Où est smitfraudfix?
Fermé
900div
Messages postés
2
Date d'inscription
lundi 18 août 2008
Statut
Membre
Dernière intervention
18 août 2008
-
18 août 2008 à 04:24
kilian Messages postés 8731 Date d'inscription vendredi 19 septembre 2003 Statut Modérateur Dernière intervention 20 août 2016 - 18 août 2008 à 17:36
kilian Messages postés 8731 Date d'inscription vendredi 19 septembre 2003 Statut Modérateur Dernière intervention 20 août 2016 - 18 août 2008 à 17:36
5 réponses
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 295
18 août 2008 à 04:54
18 août 2008 à 04:54
Salut,
- Télécharge et installe MalwareByte's Anti-Malware :
http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.htm
- Mets-le à jour
- Redémarre en mode sans échec (Recommandé) :
https://www.malekal.com/demarrer-windows-mode-sans-echec/
- Choisis ta session habituelle
- Fais un scan complet avec MalwareByte's Anti-Malware
- Supprime tout ce que le logiciel trouve, enregistre le rapport
- Redémarre en mode normal et poste le rapport ici
Tutorial :
http://www.malekal.com/tutorial_MalwareBytes_AntiMalware.ph
- Télécharge et installe MalwareByte's Anti-Malware :
http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.htm
- Mets-le à jour
- Redémarre en mode sans échec (Recommandé) :
https://www.malekal.com/demarrer-windows-mode-sans-echec/
- Choisis ta session habituelle
- Fais un scan complet avec MalwareByte's Anti-Malware
- Supprime tout ce que le logiciel trouve, enregistre le rapport
- Redémarre en mode normal et poste le rapport ici
Tutorial :
http://www.malekal.com/tutorial_MalwareBytes_AntiMalware.ph
900div
Messages postés
2
Date d'inscription
lundi 18 août 2008
Statut
Membre
Dernière intervention
18 août 2008
18 août 2008 à 15:03
18 août 2008 à 15:03
Malwarebytes' Anti-Malware 1.25
Version de la base de données: 1062
Windows 5.1.2600 Service Pack 2
14:46:56 18/08/2008
mbam-log-08-18-2008 (14-46-56).txt
Type de recherche: Examen complet (C:\|)
Eléments examinés: 122952
Temps écoulé: 1 hour(s), 43 minute(s), 28 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 20
Valeur(s) du Registre infectée(s): 4
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 6
Fichier(s) infecté(s): 13
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\centerlock.centerlock (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{8b8df25f-2c47-4473-8e1c-7f54ac7ef481} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{18cb1a7b-94cd-4582-8022-ada16851e44b} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18cb1a7b-94cd-4582-8022-ada16851e44b} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\centerlock.centerlock.1 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{83fdbef3-8376-4c55-90d9-e3a85693510a} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{cd7e3089-f429-4e57-aa41-5a4424cf485b} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Secure Solutions (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{af40e821-d147-4a39-a09b-c956999d7cee} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{a09db1d7-43d1-48fa-a240-31ff37affbdc} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{86544e26-4093-43dc-8e53-fdb8ddc5838a} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{aba69cf4-20fb-42ce-bb6d-b6171d64b8ec} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{c010421b-2629-4afc-9b44-90f25d3f27e7} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3ac2f6c6-0627-4e9d-80ab-4f89a561edce} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e319d7ce-97fb-4d35-a7de-eb33ebe7e8ed} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{36d92b01-22bc-4fb7-a7ac-c574873fddbe} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{36d92b01-22bc-4fb7-a7ac-c574873fddbe} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\VSPlugin (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\vwsrfton.bmaf (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\vwsrfton.toolbar.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\wbqxfpgl (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\s9201 (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\tpabfelq (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{aba69cf4-20fb-42ce-bb6d-b6171d64b8ec} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\Start Page (Hijack.Homepage) -> Bad: (http://softwarereferral.com/jump.php?wmid=6010&mid=MjI6Ojg5&lid=2 Good: (https://www.google.com/?gws_rd=ssl -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
C:\Documents and Settings\All Users.WINDOWS\Application Data\Secure Solutions (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users.WINDOWS\Application Data\Secure Solutions\Antispyware 2008 XP (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users.WINDOWS\Application Data\Secure Solutions\Antispyware 2008 XP\BASE (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users.WINDOWS\Application Data\Secure Solutions\Antispyware 2008 XP\DELETED (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users.WINDOWS\Application Data\Secure Solutions\Antispyware 2008 XP\LOG (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users.WINDOWS\Application Data\Secure Solutions\Antispyware 2008 XP\SAVED (Rogue.Multiple) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Documents and Settings\All Users.WINDOWS\Application Data\services\services.dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\RECYCLER\S-1-5-21-978463964-504261669-269896776-1006\Dc204.vxd (Adware.Winad) -> Quarantined and deleted successfully.
C:\WINDOWS\ateqoflr.exe (Trojan.Vapsup) -> Quarantined and deleted successfully.
C:\WINDOWS\edpw.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\wbqxfpgl.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users.WINDOWS\Application Data\Secure Solutions\Antispyware 2008 XP\as2008xp.exe (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users.WINDOWS\Application Data\Secure Solutions\Antispyware 2008 XP\LOG\20080818012732812.log (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\WINDOWS\tpabfelq.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\vwsrfton.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\mesdxbrqmnx.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\vincent.VINCENT-JG92XHN\Favoris\Error Cleaner.url (Rogue.Link) -> Quarantined and deleted successfully.
C:\Documents and Settings\vincent.VINCENT-JG92XHN\Favoris\Privacy Protector.url (Rogue.Link) -> Quarantined and deleted successfully.
C:\Documents and Settings\vincent.VINCENT-JG92XHN\Favoris\Spyware&Malware Protection.url (Rogue.Link) -> Quarantined and deleted successfully.
Version de la base de données: 1062
Windows 5.1.2600 Service Pack 2
14:46:56 18/08/2008
mbam-log-08-18-2008 (14-46-56).txt
Type de recherche: Examen complet (C:\|)
Eléments examinés: 122952
Temps écoulé: 1 hour(s), 43 minute(s), 28 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 20
Valeur(s) du Registre infectée(s): 4
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 6
Fichier(s) infecté(s): 13
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\centerlock.centerlock (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{8b8df25f-2c47-4473-8e1c-7f54ac7ef481} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{18cb1a7b-94cd-4582-8022-ada16851e44b} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18cb1a7b-94cd-4582-8022-ada16851e44b} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\centerlock.centerlock.1 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{83fdbef3-8376-4c55-90d9-e3a85693510a} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{cd7e3089-f429-4e57-aa41-5a4424cf485b} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Secure Solutions (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{af40e821-d147-4a39-a09b-c956999d7cee} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{a09db1d7-43d1-48fa-a240-31ff37affbdc} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{86544e26-4093-43dc-8e53-fdb8ddc5838a} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{aba69cf4-20fb-42ce-bb6d-b6171d64b8ec} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{c010421b-2629-4afc-9b44-90f25d3f27e7} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3ac2f6c6-0627-4e9d-80ab-4f89a561edce} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e319d7ce-97fb-4d35-a7de-eb33ebe7e8ed} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{36d92b01-22bc-4fb7-a7ac-c574873fddbe} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{36d92b01-22bc-4fb7-a7ac-c574873fddbe} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\VSPlugin (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\vwsrfton.bmaf (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\vwsrfton.toolbar.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\wbqxfpgl (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\s9201 (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\tpabfelq (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{aba69cf4-20fb-42ce-bb6d-b6171d64b8ec} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\Start Page (Hijack.Homepage) -> Bad: (http://softwarereferral.com/jump.php?wmid=6010&mid=MjI6Ojg5&lid=2 Good: (https://www.google.com/?gws_rd=ssl -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
C:\Documents and Settings\All Users.WINDOWS\Application Data\Secure Solutions (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users.WINDOWS\Application Data\Secure Solutions\Antispyware 2008 XP (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users.WINDOWS\Application Data\Secure Solutions\Antispyware 2008 XP\BASE (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users.WINDOWS\Application Data\Secure Solutions\Antispyware 2008 XP\DELETED (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users.WINDOWS\Application Data\Secure Solutions\Antispyware 2008 XP\LOG (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users.WINDOWS\Application Data\Secure Solutions\Antispyware 2008 XP\SAVED (Rogue.Multiple) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Documents and Settings\All Users.WINDOWS\Application Data\services\services.dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\RECYCLER\S-1-5-21-978463964-504261669-269896776-1006\Dc204.vxd (Adware.Winad) -> Quarantined and deleted successfully.
C:\WINDOWS\ateqoflr.exe (Trojan.Vapsup) -> Quarantined and deleted successfully.
C:\WINDOWS\edpw.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\wbqxfpgl.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users.WINDOWS\Application Data\Secure Solutions\Antispyware 2008 XP\as2008xp.exe (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users.WINDOWS\Application Data\Secure Solutions\Antispyware 2008 XP\LOG\20080818012732812.log (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\WINDOWS\tpabfelq.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\vwsrfton.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\mesdxbrqmnx.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\vincent.VINCENT-JG92XHN\Favoris\Error Cleaner.url (Rogue.Link) -> Quarantined and deleted successfully.
C:\Documents and Settings\vincent.VINCENT-JG92XHN\Favoris\Privacy Protector.url (Rogue.Link) -> Quarantined and deleted successfully.
C:\Documents and Settings\vincent.VINCENT-JG92XHN\Favoris\Spyware&Malware Protection.url (Rogue.Link) -> Quarantined and deleted successfully.
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 295
18 août 2008 à 17:10
18 août 2008 à 17:10
- Télécharge SmitfraudFix (de de S!Ri, balltrap34 et moe31) :
http://siri.urz.free.fr/Fix/SmitfraudFix.exe ou http://www.geekstogo.com/forum/files/file/6-smitfraudfix/
- Enregistre-le sur le bureau
- Double-clique sur SmitfraudFix.exe et choisis l'option 1 puis Entrée
- Un rapport sera généré, poste-le dans ta prochaine réponse.
[*] process.exe est détecté par certains antivirus comme étant un risktool. Il ne s'agit pas d'un virus mais d'un utilitaire destiné à mettre fin à des processus.[*]
** Ne fais l'étape 2 que si on te le demande, on doit d'abord examiner le premier rapport de SmitfraudFix
http://siri.urz.free.fr/Fix/SmitfraudFix.exe ou http://www.geekstogo.com/forum/files/file/6-smitfraudfix/
- Enregistre-le sur le bureau
- Double-clique sur SmitfraudFix.exe et choisis l'option 1 puis Entrée
- Un rapport sera généré, poste-le dans ta prochaine réponse.
[*] process.exe est détecté par certains antivirus comme étant un risktool. Il ne s'agit pas d'un virus mais d'un utilitaire destiné à mettre fin à des processus.[*]
** Ne fais l'étape 2 que si on te le demande, on doit d'abord examiner le premier rapport de SmitfraudFix
vauban27
Messages postés
9
Date d'inscription
lundi 18 août 2008
Statut
Membre
Dernière intervention
19 août 2008
18 août 2008 à 17:30
18 août 2008 à 17:30
oh désolé j'en avait créé un dont le titre commence par warning mais la personne qui a voulu m'aider ne connais pas ce virus.
mon sujet est "Warning YOUR COMPUTER IS INFECTED...." si vous pouvez m'y rejoindre
Désolé pour ma faute protocolaire. Espere vous revoir sur la discution que jai créée
mon sujet est "Warning YOUR COMPUTER IS INFECTED...." si vous pouvez m'y rejoindre
Désolé pour ma faute protocolaire. Espere vous revoir sur la discution que jai créée
kilian
Messages postés
8731
Date d'inscription
vendredi 19 septembre 2003
Statut
Modérateur
Dernière intervention
20 août 2016
1 527
18 août 2008 à 17:36
18 août 2008 à 17:36
Ecris un message dans ta discusion en écrivant "up" si tu veux la faire remonter ;-)
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 295
18 août 2008 à 17:31
18 août 2008 à 17:31
Mets le lien de ton topic.
