Virus NETWORK WORM
chtizef
-
chtizef -
chtizef -
Bonjour,
J'ai un virus que avast ne semble pas detecter... je recois un message d'erruer permanent qui m'indique que le virus est de type NETWORK WORM.
Bon j'ai utiliser Hijack this si quelqu'un pouvez m'aidez ca serait super merci d'avance.
Voici le rapport:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:12:58, on 26/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Applications\wcs.exe
C:\Program Files\Applications\iebtm.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\Applications\wcm.exe
C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Applications\iebtmm.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\HPQ\Shared\hpqwmi.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.neuf.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: (no name) - {CFEE97A3-4911-444D-8BE8-E243A23D3DE2} - C:\Program Files\Applications\iebt.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Internet Service - {144A6B24-0EBC-4D89-BF09-A06A718E57B5} - C:\Program Files\Applications\iebr.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [ANTIVIRUS] C:\Program Files\MSX\MSx.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ANTIVIRUS] C:\Program Files\MSX\MSx.exe
O4 - HKLM\..\Policies\Explorer\Run: [smile] C:\Program Files\Applications\wcs.exe
O4 - HKLM\..\Policies\Explorer\Run: [start] C:\Program Files\Applications\iebtm.exe
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: (no name) - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.ietoolthru.com/redirect.php (file missing)
O9 - Extra 'Tools' menuitem: IE Anti-Spyware - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.ietoolthru.com/redirect.php (file missing)
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://www.ea.com/downloads/rtpatch/EARTPX.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\Shared\hpqwmi.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
J'ai un virus que avast ne semble pas detecter... je recois un message d'erruer permanent qui m'indique que le virus est de type NETWORK WORM.
Bon j'ai utiliser Hijack this si quelqu'un pouvez m'aidez ca serait super merci d'avance.
Voici le rapport:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:12:58, on 26/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Applications\wcs.exe
C:\Program Files\Applications\iebtm.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\Applications\wcm.exe
C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Applications\iebtmm.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\HPQ\Shared\hpqwmi.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.neuf.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: (no name) - {CFEE97A3-4911-444D-8BE8-E243A23D3DE2} - C:\Program Files\Applications\iebt.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Internet Service - {144A6B24-0EBC-4D89-BF09-A06A718E57B5} - C:\Program Files\Applications\iebr.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [ANTIVIRUS] C:\Program Files\MSX\MSx.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ANTIVIRUS] C:\Program Files\MSX\MSx.exe
O4 - HKLM\..\Policies\Explorer\Run: [smile] C:\Program Files\Applications\wcs.exe
O4 - HKLM\..\Policies\Explorer\Run: [start] C:\Program Files\Applications\iebtm.exe
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: (no name) - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.ietoolthru.com/redirect.php (file missing)
O9 - Extra 'Tools' menuitem: IE Anti-Spyware - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.ietoolthru.com/redirect.php (file missing)
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://www.ea.com/downloads/rtpatch/EARTPX.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\Shared\hpqwmi.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
A voir également:
- Virus NETWORK WORM
- Virus mcafee - Accueil - Piratage
- Softonic virus ✓ - Forum Virus
- Virus facebook demande d'amis - Accueil - Facebook
- Artemis virus - Forum Virus
- Virus informatique - Guide
12 réponses
Ok merci destrio...
La l'analyse est en cours...mais pdt l'analyse g reçu un message qui me fait franchement peur. Apparement qqun aurait volées des données de mon ordi (on ma donné l'adresse IP et dit qu'il habité Amboise). J'espere que c pas trop grave :s
La l'analyse est en cours...mais pdt l'analyse g reçu un message qui me fait franchement peur. Apparement qqun aurait volées des données de mon ordi (on ma donné l'adresse IP et dit qu'il habité Amboise). J'espere que c pas trop grave :s
Voila le rapport...(il ya eu 13 éléments de supprimés je crois)
alwarebytes' Anti-Malware 1.28
Version de la base de données: 1210
Windows 5.1.2600 Service Pack 2
26/09/2008 18:58:27
mbam-log-2008-09-26 (18-58-16).txt
Type de recherche: Examen rapide
Eléments examinés: 69804
Temps écoulé: 22 minute(s), 36 second(s)
Processus mémoire infecté(s): 4
Module(s) mémoire infecté(s): 2
Clé(s) du Registre infectée(s): 13
Valeur(s) du Registre infectée(s): 9
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 11
Fichier(s) infecté(s): 38
Processus mémoire infecté(s):
C:\Program Files\Applications\iebtm.exe (Trojan.Zlob) -> No action taken.
