Infection malwareprotector 2008
saccato2005
Messages postés
2
Statut
Membre
-
joggy -
joggy -
Bonjour,
Mon PC est infecté depuis plusieurs jours par "malwareprotector 2008". Après plusieurs
tentatives de désinfection infructueuses, j"ai fait un scan avec
Malwarebytes' qui m'a généré le rapport suivant. Maintenant j'ai besoin de votre aide pour
éradiquer définitivement ce problème.
Merci de votre aide!!!!!!!
Malwarebytes' Anti-Malware 1.21
Version de la base de données: 969
Windows 5.1.2600 Service Pack 3
15:54:55 20/07/2008
mbam-log-7-20-2008 (15-54-55).txt
Type de recherche: Examen complet (C:\|D:\|E:\|)
Eléments examinés: 139845
Temps écoulé: 1 hour(s), 28 minute(s), 53 second(s)
Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 9
Valeur(s) du Registre infectée(s): 8
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 25
Fichier(s) infecté(s): 38
Processus mémoire infecté(s):
C:\WINDOWS\system32\blphcvepj0en89.scr (Trojan.FakeAlert) -> Unloaded process successfully.
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{54018e98-10e3-46c6-9673-2999253f9c65} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{54018e98-10e3-46c6-9673-2999253f9c65} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\shcpepj0en89 (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\rhcrepj0en89 (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\shcpepj0en89 (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\uninstall (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\wkey (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\mwc (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Software Notifier (Rogue.Multiple) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{54018e98-10e3-46c6-9673-2999253f9c65} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\smshcpepj0en89 (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lphcvepj0en89 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\smrhcrepj0en89 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\wallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\originalwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\convertedwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\scrnsave.exe (Hijack.Wallpaper) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispBackgroundPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispScrSavPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
C:\Program Files\rhcrepj0en89 (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\shcpepj0en89 (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Application Data\Microsoft\dtsc (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Application Data\rhcrepj0en89 (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Application Data\rhcrepj0en89\Quarantine (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Application Data\rhcrepj0en89\Quarantine\Autorun (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Application Data\rhcrepj0en89\Quarantine\Autorun\HKCU (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Application Data\rhcrepj0en89\Quarantine\Autorun\HKCU\RunOnce (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Application Data\rhcrepj0en89\Quarantine\Autorun\HKLM (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Application Data\rhcrepj0en89\Quarantine\Autorun\HKLM\RunOnce (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Application Data\rhcrepj0en89\Quarantine\Autorun\StartMenuAllUsers (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Application Data\rhcrepj0en89\Quarantine\Autorun\StartMenuCurrentUser (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Application Data\rhcrepj0en89\Quarantine\BrowserObjects (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Application Data\rhcrepj0en89\Quarantine\Packages (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Application Data\shcpepj0en89 (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Application Data\shcpepj0en89\Quarantine (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Application Data\shcpepj0en89\Quarantine\Autorun (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Application Data\shcpepj0en89\Quarantine\Autorun\HKCU (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Application Data\shcpepj0en89\Quarantine\Autorun\HKCU\RunOnce (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Application Data\shcpepj0en89\Quarantine\Autorun\HKLM (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Application Data\shcpepj0en89\Quarantine\Autorun\HKLM\RunOnce (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Application Data\shcpepj0en89\Quarantine\Autorun\StartMenuAllUsers (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Application Data\shcpepj0en89\Quarantine\Autorun\StartMenuCurrentUser (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Application Data\shcpepj0en89\Quarantine\BrowserObjects (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Application Data\shcpepj0en89\Quarantine\Packages (Rogue.Multiple) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Program Files\rhcrepj0en89\database.dat (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhcrepj0en89\license.txt (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhcrepj0en89\MFC71.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhcrepj0en89\MFC71ENU.DLL (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhcrepj0en89\msvcp71.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhcrepj0en89\msvcr71.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhcrepj0en89\rhcrepj0en89.exe.local (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\shcpepj0en89\database.dat (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\shcpepj0en89\license.txt (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\shcpepj0en89\MFC71.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\shcpepj0en89\MFC71ENU.DLL (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\shcpepj0en89\msvcp71.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\shcpepj0en89\msvcr71.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\shcpepj0en89\shcpepj0en89.exe (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\shcpepj0en89\shcpepj0en89.exe.local (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\shcpepj0en89\shcpepj0en89Skin.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\shcpepj0en89\Uninstall.exe (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Application Data\Microsoft\dtsc\s (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\lvuvc.hs (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\blphcvepj0en89.scr (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lphcvepj0en89.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\phcvepj0en89.bmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Local Settings\Temp\.tt15.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Local Settings\Temp\.tt1.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Local Settings\Temp\.tt2.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Local Settings\Temp\.tt3.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Local Settings\Temp\.tt4.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Local Settings\Temp\.tt5.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Local Settings\Temp\.tt6.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Local Settings\Temp\.tt7.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Local Settings\Temp\.tt8.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Local Settings\Temp\.tt9.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Local Settings\Temp\.ttA.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Local Settings\Temp\.ttB.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Local Settings\Temp\.ttC.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Local Settings\Temp\.ttD.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Local Settings\Temp\.ttE.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Local Settings\Temp\.ttF.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
Mon PC est infecté depuis plusieurs jours par "malwareprotector 2008". Après plusieurs
tentatives de désinfection infructueuses, j"ai fait un scan avec
Malwarebytes' qui m'a généré le rapport suivant. Maintenant j'ai besoin de votre aide pour
éradiquer définitivement ce problème.
Merci de votre aide!!!!!!!
Malwarebytes' Anti-Malware 1.21
Version de la base de données: 969
Windows 5.1.2600 Service Pack 3
15:54:55 20/07/2008
mbam-log-7-20-2008 (15-54-55).txt
Type de recherche: Examen complet (C:\|D:\|E:\|)
Eléments examinés: 139845
Temps écoulé: 1 hour(s), 28 minute(s), 53 second(s)
Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 9
Valeur(s) du Registre infectée(s): 8
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 25
Fichier(s) infecté(s): 38
Processus mémoire infecté(s):
C:\WINDOWS\system32\blphcvepj0en89.scr (Trojan.FakeAlert) -> Unloaded process successfully.
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{54018e98-10e3-46c6-9673-2999253f9c65} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{54018e98-10e3-46c6-9673-2999253f9c65} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\shcpepj0en89 (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\rhcrepj0en89 (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\shcpepj0en89 (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\uninstall (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\wkey (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\mwc (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Software Notifier (Rogue.Multiple) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{54018e98-10e3-46c6-9673-2999253f9c65} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\smshcpepj0en89 (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lphcvepj0en89 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\smrhcrepj0en89 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\wallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\originalwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\convertedwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\scrnsave.exe (Hijack.Wallpaper) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispBackgroundPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispScrSavPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
C:\Program Files\rhcrepj0en89 (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\shcpepj0en89 (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Application Data\Microsoft\dtsc (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Application Data\rhcrepj0en89 (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Application Data\rhcrepj0en89\Quarantine (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Application Data\rhcrepj0en89\Quarantine\Autorun (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Application Data\rhcrepj0en89\Quarantine\Autorun\HKCU (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Application Data\rhcrepj0en89\Quarantine\Autorun\HKCU\RunOnce (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Application Data\rhcrepj0en89\Quarantine\Autorun\HKLM (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Application Data\rhcrepj0en89\Quarantine\Autorun\HKLM\RunOnce (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Application Data\rhcrepj0en89\Quarantine\Autorun\StartMenuAllUsers (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Application Data\rhcrepj0en89\Quarantine\Autorun\StartMenuCurrentUser (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Application Data\rhcrepj0en89\Quarantine\BrowserObjects (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Application Data\rhcrepj0en89\Quarantine\Packages (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Application Data\shcpepj0en89 (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Application Data\shcpepj0en89\Quarantine (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Application Data\shcpepj0en89\Quarantine\Autorun (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Application Data\shcpepj0en89\Quarantine\Autorun\HKCU (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Application Data\shcpepj0en89\Quarantine\Autorun\HKCU\RunOnce (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Application Data\shcpepj0en89\Quarantine\Autorun\HKLM (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Application Data\shcpepj0en89\Quarantine\Autorun\HKLM\RunOnce (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Application Data\shcpepj0en89\Quarantine\Autorun\StartMenuAllUsers (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Application Data\shcpepj0en89\Quarantine\Autorun\StartMenuCurrentUser (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Application Data\shcpepj0en89\Quarantine\BrowserObjects (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Application Data\shcpepj0en89\Quarantine\Packages (Rogue.Multiple) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Program Files\rhcrepj0en89\database.dat (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhcrepj0en89\license.txt (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhcrepj0en89\MFC71.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhcrepj0en89\MFC71ENU.DLL (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhcrepj0en89\msvcp71.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhcrepj0en89\msvcr71.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhcrepj0en89\rhcrepj0en89.exe.local (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\shcpepj0en89\database.dat (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\shcpepj0en89\license.txt (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\shcpepj0en89\MFC71.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\shcpepj0en89\MFC71ENU.DLL (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\shcpepj0en89\msvcp71.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\shcpepj0en89\msvcr71.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\shcpepj0en89\shcpepj0en89.exe (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\shcpepj0en89\shcpepj0en89.exe.local (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\shcpepj0en89\shcpepj0en89Skin.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\shcpepj0en89\Uninstall.exe (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Application Data\Microsoft\dtsc\s (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\lvuvc.hs (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\blphcvepj0en89.scr (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lphcvepj0en89.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\phcvepj0en89.bmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Local Settings\Temp\.tt15.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Local Settings\Temp\.tt1.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Local Settings\Temp\.tt2.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Local Settings\Temp\.tt3.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Local Settings\Temp\.tt4.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Local Settings\Temp\.tt5.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Local Settings\Temp\.tt6.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Local Settings\Temp\.tt7.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Local Settings\Temp\.tt8.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Local Settings\Temp\.tt9.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Local Settings\Temp\.ttA.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Local Settings\Temp\.ttB.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Local Settings\Temp\.ttC.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Local Settings\Temp\.ttD.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Local Settings\Temp\.ttE.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.ADMIN-NAOWM7ZJM\Local Settings\Temp\.ttF.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
A voir également:
- Infection malwareprotector 2008
- Musique saxophone electro 2008 ✓ - Forum Musique / Radio / Clip
- Téléchargement autocad 2008 francais gratuit - Télécharger - CAO-DAO
- Télécharger microsoft encarta junior 2008 gratuit - Forum loisirs/vie pratique
- Visual basic 2008 - Télécharger - Langages
- Autocad 2008 language pack french - Forum Architecture / décoration
3 réponses
Salut
réouvre malewarebyte
va sur quarantaine
supprime tout
Télécharge HijackThis ici :
-> http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe
Tutoriel d´instalation : (Merci a Balltrap34 pour cette réalisation)
-> http://pageperso.aol.fr/balltrap34/Hijenr.gif
Tutoriel d´utilisation (video) : (Merci a Balltrap34 pour cette réalisation)
-> http://perso.orange.fr/rginformatique/section%20virus/demohijack.htm
Post le rapport généré ici stp...
réouvre malewarebyte
va sur quarantaine
supprime tout
Télécharge HijackThis ici :
-> http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe
Tutoriel d´instalation : (Merci a Balltrap34 pour cette réalisation)
-> http://pageperso.aol.fr/balltrap34/Hijenr.gif
Tutoriel d´utilisation (video) : (Merci a Balltrap34 pour cette réalisation)
-> http://perso.orange.fr/rginformatique/section%20virus/demohijack.htm
Post le rapport généré ici stp...
Juste pour information ce virus ce décline sous plusieurs nom.
Je viens de supprimer Antivirus XP 2008 qui est une de ses autres formes.
Son nom: pphcln1j0e75g.exe
Tous les programme qui lui sont associer se termine par la même base 1j0e75g
Pour toi la base est epj0en89
Pour le supprimer j'ai recherché tous les fichiers et dossier possédant cette base sur les disques et dans le registre ainsi que son nom, pour moi antivirus XP 2008 et je les est tous supprimés dans le mode sans échec.
++
Je viens de supprimer Antivirus XP 2008 qui est une de ses autres formes.
Son nom: pphcln1j0e75g.exe
Tous les programme qui lui sont associer se termine par la même base 1j0e75g
Pour toi la base est epj0en89
Pour le supprimer j'ai recherché tous les fichiers et dossier possédant cette base sur les disques et dans le registre ainsi que son nom, pour moi antivirus XP 2008 et je les est tous supprimés dans le mode sans échec.
++
Merci de répondre aussi vite. Avant de poster mon mail, j'avais lancé une analyse avec "Dr web antivirus" en désactivant la restauration du système, et miracle (pour l'instant en tout cas) plus de trace du virus après redémarrage.
Merci encore, je ne manquerai pas de te faire appel si le problème revient.