Virus security tool
darknico05
Messages postés
389
Statut
Membre
-
darknico05 Messages postés 389 Statut Membre -
darknico05 Messages postés 389 Statut Membre -
Bonjour,
jetais sur un site quand tout a qou lecran de mon pc est devenu noir et il nyavais plus dicone ! il yavais juste la bare des taches en dessous! et la ya unefenetre qui dit que lordi est infecter , le fenetre qui souvre s appelle security tool ! je ne sais pas quoi faire et jai la trouille aidez moi silvouplait que doije faire
jetais sur un site quand tout a qou lecran de mon pc est devenu noir et il nyavais plus dicone ! il yavais juste la bare des taches en dessous! et la ya unefenetre qui dit que lordi est infecter , le fenetre qui souvre s appelle security tool ! je ne sais pas quoi faire et jai la trouille aidez moi silvouplait que doije faire
A voir également:
- Virus security tool
- Hp usb disk storage format tool - Télécharger - Stockage
- Ds3 tool - Télécharger - Émulation
- Microsoft security essentials - Télécharger - Antivirus & Antimalwares
- Media creation tool - Télécharger - Systèmes d'exploitation
- Virus mcafee - Accueil - Piratage
52 réponses
Malwarebytes' Anti-Malware 1.41
Database version: 3223
Windows 6.0.6002 Service Pack 2 (Safe Mode)
24/11/2009 18:44:04
mbam-log-2009-11-24 (18-44-04).txt
Scan type: Full Scan (C:\|D:\|E:\|G:\|H:\|I:\|J:\|)
Objects scanned: 264978
Time elapsed: 51 minute(s), 40 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 3
Registry Values Infected: 5
Registry Data Items Infected: 1
Folders Infected: 9
Files Infected: 12
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\NordBull (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\srosa (Worm.Bagle) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\54264728 (Rogue.Multiple.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\54264728 (Rogue.Multiple.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\drvsyskit (Worm.Bagle) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\german.exe (Worm.Bagle) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\minisoft (Trojan.Dropper) -> Quarantined and deleted successfully.
Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\URL (Hijack.SearchPage) -> Bad: (http://search-gala.com/?&uid=249&q={searchTerms}) Good: (https://www.google.com/?gws_rd=ssl -> Quarantined and deleted successfully.
Folders Infected:
C:\ProgramData\54264728 (Rogue.Multiple.H) -> Quarantined and deleted successfully.
C:\ProgramData\02679529 (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Users\Boudard\AppData\Roaming\hidires (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Users\Boudard\AppData\Roaming\hidires\lang (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Users\Boudard\AppData\Roaming\hidires\WDIR (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Users\Boudard\AppData\Roaming\hidires\webserver (Worm.Bagle) -> Quarantined and deleted successfully.
C:\ProgramData\WSDDSys (Rogue.WindowsSystemDefender) -> Quarantined and deleted successfully.
C:\Users\Boudard\AppData\Roaming\Windows System Defender (Rogue.WindowsSystemDefender) -> Quarantined and deleted successfully.
C:\Users\Boudard\AppData\Roaming\System Defender (Rogue.SystemDefender) -> Quarantined and deleted successfully.
Files Infected:
C:\ProgramData\54264728\54264728.exe (Rogue.Multiple.H) -> Quarantined and deleted successfully.
C:\Users\Boudard\AppData\Local\Temp\nsj51C8.tmp\NSISdl.dll (Trojan.Banker) -> Quarantined and deleted successfully.
C:\Users\Boudard\AppData\Local\VirtualStore\Windows\System32\net.net (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\Boudard\AppData\Roaming\hidires\names.txt (Worm.Bagle) -> Quarantined and deleted successfully.
C:\ProgramData\WSDDSys\wsd.cfg (Rogue.WindowsSystemDefender) -> Quarantined and deleted successfully.
C:\Users\Boudard\AppData\Roaming\Windows System Defender\Instructions.ini (Rogue.WindowsSystemDefender) -> Quarantined and deleted successfully.
C:\Users\Boudard\AppData\Roaming\System Defender\Instructions.ini (Rogue.SystemDefender) -> Quarantined and deleted successfully.
C:\Users\Boudard\Desktop\Security Tool.LNK (Rogue.SecurityTool) -> Quarantined and deleted successfully.
C:\Users\Boudard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Security Tool.LNK (Rogue.SecurityTool) -> Quarantined and deleted successfully.
C:\Windows\Tasks\{7B02EF0B-A410-4938-8480-9BA26420A627}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\Boudard\AppData\Local\Temp\50549.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
Database version: 3223
Windows 6.0.6002 Service Pack 2 (Safe Mode)
24/11/2009 18:44:04
mbam-log-2009-11-24 (18-44-04).txt
Scan type: Full Scan (C:\|D:\|E:\|G:\|H:\|I:\|J:\|)
Objects scanned: 264978
Time elapsed: 51 minute(s), 40 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 3
Registry Values Infected: 5
Registry Data Items Infected: 1
Folders Infected: 9
Files Infected: 12
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\NordBull (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\srosa (Worm.Bagle) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\54264728 (Rogue.Multiple.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\54264728 (Rogue.Multiple.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\drvsyskit (Worm.Bagle) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\german.exe (Worm.Bagle) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\minisoft (Trojan.Dropper) -> Quarantined and deleted successfully.
Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\URL (Hijack.SearchPage) -> Bad: (http://search-gala.com/?&uid=249&q={searchTerms}) Good: (https://www.google.com/?gws_rd=ssl -> Quarantined and deleted successfully.
Folders Infected:
C:\ProgramData\54264728 (Rogue.Multiple.H) -> Quarantined and deleted successfully.
C:\ProgramData\02679529 (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Users\Boudard\AppData\Roaming\hidires (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Users\Boudard\AppData\Roaming\hidires\lang (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Users\Boudard\AppData\Roaming\hidires\WDIR (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Users\Boudard\AppData\Roaming\hidires\webserver (Worm.Bagle) -> Quarantined and deleted successfully.
C:\ProgramData\WSDDSys (Rogue.WindowsSystemDefender) -> Quarantined and deleted successfully.
C:\Users\Boudard\AppData\Roaming\Windows System Defender (Rogue.WindowsSystemDefender) -> Quarantined and deleted successfully.
C:\Users\Boudard\AppData\Roaming\System Defender (Rogue.SystemDefender) -> Quarantined and deleted successfully.
Files Infected:
C:\ProgramData\54264728\54264728.exe (Rogue.Multiple.H) -> Quarantined and deleted successfully.
C:\Users\Boudard\AppData\Local\Temp\nsj51C8.tmp\NSISdl.dll (Trojan.Banker) -> Quarantined and deleted successfully.
C:\Users\Boudard\AppData\Local\VirtualStore\Windows\System32\net.net (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\Boudard\AppData\Roaming\hidires\names.txt (Worm.Bagle) -> Quarantined and deleted successfully.
C:\ProgramData\WSDDSys\wsd.cfg (Rogue.WindowsSystemDefender) -> Quarantined and deleted successfully.
C:\Users\Boudard\AppData\Roaming\Windows System Defender\Instructions.ini (Rogue.WindowsSystemDefender) -> Quarantined and deleted successfully.
C:\Users\Boudard\AppData\Roaming\System Defender\Instructions.ini (Rogue.SystemDefender) -> Quarantined and deleted successfully.
C:\Users\Boudard\Desktop\Security Tool.LNK (Rogue.SecurityTool) -> Quarantined and deleted successfully.
C:\Users\Boudard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Security Tool.LNK (Rogue.SecurityTool) -> Quarantined and deleted successfully.
C:\Windows\Tasks\{7B02EF0B-A410-4938-8480-9BA26420A627}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\Boudard\AppData\Local\Temp\50549.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
merci beaucoup jai retrouver mon bureau et toute les fonctionaliter de lordi je vais lancer findykill pour etre sur !
merci beaucoup !!
merci beaucoup !!
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
