Sujet Précédent Sujet Suivant

Virus cafards mangent l'écran

saga -  
 Utilisateur anonyme -
Bonjour à tous,

Depuis samedi j'ai attrapé un virus qui a complètement infesté mon ordinateur avec changement de fond d'écran pour dire que l'ordinateur est contaminé, juste à côté de l'horloge un message s'affiche "VIRUS ALERT". De plus, lorsque mon ordinateur est inactif, je vois apparaitre des cafards qui mangent mon écran petit à petit. Enfin, j'ai un antivirus "pest patrol" qui s'active tout seul au démarrage de l'ordinateur, impossible de le désinstaller, il me reconnait une tonne de virus mais il me dit que je dois m'enregistrer pour pouvoir les éliminer. J'ai passé avast et la version d'essai de kaspersky sans qu'il détecte de virus.

Merci de bien vouloir m'aider.
A voir également:

33 réponses

  • 1
  • 2
Réponse 1 / 33
Utilisateur anonyme
 
Salut

# Télécharge ceci: (merci a S!RI pour ce petit programme).

http://siri.urz.free.fr/Fix/SmitfraudFix.zip

Exécute le, Double click sur Smitfraudfix.cmd choisit l’option 1,
voila a quoi cela ressemble : http://siri.urz.free.fr/Fix/SmitfraudFix.php
il va générer un rapport : copie/colle le sur le poste stp.

--,

A découvrir : Estopa, Rosario Flores, La oreja de van gogh.. Bonne écoute
0
Réponse 2 / 33
saga
 
Voila je l'ai fait:

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts

»»»»»»»»»»»»»»»»»»»»»»»» C:\

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\JACQUOT1

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\JACQUOT1\Application Data

»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer

»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\JACQUOT1\Favoris

»»»»»»»»»»»»»»»»»»»»»»»» Bureau

»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files

»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues

»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» VACFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{8A5849C4-93F3-429D-FF34-660A2068897C}"="OpenGL additional"

»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\PROGRA~1\\KASPER~1\\KASPER~1.0\\adialhk.dll"

»»»»»»»»»»»»»»»»»»»»»»»» Winlogon
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
"System"=""

»»»»»»»»»»»»»»»»»»»»»»»» Rustock

»»»»»»»»»»»»»»»»»»»»»»»» DNS

HKLM\SYSTEM\CCS\Services\Tcpip\..\{C3DFA2EC-7F81-433C-98A5-77481751ABB0}: DhcpNameServer=192.168.1.1 0.0.0.0
HKLM\SYSTEM\CS1\Services\Tcpip\..\{C3DFA2EC-7F81-433C-98A5-77481751ABB0}: DhcpNameServer=192.168.1.1 0.0.0.0
HKLM\SYSTEM\CS3\Services\Tcpip\..\{C3DFA2EC-7F81-433C-98A5-77481751ABB0}: DhcpNameServer=192.168.1.1 0.0.0.0
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 0.0.0.0
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 0.0.0.0
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 0.0.0.0

»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll

»»»»»»»»»»»»»»»»»»»»»»»» Fin
0
Réponse 3 / 33
Utilisateur anonyme
 
Telecharge malwarebytes

-> https://www.malekal.com/tutoriel-malwarebyte-anti-malware/

Tu l´instale; le programme va se mettre automatiquement a jour.

Une fois a jour, le programme va se lancer; click sur l´onglet parametre, et coche la case : "Arreter internet explorer pendant la suppression".

Click maintenant sur l´onglet recherche et coche la case : "executer un examen complet".

Puis click sur "rechercher".

Laisse le scanner le pc...

Si des elements on ete trouvés > click sur supprimer la selection.

si il t´es demandé de redemarrer > click sur "yes".

A la fin un rapport va s´ouvrir; sauvegarde le de maniere a le retrouver en vu de le poster sur le forum.

Copie et colle le rapport stp.

ps : les rapport sont aussi rangé dans l onglet rapport/log
0
Réponse 4 / 33
saga
 
Voila scan terminé, je met le rapport:

Malwarebytes' Anti-Malware 1.14
Version de la base de données: 800

18:48:21 02/06/2008
mbam-log-6-2-2008 (18-47-50).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 139272
Temps écoulé: 48 minute(s), 34 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 2
Clé(s) du Registre infectée(s): 79
Valeur(s) du Registre infectée(s): 18
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 5
Fichier(s) infecté(s): 18

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
C:\WINDOWS\system32\WinCtrl32.dll (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\byXQJbYS.dll (Trojan.Vundo) -> No action taken.

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\iewarning.warningbho (Rogue.PestPatrol) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{56fa7933-dc3e-403b-8d47-bb5e3f345a21} (Rogue.PestPatrol) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{56fa7933-dc3e-403b-8d47-bb5e3f345a21} (Rogue.PestPatrol) -> No action taken.
HKEY_CLASSES_ROOT\iewarning.warningbho.1 (Rogue.PestPatrol) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{8499c835-defd-267e-3dce-d3832cc3f983} (Rogue.PestPatrol) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{05589faf-c356-11ce-bf01-00aa0055595a} (Rogue.PestPatrol) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{060af76c-68dd-11d0-8fc1-00c04fd9189d} (Rogue.PestPatrol) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{0618aa30-6bc4-11cf-bf36-00aa0055595a} (Rogue.PestPatrol) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{06b32aee-77da-484b-973b-5d64f47201b0} (Rogue.PestPatrol) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{07167665-5011-11cf-bf33-00aa0055595a} (Rogue.PestPatrol) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{07b65360-c445-11ce-afde-00aa006c14f4} (Rogue.PestPatrol) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{1643e180-90f5-11ce-97d5-00aa0055595a} (Rogue.PestPatrol) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{1b544c20-fd0b-11ce-8c63-00aa0044b51e} (Rogue.PestPatrol) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{1bb05961-5fbf-11d2-a521-44df07c10000} (Rogue.PestPatrol) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{1da08500-9edc-11cf-bc10-00aa00ac74f6} (Rogue.PestPatrol) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{1e651cc0-b199-11d0-8212-00c04fc32c45} (Rogue.PestPatrol) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{2d2e24cb-0cd5-458f-86ea-3e6fa22c8e64} (Rogue.PestPatrol) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{301056d0-6dff-11d2-9eeb-006008039e37} (Rogue.PestPatrol) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{336475d0-942a-11ce-a870-00aa002feab5} (Rogue.PestPatrol) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{33facfe0-a9be-11d0-a520-00a0d10129c0} (Rogue.PestPatrol) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{37e92a92-d9aa-11d2-bf84-8ef2b1555aed} (Rogue.PestPatrol) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{418afb70-f8b8-11ce-aac6-0020af0b99a3} (Rogue.PestPatrol) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{4444ac9e-242e-471b-a3c7-45dcd46352bc} (Rogue.PestPatrol) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{48025243-2d39-11ce-875d-00608cb78066} (Rogue.PestPatrol) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{4a2286e0-7bef-11ce-9bd9-0000e202599c} (Rogue.PestPatrol) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{51b4abf3-748f-4e3b-a276-c828330e926a} (Rogue.PestPatrol) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{59ce6880-acf8-11cf-b56e-0080c7c4b68a} (Rogue.PestPatrol) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{6a08cf80-0e18-11cf-a24d-0020afd79767} (Rogue.PestPatrol) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{6bc1cffa-8fc1-4261-ac22-cfb4cc38db50} (Rogue.PestPatrol) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{6f26a6cd-967b-47fd-874a-7aed2c9d25a2} (Rogue.PestPatrol) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{70e102b0-5556-11ce-97c0-00aa0055595a} (Rogue.PestPatrol) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{79376820-07d0-11cf-a24d-0020afd79767} (Rogue.PestPatrol) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{7d8aa343-6e63-4663-be90-6b80f66540a3} (Rogue.PestPatrol) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{92a3a302-da7c-4a1f-ba7e-1802bb5d2d02} (Rogue.PestPatrol) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{92a3a302-da7c-4a1f-ba7e-1802bb5d2d02} (Rogue.PestPatrol) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{944d4c00-dd52-11ce-bf0e-00aa0055595a} (Rogue.PestPatrol) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{99d54f63-1a69-41ae-aa4d-c976eb3f0713} (Rogue.PestPatrol) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{a888df60-1e90-11cf-ac98-00aa004c0fa9} (Rogue.PestPatrol) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{a8dfb9a0-8a20-479f-b538-9387c5eeba2b} (Rogue.PestPatrol) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{b80ab0a0-7416-11d2-9eeb-006008039e37} (Rogue.PestPatrol) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{b87beb7b-8d29-423f-ae4d-6582c10175ac} (Rogue.PestPatrol) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{cc785860-b2ca-11ce-8d2b-0000e202599c} (Rogue.PestPatrol) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{cda42200-bd88-11d0-bd4e-00a0c911ce86} (Rogue.PestPatrol) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{cdbd8d00-c193-11d0-bd4e-00a0c911ce86} (Rogue.PestPatrol) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{cf49d4e0-1115-11ce-b03a-0020af0ba770} (Rogue.PestPatrol) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{d3588ab0-0781-11ce-b03a-0020af0ba770} (Rogue.PestPatrol) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{d51bd5a0-7548-11cf-a520-0080c77ef58a} (Rogue.PestPatrol) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{d51bd5a1-7548-11cf-a520-0080c77ef58a} (Rogue.PestPatrol) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{d51bd5a2-7548-11cf-a520-0080c77ef58a} (Rogue.PestPatrol) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{d51bd5a3-7548-11cf-a520-0080c77ef58a} (Rogue.PestPatrol) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{d51bd5a5-7548-11cf-a520-0080c77ef58a} (Rogue.PestPatrol) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{e30629d1-27e5-11ce-875d-00608cb78066} (Rogue.PestPatrol) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{e4206432-01a1-4bee-b3e1-3702c8edc574} (Rogue.PestPatrol) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{e436ebb1-524f-11ce-9f53-0020af0ba770} (Rogue.PestPatrol) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{e436ebb2-524f-11ce-9f53-0020af0ba770} (Rogue.PestPatrol) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{e436ebb3-524f-11ce-9f53-0020af0ba770} (Rogue.PestPatrol) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{e436ebb5-524f-11ce-9f53-0020af0ba770} (Rogue.PestPatrol) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{e436ebb6-524f-11ce-9f53-0020af0ba770} (Rogue.PestPatrol) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{e436ebb7-524f-11ce-9f53-0020af0ba770} (Rogue.PestPatrol) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{e436ebb8-524f-11ce-9f53-0020af0ba770} (Rogue.PestPatrol) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{e4979309-7a32-495e-8a92-7b014aad4961} (Rogue.PestPatrol) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{e5b4eaa0-b2ca-11ce-8d2b-0000e202599c} (Rogue.PestPatrol) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{fdfe9681-74a3-11d0-afa7-00aa00b67a42} (Rogue.PestPatrol) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{feb50740-7bef-11ce-9bd9-0000e202599c} (Rogue.PestPatrol) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{54192079-8e8a-43d8-bcbc-3874916159af} (Trojan.BHO) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{34cf6660-9bd3-431a-ba32-6b511d4126da} (Trojan.BHO) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{9034a523-d068-4be8-a284-9df278be776e} (Trojan.Zlob) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{daed9266-8c28-4c1c-8b58-5c66eff1d302} (Search.Hijack) -> No action taken.
HKEY_CURRENT_USER\Software\Pest-Patrol (Rogue.PestPatrol) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\winctrl32 (Trojan.Agent) -> No action taken.
HKEY_CURRENT_USER\Software\AntiVirProtect (Rogue.AntiVirProtect) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Web Application (Trojan.Zlob) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Software Notifier (Rogue.Multiple) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{4f26bedb-d89b-44a1-948b-5d523292dadf} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f26bedb-d89b-44a1-948b-5d523292dadf} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\byxqjbys (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\e405.e405mgr (Trojan.Zlob) -> No action taken.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Pest-Patrol (Rogue.VirusHeat) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Pest-Patrol 2.1.0 (Rogue.VirusHeat) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\{9034a523-d068-4be8-a284-9df278be776e} (Trojan.Zlob) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{51d81dd5-55b7-497f-95db-d356429bb54e} (Trojan.Zlob) -> No action taken.
HKEY_CURRENT_USER\Control Panel\Desktop\OriginalWallpaper (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\Control Panel\Desktop\ConvertedWallpaper (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\Control Panel\Desktop\SCRNSAVE.EXE (Trojan.FakeAlert) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\BootDrv (Trojan.Clicker) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{4f26bedb-d89b-44a1-948b-5d523292dadf} (Trojan.Vundo) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\SearchMigratedDefaultURL (Trojan.Zlob) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\w\ (Trojan.Zlob) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL (Trojan.Zlob) -> No action taken.
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\SearchMigratedDefaultURL (Trojan.Zlob) -> No action taken.
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl\w\ (Trojan.Zlob) -> No action taken.
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchURL (Trojan.Zlob) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow\*.securewebinfo.com (Trojan.Zlob) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow\*.safetyincludes.com (Trojan.Zlob) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow\*.securemanaging.com (Trojan.Zlob) -> No action taken.

Elément(s) de données du Registre infecté(s):
HKEY_CURRENT_USER\Control Panel\International\sTimeFormat (Trojan.FakeAlert) -> Bad: (HH:mm: VIRUS ALERT!) Good: (HH:mm:ss) -> No action taken.

Dossier(s) infecté(s):
C:\Program Files\Montorgueil (Diler) -> No action taken.
C:\Program Files\AntiVirProtect (Rogue.AntiVirProtect) -> No action taken.
C:\Program Files\Pest-Patrol (Rogue.PestPatrol) -> No action taken.
C:\WINDOWS\system32\824223 (Trojan.BHO) -> No action taken.
C:\WINDOWS\system32\818646 (Trojan.BHO) -> No action taken.

Fichier(s) infecté(s):
C:\Program Files\Pest-Patrol\Pest-Patrol.exe (Rogue.VirusHeat) -> No action taken.
C:\Program Files\Pest-Patrol\Pest-Patrol.exe (Rogue.VirusHeat) -> No action taken.
C:\Program Files\Pest-Patrol\IEWarning.dll (Rogue.PestPatrol) -> No action taken.
C:\WINDOWS\system32\quartz.dll (Rogue.PestPatrol) -> No action taken.
C:\WINDOWS\system32\blackster.scr (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\ctfmonb.bmp (Malware.Trace) -> No action taken.
C:\WINDOWS\system32\824223\824223.dll (Trojan.BHO) -> No action taken.
C:\Program Files\Montorgueil\14.06128 (Diler) -> No action taken.
C:\Program Files\AntiVirProtect\AntiVirProtect.lic (Rogue.AntiVirProtect) -> No action taken.
C:\Program Files\AntiVirProtect\AntiVirProtect0.ap (Rogue.AntiVirProtect) -> No action taken.
C:\Program Files\AntiVirProtect\AntiVirProtect1.ap (Rogue.AntiVirProtect) -> No action taken.
C:\Program Files\AntiVirProtect\Uninstall.exe (Rogue.AntiVirProtect) -> No action taken.
C:\WINDOWS\system32\818646\818646.dll (Trojan.BHO) -> No action taken.
C:\WINDOWS\system32\WinCtrl32.dll (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\pmnkIXNe.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\byXQJbYS.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\temp\BN1A.tmp (Trojan.Agent) -> No action taken.
C:\WINDOWS\temp\BN29.tmp (Trojan.Agent) -> No action taken.
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 33
Utilisateur anonyme
 
No action taken

as tu supprimé la selection a la fin du scan ??

Si oui as tu le rapport qui le confirme ??

les rapports sont rangés dans l onglet rapport/log
0
Réponse 6 / 33
saga
 
J'ai enregistré le rapport avant de supprimer la sélection, j'ai bien tout supprimé.
0
Réponse 7 / 33
Utilisateur anonyme
 
dans ce cas réouvre malewarebyte
va sur quarantaine
supprime tout

ensuite va sur rapport/log
et envoi le dernier rapport

et fais ça :

Télécharge clean.zip, de Malekal
http://www.malekal.com/download/clean.zip

(1) Dézippe-le sur ton bureau (clic droit / extraire tout), tu dois obtenir un dossier clean.

(2) Ouvre le dossier clean qui se trouve sur ton bureau, et double-clic sur clean.cmd

une fenêtre noire va apparaître pendant un instant, laisse la ouverte.

(3) Choisis l'option 1 puis patiente
Poste le rapport obtenu

pour retrouver le rapport : double clique sur > C > double clique sur " rapport_clean txt.
et copie/colle le sur ta prochaine réponse .

Ne passe pas à l'option 2 sans notre avis !

0
Réponse 8 / 33
saga
 
Voila le rapport de malwarebyte:

Malwarebytes' Anti-Malware 1.14
Version de la base de données: 800

18:48:42 02/06/2008
mbam-log-6-2-2008 (18-48-42).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 139272
Temps écoulé: 48 minute(s), 34 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 2
Clé(s) du Registre infectée(s): 79
Valeur(s) du Registre infectée(s): 18
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 5
Fichier(s) infecté(s): 18

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
C:\WINDOWS\system32\WinCtrl32.dll (Trojan.Agent) -> Unloaded module successfully.
C:\WINDOWS\system32\byXQJbYS.dll (Trojan.Vundo) -> Unloaded module successfully.

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\iewarning.warningbho (Rogue.PestPatrol) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{56fa7933-dc3e-403b-8d47-bb5e3f345a21} (Rogue.PestPatrol) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{56fa7933-dc3e-403b-8d47-bb5e3f345a21} (Rogue.PestPatrol) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\iewarning.warningbho.1 (Rogue.PestPatrol) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8499c835-defd-267e-3dce-d3832cc3f983} (Rogue.PestPatrol) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{05589faf-c356-11ce-bf01-00aa0055595a} (Rogue.PestPatrol) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{060af76c-68dd-11d0-8fc1-00c04fd9189d} (Rogue.PestPatrol) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0618aa30-6bc4-11cf-bf36-00aa0055595a} (Rogue.PestPatrol) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{06b32aee-77da-484b-973b-5d64f47201b0} (Rogue.PestPatrol) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{07167665-5011-11cf-bf33-00aa0055595a} (Rogue.PestPatrol) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{07b65360-c445-11ce-afde-00aa006c14f4} (Rogue.PestPatrol) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1643e180-90f5-11ce-97d5-00aa0055595a} (Rogue.PestPatrol) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1b544c20-fd0b-11ce-8c63-00aa0044b51e} (Rogue.PestPatrol) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1bb05961-5fbf-11d2-a521-44df07c10000} (Rogue.PestPatrol) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1da08500-9edc-11cf-bc10-00aa00ac74f6} (Rogue.PestPatrol) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1e651cc0-b199-11d0-8212-00c04fc32c45} (Rogue.PestPatrol) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2d2e24cb-0cd5-458f-86ea-3e6fa22c8e64} (Rogue.PestPatrol) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{301056d0-6dff-11d2-9eeb-006008039e37} (Rogue.PestPatrol) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{336475d0-942a-11ce-a870-00aa002feab5} (Rogue.PestPatrol) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{33facfe0-a9be-11d0-a520-00a0d10129c0} (Rogue.PestPatrol) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{37e92a92-d9aa-11d2-bf84-8ef2b1555aed} (Rogue.PestPatrol) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{418afb70-f8b8-11ce-aac6-0020af0b99a3} (Rogue.PestPatrol) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{4444ac9e-242e-471b-a3c7-45dcd46352bc} (Rogue.PestPatrol) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{48025243-2d39-11ce-875d-00608cb78066} (Rogue.PestPatrol) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{4a2286e0-7bef-11ce-9bd9-0000e202599c} (Rogue.PestPatrol) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{51b4abf3-748f-4e3b-a276-c828330e926a} (Rogue.PestPatrol) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{59ce6880-acf8-11cf-b56e-0080c7c4b68a} (Rogue.PestPatrol) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{6a08cf80-0e18-11cf-a24d-0020afd79767} (Rogue.PestPatrol) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{6bc1cffa-8fc1-4261-ac22-cfb4cc38db50} (Rogue.PestPatrol) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{6f26a6cd-967b-47fd-874a-7aed2c9d25a2} (Rogue.PestPatrol) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{70e102b0-5556-11ce-97c0-00aa0055595a} (Rogue.PestPatrol) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{79376820-07d0-11cf-a24d-0020afd79767} (Rogue.PestPatrol) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7d8aa343-6e63-4663-be90-6b80f66540a3} (Rogue.PestPatrol) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{92a3a302-da7c-4a1f-ba7e-1802bb5d2d02} (Rogue.PestPatrol) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{92a3a302-da7c-4a1f-ba7e-1802bb5d2d02} (Rogue.PestPatrol) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{944d4c00-dd52-11ce-bf0e-00aa0055595a} (Rogue.PestPatrol) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{99d54f63-1a69-41ae-aa4d-c976eb3f0713} (Rogue.PestPatrol) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a888df60-1e90-11cf-ac98-00aa004c0fa9} (Rogue.PestPatrol) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a8dfb9a0-8a20-479f-b538-9387c5eeba2b} (Rogue.PestPatrol) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b80ab0a0-7416-11d2-9eeb-006008039e37} (Rogue.PestPatrol) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b87beb7b-8d29-423f-ae4d-6582c10175ac} (Rogue.PestPatrol) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{cc785860-b2ca-11ce-8d2b-0000e202599c} (Rogue.PestPatrol) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{cda42200-bd88-11d0-bd4e-00a0c911ce86} (Rogue.PestPatrol) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{cdbd8d00-c193-11d0-bd4e-00a0c911ce86} (Rogue.PestPatrol) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{cf49d4e0-1115-11ce-b03a-0020af0ba770} (Rogue.PestPatrol) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d3588ab0-0781-11ce-b03a-0020af0ba770} (Rogue.PestPatrol) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d51bd5a0-7548-11cf-a520-0080c77ef58a} (Rogue.PestPatrol) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d51bd5a1-7548-11cf-a520-0080c77ef58a} (Rogue.PestPatrol) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d51bd5a2-7548-11cf-a520-0080c77ef58a} (Rogue.PestPatrol) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d51bd5a3-7548-11cf-a520-0080c77ef58a} (Rogue.PestPatrol) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d51bd5a5-7548-11cf-a520-0080c77ef58a} (Rogue.PestPatrol) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e30629d1-27e5-11ce-875d-00608cb78066} (Rogue.PestPatrol) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e4206432-01a1-4bee-b3e1-3702c8edc574} (Rogue.PestPatrol) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e436ebb1-524f-11ce-9f53-0020af0ba770} (Rogue.PestPatrol) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e436ebb2-524f-11ce-9f53-0020af0ba770} (Rogue.PestPatrol) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e436ebb3-524f-11ce-9f53-0020af0ba770} (Rogue.PestPatrol) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e436ebb5-524f-11ce-9f53-0020af0ba770} (Rogue.PestPatrol) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e436ebb6-524f-11ce-9f53-0020af0ba770} (Rogue.PestPatrol) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e436ebb7-524f-11ce-9f53-0020af0ba770} (Rogue.PestPatrol) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e436ebb8-524f-11ce-9f53-0020af0ba770} (Rogue.PestPatrol) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e4979309-7a32-495e-8a92-7b014aad4961} (Rogue.PestPatrol) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e5b4eaa0-b2ca-11ce-8d2b-0000e202599c} (Rogue.PestPatrol) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{fdfe9681-74a3-11d0-afa7-00aa00b67a42} (Rogue.PestPatrol) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{feb50740-7bef-11ce-9bd9-0000e202599c} (Rogue.PestPatrol) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{54192079-8e8a-43d8-bcbc-3874916159af} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{34cf6660-9bd3-431a-ba32-6b511d4126da} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{9034a523-d068-4be8-a284-9df278be776e} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{daed9266-8c28-4c1c-8b58-5c66eff1d302} (Search.Hijack) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Pest-Patrol (Rogue.PestPatrol) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\winctrl32 (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\AntiVirProtect (Rogue.AntiVirProtect) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Web Application (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Software Notifier (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{4f26bedb-d89b-44a1-948b-5d523292dadf} (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f26bedb-d89b-44a1-948b-5d523292dadf} (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\byxqjbys (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\e405.e405mgr (Trojan.Zlob) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Pest-Patrol (Rogue.VirusHeat) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Pest-Patrol 2.1.0 (Rogue.VirusHeat) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\{9034a523-d068-4be8-a284-9df278be776e} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{51d81dd5-55b7-497f-95db-d356429bb54e} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\OriginalWallpaper (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\ConvertedWallpaper (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\SCRNSAVE.EXE (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\BootDrv (Trojan.Clicker) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{4f26bedb-d89b-44a1-948b-5d523292dadf} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\SearchMigratedDefaultURL (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\w\ (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\SearchMigratedDefaultURL (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl\w\ (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchURL (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow\*.securewebinfo.com (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow\*.safetyincludes.com (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow\*.securemanaging.com (Trojan.Zlob) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_CURRENT_USER\Control Panel\International\sTimeFormat (Trojan.FakeAlert) -> Bad: (HH:mm: VIRUS ALERT!) Good: (HH:mm:ss) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
C:\Program Files\Montorgueil (Diler) -> Quarantined and deleted successfully.
C:\Program Files\AntiVirProtect (Rogue.AntiVirProtect) -> Quarantined and deleted successfully.
C:\Program Files\Pest-Patrol (Rogue.PestPatrol) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\824223 (Trojan.BHO) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\818646 (Trojan.BHO) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Program Files\Pest-Patrol\Pest-Patrol.exe (Rogue.VirusHeat) -> Quarantined and deleted successfully.
C:\Program Files\Pest-Patrol\Pest-Patrol.exe (Rogue.VirusHeat) -> Quarantined and deleted successfully.
C:\Program Files\Pest-Patrol\IEWarning.dll (Rogue.PestPatrol) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\quartz.dll (Rogue.PestPatrol) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\blackster.scr (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ctfmonb.bmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\824223\824223.dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\Program Files\Montorgueil\14.06128 (Diler) -> Quarantined and deleted successfully.
C:\Program Files\AntiVirProtect\AntiVirProtect.lic (Rogue.AntiVirProtect) -> Quarantined and deleted successfully.
C:\Program Files\AntiVirProtect\AntiVirProtect0.ap (Rogue.AntiVirProtect) -> Quarantined and deleted successfully.
C:\Program Files\AntiVirProtect\AntiVirProtect1.ap (Rogue.AntiVirProtect) -> Quarantined and deleted successfully.
C:\Program Files\AntiVirProtect\Uninstall.exe (Rogue.AntiVirProtect) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\818646\818646.dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\WinCtrl32.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\pmnkIXNe.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\byXQJbYS.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\temp\BN1A.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\temp\BN29.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
0
Réponse 9 / 33
Utilisateur anonyme
 
ok vide la quarantaine malewarebyte et fais clean stp
0
Réponse 10 / 33
saga
 
Probleme, je n'arrive plus à utiliser l'ordinateur, dès que je l'ouvre il y a le bureau qui disparait, il ne reste que le fond d'écran après ça revient mais pas assez longtemps pour je puisse exécuter "clean" puis ça se rebloque sur le fond d'écran. Ca me faisait ça déjà avant de commencer malewarebyte mais j'étais arriver à l'enlever en utilisant un point de restauration et en démarrant en mode sans échec. Mais là, depuis que j'ai passé maleware, je n'ai plus de point de restauration et donc je ne peux plus exécuter "clean".
Je ne travaille pas sur l'ordinateur infesté, j'importe tout d'un autre ordinateur avec une clé USB.

Merci de m'aider.
0
Réponse 11 / 33
Utilisateur anonyme
 
Télécharge combofix : http://download.bleepingcomputer.com/sUBs/ComboFix.exe

-> Double clique combofix.exe.
-> Tape sur la touche 1 (Yes) pour démarrer le scan.
-> Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

NOTE : Le rapport se trouve également ici : C:\Combofix.txt

Avant d'utiliser ComboFix :

-> Déconnecte toi d'internet et referme les fenêtres de tous les programmes en cours.

-> Désactive provisoirement et seulement le temps de l'utilisation de ComboFix, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent géner fortement la procédure de recherche et de nettoyage de l'outil.

Une fois fait, sur ton bureau double-clic sur Combofix.exe.

- Répond oui au message d'avertissement, pour que le programme commence à procéder à l'analyse du pc.

/!\ Pendant la durée de cette étape, ne te sert pas du pc et n'ouvre aucun programmes.

- En fin de scan il est possible que ComboFix ait besoin de redemarrer le pc pour finaliser la désinfection\recherche, laisses-le faire.

- Un rapport s'ouvrira ensuite dans le bloc notes, ce fichier rapport Combofix.txt, est automatiquement sauvegardé et rangé à C:\Combofix.txt)

-> Réactive la protection en temps réel de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.

-> Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.

-> Tutoriel https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix

0
Réponse 12 / 33
saga
 
Mais je n'ai pas assez le temps pour exécuter le logiciel.
0
Réponse 13 / 33
Utilisateur anonyme
 
essai en mode sans echec
0
Réponse 14 / 33
saga
 
j'ai déjà essayé, rien ne change.
0
Réponse 15 / 33
Utilisateur anonyme
 
t as le cd windows ??
0
Réponse 16 / 33
saga
 
Oui
0
Réponse 17 / 33
Utilisateur anonyme
 
COOL !!

dans ton cas vu que tu ne peux rien faire du pc !

demarre le pc ensuite insere le cd windows

redémarre le pc

au demarrage t auras un message te disant de presser une touche pour demarrer le cd

fais le

ensuite durant l installation forrmate le disque C et continue l installation

tu dois savoir que ceci effacera tes documents tes logiciels etc

donc sauvegarde tes docs etc sur une cle usb par exemple

avant de réinstaller windows

0
Réponse 18 / 33
saga
 
Bon en faite je suis arrivé à faire démarrer combofix gràce au gestionnaire des taches, en faisant nouvelle tâche. Il est en train de scanner l'ordinateur, je met le résultat plus tard.
0
Réponse 19 / 33
Utilisateur anonyme
 
ok cool
0
Réponse 20 / 33
saga
 
Pas de changement.
0

Discussions similaires

Discord se lance mais l'écran se reste gris et rien ne se passe
Azo23 -
theo -

42 réponses