Sujet Précédent Sujet Suivant

Dr Guard

Fermé
Caroline - 13 mars 2010 à 21:46
NicoVA Messages postés 1058 Date d'inscription dimanche 6 décembre 2009 Statut Contributeur sécurité Dernière intervention 16 novembre 2011 - 14 mars 2010 à 12:53
Bonsoir,
J'ai besoin d'aide à tout prit se soir. Dr Guard s'est installé sur mon pc portable, je suis pas très calé niveau informatique et franchement je comprend méme rien mis à part que c'est un virus !
C'est assez urgent, car mon ordi est mon seul moyen de communication car je suis en stage à l'étranger un certain temps.
Merci d'avance
A voir également:

7 réponses

Réponse 1 / 7
Utilisateur anonyme
13 mars 2010 à 21:52
bonjour si ces urgent on va voire sa

Fais sa Télécharge rkill
https://download.bleepingcomputer.com/grinler/rkill.exe
Enregistre-le sur ton Bureau
Double-clique sur l'icone rkill ( pour Vista/Seven clic-droit Exécuter en tant qu'Administrateur)
Un bref écran noir t'indiquera que le tool s'est correctement exécuter, s'il ne lance pas
change de lien de téléchargement en utilisant le suivant à partir d'ici:
http://download.bleepingcomputer.com/grinler/rkill.pif
https://download.bleepingcomputer.com/grinler/rkill.scr
https://download.bleepingcomputer.com/grinler/rkill.com

une fois qu'il aura terminé


Téléchargez MalwareByte's Anti-Malware

http://www.malwarebytes.org/mbam/program/mbam-setup.exe

. Enregistres le sur le bureau
. Double cliques sur le fichier téléchargé pour lancer le processus d'installation.
. Dans l'onglet "mise à jour", cliques sur le bouton Recherche de mise à jour
. Si le pare-feu demande l'autorisation de se connecter pour malwarebytes, accepte
. Une fois la mise à jour terminé
. Rend-toi dans l'onglet, Recherche
. Sélectionnes Exécuter un examen complet (examen assez long)
. Cliques sur Rechercher
. Le scan démarre.
. A la fin de l'analyse, un message s'affiche : L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.
. Cliques sur Ok pour poursuivre.
. Si des malwares ont été détectés, clique sur Afficher les résultats
. Sélectionnes tout (ou laisses cochés) et cliques sur Supprimer la sélection Malwarebytes va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
. Malwarebytes va ouvrir le bloc-notes et y copier le rapport d'analyse.
. Rends toi dans l'onglet rapport/log
. Tu cliques dessus pour l'afficher, une fois affiché
. Tu cliques sur edition en haut du boc notes, et puis sur sélectionner tous
. Tu recliques sur edition et puis sur copier et tu reviens sur le forum et dans ta réponse
. tu cliques droit dans le cadre de la reponse et coller


Si tu as besoin d'aide regarde ces tutoriels :
Aide: https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
http://www.infos-du-net.com/forum/278396-11-tuto-malwarebytes-anti-malware-mbam

PUIS

Télécharge ici : http://images.malwareremoval.com/random/RSIT.exe
random's system information tool (RSIT) par random/random et sauvegarde-le sur le Bureau.
• Double-clique sur RSIT.exe afin de lancer RSIT.(Avec VISTA/7 > clic-droit et > Exécuter en tant qu'administrateur.
• Lis le contenu de l'écran Disclaimer puis clique sur Continue (si tu acceptes les conditions).
• Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
• Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.
• Poste le contenu de log.txt ainsi que info.txt
( tu peux héberger les rapports ici http://www.cijoint.fr/ et me joindre dans ton prochain message le lien )
1
Réponse 2 / 7
Caroline
14 mars 2010 à 10:29
Impossible de rallumer mon pc hier soir. En essayant ce matin il remarche, mais imporssible d'accéder au premier liens que vous m'avez indiqué il ne marche pas ...
0
Réponse 3 / 7
Utilisateur anonyme
14 mars 2010 à 10:31
ces pour sa que j'ai mis 5 lien différent utilise les
0
Caroline
14 mars 2010 à 10:40
J'ai utilisé les 4 liens que vous m'avez donné mais aucun marche.
De plus je voulais savoir comment on allume son pc en mode sans echec car je suis bombardé de fenetre qui s'ouvre
0
Réponse 4 / 7
Utilisateur anonyme
14 mars 2010 à 10:46
mode sans échec https://www.micro-astuce.com/depannage/demarrer-mode-sans-echec.php

choisie le mode sans échec avec prise en charge réseaux ces important est la tu suis la procédure
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 7
Caroline
14 mars 2010 à 11:31
Voila le rapport,

Malwarebytes' Anti-Malware 1.44
Version de la base de données: 3865
Windows 5.1.2600 Service Pack 3 (Safe Mode)
Internet Explorer 8.0.6001.18702

17/04/2010 12:28:54
mbam-log-2010-04-17 (12-28-54).txt

Type de recherche: Examen complet (C:\|)
Eléments examinés: 181325
Temps écoulé: 25 minute(s), 6 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 17
Valeur(s) du Registre infectée(s): 6
Elément(s) de données du Registre infecté(s): 7
Dossier(s) infecté(s): 4
Fichier(s) infecté(s): 96

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
C:\WINDOWS\system32\z1xxnm.dll (Trojan.Downloader) -> Delete on reboot.

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{a3ba40a2-74f1-52bd-f434-00b15a2c8953} (Trojan.Downloader) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a3ba40a2-74f1-52bd-f434-00b15a2c8953} (Trojan.Downloader) -> Delete on reboot.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{494e6cec-7483-a4ee-0938-895519a84bc7} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{494e6cec-7483-a4ee-0938-895519a84bc7} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\install.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\setup.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\_voidtpfhxripym (Rootkit.TDSS) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\_VOID (Rootkit.TDSS) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\_VOIDd.sys (Rootkit.TDSS) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Paladin Antivirus (Rogue.PaladinAntivirus) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Malware Defense (Rogue.MalwareDefense) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Dr. Guard (Rogue.DrGuard) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Dr. Guard (Rogue.DrGuard) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{a3ba40a2-74f1-52bd-f434-00b15a2c8953} (Trojan.Downloader) -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\remote system protection (Trojan.Downloader) -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\idstrf (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\nofolderoptions (Hijack.FolderOptions) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network\uid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\asg984jgkfmgasi8ug98jgkfgfb (Trojan.Downloader) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Spyware.Zbot) -> Data: c:\windows\system32\sdra64.exe -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Spyware.Zbot) -> Data: system32\sdra64.exe -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFolderOptions (Hijack.FolderOptions) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Hijack.Userinit) -> Bad: (C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\sdra64.exe,) Good: (Userinit.exe) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
C:\WINDOWS\system32\lowsec (Stolen.data) -> Delete on reboot.
C:\Program Files\Dr. Guard (Rogue.DrGuard) -> Quarantined and deleted successfully.
C:\Documents and Settings\Caroline DUMONT\Menu Démarrer\Programmes\Dr. Guard (Rogue.DrGuard) -> Quarantined and deleted successfully.
C:\WINDOWS\_VOIDtpfhxripym (Rootkit.TDSS) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\WINDOWS\system32\z1xxnm.dll (Trojan.Downloader) -> Delete on reboot.
C:\Documents and Settings\Administrateur\Local Settings\Temp\spoolsv.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Local Settings\Temp\2586712156.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Local Settings\Temp\login.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Local Settings\Temp\lsass.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Local Settings\Temp\msinits.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Local Settings\Temp\vwwixjz.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Caroline DUMONT\Local Settings\Temp\1706326912.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Caroline DUMONT\Local Settings\Temp\1800171400.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Caroline DUMONT\Local Settings\Temp\197293492.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Caroline DUMONT\Local Settings\Temp\2587133552.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Caroline DUMONT\Local Settings\Temp\3148303670.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Caroline DUMONT\Local Settings\Temp\3230233118.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Caroline DUMONT\Local Settings\Temp\604786134.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Caroline DUMONT\Local Settings\Temp\620254884.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Caroline DUMONT\Local Settings\Temp\711504884.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Caroline DUMONT\Local Settings\Temp\asd306.tmp.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\Documents and Settings\Caroline DUMONT\Local Settings\Temp\asr64_ldm.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\Caroline DUMONT\Local Settings\Temp\avp.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Caroline DUMONT\Local Settings\Temp\cdpv0.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Caroline DUMONT\Local Settings\Temp\cmd.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Caroline DUMONT\Local Settings\Temp\csrss.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Caroline DUMONT\Local Settings\Temp\drweb.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Caroline DUMONT\Local Settings\Temp\flbgvgq.exe (Trojan.PWS) -> Quarantined and deleted successfully.
C:\Documents and Settings\Caroline DUMONT\Local Settings\Temp\install.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Caroline DUMONT\Local Settings\Temp\login.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Caroline DUMONT\Local Settings\Temp\lsass.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Caroline DUMONT\Local Settings\Temp\mdm.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Caroline DUMONT\Local Settings\Temp\msinits.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Caroline DUMONT\Local Settings\Temp\notepad.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Caroline DUMONT\Local Settings\Temp\nvsvc32.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Caroline DUMONT\Local Settings\Temp\setup.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Caroline DUMONT\Local Settings\Temp\smss.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Caroline DUMONT\Local Settings\Temp\spoolsv.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Caroline DUMONT\Local Settings\Temp\svchost.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Caroline DUMONT\Local Settings\Temp\taskmgr.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Caroline DUMONT\Local Settings\Temp\TMP7D9A.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\Documents and Settings\Caroline DUMONT\Local Settings\Temp\twt3m.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Caroline DUMONT\Local Settings\Temp\vwwixjz.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Caroline DUMONT\Local Settings\Temp\win.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Caroline DUMONT\Local Settings\Temp\win16.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Caroline DUMONT\Local Settings\Temp\win32.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Caroline DUMONT\Local Settings\Temp\winlogon.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Caroline DUMONT\Local Settings\Temp\_VOIDaf39.tmp (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\Documents and Settings\Caroline DUMONT\Local Settings\Temporary Internet Files\Content.IE5\ZB699I2L\update_for_media_player_(KB972036)[1].exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Program Files\Dr. Guard\drgext.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\Program Files\Dr. Guard\drghook.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\Program Files\Dr. Guard\drguard.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\RECYCLER\S-1-5-21-2752991226-1295552370-2210005112-1005\Dc10.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\RECYCLER\S-1-5-21-2752991226-1295552370-2210005112-1005\Dc11.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\RECYCLER\S-1-5-21-2752991226-1295552370-2210005112-1005\Dc15.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\RECYCLER\S-1-5-21-2752991226-1295552370-2210005112-1005\Dc16.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\RECYCLER\S-1-5-21-2752991226-1295552370-2210005112-1005\Dc17.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\RECYCLER\S-1-5-21-2752991226-1295552370-2210005112-1005\Dc5.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\RECYCLER\S-1-5-21-2752991226-1295552370-2210005112-1005\Dc9.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\_VOIDbakawgtmjw.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\_VOIDpqeirclguq.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\_VOIDqaxojrmixy.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\_VOIDtpfhxripym\_VOIDd.sys (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lowsec\local.ds (Stolen.data) -> Delete on reboot.
C:\WINDOWS\system32\lowsec\user.ds (Stolen.data) -> Delete on reboot.
C:\Program Files\Dr. Guard\about.ico (Rogue.DrGuard) -> Quarantined and deleted successfully.
C:\Program Files\Dr. Guard\drg.db (Rogue.DrGuard) -> Quarantined and deleted successfully.
C:\Program Files\Dr. Guard\help.ico (Rogue.DrGuard) -> Quarantined and deleted successfully.
C:\Program Files\Dr. Guard\scan.ico (Rogue.DrGuard) -> Quarantined and deleted successfully.
C:\Program Files\Dr. Guard\settings.ico (Rogue.DrGuard) -> Quarantined and deleted successfully.
C:\Program Files\Dr. Guard\splash.mp3 (Rogue.DrGuard) -> Quarantined and deleted successfully.
C:\Program Files\Dr. Guard\virus.mp3 (Rogue.DrGuard) -> Quarantined and deleted successfully.
C:\Documents and Settings\Caroline DUMONT\Menu Démarrer\Programmes\Dr. Guard\About.lnk (Rogue.DrGuard) -> Quarantined and deleted successfully.
C:\Documents and Settings\Caroline DUMONT\Menu Démarrer\Programmes\Dr. Guard\Activate.lnk (Rogue.DrGuard) -> Quarantined and deleted successfully.
C:\Documents and Settings\Caroline DUMONT\Menu Démarrer\Programmes\Dr. Guard\Buy.lnk (Rogue.DrGuard) -> Quarantined and deleted successfully.
C:\Documents and Settings\Caroline DUMONT\Menu Démarrer\Programmes\Dr. Guard\Dr. Guard Support.lnk (Rogue.DrGuard) -> Quarantined and deleted successfully.
C:\Documents and Settings\Caroline DUMONT\Menu Démarrer\Programmes\Dr. Guard\Dr. Guard.lnk (Rogue.DrGuard) -> Quarantined and deleted successfully.
C:\Documents and Settings\Caroline DUMONT\Menu Démarrer\Programmes\Dr. Guard\Scan.lnk (Rogue.DrGuard) -> Quarantined and deleted successfully.
C:\Documents and Settings\Caroline DUMONT\Menu Démarrer\Programmes\Dr. Guard\Settings.lnk (Rogue.DrGuard) -> Quarantined and deleted successfully.
C:\Documents and Settings\Caroline DUMONT\Menu Démarrer\Programmes\Dr. Guard\Update.lnk (Rogue.DrGuard) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\_VOIDmainqt.dll (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\_VOIDwkutypjxkn.dat (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\_VOID1373.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\_VOID14bb.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\_VOID1c3d.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\_VOID2814.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\_VOID2b60.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\_VOID3beb.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\_VOIDd6c9.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\_VOIDddbd.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\_VOIDfa8c.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\_VOIDfef1.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\Documents and Settings\Caroline DUMONT\Local Settings\Temp\_VOIDb43b.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\Documents and Settings\Caroline DUMONT\Local Settings\Application Data\av.exe (ROGUE.Win7Antispyware2010) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sdra64.exe (Spyware.Zbot) -> Delete on reboot.
C:\Documents and Settings\Administrateur\Local Settings\Temp\jisfije9fjoiee.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Caroline DUMONT\Local Settings\Temp\jisfije9fjoiee.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Caroline DUMONT\Application Data\Microsoft\Internet Explorer\Quick Launch\Dr. Guard.lnk (Rogue.DrGuard) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Local Settings\Temp\hsf78w3uhduf8w.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Caroline DUMONT\Local Settings\Temp\hsf78w3uhduf8w.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
0
Réponse 6 / 7
Utilisateur anonyme
14 mars 2010 à 11:43
malwarebyts a fait du très bon boulot car tu est très infecter

démarre en mode normal fais la suite de la procédure
0
Réponse 7 / 7
NicoVA Messages postés 1058 Date d'inscription dimanche 6 décembre 2009 Statut Contributeur sécurité Dernière intervention 16 novembre 2011 71
14 mars 2010 à 12:53
Yop'

Pour suivre ...
0

Discussions similaires

Musique Générique Dr House
Tekalex -
bloodist -

28 réponses
Musique Générique Dr.House
pitchounou38 -
vincent -

4 réponses
Quelle est la musique du generique: Dr House
Gogodam -
ekirafa -

1 réponse
Musique de fond Dr House
Claire -
Amanoine -

8 réponses
DR HOUSE SAISON 1 ET 2 SVP SVP
julie59610 -
moska -

13 réponses