Virus google
benoit
-
Utilisateur anonyme -
Utilisateur anonyme -
Fixwareout ver 1.003
Last edited 8/11/2006
Post this report in the forums please
Reg Entries that were deleted
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ruins\}E8A6EA46A0FF-A46A-3C14-51E2-FC2EF54D{
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ruins\}2B1246773349-67B9-8E54-3F09-E83A9A9C{
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ruins\gfgmd
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Urls\1trap
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Urls\2trap
...
Microsoft (R) Windows Script Host Version 5.6
Random Runs removed from HKLM
"dmgfg.exe"=-
...
PLEASE NOTE, There WILL be LEGITIMATE FILES LISTED. IF YOU ARE UNSURE OF WHAT IT IS LEAVE THEM ALONE.
»»»»» Searching by size/names...
»»»»»
Search five digit cs, dm and jb files.
This WILL/CAN also list Legit Files, Submit them at Virustotal
C:\WINDOWS\SYSTEM32\CSLOA.EXE 51 781 2006-10-14
C:\WINDOWS\SYSTEM32\DMGFG.EXE 60 946 2004-08-20
C:\WINDOWS\SYSTEM32\DMHAQ.EXE 60 946 2004-08-20
C:\WINDOWS\SYSTEM32\DMIBI.EXE 60 946 2004-08-20
C:\WINDOWS\SYSTEM32\DMNYA.EXE 60 946 2004-08-20
C:\WINDOWS\SYSTEM32\DMUHJ.EXE 60 946 2004-08-20
Other suspects.
Directory of C:\WINDOWS\system32
»»»»» Misc files.
»»»»» Checking for older varients covered by the Rem3 tool
Last edited 8/11/2006
Post this report in the forums please
Reg Entries that were deleted
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ruins\}E8A6EA46A0FF-A46A-3C14-51E2-FC2EF54D{
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ruins\}2B1246773349-67B9-8E54-3F09-E83A9A9C{
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ruins\gfgmd
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Urls\1trap
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Urls\2trap
...
Microsoft (R) Windows Script Host Version 5.6
Random Runs removed from HKLM
"dmgfg.exe"=-
...
PLEASE NOTE, There WILL be LEGITIMATE FILES LISTED. IF YOU ARE UNSURE OF WHAT IT IS LEAVE THEM ALONE.
»»»»» Searching by size/names...
»»»»»
Search five digit cs, dm and jb files.
This WILL/CAN also list Legit Files, Submit them at Virustotal
C:\WINDOWS\SYSTEM32\CSLOA.EXE 51 781 2006-10-14
C:\WINDOWS\SYSTEM32\DMGFG.EXE 60 946 2004-08-20
C:\WINDOWS\SYSTEM32\DMHAQ.EXE 60 946 2004-08-20
C:\WINDOWS\SYSTEM32\DMIBI.EXE 60 946 2004-08-20
C:\WINDOWS\SYSTEM32\DMNYA.EXE 60 946 2004-08-20
C:\WINDOWS\SYSTEM32\DMUHJ.EXE 60 946 2004-08-20
Other suspects.
Directory of C:\WINDOWS\system32
»»»»» Misc files.
»»»»» Checking for older varients covered by the Rem3 tool
A voir également:
- Virus google
- Google maps satellite - Guide
- Google photo - Télécharger - Albums photo
- Dns google - Guide
- Créer un compte google - Guide
- Google drive - Accueil - Arnaque
1 réponse
Euh... Bonjour pour commencer.
Ensuite on explique un peu les dysfonctionnements.
Ce rapport montre que tu es infecté.
Télécharge HijackThis v1.99.1
http://pchelpbordeaux.free.fr/logiciels.html
Tutorial
http://pchelpbordeaux.free.fr/tuto.html
Démo en image
http://pageperso.aol.fr/balltrap34/demohijack.htm
Fais un scan et poste son rapport.
Ensuite on explique un peu les dysfonctionnements.
Ce rapport montre que tu es infecté.
Télécharge HijackThis v1.99.1
http://pchelpbordeaux.free.fr/logiciels.html
Tutorial
http://pchelpbordeaux.free.fr/tuto.html
Démo en image
http://pageperso.aol.fr/balltrap34/demohijack.htm
Fais un scan et poste son rapport.
