aglae75

faut-il laisser les éléments dans la quarantaine ou les supprimer tous définitivement ?

Rapport mbam : Malwarebytes' Anti-Malware 1.45 www.malwarebytes.org Version de la base de données: 3973 Windows 6.0.6001 Service Pack 1 Internet Explorer 7.0.6001.18000 11/04/2010 03:12:51 mbam-log-2010-04-11 (03-12-51).txt Type d'examen: Examen complet (C:\|D:\|E:\|F:\|G:\|H:\|J:\|) Elément(s) analysé(s): 291886 Temps écoulé: 1 heure(s), 15 minute(s), 57 seconde(s) Processus mémoire infecté(s): 2 Module(s) mémoire infecté(s): 1 Clé(s) du Registre infectée(s): 1 Valeur(s) du Registre infectée(s): 17 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 2 Fichier(s) infecté(s): 134 Processus mémoire infecté(s): c:\Windows\System32\wuaucldt.exe (Trojan.Agent) -> Unloaded process successfully. C:\Program Files\Protection System\sc.exe (Rogue.ProtectionSystem) -> Unloaded process successfully. Module(s) mémoire infecté(s): C:\Windows\System32\config\systemprofile\AppData\Local\Windows Server\syubvo.dll (Trojan.Agent) -> Delete on reboot. Clé(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\Protection System (Rogue.ProtectionSystem) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\syncman (Trojan.FakeAlert.H) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\security center (Rogue.ProtectionSystem) -> Quarantined and deleted successfully. HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\syncman (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\buildw (Malware.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\firstinstallflag (Malware.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\guid (Malware.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\i (Malware.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\uid (Malware.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\ulrn (Malware.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\update (Malware.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\updatenew (Malware.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\regedit32 (Trojan.Agent) -> Delete on reboot. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\mbt (Backdoor.Bot) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\udpe (Malware.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\mpe (Malware.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls\appsecdll (Trojan.Agent) -> Delete on reboot. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\syncman (Trojan.Agent) -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): C:\Program Files\Protection System (Rogue.ProtectionSystem) -> Quarantined and deleted successfully. C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Protection System (Rogue.ProtectionSystem) -> Quarantined and deleted successfully. Fichier(s) infecté(s): c:\Windows\System32\wuaucldt.exe (Trojan.FakeAlert.H) -> Quarantined and deleted successfully. C:\Windows\System32\config\systemprofile\AppData\Local\Windows Server\syubvo.dll (Trojan.Agent) -> Delete on reboot. C:\Users\Phil\AppData\Local\Temp\VRT1518.tmp (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\Windows\SC.INS (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\Windows\System32\2664,256.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Windows\System32\opear.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\System32\BtwSvc.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\Windows\System32\d.bin (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\System32\lsm32.sys (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\System32\ms.bin (Trojan.Agent) -> Quarantined and deleted successfully. C:\Windows\System32\PereSvc.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\System32\PowerDes.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\System32\so.bin (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\System32\txpxr_639245576462.b1k (Trojan.Agent) -> Quarantined and deleted successfully. C:\Windows\System32\w.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\System32\8833,124.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\99CU6T5H\wCA0FO0T1.bin (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\99CU6T5H\wCA21M9QM.bin (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\99CU6T5H\wCA3I7C7M.bin (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\99CU6T5H\wCAJKKNEB.bin (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\99CU6T5H\wCANEPHUI.bin (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\99CU6T5H\wCAP1S88F.bin (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\99CU6T5H\wCAQKJA8Z.bin (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\99CU6T5H\w[10].bin (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\99CU6T5H\w[11].bin (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\99CU6T5H\w[1].bin (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\99CU6T5H\w[2].bin (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\99CU6T5H\w[3].bin (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\99CU6T5H\w[4].bin (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\99CU6T5H\w[5].bin (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\99CU6T5H\w[6].bin (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\99CU6T5H\w[7].bin (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\99CU6T5H\w[8].bin (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\99CU6T5H\w[9].bin (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CK5NJHRR\wCA4HXGM9.bin (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CK5NJHRR\wCAIVV1X4.bin (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CK5NJHRR\wCAMVFD8N.bin (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CK5NJHRR\wCAOSET0H.bin (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CK5NJHRR\wCAZEP31B.bin (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CK5NJHRR\w[10].bin (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CK5NJHRR\w[11].bin (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CK5NJHRR\w[1].bin (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CK5NJHRR\w[2].bin (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CK5NJHRR\w[3].bin (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CK5NJHRR\w[4].bin (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CK5NJHRR\w[5].bin (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CK5NJHRR\w[6].bin (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CK5NJHRR\w[7].bin (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CK5NJHRR\w[8].bin (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CK5NJHRR\w[9].bin (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ECVMSDEU\w[2].bin (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ECVMSDEU\w[3].bin (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ECVMSDEU\w[4].bin (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ECVMSDEU\w[5].bin (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ECVMSDEU\w[6].bin (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ECVMSDEU\w[7].bin (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ECVMSDEU\w[8].bin (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ECVMSDEU\w[9].bin (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ECVMSDEU\w[1].bin (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ECVMSDEU\wCA1CZRSL.bin (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ECVMSDEU\wCA7J485V.bin (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ECVMSDEU\wCA7P6M24.bin (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ECVMSDEU\wCA9KDKS7.bin (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ECVMSDEU\wCAACHZ4V.bin (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ECVMSDEU\wCAAWR6H4.bin (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ECVMSDEU\wCAP0YVMI.bin (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ECVMSDEU\w[10].bin (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ECVMSDEU\w[11].bin (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PVTOQN6U\wCADCFE7W.bin (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PVTOQN6U\wCAEY1ALL.bin (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PVTOQN6U\wCAZNCRBN.bin (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PVTOQN6U\w[10].bin (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PVTOQN6U\w[11].bin (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PVTOQN6U\w[3].bin (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PVTOQN6U\w[4].bin (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PVTOQN6U\w[5].bin (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PVTOQN6U\w[6].bin (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PVTOQN6U\w[7].bin (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PVTOQN6U\w[8].bin (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PVTOQN6U\w[9].bin (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\System32\config\systemprofile\AppData\Local\Windows Server\kwqnhx.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\Windows\Temp\VRT5EC5.tmp (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\Windows\Temp\VRT625A.tmp (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\Windows\Temp\VRT6F4.tmp (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Windows\Temp\VRT7E24.tmp (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\Windows\Temp\VRTA3BE.tmp (Trojan.Agent) -> Quarantined and deleted successfully. C:\Windows\Temp\VRTA563.tmp (Trojan.Agent) -> Quarantined and deleted successfully. C:\Windows\Temp\VRTA7C.tmp (Trojan.Agent) -> Quarantined and deleted successfully. C:\Windows\Temp\VRTA90A.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\Windows\Temp\VRTADBC.tmp (Trojan.Agent) -> Quarantined and deleted successfully. C:\Windows\Temp\VRTB126.tmp (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Windows\Temp\VRTC301.tmp (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Windows\Temp\VRTC8FA.tmp (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Windows\Temp\VRTCC63.tmp (Trojan.Agent) -> Quarantined and deleted successfully. C:\Windows\Temp\VRTCD3D.tmp (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\Windows\Temp\VRTD578.tmp (Trojan.Agent) -> Quarantined and deleted successfully. C:\Windows\Temp\VRTD6B0.tmp (Trojan.Agent) -> Quarantined and deleted successfully. C:\Windows\Temp\VRTD74C.tmp (Trojan.Agent) -> Quarantined and deleted successfully. C:\Windows\Temp\VRTE04.tmp (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\Windows\Temp\VRTEDD8.tmp (Trojan.Agent) -> Quarantined and deleted successfully. C:\Windows\Temp\VRTF6EE.tmp (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Windows\Temp\VRTF8EE.tmp (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\Windows\Temp\VRTFCF4.tmp (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\Windows\Temp\VRTFD14.tmp (Trojan.Agent) -> Quarantined and deleted successfully. C:\Windows\Temp\VRTFDCF.tmp (Trojan.Agent) -> Quarantined and deleted successfully. C:\Windows\Temp\VRT57F1.tmp (Trojan.Agent) -> Quarantined and deleted successfully. C:\Windows\Temp\t4m0_133245647419.bk.old (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\Temp\t4m0_47666247813.bk.old (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\Temp\t4m0_593671430200.bk.old (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\Temp\t4m0_629739602016.bk.old (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\Temp\t4m0_814342369465.bk.old (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\Temp\t4m0_8948697515.bk.old (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\Temp\tmp0_516790841472.bk.old (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\Temp\tmp0_874621837604.bk.old (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Windows\Temp\VRT1333.tmp (Trojan.Agent) -> Quarantined and deleted successfully. C:\Windows\Temp\VRT19A8.tmp (Trojan.Agent) -> Quarantined and deleted successfully. C:\Windows\Temp\VRT1FF1.tmp (Trojan.Agent) -> Quarantined and deleted successfully. C:\Windows\Temp\VRT2146.tmp (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Windows\Temp\VRT2D56.tmp (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\Windows\Temp\VRT2EDD.tmp (Trojan.Agent) -> Quarantined and deleted successfully. C:\Windows\Temp\VRT3542.tmp (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\Windows\Temp\VRT4E20.tmp (Trojan.Agent) -> Quarantined and deleted successfully. C:\Windows\Temp\VRT5215.tmp (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\Program Files\Protection System\sc.exe (Rogue.ProtectionSystem) -> Quarantined and deleted successfully. C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Protection System\Live Support.lnk (Rogue.ProtectionSystem) -> Quarantined and deleted successfully. C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Protection System\Protection System.lnk (Rogue.ProtectionSystem) -> Quarantined and deleted successfully. C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Protection System\Uninstall.lnk (Rogue.ProtectionSystem) -> Quarantined and deleted successfully. C:\Windows\System32\grouppolicy\User\Scripts\Logon\autorun.bat (Malware.Trace) -> Quarantined and deleted successfully. C:\Windows\System32\config\systemprofile\wuaucldt.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Windows\System32\FInstall.sys (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Users\Phil\oashdihasidhasuidhiasdhiashdiuasdhasd (Malware.Trace) -> Quarantined and deleted successfully. C:\Windows\System32\config\systemprofile\oashdihasidhasuidhiasdhiashdiuasdhasd (Malware.Trace) -> Quarantined and deleted successfully. C:\Windows\sc.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\Windows\System32\GroupPolicy\User\Scripts\Logon\winlogo.exe (Trojan.Agent) -> Quarantined and deleted successfully.

Pardon d'avoir mis autant de temps à répondre mais il fallait que je m'abente... Je comence l'analyse mbam

j'ai besoin d'aide , merci d'avance. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:48:52, on 10/04/2010 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\PACKARD BELL\SetUpMyPC\SmpSys.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe C:\Windows\ehome\ehtray.exe C:\Windows\System32\rundll32.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Windows\ehome\ehmsas.exe C:\Program Files\Packard Bell\Packard Bell Recovery Management\NotificationCenter\Framework.NotificationCenter.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\GREG\Documents\Divers New\Programmes\Rapportr.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com/rdr.aspx?b...imedia_a4730_fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com/rdr.aspx?b...imedia_a4730_fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.packardbell.com/rdr.aspx?b...imedia_a4730_fr R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [smpcSys] C:\Program Files\Packard Bell\SetupMyPC\SmpSys.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [syncman] c:\windows\system32\wuaucldt.exe O4 - HKLM\..\Run: [Regedit32] C:\Windows\system32\regedit.exe O4 - HKCU\..\Run: [smpcSys] C:\Program Files\PACKARD BELL\SetUpMyPC\SmpSys.exe O4 - HKCU\..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [azmqkb] RUNDLL32.EXE C:\Users\ROMAIN~1\AppData\Local\Temp\msbkcmph.dll,w O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [uxvefl] RUNDLL32.EXE C:\Windows\TEMP\mssapsmr.dll,w (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [uxvefl] RUNDLL32.EXE C:\Windows\TEMP\mssapsmr.dll,w (User 'Default user') O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Startup: Sommaire de OneNote.onetoc2 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O13 - Gopher Prefix: O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Packard Bell\Packard Bell Recovery Management\Service\ETService.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: peresvc Service (peresvc) - Neto systems - C:\Windows\system32\PereSvc.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe -- End of file - 7277 bytes