Cheval de troie - Page 2

Précédent
  • 1
  • 2
Réponse 21 / 24
ste50 Messages postés 50 Date d'inscription   Statut Membre Dernière intervention  
 
Bonjour,

les rapports sont les suivants:

Fichier 39dbe9f800b093ccd623011a1f5d5d00687cf28d.dll reçu le 2009.11.23 17:03:39 (UTC)
Antivirus Version Dernière mise à jour Résultat
a-squared 4.5.0.43 2009.11.23 -
AhnLab-V3 5.0.0.2 2009.11.20 -
AntiVir 7.9.1.70 2009.11.23 -
Antiy-AVL 2.0.3.7 2009.11.23 -
Authentium 5.2.0.5 2009.11.23 -
Avast 4.8.1351.0 2009.11.23 -
AVG 8.5.0.425 2009.11.22 -
BitDefender 7.2 2009.11.23 -
CAT-QuickHeal 10.00 2009.11.23 -
ClamAV 0.94.1 2009.11.23 -
Comodo 3010 2009.11.23 -
DrWeb 5.0.0.12182 2009.11.23 -
eSafe 7.0.17.0 2009.11.23 -
eTrust-Vet 35.1.7136 2009.11.23 -
F-Prot 4.5.1.85 2009.11.23 -
F-Secure 9.0.15370.0 2009.11.20 -
Fortinet 3.120.0.0 2009.11.23 -
GData 19 2009.11.23 -
Ikarus T3.1.1.74.0 2009.11.23 -
Jiangmin 11.0.800 2009.11.23 -
K7AntiVirus 7.10.903 2009.11.23 -
Kaspersky 7.0.0.125 2009.11.23 -
McAfee 5810 2009.11.22 -
McAfee+Artemis 5810 2009.11.22 -
McAfee-GW-Edition 6.8.5 2009.11.23 -
Microsoft 1.5302 2009.11.23 -
NOD32 4630 2009.11.23 -
Norman 6.03.02 2009.11.23 -
nProtect 2009.1.8.0 2009.11.23 -
Panda 10.0.2.2 2009.11.23 -
PCTools 7.0.3.5 2009.11.23 -
Prevx 3.0 2009.11.23 -
Rising 22.23.00.09 2009.11.23 -
Sophos 4.47.0 2009.11.23 -
Sunbelt 3.2.1858.2 2009.11.22 -
Symantec 1.4.4.12 2009.11.23 -
TheHacker 6.5.0.2.076 2009.11.23 -
TrendMicro 9.0.0.1003 2009.11.23 -
VBA32 3.12.12.0 2009.11.22 -
ViRobot 2009.11.23.2049 2009.11.23 -
VirusBuster 5.0.21.0 2009.11.23 -
Information additionnelle
File size: 120320 bytes
MD5   : 9317c8cc4c61de0df17fbcd323abc9f7
SHA1  : dba4ef611cd1cd088c0c79735511c0d0dfac7cae
SHA256: a134f6c7c407924dd8ca73dfd47f1869b439d06a0026dd615e4a7621855e89e4
PEInfo: PE Structure information<br> <br> ( base data )<br> entrypointaddress.: 0xCA50<br> timedatestamp.....: 0x3498B138 (Thu Dec 18 06:14:32 1997)<br> machinetype.......: 0x14C (Intel I386)<br> <br> ( 6 sections )<br> name viradd virsiz rawdsiz ntrpy md5<br> .text 0x1000 0x135F0 0x13600 6.67 8df741497184f344311ca52ee69935a8<br>.rdata 0x15000 0x1795 0x1800 5.42 11499b50611f677367197611788187da<br>.data 0x17000 0x7378 0x4400 2.51 5912d885080ad81252fd0953fcf62a7d<br>.idata 0x1F000 0xF30 0x1000 5.27 f8797a81fafbe3e2186537eb36824587<br>.rsrc 0x20000 0x13B0 0x1400 4.37 cbbbb71358630e4a014a165543583dd4<br>.reloc 0x22000 0x1AC2 0x1C00 5.09 573b450f82b23521c47865c0331b1f64<br> <br> ( 7 imports )<br> <br>> advapi32.dll: RegQueryInfoKeyA, RegQueryValueExA, RegDeleteKeyA, RegDeleteValueA, RegCloseKey, RegCreateKeyExA, RegOpenKeyExA, RegSetValueExA, RegEnumKeyExA<br>> comctl32.dll: InitCommonControlsEx<br>> gdi32.dll: SetViewportOrgEx, SetWindowOrgEx, SetWindowExtEx, SaveDC, CloseMetaFile, DeleteMetaFile, CreateMetaFileA, DeleteDC, RestoreDC, CreateRectRgnIndirect, SetMapMode, LPtoDP, GetDeviceCaps, CreateDCA<br>> kernel32.dll: GetModuleHandleA, GetModuleFileNameA, GetCurrentThreadId, GetCurrentProcess, InterlockedIncrement, InterlockedDecrement, EnterCriticalSection, LeaveCriticalSection, GlobalUnlock, CloseHandle, LoadLibraryExA, FindResourceA, LoadResource, GetLastError, SizeofResource, FreeLibrary, lstrcpyA, InitializeCriticalSection, HeapDestroy, DeleteCriticalSection, lstrcatA, CreateFileA, DisableThreadLibraryCalls, GlobalLock, GlobalAlloc, WideCharToMultiByte, MultiByteToWideChar, lstrlenW, lstrcpynA, lstrlenA, FreeEnvironmentStringsW, GetLocaleInfoW, GetLocaleInfoA, SetEndOfFile, LoadLibraryA, GetStringTypeW, GetStringTypeA, LCMapStringW, LCMapStringA, SetFilePointer, lstrcmpiA, FlushFileBuffers, SetStdHandle, GetEnvironmentStringsW, GetEnvironmentStrings, HeapReAlloc, FreeEnvironmentStringsA, GetOEMCP, GetACP, GetCPInfo, GetStartupInfoA, GetFileType, GetStdHandle, SetHandleCount, TlsGetValue, SetLastError, TlsFree, TlsAlloc, TlsSetValue, TerminateProcess, WriteFile, ReadFile, GetProcAddress, VirtualAlloc, VirtualFree, HeapCreate, ExitProcess, GetVersion, GetCommandLineA, HeapFree, HeapAlloc<br>> ole32.dll: CoTaskMemFree, CoTaskMemAlloc, CoTaskMemRealloc, OleLoadFromStream, WriteClassStm, OleSaveToStream, ProgIDFromCLSID, OleRegGetUserType, CreateOleAdviseHolder, OleRegEnumVerbs, OleRegGetMiscStatus, CreateDataAdviseHolder<br>> oleaut32.dll: -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -<br>> user32.dll: DispatchMessageA, SetWindowPos, SetWindowRgn, PtInRect, UnionRect, CreateWindowExA, CallWindowProcA, DefWindowProcA, LoadStringA, CharNextA, OffsetRect, EqualRect, LoadCursorA, wsprintfA, GetClassInfoExA, RegisterClassExA, GetWindowRect, SetWindowLongA, SendMessageA, TranslateMessage, PeekMessageA, SetFocus, GetParent, ShowWindow, DestroyWindow, IsWindow, GetClientRect, EndPaint, IntersectRect, InvalidateRect, BeginPaint, ReleaseDC, GetDC<br> <br> ( 1 exports )<br> <br>> DllCanUnloadNow, DllGetClassObject, DllRegisterServer, DllUnregisterServer
TrID  : File type identification<br>DirectShow filter (37.8%)<br>Win32 Executable MS Visual C++ 4.x (25.2%)<br>Windows OCX File (23.1%)<br>Win32 Executable MS Visual C++ (generic) (7.0%)<br>Windows Screen Saver (2.4%)
ssdeep: 3072:jkOSBm8k/VoxzY2fLqt/tty7Wg4ixk4LSxz0ogRs:hS0p+Epyqg4iqNxz0
PEiD  : -
RDS   : NSRL Reference Data Set<br>-

Antivirus Version Dernière mise à jour Résultat
a-squared 4.5.0.43 2009.11.23 -
AhnLab-V3 5.0.0.2 2009.11.20 -
AntiVir 7.9.1.70 2009.11.23 -
Antiy-AVL 2.0.3.7 2009.11.23 -
Authentium 5.2.0.5 2009.11.23 -
Avast 4.8.1351.0 2009.11.23 -
AVG 8.5.0.425 2009.11.22 -
BitDefender 7.2 2009.11.23 -
CAT-QuickHeal 10.00 2009.11.23 -
ClamAV 0.94.1 2009.11.23 -
Comodo 3010 2009.11.23 -
DrWeb 5.0.0.12182 2009.11.23 -
eSafe 7.0.17.0 2009.11.23 -
eTrust-Vet 35.1.7136 2009.11.23 -
F-Prot 4.5.1.85 2009.11.23 -
F-Secure 9.0.15370.0 2009.11.20 -
Fortinet 3.120.0.0 2009.11.23 -
GData 19 2009.11.23 -
Ikarus T3.1.1.74.0 2009.11.23 -
Jiangmin 11.0.800 2009.11.23 -
K7AntiVirus 7.10.903 2009.11.23 -
Kaspersky 7.0.0.125 2009.11.23 -
McAfee 5810 2009.11.22 -
McAfee+Artemis 5810 2009.11.22 -
McAfee-GW-Edition 6.8.5 2009.11.23 -
Microsoft 1.5302 2009.11.23 -
NOD32 4630 2009.11.23 -
Norman 6.03.02 2009.11.23 -
nProtect 2009.1.8.0 2009.11.23 -
Panda 10.0.2.2 2009.11.23 -
PCTools 7.0.3.5 2009.11.23 -
Prevx 3.0 2009.11.23 -
Rising 22.23.00.09 2009.11.23 -
Sophos 4.47.0 2009.11.23 -
Sunbelt 3.2.1858.2 2009.11.22 -
Symantec 1.4.4.12 2009.11.23 -
TheHacker 6.5.0.2.076 2009.11.23 -
TrendMicro 9.0.0.1003 2009.11.23 -
VBA32 3.12.12.0 2009.11.22 -
ViRobot 2009.11.23.2049 2009.11.23 -
VirusBuster 5.0.21.0 2009.11.23 -

