Evaluation rapports MBAM -ZHP Diag -Kaspersky

Fermé
TKD82 - Modifié par TKD82 le 13/04/2010 à 22:47
Bonjour,
Je crois que mon ordinateur est sérieusement infecté. Depuis quelques temps il rame et c'est une passoire à pubs. Ci-joints les 3 rapports demandés. Merci pour votre aide


http://www.cijoint.fr/cjlink.php?file=cj201004/cijqh925hO.txt


Malwarebytes' Anti-Malware 1.45
www.malwarebytes.org

Version de la base de données: 3982

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.11

12/04/2010 21:21:54
mbam-log-2010-04-12 (21-21-54).txt

Type d'examen: Examen rapide
Elément(s) analysé(s): 196642
Temps écoulé: 10 minute(s), 57 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 12
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 2
Fichier(s) infecté(s): 33

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6fd31ed6-7c94-4bbc-8e95-f927f4d3a949} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1a93c934-025b-4c3a-b38e-9654a7003239} (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6f282b65-56bf-4bd1-a8b2-a4449a05863d} (Adware.Gamesbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{09f1adac-76d8-4d0f-99a5-5c907dadb988} (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b64f4a7c-97c9-11da-8bde-f66bad1e3f3a} (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{46a4e9d9-b30e-452a-8157-dbbec8573b03} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{74dd705d-6834-439c-a735-a6dbe2677452} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7da39570-5fd2-4f18-94b4-20730cb3f727} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\D (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Juan (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSSMGR (Trojan.Downloader) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\qsuxak (Trojan.Agent.H) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
D:\Documents and Settings\FABRICE\Application Data\searchtoolbarcorp (Trojan.Agent) -> Quarantined and deleted successfully.
D:\Documents and Settings\FABRICE\Application Data\searchtoolbarcorp\Toolbar Vision (Trojan.Agent) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
c:\WINDOWS\system32\qsuxak.exe (Trojan.Agent.H) -> Delete on reboot.
D:\Documents and Settings\FABRICE\Application Data\searchtoolbarcorp\Toolbar Vision\PageHistory.txt (Trojan.Agent) -> Quarantined and deleted successfully.
D:\Documents and Settings\FABRICE\Application Data\searchtoolbarcorp\Toolbar Vision\WebHistory.txt (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\alchemyext.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Program Files\apiloader.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Program Files\auth.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Program Files\base.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Program Files\basicingest.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Program Files\collada.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Program Files\common.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Program Files\componentframework.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Program Files\earthps.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Program Files\evll.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Program Files\fusioncommon.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Program Files\geobase.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Program Files\googlesearch.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Program Files\gps.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Program Files\input_plugin.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Program Files\layer.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.


C:\Program Files\libexpatw.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Program Files\math.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Program Files\measure.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Program Files\moduleframework.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Program Files\navigate.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Program Files\net.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Program Files\pthreadVC.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Program Files\render.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Program Files\sockets.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Program Files\webbrowser.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Program Files\wmsbase.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qsuxak_nav.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qsuxak_navps.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nvs2.inf (Adware.EGDAccess) -> Quarantined and deleted successfully.


KASPERSKY ONLINE SCANNER 7.0: scan report
Tuesday, April 13, 2010
Operating system: Microsoft Windows XP Home Edition Service Pack 3 (build 2600)
Kaspersky Online Scanner version: 7.0.26.13
Last database update: Tuesday, April 13, 2010 08:08:41
Records in database: 3938991


Scan settings
scan using the following database extended
Scan archives yes
Scan e-mail databases yes

Scan area My Computer
C:\
D:\
E:\

Scan statistics
Objects scanned 154530
Threats found 2
Infected objects found 2
Suspicious objects found 0
Scan duration 03:19:13

File name Threat Threats count
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP951\A0105449.exe Infected: Trojan.Win32.Hrup.aah 1

D:\Documents and Settings\FABRICE\Bureau\clean\pskill.exe Infected: not-a-virus:RiskTool.Win32.PsKill.k 1

Selected area has been scanned.


A voir également: