Sujet Précédent Sujet Suivant

Antivirusxp2008

Fermé
malou35 Messages postés 2 Date d'inscription mercredi 23 juillet 2008 Statut Membre Dernière intervention 23 juillet 2008 - 23 juil. 2008 à 07:31
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 - 24 août 2008 à 10:36
Bonjour,je suis ds la panade j'aie choper antivirusxp 2008 meme avec avast familliale on m'avait die que c'etaie une passoir mais bon j'aie essaye de m'ensortire tout seul mais je suis pas un pro loin de la si qq1 pouvaie me donner un coup de mains merci a tous

4 réponses

Réponse 1 / 4
Lauryjo Messages postés 2 Date d'inscription mercredi 23 juillet 2008 Statut Membre Dernière intervention 23 juillet 2008 1
23 juil. 2008 à 07:36
Salut

je viens juste de régler le même problème en suivant les conseils ci-dessous. ( merci à chiquitine 29 pour l'info )

Telecharge malwarebytes

-> http://www.malwarebytes.org/mbam/program/mbam-setup.exe

Tu l´instale; le programme va se mettre automatiquement a jour.

Une fois a jour, le programme va se lancer; click sur l´onglet parametre, et coche la case : "Arreter internet explorer pendant la suppression".

Click maintenant sur l´onglet recherche et coche la case : "executer un examen complet".

Puis click sur "rechercher".

Laisse le scanner le pc...

Si des elements on ete trouvés > click sur supprimer la selection.

si il t´es demandé de redemarrer > click sur "yes".

A la fin un rapport va s´ouvrir; sauvegarde le de maniere a le retrouver en vu de le poster sur le forum.

Copie et colle le rapport stp.

ps : les rapport sont aussi rangé dans l onglet rapport/log
1
marie72
3 août 2008 à 22:43
Salut!
Je te remercie de l'info car je ne commençais pas a rigolé et ton info pour les malware ma été très utile ,car il a tout Virer et depuis 5 min mon p.c est repartie comme en 14.
Pour ceux qui ont un soucis faite confiances a ces logiciels.
Résultat super.
0
pupuce
22 août 2008 à 20:11
merci,ça a fonctionné pour moi aussi et voici le rapportMalwarebytes' Anti-Malware 1.25
Version de la base de données: 1077
Windows 5.1.2600 Service Pack 3

19:58:56 22/08/2008
mbam-log-08-22-2008 (19-58-56).txt

Type de recherche: Examen complet (C:\|D:\|E:\|F:\|G:\|H:\|)
Eléments examinés: 125817
Temps écoulé: 1 hour(s), 51 minute(s), 3 second(s)

Processus mémoire infecté(s): 3
Module(s) mémoire infecté(s): 3
Clé(s) du Registre infectée(s): 3
Valeur(s) du Registre infectée(s): 7
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 16
Fichier(s) infecté(s): 37

Processus mémoire infecté(s):
C:\Program Files\rhc1fcj0er2r\rhc1fcj0er2r.exe (Rogue.Multiple) -> Unloaded process successfully.
C:\WINDOWS\system32\lphc5fcj0er2r.exe (Trojan.FakeAlert) -> Unloaded process successfully.
C:\WINDOWS\system32\pphc5fcj0er2r.exe (Trojan.FakeAlert) -> Unloaded process successfully.

Module(s) mémoire infecté(s):
C:\Program Files\rhc1fcj0er2r\MFC71.dll (Rogue.Multiple) -> Delete on reboot.
C:\Program Files\rhc1fcj0er2r\msvcp71.dll (Rogue.Multiple) -> Delete on reboot.
C:\Program Files\rhc1fcj0er2r\msvcr71.dll (Rogue.Multiple) -> Delete on reboot.

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\rhc1fcj0er2r (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\rhc1fcj0er2r (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Software Notifier (Rogue.Multiple) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\smrhc1fcj0er2r (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sysrest32.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lphc5fcj0er2r (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\wallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\originalwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\convertedwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\scrnsave.exe (Hijack.Wallpaper) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispBackgroundPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispScrSavPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
C:\Program Files\InternetGameBox (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\InternetGameBox\ressources (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\InternetGameBox\ressources\favoris (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\InternetGameBox\skins (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\rhc1fcj0er2r (Rogue.Multiple) -> Delete on reboot.
C:\Documents and Settings\moi\Application Data\rhc1fcj0er2r (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\moi\Application Data\rhc1fcj0er2r\Quarantine (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\moi\Application Data\rhc1fcj0er2r\Quarantine\Autorun (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\moi\Application Data\rhc1fcj0er2r\Quarantine\Autorun\HKCU (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\moi\Application Data\rhc1fcj0er2r\Quarantine\Autorun\HKCU\RunOnce (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\moi\Application Data\rhc1fcj0er2r\Quarantine\Autorun\HKLM (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\moi\Application Data\rhc1fcj0er2r\Quarantine\Autorun\HKLM\RunOnce (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\moi\Application Data\rhc1fcj0er2r\Quarantine\Autorun\StartMenuAllUsers (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\moi\Application Data\rhc1fcj0er2r\Quarantine\Autorun\StartMenuCurrentUser (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\moi\Application Data\rhc1fcj0er2r\Quarantine\BrowserObjects (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\moi\Application Data\rhc1fcj0er2r\Quarantine\Packages (Rogue.Multiple) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Documents and Settings\moi\Local Settings\Temp\.tt70.tmp (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Program Files\InternetGameBox\Conditions générales.url (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\InternetGameBox\Confidentialité.url (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\InternetGameBox\language (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\InternetGameBox\Website.url (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\InternetGameBox\ressources\AttenteOff.html (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\InternetGameBox\ressources\AttenteOn.html (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\InternetGameBox\ressources\configv2_en.xml (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\InternetGameBox\ressources\configv2_es.xml (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\InternetGameBox\ressources\configv2_fr.xml (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\InternetGameBox\ressources\NoS2F.bin (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\InternetGameBox\ressources\favoris\defaultv2.swf (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\InternetGameBox\skins\skinv2.skn (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\rhc1fcj0er2r\database.dat (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhc1fcj0er2r\license.txt (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhc1fcj0er2r\MFC71.dll (Rogue.Multiple) -> Delete on reboot.
C:\Program Files\rhc1fcj0er2r\MFC71ENU.DLL (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhc1fcj0er2r\msvcp71.dll (Rogue.Multiple) -> Delete on reboot.
C:\Program Files\rhc1fcj0er2r\msvcr71.dll (Rogue.Multiple) -> Delete on reboot.
C:\Program Files\rhc1fcj0er2r\rhc1fcj0er2r.exe (Rogue.Multiple) -> Delete on reboot.
C:\Program Files\rhc1fcj0er2r\rhc1fcj0er2r.exe.local (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhc1fcj0er2r\Uninstall.exe (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sysrest32.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lphc5fcj0er2r.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\phc5fcj0er2r.bmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pphc5fcj0er2r.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nmllkkjjih_navps.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qegiuzj_navps.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nmllkkjjih_nav.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qegiuzj_nav.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:\Documents and Settings\moi\Local Settings\Temp\.tt1.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\moi\Local Settings\Temp\.tt2.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\moi\Local Settings\Temp\.tt3.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\moi\Local Settings\Temp\.tt5.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\moi\Local Settings\Temp\.tt7.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\moi\Local Settings\Temp\.tt8.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\moi\Local Settings\Temp\.tt9.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
0
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406 > pupuce
24 août 2008 à 10:36
Salut pupuce,

Oui on dirait que c´est ok...

On va vérifier car tu avais d´autres infections ègalement...

Télécharge HijackThis ici :

-> http://www.commentcamarche.net/telecharger/telecharger 159 hijackthis

Tutoriel d´instalation : (Merci a Balltrap34 pour cette réalisation)

-> http://pageperso.aol.fr/balltrap34/Hijenr.gif

Tutoriel d´utilisation (video) : (Merci a Balltrap34 pour cette réalisation)

-> http://perso.orange.fr/rginformatique/section%20virus/demohijack.htm

Post le rapport généré ici stp...

@+
0
Réponse 2 / 4
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
23 juil. 2008 à 13:27
Salut,

Télécharge HijackThis ici :

-> http://www.commentcamarche.net/telecharger/telecharger 159 hijackthis

Tutoriel d´instalation : (Merci a Balltrap34 pour cette réalisation)

-> http://pageperso.aol.fr/balltrap34/Hijenr.gif

Tutoriel d´utilisation (video) : (Merci a Balltrap34 pour cette réalisation)

-> http://perso.orange.fr/rginformatique/section%20virus/demohijack.htm

Post le rapport généré ici stp...

@+
1
Réponse 3 / 4
Lauryjo Messages postés 2 Date d'inscription mercredi 23 juillet 2008 Statut Membre Dernière intervention 23 juillet 2008 1
23 juil. 2008 à 07:41
D'ailleurs voici le rapport pour ceux que ça interesse ( moi perso je suis pas top en informatique et là ça dépasse mes faibles compétences )

Malwarebytes' Anti-Malware 1.22
Version de la base de données: 981
Windows 5.1.2600 Service Pack 2

07:25:54 23/07/2008
mbam-log-7-23-2008 (07-25-54).txt

Type de recherche: Examen rapide
Eléments examinés: 41826
Temps écoulé: 7 minute(s), 11 second(s)

Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 5
Valeur(s) du Registre infectée(s): 4
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 12
Fichier(s) infecté(s): 21

Processus mémoire infecté(s):
C:\WINDOWS\system32\CbEvtSvc.exe (Trojan.Downloader) -> Unloaded process successfully.

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\rhcnbpj0e72c (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\rhcnbpj0e72c (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CbEvtSvc (Trojan.MyDoom) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Software Notifier (Rogue.Multiple) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\Control Panel\Desktop\wallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\originalwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\convertedwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\scrnsave.exe (Hijack.Wallpaper) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispBackgroundPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispScrSavPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
C:\Program Files\rhcnbpj0e72c (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ma Session\Application Data\rhcnbpj0e72c (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ma Session\Application Data\rhcnbpj0e72c\Quarantine (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ma Session\Application Data\rhcnbpj0e72c\Quarantine\Autorun (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ma Session\Application Data\rhcnbpj0e72c\Quarantine\Autorun\HKCU (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ma Session\Application Data\rhcnbpj0e72c\Quarantine\Autorun\HKCU\RunOnce (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ma Session\Application Data\rhcnbpj0e72c\Quarantine\Autorun\HKLM (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ma Session\Application Data\rhcnbpj0e72c\Quarantine\Autorun\HKLM\RunOnce (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ma Session\Application Data\rhcnbpj0e72c\Quarantine\Autorun\StartMenuAllUsers (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ma Session\Application Data\rhcnbpj0e72c\Quarantine\Autorun\StartMenuCurrentUser (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ma Session\Application Data\rhcnbpj0e72c\Quarantine\BrowserObjects (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ma Session\Application Data\rhcnbpj0e72c\Quarantine\Packages (Rogue.Multiple) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\WINDOWS\system32\CbEvtSvc.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pphcjbpj0e72c.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\rhcnbpj0e72c\database.dat (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhcnbpj0e72c\license.txt (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhcnbpj0e72c\MFC71.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhcnbpj0e72c\MFC71ENU.DLL (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhcnbpj0e72c\msvcp71.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhcnbpj0e72c\msvcr71.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhcnbpj0e72c\rhcnbpj0e72c.exe (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhcnbpj0e72c\rhcnbpj0e72c.exe.local (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhcnbpj0e72c\Uninstall.exe (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Bureau\Antivirus XP 2008.lnk (Rogue.AntivirusXP2008) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\shanghai.zip (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\blphcjbpj0e72c.scr (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lphcjbpj0e72c.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\phcjbpj0e72c.bmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\.tt8.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ma Session\Local Settings\Temp\.tt1.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ma Session\Local Settings\Temp\.tt2.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ma Session\Local Settings\Temp\.tt3.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ma Session\Local Settings\Temp\.tt5.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
0
Réponse 4 / 4
malou35 Messages postés 2 Date d'inscription mercredi 23 juillet 2008 Statut Membre Dernière intervention 23 juillet 2008
23 juil. 2008 à 13:19
merci mille fois caMalwarebytes' Anti-Malware 1.22
Version de la base de données: 982
Windows 5.1.2600 Service Pack 2

13:12:34 23/07/2008
mbam-log-7-23-2008 (13-12-34).txt

Type de recherche: Examen complet (C:\|)
Eléments examinés: 82598
Temps écoulé: 37 minute(s), 57 second(s)

Processus mémoire infecté(s): 2
Module(s) mémoire infecté(s): 6
Clé(s) du Registre infectée(s): 10
Valeur(s) du Registre infectée(s): 7
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 18
Fichier(s) infecté(s): 35

Processus mémoire infecté(s):
C:\Program Files\rhc7anj0ee5p\rhc7anj0ee5p.exe (Rogue.Multiple) -> Failed to unload process.
C:\WINDOWS\system32\lphc3anj0ee5p.exe (Trojan.FakeAlert) -> Unloaded process successfully.

Module(s) mémoire infecté(s):
C:\WINDOWS\system32\suguebkh.dll (Trojan.Vundo) -> Unloaded module successfully.
C:\WINDOWS\system32\cjtrec.dll (Trojan.Vundo) -> Unloaded module successfully.
C:\Program Files\rhc7anj0ee5p\MFC71.dll (Rogue.Multiple) -> Unloaded module successfully.
C:\Program Files\rhc7anj0ee5p\msvcp71.dll (Rogue.Multiple) -> Unloaded module successfully.
C:\Program Files\rhc7anj0ee5p\msvcr71.dll (Rogue.Multiple) -> Unloaded module successfully.
C:\WINDOWS\system32\blphc3anj0ee5p.scr (Trojan.FakeAlert) -> Unloaded module successfully.

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{21cf007e-3a90-4a0c-812a-23987d45a339} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{21cf007e-3a90-4a0c-812a-23987d45a339} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\rhc7anj0ee5p (Rogue.Multiple) -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Software Notifier (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\SecuriSoft SARL (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Trojan.Vundo) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\3047ec0f (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\smrhc7anj0ee5p (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lphc3anj0ee5p (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\wallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\originalwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\convertedwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\scrnsave.exe (Hijack.Wallpaper) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispBackgroundPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispScrSavPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
C:\Documents and Settings\All Users\Application Data\SecuriSoft SARL (Rogue.WinSpywareProtect) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SecuriSoft SARL\WinSpywareProtect (Rogue.WinSpywareProtect) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SecuriSoft SARL\WinSpywareProtect\BASE (Rogue.WinSpywareProtect) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SecuriSoft SARL\WinSpywareProtect\DELETED (Rogue.WinSpywareProtect) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SecuriSoft SARL\WinSpywareProtect\LOG (Rogue.WinSpywareProtect) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SecuriSoft SARL\WinSpywareProtect\SAVED (Rogue.WinSpywareProtect) -> Quarantined and deleted successfully.
C:\Program Files\rhc7anj0ee5p (Rogue.Multiple) -> Delete on reboot.
C:\Documents and Settings\malou\Application Data\rhc7anj0ee5p (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\malou\Application Data\rhc7anj0ee5p\Quarantine (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\malou\Application Data\rhc7anj0ee5p\Quarantine\Autorun (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\malou\Application Data\rhc7anj0ee5p\Quarantine\Autorun\HKCU (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\malou\Application Data\rhc7anj0ee5p\Quarantine\Autorun\HKCU\RunOnce (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\malou\Application Data\rhc7anj0ee5p\Quarantine\Autorun\HKLM (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\malou\Application Data\rhc7anj0ee5p\Quarantine\Autorun\HKLM\RunOnce (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\malou\Application Data\rhc7anj0ee5p\Quarantine\Autorun\StartMenuAllUsers (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\malou\Application Data\rhc7anj0ee5p\Quarantine\Autorun\StartMenuCurrentUser (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\malou\Application Data\rhc7anj0ee5p\Quarantine\BrowserObjects (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\malou\Application Data\rhc7anj0ee5p\Quarantine\Packages (Rogue.Multiple) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\WINDOWS\system32\cjtrec.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\suguebkh.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\hkbeugus.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{65881106-7EDD-40CA-957B-4BA8174B32B1}\RP108\A0035752.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{65881106-7EDD-40CA-957B-4BA8174B32B1}\RP113\A0036855.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{65881106-7EDD-40CA-957B-4BA8174B32B1}\RP113\A0036849.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{65881106-7EDD-40CA-957B-4BA8174B32B1}\RP115\A0037120.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{65881106-7EDD-40CA-957B-4BA8174B32B1}\RP115\A0037121.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{65881106-7EDD-40CA-957B-4BA8174B32B1}\RP115\A0037119.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{65881106-7EDD-40CA-957B-4BA8174B32B1}\RP116\A0037302.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{65881106-7EDD-40CA-957B-4BA8174B32B1}\RP116\A0037303.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{65881106-7EDD-40CA-957B-4BA8174B32B1}\RP116\A0037301.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{65881106-7EDD-40CA-957B-4BA8174B32B1}\RP89\A0017765.dll (Adware.Shopper) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\weryykvi.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SecuriSoft SARL\WinSpywareProtect\LOG\20080721184710468.log (Rogue.WinSpywareProtect) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SecuriSoft SARL\WinSpywareProtect\LOG\20080721185539515.log (Rogue.WinSpywareProtect) -> Quarantined and deleted successfully.
C:\Program Files\rhc7anj0ee5p\database.dat (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhc7anj0ee5p\license.txt (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhc7anj0ee5p\MFC71.dll (Rogue.Multiple) -> Delete on reboot.
C:\Program Files\rhc7anj0ee5p\MFC71ENU.DLL (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhc7anj0ee5p\msvcp71.dll (Rogue.Multiple) -> Delete on reboot.
C:\Program Files\rhc7anj0ee5p\msvcr71.dll (Rogue.Multiple) -> Delete on reboot.
C:\Program Files\rhc7anj0ee5p\rhc7anj0ee5p.exe (Rogue.Multiple) -> Delete on reboot.
C:\Program Files\rhc7anj0ee5p\rhc7anj0ee5p.exe.local (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhc7anj0ee5p\Uninstall.exe (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\WINDOWS\cookies.ini (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\blphc3anj0ee5p.scr (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lphc3anj0ee5p.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\phc3anj0ee5p.bmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\malou\Local Settings\Temp\.tt15.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\malou\Local Settings\Temp\.tt1.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\malou\Local Settings\Temp\.tt2.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\malou\Local Settings\Temp\.tt8.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\malou\Local Settings\Temp\.ttD.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\malou\Local Settings\Temp\.ttF.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
a l'aire de fonctionner
0