Rapport malwarebytes
bilou25120
-
Malekal_morte- Messages postés 184347 Date d'inscription Statut Modérateur, Contributeur sécurité Dernière intervention -
Malekal_morte- Messages postés 184347 Date d'inscription Statut Modérateur, Contributeur sécurité Dernière intervention -
Bonjour,
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Version de la base de données: 5740
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
11/02/2011 14:46:19
mbam-log-2011-02-11 (14-46-19).txt
Type d'examen: Examen complet (C:\|D:\|)
Elément(s) analysé(s): 356101
Temps écoulé: 1 heure(s), 40 minute(s), 29 seconde(s)
Processus mémoire infecté(s): 2
Module(s) mémoire infecté(s): 2
Clé(s) du Registre infectée(s): 40
Valeur(s) du Registre infectée(s): 6
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 4
Fichier(s) infecté(s): 71
Processus mémoire infecté(s):
c:\documents and settings\BILOU\application data\SysWin\lsass.exe (Trojan.Tracur.S) -> 188 -> Unloaded process successfully.
c:\WINDOWS\eswow.exe (Trojan.Tracur.S) -> 800 -> Unloaded process successfully.
Module(s) mémoire infecté(s):
c:\WINDOWS\system32\ati3duag32.dll (Trojan.Tracur.S) -> Delete on reboot.
c:\WINDOWS\system32\hypertrm32.dll (Trojan.Tracur.S) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{014DD432-1427-4967-B839-B6711770D5Fb} (Trojan.Tracur.S) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{014DD432-1427-4967-B839-B6711770D5FB} (Trojan.Tracur.S) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{014DD432-1427-4967-B839-B6711770D5FB} (Trojan.Tracur.S) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{014DD432-1427-4967-B839-B6711770D5FB} (Trojan.Tracur.S) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7C54FDEF-8D6C-E6CA-0870-41642883F0DD} (Trojan.Tracur.S) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C54FDEF-8D6C-E6CA-0870-41642883F0DD} (Trojan.Tracur.S) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{7C54FDEF-8D6C-E6CA-0870-41642883F0DD} (Trojan.Tracur.S) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7C54FDEF-8D6C-E6CA-0870-41642883F0DD} (Trojan.Tracur.S) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0286A85D-CD62-43bb-B7A9-A87D1D027160} (Adware.SuperSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{EE53711B-0711-4999-88F0-33DC043623B1} (Adware.SuperSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{48C9E279-C48C-48C1-9AFC-E4E9E5E5E350} (Adware.SuperSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\SuperSearch.BHOBridge.1 (Adware.SuperSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\SuperSearch.BHOBridge (Adware.SuperSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0286A85D-CD62-43BB-B7A9-A87D1D027160} (Adware.SuperSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{0286A85D-CD62-43BB-B7A9-A87D1D027160} (Adware.SuperSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{0286A85D-CD62-43BB-B7A9-A87D1D027160} (Adware.SuperSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{01677B4B-0610-4814-94A0-5F570DD7A88F} (Trojan.SearchRedir.G) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{A5B0779F-0A3E-482E-BB31-B7B871599F60} (Trojan.SearchRedir.G) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{5106ED5C-7245-4F5A-ABCA-67B0C15333D2} (Trojan.SearchRedir.G) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\GooglePlusVideos.BHOBridge.1 (Trojan.SearchRedir.G) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\GooglePlusVideos.BHOBridge (Trojan.SearchRedir.G) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{01677B4B-0610-4814-94A0-5F570DD7A88F} (Trojan.SearchRedir.G) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{01677B4B-0610-4814-94A0-5F570DD7A88F} (Trojan.SearchRedir.G) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{01677B4B-0610-4814-94A0-5F570DD7A88F} (Trojan.SearchRedir.G) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2EA256ED-74B3-4322-B1E0-53D00C693E6E} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\SuperSearch.SuperSearchFirefoxMgr.1 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\SuperSearch.SuperSearchFirefoxMgr (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1602F07D-8BF3-4C08-BDD6-DDDB1C48AEDC} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\.fsharproj (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\20W6RLKX65 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\65MWRMP54G (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\IJKUK66HMN (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\NtWqIVLZEWZU (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\OTGV1DNWQQ (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\U36VRSFLG6 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\X3EKEPXJP2 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\YXE7DXCQ37 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\HiSoft\CrackDownloader (CrackTool.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\RTHDBPL (Trojan.Tracur.S) -> Value: RTHDBPL -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\eswow.exe (Trojan.Tracur.S) -> Value: eswow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\win (Trojan.Downloader) -> Value: win -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\YXE7DXCQ37 (Trojan.FakeAlert) -> Value: YXE7DXCQ37 -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\IJKUK66HMN (Trojan.FakeAlert) -> Value: IJKUK66HMN -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\U36VRSFLG6 (Trojan.FakeAlert) -> Value: U36VRSFLG6 -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
c:\WINDOWS\system32\SysWoW32 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\documents and settings\BILOU\application data\SysWin (Trojan.Agent) -> Quarantined and deleted successfully.
c:\sysmon\dwid23007 (Trojan.P2P.Downloader) -> Quarantined and deleted successfully.
c:\sysmon\wrdw02885 (Trojan.P2P.Downloader) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
c:\WINDOWS\system32\ati3duag32.dll (Trojan.Tracur.S) -> Delete on reboot.
c:\documents and settings\BILOU\application data\SysWin\lsass.exe (Trojan.Tracur.S) -> Quarantined and deleted successfully.
c:\WINDOWS\eswow.exe (Trojan.Tracur.S) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\hypertrm32.dll (Trojan.Tracur.S) -> Delete on reboot.
c:\documents and settings\BILOU\application data\easysearch\BHO\1.supersearch.dll (Adware.SuperSearch) -> Quarantined and deleted successfully.
c:\documents and settings\BILOU\application data\googleplusvideos\23.googleplusvideos.dll (Trojan.SearchRedir.G) -> Quarantined and deleted successfully.
c:\documents and settings\BILOU\application data\easysearch\BHO\supersearchxpcom.dll (Adware.SuperSearch) -> Quarantined and deleted successfully.
c:\documents and settings\bilou\local settings\temp\ssp.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\documents and settings\bilou\local settings\temp\ssq.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\documents and settings\BILOU\local settings\temp\wz59fc\xf-a2010.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\BILOU\local settings\temp\wze0ab\aac2010_keygen-64bits.exe (Trojan.Agent.CK) -> Quarantined and deleted successfully.
c:\documents and settings\BILOU\mes documents\a copier sur dd externe\acdsee 2009\cr-as2k9.exe (Trojan.Dropper.PGen) -> Quarantined and deleted successfully.
c:\documents and settings\BILOU\mes documents\a copier sur dd externe\goldwave v5.52 full - new keygen + serials {www.cyber-eagle.blogspot.com} [arsalan] [h33t]\Keygen\gwave5.1keygen.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
c:\documents and settings\BILOU\mes documents\plugin akvis 2010 pour photoshop\AKVIS\Cracked\2 akvis retrial.exe (Trojan.Bumat) -> Quarantined and deleted successfully.
c:\documents and settings\BILOU\mes documents\logiciels\a copier sur dd externe\acdsee pro 3 fr + keygen\CORE10k.EXE (Dont.Steal.Our.Software) -> Quarantined and deleted successfully.
c:\documents and settings\BILOU\mes documents\logiciels\a copier sur dd externe\acdsee pro 3 fr + keygen\keygen.exe (Trojan.Dropper.PGen) -> Quarantined and deleted successfully.
c:\documents and settings\BILOU\mes documents\logiciels\a copier sur dd externe\nikon capture nx 2.0.0 (fr)\Patch\nikon.capture.nx.v2.0.0.0-nope.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\program files\AKVIS\2 akvis retrial.exe (Trojan.Bumat) -> Quarantined and deleted successfully.
c:\program files\AKVIS\chameleon\2 akvis retrial.exe (Trojan.Bumat) -> Quarantined and deleted successfully.
c:\program files\AKVIS\coloriage\2 akvis retrial.exe (Trojan.Bumat) -> Quarantined and deleted successfully.
c:\program files\AKVIS\smartmask\2 akvis retrial.exe (Trojan.Bumat) -> Quarantined and deleted successfully.
c:\program files\Nikon\capture nx 2\nikon.capture.nx.v2.0.0.0-nope.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\qoobox\quarantine\c\documents and settings\bilou\local settings\application data\487913827.exe.vir (Rogue.SecurityTool) -> Quarantined and deleted successfully.
c:\qoobox\quarantine\c\documents and settings\bilou\local settings\application data\63438475.exe.vir (Rogue.SecurityTool) -> Quarantined and deleted successfully.
c:\system volume information\_restore{337505e1-a821-48c8-9eea-91461183c96e}\RP143\A0032716.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{337505e1-a821-48c8-9eea-91461183c96e}\RP150\A0036678.exe (Trojan.Tracur.S) -> Quarantined and deleted successfully.
c:\system volume information\_restore{337505e1-a821-48c8-9eea-91461183c96e}\RP150\A0036704.exe (Trojan.Tracur.S) -> Quarantined and deleted successfully.
c:\system volume information\_restore{337505e1-a821-48c8-9eea-91461183c96e}\RP168\A0040270.exe (Trojan.Tracur.S) -> Quarantined and deleted successfully.
c:\system volume information\_restore{337505e1-a821-48c8-9eea-91461183c96e}\RP175\A0046132.exe (Trojan.Tracur.S) -> Quarantined and deleted successfully.
c:\system volume information\_restore{337505e1-a821-48c8-9eea-91461183c96e}\rp176\a0046972.exe (Trojan.Tracur.S) -> Quarantined and deleted successfully.
c:\system volume information\_restore{337505e1-a821-48c8-9eea-91461183c96e}\rp176\a0047136.exe (Trojan.Tracur.S) -> Quarantined and deleted successfully.
c:\Temp\vlc-1.1.4-win32.exe (Adware.HotBar) -> Quarantined and deleted successfully.
c:\windows\system32\trz1b.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\inetperf.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\bthext.dll (Trojan.P2P.Agent) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\hypertrm32.exe (Trojan.Tracur.S) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\1E8.tmp (Trojan.Tracur.S) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\1e97934fc923888d593579076d458e98\b\bint1 (Trojan.Tracur.S) -> Quarantined and deleted successfully.
d:\AKVIS\akvis sketch 10.2.2003.6145 r multilanguage\ReTrial\akvis_retrial.exe (Trojan.Bumat) -> Quarantined and deleted successfully.
d:\AKVIS\akvis sketch v11.0 for adobe photoshop{h33t}{raththaran}\rus\akvis_retrial.exe (Trojan.Bumat) -> Quarantined and deleted successfully.
d:\system volume information\_restore{337505e1-a821-48c8-9eea-91461183c96e}\rp145\a0035984.exe (Trojan.Agent) -> Quarantined and deleted successfully.
d:\system volume information\_restore{337505e1-a821-48c8-9eea-91461183c96e}\rp145\a0036040.exe (Trojan.Tracur.S) -> Quarantined and deleted successfully.
d:\system volume information\_restore{337505e1-a821-48c8-9eea-91461183c96e}\rp145\a0036041.exe (Trojan.Tracur.S) -> Quarantined and deleted successfully.
d:\telechargement bittorrent\autocad 2010 keygen+activation\aac2010_keygen-32bits.exe (Trojan.Agent) -> Quarantined and deleted successfully.
d:\telechargement bittorrent\autocad 2010 keygen+activation\aac2010_keygen-64bits.exe (Trojan.Agent.CK) -> Quarantined and deleted successfully.
c:\documents and settings\localservice\application data\02000000dbf59c1d1143c.manifest (Malware.Trace) -> Quarantined and deleted successfully.
c:\documents and settings\localservice\application data\02000000dbf59c1d1143o.manifest (Malware.Trace) -> Quarantined and deleted successfully.
c:\documents and settings\localservice\application data\02000000dbf59c1d1143p.manifest (Malware.Trace) -> Quarantined and deleted successfully.
c:\documents and settings\localservice\application data\02000000dbf59c1d1143s.manifest (Malware.Trace) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\02000000dbf59c1d1143c.manifest (Malware.Trace) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\02000000dbf59c1d1143o.manifest (Malware.Trace) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\02000000dbf59c1d1143p.manifest (Malware.Trace) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\02000000dbf59c1d1143s.manifest (Malware.Trace) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\gnuhashes.ini (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\sl697803405 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\mu1115437589v4.kwd (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\mu1115437589v4 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\mu1115437589v5 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\mu1115437589v5.kwd (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\mu1115437589v6 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\mu1115437589v6.kwd (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\mu1115437589v7 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\mu1115437589v7.kwd (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\wu1115437589v0 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\wu1115437589v0.kwd (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\wu1115437589v1 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\wu1115437589v1.kwd (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\wu1115437589v2 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\wu1115437589v2.kwd (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\wu1115437589v3 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\wu1115437589v3.kwd (Trojan.Tracur) -> Quarantined and deleted successfully.
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Version de la base de données: 5740
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
11/02/2011 14:46:19
mbam-log-2011-02-11 (14-46-19).txt
Type d'examen: Examen complet (C:\|D:\|)
Elément(s) analysé(s): 356101
Temps écoulé: 1 heure(s), 40 minute(s), 29 seconde(s)
Processus mémoire infecté(s): 2
Module(s) mémoire infecté(s): 2
Clé(s) du Registre infectée(s): 40
Valeur(s) du Registre infectée(s): 6
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 4
Fichier(s) infecté(s): 71
Processus mémoire infecté(s):
c:\documents and settings\BILOU\application data\SysWin\lsass.exe (Trojan.Tracur.S) -> 188 -> Unloaded process successfully.
c:\WINDOWS\eswow.exe (Trojan.Tracur.S) -> 800 -> Unloaded process successfully.
Module(s) mémoire infecté(s):
c:\WINDOWS\system32\ati3duag32.dll (Trojan.Tracur.S) -> Delete on reboot.
c:\WINDOWS\system32\hypertrm32.dll (Trojan.Tracur.S) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{014DD432-1427-4967-B839-B6711770D5Fb} (Trojan.Tracur.S) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{014DD432-1427-4967-B839-B6711770D5FB} (Trojan.Tracur.S) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{014DD432-1427-4967-B839-B6711770D5FB} (Trojan.Tracur.S) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{014DD432-1427-4967-B839-B6711770D5FB} (Trojan.Tracur.S) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7C54FDEF-8D6C-E6CA-0870-41642883F0DD} (Trojan.Tracur.S) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C54FDEF-8D6C-E6CA-0870-41642883F0DD} (Trojan.Tracur.S) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{7C54FDEF-8D6C-E6CA-0870-41642883F0DD} (Trojan.Tracur.S) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7C54FDEF-8D6C-E6CA-0870-41642883F0DD} (Trojan.Tracur.S) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0286A85D-CD62-43bb-B7A9-A87D1D027160} (Adware.SuperSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{EE53711B-0711-4999-88F0-33DC043623B1} (Adware.SuperSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{48C9E279-C48C-48C1-9AFC-E4E9E5E5E350} (Adware.SuperSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\SuperSearch.BHOBridge.1 (Adware.SuperSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\SuperSearch.BHOBridge (Adware.SuperSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0286A85D-CD62-43BB-B7A9-A87D1D027160} (Adware.SuperSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{0286A85D-CD62-43BB-B7A9-A87D1D027160} (Adware.SuperSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{0286A85D-CD62-43BB-B7A9-A87D1D027160} (Adware.SuperSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{01677B4B-0610-4814-94A0-5F570DD7A88F} (Trojan.SearchRedir.G) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{A5B0779F-0A3E-482E-BB31-B7B871599F60} (Trojan.SearchRedir.G) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{5106ED5C-7245-4F5A-ABCA-67B0C15333D2} (Trojan.SearchRedir.G) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\GooglePlusVideos.BHOBridge.1 (Trojan.SearchRedir.G) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\GooglePlusVideos.BHOBridge (Trojan.SearchRedir.G) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{01677B4B-0610-4814-94A0-5F570DD7A88F} (Trojan.SearchRedir.G) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{01677B4B-0610-4814-94A0-5F570DD7A88F} (Trojan.SearchRedir.G) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{01677B4B-0610-4814-94A0-5F570DD7A88F} (Trojan.SearchRedir.G) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2EA256ED-74B3-4322-B1E0-53D00C693E6E} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\SuperSearch.SuperSearchFirefoxMgr.1 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\SuperSearch.SuperSearchFirefoxMgr (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1602F07D-8BF3-4C08-BDD6-DDDB1C48AEDC} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\.fsharproj (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\20W6RLKX65 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\65MWRMP54G (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\IJKUK66HMN (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\NtWqIVLZEWZU (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\OTGV1DNWQQ (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\U36VRSFLG6 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\X3EKEPXJP2 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\YXE7DXCQ37 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\HiSoft\CrackDownloader (CrackTool.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\RTHDBPL (Trojan.Tracur.S) -> Value: RTHDBPL -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\eswow.exe (Trojan.Tracur.S) -> Value: eswow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\win (Trojan.Downloader) -> Value: win -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\YXE7DXCQ37 (Trojan.FakeAlert) -> Value: YXE7DXCQ37 -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\IJKUK66HMN (Trojan.FakeAlert) -> Value: IJKUK66HMN -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\U36VRSFLG6 (Trojan.FakeAlert) -> Value: U36VRSFLG6 -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
c:\WINDOWS\system32\SysWoW32 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\documents and settings\BILOU\application data\SysWin (Trojan.Agent) -> Quarantined and deleted successfully.
c:\sysmon\dwid23007 (Trojan.P2P.Downloader) -> Quarantined and deleted successfully.
c:\sysmon\wrdw02885 (Trojan.P2P.Downloader) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
c:\WINDOWS\system32\ati3duag32.dll (Trojan.Tracur.S) -> Delete on reboot.
c:\documents and settings\BILOU\application data\SysWin\lsass.exe (Trojan.Tracur.S) -> Quarantined and deleted successfully.
c:\WINDOWS\eswow.exe (Trojan.Tracur.S) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\hypertrm32.dll (Trojan.Tracur.S) -> Delete on reboot.
c:\documents and settings\BILOU\application data\easysearch\BHO\1.supersearch.dll (Adware.SuperSearch) -> Quarantined and deleted successfully.
c:\documents and settings\BILOU\application data\googleplusvideos\23.googleplusvideos.dll (Trojan.SearchRedir.G) -> Quarantined and deleted successfully.
c:\documents and settings\BILOU\application data\easysearch\BHO\supersearchxpcom.dll (Adware.SuperSearch) -> Quarantined and deleted successfully.
c:\documents and settings\bilou\local settings\temp\ssp.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\documents and settings\bilou\local settings\temp\ssq.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\documents and settings\BILOU\local settings\temp\wz59fc\xf-a2010.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\BILOU\local settings\temp\wze0ab\aac2010_keygen-64bits.exe (Trojan.Agent.CK) -> Quarantined and deleted successfully.
c:\documents and settings\BILOU\mes documents\a copier sur dd externe\acdsee 2009\cr-as2k9.exe (Trojan.Dropper.PGen) -> Quarantined and deleted successfully.
c:\documents and settings\BILOU\mes documents\a copier sur dd externe\goldwave v5.52 full - new keygen + serials {www.cyber-eagle.blogspot.com} [arsalan] [h33t]\Keygen\gwave5.1keygen.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
c:\documents and settings\BILOU\mes documents\plugin akvis 2010 pour photoshop\AKVIS\Cracked\2 akvis retrial.exe (Trojan.Bumat) -> Quarantined and deleted successfully.
c:\documents and settings\BILOU\mes documents\logiciels\a copier sur dd externe\acdsee pro 3 fr + keygen\CORE10k.EXE (Dont.Steal.Our.Software) -> Quarantined and deleted successfully.
c:\documents and settings\BILOU\mes documents\logiciels\a copier sur dd externe\acdsee pro 3 fr + keygen\keygen.exe (Trojan.Dropper.PGen) -> Quarantined and deleted successfully.
c:\documents and settings\BILOU\mes documents\logiciels\a copier sur dd externe\nikon capture nx 2.0.0 (fr)\Patch\nikon.capture.nx.v2.0.0.0-nope.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\program files\AKVIS\2 akvis retrial.exe (Trojan.Bumat) -> Quarantined and deleted successfully.
c:\program files\AKVIS\chameleon\2 akvis retrial.exe (Trojan.Bumat) -> Quarantined and deleted successfully.
c:\program files\AKVIS\coloriage\2 akvis retrial.exe (Trojan.Bumat) -> Quarantined and deleted successfully.
c:\program files\AKVIS\smartmask\2 akvis retrial.exe (Trojan.Bumat) -> Quarantined and deleted successfully.
c:\program files\Nikon\capture nx 2\nikon.capture.nx.v2.0.0.0-nope.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\qoobox\quarantine\c\documents and settings\bilou\local settings\application data\487913827.exe.vir (Rogue.SecurityTool) -> Quarantined and deleted successfully.
c:\qoobox\quarantine\c\documents and settings\bilou\local settings\application data\63438475.exe.vir (Rogue.SecurityTool) -> Quarantined and deleted successfully.
c:\system volume information\_restore{337505e1-a821-48c8-9eea-91461183c96e}\RP143\A0032716.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{337505e1-a821-48c8-9eea-91461183c96e}\RP150\A0036678.exe (Trojan.Tracur.S) -> Quarantined and deleted successfully.
c:\system volume information\_restore{337505e1-a821-48c8-9eea-91461183c96e}\RP150\A0036704.exe (Trojan.Tracur.S) -> Quarantined and deleted successfully.
c:\system volume information\_restore{337505e1-a821-48c8-9eea-91461183c96e}\RP168\A0040270.exe (Trojan.Tracur.S) -> Quarantined and deleted successfully.
c:\system volume information\_restore{337505e1-a821-48c8-9eea-91461183c96e}\RP175\A0046132.exe (Trojan.Tracur.S) -> Quarantined and deleted successfully.
c:\system volume information\_restore{337505e1-a821-48c8-9eea-91461183c96e}\rp176\a0046972.exe (Trojan.Tracur.S) -> Quarantined and deleted successfully.
c:\system volume information\_restore{337505e1-a821-48c8-9eea-91461183c96e}\rp176\a0047136.exe (Trojan.Tracur.S) -> Quarantined and deleted successfully.
c:\Temp\vlc-1.1.4-win32.exe (Adware.HotBar) -> Quarantined and deleted successfully.
c:\windows\system32\trz1b.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\inetperf.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\bthext.dll (Trojan.P2P.Agent) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\hypertrm32.exe (Trojan.Tracur.S) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\1E8.tmp (Trojan.Tracur.S) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\1e97934fc923888d593579076d458e98\b\bint1 (Trojan.Tracur.S) -> Quarantined and deleted successfully.
d:\AKVIS\akvis sketch 10.2.2003.6145 r multilanguage\ReTrial\akvis_retrial.exe (Trojan.Bumat) -> Quarantined and deleted successfully.
d:\AKVIS\akvis sketch v11.0 for adobe photoshop{h33t}{raththaran}\rus\akvis_retrial.exe (Trojan.Bumat) -> Quarantined and deleted successfully.
d:\system volume information\_restore{337505e1-a821-48c8-9eea-91461183c96e}\rp145\a0035984.exe (Trojan.Agent) -> Quarantined and deleted successfully.
d:\system volume information\_restore{337505e1-a821-48c8-9eea-91461183c96e}\rp145\a0036040.exe (Trojan.Tracur.S) -> Quarantined and deleted successfully.
d:\system volume information\_restore{337505e1-a821-48c8-9eea-91461183c96e}\rp145\a0036041.exe (Trojan.Tracur.S) -> Quarantined and deleted successfully.
d:\telechargement bittorrent\autocad 2010 keygen+activation\aac2010_keygen-32bits.exe (Trojan.Agent) -> Quarantined and deleted successfully.
d:\telechargement bittorrent\autocad 2010 keygen+activation\aac2010_keygen-64bits.exe (Trojan.Agent.CK) -> Quarantined and deleted successfully.
c:\documents and settings\localservice\application data\02000000dbf59c1d1143c.manifest (Malware.Trace) -> Quarantined and deleted successfully.
c:\documents and settings\localservice\application data\02000000dbf59c1d1143o.manifest (Malware.Trace) -> Quarantined and deleted successfully.
c:\documents and settings\localservice\application data\02000000dbf59c1d1143p.manifest (Malware.Trace) -> Quarantined and deleted successfully.
c:\documents and settings\localservice\application data\02000000dbf59c1d1143s.manifest (Malware.Trace) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\02000000dbf59c1d1143c.manifest (Malware.Trace) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\02000000dbf59c1d1143o.manifest (Malware.Trace) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\02000000dbf59c1d1143p.manifest (Malware.Trace) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\02000000dbf59c1d1143s.manifest (Malware.Trace) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\gnuhashes.ini (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\sl697803405 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\mu1115437589v4.kwd (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\mu1115437589v4 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\mu1115437589v5 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\mu1115437589v5.kwd (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\mu1115437589v6 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\mu1115437589v6.kwd (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\mu1115437589v7 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\mu1115437589v7.kwd (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\wu1115437589v0 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\wu1115437589v0.kwd (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\wu1115437589v1 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\wu1115437589v1.kwd (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\wu1115437589v2 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\wu1115437589v2.kwd (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\wu1115437589v3 (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\SysWoW32\wu1115437589v3.kwd (Trojan.Tracur) -> Quarantined and deleted successfully.
A voir également:
- Rapport malwarebytes
- Télécharger malwarebytes - Télécharger - Antivirus & Antimalwares
- Malwarebytes adwcleaner - Télécharger - Antivirus & Antimalwares
- Plan rapport de stage - Guide
- Clé de licence malwarebytes gratuit ✓ - Forum Windows Vista
- Rapport de crash windows - Guide
1 réponse
Salut,
Wow la poubelle numérique :)
Tu peux suivre les indications de cette page pour t'aider : https://www.malekal.com/tutorial-otl/
* Télécharge http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/ sur ton bureau.
(Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)
* Lance OTL
* Sous Peronnalisation, copie-colle ce qu'il y a dans le cadre ci-dessous :
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE\%Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%temp%\.exe /s
%SYSTEMDRIVE%\*.exe
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
/md5start
explorer.exe
winlogon.exe
wininit.exe
/md5stop
CREATERESTOREPOINT
nslookup www.google.fr /c
* Clique sur le bouton Analyse.
* Quand le scan est fini, utilise le site http://pjjoint.malekal.com/ pour me donner les deux rapports : OTL.Txt et Extras.Txt.
Wow la poubelle numérique :)
Tu peux suivre les indications de cette page pour t'aider : https://www.malekal.com/tutorial-otl/
* Télécharge http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/ sur ton bureau.
(Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)
* Lance OTL
* Sous Peronnalisation, copie-colle ce qu'il y a dans le cadre ci-dessous :
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE\%Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%temp%\.exe /s
%SYSTEMDRIVE%\*.exe
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
/md5start
explorer.exe
winlogon.exe
wininit.exe
/md5stop
CREATERESTOREPOINT
nslookup www.google.fr /c
* Clique sur le bouton Analyse.
* Quand le scan est fini, utilise le site http://pjjoint.malekal.com/ pour me donner les deux rapports : OTL.Txt et Extras.Txt.
