A voir également:
- Besoin d'aides urgent contre un virus
- Youtu.be virus - Accueil - Guide virus
- Svchost.exe virus - Guide
- Virus mcafee - Accueil - Piratage
- Faux message virus ordinateur - Accueil - Arnaque
- Faux message virus iphone ✓ - Forum Virus
24 réponses
xploadxcr
Messages postés
147
Date d'inscription
dimanche 5 octobre 2008
Statut
Membre
Dernière intervention
19 octobre 2008
17
6 oct. 2008 à 21:05
6 oct. 2008 à 21:05
Si ç ne marche pas avais dejà tu fais une sauvegarde réstauration système sinon tu vas devoir refaire une réinstalle
helpmeplease43
Messages postés
93
Date d'inscription
lundi 6 octobre 2008
Statut
Membre
Dernière intervention
24 janvier 2014
3
6 oct. 2008 à 21:08
6 oct. 2008 à 21:08
bon j'ai 7 fichier se terminant par .dll qui sont considéré comme nuisible , voici la liste :
- C:\Program files\webHancer\programs\sporder.dll
- C:\Program Files\Smart Antivirus 2009\zlib.dll
- C:\WINDOWS\system32\TDSSI.dll
- C:\WINDOWS\nkefbltdvts.dll
- C:\WINDOWS\dkwqgnbe.dll
- C:\WINDOWS\neksolda.dll
- C:\WINDOWS\system32\qbpggddqkvszqt.dll
voilou, ct bien long a écrire tt sa mai o moins tu vois tous les fichier se terminant par ".dll" que malwarebytes a trouvé . t'en pense quoi ? je dois les supprimer ou enregistré le rapport avant ?
merci d'avance ... Nico
- C:\Program files\webHancer\programs\sporder.dll
- C:\Program Files\Smart Antivirus 2009\zlib.dll
- C:\WINDOWS\system32\TDSSI.dll
- C:\WINDOWS\nkefbltdvts.dll
- C:\WINDOWS\dkwqgnbe.dll
- C:\WINDOWS\neksolda.dll
- C:\WINDOWS\system32\qbpggddqkvszqt.dll
voilou, ct bien long a écrire tt sa mai o moins tu vois tous les fichier se terminant par ".dll" que malwarebytes a trouvé . t'en pense quoi ? je dois les supprimer ou enregistré le rapport avant ?
merci d'avance ... Nico
helpmeplease43
Messages postés
93
Date d'inscription
lundi 6 octobre 2008
Statut
Membre
Dernière intervention
24 janvier 2014
3
6 oct. 2008 à 21:12
6 oct. 2008 à 21:12
voilà le rapport que j'ai obtenu en supprimant tous les fichier . je vais devoir redemarrer mon ordi . je te tiens o courant pour la suite d événement :
le rapport :
Malwarebytes' Anti-Malware 1.28
Version de la base de données: 1234
Windows 5.1.2600 Service Pack 2
06/10/2008 21:09:56
mbam-log-2008-10-06 (21-09-56).txt
Type de recherche: Examen complet (C:\|E:\|F:\|)
Eléments examinés: 151626
Temps écoulé: 55 minute(s), 33 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 26
Valeur(s) du Registre infectée(s): 4
Elément(s) de données du Registre infecté(s): 18
Dossier(s) infecté(s): 7
Fichier(s) infecté(s): 31
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\whiehelperobj.whiehelperobj.1 (Adware.WebHancer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{c89435b0-cdfe-11d3-976a-00e02913a9e0} (Adware.WebHancer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c900b400-cdfe-11d3-976a-00e02913a9e0} (Adware.WebHancer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{c8cb3870-cdfe-11d3-976a-00e02913a9e0} (Adware.WebHancer) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\tdssdata (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\tdss (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\__c0038ea3 (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\whiehelperobj.whiehelperobj (Adware.WebHancer) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\webHancer Agent (Adware.WebHancer) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\webHancer (Adware.WebHancer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{6b4e4123-8c4e-49c5-ace7-8bca6c709931} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{35d7a01e-49c9-4048-8095-f9e350a71077} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{669091e7-946b-4024-8514-2a3cb1124b54} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{5851bbf6-26b7-434b-a4d1-b92a05913403} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5851bbf6-26b7-434b-a4d1-b92a05913403} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\webvideo (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{907b7b37-b914-4613-8a50-d0cd6e090c86} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{9d0c06e0-dd9b-4d17-ae75-988e6cc87d33} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{dc51f59f-d0ba-4ce7-8cdb-15abf290546e} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{13ede91c-380d-4d67-aa45-d0b9097f8bc7} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\VSPlugin (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\dkwqgnbe.brvf (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\dkwqgnbe.toolbar.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\The Weather Channel (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{be84a0ff-e5f2-20d3-cdcc-c2efea910d63} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{be84a0ff-e5f2-20d3-cdcc-c2efea910d63} (Adware.BHO) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\smart antivirus-2009.exe (Rogue.SmartAntivirus) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{dc51f59f-d0ba-4ce7-8cdb-15abf290546e} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\neksolda (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\convertedwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\Start Page (Hijack.Homepage) -> Bad: (http://softwarereferral.com/jump.php?wmid=6010&mid=MjI6Ojg5&lid=2 Good: (https://www.google.com/?gws_rd=ssl -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProductId (Trojan.FakeAlert) -> Bad: (VIRUS ALERT!) Good: (76412-OEM-0059581-87337) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\International\sTimeFormat (Trojan.FakeAlert) -> Bad: (HH:mm: VIRUS ALERT!) Good: (HH:mm:ss) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowRun (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowHelp (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\StartMenuLogOff (Hijack.StartMenu) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoStartMenuMorePrograms (Hijack.StartMenu) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\StartMenuLogOff (Hijack.StartMenu) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoDrives (Hijack.Drives) -> Bad: (12) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoToolbarCustomize (Hijack.Explorer) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetFolders (Hijack.Explorer) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\CheckedValue (Hijack.System.Hidden) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispBackgroundPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop\NoChangingWallpaper (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispScrSavPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispCPL (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispAppearancePage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
C:\Program Files\webHancer (Adware.Webhancer) -> Quarantined and deleted successfully.
C:\Program Files\webHancer\Programs (Adware.Webhancer) -> Quarantined and deleted successfully.
C:\Program Files\whInstall (Adware.WebHancer) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\' (Trojan.Agent) -> Files: 471 -> Quarantined and deleted successfully.
C:\Program Files\Smart Antivirus 2009 (Rogue.SmartAntivirus) -> Quarantined and deleted successfully.
C:\Program Files\Smart Antivirus 2009\Infected (Rogue.SmartAntivirus) -> Quarantined and deleted successfully.
C:\Program Files\Smart Antivirus 2009\Suspicious (Rogue.SmartAntivirus) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Program Files\webHancer\Programs\whinstaller.exe (Adware.Webhancer) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ntz\noi560I.exe (Adware.Webhancer) -> Quarantined and deleted successfully.
C:\Program Files\webHancer\Programs\license.txt (Adware.Webhancer) -> Quarantined and deleted successfully.
C:\Program Files\webHancer\Programs\readme.txt (Adware.Webhancer) -> Quarantined and deleted successfully.
C:\Program Files\webHancer\Programs\sporder.dll (Adware.Webhancer) -> Quarantined and deleted successfully.
C:\Program Files\webHancer\Programs\whagent.ini (Adware.Webhancer) -> Quarantined and deleted successfully.
C:\Program Files\whInstall\whAgent.inf (Adware.WebHancer) -> Quarantined and deleted successfully.
C:\Program Files\whInstall\whInstaller.ini (Adware.WebHancer) -> Quarantined and deleted successfully.
C:\Program Files\Smart Antivirus 2009\vscan.tsi (Rogue.SmartAntivirus) -> Quarantined and deleted successfully.
C:\Program Files\Smart Antivirus 2009\zlib.dll (Rogue.SmartAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\1\Bureau\Smart Antivirus-2009.lnk (Rogue.SmartAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\1\Application Data\Microsoft\Internet Explorer\Quick Launch\Smart Antivirus-2009.lnk (Rogue.SmartAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\1\Application Data\TmpRecentIcons\Smart Antivirus-2009.lnk (Rogue.Link) -> Quarantined and deleted successfully.
C:\Documents and Settings\1\Bureau\Protect Your Privacy.url (Rogue.Link) -> Quarantined and deleted successfully.
C:\Documents and Settings\1\Bureau\Malware Defender.url (Rogue.Link) -> Quarantined and deleted successfully.
C:\Documents and Settings\1\Bureau\System Error Fixer.url (Rogue.Link) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\TDSSl.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\TDSSserv.sys (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pac.txt (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cmd.com (Worm.Alcra) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\netstat.com (Worm.Alcra) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ping.com (Worm.Alcra) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\regedit.com (Worm.Alcra) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tasklist.com (Worm.Alcra) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tracert.com (Worm.Alcra) -> Quarantined and deleted successfully.
C:\WINDOWS\nkefbltdvts.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\fkebanrw.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\dkwqgnbe.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\neksolda.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\SVCHOST.INI (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qbpggddqkvszqt.dll (Adware.BHO) -> Quarantined and deleted successfully.
le rapport :
Malwarebytes' Anti-Malware 1.28
Version de la base de données: 1234
Windows 5.1.2600 Service Pack 2
06/10/2008 21:09:56
mbam-log-2008-10-06 (21-09-56).txt
Type de recherche: Examen complet (C:\|E:\|F:\|)
Eléments examinés: 151626
Temps écoulé: 55 minute(s), 33 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 26
Valeur(s) du Registre infectée(s): 4
Elément(s) de données du Registre infecté(s): 18
Dossier(s) infecté(s): 7
Fichier(s) infecté(s): 31
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\whiehelperobj.whiehelperobj.1 (Adware.WebHancer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{c89435b0-cdfe-11d3-976a-00e02913a9e0} (Adware.WebHancer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c900b400-cdfe-11d3-976a-00e02913a9e0} (Adware.WebHancer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{c8cb3870-cdfe-11d3-976a-00e02913a9e0} (Adware.WebHancer) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\tdssdata (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\tdss (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\__c0038ea3 (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\whiehelperobj.whiehelperobj (Adware.WebHancer) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\webHancer Agent (Adware.WebHancer) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\webHancer (Adware.WebHancer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{6b4e4123-8c4e-49c5-ace7-8bca6c709931} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{35d7a01e-49c9-4048-8095-f9e350a71077} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{669091e7-946b-4024-8514-2a3cb1124b54} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{5851bbf6-26b7-434b-a4d1-b92a05913403} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5851bbf6-26b7-434b-a4d1-b92a05913403} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\webvideo (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{907b7b37-b914-4613-8a50-d0cd6e090c86} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{9d0c06e0-dd9b-4d17-ae75-988e6cc87d33} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{dc51f59f-d0ba-4ce7-8cdb-15abf290546e} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{13ede91c-380d-4d67-aa45-d0b9097f8bc7} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\VSPlugin (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\dkwqgnbe.brvf (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\dkwqgnbe.toolbar.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\The Weather Channel (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{be84a0ff-e5f2-20d3-cdcc-c2efea910d63} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{be84a0ff-e5f2-20d3-cdcc-c2efea910d63} (Adware.BHO) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\smart antivirus-2009.exe (Rogue.SmartAntivirus) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{dc51f59f-d0ba-4ce7-8cdb-15abf290546e} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\neksolda (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\convertedwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\Start Page (Hijack.Homepage) -> Bad: (http://softwarereferral.com/jump.php?wmid=6010&mid=MjI6Ojg5&lid=2 Good: (https://www.google.com/?gws_rd=ssl -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProductId (Trojan.FakeAlert) -> Bad: (VIRUS ALERT!) Good: (76412-OEM-0059581-87337) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\International\sTimeFormat (Trojan.FakeAlert) -> Bad: (HH:mm: VIRUS ALERT!) Good: (HH:mm:ss) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowRun (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowHelp (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\StartMenuLogOff (Hijack.StartMenu) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoStartMenuMorePrograms (Hijack.StartMenu) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\StartMenuLogOff (Hijack.StartMenu) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoDrives (Hijack.Drives) -> Bad: (12) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoToolbarCustomize (Hijack.Explorer) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetFolders (Hijack.Explorer) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\CheckedValue (Hijack.System.Hidden) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispBackgroundPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop\NoChangingWallpaper (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispScrSavPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispCPL (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispAppearancePage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
C:\Program Files\webHancer (Adware.Webhancer) -> Quarantined and deleted successfully.
C:\Program Files\webHancer\Programs (Adware.Webhancer) -> Quarantined and deleted successfully.
C:\Program Files\whInstall (Adware.WebHancer) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\' (Trojan.Agent) -> Files: 471 -> Quarantined and deleted successfully.
C:\Program Files\Smart Antivirus 2009 (Rogue.SmartAntivirus) -> Quarantined and deleted successfully.
C:\Program Files\Smart Antivirus 2009\Infected (Rogue.SmartAntivirus) -> Quarantined and deleted successfully.
C:\Program Files\Smart Antivirus 2009\Suspicious (Rogue.SmartAntivirus) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Program Files\webHancer\Programs\whinstaller.exe (Adware.Webhancer) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ntz\noi560I.exe (Adware.Webhancer) -> Quarantined and deleted successfully.
C:\Program Files\webHancer\Programs\license.txt (Adware.Webhancer) -> Quarantined and deleted successfully.
C:\Program Files\webHancer\Programs\readme.txt (Adware.Webhancer) -> Quarantined and deleted successfully.
C:\Program Files\webHancer\Programs\sporder.dll (Adware.Webhancer) -> Quarantined and deleted successfully.
C:\Program Files\webHancer\Programs\whagent.ini (Adware.Webhancer) -> Quarantined and deleted successfully.
C:\Program Files\whInstall\whAgent.inf (Adware.WebHancer) -> Quarantined and deleted successfully.
C:\Program Files\whInstall\whInstaller.ini (Adware.WebHancer) -> Quarantined and deleted successfully.
C:\Program Files\Smart Antivirus 2009\vscan.tsi (Rogue.SmartAntivirus) -> Quarantined and deleted successfully.
C:\Program Files\Smart Antivirus 2009\zlib.dll (Rogue.SmartAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\1\Bureau\Smart Antivirus-2009.lnk (Rogue.SmartAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\1\Application Data\Microsoft\Internet Explorer\Quick Launch\Smart Antivirus-2009.lnk (Rogue.SmartAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\1\Application Data\TmpRecentIcons\Smart Antivirus-2009.lnk (Rogue.Link) -> Quarantined and deleted successfully.
C:\Documents and Settings\1\Bureau\Protect Your Privacy.url (Rogue.Link) -> Quarantined and deleted successfully.
C:\Documents and Settings\1\Bureau\Malware Defender.url (Rogue.Link) -> Quarantined and deleted successfully.
C:\Documents and Settings\1\Bureau\System Error Fixer.url (Rogue.Link) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\TDSSl.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\TDSSserv.sys (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pac.txt (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cmd.com (Worm.Alcra) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\netstat.com (Worm.Alcra) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ping.com (Worm.Alcra) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\regedit.com (Worm.Alcra) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tasklist.com (Worm.Alcra) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tracert.com (Worm.Alcra) -> Quarantined and deleted successfully.
C:\WINDOWS\nkefbltdvts.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\fkebanrw.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\dkwqgnbe.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\neksolda.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\SVCHOST.INI (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qbpggddqkvszqt.dll (Adware.BHO) -> Quarantined and deleted successfully.
xploadxcr
Messages postés
147
Date d'inscription
dimanche 5 octobre 2008
Statut
Membre
Dernière intervention
19 octobre 2008
17
6 oct. 2008 à 21:15
6 oct. 2008 à 21:15
Niquel même pas besoin de te demandé le rapport donc en effet Les virus ce sont propagé jusque ton Registre ne t'inquiète pas et suis ce que je vais te dire
1 - Supprime tous les fichier que tu as dl (download ou téléchager) Et voilà ensuite utilise CCleaner et Corrige les erreurs séléctionner Au registre et le tours est jouée ^^
1 - Supprime tous les fichier que tu as dl (download ou téléchager) Et voilà ensuite utilise CCleaner et Corrige les erreurs séléctionner Au registre et le tours est jouée ^^
