no save
Identification
Assistance
Achat
News

Forum | virus/sécurité
pb sasser
markos, le mer. 28 sept. 2005 à 17:36:44
rebonjour...

je me suis servi de ewido et je n' ai pas supprimer les fichiers infectés qu'il a détecté.. j'aurai du non?

j'ai fait un nouveau log HijackThis, si tu peux y jeter un coup d'oeil..
Le voici:

Logfile of HijackThis v1.99.1
Scan saved at 16:21:29, on 28/09/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Bluetooth Software\bin\btwdins.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Bluetooth Software\BTTray.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\ewido\security suite\SecuritySuite.exe
C:\Documents and Settings\bensouna gilles\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.numericable.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.modulonet.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.voila.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = France Télécom Câble
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [eDonkey2000] C:\Program Files\eDonkey2000\eDonkey2000.exe -t
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe
O4 - HKLM\..\Run: [Iomega Automatic Backup 1.0.1] C:\Program Files\Iomega\Iomega Automatic Backup\ibackup.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Explorer.EXE] C:\WINDOWS\Explorer.EXE
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [Windows Registry Repair Pro] C:\Program Files\3B Software\Windows Registry Repair Pro\RegistryRepairPro.exe 4
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Bluetooth Software\btsendto_ie.htm
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/downloads/kws/kavwebscan_unicode.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1127899925679
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\System32\btxppanel.dll
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation - C:\Program Files\Bluetooth Software\bin\btwdins.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe

ensuite voila le rapport d'Ewido que tu m'as conseillé:

---------------------------------------------------------
ewido security suite - Rapport de scan
---------------------------------------------------------

+ Créé le: 17:30:01, 28/09/2005
+ Somme de contrôle: B985A691

+ Résultats du scan:

HKLM\SOFTWARE\Classes\CLSID\{04EDA6A5-3C09-E146-8F75-5684DDB4E2A7} -> Spyware.CoolWebSearch : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{05BCCFDC-9678-9095-77E8-18289DB38257} -> Spyware.CoolWebSearch : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{0E440933-F824-B85E-8849-F5FFA50D8397} -> Spyware.CoolWebSearch : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{10906011-F56B-D0FC-A5B8-30DA3C759364} -> Spyware.CoolWebSearch : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{1428C938-C429-A68C-F1C4-5ABDB64CCE4D} -> Spyware.CoolWebSearch : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{151272FB-2CD4-E387-93B1-F52B2911D0EE} -> Spyware.CoolWebSearch : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{1674BCBE-46DE-7BAB-FBFA-CA15D9FEB632} -> Spyware.CoolWebSearch : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{18EAFE7B-570B-346C-ADEF-9CDDA8A1986F} -> Spyware.CoolWebSearch : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{208BD4D8-3DA2-3736-A8E6-F3AF3479FA31} -> Spyware.CoolWebSearch : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{26512660-81B8-4E0A-486E-148F3C711396} -> Spyware.CoolWebSearch : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{280CA95C-CBA3-486E-5BCD-B3B542DA458A} -> Spyware.CoolWebSearch : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{2944D598-26C6-EAEE-CC51-6667352D7B57} -> Spyware.CoolWebSearch : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{2CB60D9D-BA37-058C-7EA3-A52155F01235} -> Spyware.CoolWebSearch : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{2D9BB7B5-D27A-5907-A874-72E04FC719E8} -> Spyware.CoolWebSearch : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{2FA09459-FBD9-B08C-81EF-6EA62F5DB101} -> Spyware.CoolWebSearch : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{2FB10B1F-E342-08A1-CBAA-D4A2CD2ABAC6} -> Spyware.CoolWebSearch : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{30D83F56-DA50-B817-EF00-1DEB557B32F8} -> Spyware.CoolWebSearch : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{347CE5A5-6599-8A80-9D8E-06843CFEDD27} -> Spyware.CoolWebSearch : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{349366F7-B553-EC81-B4CC-483E36CBA5BA} -> Spyware.CoolWebSearch : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{37D770DC-7684-506E-506F-B70AAFEB6F95} -> Spyware.CoolWebSearch : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{37FEC172-7D9F-A669-CCD9-E33BBFC88EDD} -> Spyware.CoolWebSearch : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{43F1D301-C547-8676-5D33-796564802D3D} -> Spyware.CoolWebSearch : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{4FC7118F-CEC2-4822-4FA2-BD496C690A0C} -> Spyware.CoolWebSearch : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{4FFCB6BE-44F7-E86A-BCA1-52D82F83FE92} -> Spyware.CoolWebSearch : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{544D3227-6801-04BD-D909-6292B86D33C3} -> Spyware.CoolWebSearch : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{5AECFEAF-B010-FBFD-B79E-285458AE4BFB} -> Spyware.CoolWebSearch : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{5B571395-D542-0087-653F-7C09A44F7F9B} -> Spyware.CoolWebSearch : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{5B9DD78B-6805-11A5-818B-723A508CBC0D} -> Spyware.CoolWebSearch : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{602C9652-36AF-DEC5-DE23-DB34295B6BA5} -> Spyware.CoolWebSearch : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{62032CE7-6F44-B284-9F2B-FB404D7C3C8E} -> Spyware.CoolWebSearch : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{6827E44A-FCD1-5704-0FF9-EE64FBCBD77F} -> Spyware.CoolWebSearch : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{69D74EF1-A99E-49CB-BA6C-079035E64ABD} -> Spyware.CoolWebSearch : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{779D939B-D4A7-9123-2E36-9432D4B58ECF} -> Spyware.MidAddle : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{77CDFCA0-BA97-CA0C-618F-7AA1690AB92B} -> Spyware.CoolWebSearch : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{77E35B59-5DBF-CA0F-2037-00B52E21E874} -> Spyware.CoolWebSearch : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{7E118BD3-544A-455F-07DD-AACFDEAC5940} -> Spyware.Parasite : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{8037964D-1365-8C5E-3AC3-419713B83CBE} -> Spyware.CoolWebSearch : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{8236B10D-9307-EADD-079C-2AA0DFC7F33E} -> Spyware.CoolWebSearch : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{82592D9C-E8A7-DA3B-8BEE-BCAEAF5128CD} -> Spyware.CoolWebSearch : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{8A71C47B-9917-B588-625B-79254D40A325} -> Spyware.CoolWebSearch : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{8B39AA17-3978-F260-9FEA-931168F79497} -> Spyware.CoolWebSearch : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{8C63D038-2323-A079-1DD0-E7F346EF140E} -> Spyware.CoolWebSearch : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{9261C8D3-6127-C95A-7B9B-F9E8EE283C42} -> Spyware.CoolWebSearch : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{941C34F9-1F0A-6CBD-610E-8E15CE401ADD} -> Spyware.CoolWebSearch : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{952AA538-C1D7-30E5-8DC6-1A12E2F736A2} -> Spyware.CoolWebSearch : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{988F33DF-14DB-9347-ED73-E0CDCC695426} -> Spyware.CoolWebSearch : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{9FA0B55C-2A73-0C09-6ACA-4277ABFA12BD} -> Spyware.CoolWebSearch : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{A4842560-CE4E-8858-6B28-E50CEB6F759E} -> Spyware.CoolWebSearch : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{A52FA47B-BA50-C6CB-6B02-1F30CC46D589} -> Spyware.CoolWebSearch : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{A757AB06-5B32-20C5-C50B-D8183F1CB9C0} -> Spyware.CoolWebSearch : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{A7D90935-7D8E-3E5D-9E71-486D629FCAAD} -> Spyware.CoolWebSearch : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{B4126314-CC73-79E1-D2AC-CA3BC0E2B1EC} -> Spyware.CoolWebSearch : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{B536A5F4-6F9B-5215-B3D9-716EF3F258A6} -> Spyware.CoolWebSearch : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{B595A235-53A2-27D5-EFF6-D0208801D071} -> Spyware.CoolWebSearch : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{B59A1E0B-4C94-AA3A-C37F-94C8BFC643E7} -> Spyware.CoolWebSearch : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{BCB6BE29-B6ED-ABB4-8D3B-2B4F81E0E595} -> Spyware.CoolWebSearch : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{CC6A9DFF-521F-7DD3-E624-B30C0B9FF83A} -> Spyware.CoolWebSearch : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{CD01143E-9B70-CB99-C455-87936A69EFA2} -> Spyware.CoolWebSearch : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{D6036847-0CE9-CD98-8490-CBE09650BB49} -> Spyware.CoolWebSearch : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{D83F0117-C7D8-20AF-2100-FD548A73684C} -> Spyware.CoolWebSearch : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{D8EFADF1-9009-11D6-8C73-608C5DC19089} -> Spyware.AccessPlugin : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{DE181EF0-ABE1-2541-3A0D-3A3940709D47} -> Spyware.CoolWebSearch : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{DF7066E9-8EE8-8682-F43E-2BF8E7E7D760} -> Spyware.CoolWebSearch : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{E0715207-F0E3-3236-6233-7B76E86CE91E} -> Spyware.CoolWebSearch : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{E404F826-ABE4-D856-61BA-BCBD539933F8} -> Spyware.CoolWebSearch : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{E5181BB3-B821-0D7B-D568-3766286D5460} -> Spyware.CoolWebSearch : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{E65FC41A-89B3-21B7-1EB6-E92DA3645370} -> Spyware.CoolWebSearch : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{E75E8B80-0901-AC5A-6453-3114563FF460} -> Spyware.CoolWebSearch : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{E86BE419-1604-4EE0-BE0A-2F9928513BDC} -> Spyware.CoolWebSearch : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{EC52F9A9-BFCA-611C-0CF2-D33A007A66FA} -> Spyware.CoolWebSearch : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{F252B597-9791-2380-904F-55CD7338EA24} -> Spyware.CoolWebSearch : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{F4BF9913-CC48-121B-F8DE-11BD3C45410F} -> Spyware.CoolWebSearch : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{F55B9B22-5BAA-C8BB-5C3F-3E652D794BF7} -> Spyware.CoolWebSearch : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{F6ED913D-FAB1-F1A5-C359-4E2B2AC7B284} -> Spyware.CoolWebSearch : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{F853A78A-343F-AC2C-6EC1-7AD1A007D9CD} -> Spyware.CoolWebSearch : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{FA112FA2-B6C7-CE6A-DE50-FEAF22C15154} -> Spyware.CoolWebSearch : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{FB277F1B-89B6-A114-DD01-EC507A933F39} -> Spyware.CoolWebSearch : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{FC92C3DE-F786-C2A4-4565-359ECF140E14} -> Spyware.CoolWebSearch : Ignoré
HKLM\SOFTWARE\Classes\CLSID\{FE0CF482-D7A9-BD18-0056-CF55E4EDD446} -> Spyware.CoolWebSearch : Ignoré
HKLM\SOFTWARE\Classes\Interface\{2D5B230A-4C9B-43CB-AE84-697CFAB0D6D1}\TypeLib\\ -> Dialer.Generic : Ignoré
HKLM\SOFTWARE\Classes\Interface\{99E7978F-2B09-11D6-8C73-0800460222F0}\TypeLib\\ -> Dialer.Generic : Ignoré
HKLM\SOFTWARE\Classes\Interface\{CF021F3F-3E14-23A5-CBA2-717765728274}\TypeLib\\ -> Spyware.PurityScan : Ignoré
HKLM\SOFTWARE\Classes\Ngd2.ngd\CLSID\\ -> Spyware.AccessPlugin : Ignoré
HKLM\SOFTWARE\Classes\Ngd2.ngd.1\CLSID\\ -> Spyware.AccessPlugin : Ignoré
HKLM\SOFTWARE\Classes\TypeLib\{CF021F32-3E14-23A5-CBA2-717765728274} -> Spyware.PurityScan : Ignoré
HKLM\SOFTWARE\Classes\WER8274.WER8274.1\CLSID\\ -> Spyware.PurityScan : Ignoré
HKLM\SOFTWARE\DelFin -> Spyware.Delfin : Ignoré
HKLM\SOFTWARE\DelFin\PromulGate -> Spyware.Delfin : Ignoré
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Bargain Buddy -> Spyware.BargainBuddy : Ignoré
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DelFin Media Viewer -> Spyware.Delfin : Ignoré
HKLM\SOFTWARE\PerfectNav -> Spyware.KeenValue : Ignoré
HKU\.DEFAULT\Software\DelFin -> Spyware.Delfin : Ignoré
HKU\.DEFAULT\Software\DelFin\PromulGate -> Spyware.Delfin : Ignoré
HKU\S-1-5-19\Software\ComSoft -> Dialer.Generic : Ignoré
HKU\S-1-5-19\Software\DelFin -> Spyware.Delfin : Ignoré
HKU\S-1-5-19\Software\DelFin\PromulGate -> Spyware.Delfin : Ignoré
HKU\S-1-5-20\Software\ComSoft -> Dialer.Generic : Ignoré
HKU\S-1-5-20\Software\DelFin -> Spyware.Delfin : Ignoré
HKU\S-1-5-20\Software\DelFin\PromulGate -> Spyware.Delfin : Ignoré
HKU\S-1-5-21-1606980848-1202660629-1060284298-1003\Software\ComSoft -> Dialer.Generic : Ignoré
HKU\S-1-5-21-1606980848-1202660629-1060284298-1003\Software\DelFin -> Spyware.Delfin : Ignoré
HKU\S-1-5-21-1606980848-1202660629-1060284298-1003\Software\DelFin\PromulGate -> Spyware.Delfin : Ignoré
HKU\S-1-5-21-1606980848-1202660629-1060284298-1003\Software\Support Software -> Spyware.NetworkEssentials : Ignoré
HKU\S-1-5-18\Software\DelFin -> Spyware.Delfin : Ignoré
HKU\S-1-5-18\Software\DelFin\PromulGate -> Spyware.Delfin : Ignoré
C:\Documents and Settings\bensouna gilles\Cookies\bensouna gilles@adtech[2].txt -> Spyware.Cookie.Adtech : Ignoré
C:\Documents and Settings\bensouna gilles\Cookies\bensouna gilles@estat[1].txt -> Spyware.Cookie.Estat : Ignoré
C:\Documents and Settings\bensouna gilles\Cookies\bensouna gilles@as-eu.falkag[2].txt -> Spyware.Cookie.Falkag : Ignoré
C:\Documents and Settings\bensouna gilles\Cookies\bensouna gilles@ad.yieldmanager[1].txt -> Spyware.Cookie.Yieldmanager : Ignoré
C:\Documents and Settings\bensouna gilles\Cookies\bensouna gilles@weborama[1].txt -> Spyware.Cookie.Weborama : Ignoré
C:\Documents and Settings\bensouna gilles\Cookies\bensouna gilles@bluestreak[2].txt -> Spyware.Cookie.Bluestreak : Ignoré
C:\Documents and Settings\bensouna gilles\Cookies\bensouna gilles@247realmedia[1].txt -> Spyware.Cookie.247realmedia : Ignoré
C:\Documents and Settings\bensouna gilles\Cookies\bensouna gilles@tradedoubler[2].txt -> Spyware.Cookie.Tradedoubler : Ignoré
C:\System Volume Information\_restore{B80D0203-23A7-4F7A-834E-B6F90A91367A}\RP1\A0000011.dll -> TrojanProxy.Small.bk : Ignoré
C:\System Volume Information\_restore{B80D0203-23A7-4F7A-834E-B6F90A91367A}\RP1\A0000012.dll -> TrojanDownloader.Adload.g : Ignoré
C:\System Volume Information\_restore{B80D0203-23A7-4F7A-834E-B6F90A91367A}\RP1\A0000017.exe -> Spyware.HotSearchBar : Ignoré
C:\System Volume Information\_restore{B80D0203-23A7-4F7A-834E-B6F90A91367A}\RP1\A0000019.dll -> TrojanDownloader.Wintrim.bw : Ignoré
C:\System Volume Information\_restore{B80D0203-23A7-4F7A-834E-B6F90A91367A}\RP1\A0000021.exe -> Adware.EZula : Ignoré
C:\System Volume Information\_restore{B80D0203-23A7-4F7A-834E-B6F90A91367A}\RP1\A0000022.dll -> TrojanDownloader.Agent.bq : Ignoré
C:\System Volume Information\_restore{B80D0203-23A7-4F7A-834E-B6F90A91367A}\RP1\A0000023.dll -> TrojanDownloader.Agent.bq : Ignoré
C:\System Volume Information\_restore{B80D0203-23A7-4F7A-834E-B6F90A91367A}\RP1\A0000024.dll -> TrojanDownloader.Agent.bq : Ignoré
C:\System Volume Information\_restore{B80D0203-23A7-4F7A-834E-B6F90A91367A}\RP1\A0000025.dll -> TrojanDownloader.Adload.g : Ignoré
C:\System Volume Information\_restore{B80D0203-23A7-4F7A-834E-B6F90A91367A}\RP1\A0000026.dll -> TrojanDownloader.Agent.bq : Ignoré
C:\System Volume Information\_restore{B80D0203-23A7-4F7A-834E-B6F90A91367A}\RP1\A0000027.dll -> TrojanDownloader.Agent.bq : Ignoré
C:\System Volume Information\_restore{B80D0203-23A7-4F7A-834E-B6F90A91367A}\RP1\A0000029.exe -> Heuristic.Win32.Dialer : Ignoré
C:\System Volume Information\_restore{B80D0203-23A7-4F7A-834E-B6F90A91367A}\RP1\A0000030.exe -> TrojanDownloader.Small.Lb : Ignoré
C:\!Submit\msfktkpn.exe -> TrojanDownloader.Small.Lb : Ignoré
C:\!Submit\jKrlhQ.exe -> Heuristic.Win32.Dialer : Ignoré
C:\!Submit\n_cwvqkj.dat -> TrojanDownloader.Agent.ap : Ignoré
C:\!Submit\n_kmpkrs.dat -> TrojanDownloader.Agent.bq : Ignoré
C:\!Submit\n_fkcwmy.dat -> TrojanDownloader.Agent.bq : Ignoré
C:\!Submit\n_bxfhzj.dat -> TrojanDownloader.Agent.bq : Ignoré
C:\!Submit\n_kzsbqg.dat -> TrojanDownloader.Agent.bq : Ignoré
C:\!Submit\n_zjbdeu.dat -> TrojanDownloader.Agent.bq : Ignoré
C:\!Submit\d3qu32.dll -> TrojanDownloader.Agent.bq : Ignoré
C:\!Submit\ntgz.dll -> TrojanDownloader.Agent.bq : Ignoré
C:\!Submit\n_imiitn.dat -> TrojanDownloader.Agent.bq : Ignoré
C:\!Submit\mereyb.dat -> TrojanDownloader.Agent.bq : Ignoré
C:\!Submit\txfdb32.dll -> TrojanDownloader.Adload.g : Ignoré
C:\!Submit\spoolsrv32.ex$ -> Spyware.FindSpy : Ignoré
C:\!Submit\iexw32.dll -> TrojanDownloader.Agent.bq : Ignoré
C:\!Submit\apith.dll -> TrojanDownloader.Agent.bq : Ignoré
C:\!Submit\iprr32.dll -> TrojanDownloader.Agent.bq : Ignoré
C:\!Submit\ezStubx.exe -> Adware.EZula : Ignoré
C:\!Submit\DHTMLAccess.dll -> TrojanDownloader.Wintrim.bw : Ignoré
C:\!Submit\tool2.exe -> Spyware.HotSearchBar : Ignoré
C:\!Submit\srpcsrv32.dll -> TrojanDownloader.Adload.g : Ignoré
C:\!Submit\thun32.dll -> TrojanProxy.Small.bk : Ignoré


::Fin du rapport


derniere chose: j'ai supprimé des fichers cachés nommés lsass en pensant que c'était des virus.. si tu peux m'aider..
Précédentmarkos
sept. 05
Chercheurbis
sept. 05
Suivant
REPONSES
Chercheurbis
sept. 05
markos
sept. 05
Chercheurbis
sept. 05
markos
sept. 05
Chercheurbis
sept. 05
markos
sept. 05
markos
sept. 05
markos
sept. 05
Chercheurbis
sept. 05
markos
sept. 05
Version Web
Mentions légales (c)2009
Réalisé par RedShift
no save