Tool system virus
Louloutte
-
Malekal_morte- Messages postés 184347 Date d'inscription Statut Modérateur, Contributeur sécurité Dernière intervention -
Malekal_morte- Messages postés 184347 Date d'inscription Statut Modérateur, Contributeur sécurité Dernière intervention -
Bonjour,
J'ai eu le meme rogue. Pb resolu grace a vos conseils. Merci !!
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Database version: 6165
Windows 6.0.6002 Service Pack 2 (Safe Mode)
Internet Explorer 8.0.6001.19019
3/25/2011 11:33:33
mbam-log-2011-03-25 (11-33-33).txt
Scan type: Full scan (C:\|D:\|)
Objects scanned: 231255
Time elapsed: 25 minute(s), 4 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 2
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 3
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Magnlace (Spyware.Agent) -> Value: Magnlace -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\dCcCkGkEiKp05603 (Rogue.SystemTool) -> Value: dCcCkGkEiKp05603 -> Quarantined and deleted successfully.
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\Start Page (Hijack.StartPage) -> Bad: (http://www.nixud.com/) Good: (http://www.google.com) -> Quarantined and deleted successfully.
Folders Infected:
(No malicious items detected)
Files Infected:
c:\Users\Anna\AppData\Local\Temp\IasMnet.dll (Spyware.Agent) -> Quarantined and deleted successfully.
c:\programdata\dccckgkeikp05603\dccckgkeikp05603.exe (Rogue.SystemTool) -> Quarantined and deleted successfully.
c:\Users\Anna\AppData\Local\Temp\jar_cache1850185890798781209.tmp (Rogue.SystemTool) -> Quarantined and deleted successfully.
J'ai eu le meme rogue. Pb resolu grace a vos conseils. Merci !!
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Database version: 6165
Windows 6.0.6002 Service Pack 2 (Safe Mode)
Internet Explorer 8.0.6001.19019
3/25/2011 11:33:33
mbam-log-2011-03-25 (11-33-33).txt
Scan type: Full scan (C:\|D:\|)
Objects scanned: 231255
Time elapsed: 25 minute(s), 4 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 2
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 3
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Magnlace (Spyware.Agent) -> Value: Magnlace -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\dCcCkGkEiKp05603 (Rogue.SystemTool) -> Value: dCcCkGkEiKp05603 -> Quarantined and deleted successfully.
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\Start Page (Hijack.StartPage) -> Bad: (http://www.nixud.com/) Good: (http://www.google.com) -> Quarantined and deleted successfully.
Folders Infected:
(No malicious items detected)
Files Infected:
c:\Users\Anna\AppData\Local\Temp\IasMnet.dll (Spyware.Agent) -> Quarantined and deleted successfully.
c:\programdata\dccckgkeikp05603\dccckgkeikp05603.exe (Rogue.SystemTool) -> Quarantined and deleted successfully.
c:\Users\Anna\AppData\Local\Temp\jar_cache1850185890798781209.tmp (Rogue.SystemTool) -> Quarantined and deleted successfully.
A voir également:
- Tool system virus
- Hp usb disk storage format tool - Télécharger - Stockage
- Ds3 tool - Télécharger - Émulation
- Reboot system now - Guide
- Media creation tool - Télécharger - Systèmes d'exploitation
- Virus mcafee - Accueil - Piratage
1 réponse
Salut,
Pour checker...
* Télécharge http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/ sur ton bureau.
(Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)
* Lance OTL
* Sous Peronnalisation, copie-colle ce qu'il y a dans le cadre ci-dessous :
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%temp%\.exe /s
%SYSTEMDRIVE%\*.exe
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
/md5start
explorer.exe
winlogon.exe
wininit.exe
/md5stop
CREATERESTOREPOINT
nslookup www.google.fr /c
* Clique sur le bouton Analyse.
* Quand le scan est fini, utilise le site http://pjjoint.malekal.com/ pour envoyer les rapports.
Donnes le liens pjjoint ici ensuite pour pouvoir être consultés.
Pour checker...
* Télécharge http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/ sur ton bureau.
(Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)
* Lance OTL
* Sous Peronnalisation, copie-colle ce qu'il y a dans le cadre ci-dessous :
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%temp%\.exe /s
%SYSTEMDRIVE%\*.exe
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
/md5start
explorer.exe
winlogon.exe
wininit.exe
/md5stop
CREATERESTOREPOINT
nslookup www.google.fr /c
* Clique sur le bouton Analyse.
* Quand le scan est fini, utilise le site http://pjjoint.malekal.com/ pour envoyer les rapports.
Donnes le liens pjjoint ici ensuite pour pouvoir être consultés.
