Antivirus XP
Fermé
doukris
Messages postés
2
Date d'inscription
mardi 12 août 2008
Statut
Membre
Dernière intervention
13 août 2008
-
12 août 2008 à 21:00
kduc Messages postés 1462 Date d'inscription lundi 4 août 2008 Statut Membre Dernière intervention 1 novembre 2011 - 13 août 2008 à 23:39
kduc Messages postés 1462 Date d'inscription lundi 4 août 2008 Statut Membre Dernière intervention 1 novembre 2011 - 13 août 2008 à 23:39
A voir également:
- Antivirus XP
- Telecharger windows xp - Télécharger - Systèmes d'exploitation
- Comodo antivirus - Télécharger - Sécurité
- Panda antivirus - Télécharger - Antivirus & Antimalwares
- Avast antivirus gratuit - Télécharger - Antivirus & Antimalwares
- Cle windows xp - Guide
3 réponses
kduc
Messages postés
1462
Date d'inscription
lundi 4 août 2008
Statut
Membre
Dernière intervention
1 novembre 2011
133
12 août 2008 à 21:25
12 août 2008 à 21:25
Salut,
Si tu le trouves, désinstalle Antivirus XP 2008, en allant dans …
1/ Démarrer > Panneau de Config. > Ajout/suppres… des programmes
(ou Programmes et fonctionnalités si tu es sous Vista)
2/ Démarrer > Poste de travail > C:\Program Files\...
-------
Fais un scan avec
http://www.infos-du-net.com/forum/278396-11-tuto-malwarebytes-anti-malware-mbam
... et poste le rapport.
PS : pour supprimer les infections, choisis l'option Supprimer la sélection
ou clique sur le bouton Remove Selected (version anglaise) en bas à gauche.
Si tu le trouves, désinstalle Antivirus XP 2008, en allant dans …
1/ Démarrer > Panneau de Config. > Ajout/suppres… des programmes
(ou Programmes et fonctionnalités si tu es sous Vista)
2/ Démarrer > Poste de travail > C:\Program Files\...
-------
Fais un scan avec
http://www.infos-du-net.com/forum/278396-11-tuto-malwarebytes-anti-malware-mbam
... et poste le rapport.
PS : pour supprimer les infections, choisis l'option Supprimer la sélection
ou clique sur le bouton Remove Selected (version anglaise) en bas à gauche.
doukris
Messages postés
2
Date d'inscription
mardi 12 août 2008
Statut
Membre
Dernière intervention
13 août 2008
13 août 2008 à 21:36
13 août 2008 à 21:36
Bonsoir,
Merci d'avoir répondu aussi rapidement!
J'ai suivi les instructions; voici les deux log que j obtiens:
Malwarebytes' Anti-Malware 1.24
Version de la base de données: 1045
Windows 5.1.2600 Service Pack 2
19:05:45 13/08/2008
mbam-log-8-13-2008 (19-05-45).txt
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 117211
Temps écoulé: 40 minute(s), 10 second(s)
Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 10
Valeur(s) du Registre infectée(s): 6
Elément(s) de données du Registre infecté(s): 3
Dossier(s) infecté(s): 11
Fichier(s) infecté(s): 22
Processus mémoire infecté(s):
C:\WINDOWS\system32\lphcpa2j0eldp.exe (Trojan.FakeAlert) -> Unloaded process successfully.
Module(s) mémoire infecté(s):
C:\WINDOWS\system32\blphcpa2j0eldp.scr (Trojan.FakeAlert) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\urlsearchhook.softomateurlsearchhook (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{4509d3cc-b642-4745-b030-645b79522c6d} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{4897bba6-48d9-468c-8efa-846275d7701b} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ca3eb689-8f09-4026-aa10-b9534c691ce0} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\urlsearchhook.softomateurlsearchhook.1 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\rhcta2j0eldp (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Software Notifier (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sysrest.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sysrest.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sysrest.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sysrest32.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lphcpa2j0eldp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\wallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\originalwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\convertedwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\scrnsave.exe (Hijack.Wallpaper) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\System (Rootkit.DNSChanger) -> Data: kdxdw.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispBackgroundPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispScrSavPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
C:\Documents and Settings\Kristell\Application Data\rhcta2j0eldp (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kristell\Application Data\rhcta2j0eldp\Quarantine (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kristell\Application Data\rhcta2j0eldp\Quarantine\BrowserObjects (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kristell\Application Data\rhcta2j0eldp\Quarantine\Packages (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kristell\Application Data\rhcta2j0eldp\Quarantine\Autorun (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kristell\Application Data\rhcta2j0eldp\Quarantine\Autorun\HKCU (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kristell\Application Data\rhcta2j0eldp\Quarantine\Autorun\HKCU\RunOnce (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kristell\Application Data\rhcta2j0eldp\Quarantine\Autorun\HKLM (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kristell\Application Data\rhcta2j0eldp\Quarantine\Autorun\HKLM\RunOnce (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kristell\Application Data\rhcta2j0eldp\Quarantine\Autorun\StartMenuAllUsers (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kristell\Application Data\rhcta2j0eldp\Quarantine\Autorun\StartMenuCurrentUser (Rogue.Multiple) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\WINDOWS\system32\kdxdw.exe (Rootkit.DNSChanger) -> Delete on reboot.
C:\Program Files\AOL Security Toolbar\tbuE\TBHELPER.DLL (Trojan.BHO) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sysrest32.exe (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\phcpa2j0eldp.bmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lphcpa2j0eldp.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\blphcpa2j0eldp.scr (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pphcpa2j0eldp.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sysrest.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kristell\Application Data\Microsoft\Internet Explorer\Quick Launch\Antivirus XP 2008.lnk (Rogue.Antivirus2008) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kristell\Local Settings\Temp\.tt15.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kristell\Local Settings\Temp\.tt3.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kristell\Local Settings\Temp\.tt8.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kristell\Local Settings\Temp\.tt4.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kristell\Local Settings\Temp\.tt6.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kristell\Local Settings\Temp\.tt7.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kristell\Local Settings\Temp\.ttE.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kristell\Local Settings\Temp\.tt9.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kristell\Local Settings\Temp\.ttB.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kristell\Local Settings\Temp\.ttA.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kristell\Local Settings\Temp\.ttF.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kristell\Local Settings\Temp\.ttC.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kristell\Local Settings\Temp\.ttD.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
La seconde
Malwarebytes' Anti-Malware 1.24
Version de la base de données: 1045
Windows 5.1.2600 Service Pack 2
20:26:18 13/08/2008
mbam-log-8-13-2008 (20-26-17).txt
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 116410
Temps écoulé: 1 hour(s), 14 minute(s), 25 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
J'espère que c'est un bon résultat...
Merci d'avance!
Merci d'avoir répondu aussi rapidement!
J'ai suivi les instructions; voici les deux log que j obtiens:
Malwarebytes' Anti-Malware 1.24
Version de la base de données: 1045
Windows 5.1.2600 Service Pack 2
19:05:45 13/08/2008
mbam-log-8-13-2008 (19-05-45).txt
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 117211
Temps écoulé: 40 minute(s), 10 second(s)
Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 10
Valeur(s) du Registre infectée(s): 6
Elément(s) de données du Registre infecté(s): 3
Dossier(s) infecté(s): 11
Fichier(s) infecté(s): 22
Processus mémoire infecté(s):
C:\WINDOWS\system32\lphcpa2j0eldp.exe (Trojan.FakeAlert) -> Unloaded process successfully.
Module(s) mémoire infecté(s):
C:\WINDOWS\system32\blphcpa2j0eldp.scr (Trojan.FakeAlert) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\urlsearchhook.softomateurlsearchhook (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{4509d3cc-b642-4745-b030-645b79522c6d} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{4897bba6-48d9-468c-8efa-846275d7701b} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ca3eb689-8f09-4026-aa10-b9534c691ce0} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\urlsearchhook.softomateurlsearchhook.1 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\rhcta2j0eldp (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Software Notifier (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sysrest.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sysrest.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sysrest.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sysrest32.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lphcpa2j0eldp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\wallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\originalwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\convertedwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\scrnsave.exe (Hijack.Wallpaper) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\System (Rootkit.DNSChanger) -> Data: kdxdw.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispBackgroundPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispScrSavPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
C:\Documents and Settings\Kristell\Application Data\rhcta2j0eldp (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kristell\Application Data\rhcta2j0eldp\Quarantine (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kristell\Application Data\rhcta2j0eldp\Quarantine\BrowserObjects (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kristell\Application Data\rhcta2j0eldp\Quarantine\Packages (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kristell\Application Data\rhcta2j0eldp\Quarantine\Autorun (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kristell\Application Data\rhcta2j0eldp\Quarantine\Autorun\HKCU (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kristell\Application Data\rhcta2j0eldp\Quarantine\Autorun\HKCU\RunOnce (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kristell\Application Data\rhcta2j0eldp\Quarantine\Autorun\HKLM (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kristell\Application Data\rhcta2j0eldp\Quarantine\Autorun\HKLM\RunOnce (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kristell\Application Data\rhcta2j0eldp\Quarantine\Autorun\StartMenuAllUsers (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kristell\Application Data\rhcta2j0eldp\Quarantine\Autorun\StartMenuCurrentUser (Rogue.Multiple) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\WINDOWS\system32\kdxdw.exe (Rootkit.DNSChanger) -> Delete on reboot.
C:\Program Files\AOL Security Toolbar\tbuE\TBHELPER.DLL (Trojan.BHO) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sysrest32.exe (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\phcpa2j0eldp.bmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lphcpa2j0eldp.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\blphcpa2j0eldp.scr (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pphcpa2j0eldp.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sysrest.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kristell\Application Data\Microsoft\Internet Explorer\Quick Launch\Antivirus XP 2008.lnk (Rogue.Antivirus2008) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kristell\Local Settings\Temp\.tt15.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kristell\Local Settings\Temp\.tt3.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kristell\Local Settings\Temp\.tt8.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kristell\Local Settings\Temp\.tt4.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kristell\Local Settings\Temp\.tt6.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kristell\Local Settings\Temp\.tt7.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kristell\Local Settings\Temp\.ttE.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kristell\Local Settings\Temp\.tt9.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kristell\Local Settings\Temp\.ttB.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kristell\Local Settings\Temp\.ttA.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kristell\Local Settings\Temp\.ttF.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kristell\Local Settings\Temp\.ttC.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kristell\Local Settings\Temp\.ttD.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
La seconde
Malwarebytes' Anti-Malware 1.24
Version de la base de données: 1045
Windows 5.1.2600 Service Pack 2
20:26:18 13/08/2008
mbam-log-8-13-2008 (20-26-17).txt
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 116410
Temps écoulé: 1 hour(s), 14 minute(s), 25 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
J'espère que c'est un bon résultat...
Merci d'avance!
kduc
Messages postés
1462
Date d'inscription
lundi 4 août 2008
Statut
Membre
Dernière intervention
1 novembre 2011
133
13 août 2008 à 23:39
13 août 2008 à 23:39
Salut,
C' est un excellent résultat !
Toujours infecté ?
(si ce n’ est déjà fait) Télécharge CCleaner ...
http://www.filehippo.com/download_ccleaner.html
("Download Latest Version", sur la droite) et laisse-toi guider.
Ne coche pas >> "Ajouter la barre d' outils Yahoo".
Laisse-le s’ installer tel que …
Ferme toutes les fenêtres et applications.
Relance HijackThis et clique sur > Do a system scan only puis, coche
les cases devant les lignes qui suivent (et uniquement ces lignes), si tjrs présentes :
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [lphcpa2j0eldp] C:\WINDOWS\system32\lphcpa2j0eldp.exe
O4 - HKLM\..\Run: [C:\WINDOWS\system32\kdxdw.exe] C:\WINDOWS\system32\kdxdw.exe
Ensuite, clique sur > Fix checked et valide par "Yes". Referme HijackThis.
Ensuite, va dans > Démarrer > Poste de travail > C:\
et supprime le(s) fichier(s) en gras, ci-dessous, si tu le(s) trouves.
C:\WINDOWS\system32\lphcpa2j0eldp.exe
C:\WINDOWS\system32\kdxdw.exe
Vide la Corbeille.
Lance CCleaner ...
Clique sur > Analyse > Lancer le nettoyage, puis sur OK dans la fenêtre qui s' affiche.
(re)Lance le nettoyage et (re)confirme par OK.
-------
Scanne en ligne https://forum.pcastuces.com/sujet.asp?f=25&s=31584&page=1 ... pour voir.
Poste (copie-colle) le rapport dans ton prochain message.
C' est un excellent résultat !
Toujours infecté ?
(si ce n’ est déjà fait) Télécharge CCleaner ...
http://www.filehippo.com/download_ccleaner.html
("Download Latest Version", sur la droite) et laisse-toi guider.
Ne coche pas >> "Ajouter la barre d' outils Yahoo".
Laisse-le s’ installer tel que …
Ferme toutes les fenêtres et applications.
Relance HijackThis et clique sur > Do a system scan only puis, coche
les cases devant les lignes qui suivent (et uniquement ces lignes), si tjrs présentes :
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [lphcpa2j0eldp] C:\WINDOWS\system32\lphcpa2j0eldp.exe
O4 - HKLM\..\Run: [C:\WINDOWS\system32\kdxdw.exe] C:\WINDOWS\system32\kdxdw.exe
Ensuite, clique sur > Fix checked et valide par "Yes". Referme HijackThis.
Ensuite, va dans > Démarrer > Poste de travail > C:\
et supprime le(s) fichier(s) en gras, ci-dessous, si tu le(s) trouves.
C:\WINDOWS\system32\lphcpa2j0eldp.exe
C:\WINDOWS\system32\kdxdw.exe
Vide la Corbeille.
Lance CCleaner ...
Clique sur > Analyse > Lancer le nettoyage, puis sur OK dans la fenêtre qui s' affiche.
(re)Lance le nettoyage et (re)confirme par OK.
-------
Scanne en ligne https://forum.pcastuces.com/sujet.asp?f=25&s=31584&page=1 ... pour voir.
Poste (copie-colle) le rapport dans ton prochain message.