Sujet Précédent Sujet Suivant

Antivirus security alert

Fermé
since33 - 25 déc. 2010 à 16:33
 Utilisateur anonyme - 28 déc. 2010 à 23:56
Bonjour a tous, je suis nouveau, et je pote ici pour un problème de spy-ware ( je pense ?)
Voila je suis sur windows vista et depuis hier s'est installé ANTIVIRUS SECURITY ALERT sur mon PC.
Pensant que je n'étais pas le seul, j'ai fouillé le net a la recherche d'une solution. Ayant essayé tout ce que je maitrisais, je ne suis toujours pas venu a bout du probleme.
J'ai essayé malware byte bien entendu mais ca ne change rien.

Voici mes rapports malwarebyte :

Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org

Version de la base de données: 5214

Windows 6.0.6001 Service Pack 1 (Safe Mode)
Internet Explorer 8.0.6001.18999

25/12/2010 12:21:52
mbam-log-2010-12-25 (12-21-52).txt

Type d'examen: Examen rapide
Elément(s) analysé(s): 189188
Temps écoulé: 19 minute(s), 8 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 8
Valeur(s) du Registre infectée(s): 39
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 46

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\I.P services (Adware.InstallPedia) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\NtWqIVLZEWZU (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\OOO (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\ (Hijack.Zones) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\OOO (Rogue.LivePlayer) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\IP Network (Adware.InstallPedia) -> Value: IP Network -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cnamxsrewo.exe (Trojan.FakeAlert) -> Value: cnamxsrewo.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cnamxsrewo.exe (Trojan.FakeAlert) -> Value: cnamxsrewo.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\hf8wefhuaihf8ewfydiujhfdsfdf (Trojan.Agent) -> Value: hf8wefhuaihf8ewfydiujhfdsfdf -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\COM+ Manager (Trojan.Downloader) -> Value: COM+ Manager -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\hsf87efjhdsf87f3jfsdi7fhsujfd (Trojan.VirTool) -> Value: hsf87efjhdsf87f3jfsdi7fhsujfd -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Metropolis (Trojan.FakeAlert) -> Value: Metropolis -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Lvbhiejlppf (Password.Stealer) -> Value: Lvbhiejlppf -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Lvbhiejlppf (Password.Stealer) -> Value: Lvbhiejlppf -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Lvbhiejlq+ (Trojan.Agent) -> Value: Lvbhiejlq+ -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Lvbhiejlq+ (Trojan.Agent) -> Value: Lvbhiejlq+ -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Mquse (Trojan.Agent) -> Value: Mquse -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Mquse (Trojan.Agent) -> Value: Mquse -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\WINID (Malware.Trace) -> Value: WINID -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\idstrf (Malware.Trace) -> Value: idstrf -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFolderOptions (Hijack.FolderOptions) -> Value: NoFolderOptions -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MSUpdate (Trojan.Agent) -> Value: MSUpdate -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\{6B92E364-23AB-7A2E-F545-FC8C5304BB6E} (Trojan.ZbotR.Gen) -> Value: {6B92E364-23AB-7A2E-F545-FC8C5304BB6E} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\uPc+kt0NaLYJsiv (Trojan.Downloader.Gen) -> Value: uPc+kt0NaLYJsiv -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\uPc+kt0NaLYJsiv (Trojan.Downloader.Gen) -> Value: uPc+kt0NaLYJsiv -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\uPc+kt0NkVJsiv (Trojan.Downloader.Gen) -> Value: uPc+kt0NkVJsiv -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\uPc+kt0NkVJsiv (Trojan.Downloader.Gen) -> Value: uPc+kt0NkVJsiv -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LvbhiejltOY (Trojan.Downloader.Gen) -> Value: LvbhiejltOY -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LvbhiejltOY (Trojan.Downloader.Gen) -> Value: LvbhiejltOY -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LvbhiejlZx_ (Trojan.Downloader.Gen) -> Value: LvbhiejlZx_ -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LvbhiejlZx_ (Trojan.Downloader.Gen) -> Value: LvbhiejlZx_ -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\NtWqIVLZEWZU (Trojan.FakeAlert) -> Value: NtWqIVLZEWZU -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Lvbhiejlmc (Trojan.Downloader.Gen) -> Value: Lvbhiejlmc -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Lvbhiejlmc (Trojan.Downloader.Gen) -> Value: Lvbhiejlmc -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MqsZ (Trojan.Downloader) -> Value: MqsZ -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MqsZ (Trojan.Downloader) -> Value: MqsZ -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Lvbhiejlqc (Trojan.Downloader.Gen) -> Value: Lvbhiejlqc -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Lvbhiejlqc (Trojan.Downloader.Gen) -> Value: Lvbhiejlqc -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Lvbhiejlprc (Trojan.Downloader.Gen) -> Value: Lvbhiejlprc -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Lvbhiejlprc (Trojan.Downloader.Gen) -> Value: Lvbhiejlprc -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Lvbhiejlud (Trojan.Downloader.Gen) -> Value: Lvbhiejlud -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Lvbhiejlud (Trojan.Downloader.Gen) -> Value: Lvbhiejlud -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Lvbhiejlqb (Trojan.Downloader.Gen) -> Value: Lvbhiejlqb -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Lvbhiejlqb (Trojan.Downloader.Gen) -> Value: Lvbhiejlqb -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools (Hijack.Regedit) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
c:\program files\installpedia (Adware.InstallPedia) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
c:\program files\installpedia\lnetworker.exe (Adware.InstallPedia) -> Quarantined and deleted successfully.
c:\Users\Alex\AppData\Local\Temp\cnamxsrewo.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\Users\Alex\AppData\Local\Temp\fxl2vtl6fy.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Alex\.commgr\complmgr.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Users\Alex\AppData\Local\Temp\drweb.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
c:\program files\installpedia\service.exe (Adware.InstallPedia) -> Quarantined and deleted successfully.
c:\Users\Alex\AppData\Local\Temp\tmp8583a58a\setup1003.exe (Spyware.Passwords.XGen) -> Quarantined and deleted successfully.
c:\Users\Alex\downloads\VLCSetup.exe (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\program files\installpedia\networker.exe (Adware.InstallPedia) -> Quarantined and deleted successfully.
c:\program files\installpedia\pref_updater.exe (Adware.InstallPedia) -> Quarantined and deleted successfully.
c:\Windows\System32\sshnas21.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\Users\Alex\AppData\Local\Temp\jisfije9fjoiee.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Users\Alex\AppData\Local\Temp\services.exe (Password.Stealer) -> Quarantined and deleted successfully.
c:\Users\Alex\AppData\Local\Temp\sshnas21.dll (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Users\Alex\AppData\Local\Temp\win16.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Alex\local settings\application data\bnbvkw_nav.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
c:\Users\Alex\local settings\application data\cynrh_nav.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
c:\Users\Alex\local settings\application data\dqfcqeap_nav.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
c:\Users\Alex\local settings\application data\eqgcy_nav.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
c:\Users\Alex\local settings\application data\zfqtgkwj_nav.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
c:\Users\Alex\local settings\application data\bkwjmg_navps.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
c:\Users\Alex\local settings\application data\bmymqk_navps.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
c:\Users\Alex\local settings\application data\bnbvkw_navps.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
c:\Users\Alex\local settings\application data\cynrh_navps.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
c:\Users\Alex\local settings\application data\dqfcqeap_navps.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
c:\Users\Alex\local settings\application data\eqgcy_navps.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
c:\Users\Alex\local settings\application data\jesvkh_navps.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
c:\Users\Alex\local settings\application data\zfqtgkwj_navps.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
c:\Users\Alex\oashdihasidhasuidhiasdhiashdiuasdhasd (Malware.Trace) -> Quarantined and deleted successfully.
c:\Windows\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Windows\Tasks\{22116563-108c-42c0-a7ce-60161b75e508}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Users\Alex\AppData\Local\Temp\MSup1.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Alex\AppData\Roaming\Amzad\nihep.exe (Trojan.ZbotR.Gen) -> Quarantined and deleted successfully.
c:\Windows\System32\vh100gfle.dll (Trojan.Downloader.Gen) -> Quarantined and deleted successfully.
c:\Windows\System32\aofab.dll (Trojan.Downloader.Gen) -> Quarantined and deleted successfully.
c:\Users\Alex\AppData\Local\Temp\rny18apbk.exe (Trojan.Downloader.Gen) -> Quarantined and deleted successfully.
c:\Users\Alex\AppData\Local\Temp\w0bspxl83.exe (Trojan.Downloader.Gen) -> Quarantined and deleted successfully.
c:\Users\Alex\AppData\Local\Temp\Yqu.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\Users\Alex\AppData\Local\Temp\mdm.exe (Trojan.Downloader.Gen) -> Quarantined and deleted successfully.
c:\Windows\mdm.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Users\Alex\AppData\Local\Temp\win.exe (Trojan.Downloader.Gen) -> Quarantined and deleted successfully.
c:\Users\Alex\AppData\Local\Temp\install.exe (Trojan.Downloader.Gen) -> Quarantined and deleted successfully.
c:\Users\Alex\AppData\Local\Temp\system.exe (Trojan.Downloader.Gen) -> Quarantined and deleted successfully.
c:\Users\Alex\AppData\Local\Temp\winamp.exe (Trojan.Downloader.Gen) -> Quarantined and deleted successfully.
c:\program files\installpedia\ionic.zip.reduced.dll (Adware.InstallPedia) -> Quarantined and deleted successfully.
c:\program files\installpedia\Utils.dll (Adware.InstallPedia) -> Quarantined and deleted successfully.














Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Version de la base de données: 4698

Windows 6.0.6001 Service Pack 1 (Safe Mode)
Internet Explorer 8.0.6001.18943

26/09/2010 15:46:57
mbam-log-2010-09-26 (15-46-57).txt

Type d'examen: Examen complet (C:\|D:\|)
Elément(s) analysé(s): 326930
Temps écoulé: 1 heure(s), 18 minute(s), 25 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 3
Valeur(s) du Registre infectée(s): 8
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 2
Fichier(s) infecté(s): 62

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\OOO (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\OOO (Rogue.LivePlayer) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\usaflkxe (Trojan.Agent.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\hf8wefhuaihf8ewfydiujhfdsfdf (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\com+ manager (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\hsf87efjhdsf87f3jfsdi7fhsujfd (Trojan.Clicker) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\712089 (Malware.Packer.Gen) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\winid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\{6b92e364-23ab-7a2e-f545-fc8c5304bb6e} (Trojan.ZbotR.Gen) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\msupdate (Trojan.Agent) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Program Files\RelevantKnowledge (Spyware.MarketScore) -> Quarantined and deleted successfully.
C:\Program Files\RelevantKnowledge\components (Spyware.MarketScore) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
c:\Users\Alex\AppData\Local\usaflkxe.exe (Trojan.Agent.H) -> Quarantined and deleted successfully.
C:\Users\Alex\AppData\Local\Temp\fxl2vtl6fy.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\Alex\.COMMgr\complmgr.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\Alex\AppData\Local\Temp\drweb.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Users\Alex\AppData\Local\712089.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\Users\Alex\AppData\Local\Temp\ewmsroxacn.exe (Trojan.Hiloti) -> Quarantined and deleted successfully.
C:\Users\Alex\AppData\Local\Temp\F2EF.tmp (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Users\Alex\AppData\Local\Temp\foqr4nt0.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\Alex\AppData\Local\Temp\khvcol.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\Alex\AppData\Local\Temp\mdm.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Users\Alex\AppData\Local\Temp\notepad.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Users\Alex\AppData\Local\Temp\rxmoacesnw.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\Alex\AppData\Local\Temp\taskmgr.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Users\Alex\AppData\Local\Temp\winamp.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Users\Alex\AppData\Local\Temp\ycap6can3.exe (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\Users\Alex\AppData\Local\Temp\~TM14F2.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\Alex\AppData\Local\VirtualStore\Windows\System32\syce.xto (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Users\Alex\Downloads\install_FullPackCodecs_FR.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Windows\Temp\41884873.tmp (Trojan.Ransom) -> Quarantined and deleted successfully.
C:\Windows\Temp\56f26500.tmp (Trojan.Ransom) -> Quarantined and deleted successfully.
C:\Windows\Temp\73c592c7.tmp (Trojan.Ransom) -> Quarantined and deleted successfully.
C:\Windows\Temp\82cd4b1b.tmp (Trojan.Ransom) -> Quarantined and deleted successfully.
C:\Windows\Temp\a0cd2d50.tmp (Trojan.Ransom) -> Quarantined and deleted successfully.
C:\Windows\Temp\a3daa89f.tmp (Trojan.Ransom) -> Quarantined and deleted successfully.
C:\Windows\Temp\cd0f75d1.tmp (Trojan.Ransom) -> Quarantined and deleted successfully.
C:\Windows\Temp\e932a527.tmp (Trojan.Ransom) -> Quarantined and deleted successfully.
C:\Windows\Temp\efa84a5d.tmp (Trojan.Ransom) -> Quarantined and deleted successfully.
C:\Windows\Temp\~os628.tmp\rlls.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Windows\Temp\~os628.tmp\rlls64.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Windows\Temp\~os628.tmp\rlservice.exe (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Windows\Temp\~os628.tmp\rlvknlg.exe (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Windows\Temp\~os628.tmp\rlvknlg64.exe (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Windows\Temp\~osAAEE.tmp\rlls.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Windows\Temp\~osAAEE.tmp\rlls64.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Windows\Temp\~osAAEE.tmp\rlph.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Windows\Temp\~osAAEE.tmp\rlservice.exe (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Windows\Temp\~osAAEE.tmp\rlvknlg.exe (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Windows\Temp\~osAAEE.tmp\rlvknlg64.exe (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Windows\Temp\~osAAEE.tmp\rlxf.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Windows\Temp\~osAAEE.tmp\rlxg.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Windows\Temp\~osE6F7.tmp\rlls.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Windows\Temp\~osE6F7.tmp\rlls64.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Windows\Temp\~osE6F7.tmp\rlph.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Windows\Temp\~osE6F7.tmp\rlservice.exe (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Windows\Temp\~osE6F7.tmp\rlvknlg.exe (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Windows\Temp\~osE6F7.tmp\rlvknlg64.exe (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Windows\Temp\~osE6F7.tmp\rlxf.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Windows\Temp\~osE6F7.tmp\rlxg.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Security Tool.LNK (Rogue.SecurityTool) -> Quarantined and deleted successfully.
C:\Users\Alex\AppData\Local\Temp\jisfije9fjoiee.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\Alex\Local Settings\Application Data\czwliw_nav.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:\Users\Alex\Local Settings\Application Data\dgpfh_nav.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:\Users\Alex\Local Settings\Application Data\ebbiheul_nav.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:\Users\Alex\Local Settings\Application Data\oqrtuv_nav.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:\Users\Alex\Local Settings\Application Data\czwliw_navps.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:\Users\Alex\Local Settings\Application Data\dgpfh_navps.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:\Users\Alex\Local Settings\Application Data\ebbiheul_navps.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:\Users\Alex\Local Settings\Application Data\oqrtuv_navps.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:\Users\Alex\Local Settings\Application Data\usaflkxe_navps.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:\Users\Alex\oashdihasidhasuidhiasdhiashdiuasdhasd (Malware.Trace) -> Quarantined and deleted successfully.
C:\Users\Alex\AppData\Roaming\Amzad\nihep.exe (Trojan.ZbotR.Gen) -> Quarantined and deleted successfully.
C:\Users\Alex\AppData\Local\Temp\MSup1.exe (Trojan.Agent) -> Quarantined and deleted successfully.




Meme apres avoir supprimé les fichier, le virus est toujours présent.

Donc si quelqu'un pourrait m'aider a me sortir de ce pétrin ..

Je vous remerci d'avance et vous souhaite un joyeux noel a tous ! :)
A voir également:

13 réponses

Réponse 1 / 13
Utilisateur anonyme
25 déc. 2010 à 18:59
Il faut virer le proxy, c'est cette cochonnerie qui doit empêcher la connexion
Ouvre internet Explorer
Clique sur outils
Sélectionne options internet
ouvre l'onglet connexions
clique sur le bouton paramètre réseau
décoche utiliser un serveur proxy pour votre réseau local
clique sur OK
1
Tigzy Messages postés 7498 Date d'inscription lundi 15 février 2010 Statut Contributeur sécurité Dernière intervention 15 septembre 2021 582
26 déc. 2010 à 00:48
salut

pour info, RogueKiller vire le proxy quand la manip est fait correctement
En mode 2, l'outil demande si on veut virer le proxy. Si oui, il faut alors taper 1.

PS: Le rapport RogueKiller n'est pas complet, il y a uniquement le dernier scan qui a été fait.
0
Réponse 2 / 13
Utilisateur anonyme
25 déc. 2010 à 16:55
Bonjour
Malwarebytes n'est pas à jour
* Télécharge sur le bureau RogueKiller (par tigzy)
* Quitte tous tes programmes en cours
* Sous Vista/Seven , clique droit -> lancer en tant qu'administrateur
* Lance RogueKiller.exe.
* Lorsque demandé, tape 1 et valide
* Si le programme demande pour supprimer le proxy, tape 1 si tu es sûr que ce n'est pas toi qui l'a mis, sinon taper 2
* Un rapport (RKreport.txt) a du se créer à côté de l'exécutable, colle son contenu dans la réponse
* Si le programme a été bloqué, ne pas hésiter à essayer plusieurs fois.

NOTE: taper 2 pour mode suppression
NOTE: S'il y a un proxy de trouvé , taper 1 pour la suppression
0
Réponse 3 / 13
since33
25 déc. 2010 à 17:23
Merci pour ta reponse :)

Voila le rapport :


RogueKiller V3.5.1 by Tigzy
contact at www.sur-la-toile.com
mail: tigzy44<at>hotmail<dot>fr
Feedback: https://www.luanagames.com/index.fr.html

Operating System: Windows Vista (6.0.6001 Service Pack 1) version 32 bits
Mode: Scan -- Time : 25/12/2010 17:19:37

Bad processes:

Found:
HKCU\...\RUN\ cacaoweb : "C:\Users\Alex\AppData\Roaming\cacaoweb\cacaoweb.exe" -noplayer
HKCU\...\RUN\ eqgcy : "c:\users\alex\appdata\local\eqgcy.exe" eqgcy
HKCU\...\RUN\ JP595IR86O : C:\Users\Alex\AppData\Local\Temp\Yql.exe
HKCU\...\RUN\ aofjoggd : C:\Users\Alex\AppData\Local\Temp\esmrpoxca\onybmcjlajb.exe
HKCU\...\RUN\ vdgbxssj : C:\Users\Alex\AppData\Local\Temp\cgiqpgltn\ovmuufllajb.exe
HKCU\...\Internet Settings\ ProxyServer : http=127.0.0.1:8074

Finished
0
Réponse 4 / 13
Utilisateur anonyme
25 déc. 2010 à 17:27
Clic droit sur Rogue Killer, et sur exécuter en tant qu'administrateur
Tape 2 mode suppression, et poste le rapport
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 13
since33
25 déc. 2010 à 17:56
Je ne sais pas si s'est ca que tu me demande ? :

RogueKiller V3.5.1 by Tigzy
contact at www.sur-la-toile.com
mail: tigzy44<at>hotmail<dot>fr
Feedback: https://www.luanagames.com/index.fr.html

Operating System: Windows Vista (6.0.6001 Service Pack 1) version 32 bits
Mode: Remove -- Time : 25/12/2010 17:53:07

Bad processes:

Deregistred:

Finished
0
Réponse 6 / 13
Utilisateur anonyme
25 déc. 2010 à 18:21
Vide la quarantaine de Malwarebytes
Met le à jour, et refait un scan complet
0
Réponse 7 / 13
since33
25 déc. 2010 à 18:41
Problème, aucune connexion réseau a cause du spy donc comment mettre a jour ? :/
0
Réponse 8 / 13
since33
25 déc. 2010 à 19:28
ca y est je l'ai lancé, je ne suis plus en mode sans echec car le spy semble avoir disparu ( plus d'alerte ) Mais l'ordi est très lent. Est-ce normal ?
0
Réponse 9 / 13
Utilisateur anonyme
25 déc. 2010 à 22:55
on va regarder
* Télécharge ZHPDiag (de Nicolas Coolman)
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
* Laisse toi guider lors de l'installation, il se lancera automatiquement à la fin.
* Clique sur l'icône représentant une loupe (« Lancer le diagnostic »)
* Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
Héberge le rapport ICI
0
Réponse 10 / 13
since
26 déc. 2010 à 16:00
A la fin de l'installation :

" Impossible d'exécuter le fichier

Create process a échoué ; code 740
L'opération demandé nécessite une élévation "

Donc impossible d'installer ZHPDiag ...
0
Réponse 11 / 13
Utilisateur anonyme
Modifié par Jawaryinti le 26/12/2010 à 16:57
Bonjour Tu fait clic droit sur l'icône de ZHPDiag présent sur le bureau
Clique sur propriétés, et sur l'onglet compatibilité
En bas, coche Exécuter ce programme en tant qu'administrateur
Clique sur Appliquer, puis sur OK

Ensuite, clic droit sur l'icône de ZHPDiag, et clique exécuter en tant
qu'administrateur


O.o°*??? Ex Nathandre aux 12938 messages depuis le 27.10.2008 °.Oø¤º°'°º¤ø
0
Réponse 12 / 13
since33
28 déc. 2010 à 23:49
Désolé du temps de réponse, problemes d'acces a internet :S
Donc j'ai le rapport mais cijoint semble capricieux en ne veut pas heberger le fichier :O
0
Réponse 13 / 13
Utilisateur anonyme
28 déc. 2010 à 23:56
Bonsoir
Met le rapport dans un dossier zippé, et essaye de l'hébeger
0

Discussions similaires

ALERT en php
snoopy -
appkech -

14 réponses
Boîte mail piratée ?
mike the llama -
mike the llama -

4 réponses
Code de réinitialisation mdp facebook sans le demander
Colonel_El_Moustachat -
Colonel_El_Moustachat -

4 réponses
Google Chrome "  Échec de l'analyse antivirus "
jmpower -
Coco71 -

15 réponses
Security boot fail lors du démarrage
Steu -
NBK -

4 réponses