Home > Windows Xp > Windows XP BAT/fake.PrivDanger Virus

Windows XP BAT/fake.PrivDanger Virus

SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» Arret des processus »»»»»»»»»»»»»»»»»»»»»»»» hosts 127.0.0.1 localhost 127.0.0.1 bin.errorprotector.com ## added by CiD 127.0.0.1 br.errorsafe.com ## added by CiD 127.0.0.1 br.winantivirus.com ## added by Double-clique sur DSS.exe pour lancer l'outil. c'est le bazar sur mon ordi ... Sorry, you don't have permission for that! [#2000] You are not allowed to visit this community. http://roguewb.com/windows-xp/fake-antivirus-list.html

C:\WINDOWS\vadokmxt.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully. Change the Files of type to Text file (.txt) before clicking on the Save button.How is your PC running? I just downloaded SDfix and HiJackThis. Poste le rapport.

Sign In Use Facebook Use Twitter Use Windows Live Register now! Utile +0 Signaler privious 25Messages postés jeudi 1 mai 2008Date d'inscription 29 mai 2008 Dernière intervention 28 mai 2008 à 22:05 j'ai continué quand même de suivre tes directive malgrés les KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe () C:\Users\DJL\AppData\Roaming\baidu\BaiduYunGuanjia\yundetectservice.exe () C:\Users\DJL\AppData\Roaming\Lantern\lantern.exe () C:\Users\DJL\AppData\Roaming\Lantern\lantern.exe (Avira Operations GmbH \u0026 Co. Copy (Control + C) and Paste (Control + V) the content into the notepad window:File:: C:\WINDOWS\system32\yjdmtfax.VIR000 C:\WINDOWS\system32\ssqRiGwU.VIR000 C:\WINDOWS\lnvegaow.exe C:\WINDOWS\system32\khfGyVmN.VIR Driver:: oflpydin Registry:: [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoFavoritesMenu"=- "NoRecentDocsNetHood"=- "NoSMHelp"=- [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoFavoritesMenu"=- "NoRecentDocsNetHood"=- "NoSMHelp"=-Now in

iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Comme le titre l'indique c'est 2 virus qui reviennent sans cesse.L'antivirus les a surpprimé plusieurs fois sans succès, ils reviennent toujours. The file will not be moved.) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated) HKLM\...\Run: [Daemon for Mouse Suite] => C:\Program Files\Lenovo\Lenovo Mouse Suite\ICO.EXE [94528 2015-08-24] C:\Documents and Settings\JALEL\Application Data\Microsoft\Internet Explorer\Quick Launch\XP Antivirus 2008.lnk (Rogue.XPAntivirus) -> Quarantined and deleted successfully.

Back to top #5 DJKdjk DJKdjk Topic Starter Members 9 posts ONLINE Local time:03:19 PM Posted 16 March 2017 - 07:01 AM Other symptoms: whenever I open Avira, or charge KG) HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes) HKU\S-1-5-21-4268989145-4028146873-3326586853-1001\...\Run: [BaiduYunDetect] => C:\Users\DJL\AppData\Roaming\baidu\BaiduYunGuanjia\YunDetectService.exe [1051680 2017-01-09] () HKU\S-1-5-21-4268989145-4028146873-3326586853-1001\...\Run: [Lantern] => C:\Users\DJL\AppData\Roaming\Lantern\lantern.exe [15832864 2017-02-09] () HKU\S-1-5-21-4268989145-4028146873-3326586853-1001\...\Run: [Avira Scout Update] => C:\Users\DJL\AppData\Local\Avira\Scout Update\ScoutUpdate.exe Valeur(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{a6c54318-5ac7-477d-b0a7-49af5189300c} (Trojan.Vundo) -> Quarantined and deleted successfully. Utile +0 Signaler Lyonnais92 25181Messages postés vendredi 23 juin 2006Date d'inscription Contributeur sécuritéStatut 16 septembre 2016 Dernière intervention 28 mai 2008 à 23:15 Re, celui-là, je ne l'avais pas vu; ouvre

D:\Documents and Settings\BERTRAND Béatrice\Application Data\DriveCleaner 2006 Free (Rogue.DriveCleaner) -> Quarantined and deleted successfully. Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: MSVPS System - {283A0EE3-2CC1-45AB-8207-B1D7B69C7F83} - KG) R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [25232 2016-12-09] (Avira Operations GmbH & Co. Les problèmes qui en découlent sont les suivants : - ralentissement de mon pc - Windows internet explorer qui s'ouvre intempestivement avec "System Defender Sécurity Center. - le fond d'écran de

  1. Colle le contenu ici dans ta prochaine réponse

    (Publicité) louise53 Posté le 03/03/2008à11:35:16 bonjour....et merci pour la rapidité j'ai téléchargé le logiciel et le guide, j'envoie le + vite possible les
  2. Laisse-toi guider.
  3. KG) S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [23416 2017-01-18] () S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed] R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [266328 2016-11-25] (Synaptics
  4. Back to top #3 DJKdjk DJKdjk Topic Starter Members 9 posts ONLINE Local time:03:19 PM Posted 16 March 2017 - 06:01 AM Update: I scanned with Malwarebytes and got the
  5. When I scan with Avira nothing gets found.
  6. Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast!

Ensuite double clique sur navilog1.exe pour lancer l'installation. http://www.commentcamarche.net/forum/affich-6608636-urgent-svp-virus-bat-fake-privdanger KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel Security Assist\isaHelperService.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Autodesk, Inc.) C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe (Avira Operations GmbH & Co. Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [476736 2016-12-19] (Avira Operations GmbH & Co.

Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): C:\Program Files\Fichiers communs\DriveCleaner 2006 Free (Rogue.DriveCleaner) -> Quarantined and deleted successfully. this content VACFix Credits: Malware Analysis & Diagnostic Code: S!Ri +--------------------------------------------------+ [!] Suspicious: boqnrwdmkrs.dll BHO: QXK Olive - {11B771F0-C8FD-426A-B537-F9AAE4059895} TypeLib: {45823166-7944-457F-B091-26478667AAC9} Interface: {1267B2B6-E866-47EC-92A5-2A9F60BB4629} Interface: {CC7FA1BC-8E6A-42D4-ABB7-F30D4032EC5F} +--------------------------------------------------+ [!] Suspicious: boqnrwdmmfv.dll BHO: QXK Olive - IEDFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» VACFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! Il doit comprendre la taille du fichier envoyé.

Please re-enable javascript to access full functionality. scanning hidden autostart entries ... C:\Program Files\XP Antivirus (Rogue.XPAntivirus) -> Quarantined and deleted successfully. weblink Poster ce rapport sur le forum pour le faire analyser !!! !!!

Version information: 2.2.1064. [+] Started on 08/25/07 at 15:34:49. [+] Initializing ... [+] Starting scan, press Ctrl-C to abort. [+] Scanning for hidden items ............................................ [+] Scan complete. [+] Summary: 0 Signaler BEA31 16Messages postés mardi 24 juin 2008Date d'inscription 27 juin 2008 Dernière intervention - 25 juin 2008 à 22:49 Il est tard quand tu en as marre dis le # Utile +0 Signaler privious 25Messages postés jeudi 1 mai 2008Date d'inscription 29 mai 2008 Dernière intervention 28 mai 2008 à 22:14 Deckard's System Scanner v20071014.68 Run by JALEL on 2008-05-28 22:13:27

Click on View Scan Report.You will see a list of infected items there.

Laisse le scanner le pc... Read the EULA (End User License Agreement) - Find out exactly what you are downloading. Several functions may not work. Click Run.When the downloads have finished, click on Settings.Make sure these boxes are checked (ticked).

Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, Here is the FRST.txt Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017 Ran by djk (administrator) on DESKTOP-K31PDH6 (17-03-2017 08:58:08) Running from C:\Users\DJL\Desktop Loaded Profiles: djk (Available KG) HKU\S-1-5-21-4268989145-4028146873-3326586853-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3019552 2017-03-14] (Valve Corporation) HKU\S-1-5-21-4268989145-4028146873-3326586853-1001\...\Policies\Explorer: [] HKU\S-1-5-21-4268989145-4028146873-3326586853-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [37376 2016-07-16] (Microsoft Corporation) ShellIconOverlayIdentifiers: [AAADesktopTips] -> {4562B511-62E9-4533-B7B2-56A8BB10B482} => C:\Users\Public\Thunder Network\KanKan\reghelper\xappex.1.1.1.85.(226).dll [2016-04-21] (深圳市迅雷网络技术有限公司) ShellIconOverlayIdentifiers: check over here Attached Files Report.txt 2.57KB 170 downloads 0 #15 Mike Posted 09 August 2008 - 04:34 AM Mike Malware Monger Retired Staff 2,745 posts Hi there Empty out this folder(i.e delete everything

C:\WINDOWS\wmpenv.dll PRESENT ! »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32 »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles »»»»»»»»»»»»»»»»»»»»»»»» D:\Documents and Settings\G »»»»»»»»»»»»»»»»»»»»»»»» D:\Documents and Settings\G\Application Data »»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer »»»»»»»»»»»»»»»»»»»»»»»» D:\DOCUME~1\G~1\Favoris »»»»»»»»»»»»»»»»»»»»»»»» Bureau »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files »»»»»»»»»»»»»»»»»»»»»»»» Utile +0 Signaler Utilisateur anonyme 25 juin 2008 à 22:35 va dans poste de travail entre dans le disque C cherche : OTMoveIt\MovedFiles Signaler BEA31 16Messages postés mardi 24 juin 2008Date