WMA/TrojanDownloader
Résolu
Disney
-
kduc Messages postés 1537 Statut Membre -
kduc Messages postés 1537 Statut Membre -
Bonjour,
je viens de récuperer un disque dur completement infecté , Nod 32 antivirus 4 detecte une quantité inombrable de virus du type :
E:\Documents and Settings\Administrateur\Searched\Blonde Light-skinned Ebony Babe gets a White Dick.avi WMA/TrojanDownloader.GetCodec.B cheval de troie
suivi de milier de noms dans le meme genre !
Pouvez vous m'aider , puis vous poster mon rapport HijackThis?
je viens de récuperer un disque dur completement infecté , Nod 32 antivirus 4 detecte une quantité inombrable de virus du type :
E:\Documents and Settings\Administrateur\Searched\Blonde Light-skinned Ebony Babe gets a White Dick.avi WMA/TrojanDownloader.GetCodec.B cheval de troie
suivi de milier de noms dans le meme genre !
Pouvez vous m'aider , puis vous poster mon rapport HijackThis?
A voir également:
- WMA/TrojanDownloader
- Free mp3 wma converter - Télécharger - Conversion & Extraction
- Jodix free wma to mp3 converter - Télécharger - Conversion & Extraction
- Autoradio pioneer mosfet 50wx4 wma/mp3 - Forum Autoradio
- Convertisseur youtube wma - Télécharger - Téléchargement & Transfert
- Convertir youtube en wma ✓ - Forum Audio
18 réponses
une fois le rapport qui s'affiche dans le note pad , dois je cliquer sur scan ou fix checked ??
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:20:23, on 14/09/2009
Platform: Windows XP SP3, v.5755 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20935)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Taskix\Taskix32.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\WINDOWS\vsnp2std.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\WinRoll\winroll.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Garmin\gStart.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\DeskSpace\deskspace.exe
C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe
C:\Program Files\FirefoxPreloader\FirefoxPreloader.exe
C:\Documents and Settings\Administrateur\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\Fichiers communs\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Windows Live\Mail\wlmail.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Skype\Toolbars\Shared\SkypeNames.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr/toolbar/ie8/sidebar.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.fr/toolbar/ie8/sidebar.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr/toolbar/ie8/sidebar.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Favoris
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [Taskix] C:\Program Files\Taskix\Taskix32.exe start
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKCU\..\Run: [WinRoll] C:\Program Files\WinRoll\winroll.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [wASO] C:\Program Files\Windows Trust\wASO.exe /Q
O4 - HKCU\..\Run: [gStart] C:\Garmin\gStart.exe
O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe" /NoDialog
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [DeskSpace] C:\Program Files\DeskSpace\deskspace.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Startup: Notification de cadeaux MSN.lnk = C:\Documents and Settings\Administrateur\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
O4 - Global Startup: Firefox Preloader.lnk = C:\Program Files\FirefoxPreloader\FirefoxPreloader.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:20:23, on 14/09/2009
Platform: Windows XP SP3, v.5755 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20935)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Taskix\Taskix32.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\WINDOWS\vsnp2std.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\WinRoll\winroll.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Garmin\gStart.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\DeskSpace\deskspace.exe
C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe
C:\Program Files\FirefoxPreloader\FirefoxPreloader.exe
C:\Documents and Settings\Administrateur\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\Fichiers communs\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Windows Live\Mail\wlmail.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Skype\Toolbars\Shared\SkypeNames.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr/toolbar/ie8/sidebar.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.fr/toolbar/ie8/sidebar.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr/toolbar/ie8/sidebar.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Favoris
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [Taskix] C:\Program Files\Taskix\Taskix32.exe start
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKCU\..\Run: [WinRoll] C:\Program Files\WinRoll\winroll.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [wASO] C:\Program Files\Windows Trust\wASO.exe /Q
O4 - HKCU\..\Run: [gStart] C:\Garmin\gStart.exe
O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe" /NoDialog
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [DeskSpace] C:\Program Files\DeskSpace\deskspace.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Startup: Notification de cadeaux MSN.lnk = C:\Documents and Settings\Administrateur\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
O4 - Global Startup: Firefox Preloader.lnk = C:\Program Files\FirefoxPreloader\FirefoxPreloader.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe
Salut à vous deux,
Disney,
Continue sur ce forum et laisse tomber 01.net.
D' avance, merci.
http://forum.telecharger.01net.com/forum/high-tech/SECURITE/Securite/wma-trojandownloader-sujet_53845_1.htm
Disney,
Continue sur ce forum et laisse tomber 01.net.
