Répondre à : Explorer de windows 8 s’actualise… (trojan) 2016-09-08T13:49:29+00:00
Photo du profil de nscott32nscott32
Participant
Nombre d'articles : 8

Je n’ai pas de log f-secure, je te renvoie quand même le scan de Malwarebytes:
[spoiler:10m6bft2]Malwarebytes Anti-Malware
http://www.malwarebytes.org” onclick=”window.open(this.href);return false;

Scan Date: 02/07/2014
Scan Time: 20:56:34
Logfile: mbam.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.07.02.06
Rootkit Database: v2014.07.01.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: Admin

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 317456
Time Elapsed: 4 min, 1 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 4
PUP.Optional.MySearchDial.A, HKUS-1-5-21-771577893-916430460-982458633-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0SOFTWAREMICROSOFTINTERNET EXPLORERSEARCHSCOPES{77AA745B-F4F8-45DA-9B14-61D2D95054C8}, Quarantined, [645a4a5080fbde58e3a9fd4dc83a966a],
PUP.Optional.MySearchDial.A, HKLMSOFTWAREMICROSOFTINTERNET EXPLORERSEARCHSCOPES{77AA745B-F4F8-45DA-9B14-61D2D95054C8}, Quarantined, [645a4a5080fbde58e3a9fd4dc83a966a],
PUP.Optional.InstallCore.A, HKUS-1-5-21-771577893-916430460-982458633-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0SOFTWAREINSTALLCORE1I1T1Q1S, Quarantined, [9d219703097269cd22925d7817eb3ac6],
PUP.Optional.InstallCore.A, HKUS-1-5-21-771577893-916430460-982458633-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0SOFTWAREINSTALLCORE, Quarantined, [b40a6c2e0a71fc3a6562d71417eccc34],

Registry Values: 1
PUP.Optional.InstallCore.A, HKUS-1-5-21-771577893-916430460-982458633-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0SOFTWAREINSTALLCORE|tb, 0S0TzrtN0V1M1O1H, Quarantined, [b40a6c2e0a71fc3a6562d71417eccc34]

Registry Data: 1
PUP.Optional.RocketFind.A, HKUS-1-5-21-771577893-916430460-982458633-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0SOFTWAREMICROSOFTINTERNET EXPLORERMAIN|Start Page, http://rocket-find.com/?f=1&a=rckt_tele_14_27_ch&cd=2XzuyEtN2Y1L1QzutA0C0Azy0FyEtDtD0ByC0ByDyByB0F0BtN0D0Tzu0SzytCyEtN1L2XzutBtFtBtCtFtCtCtFtCtN1L1CzutCyEtBzytDyD1V1QtN1L1G1B1V1N2Y1L1Qzu2StBtBtD0EtAtB0EyDtGyB0FyCtBtGyCtA0C0CtG0E0C0EzztGtC0D0DzzyCyCzy0ByByD0F0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0FzzzztCtAtAtCtG0A0AyEyEtGyEtDyByEtGtCtAzztBtGtByE0FtDzytBzyzztA0AtC0A2Q&cr=72573878&ir=” onclick=”window.open(this.href);return false;, Good: (www.google.com), Bad: (http://rocket-find.com/?f=1&a=rckt_tele_14_27_ch&cd=2XzuyEtN2Y1L1QzutA0C0Azy0FyEtDtD0ByC0ByDyByB0F0BtN0D0Tzu0SzytCyEtN1L2XzutBtFtBtCtFtCtCtFtCtN1L1CzutCyEtBzytDyD1V1QtN1L1G1B1V1N2Y1L1Qzu2StBtBtD0EtAtB0EyDtGyB0FyCtBtGyCtA0C0CtG0E0C0EzztGtC0D0DzzyCyCzy0ByByD0F0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0FzzzztCtAtAtCtG0A0AyEyEtGyEtDyByEtGtCtAzztBtGtByE0FtDzytBzyzztA0AtC0A2Q&cr=72573878&ir=),Replaced,[56683b5f7803cf674db77a0c4aba7e82]

Folders: 1
PUP.Optional.RocketFind.A, C:UsersAdminAppDataRoamingRocketUpdaterUpdateProc, Quarantined, [e9d5cfcb205b6ec86ee3991599694cb4],

Files: 6
PUP.Optional.InstallCore.A, C:UsersAdminAppDataLocalTempICReinstall_ccsetup415.exe, Quarantined, [05b9fb9f9fdc1a1c17f8086fa85cfc04],
PUP.Optional.InstallCore.A, C:UsersAdminDownloadsccsetup415.exe, Quarantined, [2a94a5f5700b83b3af60babdb153bc44],
PUP.Optional.RocketFind.A, C:UsersAdminAppDataRoamingRocketUpdaterUpdateProcconfig.dat, Quarantined, [e9d5cfcb205b6ec86ee3991599694cb4],
PUP.Optional.RocketFind.A, C:UsersAdminAppDataRoamingRocketUpdaterUpdateProcinfo.dat, Quarantined, [e9d5cfcb205b6ec86ee3991599694cb4],
PUP.Optional.RocketFind.A, C:UsersAdminAppDataRoamingRocketUpdaterUpdateProcUpdateTask.exe, Quarantined, [e9d5cfcb205b6ec86ee3991599694cb4],
PUP.Optional.RocketFind.A, C:UsersAdminAppDataLocalGoogleChromeUser DataDefaultPreferences, Good: (), Bad: ( “startup_urls”: [ “http://rocket-find.com/?f=7&a=rckt_tele_14_27_ch&cd=2XzuyEtN2Y1L1QzutA0C0Azy0FyEtDtD0ByC0ByDyByB0F0BtN0D0Tzu0SzytCyEtN1L2XzutBtFtBtCtFtCtCtFtCtN1L1CzutCyEtBzytDyD1V1QtN1L1G1B1V1N2Y1L1Qzu2StBtBtD0EtAtB0EyDtGyB0FyCtBtGyCtA0C0CtG0E0C0EzztGtC0D0DzzyCyCzy0ByByD0F0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0FzzzztCtAtAtCtG0A0AyEyEtGyEtDyByEtGtCtAzztBtGtByE0FtDzytBzyzztA0AtC0A2Q&cr=72573878&ir=” ],), Replaced,[407ee3b7e794da5c138e803e83818977]

Physical Sectors: 0
(No malicious items detected)

(end)[/spoiler:10m6bft2]
Je ne comprend pas pourquoi je n’arrive pas à booté sur le liveusb de dr web, le chargement bloque sur un fichier dès le début.

En tout cas merci de ne pas m’oublier.