Aide pour supprimer apmanager
BipBip
-
Utilisateur anonyme -
Utilisateur anonyme -
Bonjour,
Le spyware Apmanager s'est installé sur mon pc, et l'a completement bousillé ! Mon ordinateur s'est éteint brusquement, et ma barre des taches et mes icons ont disparu, et je ne peux pas fermer la fenetre apmanager a moins de donner mes coordonnés.
Comment faire pour le supprimer de mon ordinateur ?!
Le spyware Apmanager s'est installé sur mon pc, et l'a completement bousillé ! Mon ordinateur s'est éteint brusquement, et ma barre des taches et mes icons ont disparu, et je ne peux pas fermer la fenetre apmanager a moins de donner mes coordonnés.
Comment faire pour le supprimer de mon ordinateur ?!
A voir également:
- Aide pour supprimer apmanager
- Supprimer rond bleu whatsapp - Guide
- Supprimer page word - Guide
- Supprimer pub youtube - Accueil - Streaming
- Fichier impossible à supprimer - Guide
- Supprimer application windows 10 - Guide
18 réponses
bonjour a tu accé au mode sans échec ?
https://www.micro-astuce.com/depannage/demarrer-mode-sans-echec.php
https://www.micro-astuce.com/depannage/demarrer-mode-sans-echec.php
bien peut tu transférer avec une clé usb les logiciel demandé
Télécharge rkill
https://download.bleepingcomputer.com/grinler/rkill.exe
Enregistre-le sur ton Bureau
Double-clique sur l'icone rkill ( pour Vista/Seven clic-droit Exécuter en tant qu'Administrateur)
Un bref écran noir t'indiquera que le tool s'est correctement exécuter, s'il ne lance pas
change de lien de téléchargement en utilisant le suivant à partir d'ici:
http://download.bleepingcomputer.com/grinler/rkill.pif
https://download.bleepingcomputer.com/grinler/rkill.scr
https://download.bleepingcomputer.com/grinler/rkill.com
une fois qu'il aura terminé
Téléchargez MalwareByte's Anti-Malware
http://www.malwarebytes.org/mbam/program/mbam-setup.exe
. Enregistres le sur le bureau
. Double cliques sur le fichier téléchargé pour lancer le processus d'installation.
. Dans l'onglet "mise à jour", cliques sur le bouton Recherche de mise à jour
. Si le pare-feu demande l'autorisation de se connecter pour malwarebytes, accepte
. Une fois la mise à jour terminé
. Rend-toi dans l'onglet, Recherche
. Sélectionnes Exécuter un examen complet (examen assez long)
. Cliques sur Rechercher
. Le scan démarre.
. A la fin de l'analyse, un message s'affiche : L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.
. Cliques sur Ok pour poursuivre.
. Si des malwares ont été détectés, clique sur Afficher les résultats
. Sélectionnes tout (ou laisses cochés) et cliques sur Supprimer la sélection Malwarebytes va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
. Malwarebytes va ouvrir le bloc-notes et y copier le rapport d'analyse.
. Rends toi dans l'onglet rapport/log
. Tu cliques dessus pour l'afficher, une fois affiché
. Tu cliques sur edition en haut du boc notes, et puis sur sélectionner tous
. Tu recliques sur edition et puis sur copier et tu reviens sur le forum et dans ta réponse
. tu cliques droit dans le cadre de la reponse et coller
Si tu as besoin d'aide regarde ces tutoriels :
Aide: https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
http://www.infos-du-net.com/forum/278396-11-tuto-malwarebytes-anti-malware-mbam
Télécharge rkill
https://download.bleepingcomputer.com/grinler/rkill.exe
Enregistre-le sur ton Bureau
Double-clique sur l'icone rkill ( pour Vista/Seven clic-droit Exécuter en tant qu'Administrateur)
Un bref écran noir t'indiquera que le tool s'est correctement exécuter, s'il ne lance pas
change de lien de téléchargement en utilisant le suivant à partir d'ici:
http://download.bleepingcomputer.com/grinler/rkill.pif
https://download.bleepingcomputer.com/grinler/rkill.scr
https://download.bleepingcomputer.com/grinler/rkill.com
une fois qu'il aura terminé
Téléchargez MalwareByte's Anti-Malware
http://www.malwarebytes.org/mbam/program/mbam-setup.exe
. Enregistres le sur le bureau
. Double cliques sur le fichier téléchargé pour lancer le processus d'installation.
. Dans l'onglet "mise à jour", cliques sur le bouton Recherche de mise à jour
. Si le pare-feu demande l'autorisation de se connecter pour malwarebytes, accepte
. Une fois la mise à jour terminé
. Rend-toi dans l'onglet, Recherche
. Sélectionnes Exécuter un examen complet (examen assez long)
. Cliques sur Rechercher
. Le scan démarre.
. A la fin de l'analyse, un message s'affiche : L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.
. Cliques sur Ok pour poursuivre.
. Si des malwares ont été détectés, clique sur Afficher les résultats
. Sélectionnes tout (ou laisses cochés) et cliques sur Supprimer la sélection Malwarebytes va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
. Malwarebytes va ouvrir le bloc-notes et y copier le rapport d'analyse.
. Rends toi dans l'onglet rapport/log
. Tu cliques dessus pour l'afficher, une fois affiché
. Tu cliques sur edition en haut du boc notes, et puis sur sélectionner tous
. Tu recliques sur edition et puis sur copier et tu reviens sur le forum et dans ta réponse
. tu cliques droit dans le cadre de la reponse et coller
Si tu as besoin d'aide regarde ces tutoriels :
Aide: https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
http://www.infos-du-net.com/forum/278396-11-tuto-malwarebytes-anti-malware-mbam
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
ah si j'ai lancer rkill via les téléchargements firefox et ca ma mis cela :
This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.
Ran as Administrateur on 03/05/2010 at 19:47:29.
Processes terminated by Rkill or while it was running:
C:\Documents and Settings\Administrateur\Application Data\ARManager\apmanager.exe
C:\Documents and Settings\Administrateur\Bureau\rkill.exe
Rkill completed on 03/05/2010 at 19:47:35.
This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.
Ran as Administrateur on 03/05/2010 at 19:47:29.
Processes terminated by Rkill or while it was running:
C:\Documents and Settings\Administrateur\Application Data\ARManager\apmanager.exe
C:\Documents and Settings\Administrateur\Bureau\rkill.exe
Rkill completed on 03/05/2010 at 19:47:35.
ma barre des taches et mes icones sont revenus, et apmanager a completement disparu !!
merciiiii infiniment! :DD
merciiiii infiniment! :DD
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Version de la base de données: 4062
Windows 5.1.2600 Service Pack 3 (Safe Mode)
Internet Explorer 8.0.6001.18702
03/05/2010 20:25:47
mbam-log-2010-05-03 (20-25-47).txt
Type d'examen: Examen complet (C:\|D:\|)
Elément(s) analysé(s): 151259
Temps écoulé: 28 minute(s), 20 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 2
Clé(s) du Registre infectée(s): 41
Valeur(s) du Registre infectée(s): 17
Elément(s) de données du Registre infecté(s): 5
Dossier(s) infecté(s): 6
Fichier(s) infecté(s): 138
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
C:\WINDOWS\system32\msxsltsso.dll (Trojan.GootKit) -> Delete on reboot.
C:\WINDOWS\system32\nmklo.dll (Worm.MarioFev) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{01da322b-c0a3-4739-8bac-00549ae63329} (Trojan.GootKit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1327991e-9ebb-495e-9f0b-f512e9c00f57} (Trojan.GootKit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{22bc80ad-1f01-4199-9556-ff38743c9dc7} (Trojan.GootKit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2b271b22-0858-49d7-a6c3-6a79c83e9f28} (Trojan.GootKit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2cc43282-ea73-4633-8bf6-18c665d78997} (Trojan.GootKit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3cf30531-1532-49e2-800e-4a558ce918a0} (Trojan.GootKit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{4682b266-d552-4d6e-92f7-fe5c023a9f13} (Trojan.GootKit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{53376c63-0a64-4cd6-ad2a-23a34b13a51f} (Trojan.GootKit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{56c9cd7b-1f92-44bf-8250-4e6454408c42} (Trojan.GootKit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{64843c16-8044-48db-b332-61b0feb2e043} (Trojan.GootKit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{693b2faf-f4a6-415a-8392-c1fd111a282f} (Trojan.GootKit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{6a24a3e0-eb9b-4834-a0cb-5b7c6af8630b} (Trojan.GootKit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{6fea83b5-f984-4de0-b880-cd0ac455805a} (Trojan.GootKit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{767eb441-e529-44a8-a96e-403d6e0d7bab} (Trojan.GootKit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{84af586e-16ff-4133-9eff-541e0da023f4} (Trojan.GootKit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{861c5f94-98e8-45d7-a273-c3647d03d982} (Trojan.GootKit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9bee20f7-a460-4dc7-a791-f975790709fa} (Trojan.GootKit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a9511709-8ced-47ae-9ea8-1464dfa813a3} (Trojan.GootKit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c0ddb838-1d7f-4217-a8fd-998c4c7014f6} (Trojan.GootKit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c53fd5a3-9964-4b4a-93c6-b91f1049e1e2} (Trojan.GootKit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c97d12ef-86aa-4977-8ff0-a4e03e87ef31} (Trojan.GootKit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{cd9edfa8-faaf-40d8-9a83-95eef78db2f4} (Trojan.GootKit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ce04f06b-264f-4c77-8b7a-39823811bee4} (Trojan.GootKit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ef706468-0af5-4ac2-a280-8216a4a68a5e} (Trojan.GootKit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{efd2d0b8-4018-4a74-8b74-4e79888e427a} (Trojan.GootKit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{f8d55a19-2543-4c25-8060-e582dfbfb737} (Trojan.GootKit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{fdd8f2c4-a733-4043-b388-2c08467ca8f1} (Trojan.GootKit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{fdfdb71c-ca1e-459e-93b3-2b20edce403c} (Trojan.GootKit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{febe300a-c7de-4452-a7dc-6413d775e9a8} (Trojan.GootKit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ff209123-6094-4f2c-8c11-b1e53f8070cd} (Trojan.GootKit) -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\pragmatrdmxtynxr (Trojan.DNSChanger) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ARManager (Rogue.ARManager) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\pragma (Rootkit.TDSS) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\PRAGMA (Rootkit.TDSS) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Digital Protection (Rogue.DigitalProtection) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\MADOWN (Worm.Magania) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\AGprotect (Malware.Trace) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\appiust_dlls (Spyware.Agent.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\gootkitsso (Trojan.GootKit) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\kqoaccjx^ (Trojan.Cutwail) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\kqoaccjx (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\kqoaccjx (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ewrgetuj (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\kqoaccjx^ (Trojan.Cutwail) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\kqoaccjx (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\17ej (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mcexecwin (Trojan.Ertfor) -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\hsf87sdhfush87fsufhuie3fddf (Trojan.Ertfor) -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\hsf87efjhdsf87f3jfsdi7fhsujfd (Trojan.Clicker) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\shell (Rogue.ARManager) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\apmanager.exe (Rogue.APManager) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\nod32 (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network\uid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lsdefrag (Trojan.Downloader) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Spyware.Zbot) -> Data: c:\windows\system32\sdra64.exe -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Spyware.Zbot) -> Data: system32\sdra64.exe -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSMHelp (Hijack.Help) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\CheckedValue (Hijack.System.Hidden) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Hijack.Userinit) -> Bad: (C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\sdra64.exe,) Good: (Userinit.exe) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
C:\WINDOWS\system32\lowsec (Stolen.data) -> Delete on reboot.
C:\Program Files\Digital Protection (Rogue.DigitalProtection) -> Quarantined and deleted successfully.
C:\WINDOWS\PRAGMAsvfivfuyms (Trojan.DNSChanger) -> Quarantined and deleted successfully.
C:\WINDOWS\PRAGMAtrdmxtynxr (Trojan.DNSChanger) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\ARManager (Rogue.ARManager) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\ARManager\languages (Rogue.ARManager) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\WINDOWS\system32\nmklo.dll (Spyware.Agent.H) -> Delete on reboot.
C:\WINDOWS\system32\msxsltsso.dll (Trojan.GootKit) -> Delete on reboot.
C:\Documents and Settings\Administrateur\kqoaccjx^.exe (Trojan.Cutwail) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\kqoaccjx.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Local Settings\Temp\geurge.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kqoaccjx^.exe (Trojan.Cutwail) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kqoaccjx.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Local Settings\Temp\ygig.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\g17nrzu.dll (Trojan.Ertfor) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\yvzc2b81x.exe (Trojan.Ertfor) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\hexdump.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\1hqup.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\3dcs9.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\62.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\9d6tpg.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\dqm.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\ggpw.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\hc3hvi0.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\img8hi.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\lhhr8.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\mvmdh.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\s1.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\tgt.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\utcddeq.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\vgyn6ewc.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\wkimt.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\y6cqb2is.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\ysyjq1bs.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\kqoaccjx^ .exe (Trojan.Cutwail) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Local Settings\Temp\8534,062.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Local Settings\Temp\stp611e5.exe (Trojan.FraudTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Local Settings\Temp\TMPC9B8.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\WQ2A2BN3\en[1].exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\WQ2A2BN3\g73[1].exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\WQ2A2BN3\kkemu[1].htm (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\PRAGMAsvfivfuyms\PRAGMAc.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\PRAGMAtrdmxtynxr\PRAGMAd.sys (Trojan.DNSChanger) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cooper.mine (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pragmabbr.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pragmaserf.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sspy8xu36e.dll (Trojan.Ertfor) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\v5qyy8ga7.dll (Trojan.Ertfor) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\16.tmp (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\1F.tmp (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\2518,437.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\61.tmp (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\avp32.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\dlk9kk43.exe (Trojan.Ertfor) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\drweb.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\en.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\fstugnk8.dll (Trojan.Ertfor) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\g73.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\geurge.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\lsass.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\no7ha3.exe (Trojan.Ertfor) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\pbbe858.exe (Trojan.Ertfor) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\r3z30proomyl9.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\services.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\stp0746a.exe (Trojan.FraudTool) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\stp611e5.exe (Trojan.FraudTool) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\taskmgr.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\TMP3250.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\TMPA04F.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\v2wd2lp70i54yi.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\win16.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\win32.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\ygig.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\yjlr.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\1hqup.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\3dcs9.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\62.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\9d6tpg.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\dqm.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\ggpw.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\hc3hvi0.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\img8hi.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\lhhr8.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\s1.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\tgt.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\utcddeq.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\vgyn6ewc.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\wkimt.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\y6cqb2is.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\ysyjq1bs.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lowsec\local.ds (Stolen.data) -> Delete on reboot.
C:\WINDOWS\system32\lowsec\user.ds (Stolen.data) -> Delete on reboot.
C:\Program Files\Digital Protection\about.ico (Rogue.DigitalProtection) -> Quarantined and deleted successfully.
C:\Program Files\Digital Protection\activate.ico (Rogue.DigitalProtection) -> Quarantined and deleted successfully.
C:\Program Files\Digital Protection\buy.ico (Rogue.DigitalProtection) -> Quarantined and deleted successfully.
C:\Program Files\Digital Protection\digext.dll (Rogue.DigitalProtection) -> Quarantined and deleted successfully.
C:\Program Files\Digital Protection\dighook.dll (Rogue.DigitalProtection) -> Quarantined and deleted successfully.
C:\Program Files\Digital Protection\digprot.exe (Rogue.DigitalProtection) -> Quarantined and deleted successfully.
C:\Program Files\Digital Protection\help.ico (Rogue.DigitalProtection) -> Quarantined and deleted successfully.
C:\Program Files\Digital Protection\scan.ico (Rogue.DigitalProtection) -> Quarantined and deleted successfully.
C:\Program Files\Digital Protection\settings.ico (Rogue.DigitalProtection) -> Quarantined and deleted successfully.
C:\Program Files\Digital Protection\splash.mp3 (Rogue.DigitalProtection) -> Quarantined and deleted successfully.
C:\Program Files\Digital Protection\Uninstall.exe (Rogue.DigitalProtection) -> Quarantined and deleted successfully.
C:\Program Files\Digital Protection\update.ico (Rogue.DigitalProtection) -> Quarantined and deleted successfully.
C:\Program Files\Digital Protection\virus.mp3 (Rogue.DigitalProtection) -> Quarantined and deleted successfully.
C:\WINDOWS\PRAGMAsvfivfuyms\PRAGMAcfg.ini (Trojan.DNSChanger) -> Quarantined and deleted successfully.
C:\WINDOWS\PRAGMAtrdmxtynxr\PRAGMAc.dll (Trojan.DNSChanger) -> Quarantined and deleted successfully.
C:\WINDOWS\PRAGMAtrdmxtynxr\PRAGMAcfg.ini (Trojan.DNSChanger) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\ARManager\apmanager.exe (Rogue.ARManager) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\ARManager\files (Rogue.ARManager) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\ARManager\iplog (Rogue.ARManager) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\ARManager\ispinfo (Rogue.ARManager) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\ARManager\settings.ini (Rogue.ARManager) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\ARManager\wallpaper.jpg (Rogue.ARManager) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\ARManager\languages\Czech.lng (Rogue.ARManager) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\ARManager\languages\Danish.lng (Rogue.ARManager) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\ARManager\languages\Dutch.lng (Rogue.ARManager) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\ARManager\languages\English.lng (Rogue.ARManager) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\ARManager\languages\French.lng (Rogue.ARManager) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\ARManager\languages\German.lng (Rogue.ARManager) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\ARManager\languages\Italian.lng (Rogue.ARManager) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\ARManager\languages\Portuguese.lng (Rogue.ARManager) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\ARManager\languages\Slovak.lng (Rogue.ARManager) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\ARManager\languages\Spanish.lng (Rogue.ARManager) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\ARManager\languages\template.lng (Rogue.ARManager) -> Quarantined and deleted successfully.
C:\r3fhr.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\twhvna.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Local Settings\Temp\nodqq.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Local Settings\Temp\nodqq0.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Local Settings\Temp\nodqq1.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\pragmamfeklnmal.dll (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\pragmamainqt.dll (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\PRAGMA2454.tmp (Trojan.DNSChanger) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Favoris\_favdata.dat (Malware.Trace) -> Quarantined and deleted successfully.
C:\9qqigqwf.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sdra64.exe (Spyware.Zbot) -> Delete on reboot.
C:\WINDOWS\Temp\jisfije9fjoiee.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\di.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\p3vwxx.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\ji83j.exe (PWS.Frethog) -> Quarantined and deleted successfully.
C:\mi9al8rs.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\pbyqfn.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\wyskq6lt.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\chxnxyx.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
www.malwarebytes.org
Version de la base de données: 4062
Windows 5.1.2600 Service Pack 3 (Safe Mode)
Internet Explorer 8.0.6001.18702
03/05/2010 20:25:47
mbam-log-2010-05-03 (20-25-47).txt
Type d'examen: Examen complet (C:\|D:\|)
Elément(s) analysé(s): 151259
Temps écoulé: 28 minute(s), 20 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 2
Clé(s) du Registre infectée(s): 41
Valeur(s) du Registre infectée(s): 17
Elément(s) de données du Registre infecté(s): 5
Dossier(s) infecté(s): 6
Fichier(s) infecté(s): 138
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
C:\WINDOWS\system32\msxsltsso.dll (Trojan.GootKit) -> Delete on reboot.
C:\WINDOWS\system32\nmklo.dll (Worm.MarioFev) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{01da322b-c0a3-4739-8bac-00549ae63329} (Trojan.GootKit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1327991e-9ebb-495e-9f0b-f512e9c00f57} (Trojan.GootKit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{22bc80ad-1f01-4199-9556-ff38743c9dc7} (Trojan.GootKit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2b271b22-0858-49d7-a6c3-6a79c83e9f28} (Trojan.GootKit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2cc43282-ea73-4633-8bf6-18c665d78997} (Trojan.GootKit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3cf30531-1532-49e2-800e-4a558ce918a0} (Trojan.GootKit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{4682b266-d552-4d6e-92f7-fe5c023a9f13} (Trojan.GootKit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{53376c63-0a64-4cd6-ad2a-23a34b13a51f} (Trojan.GootKit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{56c9cd7b-1f92-44bf-8250-4e6454408c42} (Trojan.GootKit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{64843c16-8044-48db-b332-61b0feb2e043} (Trojan.GootKit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{693b2faf-f4a6-415a-8392-c1fd111a282f} (Trojan.GootKit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{6a24a3e0-eb9b-4834-a0cb-5b7c6af8630b} (Trojan.GootKit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{6fea83b5-f984-4de0-b880-cd0ac455805a} (Trojan.GootKit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{767eb441-e529-44a8-a96e-403d6e0d7bab} (Trojan.GootKit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{84af586e-16ff-4133-9eff-541e0da023f4} (Trojan.GootKit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{861c5f94-98e8-45d7-a273-c3647d03d982} (Trojan.GootKit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9bee20f7-a460-4dc7-a791-f975790709fa} (Trojan.GootKit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a9511709-8ced-47ae-9ea8-1464dfa813a3} (Trojan.GootKit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c0ddb838-1d7f-4217-a8fd-998c4c7014f6} (Trojan.GootKit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c53fd5a3-9964-4b4a-93c6-b91f1049e1e2} (Trojan.GootKit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c97d12ef-86aa-4977-8ff0-a4e03e87ef31} (Trojan.GootKit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{cd9edfa8-faaf-40d8-9a83-95eef78db2f4} (Trojan.GootKit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ce04f06b-264f-4c77-8b7a-39823811bee4} (Trojan.GootKit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ef706468-0af5-4ac2-a280-8216a4a68a5e} (Trojan.GootKit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{efd2d0b8-4018-4a74-8b74-4e79888e427a} (Trojan.GootKit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{f8d55a19-2543-4c25-8060-e582dfbfb737} (Trojan.GootKit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{fdd8f2c4-a733-4043-b388-2c08467ca8f1} (Trojan.GootKit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{fdfdb71c-ca1e-459e-93b3-2b20edce403c} (Trojan.GootKit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{febe300a-c7de-4452-a7dc-6413d775e9a8} (Trojan.GootKit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ff209123-6094-4f2c-8c11-b1e53f8070cd} (Trojan.GootKit) -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\pragmatrdmxtynxr (Trojan.DNSChanger) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ARManager (Rogue.ARManager) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\pragma (Rootkit.TDSS) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\PRAGMA (Rootkit.TDSS) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Digital Protection (Rogue.DigitalProtection) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\MADOWN (Worm.Magania) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\AGprotect (Malware.Trace) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\appiust_dlls (Spyware.Agent.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\gootkitsso (Trojan.GootKit) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\kqoaccjx^ (Trojan.Cutwail) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\kqoaccjx (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\kqoaccjx (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ewrgetuj (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\kqoaccjx^ (Trojan.Cutwail) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\kqoaccjx (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\17ej (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mcexecwin (Trojan.Ertfor) -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\hsf87sdhfush87fsufhuie3fddf (Trojan.Ertfor) -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\hsf87efjhdsf87f3jfsdi7fhsujfd (Trojan.Clicker) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\shell (Rogue.ARManager) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\apmanager.exe (Rogue.APManager) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\nod32 (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network\uid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lsdefrag (Trojan.Downloader) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Spyware.Zbot) -> Data: c:\windows\system32\sdra64.exe -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Spyware.Zbot) -> Data: system32\sdra64.exe -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSMHelp (Hijack.Help) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\CheckedValue (Hijack.System.Hidden) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Hijack.Userinit) -> Bad: (C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\sdra64.exe,) Good: (Userinit.exe) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
C:\WINDOWS\system32\lowsec (Stolen.data) -> Delete on reboot.
C:\Program Files\Digital Protection (Rogue.DigitalProtection) -> Quarantined and deleted successfully.
C:\WINDOWS\PRAGMAsvfivfuyms (Trojan.DNSChanger) -> Quarantined and deleted successfully.
C:\WINDOWS\PRAGMAtrdmxtynxr (Trojan.DNSChanger) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\ARManager (Rogue.ARManager) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\ARManager\languages (Rogue.ARManager) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\WINDOWS\system32\nmklo.dll (Spyware.Agent.H) -> Delete on reboot.
C:\WINDOWS\system32\msxsltsso.dll (Trojan.GootKit) -> Delete on reboot.
C:\Documents and Settings\Administrateur\kqoaccjx^.exe (Trojan.Cutwail) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\kqoaccjx.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Local Settings\Temp\geurge.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kqoaccjx^.exe (Trojan.Cutwail) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kqoaccjx.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Local Settings\Temp\ygig.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\g17nrzu.dll (Trojan.Ertfor) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\yvzc2b81x.exe (Trojan.Ertfor) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\hexdump.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\1hqup.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\3dcs9.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\62.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\9d6tpg.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\dqm.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\ggpw.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\hc3hvi0.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\img8hi.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\lhhr8.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\mvmdh.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\s1.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\tgt.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\utcddeq.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\vgyn6ewc.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\wkimt.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\y6cqb2is.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\ysyjq1bs.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\kqoaccjx^ .exe (Trojan.Cutwail) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Local Settings\Temp\8534,062.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Local Settings\Temp\stp611e5.exe (Trojan.FraudTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Local Settings\Temp\TMPC9B8.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\WQ2A2BN3\en[1].exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\WQ2A2BN3\g73[1].exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\WQ2A2BN3\kkemu[1].htm (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\PRAGMAsvfivfuyms\PRAGMAc.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\PRAGMAtrdmxtynxr\PRAGMAd.sys (Trojan.DNSChanger) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cooper.mine (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pragmabbr.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pragmaserf.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sspy8xu36e.dll (Trojan.Ertfor) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\v5qyy8ga7.dll (Trojan.Ertfor) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\16.tmp (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\1F.tmp (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\2518,437.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\61.tmp (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\avp32.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\dlk9kk43.exe (Trojan.Ertfor) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\drweb.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\en.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\fstugnk8.dll (Trojan.Ertfor) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\g73.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\geurge.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\lsass.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\no7ha3.exe (Trojan.Ertfor) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\pbbe858.exe (Trojan.Ertfor) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\r3z30proomyl9.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\services.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\stp0746a.exe (Trojan.FraudTool) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\stp611e5.exe (Trojan.FraudTool) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\taskmgr.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\TMP3250.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\TMPA04F.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\v2wd2lp70i54yi.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\win16.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\win32.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\ygig.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\yjlr.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\1hqup.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\3dcs9.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\62.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\9d6tpg.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\dqm.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\ggpw.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\hc3hvi0.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\img8hi.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\lhhr8.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\s1.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\tgt.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\utcddeq.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\vgyn6ewc.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\wkimt.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\y6cqb2is.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
D:\ysyjq1bs.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lowsec\local.ds (Stolen.data) -> Delete on reboot.
C:\WINDOWS\system32\lowsec\user.ds (Stolen.data) -> Delete on reboot.
C:\Program Files\Digital Protection\about.ico (Rogue.DigitalProtection) -> Quarantined and deleted successfully.
C:\Program Files\Digital Protection\activate.ico (Rogue.DigitalProtection) -> Quarantined and deleted successfully.
C:\Program Files\Digital Protection\buy.ico (Rogue.DigitalProtection) -> Quarantined and deleted successfully.
C:\Program Files\Digital Protection\digext.dll (Rogue.DigitalProtection) -> Quarantined and deleted successfully.
C:\Program Files\Digital Protection\dighook.dll (Rogue.DigitalProtection) -> Quarantined and deleted successfully.
C:\Program Files\Digital Protection\digprot.exe (Rogue.DigitalProtection) -> Quarantined and deleted successfully.
C:\Program Files\Digital Protection\help.ico (Rogue.DigitalProtection) -> Quarantined and deleted successfully.
C:\Program Files\Digital Protection\scan.ico (Rogue.DigitalProtection) -> Quarantined and deleted successfully.
C:\Program Files\Digital Protection\settings.ico (Rogue.DigitalProtection) -> Quarantined and deleted successfully.
C:\Program Files\Digital Protection\splash.mp3 (Rogue.DigitalProtection) -> Quarantined and deleted successfully.
C:\Program Files\Digital Protection\Uninstall.exe (Rogue.DigitalProtection) -> Quarantined and deleted successfully.
C:\Program Files\Digital Protection\update.ico (Rogue.DigitalProtection) -> Quarantined and deleted successfully.
C:\Program Files\Digital Protection\virus.mp3 (Rogue.DigitalProtection) -> Quarantined and deleted successfully.
C:\WINDOWS\PRAGMAsvfivfuyms\PRAGMAcfg.ini (Trojan.DNSChanger) -> Quarantined and deleted successfully.
C:\WINDOWS\PRAGMAtrdmxtynxr\PRAGMAc.dll (Trojan.DNSChanger) -> Quarantined and deleted successfully.
C:\WINDOWS\PRAGMAtrdmxtynxr\PRAGMAcfg.ini (Trojan.DNSChanger) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\ARManager\apmanager.exe (Rogue.ARManager) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\ARManager\files (Rogue.ARManager) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\ARManager\iplog (Rogue.ARManager) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\ARManager\ispinfo (Rogue.ARManager) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\ARManager\settings.ini (Rogue.ARManager) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\ARManager\wallpaper.jpg (Rogue.ARManager) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\ARManager\languages\Czech.lng (Rogue.ARManager) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\ARManager\languages\Danish.lng (Rogue.ARManager) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\ARManager\languages\Dutch.lng (Rogue.ARManager) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\ARManager\languages\English.lng (Rogue.ARManager) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\ARManager\languages\French.lng (Rogue.ARManager) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\ARManager\languages\German.lng (Rogue.ARManager) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\ARManager\languages\Italian.lng (Rogue.ARManager) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\ARManager\languages\Portuguese.lng (Rogue.ARManager) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\ARManager\languages\Slovak.lng (Rogue.ARManager) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\ARManager\languages\Spanish.lng (Rogue.ARManager) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\ARManager\languages\template.lng (Rogue.ARManager) -> Quarantined and deleted successfully.
C:\r3fhr.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\twhvna.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Local Settings\Temp\nodqq.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Local Settings\Temp\nodqq0.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Local Settings\Temp\nodqq1.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\pragmamfeklnmal.dll (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\pragmamainqt.dll (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\PRAGMA2454.tmp (Trojan.DNSChanger) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Favoris\_favdata.dat (Malware.Trace) -> Quarantined and deleted successfully.
C:\9qqigqwf.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sdra64.exe (Spyware.Zbot) -> Delete on reboot.
C:\WINDOWS\Temp\jisfije9fjoiee.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\di.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\p3vwxx.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\ji83j.exe (PWS.Frethog) -> Quarantined and deleted successfully.
C:\mi9al8rs.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\pbyqfn.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\wyskq6lt.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\chxnxyx.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
tu est trés infecter
Ouvre ce lien et télécharge ZHPDiag de Nicolas Coolman :
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
Une fois le téléchargement achevé, place ZHPDiag.exe sur ton Bureau.
Double-clique sur l'icône pour lancer le programme. Sous Vista ou Seven clic droit « exécuter en tant que administrateur »
Clique sur la loupe pour lancer l'analyse.
Laisse l'outil travailler, il peut être assez long.
Ferme ZHPDiag en fin d'analyse.
Pour transmettre le rapport clique sur ce lien :
http://www.cijoint.fr/index.php
Clique sur Parcourir et cherche le répertoire où est installé ZHPDiag (en général C:\Program Files\ZHPDiag).
Sélectionne le fichier ZHPDiag.txt.
Clique sur "Cliquez ici pour déposer le fichier".
Un lien de cette forme :
http://www.cijoint.fr/cjlink.php?file=cj200905/cijSKAP5fU.txt
est ajouté dans la page.
Copie ce lien dans ta réponse.
Ouvre ce lien et télécharge ZHPDiag de Nicolas Coolman :
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
Une fois le téléchargement achevé, place ZHPDiag.exe sur ton Bureau.
Double-clique sur l'icône pour lancer le programme. Sous Vista ou Seven clic droit « exécuter en tant que administrateur »
Clique sur la loupe pour lancer l'analyse.
Laisse l'outil travailler, il peut être assez long.
Ferme ZHPDiag en fin d'analyse.
Pour transmettre le rapport clique sur ce lien :
http://www.cijoint.fr/index.php
Clique sur Parcourir et cherche le répertoire où est installé ZHPDiag (en général C:\Program Files\ZHPDiag).
Sélectionne le fichier ZHPDiag.txt.
Clique sur "Cliquez ici pour déposer le fichier".
Un lien de cette forme :
http://www.cijoint.fr/cjlink.php?file=cj200905/cijSKAP5fU.txt
est ajouté dans la page.
Copie ce lien dans ta réponse.
voila ce que ca me mets
La connexion a été réinitialisée
La connexion avec le serveur a été réinitialisée pendant le chargement de la page.
* Le site est peut-être temporairement indisponible ou surchargé. Réessayez plus tard ;
* Si vous n'arrivez à naviguer sur aucun site, vérifiez la connexion
au réseau de votre ordinateur ;
* Si votre ordinateur ou votre réseau est protégé par un pare-feu ou un proxy, assurez-vous que Firefox est autorisé à accéder au Web.
La connexion a été réinitialisée
La connexion avec le serveur a été réinitialisée pendant le chargement de la page.
* Le site est peut-être temporairement indisponible ou surchargé. Réessayez plus tard ;
* Si vous n'arrivez à naviguer sur aucun site, vérifiez la connexion
au réseau de votre ordinateur ;
* Si votre ordinateur ou votre réseau est protégé par un pare-feu ou un proxy, assurez-vous que Firefox est autorisé à accéder au Web.
