lunk59
Messages postés29Date d'inscriptionsamedi 30 octobre 2010StatutMembreDernière intervention22 avril 2012
-
Modifié par lunk59 le 30/10/2010 à 14:58
Bonjour,
comme je l'indique dans le messages j'ai un virus qui m'a soudainement attaqué.J'ai AVG free aAnti-virus comme anti virus,J'ai fait une annalyse avec malwarbytes' et j'ai 50 éléments infectés!!!D'aprés AVG la source du virus viendrait de query explorer (choses que je ne connait pas et que j'ignore ou je l'ai attrapé).quelqu'un saurait ou ais-je attrapé ce virus?Sauriez vous m'expliquez comment l'enlevé??
voici le résultat de l'analyse:
Type d'examen: Examen complet (C:\|D:\|)
Elément(s) analysé(s): 297602
Temps écoulé: 1 heure(s), 10 minute(s), 47 seconde(s)
Processus mémoire infecté(s): 2
Module(s) mémoire infecté(s): 2
Clé(s) du Registre infectée(s): 9
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 7
Fichier(s) infecté(s): 27
Processus mémoire infecté(s):
C:\Program Files\PremierOpinion\pmservice.exe (Adware.RelevantKnowledge) -> Unloaded process successfully.
c:\program files\premieropinion\pmropn.exe (Trojan.Agent) -> Unloaded process successfully.
Module(s) mémoire infecté(s):
C:\Program Files\PremierOpinion\MSVCP71.DLL (Trojan.Agent) -> Delete on reboot.
C:\Program Files\PremierOpinion\MSVCR71.DLL (Trojan.Agent) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\shopperreports.reporter (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.reporter.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{0d82acd6-a652-4496-a298-2bde705f4227} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{7025e484-d4b0-441a-9f0b-69063bd679ce} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{8258b35c-05b8-4c0e-9525-9bccc70f8f2d} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{a89256ad-ec17-4a83-bef5-4b8bc4f39306} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{eeb86aef-4a5d-4b75-9d74-f16d438fc286} (Adware.PremierOpinion) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Invictus (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\QueryExplorer Service (Adware.QueryExplorer) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\srs_it_e8790571bd765a5233a893 (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations\bak_application (Hijacker.Application) -> Quarantined and deleted successfully.