Il y a actuellement 228 visiteurs
Samedi 23 Novembre 2024
accueilactualitésdossierscomparer les prixtélécharger gratuitement vos logicielsoffres d'emploiforum informatique
Connexion
Créer un compte

probleme avec Abetear A et pc tres lent

Un ordinateur qui ralentit, des écrans publicitaires qui apparaissent, des applications qui refusent de démarrer ou encore votre navigateur qui s'obstine à ouvrir une page douteuse sont autant d'éléments qui indiquent que l'intégrité de votre ordinateur est menacée par un virus. Vous trouverez dans ce forum quelques conseils et logiciels pour surfer tranquillement.
Règles du forum
Pour afficher un rapport d'analyse ou un rapport d'infection (HijackThis, OTL, AdwCleaner etc...)‎, veuillez utiliser le système de fichiers joints interne au forum. Seuls les formats les .txt et .log de moins de 1Mo sont acceptés. Pour obtenir de l'aide pour insérer vos fichiers joints, veuillez consulter ce tutoriel
Répondre

probleme avec Abetear A et pc tres lent

Message le 25 Jan 2009 10:37

bonjour :) ,
depuis deja un bonmomment j'ai un souci avec Abetear A.,en effet ca apparait dans la protection spyware que j'ai sur mon pc et j'ai beau essayé je n'arrive pas a m'en debarrasser :cry:
de puls,mon pc est de plus en plus lent et "se bloque" regulierement donc je presume que j'ai attrappé un infection mais quoi?
je viens de faire un scan avec hijack et le voici donc:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:15:02, on 25/01/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSExplorer.EXE
C:PROGRA~1FICHIE~1AOLACSAOLacsd.exe
C:Program FilesFichiers communsAppleMobile Device SupportinAppleMobileDeviceService.exe
C:WINDOWSehomeehtray.exe
C:Program FilesBonjourmDNSResponder.exe
C:WINDOWSsystem32cisvc.exe
C:Program FilesJavajre6injusched.exe
C:Program FilesSonicDigitalMedia LE v7MyDVD LEDetectorApp.exe
C:WINDOWSeHomeehRecvr.exe
C:Program FilesGoogleGoogle Desktop SearchGoogleDesktop.exe
C:Program FilesPicasa2PicasaMediaDetector.exe
C:WINDOWSsystem32RUNDLL32.EXE
C:WINDOWSeHomeehSched.exe
C:Program FilesFichiers communsAOL1181119491eeAOLSoftware.exe
C:Program FilesJavajre6injqs.exe
C:Program FilesGoogleGoogle Desktop SearchGoogleDesktopIndex.exe
C:Program FilesHPHP Software UpdateHPWuSchd2.exe
C:Program FilesiTunesiTunesHelper.exe
C:WINDOWSRTHDCPL.EXE
C:WINDOWSsystem32
vsvc32.exe
C:Program FilesFichiers communsLogiShrdLComMgrCommunications_Helper.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesFichiers communsUlead SystemsDVDULCDRSvr.exe
C:Program FilesSonicDigitalMedia LE v7MyDVD LEUSBDeviceService.exe
C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
C:PROGRA~1COMMON~1X10Commonx10nets.exe
C:Program FilesDAEMON Toolsdaemon.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesMicrosoft ActiveSyncwcescomm.exe
C:Documents and SettingsconfoLocal SettingsApplication DataVotre OpinionPanelAppPanelApp.exe
C:Program FilesDNAtdna.exe
C:Program FilesAOL 9.0 VRwaol.exe
C:PROGRA~1MICROS~2 apimgr.exe
C:Program FilesHPDigital Imaginginhpqtra08.exe
C:Program FilesHPDigital Imaginginhpqimzone.exe
C:Program FilesFichiers communsLogiShrdLComMgrLVComSX.exe
C:Program FilesiPodiniPodService.exe
C:WINDOWSsystem32dllhost.exe
C:Program FilesHPDigital ImaginginhpqSTE08.exe
C:WINDOWSeHomeehmsas.exe
c:program filesfichiers communsaol1181119491eeservicesantiSpywareAppver2_0_28_1AOLSP Scheduler.exe
c:program filesfichiers communsaol1181119491eeaolsoftware.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesFichiers communsTeleca SharedGeneric.exe
C:Program FilesAOL 9.0 VRshellmon.exe
C:WINDOWSsystem32cidaemon.exe
C:Program FilesFichiers communsAOLTopspeed3.0aoltpsd3.exe
C:Program FilesWindows LiveMessengerusnsvc.exe
C:WINDOWSsystem32wuauclt.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesDC++DownloadsHiJackThis.exe

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.google.fr/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCUSoftwareMicrosoftInternet Connection Wizard,ShellNext = http://format.packardbell.com/cgi-bin/r ... ey=IESTART
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Window Title = Packard Bell
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Liens
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:Program FilesAOLAOL Toolbar 4.0aoltb.dll
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre6inssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:Program FilesAOLAOL Toolbar 4.0aoltb.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program FilesFichiers communsMicrosoft SharedWindows LiveWindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:program filesgooglegoogletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:Program FilesGoogleGoogleToolbarNotifier3.1.807.1746swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:APPSBAEBAE.dll
O2 - BHO: (no name) - {CB8BE49E-EA2F-45D5-9604-2DCFE5BFFD01} - C:WINDOWSsystem32vtsqo.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program FilesJavajre6injp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:Program FilesJavajre6libdeployjqsiejqs_plugin.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:program filesgooglegoogletoolbar2.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:Program FilesAOLAOL Toolbar 4.0aoltb.dll
O4 - HKLM..Run: [PHIME2002ASync] C:WINDOWSsystem32IMETINTLGNTTINTSETP.EXE /SYNC
O4 - HKLM..Run: [PHIME2002A] C:WINDOWSsystem32IMETINTLGNTTINTSETP.EXE /IMEName
O4 - HKLM..Run: [ehTray] C:WINDOWSehomeehtray.exe
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [nwiz] nwiz.exe /install
O4 - HKLM..Run: [SunJavaUpdateSched] "C:Program FilesJavajre6injusched.exe"
O4 - HKLM..Run: [DetectorApp] C:Program FilesSonicDigitalMedia LE v7MyDVD LEDetectorApp.exe
O4 - HKLM..Run: [ISUSPM Startup] C:PROGRA~1FICHIE~1INSTAL~1UPDATE~1ISUSPM.exe -startup
O4 - HKLM..Run: [ISUSScheduler] "C:Program FilesFichiers communsInstallShieldUpdateServiceissch.exe" -start
O4 - HKLM..Run: [Google Desktop Search] "C:Program FilesGoogleGoogle Desktop SearchGoogleDesktop.exe" /startup
O4 - HKLM..Run: [Picasa Media Detector] C:Program FilesPicasa2PicasaMediaDetector.exe
O4 - HKLM..Run: [IMJPMIG8.1] "C:WINDOWSIMEimjp8_1IMJPMIG.EXE /Spoil /RemAdvDef /Migration32"
O4 - HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSsystem32NvMcTray.dll,NvTaskbarInit
O4 - HKLM..Run: [EULA] C:APPSPB_TBEULALauncher.exe
O4 - HKLM..Run: [AOLDialer] C:Program FilesFichiers communsAOLACSAOLDial.exe
O4 - HKLM..Run: [HostManager] C:Program FilesFichiers communsAOL1181119491eeAOLSoftware.exe
O4 - HKLM..Run: [Sony Ericsson PC Suite] "C:Program FilesSony EricssonMobile2Application LauncherApplication Launcher.exe" /startoptions
O4 - HKLM..Run: [HP Software Update] C:Program FilesHPHP Software UpdateHPWuSchd2.exe
O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeqttask.exe" -atboottime
O4 - HKLM..Run: [AppleSyncNotifier] C:Program FilesFichiers communsAppleMobile Device SupportinAppleSyncNotifier.exe
O4 - HKLM..Run: [iTunesHelper] "C:Program FilesiTunesiTunesHelper.exe"
O4 - HKLM..Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM..Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM..Run: [RealTray] C:Program FilesRealRealPlayerRealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM..Run: [I downloaded pirated Software from P2P ] C:WINDOWSsystem32Sims 2 Pets.exe
O4 - HKLM..Run: [LogitechCommunicationsManager] "C:Program FilesFichiers communsLogiShrdLComMgrCommunications_Helper.exe"
O4 - HKLM..Run: [LogitechQuickCamRibbon] "C:Program FilesLabtecWebCam10WebCam10.exe" /hide
O4 - HKLM..Run: [cmmyi] "c:windowssystem32cmmyi.exe" cmmyi
O4 - HKCU..Run: [SmpcSys] C:APPSSMPSmpSys.exe
O4 - HKCU..Run: [swg] C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
O4 - HKCU..Run: [MsnMsgr] "C:Program FilesWindows LiveMessengerMsnMsgr.Exe" /background
O4 - HKCU..Run: [DAEMON Tools] "C:Program FilesDAEMON Toolsdaemon.exe" -lang 1033
O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [H/PC Connection Agent] "C:Program FilesMicrosoft ActiveSyncwcescomm.exe"
O4 - HKCU..Run: [PanelApp] C:Documents and SettingsconfoLocal SettingsApplication DataVotre OpinionPanelAppPanelApp.exe
O4 - HKCU..Run: [BitTorrent DNA] "C:Program FilesDNAtdna.exe"
O4 - HKCU..Run: [MsgCenterExe] "C:Program FilesFichiers communsRealUpdate_OBRealOneMessageCenter.exe" -osboot
O4 - HKCU..Run: [Skype] "C:APPSskypephoneSkype.exe" /nosplash /minimized
O4 - HKCU..Run: [AOL Fast Start] "C:Program FilesAOL 9.0 VRAOL.EXE" -b
O4 - HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'SERVICE RESEAU')
O4 - HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'SYSTEM')
O4 - HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'Default user')
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:Program FilesHPDigital Imaginginhpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:Program FilesHPDigital Imaginginhpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:Program FilesAdobeAcrobat 7.0Reader eader_sl.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - c:program filesaolaol toolbar 4.0 esourcesfr-FRlocalsearch.html
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:PROGRA~1MICROS~2INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:PROGRA~1MICROS~2INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:PROGRA~1MICROS~2INetRepl.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:Program FilesAOLAOL Toolbar 4.0aoltb.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:WINDOWSdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:WINDOWSdoscandel.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://format.packardbell.com/cgi-bin/redirect/?country=FR&range=AD&phase=8&key=IESTART
O16 - DPF: {201B9B37-848F-40BD-90EA-7B8F0AA89D6A} - http://scripts.dlv4.com/binaries/egacce ... _em_XP.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan ... stubie.cab
O16 - DPF: {3D8700FB-86A4-4CB4-B738-6F0FC016AC7D} (MainControl Class) - http://slimak.onet.pl/_m/wirusy/ArcaOnline.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resour ... se4009.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://fdata.over-blog.com/99/00/00/01/ ... oader4.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005 ... scan53.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com/fich ... _0_3_1.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/5m/ ... taller.exe
O16 - DPF: {DF1C8E21-4045-4D67-B528-335F1A4F0DE9} - http://scripts.dlv4.com/binaries/egacce ... _em_XP.cab
O16 - DPF: {E862C832-3A5F-4CEB-BFAA-167B22010A71} (InfosFinder2.InfosFinder) - http://support.packardbell.com/files/ac ... inder2.CAB
O20 - AppInit_DLLs: C:PROGRA~1GoogleGOOGLE~1GOEC62~1.DLL
O20 - Winlogon Notify: yayxwvv - yayxwvv.dll (file missing)
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:PROGRA~1FICHIE~1AOLACSAOLacsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:Program FilesFichiers communsAppleMobile Device SupportinAppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:Program FilesBonjourmDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:Program FilesFichiers communsInstallShieldDriver1150Intel 32IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:Program FilesiPodiniPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:Program FilesJavajre6injqs.exe
O23 - Service: LVSrvLauncher - Labtec Inc. - C:Program FilesFichiers communsLogiShrdSrvLnchSrvLnch.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:WINDOWSsystem32
vsvc32.exe
O23 - Service: PanelSvc - Unknown owner - C:Program FilesVotre OpinionPanelAppPanelSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:WINDOWSsystem32HPZipm12.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:Program FilesFichiers communsUlead SystemsDVDULCDRSvr.exe
O23 - Service: USBDeviceService - Unknown owner - C:Program FilesSonicDigitalMedia LE v7MyDVD LEUSBDeviceService.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:PROGRA~1COMMON~1X10Commonx10nets.exe

--
End of file - 15050 bytes


merci a l'avance pour votre aide[/img]
dellact
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 10
Inscription: 21 Fév 2008 08:08
 
Haut

Message le 25 Jan 2009 11:55

Bonjour.


_ Via HiJackThis, tu supprimes les lignes:

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: (no name) - {CB8BE49E-EA2F-45D5-9604-2DCFE5BFFD01} - C:WINDOWSsystem32vtsqo.dll (file missing)
O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeqttask.exe" -atboottime
O4 - HKLM..Run: [iTunesHelper] "C:Program FilesiTunesiTunesHelper.exe"
O4 - HKLM..Run: [I downloaded pirated Software from P2P ] C:WINDOWSsystem32Sims 2 Pets.exe
O4 - HKLM..Run: [cmmyi] "c:windowssystem32cmmyi.exe" cmmyi
O4 - HKCU..Run: [MsnMsgr] "C:Program FilesWindows LiveMessengerMsnMsgr.Exe" /background
O4 - HKCU..Run: [BitTorrent DNA] "C:Program FilesDNAtdna.exe"
O4 - HKCU..Run: [MsgCenterExe] "C:Program FilesFichiers communsRealUpdate_OBRealOneMessageCenter.exe" -osboot
O4 - HKCU..Run: [Skype] "C:APPSskypephoneSkype.exe" /nosplash /minimized
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:Program FilesAdobeAcrobat 7.0Reader eader_sl.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O16 - DPF: {201B9B37-848F-40BD-90EA-7B8F0AA89D6A} - http://scripts.dlv4.com/binaries/egacce ... _em_XP.cab
O16 - DPF: {DF1C8E21-4045-4D67-B528-335F1A4F0DE9} - http://scripts.dlv4.com/binaries/egacce ... _em_XP.cab
O20 - Winlogon Notify: yayxwvv - yayxwvv.dll (file missing)


_ Tu vas sur http://www.virustotal.com/fr/ puis tu cliques sur Parcourir.
Tu sélectionnes le fichier c:windowssystem32cmmyi.exe et tu cliques sur Ouvrir.

Tu cliques ensuite sur Envoyer le fichier.

A la fin de l'analyse, tu cliques sur Formaté en haut à gauche puis, dans la nouvelle fenêtre, tu cliques sur le bouton Image pour faire apparaître le rapport dans la fenêtre en question.

Tu sélectionnes ce rapport puis fais un copier-coller et tu le colles dans ton prochain message.


_ Tu télécharges Malwarebytes' Anti-Malware, tu l'installes puis tu procèdes à sa mise à jour.

Tu lances l'application en double-cliquant sur l'icône Malwarebytes' Anti Malware.

Tu cliques ensuite sur Exécuter un examen complet puis tu lances l'analyse en cliquant sur Rechercher.

_ Si l'utilitaire ne trouve rien de néfaste, cliques sur Ok. Le Bloc-notes va s'ouvrir avec le rapport d'analyse, celui-ci n'est pas intéressant car la machine est propre.
Tu peux fermer le Bloc-notes.

_ Si l'utilitaire trouve des éléments suspects, tu cliques sur Afficher les résultats puis sur Supprimer la sélection.
Tu enregistres le rapport d'analyse que tu nous copies-colles dans ton prochain message.

Il est possible que le programme te demande de redémarrer pour effectuer des suppressions supplémentaires, tu acceptes le redémarrage volontaire en cliquant sur Ok.
Avatar de l'utilisateur
r@in | b0w
PC-Infopraticien
PC-Infopraticien
 
Messages: 7714
Inscription: 09 Déc 2007 12:37
Localisation: Parrot Sec
 
Haut

Message le 25 Jan 2009 13:52

voila donc le rapport que j'ai eu:

Fichier cmmyi.exe reçu le 2009.01.25 12:18:42 (CET)Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.73 2009.01.25 -
AhnLab-V3 5.0.0.2 2009.01.24 -
AntiVir 7.9.0.60 2009.01.24 -
Authentium 5.1.0.4 2009.01.24 -
Avast 4.8.1281.0 2009.01.24 -
AVG 8.0.0.229 2009.01.24 -
BitDefender 7.2 2009.01.25 -
CAT-QuickHeal 10.00 2009.01.24 -
ClamAV 0.94.1 2009.01.25 -
Comodo 944 2009.01.24 -
DrWeb 4.44.0.09170 2009.01.25 -
eSafe 7.0.17.0 2009.01.25 -
eTrust-Vet 31.6.6325 2009.01.24 -
F-Prot 4.4.4.56 2009.01.24 -
F-Secure 8.0.14470.0 2009.01.25 -
Fortinet 3.117.0.0 2009.01.25 -
GData 19 2009.01.25 -
Ikarus T3.1.1.45.0 2009.01.25 -
K7AntiVirus 7.10.604 2009.01.24 -
Kaspersky 7.0.0.125 2009.01.25 -
McAfee 5505 2009.01.24 -
McAfee+Artemis 5505 2009.01.24 -
Microsoft 1.4205 2009.01.25 -
NOD32 3798 2009.01.25 -
Norman 5.93.01 2009.01.23 -
nProtect 2009.1.8.0 2009.01.23 -
Panda 9.5.1.2 2009.01.25 -
PCTools 4.4.2.0 2009.01.24 -
Prevx1 V2 2009.01.25 Fraudulent Security Program
Rising 21.13.42.00 2009.01.23 -
SecureWeb-Gateway 6.7.6 2009.01.25 -
Sophos 4.37.0 2009.01.25 -
Sunbelt 3.2.1835.2 2009.01.16 -
Symantec 10 2009.01.25 -
TheHacker 6.3.1.5.229 2009.01.25 -
TrendMicro 8.700.0.1004 2009.01.24 -
VBA32 3.12.8.11 2009.01.24 -
ViRobot 2009.1.23.1576 2009.01.23 -
VirusBuster 4.5.11.0 2009.01.24 -

Information additionnelle
File size: 276992 bytes
MD5...: a718aa811f6a4467eb1f3e9411141a9e
SHA1..: 2c3613df3b91e7919b011a4dc3f8eac69a8fd21e
SHA256: ab7a790fd206cf9f159cdc466621a8e1101dcfa9dc1ad12b65644f90ea4bf3d6
SHA512: 3be624549c6b2267d29212547869ffc3f9ecd15d5c7275df6e82dc3d09ae926d<BR>a8e9fb21c62cb79539df052ad344e9b355b5c9398f259af46ed5c4a4134ed013<BR>
ssdeep: 3072:aCjcX1+5elB4i+4bn3+0dZsFhKG7AL9aUPZJT7q0jB8yKMcR5VXRckxv13N<BR>bpW6/:aCQPrRc4LMMZJT7iRfvFT5<BR>
PEiD..: Armadillo v1.71
TrID..: File type identification<BR>Win32 Executable MS Visual C++ (generic) (65.2%)<BR>Win32 Executable Generic (14.7%)<BR>Win32 Dynamic Link Library (generic) (13.1%)<BR>Generic Win/DOS Executable (3.4%)<BR>DOS Executable Generic (3.4%)
PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0x4342ee<BR>timedatestamp.....: 0x440bcabb (Mon Mar 06 05:38:03 2006)<BR>machinetype.......: 0x14c (I386)<BR><BR>( 3 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>.text 0x1000 0x3347c 0x33600 7.43 14b997748caa949876d116a58e9bbb64<BR>.rdata 0x35000 0x205c 0x2200 5.34 8b6db212fe0307b7ba6609238dd16ccb<BR>.data 0x38000 0xdc5c 0xde00 5.60 6ce3ffb4d493b1967093a25ff2ca386e<BR><BR>( 10 imports ) <BR>&gt; OLEAUT32.dll: -, -, -, -, -, -, -, -, -<BR>&gt; WS2_32.dll: -, WSAGetServiceClassNameByClassIdW, WSASetServiceW, WSADuplicateSocketA, WSALookupServiceNextW, -, -<BR>&gt; KERNEL32.dll: CloseHandle, InitializeCriticalSection, GlobalFindAtomW, SetEnvironmentVariableA, GlobalFindAtomA, CreateIoCompletionPort, SetEndOfFile, WritePrivateProfileSectionA, ClearCommBreak, CreateFileW, GetDriveTypeA, GetSystemTime, lstrcmpiA, CancelIo, GetSystemTimeAsFileTime, IsProcessorFeaturePresent, SetVolumeLabelA, UnmapViewOfFile, GetCommModemStatus, GetACP, GetCurrentProcessId, SetProcessShutdownParameters, GetPrivateProfileSectionW, GetLocaleInfoW, ExitProcess, VirtualAllocEx, GetUserDefaultLangID, lstrcatW, CreateWaitableTimerA, EraseTape, CreateMutexW, SetCommTimeouts, GetStartupInfoA, SetProcessAffinityMask, SetErrorMode, AreFileApisANSI, UnhandledExceptionFilter, SetLastError, LocalReAlloc, FindCloseChangeNotification, _lclose, GetDiskFreeSpaceW, CreateDirectoryW, GetCPInfo, GetHandleInformation, GetSystemInfo, FlushConsoleInputBuffer, FreeLibrary, FindResourceExW, GlobalAddAtomA, FillConsoleOutputCharacterA, GetTempFileNameA, CompareStringA, FileTimeToLocalFileTime, IsValidLocale, DeleteCriticalSection, WriteConsoleOutputW, ReleaseSemaphore, MoveFileExA, ScrollConsoleScreenBufferA, AllocConsole, SetThreadAffinityMask, SetConsoleActiveScreenBuffer, OpenSemaphoreW, FindFirstFileA, SetProcessWorkingSetSize, GetLongPathNameA, GetDateFormatA, FormatMessageW, FreeResource, GetLogicalDriveStringsA, _hread, GetModuleFileNameW, TryEnterCriticalSection, OutputDebugStringA, MultiByteToWideChar, GetBinaryTypeW, SetupComm, TlsGetValue, SetStdHandle, GetProcessHeap, EnumSystemCodePagesW, MoveFileW, GetPrivateProfileStringA, GetEnvironmentStringsW, GetCommConfig, VirtualQuery, GetProfileIntA, CreateProcessA, WritePrivateProfileSectionW, lstrcpynA, SetSystemTime, GetFileAttributesExA, SetCurrentDirectoryA, IsDBCSLeadByteEx, LocalAlloc, ExitThread, GlobalReAlloc, OutputDebugStringW, IsBadStringPtrA, GetUserDefaultLCID, QueryDosDeviceW, WritePrivateProfileStructA, IsBadWritePtr, GetVersion, SearchPathW, GetSystemDirectoryW, EnumResourceLanguagesW, FindFirstFileW, ConnectNamedPipe, lstrcmpiW, VirtualAlloc, GetAtomNameA, GetModuleHandleA<BR>&gt; GDI32.dll: CombineRgn, CreateBrushIndirect, SetSystemPaletteUse, LPtoDP, StartPage, CopyMetaFileA, SetColorAdjustment, CreateDCA, ExcludeClipRect, ExtTextOutA, EnumFontsA, PatBlt, SetEnhMetaFileBits, SwapBuffers, SetMetaFileBitsEx, BitBlt, StretchBlt, PolylineTo, FillPath<BR>&gt; VERSION.dll: GetFileVersionInfoSizeA, VerQueryValueA, GetFileVersionInfoA<BR>&gt; SHELL32.dll: FindExecutableW, DragQueryPoint, SHGetSettings, Shell_NotifyIconA, SHGetSpecialFolderPathW, SHFileOperationA, SHFileOperationW, SHLoadInProc, DragAcceptFiles<BR>&gt; USER32.dll: IsCharLowerW, GetMenuDefaultItem, GetMenuItemRect, CreateDialogIndirectParamW, GetWindowInfo, CreateDesktopA, GetDlgCtrlID, GetTitleBarInfo, HiliteMenuItem, DialogBoxIndirectParamW, OemToCharA, SetWindowContextHelpId, LoadIconA, PostMessageW, GrayStringW, EnumDisplayDevicesW, GetClassNameW, GetWindow, InvalidateRgn, IsCharAlphaA, MessageBoxW, CheckMenuItem, CreateDialogParamA, GetDlgItemTextW, SetProcessWindowStation, DrawIcon, OemKeyScan, GetUserObjectInformationA, IsCharAlphaNumericW, SetClipboardData, GetCaretPos, TrackPopupMenuEx, GrayStringA, LoadMenuIndirectA, WaitForInputIdle, MapVirtualKeyW, SetScrollRange, GetDialogBaseUnits, DestroyAcceleratorTable, DispatchMessageA, GetWindowThreadProcessId, LoadIconW, GetClassInfoA, GetAsyncKeyState, KillTimer, SetProcessDefaultLayout<BR>&gt; ADVAPI32.dll: InitiateSystemShutdownA, RegisterServiceCtrlHandlerA, SetSecurityDescriptorOwner, ObjectCloseAuditAlarmA, LookupPrivilegeValueA, CreatePrivateObjectSecurity, GetPrivateObjectSecurity, LookupPrivilegeNameA, RegRestoreKeyA, OpenProcessToken, RegQueryValueA, CryptSetKeyParam, PrivilegeCheck, RegEnumValueW, OpenSCManagerW, DuplicateToken, OpenServiceA, RegCreateKeyW, EnumDependentServicesW, UnlockServiceDatabase, RegEnumKeyA, DeregisterEventSource, SetSecurityDescriptorGroup, SetEntriesInAclW, InitializeSecurityDescriptor, CryptExportKey, CryptCreateHash, StartServiceW, GetFileSecurityW, CryptGenKey, IsValidSid, ObjectDeleteAuditAlarmW, InitializeAcl, SetSecurityDescriptorDacl, RegDeleteKeyW, OpenThreadToken, CreateProcessAsUserA, EnumServicesStatusA, RegEnumValueA, CreateServiceW, EnumDependentServicesA<BR>&gt; ole32.dll: MkParseDisplayName<BR>&gt; MSVCRT.dll: fread, _beginthreadex, _dup, _mbsrchr, _wchdir, iswctype, _mbsinc, _wtol, _setmbcp, wcstod, isxdigit, qsort, _fstat, wctomb, memchr, _splitpath, getenv, __p___argc, _strrev, strftime, _ltoa, _mbscpy, signal, _wcsupr, iswdigit, vprintf, _mbsdec, atoi, _mbscat, fputwc, swprintf, _mkdir, atol, fgetc, sscanf, wcsncmp, strtol, fputc, __doserrno, _sleep, iswcntrl, _mbscmp, isdigit, _read, _mbsicmp, strncpy, longjmp, _pclose, wcstoul, _mbsstr, _exit, _XcptFilter, exit, _acmdln, __getmainargs, _initterm, __setusermatherr, _adjust_fdiv, __p__commode, __p__fmode, __set_app_type, _except_handler3, _controlfp, _snwprintf<BR><BR>( 0 exports ) <BR>
Prevx info: <A href="http://info.prevx.com/aboutprogramtext.asp?PX5=A870B811001868353A42047CB3223B0067C9CDA5" target=_blank>http://info.prevx.com/aboutprogramtext.asp?PX5=A870B811001868353A42047CB3223B0067C9CDA5</A>

Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.73 2009.01.25 -
AhnLab-V3 5.0.0.2 2009.01.24 -
AntiVir 7.9.0.60 2009.01.24 -
Authentium 5.1.0.4 2009.01.24 -
Avast 4.8.1281.0 2009.01.24 -
AVG 8.0.0.229 2009.01.24 -
BitDefender 7.2 2009.01.25 -
CAT-QuickHeal 10.00 2009.01.24 -
ClamAV 0.94.1 2009.01.25 -
Comodo 944 2009.01.24 -
DrWeb 4.44.0.09170 2009.01.25 -
eSafe 7.0.17.0 2009.01.25 -
eTrust-Vet 31.6.6325 2009.01.24 -
F-Prot 4.4.4.56 2009.01.24 -
F-Secure 8.0.14470.0 2009.01.25 -
Fortinet 3.117.0.0 2009.01.25 -
GData 19 2009.01.25 -
Ikarus T3.1.1.45.0 2009.01.25 -
K7AntiVirus 7.10.604 2009.01.24 -
Kaspersky 7.0.0.125 2009.01.25 -
McAfee 5505 2009.01.24 -
McAfee+Artemis 5505 2009.01.24 -
Microsoft 1.4205 2009.01.25 -
NOD32 3798 2009.01.25 -
Norman 5.93.01 2009.01.23 -
nProtect 2009.1.8.0 2009.01.23 -
Panda 9.5.1.2 2009.01.25 -
PCTools 4.4.2.0 2009.01.24 -
Prevx1 V2 2009.01.25 Fraudulent Security Program
Rising 21.13.42.00 2009.01.23 -
SecureWeb-Gateway 6.7.6 2009.01.25 -
Sophos 4.37.0 2009.01.25 -
Sunbelt 3.2.1835.2 2009.01.16 -
Symantec 10 2009.01.25 -
TheHacker 6.3.1.5.229 2009.01.25 -
TrendMicro 8.700.0.1004 2009.01.24 -
VBA32 3.12.8.11 2009.01.24 -
ViRobot 2009.1.23.1576 2009.01.23 -
VirusBuster 4.5.11.0 2009.01.24 -

Information additionnelle
File size: 276992 bytes
MD5...: a718aa811f6a4467eb1f3e9411141a9e
SHA1..: 2c3613df3b91e7919b011a4dc3f8eac69a8fd21e
SHA256: ab7a790fd206cf9f159cdc466621a8e1101dcfa9dc1ad12b65644f90ea4bf3d6
SHA512: 3be624549c6b2267d29212547869ffc3f9ecd15d5c7275df6e82dc3d09ae926d<BR>a8e9fb21c62cb79539df052ad344e9b355b5c9398f259af46ed5c4a4134ed013<BR>
ssdeep: 3072:aCjcX1+5elB4i+4bn3+0dZsFhKG7AL9aUPZJT7q0jB8yKMcR5VXRckxv13N<BR>bpW6/:aCQPrRc4LMMZJT7iRfvFT5<BR>
PEiD..: Armadillo v1.71
TrID..: File type identification<BR>Win32 Executable MS Visual C++ (generic) (65.2%)<BR>Win32 Executable Generic (14.7%)<BR>Win32 Dynamic Link Library (generic) (13.1%)<BR>Generic Win/DOS Executable (3.4%)<BR>DOS Executable Generic (3.4%)
PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0x4342ee<BR>timedatestamp.....: 0x440bcabb (Mon Mar 06 05:38:03 2006)<BR>machinetype.......: 0x14c (I386)<BR><BR>( 3 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>.text 0x1000 0x3347c 0x33600 7.43 14b997748caa949876d116a58e9bbb64<BR>.rdata 0x35000 0x205c 0x2200 5.34 8b6db212fe0307b7ba6609238dd16ccb<BR>.data 0x38000 0xdc5c 0xde00 5.60 6ce3ffb4d493b1967093a25ff2ca386e<BR><BR>( 10 imports ) <BR>&gt; OLEAUT32.dll: -, -, -, -, -, -, -, -, -<BR>&gt; WS2_32.dll: -, WSAGetServiceClassNameByClassIdW, WSASetServiceW, WSADuplicateSocketA, WSALookupServiceNextW, -, -<BR>&gt; KERNEL32.dll: CloseHandle, InitializeCriticalSection, GlobalFindAtomW, SetEnvironmentVariableA, GlobalFindAtomA, CreateIoCompletionPort, SetEndOfFile, WritePrivateProfileSectionA, ClearCommBreak, CreateFileW, GetDriveTypeA, GetSystemTime, lstrcmpiA, CancelIo, GetSystemTimeAsFileTime, IsProcessorFeaturePresent, SetVolumeLabelA, UnmapViewOfFile, GetCommModemStatus, GetACP, GetCurrentProcessId, SetProcessShutdownParameters, GetPrivateProfileSectionW, GetLocaleInfoW, ExitProcess, VirtualAllocEx, GetUserDefaultLangID, lstrcatW, CreateWaitableTimerA, EraseTape, CreateMutexW, SetCommTimeouts, GetStartupInfoA, SetProcessAffinityMask, SetErrorMode, AreFileApisANSI, UnhandledExceptionFilter, SetLastError, LocalReAlloc, FindCloseChangeNotification, _lclose, GetDiskFreeSpaceW, CreateDirectoryW, GetCPInfo, GetHandleInformation, GetSystemInfo, FlushConsoleInputBuffer, FreeLibrary, FindResourceExW, GlobalAddAtomA, FillConsoleOutputCharacterA, GetTempFileNameA, CompareStringA, FileTimeToLocalFileTime, IsValidLocale, DeleteCriticalSection, WriteConsoleOutputW, ReleaseSemaphore, MoveFileExA, ScrollConsoleScreenBufferA, AllocConsole, SetThreadAffinityMask, SetConsoleActiveScreenBuffer, OpenSemaphoreW, FindFirstFileA, SetProcessWorkingSetSize, GetLongPathNameA, GetDateFormatA, FormatMessageW, FreeResource, GetLogicalDriveStringsA, _hread, GetModuleFileNameW, TryEnterCriticalSection, OutputDebugStringA, MultiByteToWideChar, GetBinaryTypeW, SetupComm, TlsGetValue, SetStdHandle, GetProcessHeap, EnumSystemCodePagesW, MoveFileW, GetPrivateProfileStringA, GetEnvironmentStringsW, GetCommConfig, VirtualQuery, GetProfileIntA, CreateProcessA, WritePrivateProfileSectionW, lstrcpynA, SetSystemTime, GetFileAttributesExA, SetCurrentDirectoryA, IsDBCSLeadByteEx, LocalAlloc, ExitThread, GlobalReAlloc, OutputDebugStringW, IsBadStringPtrA, GetUserDefaultLCID, QueryDosDeviceW, WritePrivateProfileStructA, IsBadWritePtr, GetVersion, SearchPathW, GetSystemDirectoryW, EnumResourceLanguagesW, FindFirstFileW, ConnectNamedPipe, lstrcmpiW, VirtualAlloc, GetAtomNameA, GetModuleHandleA<BR>&gt; GDI32.dll: CombineRgn, CreateBrushIndirect, SetSystemPaletteUse, LPtoDP, StartPage, CopyMetaFileA, SetColorAdjustment, CreateDCA, ExcludeClipRect, ExtTextOutA, EnumFontsA, PatBlt, SetEnhMetaFileBits, SwapBuffers, SetMetaFileBitsEx, BitBlt, StretchBlt, PolylineTo, FillPath<BR>&gt; VERSION.dll: GetFileVersionInfoSizeA, VerQueryValueA, GetFileVersionInfoA<BR>&gt; SHELL32.dll: FindExecutableW, DragQueryPoint, SHGetSettings, Shell_NotifyIconA, SHGetSpecialFolderPathW, SHFileOperationA, SHFileOperationW, SHLoadInProc, DragAcceptFiles<BR>&gt; USER32.dll: IsCharLowerW, GetMenuDefaultItem, GetMenuItemRect, CreateDialogIndirectParamW, GetWindowInfo, CreateDesktopA, GetDlgCtrlID, GetTitleBarInfo, HiliteMenuItem, DialogBoxIndirectParamW, OemToCharA, SetWindowContextHelpId, LoadIconA, PostMessageW, GrayStringW, EnumDisplayDevicesW, GetClassNameW, GetWindow, InvalidateRgn, IsCharAlphaA, MessageBoxW, CheckMenuItem, CreateDialogParamA, GetDlgItemTextW, SetProcessWindowStation, DrawIcon, OemKeyScan, GetUserObjectInformationA, IsCharAlphaNumericW, SetClipboardData, GetCaretPos, TrackPopupMenuEx, GrayStringA, LoadMenuIndirectA, WaitForInputIdle, MapVirtualKeyW, SetScrollRange, GetDialogBaseUnits, DestroyAcceleratorTable, DispatchMessageA, GetWindowThreadProcessId, LoadIconW, GetClassInfoA, GetAsyncKeyState, KillTimer, SetProcessDefaultLayout<BR>&gt; ADVAPI32.dll: InitiateSystemShutdownA, RegisterServiceCtrlHandlerA, SetSecurityDescriptorOwner, ObjectCloseAuditAlarmA, LookupPrivilegeValueA, CreatePrivateObjectSecurity, GetPrivateObjectSecurity, LookupPrivilegeNameA, RegRestoreKeyA, OpenProcessToken, RegQueryValueA, CryptSetKeyParam, PrivilegeCheck, RegEnumValueW, OpenSCManagerW, DuplicateToken, OpenServiceA, RegCreateKeyW, EnumDependentServicesW, UnlockServiceDatabase, RegEnumKeyA, DeregisterEventSource, SetSecurityDescriptorGroup, SetEntriesInAclW, InitializeSecurityDescriptor, CryptExportKey, CryptCreateHash, StartServiceW, GetFileSecurityW, CryptGenKey, IsValidSid, ObjectDeleteAuditAlarmW, InitializeAcl, SetSecurityDescriptorDacl, RegDeleteKeyW, OpenThreadToken, CreateProcessAsUserA, EnumServicesStatusA, RegEnumValueA, CreateServiceW, EnumDependentServicesA<BR>&gt; ole32.dll: MkParseDisplayName<BR>&gt; MSVCRT.dll: fread, _beginthreadex, _dup, _mbsrchr, _wchdir, iswctype, _mbsinc, _wtol, _setmbcp, wcstod, isxdigit, qsort, _fstat, wctomb, memchr, _splitpath, getenv, __p___argc, _strrev, strftime, _ltoa, _mbscpy, signal, _wcsupr, iswdigit, vprintf, _mbsdec, atoi, _mbscat, fputwc, swprintf, _mkdir, atol, fgetc, sscanf, wcsncmp, strtol, fputc, __doserrno, _sleep, iswcntrl, _mbscmp, isdigit, _read, _mbsicmp, strncpy, longjmp, _pclose, wcstoul, _mbsstr, _exit, _XcptFilter, exit, _acmdln, __getmainargs, _initterm, __setusermatherr, _adjust_fdiv, __p__commode, __p__fmode, __set_app_type, _except_handler3, _controlfp, _snwprintf<BR><BR>( 0 exports ) <BR>
Prevx info: <A href="http://info.prevx.com/aboutprogramtext.asp?PX5=A870B811001868353A42047CB3223B0067C9CDA5" target=_blank>http://info.prevx.com/aboutprogramtext.asp?PX5=A870B811001868353A42047CB3223B0067C9CDA5</A>

je fait l'examen complet avec Malwarebytes' Anti Malware ,ca m'a visiblement trouvé plusieurs fichiers suspect,je vous post le rapport d'analyse:

Malwarebytes' Anti-Malware 1.33
Version de la base de données: 1691
Windows 5.1.2600 Service Pack 2

25/01/2009 13:51:04
mbam-log-2009-01-25 (13-51-04).txt

Type de recherche: Examen complet (C:|)
Eléments examinés: 159507
Temps écoulé: 1 hour(s), 7 minute(s), 2 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 17
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 202

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOTCLSID{df1c8e21-4045-4d67-b528-335f1a4f0de9} (Adware.Navipromo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOTCLSID{e12bff69-38a7-406e-a8ef-2738107a7831} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESOFTWAREMicrosoftCode Store DatabaseDistribution Units{df1c8e21-4045-4d67-b528-335f1a4f0de9} (Adware.Navipromo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESOFTWAREMicrosoftCode Store DatabaseDistribution Units{201b9b37-848f-40bd-90ea-7b8f0aa89d6a} (Adware.EGDAccess) -> Quarantined and deleted successfully.
HKEY_CURRENT_USERSOFTWAREMicrosoftaffri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USERSOFTWAREMicrosoftaffltid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USERSOFTWAREMicrosoft dfa (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USERSOFTWAREMicrosoftMS Juan (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESOFTWAREMicrosoftaffltid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESOFTWAREMicrosoftaffri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESOFTWAREMicrosoftjkwslist (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESOFTWAREMicrosoftMS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESOFTWAREMicrosoftdslcnnct (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESOFTWAREMicrosoftJuan (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESOFTWAREMicrosoftFCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINESOFTWAREMicrosoftaoprndtws (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USERSOFTWAREMicrosoftCAC (Malware.Trace) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerShellExecuteHooks{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:WINDOWSsystem32driversdownld (Trojan.Agent) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:WINDOWSsystem32driversdownld14732671.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld14736453.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld14737109.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld14770859.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld14778750.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld14779375.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld14800187.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld14803750.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld14838406.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld14841390.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld14853750.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld14875640.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld14881062.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld14891406.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld14933796.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld14939515.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld158125.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld166656.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld168500.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld169312.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld169906.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld170093.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld170687.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld171890.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld172484.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld173468.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld173703.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld174578.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld175421.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld177468.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld178031.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld178375.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld179890.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld180906.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld180921.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld184484.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld184750.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld186453.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld186921.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld187937.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld188375.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld188484.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld188500.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld189375.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld189875.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld190421.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld191984.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld192234.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld192984.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld194500.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld195375.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld195640.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld197343.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld198140.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld199421.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld199765.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld202875.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld203171.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld204656.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld206906.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld207468.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld207562.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld208156.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld211500.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld213250.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld216343.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld216812.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld217734.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld218781.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld221093.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld222187.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld223500.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld226046.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld231656.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld232796.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld234000.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld234734.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld236765.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld236812.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld238265.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld245015.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld246046.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld246453.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld246875.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld248906.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld250250.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld251781.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld252875.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld254375.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld254906.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld255421.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld256875.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld257156.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld259250.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld259890.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld265093.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld265828.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld266687.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld268640.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld268875.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld269468.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld271843.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld274062.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld274281.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld277765.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld278546.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld278718.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld280234.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld282093.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld284187.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld286171.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld287921.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld288500.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld288890.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld290140.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld293546.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld295921.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld296375.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld297656.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld298187.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld300343.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld300500.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld301171.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld301640.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld302125.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld303843.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld304859.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld305359.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld305750.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld306531.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld308906.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld310921.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld311000.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld311375.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld312015.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld316640.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld323921.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld326000.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld328859.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld330875.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld331171.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld331875.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld332843.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld334234.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld335781.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld337015.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld338984.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld340187.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld342796.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld347265.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld348406.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld349250.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld350562.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld353406.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld355296.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld358234.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld358640.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld360484.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld361937.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld364156.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld369906.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld370859.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld374750.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld374859.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld375015.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld376796.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld376828.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld377093.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld377640.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld380484.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld381609.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld383015.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld383406.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld383968.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld384062.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld389234.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld390515.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld391578.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld393375.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld397359.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld397875.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld399125.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld402375.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld403937.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld573531.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld585343.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld587734.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld623968.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld634031.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld634890.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld661140.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld672312.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld674515.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld806937.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld807250.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld814765.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSsystem32driversdownld879750.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:WINDOWSpskt.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:WINDOWSBM4b78b4c5.txt (Trojan.Vundo) -> Quarantined and deleted successfully.
C:WINDOWSsystem32cmmyi_navps.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:WINDOWSsystem32cmmyi_nav.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:WINDOWSsystem32
vs2.inf (Adware.EGDAccess) -> Quarantined and deleted successfully.



maintenant qu'est ce qu'on fait?merci
dellact
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 10
Inscription: 21 Fév 2008 08:08
 
Haut

Message le 25 Jan 2009 16:40

_ Tu relances Mbam jusqu'à ce qu'il ne trouve plus rien à supprimer.


_ Tu télécharges ComboFix.

Avant de le lancer, il va falloir installer la console de récupération Windows, non installée par défaut.
L'installation de cette console permettra de démarrer un mode spécial en cas de problèmes divers suite à la désinfection.

_ Si tu es sous Xp et que tu as un CD de Windows original:

Tu insères le CD d'installation dans le lecteur.

Tu cliques ensuite sur Démarrer puis Exécuter et tu copies-colles la ligne suivante:

Code: Tout sélectionner
d:i386winnt32.exe /cmdcons


La lettre d: indique l'emplacement par défaut du lecteur de CD. Si ce n'est pas le cas, tu modifies cette lettre en conséquence.

L'installation de la console de récupération Windows va commencer.

Tu cliques sur Ok.

_ Pour les ordinateurs OEM fournis, il est possible que le fichier winnt32.exe soit présent sur le disque dur dans un dossier nommé i386 dans le dossier Windows ou tout simplement à la racine de la partition principale.

Il faudra alors taper comme commande c:i386winnt32.exe /cmdcons ou c:Windowsi386winnt32.exe /cmdcons en mettant dans cette commande le chemin d'accès au fichier winnt32.exe.

Une fenêtre Installation de Windows s'ouvrira, tu cliques sur Oui.
Tu confirmes ensuite l'installation de la console de récupération.

Si une erreur de mise à jour survient, tu coches la ligne Ignorer cette étape et continuer l'installation de Windows puis tu cliques sur Suivant.

L'installation se fera ensuite jusqu'à ce qu'une fenêtre de confirmation indique que la console de récupération Windows est installée de manière effective.

_ Si tu es sous Xp et que tu n'as pas le CD de Windows original:

Tu vas sur http://support.microsoft.com/kb/310994 et tu descends jusqu'à la ligne Téléchargement du fichier programme des disquettes d'installation.

Tu sélectionnes le lien correspondant à ta version de Windows puis, dans la fenêtre de téléchargement, tu cliques sur Télécharger et tu enregistres le fichier sur le Bureau.
Si le Service Pack 3 est installé sur ta machine, tu sélectionnes le lien correspondant à ta version de Windows sous environnement Service Pack 2 (SP2) Windows XP.
Si tu utilises Windows Xp Media Center, tu sélectionnes le téléchargement Service Pack 2 Windows XP Professionnel.

Pour savoir quelle version de Windows & quel Service Pack est installé, il suffit de cliquer sur Démarrer puis Panneau de configuration.

Tu cliques ensuite sur Système et tu pourras lire dans la fenêtre Propriétés du système, dans le cadre Système, la version de Windows & le Service Pack installés.

Le fichier téléchargé sur le Bureau, tu exécutes un glisser/déposer comme ceci:

Image

Le glisser/déposer va lancer ComboFix qui va installer la console de récupération Windows.

A la fin de l'installation, ComboFix signalera que la console de récupération est installée et demandera si tu veux effectuer une analyse.
Cliques sur Non/No car le paramétrage n'est pas encore achevé.

Avant de lancer ComboFix, tu dois désactiver ta connexion Internet, ton antivirus, ton anti-spyware & ton pare-feu car ils peuvent bloquer l'exécution de l'utilitaire (faux-positifs).
Tu les réactiveras après l'utilisation de ComboFix.
Tu fermes toutes les fenêtres ouverte.

Tu lances ensuite l'utilitaire en double cliquant dessus, tu confirmes l'ouverture en cliquant sur Exécuter.

A la fenêtre Disclaimer, tu tapes sur [1].

L'analyse se lancera par la suite avec création d'un point de restauration et sauvegarde des fichiers Windows.
Patientes, ComboFix nettoie en 41 étapes.

Tu ne t'inquiètes pas, il se charge de tout.
Laisse-le faire et suis bien les instructions à l'écran, il est possible qu'il te demande de redémarrer.

Pendant son nettoyage, le Bureau peut disparaître à plusieurs reprises. Tout redeviendra normal par la suite.

Surtout, tant que tu n'as pas un message de ComboFix t'informant que le ménage est terminé, tu ne fais rien de plus que ce que l'utilitaire t'indique, c'est important car il peut être long mais travaille efficacement.

Quand tout sera fini, tu liras:

Code: Tout sélectionner
Almost done... This window will close in a short while
Please wait a few seconds for the report log to pop up

ComboFix's log shall be located at C:ComboFix.txt


Normalement, le rapport s'ouvrira dans le Bloc-notes, tu nous copies-colles l'intégralité du fichier.
Si le Bloc-notes ne s'ouvre pas, tu iras chercher le rapport ici: C:ComboFix.txt et tu nous le colles dans ton prochain message.
Avatar de l'utilisateur
r@in | b0w
PC-Infopraticien
PC-Infopraticien
 
Messages: 7714
Inscription: 09 Déc 2007 12:37
Localisation: Parrot Sec
 
Haut
Répondre

Sujets similaires

Message Problème USB 3 sur mini PC (SSD M2 externe)
Bonjour a tous, j'ai un problème sur un mini PC fonctionnant sur un Intel N100. Il y a 2 port usb2 et 2 ports usb3. Mon problème ? Il semble que certains perifériques ne fonctionnent pas correctement (en l'occurence, les boitiers externes pour SSD M2).Si le SSD M2 est connecté sur un USB3 j'obtiens ...
Réponses: 5

Message probleme avec le logiciel nvidia
Bonjour,Oui DDU est très efficace , on s'en sert surtout quand on change de fabricant de carte graphique de AMD vers Nvidia par exemple. Il nettoie tout.Bonne journée.
Réponses: 13

Message [Réglé] probleme windows update recherche sans fin
Salut tout le monde depuis quelques jours lorsque je clique sur Windows update et recherche de mise à jour en cours cela se mets en recherche sans fin voir ma capture écran Rien n'y fait, j'ai beau exécuter l'utilitaire de dépannage Windows update rien n'y fait? Il me détecte en effet un incident, m ...
Réponses: 14

Message [Réglé] Problème de dépendance manquantes sur Kali Linux
Salut, j'ai essayé d'installer un logiciel (Free download manager) sur Kali Linux Mais quand j'ai essayé de l'installer, ça a affiché qu'il y a des dépendance manquantesQuelqu'un peut-il m'aider à résoudre ce problème s'il vous plaît ?
Réponses: 1

Message Problème d'installation Kali Linux Dual boot
Bonjour, j'ai crée une nouvelle partition pour l'installation de Kali Linux, après j'ai démarrer l'installation de Kali Linux en dual boot via clé USB, j'ai suivi les instructions, mais quand je clique sur terminer le partitionnement et appliquer les changements, ça affiche "Aucun système de fi ...
Réponses: 1

Message Problème de démarrage pc sur clé USB
Salut, j'ai gravé Linux sur une clé USB (qui ne contient aucun virus après analyse), je veux installer Linux mais quand je démarre mon PC avec ma clé USB ça affiche "security boot fail". Quelqu'un peut-il m'aider à résoudre ce problème, s'il vous plaît ?
Réponses: 1

Message problème d'allumage sur ipad
Bonjour,J'ai une cousine qui a un "ipad modèle a 1893" et depuis quelques temps, il s'éteint tout seul alors que la batterie est pleine et d'origine, et du coup il faut attendre un moment pour arriver à le rallumer.Est-ce un problème de batterie ou d'alimentation de la tablette à votre av ...
Réponses: 3

Haut

Qui est en ligne

Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 4 invités

Forum Informatique aide pour le matériel sous Windows, Linux, Logiciels et Jeux Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group

.: Nous contacter :: Flux RSS :: Données personnelles :.