Virus security tool - Page 3

Précédent
  • 1
  • 2
  • 3
  1. darknico05 Messages postés 389 Statut Membre 7
     
    ok merci je fais ca de suite
    0
  2. darknico05 Messages postés 389 Statut Membre 7
     
    voila le resultat du scan et de la suppression des infection jattend tes reponses rapidemant
    0
  3. darknico05 Messages postés 389 Statut Membre 7
     
    Malwarebytes' Anti-Malware 1.41
    Database version: 3223
    Windows 6.0.6002 Service Pack 2 (Safe Mode)

    24/11/2009 18:44:04
    mbam-log-2009-11-24 (18-44-04).txt

    Scan type: Full Scan (C:\|D:\|E:\|G:\|H:\|I:\|J:\|)
    Objects scanned: 264978
    Time elapsed: 51 minute(s), 40 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 3
    Registry Values Infected: 5
    Registry Data Items Infected: 1
    Folders Infected: 9
    Files Infected: 12

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\NordBull (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\srosa (Worm.Bagle) -> Quarantined and deleted successfully.

    Registry Values Infected:
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\54264728 (Rogue.Multiple.H) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\54264728 (Rogue.Multiple.H) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\drvsyskit (Worm.Bagle) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\german.exe (Worm.Bagle) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\minisoft (Trojan.Dropper) -> Quarantined and deleted successfully.

    Registry Data Items Infected:
    HKEY_CURRENT_USER\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\URL (Hijack.SearchPage) -> Bad: (http://search-gala.com/?&uid=249&q={searchTerms}) Good: (https://www.google.com/?gws_rd=ssl -> Quarantined and deleted successfully.

    Folders Infected:
    C:\ProgramData\54264728 (Rogue.Multiple.H) -> Quarantined and deleted successfully.
    C:\ProgramData\02679529 (Rogue.Multiple) -> Quarantined and deleted successfully.
    C:\Users\Boudard\AppData\Roaming\hidires (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Users\Boudard\AppData\Roaming\hidires\lang (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Users\Boudard\AppData\Roaming\hidires\WDIR (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\Users\Boudard\AppData\Roaming\hidires\webserver (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\ProgramData\WSDDSys (Rogue.WindowsSystemDefender) -> Quarantined and deleted successfully.
    C:\Users\Boudard\AppData\Roaming\Windows System Defender (Rogue.WindowsSystemDefender) -> Quarantined and deleted successfully.
    C:\Users\Boudard\AppData\Roaming\System Defender (Rogue.SystemDefender) -> Quarantined and deleted successfully.

    Files Infected:
    C:\ProgramData\54264728\54264728.exe (Rogue.Multiple.H) -> Quarantined and deleted successfully.
    C:\Users\Boudard\AppData\Local\Temp\nsj51C8.tmp\NSISdl.dll (Trojan.Banker) -> Quarantined and deleted successfully.
    C:\Users\Boudard\AppData\Local\VirtualStore\Windows\System32\net.net (Trojan.Downloader) -> Quarantined and deleted successfully.
    C:\Users\Boudard\AppData\Roaming\hidires\names.txt (Worm.Bagle) -> Quarantined and deleted successfully.
    C:\ProgramData\WSDDSys\wsd.cfg (Rogue.WindowsSystemDefender) -> Quarantined and deleted successfully.
    C:\Users\Boudard\AppData\Roaming\Windows System Defender\Instructions.ini (Rogue.WindowsSystemDefender) -> Quarantined and deleted successfully.
    C:\Users\Boudard\AppData\Roaming\System Defender\Instructions.ini (Rogue.SystemDefender) -> Quarantined and deleted successfully.
    C:\Users\Boudard\Desktop\Security Tool.LNK (Rogue.SecurityTool) -> Quarantined and deleted successfully.
    C:\Users\Boudard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Security Tool.LNK (Rogue.SecurityTool) -> Quarantined and deleted successfully.
    C:\Windows\Tasks\{7B02EF0B-A410-4938-8480-9BA26420A627}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
    C:\Windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
    C:\Users\Boudard\AppData\Local\Temp\50549.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
    0
  4. darknico05 Messages postés 389 Statut Membre 7
     
    merci beaucoup jai retrouver mon bureau et toute les fonctionaliter de lordi je vais lancer findykill pour etre sur !
    merci beaucoup !!
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. darknico05 Messages postés 389 Statut Membre 7
     
    voici le rapport findykill! tout remarche merci beaucoup de ton aide , a bientot !
    0
  7. Xplode Messages postés 9212 Statut Contributeur sécurité 726
     
    où est le rapport findykill ?
    0
  8. darknico05 Messages postés 389 Statut Membre 7
     
    je ne sais pas ou le recuperer
    0
  9. Xplode Messages postés 9212 Statut Contributeur sécurité 726
     
    C:\findykill.txt , il a pas bougé lol
    0
  10. darknico05 Messages postés 389 Statut Membre 7
     
    ok mais je le trouve pas dans c findikill ya pas de programme txt
    0
  11. darknico05 Messages postés 389 Statut Membre 7
     
    a quoi il sert le dossier txt de findykill ?
    0
  12. Xplode Messages postés 9212 Statut Contributeur sécurité 726
     
    Refais un malwarebyte's en mode rapide + un ZHPDiag pour vérification.
    0
  13. darknico05 Messages postés 389 Statut Membre 7
     
    cest le rapport zdiag
    0
Précédent
  • 1
  • 2
  • 3