Information additionnelle
File size: 120320 bytes
MD5   : 9317c8cc4c61de0df17fbcd323abc9f7
SHA1  : dba4ef611cd1cd088c0c79735511c0d0dfac7cae
SHA256: a134f6c7c407924dd8ca73dfd47f1869b439d06a0026dd615e4a7621855e89e4
PEInfo: PE Structure information<br> <br> ( base data )<br> entrypointaddress.: 0xCA50<br> timedatestamp.....: 0x3498B138 (Thu Dec 18 06:14:32 1997)<br> machinetype.......: 0x14C (Intel I386)<br> <br> ( 6 sections )<br> name viradd virsiz rawdsiz ntrpy md5<br> .text 0x1000 0x135F0 0x13600 6.67 8df741497184f344311ca52ee69935a8<br>.rdata 0x15000 0x1795 0x1800 5.42 11499b50611f677367197611788187da<br>.data 0x17000 0x7378 0x4400 2.51 5912d885080ad81252fd0953fcf62a7d<br>.idata 0x1F000 0xF30 0x1000 5.27 f8797a81fafbe3e2186537eb36824587<br>.rsrc 0x20000 0x13B0 0x1400 4.37 cbbbb71358630e4a014a165543583dd4<br>.reloc 0x22000 0x1AC2 0x1C00 5.09 573b450f82b23521c47865c0331b1f64<br> <br> ( 7 imports )<br> <br>> advapi32.dll: RegQueryInfoKeyA, RegQueryValueExA, RegDeleteKeyA, RegDeleteValueA, RegCloseKey, RegCreateKeyExA, RegOpenKeyExA, RegSetValueExA, RegEnumKeyExA<br>> comctl32.dll: InitCommonControlsEx<br>> gdi32.dll: SetViewportOrgEx, SetWindowOrgEx, SetWindowExtEx, SaveDC, CloseMetaFile, DeleteMetaFile, CreateMetaFileA, DeleteDC, RestoreDC, CreateRectRgnIndirect, SetMapMode, LPtoDP, GetDeviceCaps, CreateDCA<br>> kernel32.dll: GetModuleHandleA, GetModuleFileNameA, GetCurrentThreadId, GetCurrentProcess, InterlockedIncrement, InterlockedDecrement, EnterCriticalSection, LeaveCriticalSection, GlobalUnlock, CloseHandle, LoadLibraryExA, FindResourceA, LoadResource, GetLastError, SizeofResource, FreeLibrary, lstrcpyA, InitializeCriticalSection, HeapDestroy, DeleteCriticalSection, lstrcatA, CreateFileA, DisableThreadLibraryCalls, GlobalLock, GlobalAlloc, WideCharToMultiByte, MultiByteToWideChar, lstrlenW, lstrcpynA, lstrlenA, FreeEnvironmentStringsW, GetLocaleInfoW, GetLocaleInfoA, SetEndOfFile, LoadLibraryA, GetStringTypeW, GetStringTypeA, LCMapStringW, LCMapStringA, SetFilePointer, lstrcmpiA, FlushFileBuffers, SetStdHandle, GetEnvironmentStringsW, GetEnvironmentStrings, HeapReAlloc, FreeEnvironmentStringsA, GetOEMCP, GetACP, GetCPInfo, GetStartupInfoA, GetFileType, GetStdHandle, SetHandleCount, TlsGetValue, SetLastError, TlsFree, TlsAlloc, TlsSetValue, TerminateProcess, WriteFile, ReadFile, GetProcAddress, VirtualAlloc, VirtualFree, HeapCreate, ExitProcess, GetVersion, GetCommandLineA, HeapFree, HeapAlloc<br>> ole32.dll: CoTaskMemFree, CoTaskMemAlloc, CoTaskMemRealloc, OleLoadFromStream, WriteClassStm, OleSaveToStream, ProgIDFromCLSID, OleRegGetUserType, CreateOleAdviseHolder, OleRegEnumVerbs, OleRegGetMiscStatus, CreateDataAdviseHolder<br>> oleaut32.dll: -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -<br>> user32.dll: DispatchMessageA, SetWindowPos, SetWindowRgn, PtInRect, UnionRect, CreateWindowExA, CallWindowProcA, DefWindowProcA, LoadStringA, CharNextA, OffsetRect, EqualRect, LoadCursorA, wsprintfA, GetClassInfoExA, RegisterClassExA, GetWindowRect, SetWindowLongA, SendMessageA, TranslateMessage, PeekMessageA, SetFocus, GetParent, ShowWindow, DestroyWindow, IsWindow, GetClientRect, EndPaint, IntersectRect, InvalidateRect, BeginPaint, ReleaseDC, GetDC<br> <br> ( 1 exports )<br> <br>> DllCanUnloadNow, DllGetClassObject, DllRegisterServer, DllUnregisterServer
TrID  : File type identification<br>DirectShow filter (37.8%)<br>Win32 Executable MS Visual C++ 4.x (25.2%)<br>Windows OCX File (23.1%)<br>Win32 Executable MS Visual C++ (generic) (7.0%)<br>Windows Screen Saver (2.4%)
ssdeep: 3072:jkOSBm8k/VoxzY2fLqt/tty7Wg4ixk4LSxz0ogRs:hS0p+Epyqg4iqNxz0
PEiD  : -
RDS   : NSRL Reference Data Set<br>-

