Windows shield center : méchant virus Résolu/Fermé

Question

Bonjour, 
j'ai attrapé un virus sur mon ordinateur il s'appelle "windows shield center" et se fait passer pour un logiciel antivirus qui aurait détecté un niveau alarmant de dégradation sur mon ordinateur. J'ai trouvé quelques démarches à suivre sur des sites en anglais mais ils recommandent à chaque fois de passer par un logiciel payant (logiciel qui va scanner les problèmes mais pour les enlever faut acheter le logiciel). Connaissez-vous ce virus ? Savez-vous comment l'enlever ? Ou connaissez-vous un logiciel efficace contre ce genre de chose ? De préférence un logiciel libre ou gratuit ou à défaut une démo qui paut quand même être utilisée convenablement. Merci d'avance


Configuration: Windows Vista / Opera 9.80

Malekal_morte- · Answer

Salut, 

Télécharge ça : https://www.luanagames.com/index.fr.html 
Tu le renommes en winlogon ou iexplore s'il est bloqué. Lances en option 2. 
Poste le rapport ici. 

Ensuite : 
Télécharge et installe Malwarebyte : https://www.malekal.com/tutoriel-malwarebyte-anti-malware/ 
Mets le à jour, fais un scan, supprime tout et poste le rapport ici. 



puis : 

Tu peux suivre les indications de cette page pour t'aider : https://www.malekal.com/tutorial-otl/ 

* Télécharge http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/ sur ton bureau. 
(Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur) 

* Lance OTL 
* Sous Peronnalisation, copie-colle ce qu'il y a dans le cadre ci-dessous : 
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE\%Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%temp%\.exe /s
%SYSTEMDRIVE%\*.exe
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
/md5start
explorer.exe
winlogon.exe
wininit.exe
/md5stop
CREATERESTOREPOINT
nslookup www.google.fr /c 
* Clique sur le bouton Analyse. 
* Quand le scan est fini, utilise le site http://www.cijoint.fr/ pour me donner les deux rapports : OTL.Txt et Extras.Txt.

bob.arnould · Answer

RogueKiller V3.8.4 by Tigzy contact at https://www.luanagames.com/index.fr.html mail: tigzyRKgmailcom Feedback: https://www.luanagames.com/index.fr.html Operating System: Windows Vista (6.0.6002 Service Pack 2) version 32 bits User: Admin Mode: Scan -- Time : 30/01/2011 23:48:56 Bad processes: Killed c:\users\léonard\appdata\roaming\cjubio.exe Found: HKCU\...\Winlogon\ Shell : C:\Users\Léonard\AppData\Roaming\cjubio.exe Fichier HOSTS: 127.0.0.1 localhost ::1 localhost Finished RogueKiller V3.8.4 by Tigzy contact at https://www.luanagames.com/index.fr.html mail: tigzyRKgmailcom Feedback: https://www.luanagames.com/index.fr.html Operating System: Windows Vista (6.0.6002 Service Pack 2) version 32 bits User: Admin Mode: Scan -- Time : 30/01/2011 23:51:53 Bad processes: voilà le rapport après analyse de rogue killer

bob.arnould · Answer

Et voilà le rapport de malwarebytes. Merci pour cette aide qui m'aura sans doute bien servi

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Version de la base de données: 5642

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18999

31/01/2011 01:14:33
mbam-log-2011-01-31 (01-14-33).txt

Type d'examen: Examen complet (C:\|)
Elément(s) analysé(s): 268066
Temps écoulé: 1 heure(s), 0 minute(s), 52 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 31
Valeur(s) du Registre infectée(s): 4
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 16
Fichier(s) infecté(s): 27

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\AppID\{0D82ACD6-A652-4496-A298-2BDE705F4227} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{7025E484-D4B0-441a-9F0B-69063BD679CE} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{8258B35C-05B8-4c0e-9525-9BCCC70F8F2D} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{A89256AD-EC17-4a83-BEF5-4B8BC4F39306} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1602F07D-8BF3-4c08-BDD6-DDDB1C48AEDC} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{C55CA95C-324B-451C-B2D2-6E895AA75FEC} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{30B15818-E110-4527-9C05-46ACE5A3460D} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ClickPotatoLiteAX.Info.1 (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ClickPotatoLiteAX.Info (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1602F07D-8BF3-4C08-BDD6-DDDB1C48AEDC} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7A3D6D17-9DD5-4C60-8076-D1784DABAF8C} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{814BAA91-DC22-4350-87D6-0C86E93F7F08} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{419EDA30-6DFF-432C-B534-E15D899ABEE4} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MenuButtonIE.ButtonIE.1 (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MenuButtonIE.ButtonIE (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{AC6D819E-AA8F-4418-A3BB-D165C1B18BB5} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ClickPotatoLiteAX.UserProfiles.1 (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ClickPotatoLiteAX.UserProfiles (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AC6D819E-AA8F-4418-A3BB-D165C1B18BB5} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7} (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{69725738-CD68-4f36-8D02-8C43722EE5DA} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ClickPotatoLiteSA (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.Reporter (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.Reporter.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\MenuButtonIE.DLL (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\clickpotatolitesa (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\ClickPotatoLite (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\ResultBar (Adware.ResultBar) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} (Adware.Zango) -> Value: {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} (Adware.Zango) -> Value: {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\SRS_IT_E8790477BC76545436AE95 (Malware.Trace) -> Value: SRS_IT_E8790477BC76545436AE95 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\extensions\ClickPotatoLite@ClickPotatoLite.com (Adware.ClickPotato) -> Value: ClickPotatoLite@ClickPotatoLite.com -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
c:\programdata\2aca5cc3-0f83-453d-a079-1076fe1a8b65 (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\programdata\clickpotatolitesa (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\Users\Léonard\AppData\Roaming\clickpotatolite (Adware.ClickPotato) -> Delete on reboot.
c:\programdataesultbar (Adware.ResultBar) -> Quarantined and deleted successfully.
c:\program files\clickpotatolite (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files\clickpotatolite\bin (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files\clickpotatolite\bin\10.0.630.0 (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files\clickpotatolite\bin\10.0.630.0\firefox (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files\clickpotatolite\bin\10.0.630.0\firefox\extensions (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files\clickpotatolite\bin\10.0.630.0\firefox\extensions\plugins (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files\mozilla firefox\extensions\{34efa911-b536-4c08-bece-cd5e55c875b0} (Adware.ResultBar) -> Delete on reboot.
c:\program files\mozilla firefox\extensions\{34efa911-b536-4c08-bece-cd5e55c875b0}\chrome (Adware.ResultBar) -> Delete on reboot.
c:\program files\mozilla firefox\extensions\{34efa911-b536-4c08-bece-cd5e55c875b0}\defaults (Adware.ResultBar) -> Quarantined and deleted successfully.
c:\program files\mozilla firefox\extensions\{34efa911-b536-4c08-bece-cd5e55c875b0}\defaults\preferences (Adware.ResultBar) -> Quarantined and deleted successfully.
c:\program filesesultbar (Adware.ResultBar) -> Quarantined and deleted successfully.
c:\programdata\microsoft\Windows\start menu\Programs\clickpotato (Adware.ClickPotato) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
c:\program files\clickpotatolite\bin\10.0.630.0\clickpotatolitesaax.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files\clickpotatolite\bin\10.0.630.0\clickpotatolitesabho.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files\clickpotatolite\bin\10.0.630.0\clickpotatolitesahook.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files\clickpotatolite\bin\10.0.630.0\clickpotatoliteuninstaller.exe (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files\clickpotatolite\bin\10.0.630.0\launchhelp.dll (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\program files\clickpotatolite\bin\10.0.630.0\firefox\extensions\plugins
pclntax_clickpotatolitesa.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files\mozilla firefox\plugins
pclntax_clickpotatolitesa.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program filesesultbaresultbar.exe (Adware.ResultBar) -> Quarantined and deleted successfully.
c:\programdataesultbaresultbar113.exe (Adware.ResultBar) -> Quarantined and deleted successfully.
c:\Temp\vlc-1.1.5-win32.exe (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\Users\Léonard\AppData\Roaming\cjubio.exe (Trojan.FakeAlert.Gen) -> Quarantined and deleted successfully.
c:\Users\Léonard\documents\documents de eole\downloads\programmes\vlc_setup1.1.5-win32.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Users\Léonard\AppData\Roaming\apiqfw.dat (Malware.Trace) -> Quarantined and deleted successfully.
c:\Users\Léonard\AppData\Roaming\avdrn.dat (Malware.Trace) -> Quarantined and deleted successfully.
c:\programdata\clickpotatolitesa\clickpotatolitesa.dat (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\programdata\clickpotatolitesa\clickpotatolitesaabout.mht (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\programdata\clickpotatolitesa\clickpotatolitesaau.dat (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\programdata\clickpotatolitesa\clickpotatolitesaeula.mht (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\programdata\clickpotatolitesa\clickpotatolitesa_kyf.dat (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files\clickpotatolite\bin\10.0.630.0\firefox\extensions\install.rdf (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files\mozilla firefox\extensions\{34efa911-b536-4c08-bece-cd5e55c875b0}\chrome.manifest (Adware.ResultBar) -> Quarantined and deleted successfully.
c:\program files\mozilla firefox\extensions\{34efa911-b536-4c08-bece-cd5e55c875b0}\install.rdf (Adware.ResultBar) -> Quarantined and deleted successfully.
c:\program files\mozilla firefox\extensions\{34efa911-b536-4c08-bece-cd5e55c875b0}\chromeesultbar.jar (Adware.ResultBar) -> Delete on reboot.
c:\program files\mozilla firefox\extensions\{34efa911-b536-4c08-bece-cd5e55c875b0}\defaults\preferences\prefs.js (Adware.ResultBar) -> Quarantined and deleted successfully.
c:\programdata\microsoft\Windows\start menu\Programs\clickpotato\About Us.lnk (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\programdata\microsoft\Windows\start menu\Programs\clickpotato\clickpotato customer support.lnk (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\programdata\microsoft\Windows\start menu\Programs\clickpotato\clickpotato uninstall instructions.lnk (Adware.ClickPotato) -> Quarantined and deleted successfully.

Malekal_morte- · Answer

c:\Temp\vlc-1.1.5-win32.exe (Adware.Hotbar) -> Quarantined and deleted successfully. 

tu as installé le faux plugin VLC qui a mis plein d'adwares ClickPotato etc ......
Faire attetnion à ce que tu télécharges

~~

manque les rapports OTL.

Malekal_morte- · Answer

@bob.arnould : on me dit à mon oreillette, que tu n'as pas passé RogueKiller en mode nettoyage, fais le et poste le rapport ici.

Ensuite OTL.

bob.arnould · Answer

désolé j'ai pas pu terminer hier. le gros du virus est parti, je vais recommencer roguekiller puis otl. je reposte ici quand ce sera fait

bob.arnould · Answer

J'ai relancé Rogue Killer en mode 2 et voilà le rapport. L'ai-je lancé correctement cette fois-ci ? J'avoue que je ne comprends pas très bien ce genre de trucs. RogueKiller V3.8.4 by Tigzy contact at https://www.luanagames.com/index.fr.html mail: tigzyRKgmailcom Feedback: https://www.luanagames.com/index.fr.html Operating System: Windows Vista (6.0.6002 Service Pack 2) version 32 bits User: Admin Mode: Scan -- Time : 30/01/2011 23:48:56 Bad processes: Killed c:\users\léonard\appdata\roaming\cjubio.exe Found: HKCU\...\Winlogon\ Shell : C:\Users\Léonard\AppData\Roaming\cjubio.exe Fichier HOSTS: 127.0.0.1 localhost ::1 localhost Finished RogueKiller V3.8.4 by Tigzy contact at https://www.luanagames.com/index.fr.html mail: tigzyRKgmailcom Feedback: https://www.luanagames.com/index.fr.html Operating System: Windows Vista (6.0.6002 Service Pack 2) version 32 bits User: Admin Mode: Scan -- Time : 30/01/2011 23:51:53 Bad processes: Found: HKCU\...\Winlogon\ Shell : C:\Users\Léonard\AppData\Roaming\cjubio.exe Fichier HOSTS: 127.0.0.1 localhost ::1 localhost Finished RogueKiller V3.8.4 by Tigzy contact at https://www.luanagames.com/index.fr.html mail: tigzyRKgmailcom Feedback: https://www.luanagames.com/index.fr.html Operating System: Windows Vista (6.0.6002 Service Pack 2) version 32 bits User: Admin Mode: Remove -- Time : 30/01/2011 23:53:14 Bad processes: Deregistred: HKCU\...\Winlogon\ Shell : C:\Users\Léonard\AppData\Roaming\cjubio.exe Fichier HOSTS: 127.0.0.1 localhost ::1 localhost Finished RogueKiller V3.8.4 by Tigzy contact at https://www.luanagames.com/index.fr.html mail: tigzyRKgmailcom Feedback: https://www.luanagames.com/index.fr.html Operating System: Windows Vista (6.0.6002 Service Pack 2) version 32 bits User: Admin Mode: Remove -- Time : 31/01/2011 19:28:57 Bad processes: Deregistred: Fichier HOSTS: 127.0.0.1 localhost ::1 localhost Finished RogueKiller V3.8.4 by Tigzy contact at https://www.luanagames.com/index.fr.html mail: tigzyRKgmailcom Feedback: https://www.luanagames.com/index.fr.html Operating System: Windows Vista (6.0.6002 Service Pack 2) version 32 bits User: Admin Mode: Scan -- Time : 31/01/2011 19:30:53 Bad processes: Found: Fichier HOSTS: 127.0.0.1 localhost ::1 localhost Finished RogueKiller V3.8.4 by Tigzy contact at https://www.luanagames.com/index.fr.html mail: tigzyRKgmailcom Feedback: https://www.luanagames.com/index.fr.html Operating System: Windows Vista (6.0.6002 Service Pack 2) version 32 bits User: Admin Mode: Scan -- Time : 31/01/2011 19:32:25 Bad processes: Found: Fichier HOSTS: 127.0.0.1 localhost ::1 localhost Finished RogueKiller V3.8.4 by Tigzy contact at https://www.luanagames.com/index.fr.html mail: tigzyRKgmailcom Feedback: https://www.luanagames.com/index.fr.html Operating System: Windows Vista (6.0.6002 Service Pack 2) version 32 bits User: Admin Mode: Remove -- Time : 31/01/2011 19:52:02 Bad processes: Deregistred: Fichier HOSTS: 127.0.0.1 localhost ::1 localhost Finished

bob.arnould · Answer

Voilà j'ai fini le scan avec otl. J'ai posté le fichier à l'adresse indiquée plus haut.

Malekal_morte- · Answer

Je vois pas les rapports cijoint OTL.
Donne les stp.

Malekal_morte- · Answer

Si cijoint merdouille....
Copie/colle les rapports sur ce site : https://pastebin.com/
puis submit en bas
et tu donnes les liens.

bob.arnould · Answer

Voilà les rapports le fichier OTL est là http://pastebin.com/9CKFXmLC
et le fichier extras ici http://pastebin.com/z88vZmYY

J'ai une autre question. Que dois-je garder installé comme logiciels dans ceux que je viens de télécharger ? Et connaissez-vous un logiciel pour ranger les fichiers systèmes ? Parce qu'ils sont un peu partout maintenant.

Malekal_morte- · Answer

Les barres d'outils sont là pour t'affilier à un service (moteur de recherche de Yahoo! ou Google), ça rajoute des fonctionnalités mais en général les navigateurs les ont par défaut.
Plusieurs toolbars ralentissent le PC et peuvent faire planter les navigateurs WEB.
Au final, il est pas conseillé d'en utiliser.
Lire :
Les toolbars c'est pas obligatoire!

Désinstalle ça :
conduitEngine
"NCH Toolbar" = NCH Toolbar
"Softonic_France Toolbar" = Softonic_France Toolbar

~~

Sinon touche pas aux fichiers systèmes

Fais plus attention à ce que tu installes

Maintiens tes logiciel à jour c'est important, utilise ce programme : /faq/13362-mettre-a-jour-son-pc-contre-les-failles-de-securite
Absolument à faire.

Les antivirus ne font pas tout en ce qui concerne la sécurité de ta machine (mettre à jour ses logiciels etc etc)
La meilleur protection reste de connaître les infections pour pouvoir les éviter et avoir de bonne habitude.
Donc faut se documenter.

Un peu de lecture pour éviter les infections :
- connaitre et éviter les infections : https://www.malekal.com/fichiers/projetantimalwares/ProjetAntiMalware-courte.pdf
- sécuriser son PC : http://forum.malekal.com/comment-securiser-son-ordinateur.html
- lire : http://www.commentcamarche.net/faq/27128-malwares-quels-enjeux-version-synthese

Ce qu'il ne faut pas faire :
Je télécharge n'importe quoi - je m'infecte :

https://forums.commentcamarche.net/forum/affich-19719198-onglets-pub-intempestifs#14

https://forums.commentcamarche.net/forum/affich-18347759-le-nouveau-avast-sonne-trop-souvent#9

Je télécharge depuis n'importe où - je m'infecte : https://forums.commentcamarche.net/forum/affich-19916973-clickpotato-vlc-virus#6
Recommandations sur la sécurité : https://forums.commentcamarche.net/forum/affich-18680013-windows-7-et-antispyware#1

Fonctionnement de quelques catégories de malwares :

https://forums.commentcamarche.net/forum/affich-17725521-virus-programme-troyen

https://forums.commentcamarche.net/forum/affich-17746390-concernant-la-propagation-des-virus

Si tu as des questions sur le fonctionement des malwares.
N'hésite pas.