Sujet Précédent Sujet Suivant

Rapport

Fermé
disquette - 2 avril 2009 à 21:08
sof26110 Messages postés 1032 Date d'inscription samedi 31 janvier 2009 Statut Membre Dernière intervention 11 octobre 2010 - 2 avril 2009 à 21:10
Bonjour,
voici le rapport pour destrio5
que faire maintenant ?

Malwarebytes' Anti-Malware 1.35
Version de la base de données: 1904
Windows 5.0.2195 Service Pack 4

12/02/2009 19:57:10
mbam-log-2009-02-12 (19-57-09).txt

Type de recherche: Examen rapide
Eléments examinés: 74643
Temps écoulé: 16 minute(s), 37 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 2
Clé(s) du Registre infectée(s): 54
Valeur(s) du Registre infectée(s): 4
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 15
Fichier(s) infecté(s): 59

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
C:\WINDOWS\security\logs\smerg.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\SYSTEM32\gebcbbx.dll (Trojan.Vundo.H) -> Delete on reboot.

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{58644021-4212-48dc-b9d4-ac524958b2ea} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{58644021-4212-48dc-b9d4-ac524958b2ea} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e44527f6-1296-4a84-b67d-a6cea6ed4b69} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\gebcbbx (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{e44527f6-1296-4a84-b67d-a6cea6ed4b69} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\smerg (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\vccpgdataaccess.pgdataaccessctrl.1 (Adware.Delphinmediaviewer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2bb15d36-43be-4743-a3a0-3308f4b1a610} (Adware.Delphinmediaviewer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{41700749-a109-4254-af13-be54011e8783} (Adware.Delphinmediaviewer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{991ef04c-93cf-469b-a2be-cc1b3347566f} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{cf46bfb3-2acc-441b-b82b-36b9562c7ff1} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d38439ec-4a7f-42b4-90c2-d810d7778fdd} (Trojan.ConHook) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d651aff4-9590-424d-bd1e-8e33e090dfb3} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{cd3447d4-ca39-4377-8084-30e86331d74c} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1557b435-8242-4686-9aa3-9265bf7525a4} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3fd6b99c-a275-46ea-8fd1-3d63986e51e4} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{57e218e6-5a80-4f0c-ab25-83598f25d7e9} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{67c55a8d-e808-4caa-9ea7-f77102de0bb6} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{68d5cf1d-ec5c-4bdd-a9ef-f0e517565d50} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7da39570-5fd2-4f18-94b4-20730cb3f727} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e03c740e-bb24-4d3c-b92a-6f84de1dd99c} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{014da6c9-189f-421a-88cd-07cfe51cff10} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{5adf3862-9e2e-4ad3-86f7-4510e6550cd0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e12bff69-38a7-406e-a8ef-2738107a7831} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a8bd9566-9895-4fa3-918d-a51d4cd15865} (Adware.Delphinmediaviewer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d0070620-1e72-42e7-a14c-3a255ad31839} (Adware.Delphinmediaviewer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{2a7db8d1-43be-4ad3-a81e-9bb8c9d00073} (Adware.Delphinmediaviewer) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{991ef04c-93cf-469b-a2be-cc1b3347566f} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\B-H-O (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Instant Access (Adware.InstantAccess) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\UERS_is1 (Rogue.Errorsafe) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\RX ToolBar (Adware.RXToolbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\aldd (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\MS Juan (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\jkwslist (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Juan (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\winantivirus pro 2006 (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\fopn (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\p2ecom.egp2ecom (Adware.EGDAccess) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\p2ecom.egp2ecom.1 (Adware.EGDAccess) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MessengerSkinner.exe (Adware.EGDAccess) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\magiccontrol.magiccomponent (Adware.EGDAccess) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\magiccontrol.magiccomponent.1 (Adware.EGDAccess) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mslagent.3 (Adware.EGDAccess) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mslagent.3.1 (Adware.EGDAccess) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\navihelper.navihelperobject (Adware.EGDAccess) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\navihelper.navihelperobject.1 (Adware.EGDAccess) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\navipromo.egnaviscoring (Adware.EGDAccess) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\navipromo.egnaviscoring.1 (Adware.EGDAccess) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MessengerSkinner (Rogue.MessengerSkinner) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{e44527f6-1296-4a84-b67d-a6cea6ed4b69} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\systemoptimizer (Rogue.SystemOptimizer) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Instant Access (Adware.InstantAccess) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\{25101907-027a-1036-1017-000225200021} (Trojan.Agent) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Program Files\WinAntiVirus Pro 2006 (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
C:\Program Files\Fichiers communs\WinAntiVirus Pro 2006 (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORINE\Application Data\WinAntiVirus Pro 2006 (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORINE\Application Data\WinAntiVirus Pro 2006\Logs (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
C:\WINDOWS\All Users\Application Data\WinAntiVirus Pro 2006 (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
C:\WINDOWS\mslagent (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORINE\Application Data\searchtoolbarcorp (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORINE\Application Data\searchtoolbarcorp\Toolbar Vision (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\MyWay (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar\1.bin (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar\Cache (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar\History (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar\Settings (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\Media Access (Adware.MediaAccess) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\WINDOWS\security\logs\smerg.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\security\logs\grems.bak2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\security\logs\grems.bak1 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\security\logs\grems.ini (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\security\logs\grems.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\gebcbbx.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\Program Files\WinAntiVirus Pro 2006\msvcp71.dll (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiVirus Pro 2006\msvcr71.dll (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
C:\Program Files\Fichiers communs\WinAntiVirus Pro 2006\err.log (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORINE\Application Data\WinAntiVirus Pro 2006\Logs\winav.log (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORINE\Application Data\WinAntiVirus Pro 2006\Logs\wa6Support.log (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
C:\WINDOWS\mslagent\CompManagerPersist.mc2 (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\WINDOWS\mslagent\acknowledged.mc2 (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\WINDOWS\mslagent\NaviPersist.mc2 (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\WINDOWS\mslagent\TimePersist (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\WINDOWS\mslagent\OrderPersist.mc2 (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\WINDOWS\mslagent\NaviPromo.mc2 (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORINE\Application Data\searchtoolbarcorp\Toolbar Vision\WebHistory.txt (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORINE\Application Data\searchtoolbarcorp\Toolbar Vision\PageHistory.txt (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar\1.bin\MYWAYPLUGINPROXY.CLASS (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar\1.bin\PARTNER.BMP (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar\1.bin\PARTNER.DAT (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar\1.bin\PARTNER2.DAT (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar\1.bin\PARTNER3.DAT (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar\1.bin\PARTNER4.DAT (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar\1.bin\PARTNER5.DAT (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar\1.bin\PARTNER6.DAT (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar\1.bin\UNINSTALL.INF (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar\Cache\files.ini (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar\Cache\00708C06 (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar\Cache\00709D6D (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar\Cache\00709FA1.bmp (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar\Cache\0070AE55.bmp (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar\Cache\0070B092.bmp (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar\Cache\0051ED5D.bin (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar\Cache\0051F955.bin (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar\History\search (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar\Settings\prevcfg.htm (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar\Settings\settings.dat (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar\Settings\settings.htm (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar\Settings\settings.dat.bak (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar\Settings\settings.htm.bak (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\Media Access\MediaAccC.dll (Adware.MediaAccess) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\mcrh.tmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\cookies.ini (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\Downloaded Program Files\dtc32.inf (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\WINDOWS\Downloaded Program Files\nethv32.inf (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\mcgkc_navps.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\ldtoybcxqg_navps.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\gyqeo_navps.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\njbeht_navps.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\pfxugddgx_navps.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\gyqeo_nav.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\mcgkc_nav.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\ldtoybcxqg_nav.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\njbeht_nav.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\pfxugddgx_nav.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\nvs2.inf (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\WINDOWS\smdat32m.sys (Rootkit.Agent) -> Quarantined and deleted successfully.

1 réponse

Réponse 1 / 1
sof26110 Messages postés 1032 Date d'inscription samedi 31 janvier 2009 Statut Membre Dernière intervention 11 octobre 2010 115
2 avril 2009 à 21:10
Redémarre ton PC et refait un scan
0

Discussions similaires

Impossible d'afficher le rapport de tableau croisé dynamique sur un rapport
Utilisateur anonyme -
TomH. -

13 réponses
écrire un rapport de travail
asi -
REGINALD -

3 réponses
impossible d'afficher le tableau dynamique sur un rapport existant
Pierre -
Adrien71 -

3 réponses
Tableau croisé dynamique
Joh67 -
Joh67 -

2 réponses
Accés au cloud
Dadou1968 -
loisou17 -

3 réponses