C:\Program Files\Applications\iebtmm.exe (Trojan.Zlob) -> No action taken.
C:\Program Files\Applications\wcm.exe (Trojan.Zlob) -> No action taken.
C:\Program Files\Applications\wcs.exe (Trojan.Zlob) -> No action taken.
Module(s) mémoire infecté(s):
C:\Program Files\Applications\iebt.dll (Trojan.Zlob) -> No action taken.
C:\Program Files\Applications\iebr.dll (Trojan.Zlob) -> No action taken.
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\setup.player (Spyware.MarketScore) -> No action taken.
HKEY_CLASSES_ROOT\setup.player.2k2 (Spyware.MarketScore) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{35b7e48b-9d81-4c6c-9578-5fd4f620d886} (Spyware.MarketScore) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{144a6b24-0ebc-4d89-bf09-a06a718e57b5} (Trojan.Zlob) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{cfee97a3-4911-444d-8be8-e243a23d3de2} (Trojan.Zlob) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cfee97a3-4911-444d-8be8-e243a23d3de2} (Trojan.Zlob) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{daed9266-8c28-4c1c-8b58-5c66eff1d302} (Search.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{9034a523-d068-4be8-a284-9df278be776e} (Trojan.Zlob) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IEBrowse Tool (Trojan.Zlob) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IExplorer Bar (Trojan.Zlob) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Warning Center (Trojan.Zlob) -> No action taken.
HKEY_CLASSES_ROOT\multimediaControls.chl (Trojan.Zlob) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\MSx (Rogue.MSAntivirus) -> No action taken.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{144a6b24-0ebc-4d89-bf09-a06a718e57b5} (Trojan.Zlob) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{144a6b24-0ebc-4d89-bf09-a06a718e57b5} (Trojan.Zlob) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\start (Trojan.Zlob) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\smile (Trojan.Zlob) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\*.securewebinfo.com (Trojan.Zlob) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\*.safetyincludes.com (Trojan.Zlob) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\*.securemanaging.com (Trojan.Zlob) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\antivirus (Rogue.MSAntivirus) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\antivirus (Rogue.MSAntivirus) -> No action taken.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Program Files\Montorgueil (Dialer) -> No action taken.
C:\Program Files\Montorgueil\elodie_se_deshabille (Dialer) -> No action taken.
C:\Program Files\Montorgueil\Fan2BritneyVideos (Dialer) -> No action taken.
C:\Program Files\Montorgueil\FanClaire (Dialer) -> No action taken.
C:\Program Files\Montorgueil\FanMarjolaine (Dialer) -> No action taken.
C:\Program Files\Montorgueil\FanPriscilla (Dialer) -> No action taken.
C:\Program Files\Montorgueil\Films-Ultra-Hard (Dialer) -> No action taken.
C:\Program Files\Montorgueil\Luna (Dialer) -> No action taken.
C:\Program Files\Montorgueil\NuePamelaVideo (Dialer) -> No action taken.
C:\Program Files\Montorgueil\Videos-Ultrahard (Dialer) -> No action taken.
C:\Program Files\Montorgueil\videos_coloc_nues (Dialer) -> No action taken.
Fichier(s) infecté(s):
C:\Program Files\Applications\iebr.dll (Trojan.Zlob) -> No action taken.
C:\Program Files\Applications\iebt.dll (Trojan.Zlob) -> No action taken.
C:\Program Files\Montorgueil\14.05048 (Dialer) -> No action taken.
C:\Program Files\Montorgueil\elodie_se_deshabille\elodie_se_deshabille.ico (Dialer) -> No action taken.
C:\Program Files\Montorgueil\Fan2BritneyVideos\Fan2BritneyVideos.ico (Dialer) -> No action taken.
C:\Program Files\Montorgueil\FanClaire\FanClaire.ico (Dialer) -> No action taken.
C:\Program Files\Montorgueil\FanMarjolaine\FanMarjolaine.ico (Dialer) -> No action taken.
C:\Program Files\Montorgueil\FanPriscilla\FanPriscilla.ico (Dialer) -> No action taken.
C:\Program Files\Montorgueil\Films-Ultra-Hard\Films-Ultra-Hard.ico (Dialer) -> No action taken.
