Sujet Précédent Sujet Suivant

RUNDLL + FENETRE INTEMPESTIVES HELP!!!!!!

Résolu/Fermé
feten25 Messages postés 10 Date d'inscription vendredi 25 juillet 2008 Statut Membre Dernière intervention 15 août 2008 - 25 juil. 2008 à 10:24
 feten25 - 22 août 2008 à 21:23
Bonjour,

depuis 3 jours mon pc a un pb, quand je l'allume est bien j'ai une fenêtre qui s'affiche : RUNDLL erreur de chargement de C :\windows/system32/npelokdt.dll.
Aussi quand je vais naviguer sur le net pour faire une recherche , il ya plein d fenetre qui s'affichent (jeux, pub antivirus, sexe ect...) .J'ai installer spybot, et autres mais rien ni fait

en plus j'ai vu que le site qu'il y avé pas mal de solution donné à des internautes qui avaient le même souci que moi.

donc si kelkun de vous pouvez m'aider, je m'y connais pas trop en informatique .


merci .
A voir également:

13 réponses

Réponse 1 / 13
buginformatik Messages postés 2163 Date d'inscription mardi 16 janvier 2007 Statut Contributeur Dernière intervention 21 avril 2011 54
25 juil. 2008 à 10:26
Hello !

Avant d'utiliser Hijackthis on va nettoyer le PC :

Il existe un logiciel nommé Ccleaner, qui vous permet de supprimer tout les fichiers inutiles de votre ordinateur, parfois responsables de la lenteur :
https://filehippo.com/download_ccleaner/

Et son Tuto :
http://cofofides.heberg-forum.net/ftopic615_ccleaner-tutoriel-en-image.html

>>>


Télécharges hijackthis : http://www.trendsecure.com/portal/en-US/_download/HiJackThis.zip

et voici un gif pour bien l'installer : http://pageperso.aol.fr/balltrap34/Hijenr.gif

- une fois installé, le renommer HJT.exe pour contrer une éventuelle infection vundo
- Double-clic dessus
- Clic sur "Do a system scan and save the log"
- Copies le rapport, le coller dans la réponse
0
feten25 Messages postés 10 Date d'inscription vendredi 25 juillet 2008 Statut Membre Dernière intervention 15 août 2008
25 juil. 2008 à 10:38
bonjour,

merci de m'avoir répondu,
je vé ésayé de fre ce que tuma di ce soir car actuellment je sui au travail,

je vous tien au courant .a bientot
0
buginformatik Messages postés 2163 Date d'inscription mardi 16 janvier 2007 Statut Contributeur Dernière intervention 21 avril 2011 54 > feten25 Messages postés 10 Date d'inscription vendredi 25 juillet 2008 Statut Membre Dernière intervention 15 août 2008
25 juil. 2008 à 10:41
Ah... Je ne serai que très peu présent demain et ce soir je ne sais pas trop.... Je vais contacter shion-ares pour qu'il prenne la main, c'est mieu que ce soit une seule personne qui s'occupe de chaque cas jusqu'au bout !

A+
0
feten25 Messages postés 10 Date d'inscription vendredi 25 juillet 2008 Statut Membre Dernière intervention 15 août 2008 > buginformatik Messages postés 2163 Date d'inscription mardi 16 janvier 2007 Statut Contributeur Dernière intervention 21 avril 2011
25 juil. 2008 à 11:33
re ben ecoute en tou cas je te remercie pour ta réponse jespere quel resoudra mon probleme
et ya pas de souci pour la relegue.merci
0
Réponse 2 / 13
Utilisateur anonyme
25 juil. 2008 à 10:27
bonjour

pour suivre bon courage
0
Réponse 3 / 13
Utilisateur anonyme
25 juil. 2008 à 11:37
j'ai eu le message tu n'aura cas poste le rapport ici
0
feten25 Messages postés 10 Date d'inscription vendredi 25 juillet 2008 Statut Membre Dernière intervention 15 août 2008
25 juil. 2008 à 11:41
bonjour, ok merci
j'essayerai de fre tou sa ce soir .
merci .
0
feten25 Messages postés 10 Date d'inscription vendredi 25 juillet 2008 Statut Membre Dernière intervention 15 août 2008
25 juil. 2008 à 17:26
salut,
ben ecoute jé télécharger ccleaner mé a un moment jenariv pas "MISE A JOUR DU LOGICIEL"
si tu peme renseigner
0
feten25 Messages postés 10 Date d'inscription vendredi 25 juillet 2008 Statut Membre Dernière intervention 15 août 2008
25 juil. 2008 à 18:40
VOICI le rapport :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:37:43, on 25/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20583)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\V2luZG93cyBUcnVzdA\command.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe
C:\windows\system32\rqwnw64k.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\WINDOWS\vsnpstd.exe
C:\WINDOWS\mrofinu1188.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\scntntdm.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\explorer.exe
C:\Documents and Settings\WTrust-Enigma\lsass.exe
C:\WINDOWS\system32\kBin02\kBin022328.exe
C:\WINDOWS\17PHolmes1188.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\Documents and Settings\WTrust-Enigma\Bureau\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.orange.fr/portail
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - (no file)
O4 - HKLM\..\Run: [AliceSAV] C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe
O4 - HKLM\..\Run: [{3A-A7-76-64-DW}] C:\windows\system32\rqwnw64k.exe DWram02
O4 - HKLM\..\Run: [Vistadrv] C:\WINDOWS\VistaDrive\vsdrv.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
O4 - HKLM\..\Run: [runner1] C:\WINDOWS\mrofinu1188.exe 61A847B5BBF72813339330466188719AB689201522886B092CBD44BD8689220221DD3257
O4 - HKLM\..\Run: [LSA Shellu] C:\Documents and Settings\WTrust-Enigma\lsass.exe
O4 - HKLM\..\Run: [ExploreUpdSched] C:\WINDOWS\system32\scntntdm.exe DWram02
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [3c73a7cb] rundll32.exe "C:\WINDOWS\system32\urfctvpo.dll",b
O4 - HKLM\..\Run: [BM3f409457] Rundll32.exe "C:\WINDOWS\system32\rsegjiiy.dll",s
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - Startup: Deewoo.lnk = C:\WINDOWS\system32\scntntdm.exe
O4 - Startup: DW_Start.lnk = C:\WINDOWS\system32\rqwnw64k.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\V2luZG93cyBUcnVzdA\command.exe
0
Réponse 4 / 13
Utilisateur anonyme
25 juil. 2008 à 22:39
1) Imprime ces instructions car il faudra fermer toutes les fenêtres et applications lors de l'installation et de l'analyse.

2) Télécharge Malwarebytes' Anti-Malware (MBAM) et enregistre le sur ton bureau à partir de ce lien :

https://www.malwarebytes.com/

3) A la fin du téléchargement, ferme toutes les fenêtres et programmes, y compris celui-ci.

4) Double-clique sur l'icône Download_mbam-setup.exe sur ton bureau pour démarrer le programme d'installation.

5) Pendant l'installation, suis les indications (en particulier le choix de la langue et l'autorisation d'accession à Internet). N'apporte aucune modification aux réglages par défaut et, en fin d'installation, vérifie que les options Update Malwarebytes' Anti-Malware et Launch Malwarebytes' Anti-Malware sont cochées.

6) MBAM démarrera automatiquement et enverra un message demandant à mettre à jour le programme avant de lancer une analyse. Comme MBAM se met automatiquement à jour en fin d'installation, clique sur OK pour fermer la boîte de dialogue. La fenêtre principale de MBAM s'affiche :

7) Dans l'onglet analyse, vérifie que "Exécuter une analyse complète" n'est pas coché et clique sur le bouton Rechercher pour démarrer l'analyse.

8) MBAM analyse ton ordinateur. L'analyse peut prendre un certain temps. Il suffit de vérifier de temps en temps son avancement.

9) A la fin de l'analyse, un message s'affiche indiquant la fin de l'analyse. Clique sur OK pour poursuivre.

10) Si des malwares ont été détectés, leur liste s'affiche.
En cliquant sur Suppression (?) , MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.

11) MBAM va ouvrir le bloc-notes et y copier le rapport d'analyse. Ferme le bloc-note. (Le rapport peut être retrouvé sous l'onglet Rapports/logs)

12) Ferme MBAM en cliquant sur Quitter.
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 13
feten25 Messages postés 10 Date d'inscription vendredi 25 juillet 2008 Statut Membre Dernière intervention 15 août 2008
26 juil. 2008 à 19:01
bonjour,

jé féce ce ke tu ma ecri mais parcontre ya une fentre ki saffiche encore cé RUNDLL erreur de chargement : C:\windows/system32/dlhaspll.dll

cé normal? ET MERCI ENCORE
0
Réponse 6 / 13
Utilisateur anonyme
26 juil. 2008 à 19:52
bonjour

poste moi le rapport de Malwarebytes' Anti-Malware (MBAM) stp
0
Réponse 7 / 13
feten25 Messages postés 10 Date d'inscription vendredi 25 juillet 2008 Statut Membre Dernière intervention 15 août 2008
27 juil. 2008 à 11:34
bonjour ,

voici le rapport :

alwarebytes' Anti-Malware 1.23
Version de la base de données: 994
Windows 5.1.2600 Service Pack 2

18:46:31 26/07/2008
mbam-log-7-26-2008 (18-46-31).txt

Type de recherche: Examen rapide
Eléments examinés: 37119
Temps écoulé: 10 minute(s), 12 second(s)

Processus mémoire infecté(s): 4
Module(s) mémoire infecté(s): 6
Clé(s) du Registre infectée(s): 34
Valeur(s) du Registre infectée(s): 9
Elément(s) de données du Registre infecté(s): 3
Dossier(s) infecté(s): 9
Fichier(s) infecté(s): 67

Processus mémoire infecté(s):
C:\WINDOWS\system32\rqwnw64k.exe (Adware.Agent) -> Unloaded process successfully.
C:\WINDOWS\mrofinu1188.exe (Trojan.Downloader) -> Unloaded process successfully.
C:\Program Files\GetPack\GetPack20.exe (Trojan.Agent) -> Unloaded process successfully.
C:\Documents and Settings\WTrust-Enigma\lsass.exe (Trojan.Agent) -> Unloaded process successfully.

Module(s) mémoire infecté(s):
C:\WINDOWS\system32\qrfrwppm.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\tuvVNhIb.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\vtUmnmnk.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\ujvahj.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\cdtrq.dll (Adware.ClickSpring) -> Delete on reboot.
C:\WINDOWS\system32\tuvusPGy.dll (Trojan.Vundo) -> Delete on reboot.

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0b59019c-2fd6-4870-a3dd-2daa2585e23d} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0b59019c-2fd6-4870-a3dd-2daa2585e23d} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{76e3d1fe-e098-4396-8f3f-9ef637820a3e} (Trojan.Vundo) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{76e3d1fe-e098-4396-8f3f-9ef637820a3e} (Trojan.Vundo) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{af65cd36-29f5-0401-f739-7ea2e69a18c5} (Adware.ClickSpring) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{af65cd36-29f5-0401-f739-7ea2e69a18c5} (Adware.ClickSpring) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{db036a52-3a88-466b-bd39-05a6d9d9b18a} (Trojan.BHO) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{db036a52-3a88-466b-bd39-05a6d9d9b18a} (Trojan.BHO) -> Delete on reboot.
HKEY_CLASSES_ROOT\AppID\{8d71eeb8-a1a7-4733-8fa2-1cac015c967d} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{1e404d48-670a-4085-a6a0-d195793ddd33} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{9f593aac-ca4c-4a41-a7ff-a00812192d61} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{749ec66f-a838-4b38-b8e5-e65d905fff74} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{ff46f4ab-a85f-487e-b399-3f191ac0fe23} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2e4a04a1-a24d-45ae-aca4-949778400813} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{63334394-3da3-4b29-a041-03535909d361} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\bho.bho (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{fa1d47c4-e13f-4562-b23b-39ef9017be8b} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fa1d47c4-e13f-4562-b23b-39ef9017be8b} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bannerstyle (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\icheck (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\GetPack (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\ParisHilton (Adware.NaviPromo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\Sidebar.DLL (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\testCPV6.DLL (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\WR (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\tuvuspgy (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CMDSERVICE (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e7aa20c3-40eb-aac6-3b93-a4dcb8c27268} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e7aa20c3-40eb-aac6-3b93-a4dcb8c27268} (Adware.BHO) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\3c73a7cb (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\{3a-a7-76-64-dw} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\runner1 (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\getpack20 (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\{4d44abd2-2119-ad19-0da2-427d7abf7fb9} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\bm3f409457 (Trojan.Agent) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ExploreUpdSched (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{db036a52-3a88-466b-bd39-05a6d9d9b18a} (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lsa shellu (Trojan.Agent) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Security Packages (Trojan.Vundo) -> Data: c:\windows\system32\tuvvnhib -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\tuvvnhib

merci
0
Réponse 8 / 13
SlinMan Messages postés 14 Date d'inscription vendredi 7 mars 2008 Statut Membre Dernière intervention 13 décembre 2009
27 juil. 2008 à 11:51
Salut,

Moi, quand j'ai un problème de RUNDLL au démarrage je l'enlève à la source c'est à dire : Démarrer, Exécuter et tape MSCONFIG et valide ; ensuite une fenêtre s'affiche clique sur l'onglet démarrage puis décoche RUNDLL ou npelokdt.dll

Et pour ce qui est du service intempestif des message s'ouvre t'elle via Windows ?????

Si oui : demarrer, executer et tape services.msc , une fenetre s'ouvre il faut désactiver le services affichage des messages en double cliquant dessus


Ciao
0
Réponse 9 / 13
Utilisateur anonyme
27 juil. 2008 à 14:03
bonjour

reposte un log hijackthis


0
Réponse 10 / 13
feten25 Messages postés 10 Date d'inscription vendredi 25 juillet 2008 Statut Membre Dernière intervention 15 août 2008
27 juil. 2008 à 16:50
salu , ben ecoute la je vien dallumer mon pc il ouvre plus cette fenetre ou il ya un msge rundll
et aussi je suis parti fre une recherche sur le net et il ya plu de fenetre intempestive . donc je croi ke le pb est resolu .merci je te tien au courant sil ya encore ce souci .MERCIIIIII
0
Réponse 11 / 13
Utilisateur anonyme
28 juil. 2008 à 08:29
bonjour

ok et bien parfait content pour toi bonne journée
0
feten25 Messages postés 10 Date d'inscription vendredi 25 juillet 2008 Statut Membre Dernière intervention 15 août 2008
15 août 2008 à 14:58
bonjour,
jespere que tu va bien , moi pas tro jé tjour lameme galere , jllume mon pc et jé plein de fenetre intempestive ki saffiche meme ken je fé une recherche
si tu pouvé maider sa seré gentil .merci
0
Réponse 12 / 13
Utilisateur anonyme
15 août 2008 à 16:10
bonjour

prend ce lien

https://sites.google.com/site/eric71mespages/lop.sd.exe

et fait l'option 1 ensuite poste le rapport
0
feten25
15 août 2008 à 19:22
re bonjour,

jé fé com tu ma di voici le rapport :


--------------------\\ Lop S&D 4.2.2-9 XP/Vista

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : WTrust-Enigma ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 15/08/2008 | 19:10:48 ] [ PC : TRYITFOR-AC9152 (Proc:x86) ]
[ MAJ : 13-08-2008 | 21:02 ]

--------------------\\ Listing des dossiers dans APPLIC~1

[28/06/2008|14:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[25/10/2007|18:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[24/07/2008|19:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[09/08/2008|17:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LauncherAccess.dt
[23/07/2008|19:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[22/05/2008|20:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[03/03/2008|22:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[01/11/2007|14:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[18/06/2008|12:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[25/07/2008|16:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy

[25/10/2007|18:22] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[25/10/2007|16:29] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft


[25/10/2007|16:29] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[01/01/2008|15:58] C:\DOCUME~1\WTRUST~1\APPLIC~1\Adobe
[25/07/2008|20:38] C:\DOCUME~1\WTRUST~1\APPLIC~1\Canon
[25/10/2007|18:22] C:\DOCUME~1\WTRUST~1\APPLIC~1\desktop.ini
[28/04/2008|12:50] C:\DOCUME~1\WTRUST~1\APPLIC~1\Google
[30/10/2007|18:51] C:\DOCUME~1\WTRUST~1\APPLIC~1\Help
[18/06/2008|12:19] C:\DOCUME~1\WTRUST~1\APPLIC~1\Identities
[01/11/2007|14:38] C:\DOCUME~1\WTRUST~1\APPLIC~1\Macromedia
[22/05/2008|20:52] C:\DOCUME~1\WTRUST~1\APPLIC~1\Malwarebytes
[28/02/2008|21:15] C:\DOCUME~1\WTRUST~1\APPLIC~1\Microsoft
[20/01/2008|22:39] C:\DOCUME~1\WTRUST~1\APPLIC~1\SopCast
[20/05/2008|22:10] C:\DOCUME~1\WTRUST~1\APPLIC~1\Sun
[06/01/2008|20:59] C:\DOCUME~1\WTRUST~1\APPLIC~1\vlc
[17/01/2008|13:49] C:\DOCUME~1\WTRUST~1\APPLIC~1\WinRAR
[16/11/2007|12:31] C:\DOCUME~1\WTRUST~1\APPLIC~1\Yahoo!

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[30/10/2007 20:28][--ah-----] C:\WINDOWS\tasks\SA.DAT
[30/08/2002 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[06/06/2008|12:57] C:\Program Files\Adobe
[27/06/2008|14:08] C:\Program Files\Alice
[12/02/2008|09:57] C:\Program Files\AviSynth 2.5
[03/07/2008|17:17] C:\Program Files\BitLord
[03/07/2008|12:08] C:\Program Files\BitLord2
[01/11/2007|21:53] C:\Program Files\Canon
[25/07/2008|17:21] C:\Program Files\CCleaner
[25/10/2007|16:27] C:\Program Files\ComPlus Applications
[11/04/2008|08:54] C:\Program Files\DivX
[14/04/2008|20:16] C:\Program Files\Dofus
[25/06/2008|00:12] C:\Program Files\ESET
[24/07/2008|19:24] C:\Program Files\Fichiers communs
[24/07/2008|19:31] C:\Program Files\Google
[03/03/2008|22:45] C:\Program Files\HiJackThis
[09/08/2008|17:05] C:\Program Files\InstallShield Installation Information
[25/10/2007|16:30] C:\Program Files\Internet Explorer
[17/02/2008|21:01] C:\Program Files\Java
[26/10/2007|14:10] C:\Program Files\K-Lite Codec Pack
[23/07/2008|19:31] C:\Program Files\Lavasoft
[26/07/2008|18:19] C:\Program Files\Malwarebytes' Anti-Malware
[08/05/2008|14:02] C:\Program Files\Messenger Plus! Live
[26/10/2007|13:58] C:\Program Files\Microsoft Office
[26/10/2007|13:57] C:\Program Files\Microsoft Visual Studio
[26/10/2007|13:54] C:\Program Files\Microsoft Visual Studio 8
[26/10/2007|13:58] C:\Program Files\Microsoft Works
[26/10/2007|13:57] C:\Program Files\Microsoft.NET
[13/08/2008|23:12] C:\Program Files\Mjcore
[26/10/2007|13:58] C:\Program Files\MSBuild
[26/10/2007|13:59] C:\Program Files\Notepad++
[25/10/2007|16:26] C:\Program Files\Paint.NET
[12/04/2008|21:30] C:\Program Files\PhotoFiltre
[29/12/2007|23:51] C:\Program Files\RayV
[09/08/2008|16:56] C:\Program Files\Samsung
[14/08/2008|19:28] C:\Program Files\Skra
[02/02/2008|17:13] C:\Program Files\SopCast
[25/07/2008|20:21] C:\Program Files\Spybot - Search & Destroy
[27/06/2008|14:08] C:\Program Files\TechCity Solutions
[14/02/2008|19:13] C:\Program Files\TVAnts
[25/10/2007|16:39] C:\Program Files\Uninstall Information
[03/07/2008|17:16] C:\Program Files\uTorrent
[28/06/2008|11:10] C:\Program Files\Veoh Networks
[06/01/2008|20:58] C:\Program Files\VideoLAN
[27/06/2008|13:19] C:\Program Files\Wanadoo
[14/08/2008|12:20] C:\Program Files\Webtools
[06/02/2008|14:57] C:\Program Files\Windows Live
[24/02/2008|14:24] C:\Program Files\Windows Media Components
[25/10/2007|16:26] C:\Program Files\Windows Media Connect 2
[25/10/2007|16:29] C:\Program Files\Windows Media Player
[25/10/2007|16:26] C:\Program Files\Windows Trust
[10/05/2008|12:43] C:\Program Files\WinRAR
[28/06/2008|12:21] C:\Program Files\Yahoo!

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[06/06/2008|12:58] C:\Program Files\Fichiers communs\Adobe
[26/10/2007|13:57] C:\Program Files\Fichiers communs\DESIGNER
[09/08/2008|17:05] C:\Program Files\Fichiers communs\InstallShield
[14/12/2007|19:36] C:\Program Files\Fichiers communs\Java
[16/03/2008|14:21] C:\Program Files\Fichiers communs\Microsoft Shared
[25/10/2007|16:28] C:\Program Files\Fichiers communs\MSSoap
[25/10/2007|18:22] C:\Program Files\Fichiers communs\ODBC
[26/10/2007|13:54] C:\Program Files\Fichiers communs\System
[23/07/2008|19:29] C:\Program Files\Fichiers communs\Wise Installation Wizard

--------------------\\ Process

( 23 Processus )

IEXPLORE.EXE ~ [PID:1288] ~ [Threads:32]

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-15 19:13:31
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 135

--------------------\\ Recherche d'autres infections

C:\WINDOWS\system32\LloUDJjl.ini
C:\WINDOWS\system32\LloUDJjl.ini2
[b]==> VUNDO <==/b



[F:6][D:1]-> C:\DOCUME~1\WTRUST~1\LOCALS~1\Temp
[F:20][D:0]-> C:\DOCUME~1\WTRUST~1\Cookies
[F:146][D:6]-> C:\DOCUME~1\WTRUST~1\LOCALS~1\TEMPOR~1\content.IE5

--------------------\\ Fin du rapport a 19:15:20,2

merci encore
pour ton aide
0
Réponse 13 / 13
Utilisateur anonyme
15 août 2008 à 23:16
ok

desoler pour le retard

1) Télécharge et installe Malwarebyte's Anti-Malware:

http://www.malwarebytes.org/mbam/program/mbam-setup.exe

A la fin de l'installation, veille à ce que l'option « mettre a jour Malwarebyte's Anti-Malware » soit cochée. >>> clique sur OK
Lance Malwarebyte's Anti-Malware en double-cliquant sur l'icône sur ton Bureau.

Au premier lancement, une fenêtre t'annonce que la version est Free >>> clique sur OK

Laisse les Mises à jour se télécharger
*** Referme le programme ***

2) Redémarre en "Mode sans échec"

Au redémarrage de l'ordinateur, une fois le chargement du BIOS terminé, il y a un écran noir qui apparaît rapidement, appuie sur la touche [F8] (ou [F5] sur certains pc) jusqu'à l'affichage du menu des options avancées de Windows.
Sélectionner "Mode sans échec" et appuie sur [Entrée]
Il faudra choisir ta session habituelle, pas le compte "Administrateur" ou une autre.
Regarde ici si besoin : https://www.malekal.com/demarrer-windows-mode-sans-echec/

Ouvre le fichier texte sauvegardé sur le Bureau afin de suivre les instructions comme il faut.

3) Scan avec Malwarebyte's Anti-Malware

Lance Malwarebyte's Anti-Malware
Onglet "Recherche" >>> coche Executer un exame complet >>> Rechercher sélectionne tes disques durs puis clique sur Lancer l’examen
A la fin du scan >>> clique sur Afficher les résultats puis sur Enregistrer le rapport
Suppression des éléments détectés >>>>
supprime ce qu'il a trouvé vide également les éléments de la quarantaine
S'il t'es demandé de redémarrer >>> clique sur "Yes"

--> Un rapport de scan s'ouvre, enregistre sur ton Bureau et poste ce rapport en réponse.

quand tu demande une analyse, demande en mode sans échec.

Pourquoi en mode sans échec:

*Car déjà l'analyse cherche plus de fichiers en mode sans échec que en mode normal.
*Et aussi en mode normal les virus ( trojans, cheval de troie, vers, spywares , malwares et autres ... sont actif) donc ne se supprimes pas donc ils faut le faire en mode sans échec .1) Imprime ces instructions car il faudra fermer toutes les fenêtres et applications lors de l'installation et de l'analyse.

0
feten25
22 août 2008 à 21:23
Bonjour,
dslé pour le retard, alor voici le raport :
Malwarebytes' Anti-Malware 1.25
Version de la base de données: 1065
Windows 5.1.2600 Service Pack 2

19:32:19 22/08/2008
mbam-log-08-22-2008 (19-32-19).txt

Type de recherche: Examen complet (C:\|)
Eléments examinés: 60063
Temps écoulé: 31 minute(s), 57 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 3
Clé(s) du Registre infectée(s): 35
Valeur(s) du Registre infectée(s): 8
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 9
Fichier(s) infecté(s): 68

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
C:\WINDOWS\system32\ljJDUolL.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\ddcDwtTN.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\okiskd.dll (Trojan.Vundo.H) -> Delete on reboot.

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2c7fb4ba-7170-4c96-b4cd-f7ac4b061f10} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{2c7fb4ba-7170-4c96-b4cd-f7ac4b061f10} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{57df73c0-833c-48b7-9146-1e18930d57ff} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ddcdwttn (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{57df73c0-833c-48b7-9146-1e18930d57ff} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8434163d-7eda-4279-b062-73614ea24598} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8434163d-7eda-4279-b062-73614ea24598} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a8659b31-24fd-5f01-fd39-7ea2e7cf4fc1} (Trojan.BHO.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a8659b31-24fd-5f01-fd39-7ea2e7cf4fc1} (Trojan.BHO.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\bho_myjavacore.mjcore (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\bho_myjavacore.mjcore.1 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\testcpv6.bho (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\testcpv6.bho.1 (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{17e44256-51e0-4d46-a0c8-44e80ab4ba5b} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2e4a04a1-a24d-45ae-aca4-949778400813} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{e0f01490-dcf3-4357-95aa-169a8c2b2190} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{63334394-3da3-4b29-a041-03535909d361} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{80ef304a-b1c4-425c-8535-95ab6f1eefb8} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{ff46f4ab-a85f-487e-b399-3f191ac0fe23} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\speedrunner (Adware.SurfAccuracy) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\BHO_MyJavaCore.DLL (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Webtools (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\SpeedRunner (Adware.SurfAccuracy) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\testCPV6.DLL (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\WR (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IProxyProvider (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo (Adware.PurityScan) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Trojan.Vundo) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\3c73a7cb (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{57df73c0-833c-48b7-9146-1e18930d57ff} (Trojan.Vundo) -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\skra (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\speedrunner (Adware.SpeedRunner) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sfkg6wip (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\bm3f409457 (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\runner1 (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lsa shellu (Trojan.Agent) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Security Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\ljjduoll -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\ljjduoll -> Delete on reboot.

Dossier(s) infecté(s):
C:\Program Files\Outerinfo (Adware.Outerinfo) -> Quarantined and deleted successfully.
C:\Program Files\Outerinfo\FF (Adware.Outerinfo) -> Quarantined and deleted successfully.
C:\Program Files\Outerinfo\FF\components (Adware.Outerinfo) -> Quarantined and deleted successfully.
C:\Program Files\InetGet2 (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Program Files\Webtools (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kBin02 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Skra (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Mjcore (Trojan.BHO) -> Quarantined and deleted successfully.
C:\Documents and Settings\WTrust-Enigma\Application Data\speedrunner (Adware.SurfAccuracy) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\WINDOWS\system32\ljJDUolL.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\LloUDJjl.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\LloUDJjl.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ddcDwtTN.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\okiskd.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\kdysptsi.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\istpsydk.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qeingjvi.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ivjgnieq.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rmopeuyu.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\uyuepomr.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jtqib.dll (Trojan.BHO.H) -> Quarantined and deleted successfully.
C:\Program Files\Skra\Skra.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\WTrust-Enigma\Application Data\SpeedRunner\SpeedRunner.exe (Adware.SpeedRunner) -> Quarantined and deleted successfully.
C:\Documents and Settings\WTrust-Enigma\Application Data\Microsoft\Windows\ptyruwg.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\?ymantec\javaw.exe (Adware.ClickSpring) -> Quarantined and deleted successfully.
C:\Program Files\Mjcore\Mjcore.dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\Program Files\Webtools\webtools.dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\Documents and Settings\K-rim\Application Data\Microsoft\Windows\mhxxpp.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\K-rim\Application Data\SpeedRunner\SpeedRunner.exe (Adware.SpeedRunner) -> Quarantined and deleted successfully.
C:\Documents and Settings\K-rim\Application Data\SpeedRunner\SRUninstall.exe (Adware.SurfAccuracy) -> Quarantined and deleted successfully.
C:\Documents and Settings\WTrust-Enigma\Application Data\SpeedRunner\SRUninstall.exe (Adware.SurfAccuracy) -> Quarantined and deleted successfully.
C:\Documents and Settings\WTrust-Enigma\Local Settings\Temporary Internet Files\Content.IE5\600KR23D\kb767887[1] (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\WTrust-Enigma\Local Settings\Temporary Internet Files\Content.IE5\87M4EULP\kb65666[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\WTrust-Enigma\Local Settings\Temporary Internet Files\Content.IE5\K5OI00EC\kb456456[1] (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\WTrust-Enigma\Local Settings\Temporary Internet Files\Content.IE5\UAF3YRYE\sruninstaller.prod.v12000.11jan2008.exe[1].1ac39aea6b22cdb4e6ed0c75f1d83467 (Adware.SurfAccuracy) -> Quarantined and deleted successfully.
C:\Program Files\Fichiers communs\Yazzle1560OinAdmin.exe (Adware.ClickSpring) -> Quarantined and deleted successfully.
C:\Program Files\Fichiers communs\Yazzle1560OinUninstaller.exe (Adware.ClickSpring) -> Quarantined and deleted successfully.
C:\Program Files\Outerinfo\FF\components\FF.dll (Adware.ClickSpring) -> Quarantined and deleted successfully.
C:\WINDOWS\b128.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\b152.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\WINDOWS\b155.exe (Trojan.BHO) -> Quarantined and deleted successfully.
C:\WINDOWS\b156.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\WINDOWS\b157.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\WINDOWS\mrofinu1188.exe.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\awtutuvw.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bxffnwxy.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ciosjqeu.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ddcArSLC.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hbupjgxr.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hxbjzw.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jficma.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lijqowth.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lnnuauku.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ryuvaxtc.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tpcisiqv.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\urqRigHa.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vdijrejy.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wuouodjy.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wwfgkibg.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kBin02\kBin022328.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vdf1\setpack22.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wnet\SFRuID2.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\V2luZG93cyBUcnVzdA\asappsrv.dll (Adware.CommAd) -> Quarantined and deleted successfully.
C:\Program Files\Outerinfo\FF\chrome.manifest (Adware.Outerinfo) -> Quarantined and deleted successfully.
C:\Program Files\Outerinfo\FF\install.rdf (Adware.Outerinfo) -> Quarantined and deleted successfully.
C:\Program Files\Outerinfo\FF\components\OuterinfoAds.xpt (Adware.Outerinfo) -> Quarantined and deleted successfully.
C:\Documents and Settings\WTrust-Enigma\Application Data\speedrunner\config.cfg (Adware.SurfAccuracy) -> Quarantined and deleted successfully.
C:\WINDOWS\cookies.ini (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tqpxjeub.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pac.txt (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\faceback1188.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\pskt.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\BM3f409457.xml (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\BM3f409457.txt (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\b160.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\WTrust-Enigma\lsass.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\K-rim\lsass.exe (Trojan.Agent) -> Quarantined and deleted successfully.

2 eme rapport :

Malwarebytes' Anti-Malware 1.25
Version de la base de données: 1065
Windows 5.1.2600 Service Pack 2

19:31:25 22/08/2008
rapport

Type de recherche: Examen complet (C:\|)
Eléments examinés: 60063
Temps écoulé: 31 minute(s), 57 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 3
Clé(s) du Registre infectée(s): 35
Valeur(s) du Registre infectée(s): 8
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 9
Fichier(s) infecté(s): 68

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
C:\WINDOWS\system32\ljJDUolL.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\ddcDwtTN.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\okiskd.dll (Trojan.Vundo.H) -> No action taken.

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2c7fb4ba-7170-4c96-b4cd-f7ac4b061f10} (Trojan.Vundo.H) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{2c7fb4ba-7170-4c96-b4cd-f7ac4b061f10} (Trojan.Vundo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{57df73c0-833c-48b7-9146-1e18930d57ff} (Trojan.Vundo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ddcdwttn (Trojan.Vundo.H) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{57df73c0-833c-48b7-9146-1e18930d57ff} (Trojan.Vundo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8434163d-7eda-4279-b062-73614ea24598} (Trojan.Vundo.H) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{8434163d-7eda-4279-b062-73614ea24598} (Trojan.Vundo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a8659b31-24fd-5f01-fd39-7ea2e7cf4fc1} (Trojan.BHO.H) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{a8659b31-24fd-5f01-fd39-7ea2e7cf4fc1} (Trojan.BHO.H) -> No action taken.
HKEY_CLASSES_ROOT\bho_myjavacore.mjcore (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\bho_myjavacore.mjcore.1 (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\testcpv6.bho (Trojan.Agent) -> No action taken.
HKEY_CLASSES_ROOT\testcpv6.bho.1 (Trojan.Agent) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{17e44256-51e0-4d46-a0c8-44e80ab4ba5b} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{2e4a04a1-a24d-45ae-aca4-949778400813} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{e0f01490-dcf3-4357-95aa-169a8c2b2190} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{63334394-3da3-4b29-a041-03535909d361} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\AppID\{80ef304a-b1c4-425c-8535-95ab6f1eefb8} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\AppID\{ff46f4ab-a85f-487e-b399-3f191ac0fe23} (Trojan.BHO) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\speedrunner (Adware.SurfAccuracy) -> No action taken.
HKEY_CLASSES_ROOT\AppID\BHO_MyJavaCore.DLL (Trojan.BHO) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Webtools (Malware.Trace) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\SpeedRunner (Adware.SurfAccuracy) -> No action taken.
HKEY_CLASSES_ROOT\AppID\testCPV6.DLL (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\WR (Malware.Trace) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IProxyProvider (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo (Adware.PurityScan) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Trojan.Vundo) -> No action taken.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\3c73a7cb (Trojan.Vundo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{57df73c0-833c-48b7-9146-1e18930d57ff} (Trojan.Vundo) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\skra (Trojan.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\speedrunner (Adware.SpeedRunner) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sfkg6wip (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\bm3f409457 (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\runner1 (Trojan.Downloader) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lsa shellu (Trojan.Agent) -> No action taken.

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Security Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\ljjduoll -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\ljjduoll -> No action taken.

Dossier(s) infecté(s):
C:\Program Files\Outerinfo (Adware.Outerinfo) -> No action taken.
C:\Program Files\Outerinfo\FF (Adware.Outerinfo) -> No action taken.
C:\Program Files\Outerinfo\FF\components (Adware.Outerinfo) -> No action taken.
C:\Program Files\InetGet2 (Trojan.Downloader) -> No action taken.
C:\Program Files\Webtools (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\kBin02 (Trojan.Agent) -> No action taken.
C:\Program Files\Skra (Trojan.Agent) -> No action taken.
C:\Program Files\Mjcore (Trojan.BHO) -> No action taken.
C:\Documents and Settings\WTrust-Enigma\Application Data\speedrunner (Adware.SurfAccuracy) -> No action taken.

Fichier(s) infecté(s):
C:\WINDOWS\system32\ljJDUolL.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\LloUDJjl.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\LloUDJjl.ini2 (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\ddcDwtTN.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\okiskd.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\kdysptsi.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\istpsydk.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\qeingjvi.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\ivjgnieq.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\rmopeuyu.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\uyuepomr.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\jtqib.dll (Trojan.BHO.H) -> No action taken.
C:\Program Files\Skra\Skra.exe (Trojan.Agent) -> No action taken.
C:\Documents and Settings\WTrust-Enigma\Application Data\SpeedRunner\SpeedRunner.exe (Adware.SpeedRunner) -> No action taken.
C:\Documents and Settings\WTrust-Enigma\Application Data\Microsoft\Windows\ptyruwg.exe (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\?ymantec\javaw.exe (Adware.ClickSpring) -> No action taken.
C:\Program Files\Mjcore\Mjcore.dll (Trojan.BHO) -> No action taken.
C:\Program Files\Webtools\webtools.dll (Trojan.BHO) -> No action taken.
C:\Documents and Settings\K-rim\Application Data\Microsoft\Windows\mhxxpp.exe (Trojan.Vundo) -> No action taken.
C:\Documents and Settings\K-rim\Application Data\SpeedRunner\SpeedRunner.exe (Adware.SpeedRunner) -> No action taken.
C:\Documents and Settings\K-rim\Application Data\SpeedRunner\SRUninstall.exe (Adware.SurfAccuracy) -> No action taken.
C:\Documents and Settings\WTrust-Enigma\Application Data\SpeedRunner\SRUninstall.exe (Adware.SurfAccuracy) -> No action taken.
C:\Documents and Settings\WTrust-Enigma\Local Settings\Temporary Internet Files\Content.IE5\600KR23D\kb767887[1] (Trojan.Vundo.H) -> No action taken.
C:\Documents and Settings\WTrust-Enigma\Local Settings\Temporary Internet Files\Content.IE5\87M4EULP\kb65666[1] (Trojan.Vundo) -> No action taken.
C:\Documents and Settings\WTrust-Enigma\Local Settings\Temporary Internet Files\Content.IE5\K5OI00EC\kb456456[1] (Trojan.Vundo.H) -> No action taken.
C:\Documents and Settings\WTrust-Enigma\Local Settings\Temporary Internet Files\Content.IE5\UAF3YRYE\sruninstaller.prod.v12000.11jan2008.exe[1].1ac39aea6b22cdb4e6ed0c75f1d83467 (Adware.SurfAccuracy) -> No action taken.
C:\Program Files\Fichiers communs\Yazzle1560OinAdmin.exe (Adware.ClickSpring) -> No action taken.
C:\Program Files\Fichiers communs\Yazzle1560OinUninstaller.exe (Adware.ClickSpring) -> No action taken.
C:\Program Files\Outerinfo\FF\components\FF.dll (Adware.ClickSpring) -> No action taken.
C:\WINDOWS\b128.exe (Trojan.Downloader) -> No action taken.
C:\WINDOWS\b152.exe (Trojan.Dropper) -> No action taken.
C:\WINDOWS\b155.exe (Trojan.BHO) -> No action taken.
C:\WINDOWS\b156.exe (Trojan.Dropper) -> No action taken.
C:\WINDOWS\b157.exe (Trojan.Dropper) -> No action taken.
C:\WINDOWS\mrofinu1188.exe.tmp (Trojan.Downloader) -> No action taken.
C:\WINDOWS\system32\awtutuvw.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\bxffnwxy.exe (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\ciosjqeu.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\ddcArSLC.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\hbupjgxr.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\hxbjzw.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\jficma.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\lijqowth.exe (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\lnnuauku.exe (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\ryuvaxtc.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\tpcisiqv.exe (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\urqRigHa.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\vdijrejy.exe (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\wuouodjy.exe (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\wwfgkibg.exe (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\kBin02\kBin022328.exe (Trojan.Downloader) -> No action taken.
C:\WINDOWS\system32\vdf1\setpack22.exe (Adware.Agent) -> No action taken.
C:\WINDOWS\system32\wnet\SFRuID2.exe (Trojan.Downloader) -> No action taken.
C:\WINDOWS\V2luZG93cyBUcnVzdA\asappsrv.dll (Adware.CommAd) -> No action taken.
C:\Program Files\Outerinfo\FF\chrome.manifest (Adware.Outerinfo) -> No action taken.
C:\Program Files\Outerinfo\FF\install.rdf (Adware.Outerinfo) -> No action taken.
C:\Program Files\Outerinfo\FF\components\OuterinfoAds.xpt (Adware.Outerinfo) -> No action taken.
C:\Documents and Settings\WTrust-Enigma\Application Data\speedrunner\config.cfg (Adware.SurfAccuracy) -> No action taken.
C:\WINDOWS\cookies.ini (Malware.Trace) -> No action taken.
C:\WINDOWS\system32\tqpxjeub.dll (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\pac.txt (Malware.Trace) -> No action taken.
C:\WINDOWS\faceback1188.exe (Trojan.Downloader) -> No action taken.
C:\WINDOWS\pskt.ini (Trojan.Vundo) -> No action taken.
C:\WINDOWS\BM3f409457.xml (Trojan.Vundo) -> No action taken.
C:\WINDOWS\BM3f409457.txt (Trojan.Vundo) -> No action taken.
C:\WINDOWS\b160.exe (Trojan.Downloader) -> No action taken.
C:\Documents and Settings\WTrust-Enigma\lsass.exe (Trojan.Agent) -> No action taken.
C:\Documents and Settings\K-rim\lsass.exe (Trojan.Agent) -> No action taken.


merci davance
0

Discussions similaires

Conhost.exe
ThaBestGamer -
bazfile -

3 réponses
iCloud affichage fenêtres intempestives. Réglages impossible.
jemlabd -
jemlabd -

9 réponses
autocad :fenetre ouvir/enrigistrer a disparu
pierrrou -
Pnic974 -

65 réponses
Caler une adresse au niveau de la fenêtre d'une enveloppe
®omain -
kent -

15 réponses