VIRUS DOWNLOADER au secours !!
Fermé
magda91
Messages postés
5
Date d'inscription
dimanche 10 août 2008
Statut
Membre
Dernière intervention
10 août 2008
-
10 août 2008 à 12:13
AlexSF72 - 10 août 2008 à 16:50
AlexSF72 - 10 août 2008 à 16:50
A voir également:
- VIRUS DOWNLOADER au secours !!
- Telecharger downloader pour pc - Télécharger - Téléchargement & Transfert
- Svchost.exe virus - Guide
- Youtu.be virus - Guide
- Youtube downloader windows - Télécharger - Conversion & Codecs
- Mp3 downloader pc - Télécharger - Conversion & Extraction
8 réponses
Slt, tu peux charger gratuitement : The cleaner V5.1 free edition , il éffectue une analyse complete des fichiers, ( env. 45mn) et permet d'éliminer pas mal de saloperies.
magda91
Messages postés
5
Date d'inscription
dimanche 10 août 2008
Statut
Membre
Dernière intervention
10 août 2008
10 août 2008 à 12:25
10 août 2008 à 12:25
Je viens de lancer l'analyse par the cleaner, j'attends le résultat, merci pour ta réponse.
Une fois l'analyse terminée il faut afficher le rapport et s'il y a quelque chose, cliquer sur " repair" . Apres tu peux toujours refaire une analyse avec ton antivirus pour voir.
magda91
Messages postés
5
Date d'inscription
dimanche 10 août 2008
Statut
Membre
Dernière intervention
10 août 2008
10 août 2008 à 12:50
10 août 2008 à 12:50
Justement le problème c'est que norton antivirus ne réussit pas à faire une analyse complète (il analyse à peine 8000 fichiers et s'arrête) et il me dit que mon pc est sécurisé, mais en même temps, des fenêtres s'ouvrent toutes les 5 sec me disant qu'il bloque xp antivirus, depuis 10h30 ce matin (sachant que la première alerte a eu lieu a 06h59 lorsque j'ai ouvert ce fameux mail et que l'alerte disait qu'elle bloquait trojan busode).
Je poste le rapport de the cleaner dès que c'est terminé.
Je poste le rapport de the cleaner dès que c'est terminé.
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Norton n'est pas un trés bon antivirus, tu peux le désinstaller completement avec "Norton removal tool" que tu trouvera dans Clubic ou sur google. Les meilleurs sont Kapersky, panda, Bitdefender, (payants) mais j'ai vu qu'il éxiste une version de Bitdefender gratuite sur comment ça marche avec quelques fonctions en moins, il faut voir. Parfois Norton envois de faux messages d'alerte pou inciter à acheter la derniere version
magda91
Messages postés
5
Date d'inscription
dimanche 10 août 2008
Statut
Membre
Dernière intervention
10 août 2008
10 août 2008 à 13:44
10 août 2008 à 13:44
J'ai effectué une analyse avec malwarebytes' (j'ai trouvé le conseil dans le post intitulé virus downloader - trojan horse) en attendant car the cleaner n'était pas encore terminé. Voilà le rapport. En tout cas je viens de redémarrer mon ordi et tout a l'air d'aller mieux, plus aucun message d'alerte et pas de fenêtre avec xp antivirus qui s'ouvre au démarrage. Pourvu que ca dure !
Malwarebytes' Anti-Malware 1.24
Version de la base de données: 1036
Windows 5.1.2600 Service Pack 2
13:28:33 10/08/2008
mbam-log-8-10-2008 (13-28-33).txt
Type de recherche: Examen rapide
Eléments examinés: 47374
Temps écoulé: 6 minute(s), 36 second(s)
Processus mémoire infecté(s): 2
Module(s) mémoire infecté(s): 3
Clé(s) du Registre infectée(s): 3
Valeur(s) du Registre infectée(s): 6
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 23
Fichier(s) infecté(s): 15
Processus mémoire infecté(s):
C:\Program Files\rhcjkcj0e9fg\rhcjkcj0e9fg.exe (Rogue.Multiple) -> Unloaded process successfully.
C:\WINDOWS\system32\lphcnkcj0e9fg.exe (Trojan.FakeAlert) -> Unloaded process successfully.
Module(s) mémoire infecté(s):
C:\Program Files\rhcjkcj0e9fg\MFC71.dll (Rogue.Multiple) -> Delete on reboot.
C:\Program Files\rhcjkcj0e9fg\msvcp71.dll (Rogue.Multiple) -> Delete on reboot.
C:\Program Files\rhcjkcj0e9fg\msvcr71.dll (Rogue.Multiple) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\rhcjkcj0e9fg (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\rhcjkcj0e9fg (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Software Notifier (Rogue.Multiple) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\smrhcjkcj0e9fg (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lphcnkcj0e9fg (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\wallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\originalwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\convertedwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\scrnsave.exe (Hijack.Wallpaper) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispBackgroundPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispScrSavPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
C:\Program Files\rhcjkcj0e9fg (Rogue.Multiple) -> Quarantined and deleted successfully.
D:\Documents and Settings\Magda M\Application Data\rhcjkcj0e9fg (Rogue.Multiple) -> Quarantined and deleted successfully.
D:\Documents and Settings\Magda M\Application Data\rhcjkcj0e9fg\Quarantine (Rogue.Multiple) -> Quarantined and deleted successfully.
D:\Documents and Settings\Magda M\Application Data\rhcjkcj0e9fg\Quarantine\Autorun (Rogue.Multiple) -> Quarantined and deleted successfully.
D:\Documents and Settings\Magda M\Application Data\rhcjkcj0e9fg\Quarantine\Autorun\HKCU (Rogue.Multiple) -> Quarantined and deleted successfully.
D:\Documents and Settings\Magda M\Application Data\rhcjkcj0e9fg\Quarantine\Autorun\HKCU\RunOnce (Rogue.Multiple) -> Quarantined and deleted successfully.
D:\Documents and Settings\Magda M\Application Data\rhcjkcj0e9fg\Quarantine\Autorun\HKLM (Rogue.Multiple) -> Quarantined and deleted successfully.
D:\Documents and Settings\Magda M\Application Data\rhcjkcj0e9fg\Quarantine\Autorun\HKLM\RunOnce (Rogue.Multiple) -> Quarantined and deleted successfully.
D:\Documents and Settings\Magda M\Application Data\rhcjkcj0e9fg\Quarantine\Autorun\StartMenuAllUsers (Rogue.Multiple) -> Quarantined and deleted successfully.
D:\Documents and Settings\Magda M\Application Data\rhcjkcj0e9fg\Quarantine\Autorun\StartMenuCurrentUser (Rogue.Multiple) -> Quarantined and deleted successfully.
D:\Documents and Settings\Magda M\Application Data\rhcjkcj0e9fg\Quarantine\BrowserObjects (Rogue.Multiple) -> Quarantined and deleted successfully.
D:\Documents and Settings\Magda M\Application Data\rhcjkcj0e9fg\Quarantine\Packages (Rogue.Multiple) -> Quarantined and deleted successfully.
D:\Documents and Settings\LocalService\Application Data\rhcjkcj0e9fg (Rogue.Multiple) -> Quarantined and deleted successfully.
D:\Documents and Settings\LocalService\Application Data\rhcjkcj0e9fg\Quarantine (Rogue.Multiple) -> Quarantined and deleted successfully.
D:\Documents and Settings\LocalService\Application Data\rhcjkcj0e9fg\Quarantine\Autorun (Rogue.Multiple) -> Quarantined and deleted successfully.
D:\Documents and Settings\LocalService\Application Data\rhcjkcj0e9fg\Quarantine\Autorun\HKCU (Rogue.Multiple) -> Quarantined and deleted successfully.
D:\Documents and Settings\LocalService\Application Data\rhcjkcj0e9fg\Quarantine\Autorun\HKCU\RunOnce (Rogue.Multiple) -> Quarantined and deleted successfully.
D:\Documents and Settings\LocalService\Application Data\rhcjkcj0e9fg\Quarantine\Autorun\HKLM (Rogue.Multiple) -> Quarantined and deleted successfully.
D:\Documents and Settings\LocalService\Application Data\rhcjkcj0e9fg\Quarantine\Autorun\HKLM\RunOnce (Rogue.Multiple) -> Quarantined and deleted successfully.
D:\Documents and Settings\LocalService\Application Data\rhcjkcj0e9fg\Quarantine\Autorun\StartMenuAllUsers (Rogue.Multiple) -> Quarantined and deleted successfully.
D:\Documents and Settings\LocalService\Application Data\rhcjkcj0e9fg\Quarantine\Autorun\StartMenuCurrentUser (Rogue.Multiple) -> Quarantined and deleted successfully.
D:\Documents and Settings\LocalService\Application Data\rhcjkcj0e9fg\Quarantine\BrowserObjects (Rogue.Multiple) -> Quarantined and deleted successfully.
D:\Documents and Settings\LocalService\Application Data\rhcjkcj0e9fg\Quarantine\Packages (Rogue.Multiple) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Program Files\rhcjkcj0e9fg\database.dat (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhcjkcj0e9fg\license.txt (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhcjkcj0e9fg\MFC71.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhcjkcj0e9fg\MFC71ENU.DLL (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhcjkcj0e9fg\msvcp71.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhcjkcj0e9fg\msvcr71.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhcjkcj0e9fg\rhcjkcj0e9fg.exe (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhcjkcj0e9fg\rhcjkcj0e9fg.exe.local (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhcjkcj0e9fg\Uninstall.exe (Rogue.Multiple) -> Quarantined and deleted successfully.
D:\Documents and Settings\All Users\Bureau\Antivirus XP 2008.lnk (Rogue.Antivirus) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lphcnkcj0e9fg.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mlrrwwbdai_navps.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mlrrwwbdai_nav.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
D:\Documents and Settings\Magda M\Local Settings\Temp\.tt1.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\Documents and Settings\Magda M\Local Settings\Temp\.tt4.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
Malwarebytes' Anti-Malware 1.24
Version de la base de données: 1036
Windows 5.1.2600 Service Pack 2
13:28:33 10/08/2008
mbam-log-8-10-2008 (13-28-33).txt
Type de recherche: Examen rapide
Eléments examinés: 47374
Temps écoulé: 6 minute(s), 36 second(s)
Processus mémoire infecté(s): 2
Module(s) mémoire infecté(s): 3
Clé(s) du Registre infectée(s): 3
Valeur(s) du Registre infectée(s): 6
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 23
Fichier(s) infecté(s): 15
Processus mémoire infecté(s):
C:\Program Files\rhcjkcj0e9fg\rhcjkcj0e9fg.exe (Rogue.Multiple) -> Unloaded process successfully.
C:\WINDOWS\system32\lphcnkcj0e9fg.exe (Trojan.FakeAlert) -> Unloaded process successfully.
Module(s) mémoire infecté(s):
C:\Program Files\rhcjkcj0e9fg\MFC71.dll (Rogue.Multiple) -> Delete on reboot.
C:\Program Files\rhcjkcj0e9fg\msvcp71.dll (Rogue.Multiple) -> Delete on reboot.
C:\Program Files\rhcjkcj0e9fg\msvcr71.dll (Rogue.Multiple) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\rhcjkcj0e9fg (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\rhcjkcj0e9fg (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Software Notifier (Rogue.Multiple) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\smrhcjkcj0e9fg (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lphcnkcj0e9fg (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\wallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\originalwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\convertedwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\scrnsave.exe (Hijack.Wallpaper) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispBackgroundPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispScrSavPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
C:\Program Files\rhcjkcj0e9fg (Rogue.Multiple) -> Quarantined and deleted successfully.
D:\Documents and Settings\Magda M\Application Data\rhcjkcj0e9fg (Rogue.Multiple) -> Quarantined and deleted successfully.
D:\Documents and Settings\Magda M\Application Data\rhcjkcj0e9fg\Quarantine (Rogue.Multiple) -> Quarantined and deleted successfully.
D:\Documents and Settings\Magda M\Application Data\rhcjkcj0e9fg\Quarantine\Autorun (Rogue.Multiple) -> Quarantined and deleted successfully.
D:\Documents and Settings\Magda M\Application Data\rhcjkcj0e9fg\Quarantine\Autorun\HKCU (Rogue.Multiple) -> Quarantined and deleted successfully.
D:\Documents and Settings\Magda M\Application Data\rhcjkcj0e9fg\Quarantine\Autorun\HKCU\RunOnce (Rogue.Multiple) -> Quarantined and deleted successfully.
D:\Documents and Settings\Magda M\Application Data\rhcjkcj0e9fg\Quarantine\Autorun\HKLM (Rogue.Multiple) -> Quarantined and deleted successfully.
D:\Documents and Settings\Magda M\Application Data\rhcjkcj0e9fg\Quarantine\Autorun\HKLM\RunOnce (Rogue.Multiple) -> Quarantined and deleted successfully.
D:\Documents and Settings\Magda M\Application Data\rhcjkcj0e9fg\Quarantine\Autorun\StartMenuAllUsers (Rogue.Multiple) -> Quarantined and deleted successfully.
D:\Documents and Settings\Magda M\Application Data\rhcjkcj0e9fg\Quarantine\Autorun\StartMenuCurrentUser (Rogue.Multiple) -> Quarantined and deleted successfully.
D:\Documents and Settings\Magda M\Application Data\rhcjkcj0e9fg\Quarantine\BrowserObjects (Rogue.Multiple) -> Quarantined and deleted successfully.
D:\Documents and Settings\Magda M\Application Data\rhcjkcj0e9fg\Quarantine\Packages (Rogue.Multiple) -> Quarantined and deleted successfully.
D:\Documents and Settings\LocalService\Application Data\rhcjkcj0e9fg (Rogue.Multiple) -> Quarantined and deleted successfully.
D:\Documents and Settings\LocalService\Application Data\rhcjkcj0e9fg\Quarantine (Rogue.Multiple) -> Quarantined and deleted successfully.
D:\Documents and Settings\LocalService\Application Data\rhcjkcj0e9fg\Quarantine\Autorun (Rogue.Multiple) -> Quarantined and deleted successfully.
D:\Documents and Settings\LocalService\Application Data\rhcjkcj0e9fg\Quarantine\Autorun\HKCU (Rogue.Multiple) -> Quarantined and deleted successfully.
D:\Documents and Settings\LocalService\Application Data\rhcjkcj0e9fg\Quarantine\Autorun\HKCU\RunOnce (Rogue.Multiple) -> Quarantined and deleted successfully.
D:\Documents and Settings\LocalService\Application Data\rhcjkcj0e9fg\Quarantine\Autorun\HKLM (Rogue.Multiple) -> Quarantined and deleted successfully.
D:\Documents and Settings\LocalService\Application Data\rhcjkcj0e9fg\Quarantine\Autorun\HKLM\RunOnce (Rogue.Multiple) -> Quarantined and deleted successfully.
D:\Documents and Settings\LocalService\Application Data\rhcjkcj0e9fg\Quarantine\Autorun\StartMenuAllUsers (Rogue.Multiple) -> Quarantined and deleted successfully.
D:\Documents and Settings\LocalService\Application Data\rhcjkcj0e9fg\Quarantine\Autorun\StartMenuCurrentUser (Rogue.Multiple) -> Quarantined and deleted successfully.
D:\Documents and Settings\LocalService\Application Data\rhcjkcj0e9fg\Quarantine\BrowserObjects (Rogue.Multiple) -> Quarantined and deleted successfully.
D:\Documents and Settings\LocalService\Application Data\rhcjkcj0e9fg\Quarantine\Packages (Rogue.Multiple) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Program Files\rhcjkcj0e9fg\database.dat (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhcjkcj0e9fg\license.txt (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhcjkcj0e9fg\MFC71.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhcjkcj0e9fg\MFC71ENU.DLL (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhcjkcj0e9fg\msvcp71.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhcjkcj0e9fg\msvcr71.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhcjkcj0e9fg\rhcjkcj0e9fg.exe (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhcjkcj0e9fg\rhcjkcj0e9fg.exe.local (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\rhcjkcj0e9fg\Uninstall.exe (Rogue.Multiple) -> Quarantined and deleted successfully.
D:\Documents and Settings\All Users\Bureau\Antivirus XP 2008.lnk (Rogue.Antivirus) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lphcnkcj0e9fg.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mlrrwwbdai_navps.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mlrrwwbdai_nav.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
D:\Documents and Settings\Magda M\Local Settings\Temp\.tt1.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\Documents and Settings\Magda M\Local Settings\Temp\.tt4.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
magda91
Messages postés
5
Date d'inscription
dimanche 10 août 2008
Statut
Membre
Dernière intervention
10 août 2008
10 août 2008 à 13:46
10 août 2008 à 13:46
Concernant norton antivirus, il est payant également c'est 50 euros tous les ans !! Je pense le changer quand il arrivera à expiration dans 2 mois mais je ne sais pas vraiment quoi choisir. Merci pour tes conseils en tout cas.
Magda 91, aucun antivirus, anti spyware,anti trojans ne peut te garantir une sécurité absolue, mais avec 1 bon antivirus, Kapersky, panda ou Bitdefender, (pour ma part , j'ai BitDefender) + 1 anti spyware, (spyware Terminator) + The Cleaner, spécialiste des trojans on peut gérer le systeme. Tout cela ne suffit pas à éviter l'intrusion d'un trojan, comme je l'ai dit plus haut ; Ne pas ouvrir de liens inconnus!!!! où tu connais , ou t'élimine, c'est clair?
