A voir également:
- PC infecté par des malware et des trojans!!
- Benchmark pc - Guide
- Reinitialiser pc - Guide
- Pc lent - Guide
- Whatsapp pc - Télécharger - Messagerie
- Double ecran pc - Guide
12 réponses
Etant donné que mes données sont sauvegardées sur un disque dur externe, est-ce que vous me conseillez de réinstaller tout? Et si je ne le fais pas et que j'arrive à effacer les malware, est-ce que mon pc pourrait être endommagé?
D'accord. J'ai lancé l'analyse avec Malwarebytes'Anti-Malware. Déjà 30 éléments infectés ont été détectés. Encore merci de votre aide!
Désolée, c'est un peu long, car je fais une analyse complète. Mais une fois finie, je poste le rapport.
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Voilà le rapport:
Malwarebytes' Anti-Malware 1.29
Version de la base de données: 1286
Windows 5.1.2600 Service Pack 2
18/10/2008 22:54:57
mbam-log-2008-10-18 (22-54-42).txt
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 113630
Temps écoulé: 43 minute(s), 53 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 5
Clé(s) du Registre infectée(s): 23
Valeur(s) du Registre infectée(s): 9
Elément(s) de données du Registre infecté(s): 11
Dossier(s) infecté(s): 2
Fichier(s) infecté(s): 19
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
C:\WINDOWS\system32\vtUkJyaa.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\yayvUKca.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\qrbgltos.dll (Trojan.Zlob) -> No action taken.
C:\WINDOWS\system32\huibqpst.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\hefbsx.dll (Trojan.Vundo) -> No action taken.
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3e9acb82-bd1b-4d77-80a4-bd70b3c0bed3} (Trojan.Vundo.H) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{3e9acb82-bd1b-4d77-80a4-bd70b3c0bed3} (Trojan.Vundo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{98a7f8e9-a89b-4e97-9b9e-cfd6a7867d3e} (Trojan.Vundo.H) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{98a7f8e9-a89b-4e97-9b9e-cfd6a7867d3e} (Trojan.Vundo.H) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{758f6d53-dcc7-4ccf-9080-4b6f9389f641} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\yayvukca (Trojan.Vundo) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{f1896981-02db-4a2d-b491-be04b4d932c2} (Trojan.Zlob) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{0985908e-a25a-4136-8ae1-212784997a77} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{2fce2a1b-54fd-45d4-8993-9998a642a000} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{69c9c6ad-8e5c-47f8-8abf-acb45d8b770a} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{21ef06f5-1ff1-4662-859c-ac1455b8d833} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{9fec9491-3c41-4ab3-add3-8cf089a9963e} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{b9ec6dae-6c4e-4487-ac3a-29bc082ea66f} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{bf5d7127-12fe-403c-aa5c-07186d84a5ce} (Trojan.FakeAlert) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf5d7127-12fe-403c-aa5c-07186d84a5ce} (Trojan.FakeAlert) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\VSPlugin (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\rosqxvmn.baed (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\rosqxvmn.toolbar.1 (Trojan.FakeAlert) -> No action taken.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\spybotdeletingb2813 (Trojan.Vundo.H) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\spybotdeletingd9980 (Trojan.Vundo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\spybotdeletinga334 (Trojan.Vundo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\spybotdeletingc8691 (Trojan.Vundo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{758f6d53-dcc7-4ccf-9080-4b6f9389f641} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\qrbgltos (Trojan.Zlob) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components\0\source (Trojan.FakeAlert) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{69c9c6ad-8e5c-47f8-8abf-acb45d8b770a} (Trojan.FakeAlert) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\ngwstxfd (Trojan.FakeAlert) -> No action taken.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\vtukjyaa -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\vtukjyaa -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\Start Page (Hijack.Homepage) -> Bad: (http://softwarereferral.com/jump.php?wmid=6010&mid=MjI6Ojg5&lid=2 Good: (https://www.google.com/?gws_rd=ssl -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowControlPanel (Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowRun (Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowSearch (Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowHelp (Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyDocs (Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyComputer (Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\StartMenuLogOff (Hijack.StartMenu) -> Bad: (1) Good: (0) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoToolbarCustomize (Hijack.Explorer) -> Bad: (1) Good: (0) -> No action taken.
Dossier(s) infecté(s):
C:\WINDOWS\privacy_danger (Trojan.FakeAlert) -> No action taken.
C:\WINDOWS\privacy_danger\images (Trojan.FakeAlert) -> No action taken.
Fichier(s) infecté(s):
C:\WINDOWS\system32\hefbsx.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\vtUkJyaa.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\aayJkUtv.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\aayJkUtv.ini2 (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\uhgfnwhq.dll_old (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\qhwnfghu.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\yayvUKca.dll (Trojan.Vundo) -> No action taken.
J'attends vos instructions!
Malwarebytes' Anti-Malware 1.29
Version de la base de données: 1286
Windows 5.1.2600 Service Pack 2
18/10/2008 22:54:57
mbam-log-2008-10-18 (22-54-42).txt
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 113630
Temps écoulé: 43 minute(s), 53 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 5
Clé(s) du Registre infectée(s): 23
Valeur(s) du Registre infectée(s): 9
Elément(s) de données du Registre infecté(s): 11
Dossier(s) infecté(s): 2
Fichier(s) infecté(s): 19
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
C:\WINDOWS\system32\vtUkJyaa.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\yayvUKca.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\qrbgltos.dll (Trojan.Zlob) -> No action taken.
C:\WINDOWS\system32\huibqpst.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\hefbsx.dll (Trojan.Vundo) -> No action taken.
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3e9acb82-bd1b-4d77-80a4-bd70b3c0bed3} (Trojan.Vundo.H) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{3e9acb82-bd1b-4d77-80a4-bd70b3c0bed3} (Trojan.Vundo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{98a7f8e9-a89b-4e97-9b9e-cfd6a7867d3e} (Trojan.Vundo.H) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{98a7f8e9-a89b-4e97-9b9e-cfd6a7867d3e} (Trojan.Vundo.H) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{758f6d53-dcc7-4ccf-9080-4b6f9389f641} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\yayvukca (Trojan.Vundo) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{f1896981-02db-4a2d-b491-be04b4d932c2} (Trojan.Zlob) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{0985908e-a25a-4136-8ae1-212784997a77} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{2fce2a1b-54fd-45d4-8993-9998a642a000} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{69c9c6ad-8e5c-47f8-8abf-acb45d8b770a} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{21ef06f5-1ff1-4662-859c-ac1455b8d833} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{9fec9491-3c41-4ab3-add3-8cf089a9963e} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{b9ec6dae-6c4e-4487-ac3a-29bc082ea66f} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{bf5d7127-12fe-403c-aa5c-07186d84a5ce} (Trojan.FakeAlert) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf5d7127-12fe-403c-aa5c-07186d84a5ce} (Trojan.FakeAlert) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\VSPlugin (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\rosqxvmn.baed (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\rosqxvmn.toolbar.1 (Trojan.FakeAlert) -> No action taken.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\spybotdeletingb2813 (Trojan.Vundo.H) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\spybotdeletingd9980 (Trojan.Vundo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\spybotdeletinga334 (Trojan.Vundo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\spybotdeletingc8691 (Trojan.Vundo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{758f6d53-dcc7-4ccf-9080-4b6f9389f641} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\qrbgltos (Trojan.Zlob) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components\0\source (Trojan.FakeAlert) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{69c9c6ad-8e5c-47f8-8abf-acb45d8b770a} (Trojan.FakeAlert) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\ngwstxfd (Trojan.FakeAlert) -> No action taken.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\vtukjyaa -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\vtukjyaa -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\Start Page (Hijack.Homepage) -> Bad: (http://softwarereferral.com/jump.php?wmid=6010&mid=MjI6Ojg5&lid=2 Good: (https://www.google.com/?gws_rd=ssl -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowControlPanel (Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowRun (Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowSearch (Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowHelp (Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyDocs (Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyComputer (Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\StartMenuLogOff (Hijack.StartMenu) -> Bad: (1) Good: (0) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoToolbarCustomize (Hijack.Explorer) -> Bad: (1) Good: (0) -> No action taken.
Dossier(s) infecté(s):
C:\WINDOWS\privacy_danger (Trojan.FakeAlert) -> No action taken.
C:\WINDOWS\privacy_danger\images (Trojan.FakeAlert) -> No action taken.
Fichier(s) infecté(s):
C:\WINDOWS\system32\hefbsx.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\vtUkJyaa.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\aayJkUtv.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\aayJkUtv.ini2 (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\uhgfnwhq.dll_old (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\qhwnfghu.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\yayvUKca.dll (Trojan.Vundo) -> No action taken.
J'attends vos instructions!
Voilà, j'ai cliquer sur supprimer pour corriger les problèmes. Voilà le rapport. Il semblerait que tout soit corrigé.
Malwarebytes' Anti-Malware 1.29
Version de la base de données: 1286
Windows 5.1.2600 Service Pack 2
18/10/2008 23:08:37
mbam-log-2008-10-18 (23-08-37).txt
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 113630
Temps écoulé: 43 minute(s), 53 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 5
Clé(s) du Registre infectée(s): 23
Valeur(s) du Registre infectée(s): 9
Elément(s) de données du Registre infecté(s): 11
Dossier(s) infecté(s): 2
Fichier(s) infecté(s): 19
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
C:\WINDOWS\system32\vtUkJyaa.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\yayvUKca.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\qrbgltos.dll (Trojan.Zlob) -> Delete on reboot.
C:\WINDOWS\system32\huibqpst.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\hefbsx.dll (Trojan.Vundo) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3e9acb82-bd1b-4d77-80a4-bd70b3c0bed3} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3e9acb82-bd1b-4d77-80a4-bd70b3c0bed3} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{98a7f8e9-a89b-4e97-9b9e-cfd6a7867d3e} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{98a7f8e9-a89b-4e97-9b9e-cfd6a7867d3e} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{758f6d53-dcc7-4ccf-9080-4b6f9389f641} (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\yayvukca (Trojan.Vundo) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{f1896981-02db-4a2d-b491-be04b4d932c2} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{0985908e-a25a-4136-8ae1-212784997a77} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2fce2a1b-54fd-45d4-8993-9998a642a000} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{69c9c6ad-8e5c-47f8-8abf-acb45d8b770a} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{21ef06f5-1ff1-4662-859c-ac1455b8d833} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{9fec9491-3c41-4ab3-add3-8cf089a9963e} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{b9ec6dae-6c4e-4487-ac3a-29bc082ea66f} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{bf5d7127-12fe-403c-aa5c-07186d84a5ce} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf5d7127-12fe-403c-aa5c-07186d84a5ce} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\VSPlugin (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\rosqxvmn.baed (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\rosqxvmn.toolbar.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\spybotdeletingb2813 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\spybotdeletingd9980 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\spybotdeletinga334 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\spybotdeletingc8691 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{758f6d53-dcc7-4ccf-9080-4b6f9389f641} (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\qrbgltos (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components\0\source (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{69c9c6ad-8e5c-47f8-8abf-acb45d8b770a} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\ngwstxfd (Trojan.FakeAlert) -> Delete on reboot.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\vtukjyaa -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\vtukjyaa -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\Start Page (Hijack.Homepage) -> Bad: (http://softwarereferral.com/jump.php?wmid=6010&mid=MjI6Ojg5&lid=2 Good: (https://www.google.com/?gws_rd=ssl -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowControlPanel (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowRun (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowSearch (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowHelp (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyDocs (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyComputer (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\StartMenuLogOff (Hijack.StartMenu) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoToolbarCustomize (Hijack.Explorer) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
C:\WINDOWS\privacy_danger (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\privacy_danger\images (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\WINDOWS\system32\hefbsx.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\vtUkJyaa.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\aayJkUtv.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\aayJkUtv.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\uhgfnwhq.dll_old (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\qhwnfghu.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yayvUKca.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\qrbgltos.dll (Trojan.Zlob) -> Delete on reboot.
C:\WINDOWS\system32\huibqpst.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\rqRKARjG.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\privacy_danger\index.htm (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\privacy_danger\images\body.gif (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\privacy_danger\images\capt.gif (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\privacy_danger\images\capt2.gif (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\privacy_danger\images\red.gif (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\privacy_danger\images\text.gif (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\rosqxvmn.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\lomxeqsn.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\grfxbanomok.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Malwarebytes' Anti-Malware 1.29
Version de la base de données: 1286
Windows 5.1.2600 Service Pack 2
18/10/2008 23:08:37
mbam-log-2008-10-18 (23-08-37).txt
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 113630
Temps écoulé: 43 minute(s), 53 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 5
Clé(s) du Registre infectée(s): 23
Valeur(s) du Registre infectée(s): 9
Elément(s) de données du Registre infecté(s): 11
Dossier(s) infecté(s): 2
Fichier(s) infecté(s): 19
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
C:\WINDOWS\system32\vtUkJyaa.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\yayvUKca.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\qrbgltos.dll (Trojan.Zlob) -> Delete on reboot.
C:\WINDOWS\system32\huibqpst.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\hefbsx.dll (Trojan.Vundo) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3e9acb82-bd1b-4d77-80a4-bd70b3c0bed3} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3e9acb82-bd1b-4d77-80a4-bd70b3c0bed3} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{98a7f8e9-a89b-4e97-9b9e-cfd6a7867d3e} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{98a7f8e9-a89b-4e97-9b9e-cfd6a7867d3e} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{758f6d53-dcc7-4ccf-9080-4b6f9389f641} (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\yayvukca (Trojan.Vundo) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{f1896981-02db-4a2d-b491-be04b4d932c2} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{0985908e-a25a-4136-8ae1-212784997a77} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2fce2a1b-54fd-45d4-8993-9998a642a000} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{69c9c6ad-8e5c-47f8-8abf-acb45d8b770a} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{21ef06f5-1ff1-4662-859c-ac1455b8d833} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{9fec9491-3c41-4ab3-add3-8cf089a9963e} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{b9ec6dae-6c4e-4487-ac3a-29bc082ea66f} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{bf5d7127-12fe-403c-aa5c-07186d84a5ce} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf5d7127-12fe-403c-aa5c-07186d84a5ce} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\VSPlugin (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\rosqxvmn.baed (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\rosqxvmn.toolbar.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\spybotdeletingb2813 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\spybotdeletingd9980 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\spybotdeletinga334 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\spybotdeletingc8691 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{758f6d53-dcc7-4ccf-9080-4b6f9389f641} (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\qrbgltos (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components\0\source (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{69c9c6ad-8e5c-47f8-8abf-acb45d8b770a} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\ngwstxfd (Trojan.FakeAlert) -> Delete on reboot.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\vtukjyaa -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\vtukjyaa -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\Start Page (Hijack.Homepage) -> Bad: (http://softwarereferral.com/jump.php?wmid=6010&mid=MjI6Ojg5&lid=2 Good: (https://www.google.com/?gws_rd=ssl -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowControlPanel (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowRun (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowSearch (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowHelp (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyDocs (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyComputer (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\StartMenuLogOff (Hijack.StartMenu) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoToolbarCustomize (Hijack.Explorer) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
C:\WINDOWS\privacy_danger (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\privacy_danger\images (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\WINDOWS\system32\hefbsx.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\vtUkJyaa.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\aayJkUtv.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\aayJkUtv.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\uhgfnwhq.dll_old (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\qhwnfghu.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yayvUKca.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\qrbgltos.dll (Trojan.Zlob) -> Delete on reboot.
C:\WINDOWS\system32\huibqpst.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\rqRKARjG.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\privacy_danger\index.htm (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\privacy_danger\images\body.gif (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\privacy_danger\images\capt.gif (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\privacy_danger\images\capt2.gif (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\privacy_danger\images\red.gif (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\privacy_danger\images\text.gif (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\rosqxvmn.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\lomxeqsn.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\grfxbanomok.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Alors certains fichiers n'ont pas pu être supprimés. Malwarebytes'Anti-malware me propose de redémarrer l'oridnateur? Est-ce que vous me le conseillez? car j'ai peur qu'en rallumant l'ordi, le malware n'infecte encore plus mon ordi.
J'ai redémarré mon pc. Et à première vue, tout va bien. J'ai réussi à remettre mon fond d'écran (alors que tout à l'heure, le menu était désactivé par le malware). Je refais actuellement une analyse pour être bien sûre. Merci beaucoup de votre aide! Le logiciel Malwarebytes' Anti-malware est une belle trouvaille!! Bonne soirée.
kev85270
Messages postés
429
Date d'inscription
dimanche 5 août 2007
Statut
Membre
Dernière intervention
17 janvier 2014
45
18 oct. 2008 à 22:08
18 oct. 2008 à 22:08
http://www.commentcamarche.net/telecharger/telecharger 34055379 malwarebyte s anti malware
petit logiciel efficace
petit logiciel efficace
spirou 3333
Messages postés
132
Date d'inscription
mardi 19 août 2008
Statut
Membre
Dernière intervention
18 octobre 2008
15
18 oct. 2008 à 22:09
18 oct. 2008 à 22:09
salut
si tu reinstalle avec ton cd de sauvegarde tu retrouveras ton pc comme au premier jour mais tu perdras tout tes
fichiers personnels
si tu reinstalle avec ton cd de sauvegarde tu retrouveras ton pc comme au premier jour mais tu perdras tout tes
fichiers personnels
raptor789
Messages postés
757
Date d'inscription
vendredi 13 juin 2008
Statut
Membre
Dernière intervention
25 novembre 2008
25
18 oct. 2008 à 22:17
18 oct. 2008 à 22:17
ne reformate pas ton disque, je pense qu'il y a toujours une solution...
selon moi (mais je ne suis pas sûr donc, attend l'avis d'un comfirmé)
- pour virtumonde : vundofix ou combofix
- pour smitfraud : smitfraudfix...
pour l'instant tu peux faire un scan complet en mode sans échec avec malwarebytes anti-malware et poster le rapport dans ta prochaine réponse.
si MBAM trouve des infections, supprime les.
selon moi (mais je ne suis pas sûr donc, attend l'avis d'un comfirmé)
- pour virtumonde : vundofix ou combofix
- pour smitfraud : smitfraudfix...
pour l'instant tu peux faire un scan complet en mode sans échec avec malwarebytes anti-malware et poster le rapport dans ta prochaine réponse.
si MBAM trouve des infections, supprime les.
raptor789
Messages postés
757
Date d'inscription
vendredi 13 juin 2008
Statut
Membre
Dernière intervention
25 novembre 2008
25
18 oct. 2008 à 22:24
18 oct. 2008 à 22:24
c'est normal que malwarebytes trouve des infections, tu es infecté par virtumonde et smtifraud en même temps donc...
n'oublie pas de poster le rapport ensuite.
n'oublie pas de poster le rapport ensuite.
