Hacked x4x
Résolu
khaznadar_94
Messages postés
41
Date d'inscription
Statut
Membre
Dernière intervention
-
khaznadar_94 Messages postés 41 Date d'inscription Statut Membre Dernière intervention -
khaznadar_94 Messages postés 41 Date d'inscription Statut Membre Dernière intervention -
Bonjour,
depuis presque un mois hacked x4x s'affiche au niveau de la barre superieure d'internet explorer en plus au demarrage un qui dit impossible de trouver script winjpg.jpg
depuis presque un mois hacked x4x s'affiche au niveau de la barre superieure d'internet explorer en plus au demarrage un qui dit impossible de trouver script winjpg.jpg
A voir également:
- Hacked x4x
- Facebook hacked - Guide
- Instagram.com/hacked - Accueil - Guide piratage
- Esim hacked - Accueil - Piratage
- Password hacked - Guide
- Facebook/hacked - Guide
6 réponses
Bonjour,
Télécharge Malwarebytes' Anti-Malware du lien suivant :
http://www.malwarebytes.org/mbam/program/mbam-setup.exe
* Installe-le puis lance-le
* De l'onglet "Mise à jour", clique sur le bouton "Recherche de mise à jour": si le pare-feu demande l'autorisation à MBAM de se connecter, accepte.
* Une fois la mise à jour terminée, rends-toi dans l'onglet "Recherche" ;
* Sélectionne "Exécuter un examen rapide"
* Clique sur "Rechercher"
* L'analyse sera lancée ;
* Lorsque complétée, un message s'affichera indiquant la fin de l'analyse. Clique sur "OK" pour poursuivre.
* Ferme tes navigateurs
* Si des malwares ont été détectés, leur liste s'affichera.
En cliquant sur Suppression (ou équivalent) , MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
* MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport et poste-le dans ta réponse.
Télécharge Malwarebytes' Anti-Malware du lien suivant :
http://www.malwarebytes.org/mbam/program/mbam-setup.exe
* Installe-le puis lance-le
* De l'onglet "Mise à jour", clique sur le bouton "Recherche de mise à jour": si le pare-feu demande l'autorisation à MBAM de se connecter, accepte.
* Une fois la mise à jour terminée, rends-toi dans l'onglet "Recherche" ;
* Sélectionne "Exécuter un examen rapide"
* Clique sur "Rechercher"
* L'analyse sera lancée ;
* Lorsque complétée, un message s'affichera indiquant la fin de l'analyse. Clique sur "OK" pour poursuivre.
* Ferme tes navigateurs
* Si des malwares ont été détectés, leur liste s'affichera.
En cliquant sur Suppression (ou équivalent) , MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
* MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport et poste-le dans ta réponse.
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Malwarebytes' Anti-Malware 1.42
Version de la base de données: 3324
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
08/12/2009 23:01:52
mbam-log-2009-12-08 (23-01-52).txt
Type de recherche: Examen rapide
Eléments examinés: 152330
Temps écoulé: 16 minute(s), 7 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 5
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 4
Dossier(s) infecté(s): 9
Fichier(s) infecté(s): 15
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regedit.Exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msconfig.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\procexp.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rstrui.exe (Security.Hijack) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ctfmon (Backdoor.PoisonIvy) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\regdiit (Backdoor.PoisonIvy) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\CheckedValue (Hijack.System.Hidden) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
C:\Documents and Settings\LocalService\Application Data\NetMon (Trojan.NetMon) -> Quarantined and deleted successfully.
C:\Program Files\FBrowserAdvisor (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
C:\Program Files\FBrowsingAdvisor (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
C:\Program Files\Network Monitor (Trojan.DNSChanger) -> Quarantined and deleted successfully.
C:\Program Files\PlayMP3z (Adware.PLayMP3z) -> Quarantined and deleted successfully.
C:\Documents and Settings\abidi\Menu Démarrer\Programmes\PlayMP3z (Adware.PLayMP3z) -> Quarantined and deleted successfully.
C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\TP (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\' (Worm.Archive) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Documents and Settings\LocalService\Application Data\NetMon\domains.txt (Trojan.NetMon) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Application Data\NetMon\log.txt (Trojan.NetMon) -> Quarantined and deleted successfully.
C:\Program Files\FBrowsingAdvisor\IXPCOMEvents.xpt (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
C:\Program Files\FBrowsingAdvisor\Logo.png (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
C:\Program Files\FBrowsingAdvisor\main.db (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
C:\Program Files\FBrowsingAdvisor\unins000.dat (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
C:\Program Files\PlayMP3z\uninstall.exe (Adware.PLayMP3z) -> Quarantined and deleted successfully.
C:\Documents and Settings\abidi\Menu Démarrer\Programmes\PlayMP3z\Run PlayMP3z.lnk (Adware.PLayMP3z) -> Quarantined and deleted successfully.
C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\Desktop.ini (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\abidi\Application Data\tazebama\zPharaoh.dat (Worm.Mabezat) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\tazebama\zPharaoh.dat (Worm.Mabezat) -> Quarantined and deleted successfully.
C:\Documents and Settings\SYSTEM\Application Data\tazebama\zPharaoh.dat (Worm.Mabezat) -> Quarantined and deleted successfully.
C:\Documents and Settings\hook.dl_ (Worm.Mabezat) -> Quarantined and deleted successfully.
C:\Documents and Settings\tazebama.dl_ (Worm.Mabezat) -> Quarantined and deleted successfully.
C:\zPharaoh.exe (Worm.Mabezat) -> Quarantined and deleted successfully.
Version de la base de données: 3324
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
08/12/2009 23:01:52
mbam-log-2009-12-08 (23-01-52).txt
Type de recherche: Examen rapide
Eléments examinés: 152330
Temps écoulé: 16 minute(s), 7 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 5
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 4
Dossier(s) infecté(s): 9
Fichier(s) infecté(s): 15
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regedit.Exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msconfig.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\procexp.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rstrui.exe (Security.Hijack) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ctfmon (Backdoor.PoisonIvy) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\regdiit (Backdoor.PoisonIvy) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\CheckedValue (Hijack.System.Hidden) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
C:\Documents and Settings\LocalService\Application Data\NetMon (Trojan.NetMon) -> Quarantined and deleted successfully.
C:\Program Files\FBrowserAdvisor (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
C:\Program Files\FBrowsingAdvisor (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
C:\Program Files\Network Monitor (Trojan.DNSChanger) -> Quarantined and deleted successfully.
C:\Program Files\PlayMP3z (Adware.PLayMP3z) -> Quarantined and deleted successfully.
C:\Documents and Settings\abidi\Menu Démarrer\Programmes\PlayMP3z (Adware.PLayMP3z) -> Quarantined and deleted successfully.
C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\TP (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\' (Worm.Archive) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Documents and Settings\LocalService\Application Data\NetMon\domains.txt (Trojan.NetMon) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Application Data\NetMon\log.txt (Trojan.NetMon) -> Quarantined and deleted successfully.
C:\Program Files\FBrowsingAdvisor\IXPCOMEvents.xpt (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
C:\Program Files\FBrowsingAdvisor\Logo.png (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
C:\Program Files\FBrowsingAdvisor\main.db (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
C:\Program Files\FBrowsingAdvisor\unins000.dat (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
C:\Program Files\PlayMP3z\uninstall.exe (Adware.PLayMP3z) -> Quarantined and deleted successfully.
C:\Documents and Settings\abidi\Menu Démarrer\Programmes\PlayMP3z\Run PlayMP3z.lnk (Adware.PLayMP3z) -> Quarantined and deleted successfully.
C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\Desktop.ini (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\abidi\Application Data\tazebama\zPharaoh.dat (Worm.Mabezat) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\tazebama\zPharaoh.dat (Worm.Mabezat) -> Quarantined and deleted successfully.
C:\Documents and Settings\SYSTEM\Application Data\tazebama\zPharaoh.dat (Worm.Mabezat) -> Quarantined and deleted successfully.
C:\Documents and Settings\hook.dl_ (Worm.Mabezat) -> Quarantined and deleted successfully.
C:\Documents and Settings\tazebama.dl_ (Worm.Mabezat) -> Quarantined and deleted successfully.
C:\zPharaoh.exe (Worm.Mabezat) -> Quarantined and deleted successfully.
Salut
Pour les problèmes d'infections il y a le forum Virus/Sécurité. Ici c'est le forum Windows...
A voir: Guide d'utilisation du forum
Je vais donc demander qu'on déplace le topic dans le forum approprié...
Bonne chance pour la suite ;-)
Ps: Merci d'utiliser à l'avenir un titre plus explicite > Conseils d'écriture - Titre du message
Pour les problèmes d'infections il y a le forum Virus/Sécurité. Ici c'est le forum Windows...
A voir: Guide d'utilisation du forum
Je vais donc demander qu'on déplace le topic dans le forum approprié...
Bonne chance pour la suite ;-)
Ps: Merci d'utiliser à l'avenir un titre plus explicite > Conseils d'écriture - Titre du message