D' avance, merci.
http://forum.telecharger.01net.com/forum/high-tech/SECURITE/Securite/wma-trojandownloader-sujet_53845_1.htm
Ca marche v attendre une reponse sur votre forum ,
entre temps g tester malwarebytes anti malware , et tout comme Nod il galere sur des trucs du genre :
Blonde Light-skinned Ebony Babe gets a White Dick.avi , il e detecte des milliers comme ca !
C'est virtumonde?
entre temps g tester malwarebytes anti malware , et tout comme Nod il galere sur des trucs du genre :
Blonde Light-skinned Ebony Babe gets a White Dick.avi , il e detecte des milliers comme ca !
C'est virtumonde?
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
...
Merci de ta compréhension.
---
Non, ce n' est pas Virtumonde !
---
En attendant le retour de ton sauveur, relance Malwarebytes pour un scan.
Poste le rapport.
PS : si MalwareByte's a détecté des infections, clique sur Afficher les résultats,
puis sur Supprimer la sélection.
Merci de ta compréhension.
---
Non, ce n' est pas Virtumonde !
---
En attendant le retour de ton sauveur, relance Malwarebytes pour un scan.
Poste le rapport.
PS : si MalwareByte's a détecté des infections, clique sur Afficher les résultats,
puis sur Supprimer la sélection.
J'ai un petit souci , le scan ne se termine jamais , il detecte des milliers de .avi genre noms de films de X , ces films n'existe meme pas sur le disque dur , des trojans dans tous les sens ... que faire ?? Nod32 et Dr Web font de meme ...
Merci
Merci
Salut à vous deux,
Modifié, je pense aussi ...
"O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user') "
Modifié, je pense aussi ...
"O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user') "
Voici la liste des menaces detectées :
E:\WINDOWS\Temp\tqrD.tmp Win32/TrojanDownloader.FakeAlert.ZC cheval de troie
E:\WINDOWS\Temp\46.tmp Win32/Spy.Zbot.JF cheval de troie
E:\WINDOWS\Temp\438952640exe. 1104 Win32/Agent.PTL cheval de troie
E:\WINDOWS\Temp\1145518032.exe une variante probable de Win32/Agent cheval de troie
E:\WINDOWS\system32\drivers\ati4bexx.sys Win32/Wigon.IX cheval de troie
E:\WINDOWS\system32\drivers\ad028471.sys Win32/Rustock.NGJ cheval de troie
E:\WINDOWS\system32\drivers\ids9158.sys Win32/Rootkit.Agent.ITJ cheval de troie
E:\WINDOWS\system32\drivers\ovfsthowmbardnkjahlybiqppyumltiqxhxvro.sys Win32/Agent.PHE cheval de troie
E:\WINDOWS\system32\meiuxlgx.dll Win32/Adware.Virtumonde application
E:\WINDOWS\system32\yuoknxah.ini Win32/Adware.Virtumonde.NEO application
E:\WINDOWS\system32\ykepqb.dll Win32/Adware.SuperJuan application
E:\WINDOWS\system32\ftp_non_crp.exe Win32/PSW.Delf.NOV cheval de troie
E:\WINDOWS\system32\umjpuvdi1.tmp Win32/AutoRun.Agent.LT ver
E:\WINDOWS\system32\ovfsthpexmlxlyxjoglrqlrcdeywvfhdiypfrt.dll Win32/Olmarik.IX cheval de troie
E:\uckwvbf.exe Win32/Kryptik.DS.Gen cheval de troie
E:\oruocu.exe Win32/Small.NEK cheval de troie
Si ca peut aider .. Merci
E:\WINDOWS\Temp\tqrD.tmp Win32/TrojanDownloader.FakeAlert.ZC cheval de troie
E:\WINDOWS\Temp\46.tmp Win32/Spy.Zbot.JF cheval de troie
E:\WINDOWS\Temp\438952640exe. 1104 Win32/Agent.PTL cheval de troie
E:\WINDOWS\Temp\1145518032.exe une variante probable de Win32/Agent cheval de troie
E:\WINDOWS\system32\drivers\ati4bexx.sys Win32/Wigon.IX cheval de troie
E:\WINDOWS\system32\drivers\ad028471.sys Win32/Rustock.NGJ cheval de troie
E:\WINDOWS\system32\drivers\ids9158.sys Win32/Rootkit.Agent.ITJ cheval de troie
E:\WINDOWS\system32\drivers\ovfsthowmbardnkjahlybiqppyumltiqxhxvro.sys Win32/Agent.PHE cheval de troie
E:\WINDOWS\system32\meiuxlgx.dll Win32/Adware.Virtumonde application
E:\WINDOWS\system32\yuoknxah.ini Win32/Adware.Virtumonde.NEO application
E:\WINDOWS\system32\ykepqb.dll Win32/Adware.SuperJuan application
E:\WINDOWS\system32\ftp_non_crp.exe Win32/PSW.Delf.NOV cheval de troie
E:\WINDOWS\system32\umjpuvdi1.tmp Win32/AutoRun.Agent.LT ver
E:\WINDOWS\system32\ovfsthpexmlxlyxjoglrqlrcdeywvfhdiypfrt.dll Win32/Olmarik.IX cheval de troie
E:\uckwvbf.exe Win32/Kryptik.DS.Gen cheval de troie
E:\oruocu.exe Win32/Small.NEK cheval de troie
Si ca peut aider .. Merci
Voici mon rapport Mbam :
Malwarebytes' Anti-Malware 1.41
Version de la base de données: 2797
Windows 5.1.2600 Service Pack 3, v.5755 (Safe Mode)
15/09/2009 21:30:21
mbam-log-2009-09-15 (21-30-21).txt
Type de recherche: Examen complet (E:\|)
Eléments examinés: 190174
Temps écoulé: 54 minute(s), 26 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 136
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\ForceClassicControlPanel (Hijack.ControlPanelStyle) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSMHelp (Hijack.Help) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
E:\Documents and Settings\Sydney\lsass.exe (Backdoor.IRCBot) -> Quarantined and deleted successfully.
E:\Documents and Settings\Sydney\Local Settings\Temp\tmp12.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
E:\Documents and Settings\Sydney\Local Settings\Temp\Temporary Internet Files\Content.IE5\4JA76PAN\CAP4QHLZ (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\Documents and Settings\Sydney\Local Settings\Temp\Temporary Internet Files\Content.IE5\JFPBVL0W\CA0T65JC (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\Documents and Settings\Sydney\Local Settings\Temp\Temporary Internet Files\Content.IE5\W56N41AB\CA3U0FBL (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\Documents and Settings\Sydney\Local Settings\Temp\Temporary Internet Files\Content.IE5\W56N41AB\CA557FU8 (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\Documents and Settings\Sydney\Local Settings\Temp\Temporary Internet Files\Content.IE5\W56N41AB\CATOOB1H (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\Documents and Settings\Sydney\Local Settings\Temp\Temporary Internet Files\Content.IE5\WLYV8P2J\CAIRERIH (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\Documents and Settings\Sydney\Local Settings\Temp\Temporary Internet Files\Content.IE5\YZI78FMH\CAE3Y7UD (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\Program Files\Microsoft Common\svchost.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP45\A0055807.exe (Trojan.Agent) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP45\A0055824.exe (Trojan.Agent) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP45\A0055840.exe (Trojan.Agent) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP48\A0056900.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP48\A0056914.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP48\A0056923.exe (Trojan.Agent) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP49\A0056932.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP49\A0056940.exe (Trojan.Agent) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP49\A0056947.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP49\A0057948.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP49\A0057955.exe (Trojan.Agent) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP49\A0057968.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP49\A0057975.exe (Trojan.Agent) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP49\A0058968.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP50\A0058976.exe (Trojan.Agent) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP50\A0058995.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP50\A0059018.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP50\A0059026.exe (Trojan.Agent) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP51\A0059170.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP52\A0060171.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP52\A0060176.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP52\A0060179.exe (Trojan.Agent) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP52\A0060193.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP52\A0061202.exe (Trojan.Agent) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP53\A0061245.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP53\A0061250.exe (Trojan.Agent) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP53\A0062239.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP54\A0062284.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP54\A0062303.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP56\A0062345.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP56\A0062356.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP58\A0063394.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP58\A0063413.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP59\A0063434.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP59\A0063447.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP59\A0063465.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP63\A0071507.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP63\A0071508.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP63\A0071509.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP64\A0071522.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP64\A0071529.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP64\A0071534.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\dst2rv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\aplbgxaj.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\ccykegrg.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\coqovo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\dacwwuhx.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\dhfweoeg.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\ezwwba.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\fpkgpqbj.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\fuahjkot.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\gcwzyd.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\gerboa.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\gqnsmg.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\ivjaqv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\jfdwqg.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\jtntow.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\kislwahv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\kisrhd.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\kpshte.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\lihqwofh.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\MSINET.oca (Malware.Trace) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\nencecbp.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\ngygkc.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\notbaduh.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\nqwhlr.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\paekhc.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\prpjdhix.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\psyaos.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\rghvbbvc.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\rksivv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\rqlkblnj.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\ryqemxso.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\sqybhyai.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\tilmmt.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\tyspmqpq.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\utldev.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\whgaaoof.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\xcphtk.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\xgjhlesm.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\ycwctptt.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\zoqsjm.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\aNI02\aNI022328.exe (Trojan.Agent) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\aNI15\aNI151080.exe (Trojan.Agent) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\1B1.tmp (Trojan.Zbot) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\38.tmp (Trojan.Zbot) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\3C.tmp (Trojan.Zbot) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\44.tmp (Trojan.Zbot) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\45.tmp (Trojan.Zbot) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\49.tmp (Trojan.Zbot) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\BN11.tmp (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\BN13.tmp (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\BN18.tmp (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\BN1A.tmp (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\BN1C.tmp (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\BN1E.tmp (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\BN20.tmp (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\BN2D.tmp (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\BN2F.tmp (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\BN3.tmp (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\BN31.tmp (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\BN33.tmp (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\BN35.tmp (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\BN37.tmp (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\BN41.tmp (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\BN44.tmp (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\BN47.tmp (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\BN5.tmp (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\BN7.tmp (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\BN9.tmp (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\BNA.tmp (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\BND.tmp (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\BNF.tmp (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\dhb15.tmp (Rootkit.Agent) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\eziD.tmp (Rootkit.Agent) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\gsk23.tmp (Rootkit.Agent) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\nqw18.tmp (Rootkit.Agent) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\phs1E.tmp (Rootkit.Agent) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\raj9.tmp (Rootkit.Agent) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\ryu43.tmp (Rootkit.Agent) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\TMP4B.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\toq2A.tmp (Rootkit.Agent) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\vjl3C.tmp (Rootkit.Agent) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\wlx49.tmp (Rootkit.Agent) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\xxi1C.tmp (Rootkit.Agent) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\zscF.tmp (Rootkit.Agent) -> Quarantined and deleted successfully.
Malwarebytes' Anti-Malware 1.41
Version de la base de données: 2797
Windows 5.1.2600 Service Pack 3, v.5755 (Safe Mode)
15/09/2009 21:30:21
mbam-log-2009-09-15 (21-30-21).txt
Type de recherche: Examen complet (E:\|)
Eléments examinés: 190174
Temps écoulé: 54 minute(s), 26 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 136
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\ForceClassicControlPanel (Hijack.ControlPanelStyle) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSMHelp (Hijack.Help) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
E:\Documents and Settings\Sydney\lsass.exe (Backdoor.IRCBot) -> Quarantined and deleted successfully.
E:\Documents and Settings\Sydney\Local Settings\Temp\tmp12.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
E:\Documents and Settings\Sydney\Local Settings\Temp\Temporary Internet Files\Content.IE5\4JA76PAN\CAP4QHLZ (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\Documents and Settings\Sydney\Local Settings\Temp\Temporary Internet Files\Content.IE5\JFPBVL0W\CA0T65JC (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\Documents and Settings\Sydney\Local Settings\Temp\Temporary Internet Files\Content.IE5\W56N41AB\CA3U0FBL (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\Documents and Settings\Sydney\Local Settings\Temp\Temporary Internet Files\Content.IE5\W56N41AB\CA557FU8 (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\Documents and Settings\Sydney\Local Settings\Temp\Temporary Internet Files\Content.IE5\W56N41AB\CATOOB1H (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\Documents and Settings\Sydney\Local Settings\Temp\Temporary Internet Files\Content.IE5\WLYV8P2J\CAIRERIH (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\Documents and Settings\Sydney\Local Settings\Temp\Temporary Internet Files\Content.IE5\YZI78FMH\CAE3Y7UD (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\Program Files\Microsoft Common\svchost.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP45\A0055807.exe (Trojan.Agent) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP45\A0055824.exe (Trojan.Agent) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP45\A0055840.exe (Trojan.Agent) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP48\A0056900.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP48\A0056914.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP48\A0056923.exe (Trojan.Agent) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP49\A0056932.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP49\A0056940.exe (Trojan.Agent) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP49\A0056947.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP49\A0057948.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP49\A0057955.exe (Trojan.Agent) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP49\A0057968.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP49\A0057975.exe (Trojan.Agent) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP49\A0058968.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP50\A0058976.exe (Trojan.Agent) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP50\A0058995.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP50\A0059018.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP50\A0059026.exe (Trojan.Agent) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP51\A0059170.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP52\A0060171.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP52\A0060176.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP52\A0060179.exe (Trojan.Agent) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP52\A0060193.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP52\A0061202.exe (Trojan.Agent) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP53\A0061245.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP53\A0061250.exe (Trojan.Agent) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP53\A0062239.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP54\A0062284.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP54\A0062303.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP56\A0062345.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP56\A0062356.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP58\A0063394.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP58\A0063413.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP59\A0063434.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP59\A0063447.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP59\A0063465.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP63\A0071507.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP63\A0071508.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP63\A0071509.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP64\A0071522.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP64\A0071529.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{6DF5A597-E527-4F35-AFE4-EA83D5025E21}\RP64\A0071534.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\dst2rv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\aplbgxaj.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\ccykegrg.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\coqovo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\dacwwuhx.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\dhfweoeg.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\ezwwba.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\fpkgpqbj.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\fuahjkot.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\gcwzyd.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\gerboa.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\gqnsmg.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\ivjaqv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\jfdwqg.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\jtntow.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\kislwahv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\kisrhd.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\kpshte.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\lihqwofh.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\MSINET.oca (Malware.Trace) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\nencecbp.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\ngygkc.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\notbaduh.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\nqwhlr.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\paekhc.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\prpjdhix.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\psyaos.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\rghvbbvc.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\rksivv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\rqlkblnj.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\ryqemxso.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\sqybhyai.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\tilmmt.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\tyspmqpq.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\utldev.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\whgaaoof.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\xcphtk.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\xgjhlesm.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\ycwctptt.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\zoqsjm.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\aNI02\aNI022328.exe (Trojan.Agent) -> Quarantined and deleted successfully.
E:\WINDOWS\system32\aNI15\aNI151080.exe (Trojan.Agent) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\1B1.tmp (Trojan.Zbot) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\38.tmp (Trojan.Zbot) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\3C.tmp (Trojan.Zbot) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\44.tmp (Trojan.Zbot) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\45.tmp (Trojan.Zbot) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\49.tmp (Trojan.Zbot) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\BN11.tmp (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\BN13.tmp (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\BN18.tmp (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\BN1A.tmp (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\BN1C.tmp (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\BN1E.tmp (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\BN20.tmp (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\BN2D.tmp (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\BN2F.tmp (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\BN3.tmp (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\BN31.tmp (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\BN33.tmp (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\BN35.tmp (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\BN37.tmp (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\BN41.tmp (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\BN44.tmp (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\BN47.tmp (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\BN5.tmp (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\BN7.tmp (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\BN9.tmp (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\BNA.tmp (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\BND.tmp (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\BNF.tmp (Worm.AutoRun) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\dhb15.tmp (Rootkit.Agent) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\eziD.tmp (Rootkit.Agent) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\gsk23.tmp (Rootkit.Agent) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\nqw18.tmp (Rootkit.Agent) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\phs1E.tmp (Rootkit.Agent) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\raj9.tmp (Rootkit.Agent) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\ryu43.tmp (Rootkit.Agent) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\TMP4B.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\toq2A.tmp (Rootkit.Agent) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\vjl3C.tmp (Rootkit.Agent) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\wlx49.tmp (Rootkit.Agent) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\xxi1C.tmp (Rootkit.Agent) -> Quarantined and deleted successfully.
E:\WINDOWS\Temp\zscF.tmp (Rootkit.Agent) -> Quarantined and deleted successfully.
Salut,
Relance un scan Malwarebytes (ne poste pas le rapport).
Relance un scan Nod32 et poste le rapport.
Relance un scan Malwarebytes (ne poste pas le rapport).
Relance un scan Nod32 et poste le rapport.
Bon les gars merci pour tout , j'ai résolu le probleme en lançant Malwarebytes suivi de Dr Web le tout en mode sans echec et enfin un petit coup d'Eset apres redemarrage , finition avec spybot et ad aware , puis re un coup d'Eset pour verifier une derniere fois .
I l n'y a plus aucune trace de quoique ce soit de louche sur ce disque dur .. ;)
I l n'y a plus aucune trace de quoique ce soit de louche sur ce disque dur .. ;)
