Virus msn
yoanmilliard888
-
yoanmilliard888 -
yoanmilliard888 -
Bonjour,
j'ai présentement un virus msn, qui envoie cela a tout mes contacts :
foto :D avec un lien...
le probleme, aucun logiciel ne marche pour le supprimer. J'ai présentement essayer :
msnfix
msncleaner
scan avast
clean virus msn
Si vous pourriez me conseiller sur ce problème...
merci d'avance ! ;)
j'ai présentement un virus msn, qui envoie cela a tout mes contacts :
foto :D avec un lien...
le probleme, aucun logiciel ne marche pour le supprimer. J'ai présentement essayer :
msnfix
msncleaner
scan avast
clean virus msn
Si vous pourriez me conseiller sur ce problème...
merci d'avance ! ;)
A voir également:
- Virus msn
- Virus mcafee - Accueil - Piratage
- Telecharger msn - Télécharger - Messagerie
- Msn messenger - Télécharger - Messagerie
- Virus facebook demande d'amis - Accueil - Facebook
- Virus informatique - Guide
11 réponses
Salut,
Donne le lien envoyé par MSN stp :)
msnfix <= n'est plus mis à jour
scan avast <= si t'as Avast! et que le malware est entré il sera pas capable de le détecter sinon il l'aurait empéche de rentrer.
clean virus msn <= maintenu mais inefficace
Bref tente Malwarebyte comme dit plus haut - voir : https://forums.commentcamarche.net/forum/affich-17672790-bug-msn#2
Si ça ne le supprime pas on fera manuellement :)
Réfléchissez avant de cliquer.
Them crooked vultures this evening :D
Donne le lien envoyé par MSN stp :)
msnfix <= n'est plus mis à jour
scan avast <= si t'as Avast! et que le malware est entré il sera pas capable de le détecter sinon il l'aurait empéche de rentrer.
clean virus msn <= maintenu mais inefficace
Bref tente Malwarebyte comme dit plus haut - voir : https://forums.commentcamarche.net/forum/affich-17672790-bug-msn#2
Si ça ne le supprime pas on fera manuellement :)
Réfléchissez avant de cliquer.
Them crooked vultures this evening :D
D'accord, je tente, et je redonne des nouvelles.
PS. J'ai pas cliqué, je ne sais même pas commet je l'ai attraper. C'est très étrange. Bref...
PS. J'ai pas cliqué, je ne sais même pas commet je l'ai attraper. C'est très étrange. Bref...
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
ow.ly/20WPz?=image.php?= le msn du contact
angeloangel.com/photo.php?= le msn du contact
medinaac.com/photo.php?= le msn du contact
avec écris en avant " foto :D "
Présentement, j'ai eu connaissance de ces trois liens envoyés.
angeloangel.com/photo.php?= le msn du contact
medinaac.com/photo.php?= le msn du contact
avec écris en avant " foto :D "
Présentement, j'ai eu connaissance de ces trois liens envoyés.
merci :)
Ca été mis dans la boucle (envoie aux éditeurs d'antivirus etc) : https://forum.malekal.com/viewtopic.php?t=26641&start=
Je les avais un peu perdus, je vais pouvoir les suivre à nouveau :)
Les trois c'est les mêmes en fait.
Ils utilisent des services styles ow.ly, tinyurl avec des redirections vers d'autres URL.
Ca permet d'avoir des urls jetables en front.
Ca été mis dans la boucle (envoie aux éditeurs d'antivirus etc) : https://forum.malekal.com/viewtopic.php?t=26641&start=
Je les avais un peu perdus, je vais pouvoir les suivre à nouveau :)
Les trois c'est les mêmes en fait.
Ils utilisent des services styles ow.ly, tinyurl avec des redirections vers d'autres URL.
Ca permet d'avoir des urls jetables en front.
malekalmorte@MaK-tux:/tmp$ curl -I [hxxp://ow.ly/210ex?=www.facebook.com/photo.php?=] HTTP/1.1 301 Moved Permanently Date: Mon, 21 Jun 2010 17:21:32 GMT Server: Apache X-Powered-By: PHP/5.2.4-2ubuntu5.6 Set-Cookie: OWLYSID=26b4d87a835a59f93f4686f350743dfe618def87; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Location: [hxxp://angeloangel.com/photo.php] X-Gridnum: 7 Vary: Accept-Encoding Connection: close Content-Type: text/html
Hello ,
Télécharge UsbFix ici : https://www.ionos.fr/?affiliate_id=77097
choisi l option Recherche et post la rapport stp
Tuto : http://pagesperso-orange.fr/NosTools/tuto_usbfix2.html
Télécharge UsbFix ici : https://www.ionos.fr/?affiliate_id=77097
choisi l option Recherche et post la rapport stp
Tuto : http://pagesperso-orange.fr/NosTools/tuto_usbfix2.html
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Version de la base de données: 4221
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
2010-06-21 21:02:59
mbam-log-2010-06-21 (21-02-59).txt
Type d'examen: Examen complet (C:\|D:\|)
Elément(s) analysé(s): 236665
Temps écoulé: 1 heure(s), 44 minute(s), 8 seconde(s)
Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 2
Valeur(s) du Registre infectée(s): 11
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 30
Processus mémoire infecté(s):
D:\Documents and Settings\Yoan Milliard\Application Data\lsass.exe (Trojan.Delf) -> Unloaded process successfully.
