termm

Ah oui, au temps pour moi. J'avais pris le log qui se trouvait sur le bureau. J'ai édité le le post précédent. Merci encore

Merci pour votre réponse, Voici le LOG de Mbam: Malwarebytes' Anti-Malware 1.41 Version de la base de données: 3012 Windows 5.1.2600 Service Pack 3 22/10/2009 22:26:35 mbam-log-2009-10-22 (22-26-35).txt Type de recherche: Examen complet (C:\|D:\|) Eléments examinés: 326859 Temps écoulé: 2 hour(s), 36 minute(s), 16 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 1 Clé(s) du Registre infectée(s): 10 Valeur(s) du Registre infectée(s): 11 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 118 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): c:\WINDOWS\system32\BtwSrv.dll (Trojan.Agent) -> Delete on reboot. Clé(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\btwsrv (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\btwsrv (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\btwsrv (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\btwsrv (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\fastnetsrv (Backdoor.Bot) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\fastnetsrv (Backdoor.Bot) -> Not selected for removal. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\fastnetsrv (Backdoor.Bot) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\fastnetsrv (Backdoor.Bot) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\System\CurrentControlSet\Enum\Root\LEGACY_BTWSRV (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\System\CurrentControlSet\Enum\Root\LEGACY_FASTNETSRV (Backdoor.Bot) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\BuildW (Malware.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\FirstInstallFlag (Malware.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\guid (Malware.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\i (Malware.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\uid (Malware.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\Ulrn (Malware.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\Update (Malware.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\UpdateNew (Malware.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\mBt (Backdoor.Bot) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\udfa (Backdoor.Bot) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\mfa (Backdoor.Bot) -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): c:\WINDOWS\system32\BtwSrv.dll (Trojan.Agent) -> Delete on reboot. C:\RECYCLER\S-1-5-21-725345543-1390067357-682003330-1004\Dc14\iexplore.exe (Worm.Autorun.B) -> Quarantined and deleted successfully. C:\save clef\Logithèque\100 in 1 Portable Since 2008\Ultra_Surf_8.9.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\save clef\Logithèque\Aquarium screensavers\Dream Aquarium\patch.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP11\A0006535.old (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP11\A0006536.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP11\A0006634.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP11\A0006635.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP11\A0006750.old (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP11\A0006749.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP12\A0006751.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP12\A0006752.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP12\A0006770.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP12\A0006795.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP12\A0007273.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP12\A0007274.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP13\A0007472.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP13\A0007473.old (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP13\A0007474.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP13\A0007475.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP13\A0007476.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP13\A0007569.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP13\A0007652.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP13\A0007653.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP14\A0007758.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP14\A0007759.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP14\A0007760.old (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP14\A0007761.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP14\A0007762.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP15\A0007788.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP15\A0007789.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP15\A0008001.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP15\A0007883.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP15\A0007884.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP15\A0007999.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP15\A0008000.old (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP15\A0008002.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP15\A0008005.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP15\A0008248.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP15\A0008249.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP15\A0008250.old (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP15\A0008251.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP15\A0008252.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP15\A0008517.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP15\A0008518.old (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP15\A0008519.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP15\A0008522.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP16\A0008771.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP16\A0008772.old (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP16\A0008776.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP17\A0009405.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP17\A0009406.old (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP17\A0009407.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP17\A0009408.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP18\A0009517.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP18\A0009518.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP18\A0009520.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP18\A0009529.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP18\A0009530.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP18\A0009521.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP19\A0009950.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP19\A0009951.old (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP19\A0009952.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP19\A0009953.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP19\A0009954.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP19\A0011693.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP19\A0011694.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP20\A0011968.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP20\A0011970.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP21\A0012496.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP21\A0012497.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP21\A0013086.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP21\A0013087.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP21\A0013100.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP21\A0013101.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP21\A0013102.old (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP21\A0013103.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP21\A0013104.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP21\A0013116.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP21\A0013118.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP22\A0014129.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP22\A0014130.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP24\A0014306.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP24\A0014307.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP24\A0014338.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP24\A0014339.old (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP24\A0014340.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP25\A0014508.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP25\A0014653.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP27\A0014722.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP27\A0014723.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP27\A0015358.old (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP27\A0015359.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP27\A0015360.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP27\A0015361.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP27\A0015331.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP27\A0015478.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP27\A0015483.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP27\A0015485.old (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP27\A0015505.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP27\A0015513.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP28\A0015659.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP28\A0015661.sys (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP8\A0002414.old (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP8\A0002415.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP9\A0002531.old (Backdoor.Bot) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{06AE624B-45CA-46B7-9C07-31E99AC8376D}\RP9\A0002532.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\opeia.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\WINDOWS\system32\wmdtc.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\WINDOWS\system32\lsm32.sys (Backdoor.Bot) -> Quarantined and deleted successfully. C:\WINDOWS\system32\FastNetSrv.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\WINDOWS\Temp\t4m0_283303526148.bk.old (Backdoor.Bot) -> Quarantined and deleted successfully. C:\WINDOWS\Temp\tmp0_236908461277.bk.old (Backdoor.Bot) -> Quarantined and deleted successfully. C:\WINDOWS\Temp\tmp0_273831688186.bk.old (Backdoor.Bot) -> Quarantined and deleted successfully. C:\WINDOWS\Temp\tmp0_480969433618.bk.old (Backdoor.Bot) -> Quarantined and deleted successfully. C:\WINDOWS\Temp\tmp0_51135785235.bk.old (Backdoor.Bot) -> Quarantined and deleted successfully. C:\WINDOWS\Temp\t4m0_15506713217.bk.old (Backdoor.Bot) -> Quarantined and deleted successfully. C:\WINDOWS\system32\FInstall.sys (Backdoor.Bot) -> Quarantined and deleted successfully. Il a fait tout le travail: DR.Web cureIt n'a rien trouvé et ne ma pas donné de log. Je ne sais pas vraiment si l'infection est stoppé pour l'instant je vais vérifier.

Aucune suggestion ?

Bonjours à tous, Merci d'avance pour les courageuses personnes voulant bien m'aider à enlever cette S#loperie d'infections dont mon pc souffre. Voici un résumé des faits: Je voulais lancé la console, je tape donc cmd dans la boîte de dialogue "éxecuter" et je reçois un petit message: CMD.exe n'est pas une application WIN32 valide.Quelques dix minutes plus tard, mon jeu freeze, j'ouvre donc le gestionnaire de taches, Il n'est plus là. A partir de là. Ces problèmes sont plus ou moins résolus (j'ai copier le cmd.exe taskmgr.exe et autres d'un autre pc libre de toutes infections. J'ai donc accès a tout les composants Windows mais le malware qui est la cause est toujours là... Donc j'ai cherché sur google (fastnetsrv, lsm32.sys qui apparaissent dans ma liste de processus) et j'ai eu la confirmation que s'etait des virus. Il y a aussi le svChost qui est lancé en plusieurs instances. J'ai Avast et SuperAntiSpyware, les deux mon enlever quelques virus mais le problème reste là. Voici mon log HiJackThis: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:04:14, on 21/10/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\RunDll32.exe C:\WINDOWS\system32\atwtusb.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system\CmSNXeye.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\WINDOWS\system32\TBLMOUSE.EXE C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\wmdtc.exe C:\program files\steam\steam.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\vbexpress.exe C:\Program Files\Fichiers communs\Microsoft Shared\Help 9\dexplore.exe C:\Program Files\Mozilla Firefox\firefox.exe c:\program files\steam\steamapps\termm\garrysmod\hl2.exe C:\program files\steam\GameOverlayUI.exe C:\Program Files\Internet Download Manager\IDMan.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\WINDOWS\system32\lsm32.sys R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.steampowered.com/index.php?area=getsteamnow R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [CmUsbSound] RunDll32 cmcnfgu.cpl,CMICtrlWnd O4 - HKLM\..\Run: [atwtusb] atwtusb.exe O4 - HKLM\..\Run: [DelReg] C:\Program Files\MSI\DualCoreCenter\DelReg.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: Télécharger avec IDM - C:\Program Files\Internet Download Manager\IEExt.htm O8 - Extra context menu item: Télécharger le contenu de video FLV avec IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm O8 - Extra context menu item: Télécharger tous les liens avec IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{6844F006-48EA-4A6E-B35E-750D6438DFC8}: NameServer = 192.168.0.1,192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{6844F006-48EA-4A6E-B35E-750D6438DFC8}: NameServer = 192.168.0.1,192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{6844F006-48EA-4A6E-B35E-750D6438DFC8}: NameServer = 192.168.0.1,192.168.1.1 O17 - HKLM\System\CS3\Services\Tcpip\..\{6844F006-48EA-4A6E-B35E-750D6438DFC8}: NameServer = 192.168.0.1,192.168.1.1 O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Application système COM+ (COMSysApp) - Unknown owner - C:\WINDOWS\system32\dllhost.exe (file missing) O23 - Service: fastnetsrv Service (fastnetsrv) - Sigma Designs In - C:\WINDOWS\system32\FastNetSrv.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: MS Software Shadow Copy Provider (SwPrv) - Unknown owner - C:\WINDOWS\system32\dllhost.exe (file missing) -- End of file - 6588 bytes Cordialement