Sujet Précédent Sujet Suivant

Winferno c installé!!

aurelie76110 Messages postés 1 Statut Membre -  
 aurelie76110 -
Bonjour,
un logiciel winferno c installé depuis impossible de me connecter a internet correctement
ca m'ouvre des dizaine de page vierge
je ne suis que debutante
qelqu'un pe m'aider!!!!

1 réponse

Réponse 1 / 1
vinni gambini Messages postés 142 Statut Membre 1
 
https://forum.pcastuces.com/au_secours_eliminer_winferno_et_schredder-f25s50477.htm?page=1
0
aurelie76110
 
voila le raport

que doi je faire apres?


Malwarebytes' Anti-Malware 1.41
Version de la base de données: 3137
Windows 5.1.2600 Service Pack 3

10/11/2009 03:42:13
mbam-log-2009-11-10 (03-42-13).txt

Type de recherche: Examen complet (C:\|D:\|J:\|)
Eléments examinés: 216784
Temps écoulé: 4 hour(s), 28 minute(s), 27 second(s)

Processus mémoire infecté(s): 3
Module(s) mémoire infecté(s): 2
Clé(s) du Registre infectée(s): 17
Valeur(s) du Registre infectée(s): 9
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 5
Fichier(s) infecté(s): 43

Processus mémoire infecté(s):
C:\documents and settings\Kamal\local settings\application data\ophiaq.exe (Adware.Navipromo.H) -> Unloaded process successfully.
C:\Documents and Settings\Kamal\Application Data\EoRezo\SoftwareUpdate\SoftwareUpdateHP.exe (Rogue.Eorezo) -> Unloaded process successfully.
C:\Program Files\EoRezo\EoEngine.exe (Rogue.Eorezo) -> Unloaded process successfully.

Module(s) mémoire infecté(s):
C:\Program Files\EoRezo\EoAdv\EoAdv.dll (Rogue.Eorezo) -> Delete on reboot.
C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (Rogue.Eorezo) -> Delete on reboot.

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\TypeLib\{b6acb3f1-6a83-432c-b854-3e1056f87f4e} (Rogue.Eorezo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{819db72d-1c28-4387-9778-e2ff3dc86f74} (Rogue.Eorezo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c7b76b90-3455-4ae6-a752-eac4d19689e5} (Rogue.Eorezo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c7b76b90-3455-4ae6-a752-eac4d19689e5} (Rogue.Eorezo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c7b76b90-3455-4ae6-a752-eac4d19689e5} (Rogue.Eorezo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\absolutetransfer.absolutetransfer (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\absolutetransfer.absolutetransfer.1 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{18cb1a7b-94cd-4582-8022-ada16851e44b} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{18cb1a7b-94cd-4582-8022-ada16851e44b} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18cb1a7b-94cd-4582-8022-ada16851e44b} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\OOO (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\RegistryDoktorFrNE (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo (Rogue.Eorezo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Live-Player (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Registry_Doktor 2009_is1 (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\OOO (Rogue.LivePlayer) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ophiaq (Adware.Navipromo.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\wgsyk (Trojan.Agent.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\gycoq (Trojan.Agent.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\keyseim (Trojan.Agent.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\kckqqsc (Trojan.Agent.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\softwarehelper (Rogue.Eorezo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\eoengine (Rogue.Eorezo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\rdfrnet (Rogue.AntivirusDoktor) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\updtr.exe (Trojan.Agent) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\System (Rootkit.DNSChanger.H) -> Data: kdear.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Hijack.Shell) -> Bad: (Explorer.exe work.exe) Good: (Explorer.exe) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
C:\Program Files\Registry_Doktor 4.1 (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.
C:\Program Files\Registry_Doktor 4.1\definitions (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Registry_Doktor 4.1 (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Spyware-Secure (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\AVP 2009 (Malware.Trace) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Documents and Settings\Kamal\Local Settings\Application Data\gycoq_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kamal\Local Settings\Application Data\gycoq_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kamal\Local Settings\Application Data\gycoq.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kamal\Local Settings\Application Data\keyseim_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kamal\Local Settings\Application Data\keyseim_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kamal\Local Settings\Application Data\keyseim.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kamal\Local Settings\Application Data\kckqqsc_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kamal\Local Settings\Application Data\kckqqsc_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kamal\Local Settings\Application Data\kckqqsc.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kamal\Local Settings\Application Data\ophiaq_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kamal\Local Settings\Application Data\ophiaq_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kamal\Local Settings\Application Data\ophiaq.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kamal\Local Settings\Application Data\ophiaq.exe (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kamal\Local Settings\Application Data\wgsyk_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kamal\Local Settings\Application Data\wgsyk_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kamal\Local Settings\Application Data\wgsyk.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kamal\Application Data\EoRezo\SoftwareUpdate\SoftwareUpdateHP.exe (Rogue.Eorezo) -> Quarantined and deleted successfully.
C:\Program Files\EoRezo\EoEngine.exe (Rogue.Eorezo) -> Quarantined and deleted successfully.
C:\Program Files\EoRezo\EoAdv\EoAdv.dll (Rogue.Eorezo) -> Quarantined and deleted successfully.
C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (Rogue.Eorezo) -> Delete on reboot.
C:\Program Files\Registry_Doktor 4.1\RegistryDoktor.exe (Rogue.AntivirusDoktor) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kamal\Local Settings\Temporary Internet Files\Content.IE5\4EDLDXJ6\registry-doktor-07fr[1].exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kamal\Application Data\EoRezo\SoftwareUpdate\SoftwareUpdate.exe (Rogue.Eorezo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{99BAC3D2-3D04-49C6-BC16-F8CD7A45E701}\RP387\A0107588.exe (Rogue.Eorezo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{99BAC3D2-3D04-49C6-BC16-F8CD7A45E701}\RP387\A0107608.dll (Rogue.Eorezo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{99BAC3D2-3D04-49C6-BC16-F8CD7A45E701}\RP387\A0107615.dll (Rogue.Eorezo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{99BAC3D2-3D04-49C6-BC16-F8CD7A45E701}\RP387\A0107625.exe (Rogue.AntivirusDoktor) -> Quarantined and deleted successfully.
C:\Program Files\Registry_Doktor 4.1\unins000.dat (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.
C:\Program Files\Registry_Doktor 4.1\unins000.exe (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.
C:\Program Files\Registry_Doktor 4.1\EngineAP.dll (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.
C:\Program Files\Registry_Doktor 4.1\Cl.exe (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.
C:\Program Files\Registry_Doktor 4.1\Task.dat (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.
C:\Program Files\Registry_Doktor 4.1\ScheduleAP.txt (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.
C:\Program Files\Registry_Doktor 4.1\definitions\200812.cab (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Registry_Doktor 4.1\Registry Doktor 4.1.lnk (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Registry_Doktor 4.1\Désinstaller Registry Doktor 4.1.lnk (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Spyware-Secure\Spyware-Secure.lnk (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Spyware-Secure\Website.lnk (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Spyware-Secure\Uninstall.lnk (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\AVP 2009\1.dat (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\ufdata2000.log (Malware.Trace) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Bureau\Registry Doktor 4.1.lnk (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kamal\Application Data\Microsoft\Internet Explorer\Quick Launch\Registry Doktor 4.1.lnk (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.
0

Discussions similaires

Erreur installation Valorant
Ximmortel -
Kylian -

4 réponses
Problème compatibilité composant
Obaclael -
Panth33ra -

20 réponses
Probleme d'installation League Of Legend
osnesthebest -
osnesthebest -

6 réponses
Problème d'installation League Of Legend
SP sa roxx -
jijgjhfgq -

72 réponses
Programme qui s'installe tout seul.
mariodu34310 -
mariodu34310 -

5 réponses