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\Software\VB and VBA Program Settings\Microwsoft (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\VB and VBA Program Settings\SrvID (Malware.Trace) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\csrsss (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\csrsss (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\csrsss (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\csrsss (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mswupdate (Trojan.Delf) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mswupdate (Trojan.Delf) -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mswupdate (Trojan.Delf) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\developer operations network (Trojan.Backdoor) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\developer operations network (Trojan.Backdoor) -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\developer operations network (Trojan.Backdoor) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\windows data serivce (Malware.Trace) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Trojan.Delf) -> Data: d:\documents and settings\yoan milliard\application data\lsass.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Hijack.Shell) -> Bad: (Explorer.exe "D:\Documents and Settings\Yoan Milliard\Application Data\lsass.exe") Good: (Explorer.exe) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
D:\Documents and Settings\Yoan Milliard\Application Data\csrsss.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
D:\WINDOWS\Temp\svchost.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Local Settings\Temp\Adobe CS4 Keygen.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\P0DmGH-1N-J1EDz.exe (Adware.AdRotator) -> Quarantined and deleted successfully.
D:\Documents and Settings\Yoan Milliard\Application Data\codkevw.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
D:\Documents and Settings\Yoan Milliard\Application Data\juprpfv.exe (Trojan.Agent) -> Quarantined and deleted successfully.
D:\Documents and Settings\Yoan Milliard\Application Data\olmckuz.exe (Trojan.MSIL) -> Quarantined and deleted successfully.
D:\Documents and Settings\Yoan Milliard\Application Data\pyjfkgv.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
D:\Documents and Settings\Yoan Milliard\Application Data\xqcgkvr.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
D:\Documents and Settings\Yoan Milliard\Local Settings\Temporary Internet Files\Content.IE5\0XMV09IB\bot[1].exe (Trojan.MSIL) -> Quarantined and deleted successfully.
D:\Documents and Settings\Yoan Milliard\Local Settings\Temporary Internet Files\Content.IE5\JR0A2J8S\swarm[1].exe (Backdoor.Bot) -> Quarantined and deleted successfully.
D:\Documents and Settings\Yoan Milliard\Local Settings\Temporary Internet Files\Content.IE5\JR0A2J8S\ist[1].exe (Backdoor.Bot) -> Quarantined and deleted successfully.
D:\Documents and Settings\Yoan Milliard\Local Settings\Temporary Internet Files\Content.IE5\MU5FYVSM\1276822839[1].exe (Backdoor.Bot) -> Quarantined and deleted successfully.
D:\Documents and Settings\Yoan Milliard\Local Settings\Temporary Internet Files\Content.IE5\VCQC7ZVK\crypted[1].exe (Backdoor.Bot) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{6F52C252-D644-4367-817F-15B3C4BBB505}\RP49\A0054891.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
D:\WINDOWS\Temp\stealingyopasswords.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
D:\WINDOWS\Temp\lollipo.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
D:\Documents and Settings\Yoan Milliard\Application Data\WinDefender.exe (Trojan.Keylogger) -> Quarantined and deleted successfully.
D:\Documents and Settings\Yoan Milliard\Application Data\data.dat (Stolen.Data) -> Quarantined and deleted successfully.
D:\Documents and Settings\Yoan Milliard\Application Data\cglogs.dat (Malware.Trace) -> Quarantined and deleted successfully.
D:\Documents and Settings\Yoan Milliard\Application Data\lsass.exe (Trojan.Delf) -> Delete on reboot.
D:\WINDOWS\system32\devon.exe (Trojan.Backdoor) -> Quarantined and deleted successfully.
D:\Documents and Settings\Yoan Milliard\Local Settings\Temp\IEPASS.abc (Malware.Trace) -> Quarantined and deleted successfully.
D:\Documents and Settings\Yoan Milliard\Local Settings\Temp\MSN.abc (Malware.Trace) -> Quarantined and deleted successfully.
D:\WINDOWS\Temp\removeMe2860.bat (Malware.Trace) -> Quarantined and deleted successfully.
D:\Documents and Settings\Yoan Milliard\Local Settings\Temp\UuU.uUu (Malware.Trace) -> Quarantined and deleted successfully.
D:\WINDOWS\Temp\UuU.uUu (Malware.Trace) -> Quarantined and deleted successfully.
D:\WINDOWS\Temp\XxX.xXx (Malware.Trace) -> Quarantined and deleted successfully.
D:\Documents and Settings\Yoan Milliard\Local Settings\Temp\xxxyyyzzz.dat (Malware.Trace) -> Quarantined and deleted successfully.
D:\WINDOWS\bot.exe (Malware.Trace) -> Delete on reboot.
www.malwarebytes.org
Version de la base de données: 4221
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
2010-06-21 21:02:59
mbam-log-2010-06-21 (21-02-59).txt
Type d'examen: Examen complet (C:\|D:\|)
Elément(s) analysé(s): 236665
Temps écoulé: 1 heure(s), 44 minute(s), 8 seconde(s)
Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 2
Valeur(s) du Registre infectée(s): 11
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 30
Processus mémoire infecté(s):
D:\Documents and Settings\Yoan Milliard\Application Data\lsass.exe (Trojan.Delf) -> Unloaded process successfully.
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\Software\VB and VBA Program Settings\Microwsoft (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\VB and VBA Program Settings\SrvID (Malware.Trace) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\csrsss (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\csrsss (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\csrsss (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\csrsss (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mswupdate (Trojan.Delf) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mswupdate (Trojan.Delf) -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mswupdate (Trojan.Delf) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\developer operations network (Trojan.Backdoor) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\developer operations network (Trojan.Backdoor) -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\developer operations network (Trojan.Backdoor) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\windows data serivce (Malware.Trace) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Trojan.Delf) -> Data: d:\documents and settings\yoan milliard\application data\lsass.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Hijack.Shell) -> Bad: (Explorer.exe "D:\Documents and Settings\Yoan Milliard\Application Data\lsass.exe") Good: (Explorer.exe) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
D:\Documents and Settings\Yoan Milliard\Application Data\csrsss.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
D:\WINDOWS\Temp\svchost.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Local Settings\Temp\Adobe CS4 Keygen.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\P0DmGH-1N-J1EDz.exe (Adware.AdRotator) -> Quarantined and deleted successfully.
D:\Documents and Settings\Yoan Milliard\Application Data\codkevw.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
D:\Documents and Settings\Yoan Milliard\Application Data\juprpfv.exe (Trojan.Agent) -> Quarantined and deleted successfully.
D:\Documents and Settings\Yoan Milliard\Application Data\olmckuz.exe (Trojan.MSIL) -> Quarantined and deleted successfully.
D:\Documents and Settings\Yoan Milliard\Application Data\pyjfkgv.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
D:\Documents and Settings\Yoan Milliard\Application Data\xqcgkvr.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
D:\Documents and Settings\Yoan Milliard\Local Settings\Temporary Internet Files\Content.IE5\0XMV09IB\bot[1].exe (Trojan.MSIL) -> Quarantined and deleted successfully.
D:\Documents and Settings\Yoan Milliard\Local Settings\Temporary Internet Files\Content.IE5\JR0A2J8S\swarm[1].exe (Backdoor.Bot) -> Quarantined and deleted successfully.
D:\Documents and Settings\Yoan Milliard\Local Settings\Temporary Internet Files\Content.IE5\JR0A2J8S\ist[1].exe (Backdoor.Bot) -> Quarantined and deleted successfully.
D:\Documents and Settings\Yoan Milliard\Local Settings\Temporary Internet Files\Content.IE5\MU5FYVSM\1276822839[1].exe (Backdoor.Bot) -> Quarantined and deleted successfully.
D:\Documents and Settings\Yoan Milliard\Local Settings\Temporary Internet Files\Content.IE5\VCQC7ZVK\crypted[1].exe (Backdoor.Bot) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{6F52C252-D644-4367-817F-15B3C4BBB505}\RP49\A0054891.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
D:\WINDOWS\Temp\stealingyopasswords.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
D:\WINDOWS\Temp\lollipo.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
D:\Documents and Settings\Yoan Milliard\Application Data\WinDefender.exe (Trojan.Keylogger) -> Quarantined and deleted successfully.
D:\Documents and Settings\Yoan Milliard\Application Data\data.dat (Stolen.Data) -> Quarantined and deleted successfully.
D:\Documents and Settings\Yoan Milliard\Application Data\cglogs.dat (Malware.Trace) -> Quarantined and deleted successfully.
D:\Documents and Settings\Yoan Milliard\Application Data\lsass.exe (Trojan.Delf) -> Delete on reboot.
D:\WINDOWS\system32\devon.exe (Trojan.Backdoor) -> Quarantined and deleted successfully.
D:\Documents and Settings\Yoan Milliard\Local Settings\Temp\IEPASS.abc (Malware.Trace) -> Quarantined and deleted successfully.
D:\Documents and Settings\Yoan Milliard\Local Settings\Temp\MSN.abc (Malware.Trace) -> Quarantined and deleted successfully.
D:\WINDOWS\Temp\removeMe2860.bat (Malware.Trace) -> Quarantined and deleted successfully.
D:\Documents and Settings\Yoan Milliard\Local Settings\Temp\UuU.uUu (Malware.Trace) -> Quarantined and deleted successfully.
D:\WINDOWS\Temp\UuU.uUu (Malware.Trace) -> Quarantined and deleted successfully.
D:\WINDOWS\Temp\XxX.xXx (Malware.Trace) -> Quarantined and deleted successfully.
D:\Documents and Settings\Yoan Milliard\Local Settings\Temp\xxxyyyzzz.dat (Malware.Trace) -> Quarantined and deleted successfully.
D:\WINDOWS\bot.exe (Malware.Trace) -> Delete on reboot.
