urlclassifier3.sqlite moved successfully.
C:\Documents and Settings\nous\Local Settings\Application Data\Mozilla\Firefox\Profiles\7edg6j96.default\XUL.mfl moved successfully.
C:\WINDOWS\temp\IswTmp\Logs\ISWSHEX.swl moved successfully.
File\Folder C:\WINDOWS\temp\ZLT03ebe.TMP not found!
Registry entries deleted on Reboot...
1) j'ai deja supprimer spybot!
2) voici le rapport:
All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{C17590D2-ECB4-4B15-8820-F58798DCC118} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C17590D2-ECB4-4B15-8820-F58798DCC118}\ not found.
Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.
Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.
Starting removal of ActiveX control {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
C:\WINDOWS\System32\1876050277 folder moved successfully.
C:\WINDOWS\System32\1111995293 folder moved successfully.
C:\WINDOWS\system32\1027974 moved successfully.
C:\WINDOWS\system32\539329706 moved successfully.
C:\WINDOWS\system32\20f5d3fd moved successfully.
C:\WINDOWS\system32\182174605 moved successfully.
C:\WINDOWS\system32\unrar.exe moved successfully.
C:\WINDOWS\System32\18C27D83B1BF3D26FF0A684042B8EA1C\h folder moved successfully.
C:\WINDOWS\System32\18C27D83B1BF3D26FF0A684042B8EA1C\b folder moved successfully.
C:\WINDOWS\System32\18C27D83B1BF3D26FF0A684042B8EA1C folder moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrateur
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->FireFox cache emptied: 0 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: LocalService
->Temp folder emptied: 2179496 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 348 bytes
User: NetworkService
->Temp folder emptied: 2112360 bytes
->Temporary Internet Files folder emptied: 649579 bytes
User: nous
->Temp folder emptied: 392248901 bytes
->Temporary Internet Files folder emptied: 881591848 bytes
->Java cache emptied: 1286270 bytes
->FireFox cache emptied: 153366985 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 70483 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 12213567 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 80282714 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 8053 bytes
Total Files Cleaned = 1 455.00 mb
OTL by OldTimer - Version 3.2.23.0 log created on 06112011_192811
Files\Folders moved on Reboot...
C:\Documents and Settings\nous\Local Settings\Temp\~DF5A5D.tmp moved successfully.
C:\Documents and Settings\nous\Local Settings\Application Data\Mozilla\Firefox\Profiles\7edg6j96.default\startupCache\startupCache.4.little moved successfully.
C:\Documents and Settings\nous\Local Settings\Application Data\Mozilla\Firefox\Profiles\7edg6j96.default\Cache\_CACHE_001_ moved successfully.
C:\Documents and Settings\nous\Local Settings\Application Data\Mozilla\Firefox\Profiles\7edg6j96.default\Cache\_CACHE_002_ moved successfully.
C:\Documents and Settings\nous\Local Settings\Application Data\Mozilla\Firefox\Profiles\7edg6j96.default\Cache\_CACHE_003_ moved successfully.
C:\Documents and Settings\nous\Local Settings\Application Data\Mozilla\Firefox\Profiles\7edg6j96.default\Cache\_CACHE_MAP_ moved successfully.
C:\Documents and Settings\nous\Local Settings\Application Data\Mozilla\Firefox\Profiles\7edg6j96.default\urlclassifier3.sqlite moved successfully.
C:\Documents and Settings\nous\Local Settings\Application Data\Mozilla\Firefox\Profiles\7edg6j96.default\XUL.mfl moved successfully.
C:\WINDOWS\temp\IswTmp\Logs\ISWSHEX.swl moved successfully.
File\Folder C:\WINDOWS\temp\ZLT03ebe.TMP not found!
Registry entries deleted on Reboot...
Citation :
Au sujet de mes dossiers bizarres? --> Ils sont partis à la benne.
Pour finir :
1/
2/
3/
==Prévention==
Voici un dossier sur la prévention et sécurité sur Internet (A lire avec Adobe Reader ou Foxit Reader) : Lien
==Problème résolu ?==
--> Si tu estimes que ton problème est résolu, ajoute [Résolu] au titre. Pour cela :
.
Bonjour,
voici le rapport delfix
# DelFix v8.0 - Rapport créé le 15/06/2011 à 21:41
# Mis à jour le 01/06/11 à 13h par Xplode
# Système d'exploitation : Microsoft Windows XP (32 bits) [version 5.1.2600] Service Pack 3
# Nom d'utilisateur : nous - CHRISTOPHE (Administrateur)
# Exécuté depuis : C:\Documents and Settings\nous\Bureau\DelFix.exe
# Option [Suppression]
~~~~~~ Dossier(s) ~~~~~~
Supprimé : C:\_OTL
Supprimé : C:\Program Files\Navilog1
Supprimé : C:\Program Files\trend micro\Hijackthis
~~~~~~ Fichier(s) ~~~~~~
Supprimé : C:\cleannavi.txt
Supprimé : C:\TCleaner.txt
Supprimé : C:\Documents and Settings\nous\Bureau\OTL.exe
Supprimé : C:\Documents and Settings\nous\Bureau\OTL.Txt
Supprimé : C:\Documents and Settings\nous\Bureau\SystemLook.exe
Supprimé : C:\Documents and Settings\nous\Bureau\SystemLook.txt
~~~~~~ Registre ~~~~~~
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\HijackThis
Clé Supprimée : HKLM\Software\OldTimer Tools
Clé Supprimée : HKLM\Software\Swearware
Clé Supprimée : HKLM\Software\Soeperman Enterprises Ltd.
~~~~~~ Autre ~~~~~~
-> Prefetch vidé
########## EOF - "C:\DelFixSuppr.txt" - [1258 octets] ##########
Je fais les autres operations et je te tiens au courant!
merci
voici le rapport delfix
# DelFix v8.0 - Rapport créé le 15/06/2011 à 21:41
# Mis à jour le 01/06/11 à 13h par Xplode
# Système d'exploitation : Microsoft Windows XP (32 bits) [version 5.1.2600] Service Pack 3
# Nom d'utilisateur : nous - CHRISTOPHE (Administrateur)
# Exécuté depuis : C:\Documents and Settings\nous\Bureau\DelFix.exe
# Option [Suppression]
~~~~~~ Dossier(s) ~~~~~~
Supprimé : C:\_OTL
Supprimé : C:\Program Files\Navilog1
Supprimé : C:\Program Files\trend micro\Hijackthis
~~~~~~ Fichier(s) ~~~~~~
Supprimé : C:\cleannavi.txt
Supprimé : C:\TCleaner.txt
Supprimé : C:\Documents and Settings\nous\Bureau\OTL.exe
Supprimé : C:\Documents and Settings\nous\Bureau\OTL.Txt
Supprimé : C:\Documents and Settings\nous\Bureau\SystemLook.exe
Supprimé : C:\Documents and Settings\nous\Bureau\SystemLook.txt
~~~~~~ Registre ~~~~~~
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\HijackThis
Clé Supprimée : HKLM\Software\OldTimer Tools
Clé Supprimée : HKLM\Software\Swearware
Clé Supprimée : HKLM\Software\Soeperman Enterprises Ltd.
~~~~~~ Autre ~~~~~~
-> Prefetch vidé
########## EOF - "C:\DelFixSuppr.txt" - [1258 octets] ##########
Je fais les autres operations et je te tiens au courant!
merci
Lassé par la pub ? Créez un compte
- Contenus similaires :
- ForumTrojan et chevaux de troie
- ForumChevaux de troie
- ForumLenteur chevaux de troie
- ForumLogiciel contre les chevaux de troie
- ForumInfecte par deux cheval de troie
- ForumChevale de troie
- ForumHelp cheval de troie
- ForumCheval de troie tr dldr
- ForumCréer un cheval de troie
- ForumCheval de troie sur mac
- Voir plus
