Bravo, ça a marché ! voici le log de l'anti-malware
cordialement
ourspat
Malwarebytes' Anti-Malware 1.51.1.1800
http://www.malwarebytes.orgVersion de la base de données: 7671
Windows 5.1.2600 Service Pack 1
Internet Explorer 6.0.2800.1106
07/09/2011 17:14:43
mbam-log-2011-09-07 (17-14-43).txt
Type d'examen: Examen rapide
Elément(s) analysé(s): 165641
Temps écoulé: 6 minute(s), 2 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 3
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 32
Fichier(s) infecté(s): 17
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFolderOptions (Hijack.FolderOptions) -> Value: NoFolderOptions -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Tok-Cirrhatus (Trojan.Agent) -> Value: Tok-Cirrhatus -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Bron-Spizaetus (Worm.Brontok) -> Value: Bron-Spizaetus -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools (PUM.Hijack.Regedit) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Hijack.Shell) -> Bad: (Explorer.exe "C:\WINDOWS\eksplorasi.exe") Good: (Explorer.exe) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
c:\documents and settings\administrateur\local settings\application data\bron.tok-11-1 (Worm.Brontok) -> Quarantined and deleted successfully.
c:\documents and settings\administrateur\local settings\application data\bron.tok-11-6 (Worm.Brontok) -> Quarantined and deleted successfully.
c:\documents and settings\administrateur\local settings\application data\bron.tok-11-7 (Worm.Brontok) -> Quarantined and deleted successfully.
c:\documents and settings\Pélagie\local settings\application data\bron.tok-11-1 (Worm.Brontok) -> Quarantined and deleted successfully.
c:\documents and settings\Pélagie\local settings\application data\bron.tok-11-10 (Worm.Brontok) -> Quarantined and deleted successfully.
c:\documents and settings\Pélagie\local settings\application data\bron.tok-11-11 (Worm.Brontok) -> Quarantined and deleted successfully.
c:\documents and settings\Pélagie\local settings\application data\bron.tok-11-12 (Worm.Brontok) -> Quarantined and deleted successfully.
c:\documents and settings\Pélagie\local settings\application data\bron.tok-11-13 (Worm.Brontok) -> Quarantined and deleted successfully.
c:\documents and settings\Pélagie\local settings\application data\bron.tok-11-14 (Worm.Brontok) -> Quarantined and deleted successfully.
c:\documents and settings\Pélagie\local settings\application data\bron.tok-11-15 (Worm.Brontok) -> Quarantined and deleted successfully.
c:\documents and settings\Pélagie\local settings\application data\bron.tok-11-17 (Worm.Brontok) -> Quarantined and deleted successfully.
c:\documents and settings\Pélagie\local settings\application data\bron.tok-11-19 (Worm.Brontok) -> Quarantined and deleted successfully.
c:\documents and settings\Pélagie\local settings\application data\bron.tok-11-2 (Worm.Brontok) -> Quarantined and deleted successfully.
c:\documents and settings\Pélagie\local settings\application data\bron.tok-11-20 (Worm.Brontok) -> Quarantined and deleted successfully.
c:\documents and settings\Pélagie\local settings\application data\bron.tok-11-21 (Worm.Brontok) -> Quarantined and deleted successfully.
c:\documents and settings\Pélagie\local settings\application data\bron.tok-11-22 (Worm.Brontok) -> Quarantined and deleted successfully.
c:\documents and settings\Pélagie\local settings\application data\bron.tok-11-23 (Worm.Brontok) -> Quarantined and deleted successfully.
c:\documents and settings\Pélagie\local settings\application data\bron.tok-11-24 (Worm.Brontok) -> Quarantined and deleted successfully.
c:\documents and settings\Pélagie\local settings\application data\bron.tok-11-25 (Worm.Brontok) -> Quarantined and deleted successfully.
c:\documents and settings\Pélagie\local settings\application data\bron.tok-11-26 (Worm.Brontok) -> Quarantined and deleted successfully.
c:\documents and settings\Pélagie\local settings\application data\bron.tok-11-27 (Worm.Brontok) -> Quarantined and deleted successfully.
c:\documents and settings\Pélagie\local settings\application data\bron.tok-11-28 (Worm.Brontok) -> Quarantined and deleted successfully.
c:\documents and settings\Pélagie\local settings\application data\bron.tok-11-29 (Worm.Brontok) -> Quarantined and deleted successfully.
c:\documents and settings\Pélagie\local settings\application data\bron.tok-11-3 (Worm.Brontok) -> Quarantined and deleted successfully.
c:\documents and settings\Pélagie\local settings\application data\bron.tok-11-30 (Worm.Brontok) -> Quarantined and deleted successfully.
c:\documents and settings\Pélagie\local settings\application data\bron.tok-11-31 (Worm.Brontok) -> Quarantined and deleted successfully.
c:\documents and settings\Pélagie\local settings\application data\bron.tok-11-4 (Worm.Brontok) -> Quarantined and deleted successfully.
c:\documents and settings\Pélagie\local settings\application data\bron.tok-11-5 (Worm.Brontok) -> Quarantined and deleted successfully.
c:\documents and settings\Pélagie\local settings\application data\bron.tok-11-6 (Worm.Brontok) -> Quarantined and deleted successfully.
c:\documents and settings\Pélagie\local settings\application data\bron.tok-11-7 (Worm.Brontok) -> Quarantined and deleted successfully.
c:\documents and settings\Pélagie\local settings\application data\bron.tok-11-8 (Worm.Brontok) -> Quarantined and deleted successfully.
c:\documents and settings\Pélagie\local settings\application data\bron.tok-11-9 (Worm.Brontok) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
c:\documents and settings\administrateur\menu démarrer\programmes\démarrage\empty.pif.xxx (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\documents and settings\Pélagie\menu démarrer\programmes\démarrage\empty.pif.xxx (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\administrateur's setting.scr.xxx (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\pélagie's setting.scr.xxx (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\documents and settings\administrateur\local settings\application data\csrss.exe.xxx (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\documents and settings\administrateur\local settings\application data\inetinfo.exe.xxx (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\documents and settings\administrateur\local settings\application data\lsass.exe.xxx (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\documents and settings\administrateur\local settings\application data\services.exe.xxx (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\documents and settings\administrateur\local settings\application data\smss.exe.xxx (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\documents and settings\administrateur\local settings\application data\winlogon.exe.xxx (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\documents and settings\Pélagie\local settings\application data\inetinfo.exe.xxx (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\documents and settings\Pélagie\local settings\application data\lsass.exe.xxx (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\documents and settings\Pélagie\local settings\application data\services.exe.xxx (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\documents and settings\Pélagie\local settings\application data\smss.exe.xxx (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\documents and settings\Pélagie\local settings\application data\winlogon.exe.xxx (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\documents and settings\Pélagie\local settings\application data\csrss.exe.xxx (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\WINDOWS\eksplorasi.exe.xxx (Trojan.Dropper) -> Quarantined and deleted successfully.