Virus
Fermé
ASM51300
-
6 août 2008 à 00:41
zorinho Messages postés 821 Date d'inscription mercredi 28 novembre 2007 Statut Membre Dernière intervention 29 novembre 2020 - 7 août 2008 à 02:10
zorinho Messages postés 821 Date d'inscription mercredi 28 novembre 2007 Statut Membre Dernière intervention 29 novembre 2020 - 7 août 2008 à 02:10
A voir également:
- Virus
- Youtu.be virus - Accueil - Guide virus
- Svchost.exe virus - Guide
- Faux message virus ordinateur - Accueil - Arnaque
- Tinyurl.com virus - Forum Virus
- Virus mcafee - Accueil - Piratage
4 réponses
latifa1998
Messages postés
41
Date d'inscription
samedi 28 juin 2008
Statut
Membre
Dernière intervention
5 juin 2009
4
6 août 2008 à 00:47
6 août 2008 à 00:47
sur www.secuser.com c'est le meilleur.
zorinho
Messages postés
821
Date d'inscription
mercredi 28 novembre 2007
Statut
Membre
Dernière intervention
29 novembre 2020
51
6 août 2008 à 00:50
6 août 2008 à 00:50
Salut,
Télécharge Malwarebytes' Anti-Malware (MBAM) et enregistre le sur ton Bureau à partir de ce lien :
https://www.malwarebytes.com/
1 A la fin du téléchargement, ferme toutes les fenêtres et programmes, y compris celui-ci.
2 Double-clique sur l'icône Download_mbam-setup.exe sur ton bureau pour démarrer le programme d'installation.
3 Pendant l'installation, suis les indications (en particulier le choix de la langue et l'autorisation d'accession à Internet). N'apporte aucune modification aux réglages par défaut et, en fin d'installation, vérifie que les options Update Malwarebytes' Anti-Malware et Launch Malwarebytes' Anti-Malware sont cochées.
4 MBAM démarrera automatiquement et enverra un message demandant à mettre à jour le programme avant de lancer une analyse. Comme MBAM se met automatiquement à jour en fin d'installation, clique sur OK pour fermer la boîte de dialogue. La fenêtre principale de MBAM s'affiche
-----------------------------------------------------------------------------------------------------------------------------------------------------
redémarre ton ordi en mode sans échec
------------------------------------------------------------------------------------------------------------------------------------------------------------
Lance MBAM (en mode sans échec donc)
5 Dans l'onglet analyse, vérifie que "Exécuter un examen complet" est coché et clique sur le bouton Rechercher pour démarrer l'analyse.
6 MBAM analyse ton ordinateur. L'analyse peut prendre un certain temps. Il suffit de vérifier de temps en temps son avancement.
7 A la fin de l'analyse, un message s'affiche indiquant la fin de l'analyse. Clique sur OK pour poursuivre.
8 Si des malwares ont été détectés, leur liste s'affiche.
En cliquant sur Suppression (?) , MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
9 MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Ferme le Bloc-notes. (Le rapport peut être retrouvé sous l'onglet Rapports/logs)
10 Ferme MBAM en cliquant sur Quitter.
11 Poste le rapport dans ta réponse
------------------------------------------------------------------------------------------------------
Ensuite,
Télécharge Hijackthis https://www.malekal.com/tutoriel-hijackthis/
Colle un rapport d'analyse aussi
--------------------------------------------------------------------------------------------------------------------------------------
A plus
Zor
Télécharge Malwarebytes' Anti-Malware (MBAM) et enregistre le sur ton Bureau à partir de ce lien :
https://www.malwarebytes.com/
1 A la fin du téléchargement, ferme toutes les fenêtres et programmes, y compris celui-ci.
2 Double-clique sur l'icône Download_mbam-setup.exe sur ton bureau pour démarrer le programme d'installation.
3 Pendant l'installation, suis les indications (en particulier le choix de la langue et l'autorisation d'accession à Internet). N'apporte aucune modification aux réglages par défaut et, en fin d'installation, vérifie que les options Update Malwarebytes' Anti-Malware et Launch Malwarebytes' Anti-Malware sont cochées.
4 MBAM démarrera automatiquement et enverra un message demandant à mettre à jour le programme avant de lancer une analyse. Comme MBAM se met automatiquement à jour en fin d'installation, clique sur OK pour fermer la boîte de dialogue. La fenêtre principale de MBAM s'affiche
-----------------------------------------------------------------------------------------------------------------------------------------------------
redémarre ton ordi en mode sans échec
------------------------------------------------------------------------------------------------------------------------------------------------------------
Lance MBAM (en mode sans échec donc)
5 Dans l'onglet analyse, vérifie que "Exécuter un examen complet" est coché et clique sur le bouton Rechercher pour démarrer l'analyse.
6 MBAM analyse ton ordinateur. L'analyse peut prendre un certain temps. Il suffit de vérifier de temps en temps son avancement.
7 A la fin de l'analyse, un message s'affiche indiquant la fin de l'analyse. Clique sur OK pour poursuivre.
8 Si des malwares ont été détectés, leur liste s'affiche.
En cliquant sur Suppression (?) , MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
9 MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Ferme le Bloc-notes. (Le rapport peut être retrouvé sous l'onglet Rapports/logs)
10 Ferme MBAM en cliquant sur Quitter.
11 Poste le rapport dans ta réponse
------------------------------------------------------------------------------------------------------
Ensuite,
Télécharge Hijackthis https://www.malekal.com/tutoriel-hijackthis/
Colle un rapport d'analyse aussi
--------------------------------------------------------------------------------------------------------------------------------------
A plus
Zor
Voici le rapport avec MBAM :
Malwarebytes' Anti-Malware 1.24
Version de la base de données: 1030
Windows 5.1.2600 Service Pack 2
00:38:44 07/08/2008
mbam-log-8-7-2008 (00-38-44).txt
Type de recherche: Examen complet (C:\|)
Eléments examinés: 107136
Temps écoulé: 1 hour(s), 12 minute(s), 41 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 44
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 16
Fichier(s) infecté(s): 21
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\edfqvrw.bdgr (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\edfqvrw.toolbar.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\codecbho.codecplugin (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{84562fca-ee8b-4585-a1d1-eae97b23370e} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{48e92754-2daf-4de4-8385-34f631580e9b} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{a1c23ba2-8f20-4c01-b663-7ff2b3421194} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{098716a9-0310-4cbe-bd64-b790a9761158} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{098716a9-0310-4cbe-bd64-b790a9761158} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d37d6c1a-7ba4-47f4-9bf2-75031e257df6} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\codecbho.codecplugin.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{f4406238-983a-4845-9053-f1d0007fd135} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\codecbho.xmldomdocumenteventssink (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\codecbho.xmldomdocumenteventssink.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{21c40a12-3079-4a70-a715-8a44ce0de829} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2a3e745f-1eae-441f-a5d5-e53c909ceec1} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2f6a3dcf-d68f-4663-8c25-312bcdbe4d47} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{48129b70-2f29-4dba-a499-beb1a1554e10} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{484e9a1b-c631-47f3-9bc0-f752cdaafb9a} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{a1886d5e-3508-4109-a8a0-f045aa86f3a3} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{a2817460-5c53-4b41-8d01-d3ef255dd41e} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{aeea2138-2168-449e-b995-b56612eef65e} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{aefd40bb-03e3-4c66-abfb-b5720acb833e} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{b9c7a624-88e3-4dfa-8d56-438b10bc0149} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{d21fbdce-ef01-417c-a1a1-c1eedb8d5db6} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{eba2671e-29bf-42d8-b17e-ab5315cc73c5} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{f105f0c9-50e2-44fa-b3ec-92ca7bfe0c0d} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{f664ea90-9b91-4825-9b51-5635ac38cca6} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{03f65a7b-6e49-4ace-848b-4459ddbd3981} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{15125718-d196-47c9-8fbf-9889c0c85d67} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{6d7f9517-f134-45e3-bf2e-73414ff15ca1} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{5dde5591-a8ab-4897-93ef-1e4e943f85a7} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5dde5591-a8ab-4897-93ef-1e4e943f85a7} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{cc18ae76-7e65-4258-a193-9ea0c52da6b8} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{45C2FDBE-1D46-B98E-F9A9-9D44B93A9D52} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\rhcn53j0e7a5 (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\rhcn53j0e7a5 (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Software Notifier (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\CodecBHO.DLL (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\RichVideoCodec (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_FMTR (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\VideoAXObject.Chl (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Security Tools (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\VirusLocker (Rogue.Virus.Locker) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Video ActiveX Solution (Trojan.Zlob) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{cc18ae76-7e65-4258-a193-9ea0c52da6b8} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\smrhcn53j0e7a5 (Rogue.Multiple) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispBackgroundPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispScrSavPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
C:\Program Files\VirusProtectPro 3.7 (Rogue.VirusProtectPro) -> Quarantined and deleted successfully.
C:\Program Files\RichVideoCodec (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Video ActiveX Access (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Program Files\rhcn53j0e7a5 (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\GILLES RAT\Local Settings\Temp\NI.UGA6PV_0001_N108M0207 (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\GILLES RAT\Application Data\rhcn53j0e7a5 (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\GILLES RAT\Application Data\rhcn53j0e7a5\Quarantine (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\GILLES RAT\Application Data\rhcn53j0e7a5\Quarantine\Autorun (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\GILLES RAT\Application Data\rhcn53j0e7a5\Quarantine\Autorun\HKCU (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\GILLES RAT\Application Data\rhcn53j0e7a5\Quarantine\Autorun\HKCU\RunOnce (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\GILLES RAT\Application Data\rhcn53j0e7a5\Quarantine\Autorun\HKLM (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\GILLES RAT\Application Data\rhcn53j0e7a5\Quarantine\Autorun\HKLM\RunOnce (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\GILLES RAT\Application Data\rhcn53j0e7a5\Quarantine\Autorun\StartMenuAllUsers (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\GILLES RAT\Application Data\rhcn53j0e7a5\Quarantine\Autorun\StartMenuCurrentUser (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\GILLES RAT\Application Data\rhcn53j0e7a5\Quarantine\BrowserObjects (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\GILLES RAT\Application Data\rhcn53j0e7a5\Quarantine\Packages (Rogue.Multiple) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\WINDOWS\system32\RichVideoCodec.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\AVG\AntivirusGold 5.0\DbgHelp.Dll (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP238\A0202002.exe (Rogue.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\4B.tmp (Rogue.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\4C.tmp (Rogue.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pphcj53j0e7a5.exe (Rogue.Agent) -> Quarantined and deleted successfully.
C:\Program Files\VirusProtectPro 3.7\vpp.ini (Rogue.VirusProtectPro) -> Quarantined and deleted successfully.
C:\Program Files\RichVideoCodec\MultiLoader.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Video ActiveX Access\ot.ico (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Program Files\Video ActiveX Access\ts.ico (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Program Files\rhcn53j0e7a5\database.dat (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhcn53j0e7a5\license.txt (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhcn53j0e7a5\MFC71.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhcn53j0e7a5\MFC71ENU.DLL (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhcn53j0e7a5\msvcp71.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhcn53j0e7a5\msvcr71.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhcn53j0e7a5\rhcn53j0e7a5.exe (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhcn53j0e7a5\rhcn53j0e7a5.exe.local (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhcn53j0e7a5\Uninstall.exe (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\phcj53j0e7a5.bmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\GILLES RAT\Application Data\Microsoft\Internet Explorer\Quick Launch\Antivirus XP 2008.lnk (Rogue.Antivirus2008) -> Quarantined and deleted successfully.
Avast ne détecte plus le virus donc je pense qu'il a été supprimer donc je ne pas installer le 2eme logiciel
Malwarebytes' Anti-Malware 1.24
Version de la base de données: 1030
Windows 5.1.2600 Service Pack 2
00:38:44 07/08/2008
mbam-log-8-7-2008 (00-38-44).txt
Type de recherche: Examen complet (C:\|)
Eléments examinés: 107136
Temps écoulé: 1 hour(s), 12 minute(s), 41 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 44
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 16
Fichier(s) infecté(s): 21
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\edfqvrw.bdgr (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\edfqvrw.toolbar.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\codecbho.codecplugin (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{84562fca-ee8b-4585-a1d1-eae97b23370e} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{48e92754-2daf-4de4-8385-34f631580e9b} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{a1c23ba2-8f20-4c01-b663-7ff2b3421194} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{098716a9-0310-4cbe-bd64-b790a9761158} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{098716a9-0310-4cbe-bd64-b790a9761158} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d37d6c1a-7ba4-47f4-9bf2-75031e257df6} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\codecbho.codecplugin.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{f4406238-983a-4845-9053-f1d0007fd135} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\codecbho.xmldomdocumenteventssink (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\codecbho.xmldomdocumenteventssink.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{21c40a12-3079-4a70-a715-8a44ce0de829} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2a3e745f-1eae-441f-a5d5-e53c909ceec1} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2f6a3dcf-d68f-4663-8c25-312bcdbe4d47} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{48129b70-2f29-4dba-a499-beb1a1554e10} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{484e9a1b-c631-47f3-9bc0-f752cdaafb9a} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{a1886d5e-3508-4109-a8a0-f045aa86f3a3} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{a2817460-5c53-4b41-8d01-d3ef255dd41e} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{aeea2138-2168-449e-b995-b56612eef65e} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{aefd40bb-03e3-4c66-abfb-b5720acb833e} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{b9c7a624-88e3-4dfa-8d56-438b10bc0149} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{d21fbdce-ef01-417c-a1a1-c1eedb8d5db6} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{eba2671e-29bf-42d8-b17e-ab5315cc73c5} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{f105f0c9-50e2-44fa-b3ec-92ca7bfe0c0d} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{f664ea90-9b91-4825-9b51-5635ac38cca6} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{03f65a7b-6e49-4ace-848b-4459ddbd3981} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{15125718-d196-47c9-8fbf-9889c0c85d67} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{6d7f9517-f134-45e3-bf2e-73414ff15ca1} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{5dde5591-a8ab-4897-93ef-1e4e943f85a7} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5dde5591-a8ab-4897-93ef-1e4e943f85a7} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{cc18ae76-7e65-4258-a193-9ea0c52da6b8} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{45C2FDBE-1D46-B98E-F9A9-9D44B93A9D52} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\rhcn53j0e7a5 (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\rhcn53j0e7a5 (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Software Notifier (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\CodecBHO.DLL (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\RichVideoCodec (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_FMTR (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\VideoAXObject.Chl (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Security Tools (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\VirusLocker (Rogue.Virus.Locker) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Video ActiveX Solution (Trojan.Zlob) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{cc18ae76-7e65-4258-a193-9ea0c52da6b8} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\smrhcn53j0e7a5 (Rogue.Multiple) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispBackgroundPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispScrSavPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
C:\Program Files\VirusProtectPro 3.7 (Rogue.VirusProtectPro) -> Quarantined and deleted successfully.
C:\Program Files\RichVideoCodec (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Video ActiveX Access (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Program Files\rhcn53j0e7a5 (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\GILLES RAT\Local Settings\Temp\NI.UGA6PV_0001_N108M0207 (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\GILLES RAT\Application Data\rhcn53j0e7a5 (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\GILLES RAT\Application Data\rhcn53j0e7a5\Quarantine (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\GILLES RAT\Application Data\rhcn53j0e7a5\Quarantine\Autorun (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\GILLES RAT\Application Data\rhcn53j0e7a5\Quarantine\Autorun\HKCU (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\GILLES RAT\Application Data\rhcn53j0e7a5\Quarantine\Autorun\HKCU\RunOnce (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\GILLES RAT\Application Data\rhcn53j0e7a5\Quarantine\Autorun\HKLM (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\GILLES RAT\Application Data\rhcn53j0e7a5\Quarantine\Autorun\HKLM\RunOnce (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\GILLES RAT\Application Data\rhcn53j0e7a5\Quarantine\Autorun\StartMenuAllUsers (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\GILLES RAT\Application Data\rhcn53j0e7a5\Quarantine\Autorun\StartMenuCurrentUser (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\GILLES RAT\Application Data\rhcn53j0e7a5\Quarantine\BrowserObjects (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\GILLES RAT\Application Data\rhcn53j0e7a5\Quarantine\Packages (Rogue.Multiple) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\WINDOWS\system32\RichVideoCodec.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\AVG\AntivirusGold 5.0\DbgHelp.Dll (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{1A9B7404-6AE2-4AD1-A3BA-19DEBFDC696C}\RP238\A0202002.exe (Rogue.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\4B.tmp (Rogue.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\4C.tmp (Rogue.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pphcj53j0e7a5.exe (Rogue.Agent) -> Quarantined and deleted successfully.
C:\Program Files\VirusProtectPro 3.7\vpp.ini (Rogue.VirusProtectPro) -> Quarantined and deleted successfully.
C:\Program Files\RichVideoCodec\MultiLoader.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Video ActiveX Access\ot.ico (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Program Files\Video ActiveX Access\ts.ico (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Program Files\rhcn53j0e7a5\database.dat (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhcn53j0e7a5\license.txt (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhcn53j0e7a5\MFC71.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhcn53j0e7a5\MFC71ENU.DLL (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhcn53j0e7a5\msvcp71.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhcn53j0e7a5\msvcr71.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhcn53j0e7a5\rhcn53j0e7a5.exe (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhcn53j0e7a5\rhcn53j0e7a5.exe.local (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhcn53j0e7a5\Uninstall.exe (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\phcj53j0e7a5.bmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\GILLES RAT\Application Data\Microsoft\Internet Explorer\Quick Launch\Antivirus XP 2008.lnk (Rogue.Antivirus2008) -> Quarantined and deleted successfully.
Avast ne détecte plus le virus donc je pense qu'il a été supprimer donc je ne pas installer le 2eme logiciel
zorinho
Messages postés
821
Date d'inscription
mercredi 28 novembre 2007
Statut
Membre
Dernière intervention
29 novembre 2020
51
7 août 2008 à 02:10
7 août 2008 à 02:10
Ceci dit, Avast n'est pas le top
Je te conseille de désinstaller Avast https://www.avast.com/fr-fr/uninstall-utility
au profit de Antivir https://www.malekal.com/avira-free-security-antivirus-gratuit/
A toi de voir, mais lis ceci https://forum.malekal.com/viewtopic.php?f=45&t=11659
A plus
Zor
Je te conseille de désinstaller Avast https://www.avast.com/fr-fr/uninstall-utility
au profit de Antivir https://www.malekal.com/avira-free-security-antivirus-gratuit/
A toi de voir, mais lis ceci https://forum.malekal.com/viewtopic.php?f=45&t=11659
A plus
Zor