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
No active process named iexplore.exe was found!
No active process named firefox.exe was found!
No active process named msnmsgr.exe was found!
No active process named Teatimer.exe was found!
========== OTL ==========
Prefs.js: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}:6.0.10 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15 removed from extensions.enabledItems
C:\Program Files\Mozilla Firefox\components\SiteVacuumXPCOM.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Infodelivery\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoInstrumentation deleted successfully.
Starting removal of ActiveX control {3A226D85-574D-4272-B73C-DBCAECF709B3}
C:\WINDOWS\Downloaded Program Files\TNSClickrb.INF not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{3A226D85-574D-4272-B73C-DBCAECF709B3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3A226D85-574D-4272-B73C-DBCAECF709B3}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{3A226D85-574D-4272-B73C-DBCAECF709B3}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3A226D85-574D-4272-B73C-DBCAECF709B3}\ not found.
Starting removal of ActiveX control {4C39376E-FA9D-4349-BACC-D305C1750EF3}
C:\WINDOWS\Downloaded Program Files\EPUWALcontrol.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{4C39376E-FA9D-4349-BACC-D305C1750EF3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4C39376E-FA9D-4349-BACC-D305C1750EF3}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{4C39376E-FA9D-4349-BACC-D305C1750EF3}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4C39376E-FA9D-4349-BACC-D305C1750EF3}\ not found.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
C:\WINDOWS\Downloaded Program Files\erma.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {D4323BF2-006A-4440-A2F5-27E3E7AB25F8}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{D4323BF2-006A-4440-A2F5-27E3E7AB25F8}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{D4323BF2-006A-4440-A2F5-27E3E7AB25F8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4323BF2-006A-4440-A2F5-27E3E7AB25F8}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{D4323BF2-006A-4440-A2F5-27E3E7AB25F8}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4323BF2-006A-4440-A2F5-27E3E7AB25F8}\ not found.
Starting removal of ActiveX control fdjeux
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\fdjeux\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\fdjeux\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\fdjeux\ not found.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:6BD1DCDD deleted successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\ISUSPM Startup deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\NeroFilterCheck deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\"FirewallOverride"|1 /E : value set successfully!
========== FILES ==========
C:\d4e0460ee35ae7d69a73604cc9\i386 folder moved successfully.
C:\d4e0460ee35ae7d69a73604cc9\amd64 folder moved successfully.
C:\d4e0460ee35ae7d69a73604cc9 folder moved successfully.
C:\Documents and Settings\Stéphane DADET\idx1.dat moved successfully.
C:\WINDOWS\~tmp.INI moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrateur
->Temp folder emptied: 510 bytes
->Temporary Internet Files folder emptied: 71045 bytes

User: All Users

User: Camille DADET
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
->Flash cache emptied: 300 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Propriétaire

User: Stéphane DADET
->Temp folder emptied: 32309818 bytes
->Temporary Internet Files folder emptied: 70103 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 51359729 bytes
->Flash cache emptied: 3814 bytes

User: StÚphane DADET

User: Séverine DADET
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Java cache emptied: 927207 bytes
->FireFox cache emptied: 23482501 bytes
->Flash cache emptied: 405 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 3072 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 66200 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 103,00 mb

OTL by OldTimer - Version 3.1.37.2 log created on 03182010_070216

Files\Folders moved on Reboot...
C:\Documents and Settings\Stéphane DADET\Local Settings\Temp\~DF5910.tmp moved successfully.

Registry entries deleted on Reboot...
0
Réponse 22 / 24
Utilisateur anonyme
 
hello mets malwarebytes a jour et fais un scan complet
0
Réponse 23 / 24
ste50 Messages postés 50 Date d'inscription   Statut Membre Dernière intervention  
 
bonsoir,

voici le rapport malwarebytes:

Malwarebytes' Anti-Malware 1.44
Version de la base de données: 3879
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

18/03/2010 16:42:50
mbam-log-2010-03-18 (16-42-44).txt

Type de recherche: Examen complet (C:\|)
Eléments examinés: 258338
Temps écoulé: 1 hour(s), 28 minute(s), 57 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 2

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Qoobox\Quarantine\C\WINDOWS\SYSTEM32\DRIVERS\veqswi.sys.vir (Rootkit.Agent) -> No action taken.
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP8\A0001281.sys (Rootkit.Agent) -> No action taken.
0
Réponse 24 / 24
Utilisateur anonyme
 
te reste-t-il des soucis ? les restants presents dans ton dernier rapport seront virés avec le nettoyage
0
Précédent
  • 1
  • 2

Discussions similaires

Cheval de troie comment le supprimer?
sonia -
^^Marie^^ -

28 réponses
virus: comment supprimer ccxprocess (virus cheval de troie)
grrlesang -
bazfile -

1 réponse
expressions francaises
bifaka -
lanonyme -

4 réponses
comment se debarasser d un cheval de troie
jennyfer1 -
MrMaDGaME -

66 réponses
cheval dans oblivion
sernaldo53 -
sernaldo53 -

12 réponses