INfection virus/spyware
Xam Danlref
Messages postés
11
Statut
Membre
-
suprainova -
suprainova -
Bonjour,
J'ai essayé de downloader une version hacké dun programme de graphisme et il se trouve quil y avait un virus/spyware ou qqchose du genre . Mon ordi est lent lent lent lent, ma barre de démarrage et mon deskop disparaisse, mon fond d'écran est bleu et bloqué à ''votre ordinateur est infecté,,(Ne peut plus changé de fond décran, il n'y a plus d'onglet dans mes préférence), installé un Anti virus, et un anti virus suspect (anti virus xp 2008) a été installé sur mon ordi, je ne peux le désinstallé.
J'ai essayé de downloader une version hacké dun programme de graphisme et il se trouve quil y avait un virus/spyware ou qqchose du genre . Mon ordi est lent lent lent lent, ma barre de démarrage et mon deskop disparaisse, mon fond d'écran est bleu et bloqué à ''votre ordinateur est infecté,,(Ne peut plus changé de fond décran, il n'y a plus d'onglet dans mes préférence), installé un Anti virus, et un anti virus suspect (anti virus xp 2008) a été installé sur mon ordi, je ne peux le désinstallé.
A voir également:
- INfection virus/spyware
- Virus mcafee - Accueil - Piratage
- Spyware doctor - Télécharger - Antivirus & Antimalwares
- Virus facebook demande d'amis - Accueil - Facebook
- Virus informatique - Guide
- Spyware terminator - Télécharger - Antivirus & Antimalwares
16 réponses
telecharge hijackthis:
http://www.commentcamarche.net/telecharger/telecharger 159 hijackthis
1. une fois installer renomme le en HJT.exe
2. ouvre le et fai do a scan system and logfile
3 poste rapport sur ce forum.
http://www.commentcamarche.net/telecharger/telecharger 159 hijackthis
1. une fois installer renomme le en HJT.exe
2. ouvre le et fai do a scan system and logfile
3 poste rapport sur ce forum.
oui car des hacker arrive a la contourner
mai apres l' installation tu doit renommer hajackthis.exe en HJT.exe
mai apres l' installation tu doit renommer hajackthis.exe en HJT.exe
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Non je reprend
1 tu installe hijackthis
2 apres l' instalation tu va voir un fichier qui s' apelle hijackthis.exe tu le renomme en HJT.exe
3 tu fai do a scan system
4 tu copi/colle le rapport sur ce forum
1 tu installe hijackthis
2 apres l' instalation tu va voir un fichier qui s' apelle hijackthis.exe tu le renomme en HJT.exe
3 tu fai do a scan system
4 tu copi/colle le rapport sur ce forum
avant de partir ce topic jai downloader AVG anti spyware, esce que je dois le desinstallé avant de mettre HJT?
LE telechargement de HJT ne commence pas... je ne peux tjrs pas désinstallé Antivirus XP2008 qui se declence a toute les 2 sec et l'Ordi est extremement lent... je vais essayé de mettre a jour avg
non telecharge MBAM
http://www.commentcamarche.net/telecharger/telecharger 34055379 malwarebyte s anti malware
1.1 installe le
1.2 fai une recherche complete
1.3 a la fin affiche le resultat
1.4 nettoit tout
1.5 post le rapport ici.
http://www.commentcamarche.net/telecharger/telecharger 34055379 malwarebyte s anti malware
1.1 installe le
1.2 fai une recherche complete
1.3 a la fin affiche le resultat
1.4 nettoit tout
1.5 post le rapport ici.
Malwarebytes' Anti-Malware 1.24
Version de la base de données: 1026
Windows 5.1.2600 Service Pack 3
04:11:37 2008-08-05
mbam-log-8-5-2008 (04-11-37).txt
Type de recherche: Examen complet (C:\|)
Eléments examinés: 86964
Temps écoulé: 47 minute(s), 58 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 4
Clé(s) du Registre infectée(s): 24
Valeur(s) du Registre infectée(s): 8
Elément(s) de données du Registre infecté(s): 4
Dossier(s) infecté(s): 12
Fichier(s) infecté(s): 43
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
C:\WINDOWS\system32\mLeBSJcd.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\yrnodswv.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\jljehd.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\tuVmmNeB.dll (Trojan.Vundo) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53aca347-ee58-4f05-a4c1-9f86cd1c0334} (Trojan.Vundo) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{53aca347-ee58-4f05-a4c1-9f86cd1c0334} (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{aa3af88a-063d-4825-bcee-c6d2b177f726} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{aa3af88a-063d-4825-bcee-c6d2b177f726} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{109be732-8f8c-49d4-a3f4-fedcac7f0a25} (Trojan.BHO) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{109be732-8f8c-49d4-a3f4-fedcac7f0a25} (Trojan.BHO) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\rhc1kej0ecd3 (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\rhc1kej0ecd3 (Rogue.Multiple) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wintss32 (Dialer) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\fci (Rootkit.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\tcpsr (Rootkit.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\fci (Rootkit.ADS) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\fci (Rootkit.ADS) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\WR (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Software Notifier (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IProxyProvider (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\tuvmmneb (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSSMGR (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ICF (Rootkit.Agent) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\bmc7e56e00 (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\smrhc1kej0ecd3 (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\runner1 (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{109be732-8f8c-49d4-a3f4-fedcac7f0a25} (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lphc5kej0ecd3 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\originalwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\convertedwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\scrnsave.exe (Hijack.Wallpaper) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo) -> Data: c:\windows\system32\mlebsjcd -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\mlebsjcd -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispBackgroundPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispScrSavPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
C:\Program Files\rhc1kej0ecd3 (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\User\Application Data\rhc1kej0ecd3 (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\User\Application Data\rhc1kej0ecd3\Quarantine (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\User\Application Data\rhc1kej0ecd3\Quarantine\Autorun (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\User\Application Data\rhc1kej0ecd3\Quarantine\Autorun\HKCU (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\User\Application Data\rhc1kej0ecd3\Quarantine\Autorun\HKCU\RunOnce (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\User\Application Data\rhc1kej0ecd3\Quarantine\Autorun\HKLM (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\User\Application Data\rhc1kej0ecd3\Quarantine\Autorun\HKLM\RunOnce (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\User\Application Data\rhc1kej0ecd3\Quarantine\Autorun\StartMenuAllUsers (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\User\Application Data\rhc1kej0ecd3\Quarantine\Autorun\StartMenuCurrentUser (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\User\Application Data\rhc1kej0ecd3\Quarantine\BrowserObjects (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\User\Application Data\rhc1kej0ecd3\Quarantine\Packages (Rogue.Multiple) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\WINDOWS\system32\mLeBSJcd.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\dcJSBeLm.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dcJSBeLm.ini2 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jljehd.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\yrnodswv.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\tuVmmNeB.dll (Trojan.BHO) -> Delete on reboot.
C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\B0HDFE35\17PHolmes[1].cmt (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\B0HDFE35\ico[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\B0HDFE35\lrxherblpj[1].htm (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\CRWLFHZI\yflhrol[1].htm (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\CRWLFHZI\kb767887[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\GIH3JA5K\mpvspl[1].htm (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\GIH3JA5K\kb671231[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\LQKGQZKN\kb456456[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{5EEABD26-FC4D-48E4-B86B-B23469D204D3}\RP51\A0018013.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{5EEABD26-FC4D-48E4-B86B-B23469D204D3}\RP51\A0018019.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{5EEABD26-FC4D-48E4-B86B-B23469D204D3}\RP51\A0018020.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\mrofinu2000352.exe.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\buhsbqok.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yppfeuqo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\14dba3e.sys (Backdoor.Rustock) -> Quarantined and deleted successfully.
C:\Program Files\rhc1kej0ecd3\database.dat (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhc1kej0ecd3\license.txt (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhc1kej0ecd3\MFC71.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhc1kej0ecd3\MFC71ENU.DLL (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhc1kej0ecd3\msvcp71.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhc1kej0ecd3\msvcr71.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhc1kej0ecd3\rhc1kej0ecd3.exe (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhc1kej0ecd3\rhc1kej0ecd3.exe.local (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhc1kej0ecd3\Uninstall.exe (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wintss32.dll (Dialer) -> Delete on reboot.
C:\Documents and Settings\All Users\Bureau\Antivirus XP 2008.lnk (Rogue.Antivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Antivirus XP 2008.lnk (Rogue.Antivirus2008) -> Quarantined and deleted successfully.
C:\WINDOWS\msacm32.drv (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Disk (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\svchost.exe:exe.exe (Rootkit.ADS) -> Quarantined and deleted successfully.
C:\WINDOWS\pskt.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\byXroLDs.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\BMc7e56e00.xml (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\BMc7e56e00.txt (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\blphc5kej0ecd3.scr (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lphc5kej0ecd3.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\phc5kej0ecd3.bmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Version de la base de données: 1026
Windows 5.1.2600 Service Pack 3
04:11:37 2008-08-05
mbam-log-8-5-2008 (04-11-37).txt
Type de recherche: Examen complet (C:\|)
Eléments examinés: 86964
Temps écoulé: 47 minute(s), 58 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 4
Clé(s) du Registre infectée(s): 24
Valeur(s) du Registre infectée(s): 8
Elément(s) de données du Registre infecté(s): 4
Dossier(s) infecté(s): 12
Fichier(s) infecté(s): 43
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
C:\WINDOWS\system32\mLeBSJcd.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\yrnodswv.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\jljehd.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\tuVmmNeB.dll (Trojan.Vundo) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53aca347-ee58-4f05-a4c1-9f86cd1c0334} (Trojan.Vundo) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{53aca347-ee58-4f05-a4c1-9f86cd1c0334} (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{aa3af88a-063d-4825-bcee-c6d2b177f726} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{aa3af88a-063d-4825-bcee-c6d2b177f726} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{109be732-8f8c-49d4-a3f4-fedcac7f0a25} (Trojan.BHO) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{109be732-8f8c-49d4-a3f4-fedcac7f0a25} (Trojan.BHO) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\rhc1kej0ecd3 (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\rhc1kej0ecd3 (Rogue.Multiple) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wintss32 (Dialer) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\fci (Rootkit.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\tcpsr (Rootkit.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\fci (Rootkit.ADS) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\fci (Rootkit.ADS) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\WR (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Software Notifier (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IProxyProvider (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\tuvmmneb (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSSMGR (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ICF (Rootkit.Agent) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\bmc7e56e00 (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\smrhc1kej0ecd3 (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\runner1 (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{109be732-8f8c-49d4-a3f4-fedcac7f0a25} (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lphc5kej0ecd3 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\originalwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\convertedwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\scrnsave.exe (Hijack.Wallpaper) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo) -> Data: c:\windows\system32\mlebsjcd -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\mlebsjcd -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispBackgroundPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispScrSavPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
C:\Program Files\rhc1kej0ecd3 (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\User\Application Data\rhc1kej0ecd3 (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\User\Application Data\rhc1kej0ecd3\Quarantine (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\User\Application Data\rhc1kej0ecd3\Quarantine\Autorun (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\User\Application Data\rhc1kej0ecd3\Quarantine\Autorun\HKCU (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\User\Application Data\rhc1kej0ecd3\Quarantine\Autorun\HKCU\RunOnce (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\User\Application Data\rhc1kej0ecd3\Quarantine\Autorun\HKLM (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\User\Application Data\rhc1kej0ecd3\Quarantine\Autorun\HKLM\RunOnce (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\User\Application Data\rhc1kej0ecd3\Quarantine\Autorun\StartMenuAllUsers (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\User\Application Data\rhc1kej0ecd3\Quarantine\Autorun\StartMenuCurrentUser (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\User\Application Data\rhc1kej0ecd3\Quarantine\BrowserObjects (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\User\Application Data\rhc1kej0ecd3\Quarantine\Packages (Rogue.Multiple) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\WINDOWS\system32\mLeBSJcd.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\dcJSBeLm.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dcJSBeLm.ini2 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jljehd.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\yrnodswv.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\tuVmmNeB.dll (Trojan.BHO) -> Delete on reboot.
C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\B0HDFE35\17PHolmes[1].cmt (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\B0HDFE35\ico[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\B0HDFE35\lrxherblpj[1].htm (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\CRWLFHZI\yflhrol[1].htm (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\CRWLFHZI\kb767887[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\GIH3JA5K\mpvspl[1].htm (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\GIH3JA5K\kb671231[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\LQKGQZKN\kb456456[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{5EEABD26-FC4D-48E4-B86B-B23469D204D3}\RP51\A0018013.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{5EEABD26-FC4D-48E4-B86B-B23469D204D3}\RP51\A0018019.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{5EEABD26-FC4D-48E4-B86B-B23469D204D3}\RP51\A0018020.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\mrofinu2000352.exe.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\buhsbqok.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yppfeuqo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\14dba3e.sys (Backdoor.Rustock) -> Quarantined and deleted successfully.
C:\Program Files\rhc1kej0ecd3\database.dat (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhc1kej0ecd3\license.txt (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhc1kej0ecd3\MFC71.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhc1kej0ecd3\MFC71ENU.DLL (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhc1kej0ecd3\msvcp71.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhc1kej0ecd3\msvcr71.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhc1kej0ecd3\rhc1kej0ecd3.exe (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhc1kej0ecd3\rhc1kej0ecd3.exe.local (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhc1kej0ecd3\Uninstall.exe (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wintss32.dll (Dialer) -> Delete on reboot.
C:\Documents and Settings\All Users\Bureau\Antivirus XP 2008.lnk (Rogue.Antivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Antivirus XP 2008.lnk (Rogue.Antivirus2008) -> Quarantined and deleted successfully.
C:\WINDOWS\msacm32.drv (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Disk (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\svchost.exe:exe.exe (Rootkit.ADS) -> Quarantined and deleted successfully.
C:\WINDOWS\pskt.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\byXroLDs.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\BMc7e56e00.xml (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\BMc7e56e00.txt (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\blphc5kej0ecd3.scr (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lphc5kej0ecd3.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\phc5kej0ecd3.bmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Bon ... jai fais 2 recherche, jai trouvé des logiciel malveillant les 2 fois... et maintenant je ne vois plus mon deskop du tout kan jouvre mon ordinateur, et un processus nommé Isass.exe est apparu dans mon gestionnaire de tache (seul chose que je peux voir) sinon , pas de bar de demarrage pas dicone etc. Ce phénomène c'est produit après avoir redemarré mon ordinateur pr deleter les fichier ''on reboot''. La je suis sur un portable pr vous ecrire ca, un coup de main serais le bienvenu :s.
De plus, MBAM de marche plus du tout et ce message apparait kan je le démarre ''Run time error 372''.
FAiled to load control ''Vbalgrid''from vbalsgrid.ocx. Your version of Vbalsgrid.ocx might be outdated. Make sure you are using the version of the application that was provided with your application.
S.O.S, je sais vrm plus quoi faire
FAiled to load control ''Vbalgrid''from vbalsgrid.ocx. Your version of Vbalsgrid.ocx might be outdated. Make sure you are using the version of the application that was provided with your application.
S.O.S, je sais vrm plus quoi faire
