virus? CA0A4982C26.EXE plus many mrt.exe Fermé

Question

hey everyone, 
I started to suspect my computer was infected as I couldnt use the \'ê\' correctly and it did \'^^\' each time I typed only once the keybord. I looked up on google and it said it was a virus. I opened C: and found another problem:
lots of long folders named with 20 or more charactors and within them is nothing but \"mrt.exe\" file. I know the mrt.exe is supposed to have something to do with the Malicious Software Removal but theses files are located right into C:\ and not in C:\Windows\System32. and there are like 10 of them. when I open the folder it says \"You dont have the right to open this folder\" so I have to click \"Continue\" to open it and find the Mrt.exe file. all MRT.exe have different size but they are mor or less 45Mo. I googled it and found only a link which I quoted in this email because he described it quite good.
then last problem, I checked msconfig and I found a CA0A4982C26.EXE in C:\sooi832.bin which I googled and found a lick to UnHackMe. I run it but nothing was found.
I stopped allowing this CA0A4982C26.EXE at the start of windows and now I can do ô or ê correctly again. and my computer seems to be faster. but all the files (both CA0A4982C26.EXE and all the MRT.exe are still on my computer and I dont know if just deleting them is the right thing to do..)
I think I really need help. 

Configuration: Windows Vista / Firefox 3.6.24

g3n-h@ckm@n · Accepted Answer

hello / \ ATTENTION FOLLOW THESE INSTRUCTIONS TO THE LETTER / \ __________________________________________________________ > This software is for use as prescribed by a qualified and trained helper to the tool. " >>>>>>> Do not use outside of this case: dangerous <<<<<<<< ================================================== ===< Above all, think of the recording to rename Combofix to "tone prenom.exe" before it is saved on your hard drive Download here: http://download.bleepingcomputer.com/sUBs/ComboFix.exe Combofix If you are using AVG, it is imperative to uninstall it before use Combofix as it can cause damage by interacting with the tool that can lead to total system reinstallation. Simply disabling the resident is not sufficient. Download the AVG uninstaller on this link: https://www.avg.com/fr-fr/avg-remover Choose the appropriate version (32 or 64 bit) / \ _________________________________________________________ >> Close the windows of all programs. >> Temporarily disabled and only time to use ComboFix, >> The real-time protection of your Antivirus and Antispyware , >> That may hinder the search process significantly and cleaning of the tool. __________________________________________________________ if you have XP => double click if you have Vista or Windows 7 => right click "run as ...." of ComboFix renamed !!!!! Do not touch anything during the operation of ComboFix (mouse / keyboard .....)!!!!! Remember to turn the care of your antivirus and your antispyware, before you reconnect to the Internet. Back on the forum, and copy and paste the entire contents of C: \ Combofix.txt in your next message. ¤¤¤¤¤¤¤¤¤¤_g3n-h@ckm@n_Developpement_¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤_Pre_Scan_¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

dzfzf · Answer

are you sure this is sure?? 
because I setting down AVG..

g3n-h@ckm@n · Answer

hello you've got to uninstall it to use combofix , that's written :) !

Malekal_morte- · Answer

I started to suspect my computer was infected as I couldnt use the \'ê\'   

This is probably the effect of to the malware Ramnit.  
Same topic there : https://forums.commentcamarche.net/forum/affich-23805762-touche-accent-circonflexe-trema-virus  


SHUT THE F*C*K UP, WE HAVE OTHER SONGS TOO !!

Virus? CA0A4982C26.EXE plus many mrt.exe

4 réponses

Discussions similaires