6 réponses
Bonjour
A)- Passe un coup de TDSSKiller : https://forum.malekal.com/viewtopic.php?t=28637&start=
Poste le rapport ici.
B)- Et si tu ne sais pas le faire, fais cette application :
* Télécharge sur le bureau RogueKiller (par tigzy)
* Quitte tous tes programmes en cours
* Sous Vista/Seven, => Clic-droit, et choisir "Exécuter en tant qu'admin.".
* Lance-le.
* Lorsque demandé, tape 2 et valide par [Enter]
* Un rapport (RKreport.txt) a dû se créer à côté de l'exécutable, colle son contenu dans la réponse
* Si le programme a été bloqué, ne pas hésiter a essayer plusieurs fois, ou renommer en winlogon.exe au moment du téléchargement.
C)- Ensuite : Télécharge et installe Malwarebyte : https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
Mets le à jour, fais un scan rapide, supprime tout et poste le rapport ici.
!!! Malwarebyte doit être à jour avant de faire le scan !!!
Merci
Al.
Patience-Vigilance-Amour.
A)- Passe un coup de TDSSKiller : https://forum.malekal.com/viewtopic.php?t=28637&start=
Poste le rapport ici.
B)- Et si tu ne sais pas le faire, fais cette application :
* Télécharge sur le bureau RogueKiller (par tigzy)
* Quitte tous tes programmes en cours
* Sous Vista/Seven, => Clic-droit, et choisir "Exécuter en tant qu'admin.".
* Lance-le.
* Lorsque demandé, tape 2 et valide par [Enter]
* Un rapport (RKreport.txt) a dû se créer à côté de l'exécutable, colle son contenu dans la réponse
* Si le programme a été bloqué, ne pas hésiter a essayer plusieurs fois, ou renommer en winlogon.exe au moment du téléchargement.
C)- Ensuite : Télécharge et installe Malwarebyte : https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
Mets le à jour, fais un scan rapide, supprime tout et poste le rapport ici.
!!! Malwarebyte doit être à jour avant de faire le scan !!!
Merci
Al.
Patience-Vigilance-Amour.
Re,
Peux-tu redémarrer le PC SVP ?
Ensuite lancer RogueKiller.
Terminer par nouveau MBAM (mis à jour avant de la lancer) en "Recherche complète" .
Merci
Al.
Patience-Vigilance-Amour.
Peux-tu redémarrer le PC SVP ?
Ensuite lancer RogueKiller.
Terminer par nouveau MBAM (mis à jour avant de la lancer) en "Recherche complète" .
Merci
Al.
Patience-Vigilance-Amour.
Bonjour,
Merci.
"Cent fois sur le métier, remettez votre ouvrage" [Citation tjs actuelle].
En conséquence:
A)- RogueKiller
1- Je lis: Entrees de registre: 1
[APPDT/TMP/DESKTOP] HKLM\[...]\Run : D0B6.tmp (C:\Windows\TEMP\D0B6.tmp) -> FOUND
"FOUND" signifie "trouvé", donc non supprimé !
2- Or, la procédure demandait:
« Quitter tous les programmes en cours pour ensuite relancer RogueKiller (par tigzy)
(Sous Vista/Seven, => Clic-droit, et choisir "Exécuter en tant qu'admin.").
* Lorsque demandé, taper 2 et valider par [Enter]
* Un rapport (RKreport.txt) a dû se créer à côté de l'exécutable, colle son contenu dans la réponse »
Accepterais-tu de recommencer, SVP ?
B)- MalwareByte's Anti-Malware
1- Je lis:
mbam-log-2011-04-17 (10-44-22).txt ==> Version de la base de données: 6376
MBAM n'a donc pas été mis à jour préalablement à l'analyse, comme il l'avait été rappelé!
2- Je lis: Fichier(s) infecté(s):
c:\programdata\991930d44cdba4d3dd0d1f90f31d8227\b\binm1 (Trojan.Tracur.S) -> No action taken.
c:\programdata\991930d44cdba4d3dd0d1f90f31d8227\b\bint1 (Trojan.Tracur.S) -> No action taken.
"No action taken" signifie que les infections n'ont pas été supprimées !
Comme cela avait été bien appliqué lors de la première analyse MBAM, il faut procéder comme ceci:
« Si des malwares ont été détectés, cliquer sur "Afficher les résultats".
Sélectionner tout (ou laisser coché) et cliquer sur "Supprimer la sélection" > MBAM va détruire les fichiers et clés de registre, et en mettre une copie dans la quarantaine. »
Accepterais-tu de recommencer, SVP ?
Merci
Al
Merci.
"Cent fois sur le métier, remettez votre ouvrage" [Citation tjs actuelle].
En conséquence:
A)- RogueKiller
1- Je lis: Entrees de registre: 1
[APPDT/TMP/DESKTOP] HKLM\[...]\Run : D0B6.tmp (C:\Windows\TEMP\D0B6.tmp) -> FOUND
"FOUND" signifie "trouvé", donc non supprimé !
2- Or, la procédure demandait:
« Quitter tous les programmes en cours pour ensuite relancer RogueKiller (par tigzy)
(Sous Vista/Seven, => Clic-droit, et choisir "Exécuter en tant qu'admin.").
* Lorsque demandé, taper 2 et valider par [Enter]
* Un rapport (RKreport.txt) a dû se créer à côté de l'exécutable, colle son contenu dans la réponse »
Accepterais-tu de recommencer, SVP ?
B)- MalwareByte's Anti-Malware
1- Je lis:
mbam-log-2011-04-17 (10-44-22).txt ==> Version de la base de données: 6376
MBAM n'a donc pas été mis à jour préalablement à l'analyse, comme il l'avait été rappelé!
2- Je lis: Fichier(s) infecté(s):
c:\programdata\991930d44cdba4d3dd0d1f90f31d8227\b\binm1 (Trojan.Tracur.S) -> No action taken.
c:\programdata\991930d44cdba4d3dd0d1f90f31d8227\b\bint1 (Trojan.Tracur.S) -> No action taken.
"No action taken" signifie que les infections n'ont pas été supprimées !
Comme cela avait été bien appliqué lors de la première analyse MBAM, il faut procéder comme ceci:
« Si des malwares ont été détectés, cliquer sur "Afficher les résultats".
Sélectionner tout (ou laisser coché) et cliquer sur "Supprimer la sélection" > MBAM va détruire les fichiers et clés de registre, et en mettre une copie dans la quarantaine. »
Accepterais-tu de recommencer, SVP ?
Merci
Al
oui je viens de recommancé:
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Version de la base de données: 6383
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.19048
17/04/2011 16:03:10
mbam-log-2011-04-17 (16-03-10).txt
Type d'examen: Examen complet (C:\|)
Elément(s) analysé(s): 412570
Temps écoulé: 2 heure(s), 41 minute(s), 50 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
et le 2ème:
RogueKiller V4.3.9 [16/04/2011] par Tigzy
contact sur http://www.sur-la-toile.com
mail: tigzyRK<at>gmail<dot>com
Remontees: http://www.sur-la-toile.com/discussion-193725-1-BRogueKillerD-Remontees.html
Systeme d'exploitation: Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Demarrage : Mode normal
Utilisateur: patricia [Droits d'admin]
Mode: Suppression -- Date : 17/04/2011 16:24:52
Processus malicieux: 0
Entrees de registre: 1
[APPDT/TMP/DESKTOP] HKLM\[...]\Run : D0B6.tmp (C:\Windows\TEMP\D0B6.tmp) -> DELETED
Fichier HOSTS:
127.0.0.1 localhost
::1 localhost
Termine : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Version de la base de données: 6383
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.19048
17/04/2011 16:03:10
mbam-log-2011-04-17 (16-03-10).txt
Type d'examen: Examen complet (C:\|)
Elément(s) analysé(s): 412570
Temps écoulé: 2 heure(s), 41 minute(s), 50 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
et le 2ème:
RogueKiller V4.3.9 [16/04/2011] par Tigzy
contact sur http://www.sur-la-toile.com
mail: tigzyRK<at>gmail<dot>com
Remontees: http://www.sur-la-toile.com/discussion-193725-1-BRogueKillerD-Remontees.html
Systeme d'exploitation: Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Demarrage : Mode normal
Utilisateur: patricia [Droits d'admin]
Mode: Suppression -- Date : 17/04/2011 16:24:52
Processus malicieux: 0
Entrees de registre: 1
[APPDT/TMP/DESKTOP] HKLM\[...]\Run : D0B6.tmp (C:\Windows\TEMP\D0B6.tmp) -> DELETED
Fichier HOSTS:
127.0.0.1 localhost
::1 localhost
Termine : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt
Bonsoir
Bien
Merci
A)- Peux-tu relancer une analyse complète avec MBAM, supprimer les objets trouvés, et poster le rapport ? Merci
En effet, j'avais demandé RogueKiller suivi par MBAM.
Or, je lis:
- RK ==> Mode: Suppression -- Date : 17/04/2011 16:24:52
- MBAM ==> mbam-log-2011-04-17 (16-03-10).txt
... que MBAM a été lancé avant RK ==> je suis vraiment désolé.
B)- Ensuite, et pour y voir plus clair, faire ce diagnostic et poster le rapport.
- Télécharger ZHPDiag (de Nicolas Coolman) sur le bureau .
Dérouler la page et cliquer sur [Télécharger] ([ https://imageshack.com/ le bouton radio inférieur]).
Une [ https://imageshack.com/ barre jaune apparaît] en haut de page > cliquer sur "Cliquer ici pour afficher plus d'options..." > "Télécharger le ficher ..." > [Enregistrer] (accepter l'alerte éventuelle de l'antivirus) > choisir le Bureau > [Enregistrer] ZHPDiag2.exe > [Exécuter] > [Exécuter] > lancer l'assistant d'installation par [Suivant].
Ne pas oublier de cocher le bouton ratio en face de "Créer une icône sur le bureau".
Se laisser guider lors de l'installation, ZHPDiag.exe se lancera automatiquement à la fin.
( /!\ L'outil a créé [ https://imageshack.com/ 4 icônes] , dont ZHPDiag (pour lancer l'application ultérieurement) et ZHPFix (pour le traitement du rapport) sur le bureau ) .
/!\Utilisateur de Vista et Seven : Clic-droit sur le logo ZHPDiag > choisir, dans le menu contextuel qui s'affiche, l'option [Exécuter en tant qu'Administrateur]/!\
- Cliquer sur le raccourci ZHPDiag du Bureau pour l'ouvrir.
Cliquer sur l'icône représentant une loupe pour "Lancer le diagnostic".
NOTES:
- Enregistrer le rapport sur le Bureau à l'aide de l'icône représentant une "Disquette"
- Héberger le rapport sur ce site Cijoint.fr ( ou sur celui-là ) > puis copier/coller le lien fourni dans la prochaine réponse vers le forum en cours.
Merci
Al.
Bien
Merci
A)- Peux-tu relancer une analyse complète avec MBAM, supprimer les objets trouvés, et poster le rapport ? Merci
En effet, j'avais demandé RogueKiller suivi par MBAM.
Or, je lis:
- RK ==> Mode: Suppression -- Date : 17/04/2011 16:24:52
- MBAM ==> mbam-log-2011-04-17 (16-03-10).txt
... que MBAM a été lancé avant RK ==> je suis vraiment désolé.
B)- Ensuite, et pour y voir plus clair, faire ce diagnostic et poster le rapport.
- Télécharger ZHPDiag (de Nicolas Coolman) sur le bureau .
Dérouler la page et cliquer sur [Télécharger] ([ https://imageshack.com/ le bouton radio inférieur]).
Une [ https://imageshack.com/ barre jaune apparaît] en haut de page > cliquer sur "Cliquer ici pour afficher plus d'options..." > "Télécharger le ficher ..." > [Enregistrer] (accepter l'alerte éventuelle de l'antivirus) > choisir le Bureau > [Enregistrer] ZHPDiag2.exe > [Exécuter] > [Exécuter] > lancer l'assistant d'installation par [Suivant].
Ne pas oublier de cocher le bouton ratio en face de "Créer une icône sur le bureau".
Se laisser guider lors de l'installation, ZHPDiag.exe se lancera automatiquement à la fin.
( /!\ L'outil a créé [ https://imageshack.com/ 4 icônes] , dont ZHPDiag (pour lancer l'application ultérieurement) et ZHPFix (pour le traitement du rapport) sur le bureau ) .
/!\Utilisateur de Vista et Seven : Clic-droit sur le logo ZHPDiag > choisir, dans le menu contextuel qui s'affiche, l'option [Exécuter en tant qu'Administrateur]/!\
- Cliquer sur le raccourci ZHPDiag du Bureau pour l'ouvrir.
Cliquer sur l'icône représentant une loupe pour "Lancer le diagnostic".
NOTES:
- Enregistrer le rapport sur le Bureau à l'aide de l'icône représentant une "Disquette"
- Héberger le rapport sur ce site Cijoint.fr ( ou sur celui-là ) > puis copier/coller le lien fourni dans la prochaine réponse vers le forum en cours.
Merci
Al.
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Salut pat,
Pas de problème, je comprends facilement.
Même mon épouse est allergique à ce PC.
Nous aurions gagné du temps si tu avais exposé cette situation.
Sur un PC infecté, la chance de réussir se définit en trois principes:
- Rapidité à réagir (certaines infections profitent du temps qui passe!)
- Ne faire que ce qui proposé et RIEN d'autre (et le faire bien).
- Si tu doutes, demander des explications et précisions.
Bonne soirée.
À la prochaine.
Merci d'avoir averti.
Al.
Pas de problème, je comprends facilement.
Même mon épouse est allergique à ce PC.
Nous aurions gagné du temps si tu avais exposé cette situation.
Sur un PC infecté, la chance de réussir se définit en trois principes:
- Rapidité à réagir (certaines infections profitent du temps qui passe!)
- Ne faire que ce qui proposé et RIEN d'autre (et le faire bien).
- Si tu doutes, demander des explications et précisions.
Bonne soirée.
À la prochaine.
Merci d'avoir averti.
Al.
bonsoir comme convenu tout a était refait je poste le tout
RogueKiller V4.3.9 [16/04/2011] par Tigzy
contact sur http://www.sur-la-toile.com
mail: tigzyRK<at>gmail<dot>com
Remontees: http://www.sur-la-toile.com/discussion-193725-1-BRogueKillerD-Remontees.html
Systeme d'exploitation: Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Demarrage : Mode normal
Utilisateur: brahim [Droits d'admin]
Mode: Suppression -- Date : 23/04/2011 20:36:56
Processus malicieux: 0
Entrees de registre: 0
Fichier HOSTS:
127.0.0.1 localhost
::1 localhost
Termine : << RKreport[1].txt >>
RKreport[1].txt
le 2ème:
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Version de la base de données: 6427
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.19048
23/04/2011 23:19:19
mbam-log-2011-04-23 (23-19-19).txt
Type d'examen: Examen complet (C:\|)
Elément(s) analysé(s): 419275
Temps écoulé: 2 heure(s), 34 minute(s), 26 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 61
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sti_ciwow.exe (Trojan.TracurW.Gen) -> Value: sti_ciwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\msshookswow.exe (Trojan.TracurW.Gen) -> Value: msshookswow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sdohlpwow.exe (Trojan.TracurW.Gen) -> Value: sdohlpwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\iprtpriowow.exe (Trojan.TracurW.Gen) -> Value: iprtpriowow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\KBDINGUJwow.exe (Trojan.TracurW.Gen) -> Value: KBDINGUJwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\dmutilwow.exe (Trojan.TracurW.Gen) -> Value: dmutilwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\atmfdwow.exe (Trojan.TracurW.Gen) -> Value: atmfdwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\themeuiwow.exe (Trojan.TracurW.Gen) -> Value: themeuiwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cscdllwow.exe (Trojan.TracurW.Gen) -> Value: cscdllwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\dciman32wow.exe (Trojan.TracurW.Gen) -> Value: dciman32wow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\wshrmwow.exe (Trojan.TracurW.Gen) -> Value: wshrmwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\netidwow.exe (Trojan.TracurW.Gen) -> Value: netidwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\PSHEDwow.exe (Trojan.TracurW.Gen) -> Value: PSHEDwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\localuiwow.exe (Trojan.TracurW.Gen) -> Value: localuiwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\dpnhpastwow.exe (Trojan.TracurW.Gen) -> Value: dpnhpastwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\kbd101awow.exe (Trojan.TracurW.Gen) -> Value: kbd101awow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\xolehlpwow.exe (Trojan.TracurW.Gen) -> Value: xolehlpwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\NvRCoCswow.exe (Trojan.TracurW.Gen) -> Value: NvRCoCswow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\EhStorShellwow.exe (Trojan.TracurW.Gen) -> Value: EhStorShellwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\gpeditwow.exe (Trojan.TracurW.Gen) -> Value: gpeditwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\basesrvwow.exe (Trojan.TracurW.Gen) -> Value: basesrvwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cfgmgr32wow.exe (Trojan.TracurW.Gen) -> Value: cfgmgr32wow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\softpubwow.exe (Trojan.TracurW.Gen) -> Value: softpubwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\d3dx10_42wow.exe (Trojan.TracurW.Gen) -> Value: d3dx10_42wow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ntmartawow.exe (Trojan.TracurW.Gen) -> Value: ntmartawow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\credsspwow.exe (Trojan.TracurW.Gen) -> Value: credsspwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\qeditwow.exe (Trojan.TracurW.Gen) -> Value: qeditwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\licmgr10wow.exe (Trojan.TracurW.Gen) -> Value: licmgr10wow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\odbccp32wow.exe (Trojan.TracurW.Gen) -> Value: odbccp32wow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\nvmccsswow.exe (Trojan.TracurW.Gen) -> Value: nvmccsswow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\bidisplwow.exe (Trojan.TracurW.Gen) -> Value: bidisplwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lsmproxywow.exe (Trojan.TracurW.Gen) -> Value: lsmproxywow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\deskmonwow.exe (Trojan.TracurW.Gen) -> Value: deskmonwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\dskquouiwow.exe (Trojan.TracurW.Gen) -> Value: dskquouiwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\KBDBULGwow.exe (Trojan.TracurW.Gen) -> Value: KBDBULGwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\prflbmsgwow.exe (Trojan.TracurW.Gen) -> Value: prflbmsgwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\KBDTIPRCwow.exe (Trojan.TracurW.Gen) -> Value: KBDTIPRCwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\KBDDAwow.exe (Trojan.TracurW.Gen) -> Value: KBDDAwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\rasdiagwow.exe (Trojan.TracurW.Gen) -> Value: rasdiagwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\KBDINDEVwow.exe (Trojan.TracurW.Gen) -> Value: KBDINDEVwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\slcinstwow.exe (Trojan.TracurW.Gen) -> Value: slcinstwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\AltTabwow.exe (Trojan.TracurW.Gen) -> Value: AltTabwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\aaclientwow.exe (Trojan.TracurW.Gen) -> Value: aaclientwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\QSVRMGMTwow.exe (Trojan.TracurW.Gen) -> Value: QSVRMGMTwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SCP32wow.exe (Trojan.TracurW.Gen) -> Value: SCP32wow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\printuiwow.exe (Trojan.TracurW.Gen) -> Value: printuiwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ntvdmdwow.exe (Trojan.TracurW.Gen) -> Value: ntvdmdwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\NlsData0001wow.exe (Trojan.TracurW.Gen) -> Value: NlsData0001wow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\regapiwow.exe (Trojan.TracurW.Gen) -> Value: regapiwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\fontsubwow.exe (Trojan.TracurW.Gen) -> Value: fontsubwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mstlsapiwow.exe (Trojan.TracurW.Gen) -> Value: mstlsapiwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\KBDRUwow.exe (Trojan.TracurW.Gen) -> Value: KBDRUwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\AUDIOKSEwow.exe (Trojan.TracurW.Gen) -> Value: AUDIOKSEwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\KBDMACSTwow.exe (Trojan.TracurW.Gen) -> Value: KBDMACSTwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\HPZipr12wow.exe (Trojan.TracurW.Gen) -> Value: HPZipr12wow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\gameuxwow.exe (Trojan.TracurW.Gen) -> Value: gameuxwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ogldrvwow.exe (Trojan.TracurW.Gen) -> Value: ogldrvwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\QCLIPROVwow.exe (Trojan.TracurW.Gen) -> Value: QCLIPROVwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\pnrpnspwow.exe (Trojan.TracurW.Gen) -> Value: pnrpnspwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sdspreswow.exe (Trojan.TracurW.Gen) -> Value: sdspreswow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\authuiwow.exe (Trojan.TracurW.Gen) -> Value: authuiwow.exe -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
Et pour finir le lien: http://www.cijoint.fr/cjlink.php?file=cj201104/cijS0d5T7M.txt
en esperant que cette fois soit la bonne
bonne soirée
RogueKiller V4.3.9 [16/04/2011] par Tigzy
contact sur http://www.sur-la-toile.com
mail: tigzyRK<at>gmail<dot>com
Remontees: http://www.sur-la-toile.com/discussion-193725-1-BRogueKillerD-Remontees.html
Systeme d'exploitation: Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Demarrage : Mode normal
Utilisateur: brahim [Droits d'admin]
Mode: Suppression -- Date : 23/04/2011 20:36:56
Processus malicieux: 0
Entrees de registre: 0
Fichier HOSTS:
127.0.0.1 localhost
::1 localhost
Termine : << RKreport[1].txt >>
RKreport[1].txt
le 2ème:
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Version de la base de données: 6427
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.19048
23/04/2011 23:19:19
mbam-log-2011-04-23 (23-19-19).txt
Type d'examen: Examen complet (C:\|)
Elément(s) analysé(s): 419275
Temps écoulé: 2 heure(s), 34 minute(s), 26 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 61
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sti_ciwow.exe (Trojan.TracurW.Gen) -> Value: sti_ciwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\msshookswow.exe (Trojan.TracurW.Gen) -> Value: msshookswow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sdohlpwow.exe (Trojan.TracurW.Gen) -> Value: sdohlpwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\iprtpriowow.exe (Trojan.TracurW.Gen) -> Value: iprtpriowow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\KBDINGUJwow.exe (Trojan.TracurW.Gen) -> Value: KBDINGUJwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\dmutilwow.exe (Trojan.TracurW.Gen) -> Value: dmutilwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\atmfdwow.exe (Trojan.TracurW.Gen) -> Value: atmfdwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\themeuiwow.exe (Trojan.TracurW.Gen) -> Value: themeuiwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cscdllwow.exe (Trojan.TracurW.Gen) -> Value: cscdllwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\dciman32wow.exe (Trojan.TracurW.Gen) -> Value: dciman32wow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\wshrmwow.exe (Trojan.TracurW.Gen) -> Value: wshrmwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\netidwow.exe (Trojan.TracurW.Gen) -> Value: netidwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\PSHEDwow.exe (Trojan.TracurW.Gen) -> Value: PSHEDwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\localuiwow.exe (Trojan.TracurW.Gen) -> Value: localuiwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\dpnhpastwow.exe (Trojan.TracurW.Gen) -> Value: dpnhpastwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\kbd101awow.exe (Trojan.TracurW.Gen) -> Value: kbd101awow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\xolehlpwow.exe (Trojan.TracurW.Gen) -> Value: xolehlpwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\NvRCoCswow.exe (Trojan.TracurW.Gen) -> Value: NvRCoCswow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\EhStorShellwow.exe (Trojan.TracurW.Gen) -> Value: EhStorShellwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\gpeditwow.exe (Trojan.TracurW.Gen) -> Value: gpeditwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\basesrvwow.exe (Trojan.TracurW.Gen) -> Value: basesrvwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cfgmgr32wow.exe (Trojan.TracurW.Gen) -> Value: cfgmgr32wow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\softpubwow.exe (Trojan.TracurW.Gen) -> Value: softpubwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\d3dx10_42wow.exe (Trojan.TracurW.Gen) -> Value: d3dx10_42wow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ntmartawow.exe (Trojan.TracurW.Gen) -> Value: ntmartawow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\credsspwow.exe (Trojan.TracurW.Gen) -> Value: credsspwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\qeditwow.exe (Trojan.TracurW.Gen) -> Value: qeditwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\licmgr10wow.exe (Trojan.TracurW.Gen) -> Value: licmgr10wow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\odbccp32wow.exe (Trojan.TracurW.Gen) -> Value: odbccp32wow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\nvmccsswow.exe (Trojan.TracurW.Gen) -> Value: nvmccsswow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\bidisplwow.exe (Trojan.TracurW.Gen) -> Value: bidisplwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lsmproxywow.exe (Trojan.TracurW.Gen) -> Value: lsmproxywow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\deskmonwow.exe (Trojan.TracurW.Gen) -> Value: deskmonwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\dskquouiwow.exe (Trojan.TracurW.Gen) -> Value: dskquouiwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\KBDBULGwow.exe (Trojan.TracurW.Gen) -> Value: KBDBULGwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\prflbmsgwow.exe (Trojan.TracurW.Gen) -> Value: prflbmsgwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\KBDTIPRCwow.exe (Trojan.TracurW.Gen) -> Value: KBDTIPRCwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\KBDDAwow.exe (Trojan.TracurW.Gen) -> Value: KBDDAwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\rasdiagwow.exe (Trojan.TracurW.Gen) -> Value: rasdiagwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\KBDINDEVwow.exe (Trojan.TracurW.Gen) -> Value: KBDINDEVwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\slcinstwow.exe (Trojan.TracurW.Gen) -> Value: slcinstwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\AltTabwow.exe (Trojan.TracurW.Gen) -> Value: AltTabwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\aaclientwow.exe (Trojan.TracurW.Gen) -> Value: aaclientwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\QSVRMGMTwow.exe (Trojan.TracurW.Gen) -> Value: QSVRMGMTwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SCP32wow.exe (Trojan.TracurW.Gen) -> Value: SCP32wow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\printuiwow.exe (Trojan.TracurW.Gen) -> Value: printuiwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ntvdmdwow.exe (Trojan.TracurW.Gen) -> Value: ntvdmdwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\NlsData0001wow.exe (Trojan.TracurW.Gen) -> Value: NlsData0001wow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\regapiwow.exe (Trojan.TracurW.Gen) -> Value: regapiwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\fontsubwow.exe (Trojan.TracurW.Gen) -> Value: fontsubwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mstlsapiwow.exe (Trojan.TracurW.Gen) -> Value: mstlsapiwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\KBDRUwow.exe (Trojan.TracurW.Gen) -> Value: KBDRUwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\AUDIOKSEwow.exe (Trojan.TracurW.Gen) -> Value: AUDIOKSEwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\KBDMACSTwow.exe (Trojan.TracurW.Gen) -> Value: KBDMACSTwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\HPZipr12wow.exe (Trojan.TracurW.Gen) -> Value: HPZipr12wow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\gameuxwow.exe (Trojan.TracurW.Gen) -> Value: gameuxwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ogldrvwow.exe (Trojan.TracurW.Gen) -> Value: ogldrvwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\QCLIPROVwow.exe (Trojan.TracurW.Gen) -> Value: QCLIPROVwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\pnrpnspwow.exe (Trojan.TracurW.Gen) -> Value: pnrpnspwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sdspreswow.exe (Trojan.TracurW.Gen) -> Value: sdspreswow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\authuiwow.exe (Trojan.TracurW.Gen) -> Value: authuiwow.exe -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
Et pour finir le lien: http://www.cijoint.fr/cjlink.php?file=cj201104/cijS0d5T7M.txt
en esperant que cette fois soit la bonne
bonne soirée
2011/04/16 16:48:31.0522 7040 TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28
2011/04/16 16:48:32.0456 7040 ================================================================================
2011/04/16 16:48:32.0456 7040 SystemInfo:
2011/04/16 16:48:32.0456 7040
2011/04/16 16:48:32.0456 7040 OS Version: 6.0.6002 ServicePack: 2.0
2011/04/16 16:48:32.0456 7040 Product type: Workstation
2011/04/16 16:48:32.0456 7040 ComputerName: PC-DE-BRAHIM
2011/04/16 16:48:32.0457 7040 UserName: patricia
2011/04/16 16:48:32.0457 7040 Windows directory: C:\Windows
2011/04/16 16:48:32.0457 7040 System windows directory: C:\Windows
2011/04/16 16:48:32.0457 7040 Processor architecture: Intel x86
2011/04/16 16:48:32.0457 7040 Number of processors: 2
2011/04/16 16:48:32.0457 7040 Page size: 0x1000
2011/04/16 16:48:32.0457 7040 Boot type: Normal boot
2011/04/16 16:48:32.0457 7040 ================================================================================
2011/04/16 16:48:32.0963 7040 Initialize success
2011/04/16 16:48:39.0607 6152 ================================================================================
2011/04/16 16:48:39.0607 6152 Scan started
2011/04/16 16:48:39.0607 6152 Mode: Manual;
2011/04/16 16:48:39.0607 6152 ================================================================================
2011/04/16 16:48:42.0194 6152 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
2011/04/16 16:48:42.0277 6152 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
2011/04/16 16:48:42.0331 6152 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
2011/04/16 16:48:42.0441 6152 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
2011/04/16 16:48:42.0485 6152 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
2011/04/16 16:48:42.0605 6152 AFD (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys
2011/04/16 16:48:42.0729 6152 AgereSoftModem (baf68dcba949633df0c16d37af2a2351) C:\Windows\system32\DRIVERS\AGRSM.sys
2011/04/16 16:48:42.0850 6152 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
2011/04/16 16:48:42.0909 6152 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2011/04/16 16:48:43.0020 6152 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
2011/04/16 16:48:43.0057 6152 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
2011/04/16 16:48:43.0148 6152 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
2011/04/16 16:48:43.0241 6152 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
2011/04/16 16:48:43.0318 6152 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys
2011/04/16 16:48:43.0441 6152 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
2011/04/16 16:48:43.0521 6152 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
2011/04/16 16:48:43.0594 6152 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/04/16 16:48:43.0633 6152 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
2011/04/16 16:48:43.0733 6152 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
2011/04/16 16:48:43.0871 6152 BHDrvx86 (32d6e07922d17bed40ae746fc86b8a68) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\BASHDefs\20110309.001\BHDrvx86.sys
2011/04/16 16:48:43.0969 6152 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
2011/04/16 16:48:44.0014 6152 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
2011/04/16 16:48:44.0100 6152 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2011/04/16 16:48:44.0125 6152 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2011/04/16 16:48:44.0208 6152 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2011/04/16 16:48:44.0231 6152 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2011/04/16 16:48:44.0305 6152 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2011/04/16 16:48:44.0327 6152 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2011/04/16 16:48:44.0405 6152 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
2011/04/16 16:48:44.0463 6152 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/04/16 16:48:44.0536 6152 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
2011/04/16 16:48:44.0588 6152 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
2011/04/16 16:48:44.0666 6152 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
2011/04/16 16:48:44.0770 6152 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
2011/04/16 16:48:44.0790 6152 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\drivers\compbatt.sys
2011/04/16 16:48:44.0867 6152 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
2011/04/16 16:48:44.0895 6152 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
2011/04/16 16:48:45.0032 6152 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys
2011/04/16 16:48:45.0133 6152 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
2011/04/16 16:48:45.0203 6152 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
2011/04/16 16:48:45.0287 6152 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
2011/04/16 16:48:45.0332 6152 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
2011/04/16 16:48:45.0432 6152 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
2011/04/16 16:48:45.0473 6152 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
2011/04/16 16:48:45.0566 6152 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
2011/04/16 16:48:45.0621 6152 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
2011/04/16 16:48:45.0720 6152 eeCtrl (089296aedb9b72b4916ac959752bdc89) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
2011/04/16 16:48:45.0824 6152 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
2011/04/16 16:48:45.0922 6152 EraserUtilRebootDrv (850259334652d392e33ee3412562e583) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
2011/04/16 16:48:46.0001 6152 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
2011/04/16 16:48:46.0153 6152 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
2011/04/16 16:48:46.0230 6152 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
2011/04/16 16:48:46.0317 6152 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
2011/04/16 16:48:46.0360 6152 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
2011/04/16 16:48:46.0430 6152 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
2011/04/16 16:48:46.0455 6152 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/04/16 16:48:46.0497 6152 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
2011/04/16 16:48:46.0599 6152 fssfltr (d909075fa72c090f27aa926c32cb4612) C:\Windows\system32\DRIVERS\fssfltr.sys
2011/04/16 16:48:46.0678 6152 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
2011/04/16 16:48:46.0714 6152 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
2011/04/16 16:48:46.0843 6152 hamachi (833051c6c6c42117191935f734cfbd97) C:\Windows\system32\DRIVERS\hamachi.sys
2011/04/16 16:48:46.0959 6152 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
2011/04/16 16:48:47.0013 6152 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/04/16 16:48:47.0110 6152 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2011/04/16 16:48:47.0156 6152 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
2011/04/16 16:48:47.0251 6152 HidUsb (854ca287ab7faf949617a788306d967e) C:\Windows\system32\DRIVERS\hidusb.sys
2011/04/16 16:48:47.0269 6152 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
2011/04/16 16:48:47.0368 6152 HTTP (0eeeca26c8d4bde2a4664db058a81937) C:\Windows\system32\drivers\HTTP.sys
2011/04/16 16:48:47.0409 6152 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
2011/04/16 16:48:47.0496 6152 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/04/16 16:48:47.0537 6152 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
2011/04/16 16:48:47.0679 6152 IDSVix86 (7c8ce2b83a89ee1cb0c3fee5991e62a2) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\IPSDefs\20110415.003\IDSvix86.sys
2011/04/16 16:48:47.0768 6152 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2011/04/16 16:48:47.0818 6152 int15 (c6e5276c00ebdeb096bb5ef4b797d1b6) C:\Windows\system32\drivers\int15.sys
2011/04/16 16:48:47.0947 6152 IntcAzAudAddService (58628f232a00a3149d7cc7708c521499) C:\Windows\system32\drivers\RTKVHDA.sys
2011/04/16 16:48:48.0059 6152 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
2011/04/16 16:48:48.0090 6152 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
2011/04/16 16:48:48.0188 6152 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/04/16 16:48:48.0235 6152 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
2011/04/16 16:48:48.0322 6152 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
2011/04/16 16:48:48.0357 6152 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
2011/04/16 16:48:48.0434 6152 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
2011/04/16 16:48:48.0474 6152 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/04/16 16:48:48.0550 6152 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2011/04/16 16:48:48.0572 6152 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2011/04/16 16:48:48.0643 6152 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/04/16 16:48:48.0689 6152 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/04/16 16:48:48.0788 6152 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
2011/04/16 16:48:48.0891 6152 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/04/16 16:48:48.0942 6152 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
2011/04/16 16:48:49.0047 6152 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
2011/04/16 16:48:49.0080 6152 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
2011/04/16 16:48:49.0161 6152 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
2011/04/16 16:48:49.0257 6152 lvpopflt (01f0e010acb61472163e9d02d3ff531a) C:\Windows\system32\DRIVERS\lvpopflt.sys
2011/04/16 16:48:49.0318 6152 LVPr2Mon (c57c48fb9ae3efb9848af594e3123a63) C:\Windows\system32\DRIVERS\LVPr2Mon.sys
2011/04/16 16:48:49.0406 6152 LVRS (87ecce893d8aec5a9337b917742d339c) C:\Windows\system32\DRIVERS\lvrs.sys
2011/04/16 16:48:49.0553 6152 LVUVC (291f69b3dda0f033d2490c5ba5179f7c) C:\Windows\system32\DRIVERS\lvuvc.sys
2011/04/16 16:48:49.0721 6152 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
2011/04/16 16:48:49.0766 6152 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
2011/04/16 16:48:49.0860 6152 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
2011/04/16 16:48:49.0902 6152 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
2011/04/16 16:48:49.0966 6152 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
2011/04/16 16:48:50.0067 6152 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
2011/04/16 16:48:50.0097 6152 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
2011/04/16 16:48:50.0203 6152 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
2011/04/16 16:48:50.0237 6152 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
2011/04/16 16:48:50.0338 6152 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2011/04/16 16:48:50.0379 6152 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
2011/04/16 16:48:50.0447 6152 mrxsmb (5fe5cf325f5b02ebc60832d3440cb414) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/04/16 16:48:50.0481 6152 mrxsmb10 (30b9c769446af379a2afb72b0392604d) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/04/16 16:48:50.0555 6152 mrxsmb20 (fea239b3ec4877e2b7e23204af589ddf) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/04/16 16:48:50.0589 6152 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
2011/04/16 16:48:50.0669 6152 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
2011/04/16 16:48:50.0727 6152 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
2011/04/16 16:48:50.0816 6152 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
2011/04/16 16:48:50.0853 6152 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
2011/04/16 16:48:50.0917 6152 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/04/16 16:48:50.0940 6152 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
2011/04/16 16:48:50.0999 6152 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
2011/04/16 16:48:51.0076 6152 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/04/16 16:48:51.0108 6152 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
2011/04/16 16:48:51.0175 6152 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
2011/04/16 16:48:51.0241 6152 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
2011/04/16 16:48:51.0411 6152 NAVENG (c34e2a884ccca8b5567d0c2752527073) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20110415.035\NAVENG.SYS
2011/04/16 16:48:51.0637 6152 NAVEX15 (b3916eeec738dd4178f4fd6a44a32e36) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20110415.035\NAVEX15.SYS
2011/04/16 16:48:51.0756 6152 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
