Votre question

J'ai attrapé un Virus

Tags :
  • Virus
  • Sécurité
Dernière réponse : dans Sécurité et virus
Anonyme
22 Octobre 2008 13:33:39

Bonjours,

Ce matin j'ai voulu installé HITMAN BLOOD MONEY et kan j'ai debuté l'installation, une page toute bleu c'est affiché a l'ecran en me disant qu'il y avait une erreur et de redemarer mon pc. Donc je redemar et quand j'ai redemarer, là ou il y a marqué l'heure en bas a droite, il y avait marquer : ALERTE VIRUS. et dans "demarer" dans la la barre des taches, la colone de droite (avec Poste de travail, Mes documents, Mes images...) a disparu, ainsi que "Tous les programme" (a gauche dans "demarer") et le pc n'arrete pas de m'ouvrir des message d'erreur, et sur internet me renvoyer sur des sites d'erreurs en disant : "Insecure Internet activity. Threat of virus attack" ou bien : "Warning - you are infected by this site! Please, read our suggestions!"

Quelqu'un pourrait m'aider a trouver une solution le plus rapidement possible s.v.p ??

Merci

Autres pages sur : attrape virus

Anonyme
22 Octobre 2008 13:40:36

"WARNING! Your PC possible infected due to visiting exploited (hacked) site, you must to download recommended antispywar application nom! When software downloaded and installed run quick scan of Your PC and it will be scanned for the security risks. Press OK to continue"

c'est un des message d'eurreur qui s'affiche en permanance
Anonyme
22 Octobre 2008 13:40:45

"WARNING! Your PC possible infected due to visiting exploited (hacked) site, you must to download recommended antispywar application nom! When software downloaded and installed run quick scan of Your PC and it will be scanned for the security risks. Press OK to continue"

c'est un des message d'eurreur qui s'affiche en permanance
Contenus similaires
22 Octobre 2008 17:09:22

si tu as un virus sur ton ordinateur, la première chose que tu devrais faire c'est de sauvegarder tes documents et autres fichiers sur un support externe, tel un disque dur ou clé USB ... ensuite réinstalle Windows.
c'est simple, tu ré-installe le système en formatant ton disque dur, et en lançant l'installation de Win à partir du CD !

mais pour ça il ne faut pas oublier de sauvegarder tes fichiers ;) 
a b 8 Sécurité
23 Octobre 2008 11:20:08

Bonjour,

Tu peux patienter et écrire correctement ?

Télécharge puis installe Hijackthis (Trend Micro)
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2
Anonyme
23 Octobre 2008 21:24:56

Oui j'ai essayer de réinstaller windows, mais le probleme c'est je suis dans l'assistant d'installation, et qui je click sur "INSTALLER" une petite fenêtre s'affiche en me disant que le scirpt ne peut etre lancer, et il me demande si je veux continuer l'execution.. je click sur "OUI" mais rien ne se passe. et a chaque fois que je click sur "INSTALLER" sa me fait sa. j'ai essayer autre windows.. et il me dis qu'il ne peux pas telecharger les mise a jours.

je ne sais plus quoi faire.. sa fait 2jour que je me tire les cheveux
Anonyme
24 Octobre 2008 00:39:30

Voila le rapport de Hijackthis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:30: VIRUS ALERT!, on 24/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\vsnpstd2.exe
C:\WINDOWS\System32\regsvr32.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Search Settings\SearchSettings.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\lclock.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
C:\program files\steam\steam.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Teamspeak2_RC2\TeamSpeak.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\mshta.exe
C:\Documents and Settings\Tony\Bureau\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://softwarereferral.com/jump.php?wmid=6010&mid=MjI6...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://lo.st
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
F3 - REG:win.ini: run="C:\Documents and Settings\Tony\Application Data\Adobe\Manager.exe"
O2 - BHO: bannerstyles15 browser enhancer - {1F30FEAE-33A3-6669-43A3-0551E95602D1} - C:\WINDOWS\system32\ploiqazxvdxpwu.dll
O2 - BHO: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll
O2 - BHO: QXK Olive - {4CBE6DC3-3BCA-4A1E-B609-DCC669F87512} - C:\WINDOWS\aetlsrknkda.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb127\Dealio.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SpyPsy - {C420CF9F-D9D6-421F-958F-AA59906C2B12} - C:\WINDOWS\system32\SYSBAS~1.DLL (file missing)
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll
O3 - Toolbar: bkqxdons - {F9533BCB-36F0-4697-942B-3FB3473CFE57} - C:\WINDOWS\bkqxdons.dll
O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb127\Dealio.dll
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O4 - HKLM\..\Run: [SNPSTD2] C:\WINDOWS\vsnpstd2.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [lvjodnrdjdnrmsj] C:\WINDOWS\System32\regsvr32.exe /s "C:\WINDOWS\system32\ploiqazxvdxpwu.dll"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [au] C:\Program Files\Dealio\DealioAU.exe
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LClock] lclock.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [oovoo.exe] C:\Program Files\ooVoo\oovoo.exe /minimized
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [TotalSecure2009] C:\Program Files\TS-2009\scan.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [LSD_III] %systemroot%\LSD\end.cmd (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [LSD_III] %systemroot%\LSD\end.cmd (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [LSD_III] %systemroot%\LSD\end.cmd (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [LSD_III] %systemroot%\LSD\end.cmd (User 'Default user')
O4 - Startup: eMule Super Booster.lnk = C:\Program Files\eMule Super Booster\eMule Super Booster.exe
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: Compare Prices with &Dealio - C:\Documents and Settings\Tony\Application Data\Dealio\kb127\res\DealioSearch.html
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb127\Dealio.dll
O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb127\Dealio.dll
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {459E93B6-150E-45D5-8D4B-45C66FC035FE} (get_atlcom Class) - http://apps.corel.com/nos_dl_manager_dev/plugin/IEGetPl...
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld...
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichiers/hardwaredet...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O21 - SSODL: vwnskbot - {3C048566-2759-4993-A39E-EF547008188F} - C:\WINDOWS\vwnskbot.dll (file missing)
O21 - SSODL: qnflkotm - {25E3D170-5A66-4F24-B8A8-F74920561283} - C:\WINDOWS\qnflkotm.dll
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Droppix Service - Droppix - C:\Program Files\Fichiers communs\Droppix\DxService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 10813 bytes
a b 8 Sécurité
24 Octobre 2008 17:29:21

Re,

Télécharge MalwareByte's Anti-Malware sur ton Bureau.
Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.

Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
AIDE : Redémarrer en mode sans échec

  • Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
  • Afin de lancer la recherche, clic sur"Rechercher".
  • Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
    -- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
    -- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
    [#ff0000]REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

    AIDE : Tuto en images sur MBAM
    Anonyme
    25 Octobre 2008 00:31:24

    Si j'achète un Disque dur tout neuf, et que j'installe Windows dessus, es ce que ce sera bon ? Plus de Virus ? PC a neuf ?
    a b 8 Sécurité
    25 Octobre 2008 11:50:35

    Tu risques la réinfection. Fait ce que j'ai dit :) 
    26 Octobre 2008 14:14:04

    Pour info, il m'est IMPOSSIBLE de reformater le PC... J'ai essayer 2 windows et aucun de marche. Je scan ac Malwarebytes Anti-malware, je post le rapport dès qu'il est fini.
    26 Octobre 2008 15:05:31

    Malwarebytes' Anti-Malware 1.30
    Version de la base de données: 1321
    Windows 5.1.2600 Service Pack 2

    26/10/2008 14:57:59
    mbam-log-2008-10-26 (14-57-59).txt

    Type de recherche: Examen complet (C:\|)
    Eléments examinés: 84202
    Temps écoulé: 49 minute(s), 33 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 5
    Clé(s) du Registre infectée(s): 30
    Valeur(s) du Registre infectée(s): 8
    Elément(s) de données du Registre infecté(s): 15
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 13

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    C:\WINDOWS\qnflkotm.dll (Trojan.Zlob) -> Delete on reboot.
    C:\Program Files\P2P_Energy\tbP2P_.dll (Adware.HumourCanineToolbar) -> Delete on reboot.
    C:\Program Files\Conduit\Community Alerts\Alert.dll (Adware.Conduit) -> Delete on reboot.
    C:\WINDOWS\bkqxdons.dll (Trojan.FakeAlert) -> Delete on reboot.
    C:\WINDOWS\aetlsrknkda.dll (Trojan.FakeAlert) -> Delete on reboot.

    Clé(s) du Registre infectée(s):
    HKEY_CLASSES_ROOT\CLSID\{25e3d170-5a66-4f24-b8a8-f74920561283} (Trojan.Zlob) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{ac4fd1ca-9bee-4224-a1f8-006c45ecfa94} (Trojan.Zlob) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{2bae58c2-79f9-45d1-a286-81f911301c3a} (Adware.HumourCanineToolbar) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2bae58c2-79f9-45d1-a286-81f911301c3a} (Adware.HumourCanineToolbar) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2bae58c2-79f9-45d1-a286-81f911301c3a} (Adware.HumourCanineToolbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1} (Adware.Conduit) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\lospn (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\lsksaq.bho (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{d71c4af2-9e0d-4eb3-98a6-f542e6f360d9} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{c420cf9f-d9d6-421f-958f-aa59906c2b12} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{9afb8248-617f-460d-9366-d71cdeda3179} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Typelib\{10026069-7a5f-4531-811e-c8df20643bee} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c420cf9f-d9d6-421f-958f-aa59906c2b12} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c420cf9f-d9d6-421f-958f-aa59906c2b12} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\TypeLib\{8a7d71de-a302-4c58-afc3-268b5b6f2dd7} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{3863000e-8074-418a-b209-ce61153aba99} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{f9533bcb-36f0-4697-942b-3fb3473cfe57} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{f9533bcb-36f0-4697-942b-3fb3473cfe57} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\TypeLib\{58e90f3f-3256-4dff-a55f-a0b74457c9f2} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{bdf47a0c-de79-4a23-a210-9279fd248225} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{cdbb5aa1-23a2-49cf-9c98-7cb145d16f37} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{4cbe6dc3-3bca-4a1e-b609-dcc669f87512} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{4cbe6dc3-3bca-4a1e-b609-dcc669f87512} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4cbe6dc3-3bca-4a1e-b609-dcc669f87512} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\VSPlugin (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\bkqxdons.bdpf (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\bkqxdons.toolbar.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1f30feae-33a3-6669-43a3-0551e95602d1} (Adware.BHO) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{1f30feae-33a3-6669-43a3-0551e95602d1} (Adware.BHO) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\qnflkotm (Trojan.Zlob) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{2bae58c2-79f9-45d1-a286-81f911301c3a} (Adware.HumourCanineToolbar) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{2bae58c2-79f9-45d1-a286-81f911301c3a} (Adware.HumourCanineToolbar) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{2bae58c2-79f9-45d1-a286-81f911301c3a} (Adware.HumourCanineToolbar) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\TotalSecure2009 (Rogue.TotalSecure) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\run (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{f9533bcb-36f0-4697-942b-3fb3473cfe57} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\vwnskbot (Trojan.FakeAlert) -> Quarantined and deleted successfully.

    Elément(s) de données du Registre infecté(s):
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\Start Page (Hijack.Homepage) -> Bad: (http://softwarereferral.com/jump.php?wmid=6010&mid=MjI6...) Good: (http://www.google.com/) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProductId (Trojan.FakeAlert) -> Bad: (VIRUS ALERT!) Good: (55274-640-0077061-23487) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Control Panel\International\sTimeFormat (Trojan.FakeAlert) -> Bad: (HH:mm: VIRUS ALERT!) Good: (HH:mm:ss) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowControlPanel (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowRun (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowSearch (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowHelp (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyDocs (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyComputer (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoStartMenuMorePrograms (Hijack.StartMenu) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\StartMenuLogOff (Hijack.StartMenu) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoToolbarCustomize (Hijack.Explorer) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetFolders (Hijack.Explorer) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispCPL (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    C:\WINDOWS\qnflkotm.dll (Trojan.Zlob) -> Delete on reboot.
    C:\Program Files\P2P_Energy\tbP2P_.dll (Adware.HumourCanineToolbar) -> Delete on reboot.
    C:\Program Files\Conduit\Community Alerts\Alert.dll (Adware.Conduit) -> Delete on reboot.
    C:\Documents and Settings\Tony\Bureau\barre des taches\keygen.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
    C:\Program Files\P2P_Energy\P2P_EnergyToolbarHelper.exe (Adware.HumourCanineToolbar) -> Quarantined and deleted successfully.
    C:\WINDOWS\ensw.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\WINDOWS\woprdagt.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\WINDOWS\bkqxdons.dll (Trojan.FakeAlert) -> Delete on reboot.
    C:\WINDOWS\aetlsrknkda.dll (Trojan.FakeAlert) -> Delete on reboot.
    C:\WINDOWS\k.txt (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\EoRezo (Rogue.Eorezo) -> Delete on reboot.
    C:\Documents and Settings\Tony\Application Data\TmpRecentIcons\Total Secure 2009.lnk (Rogue.Link) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\ploiqazxvdxpwu.dll (Adware.BHO) -> Delete on reboot.
    a b 8 Sécurité
    27 Octobre 2008 12:31:18

    Reposte un rapport Hijackthis.
    28 Octobre 2008 20:12:36

    Apres avoir telechargé Malwarebytes anti-malware, j'ai fais le scan que j'ai poster, et j'ai redemarer mon PC et depuis .. Plus de Virus :D :D , j'ai retrouver mon acces au poste de travail, au gestionnaires des taches, ma colones de droite dans le menu demarer comprenant "Poste de travail, Mes documents,... Et tous les programmes." Je sais pas si c'est grace a ton logiciel mais en tout cas merci beaucoup. j'allais racheter un Disque Dur voir un nouveau PC =O. Tu veux que je te post quand meme un rapport Hijackthis ?
    a b 8 Sécurité
    28 Octobre 2008 20:41:59

    Oui.
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS