Home > Trojan Horse > Trojan Horse PSW.generic2.rfg

Trojan Horse PSW.generic2.rfg

Recevez notre newsletter Inscrivez-vous Equipe Conditions générales Données personnelles Contact Charte Partenaires Recrutement Formation Annonceurs CCM Benchmark Group NextPLZ, Actualités, Carte de voeux, Jeux en ligne, Coloriages, Cinéma, Déco, Dictionnaire, Horoscope, Save it as fix.reg on your Desktop.Windows Registry Editor Version 5.00 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "winlogon"=- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "winlogon"=- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] "NoAdminPage"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableRegistryTools"=dword:00000000 Now double-click fix.reg.A window will come up asking if you want to Join over 733,556 other people just like you! Trojan Horse PSW.generic2.rfg Discussion in 'Virus & Other Malware Removal' started by Solidus18, Dec 9, 2006. weblink

Attempting to delete C:\WINDOWS\system32\jkhfe.dll C:\WINDOWS\system32\jkhfe.dll Could not be deleted. Tutoriels Windows 10 : quelle est ma version de Windows, comment savoir ? Please perform the following scan:We need to create an OTL Report Please download OTL from here:Main MirrorSave it to your desktop.Double click on the icon on your desktop.Click the "Scan All Be careful of what you download off of web sites and Peer-2-Peer networks.

If you are browsing the Internet and a pop up appears saying that you are infected, ignore it!. Click Exit on the Main menu to close the program. i ran the winpfind2 program, but it hung on 'scanning registry' for about 45mins, and wouldnt move on... Encore une fois, merci de ce coup de main!

Voici le contenu de mon fichier C:\VundoFix.txt /* VundoFix V6.2.13 Checking Java version... The first one was last Sunday, Nov 12, the second today Sunday Nov 19 (Trojan Horse PSW.Generic2.RFG in Windows\system32\wndiacvm.dll. The HJT worked after performing the scan, it is shown below: _________________________________________________________________________Logfile of HijackThis v1.99.1Scan saved at 00:21:46, on 11/02/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exeC:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exeC:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exeC:\WINDOWS\system32\slserv.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\ehome\ehtray.exeC:\WINDOWS\eHome\ehmsas.exeC:\WINDOWS\system32\TGVFDMsgservice.exeC:\WINDOWS\system32\RunDll32.exeC:\Program Using the site is easy and fun.

Le trojan m'empêche d'utiliser Internet Explorer version 7. After that please open up Notepad and copy all of the items in the code box below.Change the "Save As Type" to "All Files". Beginning removal... If you receive an attachment from someone you know, and it looks suspicious, then it probably is.

A tactic that some developers use is to offer their software for free, but have spyware and other programs you do not want bundled with it. Simple as that. Fixing Registry Permissions... Java version is Java version is Java version is Java version is Scan started at 23:42:54 2006-12-04 Listing files found while scanning....

  1. Flag Permalink This was helpful (0) Collapse - Yes there was a Yahoo virus too.
  2. If you use Opera browser Click Opera at the top and choose: Select All Click the Empty Selected button.
  3. Done! */ Et voici maintenant le contenu de HijackThis.exe /* Logfile of HijackThis v1.99.1 Scan saved at 02:43:47, on 2006-12-05 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0011)
  4. by R.
  5. Under "How to act?", click on "Recommended actions" and choose "Quarantine" to set default action for detected malware.
  6. Colle son rapport ici.
  7. Démarre l'ordinateur.
  8. Logfile of HijackThis v1.99.1 Scan saved at 17:03:21, on 2006-12-04 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0011) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program
  9. Please start a New Thread if you're having a similar issue.View our Welcome Guide to learn how to use this site.

I disabled auto restart, and got a blue screen with this error: Stop: C000 021a Fatal System Error Status 0xc000 0135 (0x0000 0000 0x0000 0000) I restored the vgi.dll file from Upload a file Leave a comment Please enable JavaScript to add new comment comments powered by Disqus. http://www.filehippo.com/download_ccleaner.html Installe le dans un répertoire dédié. Attempting to delete C:\WINDOWS\system32\jkhfe.dll C:\WINDOWS\system32\jkhfe.dll Could not be deleted.

You can check these by visiting Secunia Software Inspector and Calendar of Updates.Install an AntiSpyware ProgramA highly recommended AntiSpyware program is SuperAntiSpyware. have a peek at these guys Notepad will open with the report file loaded in it.Click the Format menu and make sure that Wordwrap is not checked. When you move the files back, be sure that you have updated, active anti-virus software running on your computer.Some words of advice to avoid another infection-Please take the time to read Performing Repairs to the registry.

Les manipulations sont à faire sans interruption et dans l'ordre. I have tried to clean the pc with the AVG rescue CD, and it only finds the same file to remove, with the same results. Under the Hidden files and folders heading, select Show hidden files and folders.Uncheck: Hide file extensions for known file typesUncheck the Hide protected operating system files (recommended) option.Click Yes to confirm.Now, check over here O4 - Global Startup: Digital Line Detect.lnk = ?

It will create a folder named WinPFind2 on your desktop.Open the folder and double-click on winpfind2.exe to start the program.Click on the Services tab.From the two drop down boxes next to The file c:\windows\system32\vgi.dll is infected with Trojan horse PSW.Agent.ALSP. This is where they make their money.

No infected files were found.

SHOW ME NOW CNET © CBS Interactive Inc.  /  All Rights Reserved. by Marianna Schmudlach / November 19, 2006 2:42 PM PST In reply to: Thank you! Voici mon rapport de HijackThis présentement. This program is for XP and Windows 2000 only Double-click ATF-Cleaner.exe to run the program.

by Sunsetlover / November 19, 2006 1:11 PM PST In reply to: I did a google search..... Shannon Back to top #5 Shannon2012 Shannon2012 Security Colleague 3,657 posts OFFLINE Gender:Male Location:North Carolina, USA Local time:01:25 AM Posted 11 April 2011 - 07:50 PM It appears that this Browse to C:\Windows > System, add this folder to the list and click on "Start Scan". this content Stay logged in Sign up now!

Click the "Extended tab" and scroll down the list to find AVG Anti-Spyware guard. Some malware will insert itself and hide in areas that are "protected" by Windows when the files are being used.