C:\Program Files\Montorgueil\Luna\Luna.ico (Dialer) -> No action taken.
C:\Program Files\Montorgueil\NuePamelaVideo\NuePamelaVideo.ico (Dialer) -> No action taken.
C:\Program Files\Montorgueil\Videos-Ultrahard\Videos-Ultrahard.ico (Dialer) -> No action taken.
C:\Program Files\Montorgueil\videos_coloc_nues\videos_coloc_nues.ico (Dialer) -> No action taken.
C:\Program Files\Applications\iebtm.exe (Trojan.Zlob) -> No action taken.
C:\Program Files\Applications\iebtmm.exe (Trojan.Zlob) -> No action taken.
C:\Program Files\Applications\iebtu.exe (Trojan.Zlob) -> No action taken.
C:\Program Files\Applications\iebu.exe (Trojan.Zlob) -> No action taken.
C:\Program Files\Applications\myd.ico (Trojan.Zlob) -> No action taken.
C:\Program Files\Applications\mym.ico (Trojan.Zlob) -> No action taken.
C:\Program Files\Applications\myp.ico (Trojan.Zlob) -> No action taken.
C:\Program Files\Applications\myv.ico (Trojan.Zlob) -> No action taken.
C:\Program Files\Applications\ot.ico (Trojan.Zlob) -> No action taken.
C:\Program Files\Applications\ts.ico (Trojan.Zlob) -> No action taken.
C:\Program Files\Applications\wcm.exe (Trojan.Zlob) -> No action taken.
C:\Program Files\Applications\wcs.exe (Trojan.Zlob) -> No action taken.
C:\Program Files\Applications\wcu.exe (Trojan.Zlob) -> No action taken.
C:\Documents and Settings\Chtizef\Local Settings\Temp\xrg2.exe (Trojan.Zlob) -> No action taken.
C:\Program Files\MSX\MSx.exe (Rogue.MSAntivirus) -> No action taken.
C:\Program Files\MSX\msx1.dat (Rogue.MSAntivirus) -> No action taken.
C:\Program Files\MSX\MSX.cpl (Rogue.MSAntivirus) -> No action taken.
C:\Program Files\MSX\msx.ooo (Rogue.MSAntivirus) -> No action taken.
C:\WINDOWS\system32\MSx.cpl (Rogue.MSAntivirus) -> No action taken.
C:\Documents and Settings\Chtizef\Bureau\MS Antivirus.lnk (Rogue.Link) -> No action taken.
C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Antivirus Scan.url (Trojan.Zlob) -> No action taken.
C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Online Spyware Test.url (Trojan.Zlob) -> No action taken.
C:\Documents and Settings\All Users.WINDOWS\Bureau\Antivirus Scan.url (Rogue.Link) -> No action taken.
C:\Documents and Settings\All Users.WINDOWS\Bureau\Online Spyware Test.url (Rogue.Link) -> No action taken.
C:\Documents and Settings\Chtizef\Favoris\Antivirus Scan.url (Rogue.Link) -> No action taken.
alwarebytes' Anti-Malware 1.28
Version de la base de données: 1210
Windows 5.1.2600 Service Pack 2
26/09/2008 18:58:27
mbam-log-2008-09-26 (18-58-16).txt
Type de recherche: Examen rapide
Eléments examinés: 69804
Temps écoulé: 22 minute(s), 36 second(s)
Processus mémoire infecté(s): 4
Module(s) mémoire infecté(s): 2
Clé(s) du Registre infectée(s): 13
Valeur(s) du Registre infectée(s): 9
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 11
Fichier(s) infecté(s): 38
Processus mémoire infecté(s):
C:\Program Files\Applications\iebtm.exe (Trojan.Zlob) -> No action taken.
C:\Program Files\Applications\iebtmm.exe (Trojan.Zlob) -> No action taken.
C:\Program Files\Applications\wcm.exe (Trojan.Zlob) -> No action taken.
C:\Program Files\Applications\wcs.exe (Trojan.Zlob) -> No action taken.
Module(s) mémoire infecté(s):
C:\Program Files\Applications\iebt.dll (Trojan.Zlob) -> No action taken.
C:\Program Files\Applications\iebr.dll (Trojan.Zlob) -> No action taken.
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\setup.player (Spyware.MarketScore) -> No action taken.
HKEY_CLASSES_ROOT\setup.player.2k2 (Spyware.MarketScore) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{35b7e48b-9d81-4c6c-9578-5fd4f620d886} (Spyware.MarketScore) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{144a6b24-0ebc-4d89-bf09-a06a718e57b5} (Trojan.Zlob) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{cfee97a3-4911-444d-8be8-e243a23d3de2} (Trojan.Zlob) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cfee97a3-4911-444d-8be8-e243a23d3de2} (Trojan.Zlob) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{daed9266-8c28-4c1c-8b58-5c66eff1d302} (Search.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{9034a523-d068-4be8-a284-9df278be776e} (Trojan.Zlob) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IEBrowse Tool (Trojan.Zlob) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IExplorer Bar (Trojan.Zlob) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Warning Center (Trojan.Zlob) -> No action taken.
HKEY_CLASSES_ROOT\multimediaControls.chl (Trojan.Zlob) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\MSx (Rogue.MSAntivirus) -> No action taken.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{144a6b24-0ebc-4d89-bf09-a06a718e57b5} (Trojan.Zlob) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{144a6b24-0ebc-4d89-bf09-a06a718e57b5} (Trojan.Zlob) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\start (Trojan.Zlob) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\smile (Trojan.Zlob) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\*.securewebinfo.com (Trojan.Zlob) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\*.safetyincludes.com (Trojan.Zlob) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\*.securemanaging.com (Trojan.Zlob) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\antivirus (Rogue.MSAntivirus) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\antivirus (Rogue.MSAntivirus) -> No action taken.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Program Files\Montorgueil (Dialer) -> No action taken.
C:\Program Files\Montorgueil\elodie_se_deshabille (Dialer) -> No action taken.
C:\Program Files\Montorgueil\Fan2BritneyVideos (Dialer) -> No action taken.
C:\Program Files\Montorgueil\FanClaire (Dialer) -> No action taken.
C:\Program Files\Montorgueil\FanMarjolaine (Dialer) -> No action taken.
C:\Program Files\Montorgueil\FanPriscilla (Dialer) -> No action taken.
C:\Program Files\Montorgueil\Films-Ultra-Hard (Dialer) -> No action taken.
C:\Program Files\Montorgueil\Luna (Dialer) -> No action taken.
C:\Program Files\Montorgueil\NuePamelaVideo (Dialer) -> No action taken.
C:\Program Files\Montorgueil\Videos-Ultrahard (Dialer) -> No action taken.
C:\Program Files\Montorgueil\videos_coloc_nues (Dialer) -> No action taken.
Fichier(s) infecté(s):
C:\Program Files\Applications\iebr.dll (Trojan.Zlob) -> No action taken.
C:\Program Files\Applications\iebt.dll (Trojan.Zlob) -> No action taken.
C:\Program Files\Montorgueil\14.05048 (Dialer) -> No action taken.
C:\Program Files\Montorgueil\elodie_se_deshabille\elodie_se_deshabille.ico (Dialer) -> No action taken.
C:\Program Files\Montorgueil\Fan2BritneyVideos\Fan2BritneyVideos.ico (Dialer) -> No action taken.
C:\Program Files\Montorgueil\FanClaire\FanClaire.ico (Dialer) -> No action taken.
C:\Program Files\Montorgueil\FanMarjolaine\FanMarjolaine.ico (Dialer) -> No action taken.
C:\Program Files\Montorgueil\FanPriscilla\FanPriscilla.ico (Dialer) -> No action taken.
C:\Program Files\Montorgueil\Films-Ultra-Hard\Films-Ultra-Hard.ico (Dialer) -> No action taken.
C:\Program Files\Montorgueil\Luna\Luna.ico (Dialer) -> No action taken.
C:\Program Files\Montorgueil\NuePamelaVideo\NuePamelaVideo.ico (Dialer) -> No action taken.
C:\Program Files\Montorgueil\Videos-Ultrahard\Videos-Ultrahard.ico (Dialer) -> No action taken.
C:\Program Files\Montorgueil\videos_coloc_nues\videos_coloc_nues.ico (Dialer) -> No action taken.
C:\Program Files\Applications\iebtm.exe (Trojan.Zlob) -> No action taken.
C:\Program Files\Applications\iebtmm.exe (Trojan.Zlob) -> No action taken.
C:\Program Files\Applications\iebtu.exe (Trojan.Zlob) -> No action taken.
C:\Program Files\Applications\iebu.exe (Trojan.Zlob) -> No action taken.
C:\Program Files\Applications\myd.ico (Trojan.Zlob) -> No action taken.
C:\Program Files\Applications\mym.ico (Trojan.Zlob) -> No action taken.
C:\Program Files\Applications\myp.ico (Trojan.Zlob) -> No action taken.
C:\Program Files\Applications\myv.ico (Trojan.Zlob) -> No action taken.
C:\Program Files\Applications\ot.ico (Trojan.Zlob) -> No action taken.
C:\Program Files\Applications\ts.ico (Trojan.Zlob) -> No action taken.
C:\Program Files\Applications\wcm.exe (Trojan.Zlob) -> No action taken.
C:\Program Files\Applications\wcs.exe (Trojan.Zlob) -> No action taken.
C:\Program Files\Applications\wcu.exe (Trojan.Zlob) -> No action taken.
C:\Documents and Settings\Chtizef\Local Settings\Temp\xrg2.exe (Trojan.Zlob) -> No action taken.
C:\Program Files\MSX\MSx.exe (Rogue.MSAntivirus) -> No action taken.
C:\Program Files\MSX\msx1.dat (Rogue.MSAntivirus) -> No action taken.
C:\Program Files\MSX\MSX.cpl (Rogue.MSAntivirus) -> No action taken.
C:\Program Files\MSX\msx.ooo (Rogue.MSAntivirus) -> No action taken.
C:\WINDOWS\system32\MSx.cpl (Rogue.MSAntivirus) -> No action taken.
C:\Documents and Settings\Chtizef\Bureau\MS Antivirus.lnk (Rogue.Link) -> No action taken.
C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Antivirus Scan.url (Trojan.Zlob) -> No action taken.
C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Online Spyware Test.url (Trojan.Zlob) -> No action taken.
C:\Documents and Settings\All Users.WINDOWS\Bureau\Antivirus Scan.url (Rogue.Link) -> No action taken.
C:\Documents and Settings\All Users.WINDOWS\Bureau\Online Spyware Test.url (Rogue.Link) -> No action taken.
C:\Documents and Settings\Chtizef\Favoris\Antivirus Scan.url (Rogue.Link) -> No action taken.
A non juste avnt il me semble! En fait j'ai sauvegarder apres l'analyse§ Donc si j'ai compris mon erreur c'est le rapport apres supression que je dois coller? Je relance une analyse entiere du coup? (je n'ai plus les message d'erreurs...le virus ne semble plus etre la)
OUi voila...g sauvegarder et supprimer tout ce qu'il avez trouvé! C'est pour ca je te demand si il faut que je t'envoie un autre rapport apres suppression (donc si il faut que je refasse une analyse)
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Exact... le voici
alwarebytes' Anti-Malware 1.28
Version de la base de données: 1210
Windows 5.1.2600 Service Pack 2
26/09/2008 18:58:45
mbam-log-2008-09-26 (18-58-45).txt
Type de recherche: Examen rapide
Eléments examinés: 69804
Temps écoulé: 22 minute(s), 36 second(s)
Processus mémoire infecté(s): 4
Module(s) mémoire infecté(s): 2
Clé(s) du Registre infectée(s): 13
Valeur(s) du Registre infectée(s): 9
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 11
Fichier(s) infecté(s): 38
Processus mémoire infecté(s):
C:\Program Files\Applications\iebtm.exe (Trojan.Zlob) -> Unloaded process successfully.
C:\Program Files\Applications\iebtmm.exe (Trojan.Zlob) -> Unloaded process successfully.
C:\Program Files\Applications\wcm.exe (Trojan.Zlob) -> Unloaded process successfully.
C:\Program Files\Applications\wcs.exe (Trojan.Zlob) -> Unloaded process successfully.
Module(s) mémoire infecté(s):
C:\Program Files\Applications\iebt.dll (Trojan.Zlob) -> Delete on reboot.
C:\Program Files\Applications\iebr.dll (Trojan.Zlob) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\setup.player (Spyware.MarketScore) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\setup.player.2k2 (Spyware.MarketScore) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{35b7e48b-9d81-4c6c-9578-5fd4f620d886} (Spyware.MarketScore) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{144a6b24-0ebc-4d89-bf09-a06a718e57b5} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{cfee97a3-4911-444d-8be8-e243a23d3de2} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cfee97a3-4911-444d-8be8-e243a23d3de2} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{daed9266-8c28-4c1c-8b58-5c66eff1d302} (Search.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{9034a523-d068-4be8-a284-9df278be776e} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IEBrowse Tool (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IExplorer Bar (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Warning Center (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\multimediaControls.chl (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\MSx (Rogue.MSAntivirus) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{144a6b24-0ebc-4d89-bf09-a06a718e57b5} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{144a6b24-0ebc-4d89-bf09-a06a718e57b5} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\start (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\smile (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\*.securewebinfo.com (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\*.safetyincludes.com (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\*.securemanaging.com (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\antivirus (Rogue.MSAntivirus) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\antivirus (Rogue.MSAntivirus) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Program Files\Montorgueil (Dialer) -> Quarantined and deleted successfully.
C:\Program Files\Montorgueil\elodie_se_deshabille (Dialer) -> Quarantined and deleted successfully.
C:\Program Files\Montorgueil\Fan2BritneyVideos (Dialer) -> Quarantined and deleted successfully.
C:\Program Files\Montorgueil\FanClaire (Dialer) -> Quarantined and deleted successfully.
C:\Program Files\Montorgueil\FanMarjolaine (Dialer) -> Quarantined and deleted successfully.
C:\Program Files\Montorgueil\FanPriscilla (Dialer) -> Quarantined and deleted successfully.
C:\Program Files\Montorgueil\Films-Ultra-Hard (Dialer) -> Quarantined and deleted successfully.
C:\Program Files\Montorgueil\Luna (Dialer) -> Quarantined and deleted successfully.
C:\Program Files\Montorgueil\NuePamelaVideo (Dialer) -> Quarantined and deleted successfully.
C:\Program Files\Montorgueil\Videos-Ultrahard (Dialer) -> Quarantined and deleted successfully.
C:\Program Files\Montorgueil\videos_coloc_nues (Dialer) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Program Files\Applications\iebr.dll (Trojan.Zlob) -> Delete on reboot.
C:\Program Files\Applications\iebt.dll (Trojan.Zlob) -> Delete on reboot.
C:\Program Files\Montorgueil\14.05048 (Dialer) -> Quarantined and deleted successfully.
C:\Program Files\Montorgueil\elodie_se_deshabille\elodie_se_deshabille.ico (Dialer) -> Quarantined and deleted successfully.
C:\Program Files\Montorgueil\Fan2BritneyVideos\Fan2BritneyVideos.ico (Dialer) -> Quarantined and deleted successfully.
C:\Program Files\Montorgueil\FanClaire\FanClaire.ico (Dialer) -> Quarantined and deleted successfully.
C:\Program Files\Montorgueil\FanMarjolaine\FanMarjolaine.ico (Dialer) -> Quarantined and deleted successfully.
C:\Program Files\Montorgueil\FanPriscilla\FanPriscilla.ico (Dialer) -> Quarantined and deleted successfully.
C:\Program Files\Montorgueil\Films-Ultra-Hard\Films-Ultra-Hard.ico (Dialer) -> Quarantined and deleted successfully.
C:\Program Files\Montorgueil\Luna\Luna.ico (Dialer) -> Quarantined and deleted successfully.
C:\Program Files\Montorgueil\NuePamelaVideo\NuePamelaVideo.ico (Dialer) -> Quarantined and deleted successfully.
C:\Program Files\Montorgueil\Videos-Ultrahard\Videos-Ultrahard.ico (Dialer) -> Quarantined and deleted successfully.
C:\Program Files\Montorgueil\videos_coloc_nues\videos_coloc_nues.ico (Dialer) -> Quarantined and deleted successfully.
C:\Program Files\Applications\iebtm.exe (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Program Files\Applications\iebtmm.exe (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Program Files\Applications\iebtu.exe (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Program Files\Applications\iebu.exe (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Program Files\Applications\myd.ico (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Program Files\Applications\mym.ico (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Program Files\Applications\myp.ico (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Program Files\Applications\myv.ico (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Program Files\Applications\ot.ico (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Program Files\Applications\ts.ico (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Program Files\Applications\wcm.exe (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Program Files\Applications\wcs.exe (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Program Files\Applications\wcu.exe (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Documents and Settings\Chtizef\Local Settings\Temp\xrg2.exe (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Program Files\MSX\MSx.exe (Rogue.MSAntivirus) -> Quarantined and deleted successfully.
C:\Program Files\MSX\msx1.dat (Rogue.MSAntivirus) -> Quarantined and deleted successfully.
C:\Program Files\MSX\MSX.cpl (Rogue.MSAntivirus) -> Quarantined and deleted successfully.
C:\Program Files\MSX\msx.ooo (Rogue.MSAntivirus) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\MSx.cpl (Rogue.MSAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\Chtizef\Bureau\MS Antivirus.lnk (Rogue.Link) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Antivirus Scan.url (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Online Spyware Test.url (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users.WINDOWS\Bureau\Antivirus Scan.url (Rogue.Link) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users.WINDOWS\Bureau\Online Spyware Test.url (Rogue.Link) -> Quarantined and deleted successfully.
C:\Documents and Settings\Chtizef\Favoris\Antivirus Scan.url (Rogue.Link) -> Quarantined and deleted successfully.
alwarebytes' Anti-Malware 1.28
Version de la base de données: 1210
Windows 5.1.2600 Service Pack 2
26/09/2008 18:58:45
mbam-log-2008-09-26 (18-58-45).txt
Type de recherche: Examen rapide
Eléments examinés: 69804
Temps écoulé: 22 minute(s), 36 second(s)
Processus mémoire infecté(s): 4
Module(s) mémoire infecté(s): 2
Clé(s) du Registre infectée(s): 13
Valeur(s) du Registre infectée(s): 9
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 11
Fichier(s) infecté(s): 38
Processus mémoire infecté(s):
C:\Program Files\Applications\iebtm.exe (Trojan.Zlob) -> Unloaded process successfully.
C:\Program Files\Applications\iebtmm.exe (Trojan.Zlob) -> Unloaded process successfully.
C:\Program Files\Applications\wcm.exe (Trojan.Zlob) -> Unloaded process successfully.
C:\Program Files\Applications\wcs.exe (Trojan.Zlob) -> Unloaded process successfully.
Module(s) mémoire infecté(s):
C:\Program Files\Applications\iebt.dll (Trojan.Zlob) -> Delete on reboot.
C:\Program Files\Applications\iebr.dll (Trojan.Zlob) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\setup.player (Spyware.MarketScore) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\setup.player.2k2 (Spyware.MarketScore) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{35b7e48b-9d81-4c6c-9578-5fd4f620d886} (Spyware.MarketScore) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{144a6b24-0ebc-4d89-bf09-a06a718e57b5} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{cfee97a3-4911-444d-8be8-e243a23d3de2} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cfee97a3-4911-444d-8be8-e243a23d3de2} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{daed9266-8c28-4c1c-8b58-5c66eff1d302} (Search.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{9034a523-d068-4be8-a284-9df278be776e} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IEBrowse Tool (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IExplorer Bar (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Warning Center (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\multimediaControls.chl (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\MSx (Rogue.MSAntivirus) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{144a6b24-0ebc-4d89-bf09-a06a718e57b5} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{144a6b24-0ebc-4d89-bf09-a06a718e57b5} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\start (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\smile (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\*.securewebinfo.com (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\*.safetyincludes.com (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\*.securemanaging.com (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\antivirus (Rogue.MSAntivirus) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\antivirus (Rogue.MSAntivirus) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Program Files\Montorgueil (Dialer) -> Quarantined and deleted successfully.
C:\Program Files\Montorgueil\elodie_se_deshabille (Dialer) -> Quarantined and deleted successfully.
C:\Program Files\Montorgueil\Fan2BritneyVideos (Dialer) -> Quarantined and deleted successfully.
C:\Program Files\Montorgueil\FanClaire (Dialer) -> Quarantined and deleted successfully.
C:\Program Files\Montorgueil\FanMarjolaine (Dialer) -> Quarantined and deleted successfully.
C:\Program Files\Montorgueil\FanPriscilla (Dialer) -> Quarantined and deleted successfully.
C:\Program Files\Montorgueil\Films-Ultra-Hard (Dialer) -> Quarantined and deleted successfully.
C:\Program Files\Montorgueil\Luna (Dialer) -> Quarantined and deleted successfully.
C:\Program Files\Montorgueil\NuePamelaVideo (Dialer) -> Quarantined and deleted successfully.
C:\Program Files\Montorgueil\Videos-Ultrahard (Dialer) -> Quarantined and deleted successfully.
C:\Program Files\Montorgueil\videos_coloc_nues (Dialer) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Program Files\Applications\iebr.dll (Trojan.Zlob) -> Delete on reboot.
C:\Program Files\Applications\iebt.dll (Trojan.Zlob) -> Delete on reboot.
C:\Program Files\Montorgueil\14.05048 (Dialer) -> Quarantined and deleted successfully.
C:\Program Files\Montorgueil\elodie_se_deshabille\elodie_se_deshabille.ico (Dialer) -> Quarantined and deleted successfully.
C:\Program Files\Montorgueil\Fan2BritneyVideos\Fan2BritneyVideos.ico (Dialer) -> Quarantined and deleted successfully.
C:\Program Files\Montorgueil\FanClaire\FanClaire.ico (Dialer) -> Quarantined and deleted successfully.
C:\Program Files\Montorgueil\FanMarjolaine\FanMarjolaine.ico (Dialer) -> Quarantined and deleted successfully.
C:\Program Files\Montorgueil\FanPriscilla\FanPriscilla.ico (Dialer) -> Quarantined and deleted successfully.
C:\Program Files\Montorgueil\Films-Ultra-Hard\Films-Ultra-Hard.ico (Dialer) -> Quarantined and deleted successfully.
C:\Program Files\Montorgueil\Luna\Luna.ico (Dialer) -> Quarantined and deleted successfully.
C:\Program Files\Montorgueil\NuePamelaVideo\NuePamelaVideo.ico (Dialer) -> Quarantined and deleted successfully.
C:\Program Files\Montorgueil\Videos-Ultrahard\Videos-Ultrahard.ico (Dialer) -> Quarantined and deleted successfully.
C:\Program Files\Montorgueil\videos_coloc_nues\videos_coloc_nues.ico (Dialer) -> Quarantined and deleted successfully.
C:\Program Files\Applications\iebtm.exe (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Program Files\Applications\iebtmm.exe (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Program Files\Applications\iebtu.exe (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Program Files\Applications\iebu.exe (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Program Files\Applications\myd.ico (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Program Files\Applications\mym.ico (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Program Files\Applications\myp.ico (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Program Files\Applications\myv.ico (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Program Files\Applications\ot.ico (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Program Files\Applications\ts.ico (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Program Files\Applications\wcm.exe (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Program Files\Applications\wcs.exe (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Program Files\Applications\wcu.exe (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Documents and Settings\Chtizef\Local Settings\Temp\xrg2.exe (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Program Files\MSX\MSx.exe (Rogue.MSAntivirus) -> Quarantined and deleted successfully.
C:\Program Files\MSX\msx1.dat (Rogue.MSAntivirus) -> Quarantined and deleted successfully.
C:\Program Files\MSX\MSX.cpl (Rogue.MSAntivirus) -> Quarantined and deleted successfully.
C:\Program Files\MSX\msx.ooo (Rogue.MSAntivirus) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\MSx.cpl (Rogue.MSAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\Chtizef\Bureau\MS Antivirus.lnk (Rogue.Link) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Antivirus Scan.url (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Online Spyware Test.url (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users.WINDOWS\Bureau\Antivirus Scan.url (Rogue.Link) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users.WINDOWS\Bureau\Online Spyware Test.url (Rogue.Link) -> Quarantined and deleted successfully.
C:\Documents and Settings\Chtizef\Favoris\Antivirus Scan.url (Rogue.Link) -> Quarantined and deleted successfully.
voila...
alwarebytes' Anti-Malware 1.28
Version de la base de données: 1210
Windows 5.1.2600 Service Pack 2
26/09/2008 22:11:10
mbam-log-2008-09-26 (22-11-10).txt
Type de recherche: Examen rapide
Eléments examinés: 69653
Temps écoulé: 22 minute(s), 52 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
i
alwarebytes' Anti-Malware 1.28
Version de la base de données: 1210
Windows 5.1.2600 Service Pack 2
26/09/2008 22:11:10
mbam-log-2008-09-26 (22-11-10).txt
Type de recherche: Examen rapide
Eléments examinés: 69653
Temps écoulé: 22 minute(s), 52 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
i
Salut,
---> Fais un scan rapide avec MBAM, supprime tout ce qu'il trouve et poste le rapport :
http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.htm
---> Fais un scan rapide avec MBAM, supprime tout ce qu'il trouve et poste le rapport :
http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.htm