2011/04/16 16:48:51.0838 6152 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/04/16 16:48:51.0888 6152 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/04/16 16:48:51.0988 6152 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/04/16 16:48:52.0047 6152 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
2011/04/16 16:48:52.0138 6152 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
2011/04/16 16:48:52.0208 6152 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
2011/04/16 16:48:52.0314 6152 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2011/04/16 16:48:52.0422 6152 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
2011/04/16 16:48:52.0473 6152 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
2011/04/16 16:48:52.0574 6152 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
2011/04/16 16:48:52.0657 6152 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2011/04/16 16:48:52.0690 6152 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
2011/04/16 16:48:52.0797 6152 NVENETFD (c39ad3b818502edfa4b819148b72a0e3) C:\Windows\system32\DRIVERS\nvmfdx32.sys
2011/04/16 16:48:53.0002 6152 nvlddmkm (69d60d2ecd43d0f9f3accc16926e9128) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/04/16 16:48:53.0197 6152 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
2011/04/16 16:48:53.0232 6152 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
2011/04/16 16:48:53.0317 6152 nvstor32 (d05f6e26ac960474494356fe703d61be) C:\Windows\system32\DRIVERS\nvstor32.sys
2011/04/16 16:48:53.0388 6152 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
2011/04/16 16:48:53.0560 6152 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
2011/04/16 16:48:53.0666 6152 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
2011/04/16 16:48:53.0721 6152 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
2011/04/16 16:48:53.0791 6152 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
2011/04/16 16:48:53.0844 6152 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
2011/04/16 16:48:53.0932 6152 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
2011/04/16 16:48:54.0008 6152 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
2011/04/16 16:48:54.0137 6152 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2011/04/16 16:48:54.0311 6152 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
2011/04/16 16:48:54.0356 6152 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
2011/04/16 16:48:54.0463 6152 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
2011/04/16 16:48:54.0577 6152 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
2011/04/16 16:48:54.0685 6152 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2011/04/16 16:48:54.0724 6152 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
2011/04/16 16:48:54.0801 6152 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
2011/04/16 16:48:54.0830 6152 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/04/16 16:48:54.0901 6152 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/04/16 16:48:54.0938 6152 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
2011/04/16 16:48:55.0032 6152 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
2011/04/16 16:48:55.0063 6152 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/04/16 16:48:55.0149 6152 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
2011/04/16 16:48:55.0182 6152 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
2011/04/16 16:48:55.0237 6152 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
2011/04/16 16:48:55.0366 6152 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
2011/04/16 16:48:55.0404 6152 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2011/04/16 16:48:55.0525 6152 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/04/16 16:48:55.0572 6152 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
2011/04/16 16:48:55.0660 6152 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
2011/04/16 16:48:55.0699 6152 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
2011/04/16 16:48:55.0816 6152 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
2011/04/16 16:48:55.0843 6152 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
2011/04/16 16:48:55.0920 6152 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
2011/04/16 16:48:55.0963 6152 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2011/04/16 16:48:56.0051 6152 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
2011/04/16 16:48:56.0078 6152 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
2011/04/16 16:48:56.0206 6152 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
2011/04/16 16:48:56.0343 6152 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
2011/04/16 16:48:56.0502 6152 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
2011/04/16 16:48:56.0653 6152 SRTSP (a7a104a61c4e30de9c58f8c372a5c209) C:\Windows\System32\Drivers\NIS\1205000.07D\SRTSP.SYS
2011/04/16 16:48:56.0837 6152 SRTSPX (2833445f786bd000bb14c84a9d91347a) C:\Windows\system32\drivers\NIS\1205000.07D\SRTSPX.SYS
2011/04/16 16:48:56.0986 6152 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
2011/04/16 16:48:57.0139 6152 srv2 (a5940ca32ed206f90be9fabdf6e92de4) C:\Windows\system32\DRIVERS\srv2.sys
2011/04/16 16:48:57.0260 6152 srvnet (37aa1d560d5fa486c4b11c2f276ada61) C:\Windows\system32\DRIVERS\srvnet.sys
2011/04/16 16:48:57.0467 6152 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
2011/04/16 16:48:57.0627 6152 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2011/04/16 16:48:57.0814 6152 SymDS (bdf077b897b5f9f929b6bf0cfd436962) C:\Windows\system32\drivers\NIS\1205000.07D\SYMDS.SYS
2011/04/16 16:48:58.0245 6152 SymEFA (7732298ad2eddd364c1d4f439d99ae7c) C:\Windows\system32\drivers\NIS\1205000.07D\SYMEFA.SYS
2011/04/16 16:48:58.0479 6152 SymEvent (5c76a63fac8a5580c5a1c4a4ed827782) C:\Windows\system32\Drivers\SYMEVENT.SYS
2011/04/16 16:48:58.0712 6152 SymIRON (a73399804d5d4a8b20ba60fcf70c9f1f) C:\Windows\system32\drivers\NIS\1205000.07D\Ironx86.SYS
2011/04/16 16:48:58.0853 6152 SYMTDIv (c93e93bff7cba0cd1c1ea282d791b772) C:\Windows\system32\drivers\NIS\1205000.07D\SYMTDIV.SYS
2011/04/16 16:48:58.0941 6152 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2011/04/16 16:48:59.0043 6152 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2011/04/16 16:48:59.0202 6152 Tcpip (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\drivers\tcpip.sys
2011/04/16 16:48:59.0328 6152 Tcpip6 (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\DRIVERS\tcpip.sys
2011/04/16 16:48:59.0362 6152 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
2011/04/16 16:48:59.0422 6152 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
2011/04/16 16:48:59.0503 6152 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
2011/04/16 16:48:59.0546 6152 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
2011/04/16 16:48:59.0576 6152 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
2011/04/16 16:48:59.0684 6152 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/04/16 16:48:59.0762 6152 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
2011/04/16 16:48:59.0799 6152 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
2011/04/16 16:48:59.0881 6152 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
2011/04/16 16:48:59.0973 6152 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
2011/04/16 16:49:00.0091 6152 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
2011/04/16 16:49:00.0114 6152 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
2011/04/16 16:49:00.0222 6152 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2011/04/16 16:49:00.0250 6152 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2011/04/16 16:49:00.0341 6152 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
2011/04/16 16:49:00.0401 6152 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
2011/04/16 16:49:00.0467 6152 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/04/16 16:49:00.0515 6152 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2011/04/16 16:49:00.0603 6152 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
2011/04/16 16:49:00.0643 6152 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
2011/04/16 16:49:00.0716 6152 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
2011/04/16 16:49:00.0749 6152 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
2011/04/16 16:49:00.0857 6152 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
2011/04/16 16:49:00.0905 6152 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/04/16 16:49:00.0999 6152 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/04/16 16:49:01.0071 6152 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
2011/04/16 16:49:01.0169 6152 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/04/16 16:49:01.0205 6152 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
2011/04/16 16:49:01.0290 6152 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
2011/04/16 16:49:01.0316 6152 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
2011/04/16 16:49:01.0401 6152 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
2011/04/16 16:49:01.0432 6152 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
2011/04/16 16:49:01.0508 6152 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
2011/04/16 16:49:01.0551 6152 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
2011/04/16 16:49:01.0641 6152 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
2011/04/16 16:49:01.0694 6152 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2011/04/16 16:49:01.0775 6152 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/04/16 16:49:01.0793 6152 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/04/16 16:49:01.0881 6152 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
2011/04/16 16:49:01.0929 6152 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
2011/04/16 16:49:02.0148 6152 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
2011/04/16 16:49:02.0221 6152 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/04/16 16:49:02.0288 6152 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/04/16 16:49:02.0398 6152 ================================================================================
2011/04/16 16:49:02.0398 6152 Scan finished
2011/04/16 16:49:02.0398 6152 ================================================================================
et le 2ème:
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Version de la base de données: 6374
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.19048
16/04/2011 19:18:57
mbam-log-2011-04-16 (19-18-57).txt
Type d'examen: Examen rapide
Elément(s) analysé(s): 217702
Temps écoulé: 13 minute(s), 36 seconde(s)
Processus mémoire infecté(s): 148
Module(s) mémoire infecté(s): 2
Clé(s) du Registre infectée(s): 6
Valeur(s) du Registre infectée(s): 148
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 3
Fichier(s) infecté(s): 124
Processus mémoire infecté(s):
c:\Windows\System32\msvcrt2032.exe (Trojan.Tracur.S) -> 2696 -> Unloaded process successfully.
c:\programdata\gdi3232.exe (Trojan.Tracur.S) -> 2976 -> Unloaded process successfully.
c:\Windows\dhcpcsvcwow.exe (Trojan.Tracur.S) -> 3540 -> Unloaded process successfully.
c:\Windows\dhcpcsvcwow.exe (Trojan.Tracur.S) -> 5004 -> Unloaded process successfully.
c:\Windows\sdohlpwow.exe (Trojan.Tracur.S) -> 3796 -> Unloaded process successfully.
c:\Windows\sdohlpwow.exe (Trojan.Tracur.S) -> 5052 -> Unloaded process successfully.
c:\Windows\sti_ciwow.exe (Trojan.Tracur.S) -> 968 -> Unloaded process successfully.
c:\Windows\sti_ciwow.exe (Trojan.Tracur.S) -> 5084 -> Unloaded process successfully.
c:\Windows\msshookswow.exe (Trojan.Tracur.S) -> 2692 -> Unloaded process successfully.
c:\Windows\msshookswow.exe (Trojan.Tracur.S) -> 5120 -> Unloaded process successfully.
c:\Windows\kbdingujwow.exe (Trojan.Tracur.S) -> 1012 -> Unloaded process successfully.
c:\Windows\kbdingujwow.exe (Trojan.Tracur.S) -> 5108 -> Unloaded process successfully.
c:\Windows\dmutilwow.exe (Trojan.Tracur.S) -> 2240 -> Unloaded process successfully.
c:\Windows\dmutilwow.exe (Trojan.Tracur.S) -> 5192 -> Unloaded process successfully.
c:\Windows\certenrolluiwow.exe (Trojan.Tracur.S) -> 3672 -> Unloaded process successfully.
c:\Windows\certenrolluiwow.exe (Trojan.Tracur.S) -> 5180 -> Unloaded process successfully.
c:\Windows\iprtpriowow.exe (Trojan.Tracur.S) -> 2472 -> Unloaded process successfully.
c:\Windows\iprtpriowow.exe (Trojan.Tracur.S) -> 5240 -> Unloaded process successfully.
c:\Windows\atmfdwow.exe (Trojan.Tracur.S) -> 3080 -> Unloaded process successfully.
c:\Windows\atmfdwow.exe (Trojan.Tracur.S) -> 5228 -> Unloaded process successfully.
c:\Windows\themeuiwow.exe (Trojan.Tracur.S) -> 4100 -> Unloaded process successfully.
c:\Windows\themeuiwow.exe (Trojan.Tracur.S) -> 5872 -> Unloaded process successfully.
c:\Windows\wshrmwow.exe (Trojan.Tracur.S) -> 4112 -> Unloaded process successfully.
c:\Windows\wshrmwow.exe (Trojan.Tracur.S) -> 5852 -> Unloaded process successfully.
c:\Windows\cscdllwow.exe (Trojan.Tracur.S) -> 4124 -> Unloaded process successfully.
c:\Windows\cscdllwow.exe (Trojan.Tracur.S) -> 5252 -> Unloaded process successfully.
c:\Windows\netidwow.exe (Trojan.Tracur.S) -> 4136 -> Unloaded process successfully.
c:\Windows\netidwow.exe (Trojan.Tracur.S) -> 5884 -> Unloaded process successfully.
c:\Windows\dciman32wow.exe (Trojan.Tracur.S) -> 4148 -> Unloaded process successfully.
c:\Windows\dciman32wow.exe (Trojan.Tracur.S) -> 5940 -> Unloaded process successfully.
c:\Windows\PSHEDwow.exe (Trojan.Tracur.S) -> 4160 -> Unloaded process successfully.
c:\Windows\PSHEDwow.exe (Trojan.Tracur.S) -> 5904 -> Unloaded process successfully.
c:\Windows\lpkwow.exe (Trojan.Tracur.S) -> 4172 -> Unloaded process successfully.
c:\Windows\lpkwow.exe (Trojan.Tracur.S) -> 5928 -> Unloaded process successfully.
c:\Windows\localuiwow.exe (Trojan.Tracur.S) -> 4184 -> Unloaded process successfully.
c:\Windows\localuiwow.exe (Trojan.Tracur.S) -> 5992 -> Unloaded process successfully.
c:\Windows\dpnhpastwow.exe (Trojan.Tracur.S) -> 4200 -> Unloaded process successfully.
c:\Windows\dpnhpastwow.exe (Trojan.Tracur.S) -> 6028 -> Unloaded process successfully.
c:\Windows\xolehlpwow.exe (Trojan.Tracur.S) -> 4212 -> Unloaded process successfully.
c:\Windows\xolehlpwow.exe (Trojan.Tracur.S) -> 6016 -> Unloaded process successfully.
c:\Windows\presentationhostproxywow.exe (Trojan.Tracur.S) -> 4224 -> Unloaded process successfully.
c:\Windows\presentationhostproxywow.exe (Trojan.Tracur.S) -> 6040 -> Unloaded process successfully.
c:\Windows\kbd101awow.exe (Trojan.Tracur.S) -> 4236 -> Unloaded process successfully.
c:\Windows\kbd101awow.exe (Trojan.Tracur.S) -> 6056 -> Unloaded process successfully.
c:\Windows\portabledevicewiacompatwow.exe (Trojan.Tracur.S) -> 4252 -> Unloaded process successfully.
c:\Windows\portabledevicewiacompatwow.exe (Trojan.Tracur.S) -> 6068 -> Unloaded process successfully.
c:\Windows\gpeditwow.exe (Trojan.Tracur.S) -> 4276 -> Unloaded process successfully.
c:\Windows\gpeditwow.exe (Trojan.Tracur.S) -> 6100 -> Unloaded process successfully.
c:\Windows\cfgmgr32wow.exe (Trojan.Tracur.S) -> 4288 -> Unloaded process successfully.
c:\Windows\cfgmgr32wow.exe (Trojan.Tracur.S) -> 6088 -> Unloaded process successfully.
c:\Windows\basesrvwow.exe (Trojan.Tracur.S) -> 4300 -> Unloaded process successfully.
c:\Windows\basesrvwow.exe (Trojan.Tracur.S) -> 6112 -> Unloaded process successfully.
c:\Windows\ehstorshellwow.exe (Trojan.Tracur.S) -> 4312 -> Unloaded process successfully.
c:\Windows\ehstorshellwow.exe (Trojan.Tracur.S) -> 6136 -> Unloaded process successfully.
c:\Windows\softpubwow.exe (Trojan.Tracur.S) -> 4328 -> Unloaded process successfully.
c:\Windows\softpubwow.exe (Trojan.Tracur.S) -> 3612 -> Unloaded process successfully.
c:\Windows\nvrcocswow.exe (Trojan.Tracur.S) -> 4340 -> Unloaded process successfully.
c:\Windows\nvrcocswow.exe (Trojan.Tracur.S) -> 6124 -> Unloaded process successfully.
c:\Windows\ntmartawow.exe (Trojan.Tracur.S) -> 4352 -> Unloaded process successfully.
c:\Windows\ntmartawow.exe (Trojan.Tracur.S) -> 4144 -> Unloaded process successfully.
c:\Windows\d3dx10_42wow.exe (Trojan.Tracur.S) -> 4364 -> Unloaded process successfully.
c:\Windows\d3dx10_42wow.exe (Trojan.Tracur.S) -> 3564 -> Unloaded process successfully.
c:\Windows\qeditwow.exe (Trojan.Tracur.S) -> 4376 -> Unloaded process successfully.
c:\Windows\qeditwow.exe (Trojan.Tracur.S) -> 948 -> Unloaded process successfully.
c:\Windows\credsspwow.exe (Trojan.Tracur.S) -> 4388 -> Unloaded process successfully.
c:\Windows\credsspwow.exe (Trojan.Tracur.S) -> 3808 -> Unloaded process successfully.
c:\Windows\licmgr10wow.exe (Trojan.Tracur.S) -> 4400 -> Unloaded process successfully.
c:\Windows\licmgr10wow.exe (Trojan.Tracur.S) -> 1100 -> Unloaded process successfully.
c:\Windows\odbccp32wow.exe (Trojan.Tracur.S) -> 4412 -> Unloaded process successfully.
c:\Windows\odbccp32wow.exe (Trojan.Tracur.S) -> 4060 -> Unloaded process successfully.
c:\Windows\nvmccsswow.exe (Trojan.Tracur.S) -> 4424 -> Unloaded process successfully.
c:\Windows\nvmccsswow.exe (Trojan.Tracur.S) -> 4088 -> Unloaded process successfully.
c:\Windows\bidisplwow.exe (Trojan.Tracur.S) -> 4436 -> Unloaded process successfully.
c:\Windows\bidisplwow.exe (Trojan.Tracur.S) -> 4192 -> Unloaded process successfully.
c:\Windows\deskmonwow.exe (Trojan.Tracur.S) -> 4448 -> Unloaded process successfully.
c:\Windows\deskmonwow.exe (Trojan.Tracur.S) -> 4208 -> Unloaded process successfully.
c:\Windows\lsmproxywow.exe (Trojan.Tracur.S) -> 4460 -> Unloaded process successfully.
c:\Windows\lsmproxywow.exe (Trojan.Tracur.S) -> 4244 -> Unloaded process successfully.
c:\Windows\dskquouiwow.exe (Trojan.Tracur.S) -> 4484 -> Unloaded process successfully.
c:\Windows\dskquouiwow.exe (Trojan.Tracur.S) -> 4220 -> Unloaded process successfully.
c:\Windows\kbdbulgwow.exe (Trojan.Tracur.S) -> 4496 -> Unloaded process successfully.
c:\Windows\kbdbulgwow.exe (Trojan.Tracur.S) -> 2568 -> Unloaded process successfully.
c:\Windows\prflbmsgwow.exe (Trojan.Tracur.S) -> 4508 -> Unloaded process successfully.
c:\Windows\prflbmsgwow.exe (Trojan.Tracur.S) -> 1428 -> Unloaded process successfully.
c:\Windows\alttabwow.exe (Trojan.Tracur.S) -> 4520 -> Unloaded process successfully.
c:\Windows\alttabwow.exe (Trojan.Tracur.S) -> 4260 -> Unloaded process successfully.
c:\Windows\kbdindevwow.exe (Trojan.Tracur.S) -> 4532 -> Unloaded process successfully.
c:\Windows\kbdindevwow.exe (Trojan.Tracur.S) -> 4284 -> Unloaded process successfully.
c:\Windows\accessibilitycplwow.exe (Trojan.Tracur.S) -> 4548 -> Unloaded process successfully.
c:\Windows\accessibilitycplwow.exe (Trojan.Tracur.S) -> 4360 -> Unloaded process successfully.
c:\Windows\rasdiagwow.exe (Trojan.Tracur.S) -> 4564 -> Unloaded process successfully.
c:\Windows\rasdiagwow.exe (Trojan.Tracur.S) -> 4320 -> Unloaded process successfully.
c:\Windows\KBDDAwow.exe (Trojan.Tracur.S) -> 4576 -> Unloaded process successfully.
c:\Windows\KBDDAwow.exe (Trojan.Tracur.S) -> 4396 -> Unloaded process successfully.
c:\Windows\slcinstwow.exe (Trojan.Tracur.S) -> 4588 -> Unloaded process successfully.
c:\Windows\slcinstwow.exe (Trojan.Tracur.S) -> 2304 -> Unloaded process successfully.
c:\Windows\kbdtiprcwow.exe (Trojan.Tracur.S) -> 4600 -> Unloaded process successfully.
c:\Windows\kbdtiprcwow.exe (Trojan.Tracur.S) -> 4064 -> Unloaded process successfully.
c:\Windows\stiwow.exe (Trojan.Tracur.S) -> 4636 -> Unloaded process successfully.
c:\Windows\stiwow.exe (Trojan.Tracur.S) -> 4480 -> Unloaded process successfully.
c:\Windows\aaclientwow.exe (Trojan.Tracur.S) -> 4652 -> Unloaded process successfully.
c:\Windows\aaclientwow.exe (Trojan.Tracur.S) -> 4444 -> Unloaded process successfully.
c:\Windows\qsvrmgmtwow.exe (Trojan.Tracur.S) -> 4692 -> Unloaded process successfully.
c:\Windows\qsvrmgmtwow.exe (Trojan.Tracur.S) -> 1516 -> Unloaded process successfully.
c:\Windows\printuiwow.exe (Trojan.Tracur.S) -> 4716 -> Unloaded process successfully.
c:\Windows\printuiwow.exe (Trojan.Tracur.S) -> 4516 -> Unloaded process successfully.
c:\Windows\SCP32wow.exe (Trojan.Tracur.S) -> 4728 -> Unloaded process successfully.
c:\Windows\SCP32wow.exe (Trojan.Tracur.S) -> 4584 -> Unloaded process successfully.
c:\Windows\pnpxassocprxwow.exe (Trojan.Tracur.S) -> 4740 -> Unloaded process successfully.
c:\Windows\pnpxassocprxwow.exe (Trojan.Tracur.S) -> 4608 -> Unloaded process successfully.
c:\Windows\ntvdmdwow.exe (Trojan.Tracur.S) -> 4752 -> Unloaded process successfully.
c:\Windows\ntvdmdwow.exe (Trojan.Tracur.S) -> 1616 -> Unloaded process successfully.
c:\Windows\regapiwow.exe (Trojan.Tracur.S) -> 4764 -> Unloaded process successfully.
c:\Windows\regapiwow.exe (Trojan.Tracur.S) -> 2052 -> Unloaded process successfully.
c:\Windows\nlsdata0001wow.exe (Trojan.Tracur.S) -> 4780 -> Unloaded process successfully.
c:\Windows\nlsdata0001wow.exe (Trojan.Tracur.S) -> 4660 -> Unloaded process successfully.
c:\Windows\fontsubwow.exe (Trojan.Tracur.S) -> 4792 -> Unloaded process successfully.
c:\Windows\fontsubwow.exe (Trojan.Tracur.S) -> 1052 -> Unloaded process successfully.
c:\Windows\mstlsapiwow.exe (Trojan.Tracur.S) -> 4804 -> Unloaded process successfully.
c:\Windows\mstlsapiwow.exe (Trojan.Tracur.S) -> 4680 -> Unloaded process successfully.
c:\Windows\audioksewow.exe (Trojan.Tracur.S) -> 4832 -> Unloaded process successfully.
c:\Windows\audioksewow.exe (Trojan.Tracur.S) -> 3356 -> Unloaded process successfully.
c:\Windows\KBDRUwow.exe (Trojan.Tracur.S) -> 4844 -> Unloaded process successfully.
c:\Windows\KBDRUwow.exe (Trojan.Tracur.S) -> 3076 -> Unloaded process successfully.
c:\Windows\hpzipr12wow.exe (Trojan.Tracur.S) -> 4856 -> Unloaded process successfully.
c:\Windows\hpzipr12wow.exe (Trojan.Tracur.S) -> 3300 -> Unloaded process successfully.
c:\Windows\kbdmacstwow.exe (Trojan.Tracur.S) -> 4868 -> Unloaded process successfully.
c:\Windows\kbdmacstwow.exe (Trojan.Tracur.S) -> 4772 -> Unloaded process successfully.
c:\Windows\gameuxwow.exe (Trojan.Tracur.S) -> 4880 -> Unloaded process successfully.
c:\Windows\gameuxwow.exe (Trojan.Tracur.S) -> 4800 -> Unloaded process successfully.
c:\Windows\ogldrvwow.exe (Trojan.Tracur.S) -> 4892 -> Unloaded process successfully.
c:\Windows\ogldrvwow.exe (Trojan.Tracur.S) -> 2312 -> Unloaded process successfully.
c:\Windows\qcliprovwow.exe (Trojan.Tracur.S) -> 4904 -> Unloaded process successfully.
c:\Windows\qcliprovwow.exe (Trojan.Tracur.S) -> 3460 -> Unloaded process successfully.
c:\Windows\pnrpnspwow.exe (Trojan.Tracur.S) -> 4916 -> Unloaded process successfully.
c:\Windows\pnrpnspwow.exe (Trojan.Tracur.S) -> 2232 -> Unloaded process successfully.
c:\Windows\sdspreswow.exe (Trojan.Tracur.S) -> 4928 -> Unloaded process successfully.
c:\Windows\sdspreswow.exe (Trojan.Tracur.S) -> 4912 -> Unloaded process successfully.
c:\Windows\authuiwow.exe (Trojan.Tracur.S) -> 4940 -> Unloaded process successfully.
c:\Windows\authuiwow.exe (Trojan.Tracur.S) -> 3380 -> Unloaded process successfully.
c:\Windows\kbd106nwow.exe (Trojan.Tracur.S) -> 4956 -> Unloaded process successfully.
c:\Windows\kbd106nwow.exe (Trojan.Tracur.S) -> 2908 -> Unloaded process successfully.
c:\Windows\nlsdata0047wow.exe (Trojan.Tracur.S) -> 4968 -> Unloaded process successfully.
c:\Windows\nlsdata0047wow.exe (Trojan.Tracur.S) -> 292 -> Unloaded process successfully.
c:\Windows\actionqueuewow.exe (Trojan.Tracur.S) -> 4980 -> Unloaded process successfully.
c:\Windows\actionqueuewow.exe (Trojan.Tracur.S) -> 196 -> Unloaded process successfully.
c:\Windows\admparsewow.exe (Trojan.Tracur.S) -> 4992 -> Unloaded process successfully.
c:\Windows\admparsewow.exe (Trojan.Tracur.S) -> 284 -> Unloaded process successfully.
Module(s) mémoire infecté(s):
c:\programdata\audioeng32.dll (Trojan.Tracur.S) -> Delete on reboot.
c:\Windows\System32\config\systemprofile\AppData\Roaming\BA2A.tmp (Trojan.Tracur.S) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wmiApSrv32 (Trojan.Tracur.S) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{15EC8A94-9635-4D12-8A13-4B93CA515ECa} (Trojan.Tracur.S) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{15EC8A94-9635-4D12-8A13-4B93CA515ECA} (Trojan.Tracur.S) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{15EC8A94-9635-4D12-8A13-4B93CA515ECA} (Trojan.Tracur.S) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{15EC8A94-9635-4D12-8A13-4B93CA515ECA} (Trojan.Tracur.S) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\.fsharproj (Trojan.BHO) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\dhcpcsvcwow.exe (Trojan.Tracur.S) -> Value: dhcpcsvcwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\dhcpcsvcwow.exe (Trojan.Tracur.S) -> Value: dhcpcsvcwow.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sdohlpwow.exe (Trojan.Tracur.S) -> Value: sdohlpwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sdohlpwow.exe (Trojan.Tracur.S) -> Value: sdohlpwow.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sti_ciwow.exe (Trojan.Tracur.S) -> Value: sti_ciwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sti_ciwow.exe (Trojan.Tracur.S) -> Value: sti_ciwow.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\msshookswow.exe (Trojan.Tracur.S) -> Value: msshookswow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\msshookswow.exe (Trojan.Tracur.S) -> Value: msshookswow.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\KBDINGUJwow.exe (Trojan.Tracur.S) -> Value: KBDINGUJwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\KBDINGUJwow.exe (Trojan.Tracur.S) -> Value: KBDINGUJwow.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\dmutilwow.exe (Trojan.Tracur.S) -> Value: dmutilwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\dmutilwow.exe (Trojan.Tracur.S) -> Value: dmutilwow.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\CertEnrollUIwow.exe (Trojan.Tracur.S) -> Value: CertEnrollUIwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\CertEnrollUIwow.exe (Trojan.Tracur.S) -> Value: CertEnrollUIwow.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\iprtpriowow.exe (Trojan.Tracur.S) -> Value: iprtpriowow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\iprtpriowow.exe (Trojan.Tracur.S) -> Value: iprtpriowow.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\atmfdwow.exe (Trojan.Tracur.S) -> Value: atmfdwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\atmfdwow.exe (Trojan.Tracur.S) -> Value: atmfdwow.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\themeuiwow.exe (Trojan.Tracur.S) -> Value: themeuiwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\themeuiwow.exe (Trojan.Tracur.S) -> Value: themeuiwow.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\wshrmwow.exe (Trojan.Tracur.S) -> Value: wshrmwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\wshrmwow.exe (Trojan.Tracur.S) -> Value: wshrmwow.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cscdllwow.exe (Trojan.Tracur.S) -> Value: cscdllwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cscdllwow.exe (Trojan.Tracur.S) -> Value: cscdllwow.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\netidwow.exe (Trojan.Tracur.S) -> Value: netidwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\netidwow.exe (Trojan.Tracur.S) -> Value: netidwow.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\dciman32wow.exe (Trojan.Tracur.S) -> Value: dciman32wow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\dciman32wow.exe (Trojan.Tracur.S) -> Value: dciman32wow.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\PSHEDwow.exe (Trojan.Tracur.S) -> Value: PSHEDwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\PSHEDwow.exe (Trojan.Tracur.S) -> Value: PSHEDwow.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lpkwow.exe (Trojan.Tracur.S) -> Value: lpkwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lpkwow.exe (Trojan.Tracur.S) -> Value: lpkwow.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\localuiwow.exe (Trojan.Tracur.S) -> Value: localuiwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\localuiwow.exe (Trojan.Tracur.S) -> Value: localuiwow.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\dpnhpastwow.exe (Trojan.Tracur.S) -> Value: dpnhpastwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\dpnhpastwow.exe (Trojan.Tracur.S) -> Value: dpnhpastwow.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\xolehlpwow.exe (Trojan.Tracur.S) -> Value: xolehlpwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\xolehlpwow.exe (Trojan.Tracur.S) -> Value: xolehlpwow.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\PresentationHostProxywow.exe (Trojan.Tracur.S) -> Value: PresentationHostProxywow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\PresentationHostProxywow.exe (Trojan.Tracur.S) -> Value: PresentationHostProxywow.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\kbd101awow.exe (Trojan.Tracur.S) -> Value: kbd101awow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\kbd101awow.exe (Trojan.Tracur.S) -> Value: kbd101awow.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\PortableDeviceWiaCompatwow.exe (Trojan.Tracur.S) -> Value: PortableDeviceWiaCompatwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\PortableDeviceWiaCompatwow.exe (Trojan.Tracur.S) -> Value: PortableDeviceWiaCompatwow.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\gpeditwow.exe (Trojan.Tracur.S) -> Value: gpeditwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\gpeditwow.exe (Trojan.Tracur.S) -> Value: gpeditwow.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cfgmgr32wow.exe (Trojan.Tracur.S) -> Value: cfgmgr32wow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cfgmgr32wow.exe (Trojan.Tracur.S) -> Value: cfgmgr32wow.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\basesrvwow.exe (Trojan.Tracur.S) -> Value: basesrvwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\basesrvwow.exe (Trojan.Tracur.S) -> Value: basesrvwow.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\EhStorShellwow.exe (Trojan.Tracur.S) -> Value: EhStorShellwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\EhStorShellwow.exe (Trojan.Tracur.S) -> Value: EhStorShellwow.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\softpubwow.exe (Trojan.Tracur.S) -> Value: softpubwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\softpubwow.exe (Trojan.Tracur.S) -> Value: softpubwow.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\NvRCoCswow.exe (Trojan.Tracur.S) -> Value: NvRCoCswow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\NvRCoCswow.exe (Trojan.Tracur.S) -> Value: NvRCoCswow.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ntmartawow.exe (Trojan.Tracur.S) -> Value: ntmartawow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ntmartawow.exe (Trojan.Tracur.S) -> Value: ntmartawow.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\d3dx10_42wow.exe (Trojan.Tracur.S) -> Value: d3dx10_42wow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\d3dx10_42wow.exe (Trojan.Tracur.S) -> Value: d3dx10_42wow.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\qeditwow.exe (Trojan.Tracur.S) -> Value: qeditwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\qeditwow.exe (Trojan.Tracur.S) -> Value: qeditwow.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\credsspwow.exe (Trojan.Tracur.S) -> Value: credsspwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\credsspwow.exe (Trojan.Tracur.S) -> Value: credsspwow.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\licmgr10wow.exe (Trojan.Tracur.S) -> Value: licmgr10wow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\licmgr10wow.exe (Trojan.Tracur.S) -> Value: licmgr10wow.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\odbccp32wow.exe (Trojan.Tracur.S) -> Value: odbccp32wow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\odbccp32wow.exe (Trojan.Tracur.S) -> Value: odbccp32wow.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\nvmccsswow.exe (Trojan.Tracur.S) -> Value: nvmccsswow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\nvmccsswow.exe (Trojan.Tracur.S) -> Value: nvmccsswow.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\bidisplwow.exe (Trojan.Tracur.S) -> Value: bidisplwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\bidisplwow.exe (Trojan.Tracur.S) -> Value: bidisplwow.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\deskmonwow.exe (Trojan.Tracur.S) -> Value: deskmonwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\deskmonwow.exe (Trojan.Tracur.S) -> Value: deskmonwow.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lsmproxywow.exe (Trojan.Tracur.S) -> Value: lsmproxywow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lsmproxywow.exe (Trojan.Tracur.S) -> Value: lsmproxywow.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\dskquouiwow.exe (Trojan.Tracur.S) -> Value: dskquouiwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\dskquouiwow.exe (Trojan.Tracur.S) -> Value: dskquouiwow.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\KBDBULGwow.exe (Trojan.Tracur.S) -> Value: KBDBULGwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\KBDBULGwow.exe (Trojan.Tracur.S) -> Value: KBDBULGwow.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\prflbmsgwow.exe (Trojan.Tracur.S) -> Value: prflbmsgwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\prflbmsgwow.exe (Trojan.Tracur.S) -> Value: prflbmsgwow.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\AltTabwow.exe (Trojan.Tracur.S) -> Value: AltTabwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\AltTabwow.exe (Trojan.Tracur.S) -> Value: AltTabwow.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\KBDINDEVwow.exe (Trojan.Tracur.S) -> Value: KBDINDEVwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\KBDINDEVwow.exe (Trojan.Tracur.S) -> Value: KBDINDEVwow.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\accessibilitycplwow.exe (Trojan.Tracur.S) -> Value: accessibilitycplwow.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\accessibilitycplwow.exe (Trojan.Tracur.S) -> Value: accessibilitycplwow.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersio