Re :fenetres intempestives avec firefox
Fermé
mike32
-
9 août 2008 à 10:56
Sloubi76 Messages postés 1366 Date d'inscription dimanche 11 mai 2008 Statut Membre Dernière intervention 10 décembre 2016 - 9 août 2008 à 21:40
Sloubi76 Messages postés 1366 Date d'inscription dimanche 11 mai 2008 Statut Membre Dernière intervention 10 décembre 2016 - 9 août 2008 à 21:40
A voir également:
- Re :fenetres intempestives avec firefox
- Re mail - Forum Messagerie
- Video downloadhelper firefox - Télécharger - Outils pour navigateurs
- Firefox gratuit - Télécharger - Navigateurs
- Importer marque page firefox - Guide
- Ublock origin firefox - Télécharger - Outils pour navigateurs
2 réponses
Sloubi76
Messages postés
1366
Date d'inscription
dimanche 11 mai 2008
Statut
Membre
Dernière intervention
10 décembre 2016
135
9 août 2008 à 11:28
9 août 2008 à 11:28
Bonjour Mike,
Télécharge et installe Malwarebyte's Anti-Malware :
http://www.malwarebytes.org/mbam/program/mbam-setup.exe
- A la fin de l'installation, veille à ce que l'option « mettre a jour Malwarebyte's Anti-Malware » soit cochée
- Lance Malwarebyte's Anti-Malware, laisse les Mises à jour se télécharger et referme le programme
Redémarre en "Mode sans échec" : redémarre ton ordinateur et tapote sur la touche F8 (sinon F5) jusqu'à l'affichage du menu des options avancées de Windows, et sélectionne "Mode sans échec".
Choisis ta session habituelle
Lance Malwarebyte's Anti-Malware
- Puis va dans l'onglet "Recherche", coche "Exécuter un examen complet" puis "Rechercher"
- Sélectionne tes disques durs" puis clique sur "Lancer l’examen"
- A la fin du scan, clique sur Afficher les résultats puis sur Enregistrer le rapport
- Suppression des éléments détectés --> clique sur Supprimer la sélection
- S'il t'es demandé de redémarrer, clique sur Yes
Post le rapport stp
@ +
Télécharge et installe Malwarebyte's Anti-Malware :
http://www.malwarebytes.org/mbam/program/mbam-setup.exe
- A la fin de l'installation, veille à ce que l'option « mettre a jour Malwarebyte's Anti-Malware » soit cochée
- Lance Malwarebyte's Anti-Malware, laisse les Mises à jour se télécharger et referme le programme
Redémarre en "Mode sans échec" : redémarre ton ordinateur et tapote sur la touche F8 (sinon F5) jusqu'à l'affichage du menu des options avancées de Windows, et sélectionne "Mode sans échec".
Choisis ta session habituelle
Lance Malwarebyte's Anti-Malware
- Puis va dans l'onglet "Recherche", coche "Exécuter un examen complet" puis "Rechercher"
- Sélectionne tes disques durs" puis clique sur "Lancer l’examen"
- A la fin du scan, clique sur Afficher les résultats puis sur Enregistrer le rapport
- Suppression des éléments détectés --> clique sur Supprimer la sélection
- S'il t'es demandé de redémarrer, clique sur Yes
Post le rapport stp
@ +
mike32
Messages postés
4
Date d'inscription
samedi 9 août 2008
Statut
Membre
Dernière intervention
12 janvier 2012
9 août 2008 à 12:52
9 août 2008 à 12:52
merci je vais suivre ton conseil j'espère que ça marchera
9 août 2008 à 15:10
Malwarebytes' Anti-Malware 1.24
Version de la base de données: 1035
Windows 5.1.2600 Service Pack 2
15:01:11 09/08/2008
mbam-log-8-9-2008 (15-00-59).txt
Type de recherche: Examen complet (C:\|)
Eléments examinés: 83025
Temps écoulé: 1 hour(s), 44 minute(s), 34 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 11
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 79
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
C:\WINDOWS\system32\tuvSJcyV.dll (Trojan.Vundo) -> No action taken.
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf905039-bb9d-4c6f-83ef-97e429f641a2} (Trojan.Vundo) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{bf905039-bb9d-4c6f-83ef-97e429f641a2} (Trojan.Vundo) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{684bfe7f-f5b2-4ab3-a95e-eb5036a2d286} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{684bfe7f-f5b2-4ab3-a95e-eb5036a2d286} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\tuvsjcyv (Trojan.Vundo) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Trojan.Vundo) -> No action taken.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{684bfe7f-f5b2-4ab3-a95e-eb5036a2d286} (Trojan.Vundo) -> No action taken.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\wvukiysq -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\CheckedValue (Hijack.System.Hidden) -> Bad: (0) Good: (1) -> No action taken.
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\WINDOWS\system32\abilkb.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\ecwvrmmo.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\ommrvwce.ini (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\haxhioeo.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\oeoihxah.ini (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\htwhteor.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\roethwth.ini (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\lcvsfyll.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\llyfsvcl.ini (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\rgfwnaym.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\myanwfgr.ini (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\rykaxmlq.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\qlmxakyr.ini (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\skpbtibs.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\sbitbpks.ini (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\vbaycxgd.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\dgxcyabv.ini (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\waiwvrpa.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\aprvwiaw.ini (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\wfvrrwca.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\acwrrvfw.ini (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\ycahcmat.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\tamchacy.ini (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\tuvSJcyV.dll (Trojan.Vundo) -> No action taken.
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\03T0Z0YE\kb767887[1] (Trojan.Vundo) -> No action taken.
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\FKT8DVUU\kb767887[1] (Trojan.Vundo) -> No action taken.
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\LSS2XFOM\kb456456[1] (Trojan.Vundo) -> No action taken.
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\LSS2XFOM\kb456456[2] (Trojan.Vundo) -> No action taken.
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\M7MUBB5U\kb456456[1] (Trojan.Vundo) -> No action taken.
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\M7MUBB5U\kb767887[1] (Trojan.Vundo) -> No action taken.
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\VMAK4K27\kb456456[1] (Trojan.Vundo) -> No action taken.
C:\System Volume Information\_restore{349C922A-D23E-4DA4-943E-06C96DEE2F88}\RP315\A0056491.dll (Trojan.Vundo) -> No action taken.
C:\System Volume Information\_restore{349C922A-D23E-4DA4-943E-06C96DEE2F88}\RP317\A0057572.dll (Trojan.Vundo) -> No action taken.
C:\System Volume Information\_restore{349C922A-D23E-4DA4-943E-06C96DEE2F88}\RP318\A0057637.dll (Trojan.Vundo) -> No action taken.
C:\System Volume Information\_restore{349C922A-D23E-4DA4-943E-06C96DEE2F88}\RP321\A0057743.dll (Trojan.Vundo) -> No action taken.
C:\System Volume Information\_restore{349C922A-D23E-4DA4-943E-06C96DEE2F88}\RP321\A0057827.dll (Trojan.Vundo) -> No action taken.
C:\System Volume Information\_restore{349C922A-D23E-4DA4-943E-06C96DEE2F88}\RP324\A0059175.dll (Trojan.Vundo) -> No action taken.
C:\System Volume Information\_restore{349C922A-D23E-4DA4-943E-06C96DEE2F88}\RP325\A0059212.dll (Trojan.Vundo) -> No action taken.
C:\System Volume Information\_restore{349C922A-D23E-4DA4-943E-06C96DEE2F88}\RP328\A0059335.dll (Trojan.Vundo) -> No action taken.
C:\System Volume Information\_restore{349C922A-D23E-4DA4-943E-06C96DEE2F88}\RP331\A0061404.dll (Trojan.Vundo) -> No action taken.
C:\System Volume Information\_restore{349C922A-D23E-4DA4-943E-06C96DEE2F88}\RP333\A0061558.dll (Trojan.BHO) -> No action taken.
C:\System Volume Information\_restore{349C922A-D23E-4DA4-943E-06C96DEE2F88}\RP335\A0061624.dll (Trojan.Vundo) -> No action taken.
C:\System Volume Information\_restore{349C922A-D23E-4DA4-943E-06C96DEE2F88}\RP335\A0061625.dll (Trojan.Vundo) -> No action taken.
C:\System Volume Information\_restore{349C922A-D23E-4DA4-943E-06C96DEE2F88}\RP336\A0061658.dll (Trojan.Vundo) -> No action taken.
C:\System Volume Information\_restore{349C922A-D23E-4DA4-943E-06C96DEE2F88}\RP337\A0061705.dll (Trojan.Vundo) -> No action taken.
C:\System Volume Information\_restore{349C922A-D23E-4DA4-943E-06C96DEE2F88}\RP337\A0061706.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\asocknts.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\czppju.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\eagnswsk.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\emnwgylx.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\fccyxXom.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\heiihw.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\iosqgrpa.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\iovflwew.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\jczckz.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\jibpbz.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\ksbqrgys.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\kxcelv.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\lsljvu.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\niomvvqf.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\obojfbly.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\oimyky.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\okgxmw.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\pcvkcnyq.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\qxplea.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\rjitslpy.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\rvowtlua.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\svheyucd.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\ttgdembu.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\tuvSJcyV.Vdll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\vdkfocga.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\wvUkIYsQ.Vdll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\xsbuta.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\zbetpg.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\zqiqcy.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\NODC31.tmp (Trojan.Vundo) -> No action taken.
C:\WINDOWS\Temp\NODC34.tmp (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\kavo1.dll (Spyware.OnlineGames) -> No action taken.
C:\WINDOWS\cookies.ini (Malware.Trace) -> No action taken.
Malwarebytes' Anti-Malware 1.24
Version de la base de données: 1035
Windows 5.1.2600 Service Pack 2
15:02:33 09/08/2008
mbam-log-8-9-2008 (15-02-33).txt
Type de recherche: Examen complet (C:\|)
Eléments examinés: 83025
Temps écoulé: 1 hour(s), 44 minute(s), 34 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 11
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 79
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
C:\WINDOWS\system32\tuvSJcyV.dll (Trojan.Vundo) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf905039-bb9d-4c6f-83ef-97e429f641a2} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{bf905039-bb9d-4c6f-83ef-97e429f641a2} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{684bfe7f-f5b2-4ab3-a95e-eb5036a2d286} (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{684bfe7f-f5b2-4ab3-a95e-eb5036a2d286} (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\tuvsjcyv (Trojan.Vundo) -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Trojan.Vundo) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{684bfe7f-f5b2-4ab3-a95e-eb5036a2d286} (Trojan.Vundo) -> Delete on reboot.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\wvukiysq -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\CheckedValue (Hijack.System.Hidden) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\WINDOWS\system32\abilkb.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ecwvrmmo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ommrvwce.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\haxhioeo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\oeoihxah.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\htwhteor.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\roethwth.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lcvsfyll.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\llyfsvcl.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rgfwnaym.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\myanwfgr.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rykaxmlq.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qlmxakyr.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\skpbtibs.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sbitbpks.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vbaycxgd.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dgxcyabv.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\waiwvrpa.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\aprvwiaw.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wfvrrwca.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\acwrrvfw.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ycahcmat.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tamchacy.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tuvSJcyV.dll (Trojan.Vundo) -> Delete on reboot.
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\03T0Z0YE\kb767887[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\FKT8DVUU\kb767887[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\LSS2XFOM\kb456456[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\LSS2XFOM\kb456456[2] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\M7MUBB5U\kb456456[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\M7MUBB5U\kb767887[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\VMAK4K27\kb456456[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{349C922A-D23E-4DA4-943E-06C96DEE2F88}\RP315\A0056491.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{349C922A-D23E-4DA4-943E-06C96DEE2F88}\RP317\A0057572.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{349C922A-D23E-4DA4-943E-06C96DEE2F88}\RP318\A0057637.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{349C922A-D23E-4DA4-943E-06C96DEE2F88}\RP321\A0057743.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{349C922A-D23E-4DA4-943E-06C96DEE2F88}\RP321\A0057827.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{349C922A-D23E-4DA4-943E-06C96DEE2F88}\RP324\A0059175.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{349C922A-D23E-4DA4-943E-06C96DEE2F88}\RP325\A0059212.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{349C922A-D23E-4DA4-943E-06C96DEE2F88}\RP328\A0059335.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{349C922A-D23E-4DA4-943E-06C96DEE2F88}\RP331\A0061404.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{349C922A-D23E-4DA4-943E-06C96DEE2F88}\RP333\A0061558.dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{349C922A-D23E-4DA4-943E-06C96DEE2F88}\RP335\A0061624.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{349C922A-D23E-4DA4-943E-06C96DEE2F88}\RP335\A0061625.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{349C922A-D23E-4DA4-943E-06C96DEE2F88}\RP336\A0061658.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{349C922A-D23E-4DA4-943E-06C96DEE2F88}\RP337\A0061705.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{349C922A-D23E-4DA4-943E-06C96DEE2F88}\RP337\A0061706.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\asocknts.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\czppju.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\eagnswsk.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\emnwgylx.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fccyxXom.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\heiihw.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\iosqgrpa.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\iovflwew.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jczckz.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jibpbz.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ksbqrgys.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kxcelv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lsljvu.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\niomvvqf.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\obojfbly.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\oimyky.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\okgxmw.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pcvkcnyq.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qxplea.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rjitslpy.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rvowtlua.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\svheyucd.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ttgdembu.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tuvSJcyV.Vdll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vdkfocga.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wvUkIYsQ.Vdll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xsbuta.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\zbetpg.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\zqiqcy.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\NODC31.tmp (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\NODC34.tmp (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kavo1.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\WINDOWS\cookies.ini (Malware.Trace) -> Quarantined and deleted successfully.
9 août 2008 à 16:26
Télécharge HijackThis ici :
-> http://www.trendsecure.com/portal/en-US/_download/HiJackThis.exe
Tutoriel d´instalation : (Merci a Balltrap34 pour cette réalisation)
-> http://pageperso.aol.fr/balltrap34/Hijenr.gif
Tutoriel d´utilisation (video) : (Merci a Balltrap34 pour cette réalisation)
-> http://perso.orange.fr/rginformatique/section%20virus/demohijack.htm
Renomer Hijackthis, pour contrer une éventuelle infection de Vundo.
ex : Renomme le fichier HijackThis.exe en CCM.exe pour cela, fais un clic droit sur le fichier HijackThis.exe et choisis renommer dans la liste
Ensuite avec Explorer créer un dossier c:\hijackthis
Décompresser Hijackthis dans ce dossier.
C'est important pour les sauvegardes.
Post le rapport généré ici stp...
@ +
9 août 2008 à 18:03
voila j'ai telechargé puis installé hijackthis en suivant le lien que tu m'as indiqué par contre c'etait pas un fichier zippé je l'ai aussi renommé comme tu l'as suggeré et j'ai fait un petit scan voici le rapport
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:51:24, on 09/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Administrateur\Bureau\bitcomet\BitComet.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Administrateur\Bureau\bitcomet\plugin_emule\plugin_eMule.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Administrateur\Bureau\CCM.exe.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: (no name) - {00052D92-EE16-4E76-AA99-B4A1AD6A6400} - C:\WINDOWS\system32\wvUkIYsQ.dll (file missing)
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Documents and Settings\Administrateur\Bureau\bitcomet\tools\BitCometBHO_1.2.2.28.dll
O2 - BHO: (no name) - {684BFE7F-F5B2-4AB3-A95E-EB5036A2D286} - C:\WINDOWS\system32\tuvSJcyV.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [BDSwitchAgent] "C:\PROGRA~1\softwin\BITDEF~1\bdswitch.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" /OM
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart
O4 - HKCU\..\Run: [BitComet] "C:\Documents and Settings\Administrateur\Bureau\bitcomet\BitComet.exe" /tray
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [kava] C:\WINDOWS\system32\kavo.exe
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Documents and Settings\Administrateur\Bureau\bitcomet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Documents and Settings\Administrateur\Bureau\bitcomet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Documents and Settings\Administrateur\Bureau\bitcomet\BitComet.exe/AddAllLink.htm
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Documents and Settings\Administrateur\Bureau\bitcomet\tools\BitCometBHO_1.2.2.28.dll/206 (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {084DAC27-6FA3-4F55-9005-033F2F102F5C} (ITPPDiagIE Class) - http://data.jeuxclassiques.com/npwwg.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O20 - AppInit_DLLs: rvfuor.dll
O20 - Winlogon Notify: tuvSJcyV - C:\WINDOWS\SYSTEM32\tuvSJcyV.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
9 août 2008 à 21:40
C'est normal qu'il soit différent du 1er après intervention de Malware.
Passe Ccleaner !
>>Ici pour télécharger
>> Tuto complet Là
A l'installation de Ccleaner dans les options d'installation >> décoche l'option de la barre d'outils Yahoo!
- Démarre Ccleaner
- Dans Nettoyeur
* Onglet Windows ne coche pas la case Avancé
- Onglet Applications laisse toutes les cases cochées
* Dans Erreurs décoche la case devant Intégrité du registre et Intégrité des fichiers
* Retourne dans Nettoyeur Clique sur le bouton Analyse puis celle-ci finie sur Lancer le nettoyage
Recommence les opérations de nettoyage jusqu'à nettoyage complet
Et post un nouveau rapport Hitjack STP,
@ +