Ordinateur bloqué virus: Votre fournissueur d'accès à Internet..
Résolu
jejeb84
Messages postés
7
Date d'inscription
Statut
Membre
Dernière intervention
-
jejeb84 Messages postés 7 Date d'inscription Statut Membre Dernière intervention -
jejeb84 Messages postés 7 Date d'inscription Statut Membre Dernière intervention -
Bonjour,
Je suis infecté par le virus ransomware :"Votre fournisseur d'accès à Internet est bloqué", j'ai suivi une discussion sur le forum car je n'arrivais pas a démarrer le PC , j'ai donc téléchargé OTLPE, j'ai fais le scan mais je ne sais pas quoi faire après? si quelqu'un peut m'aider merci.
Je suis infecté par le virus ransomware :"Votre fournisseur d'accès à Internet est bloqué", j'ai suivi une discussion sur le forum car je n'arrivais pas a démarrer le PC , j'ai donc téléchargé OTLPE, j'ai fais le scan mais je ne sais pas quoi faire après? si quelqu'un peut m'aider merci.
A voir également:
- Ordinateur bloqué virus: Votre fournissueur d'accès à Internet..
- Ordinateur - Guide
- Pad ordinateur bloqué - Guide
- Ordinateur qui rame - Guide
- Réinitialiser ordinateur - Guide
- Code puk bloqué - Guide
10 réponses
Salut,
Donne le rapport OTLPE - si possible en utilisant http://www.pjjoint.malekal.com
Like the angel you are, you laugh creating a lightness in my chest,
Your eyes they penetrate me,
(Your answer's always 'maybe')
That's when I got up and left
Donne le rapport OTLPE - si possible en utilisant http://www.pjjoint.malekal.com
Like the angel you are, you laugh creating a lightness in my chest,
Your eyes they penetrate me,
(Your answer's always 'maybe')
That's when I got up and left
Bonjour,
Désolé, je n'arrive pas à ouvrir la page http://pjjoint.malekal.com, j'ai donc chargé les rapports OTPE sur le site cjoint, en espérant que vous puissiez les lire. OTLPE ma sortie 2 rapports, 1 nommé "OTL.Txt", et l'autre "Extras.Txt.
Rapport OTL.Txt: https://www.cjoint.com/?3IcSyxO9sZ
Rapport Extras.Txt : https://www.cjoint.com/?3IcpmsbMqJ7
Merci d'avance
Désolé, je n'arrive pas à ouvrir la page http://pjjoint.malekal.com, j'ai donc chargé les rapports OTPE sur le site cjoint, en espérant que vous puissiez les lire. OTLPE ma sortie 2 rapports, 1 nommé "OTL.Txt", et l'autre "Extras.Txt.
Rapport OTL.Txt: https://www.cjoint.com/?3IcSyxO9sZ
Rapport Extras.Txt : https://www.cjoint.com/?3IcpmsbMqJ7
Merci d'avance
Relance OTL.
o sous Personnalisation (Custom Scan), copie_colle le contenu du cadre ci dessous (bien prendre :OTL en début).
Clic Correction (Fix), un rapport apparraitra, copie/colle le contenu ici:
:OTL
O4 - HKU\Guest_ON_C..\Run: [vwtMRQnx] C:\Documents and Settings\Guest\Local Settings\Application Data\Microsoft\wXFrrODt.exe ()
O4 - HKU\Jérôme_ON_C..\Run: [vwtMRQnx] C:\Documents and Settings\Jérôme\Local Settings\Application Data\Microsoft\wXFrrODt.exe ()
O4 - HKU\Administrateur.JB-PC_ON_C..\Run: [vwtMRQnx] C:\Documents and Settings\Administrateur.JB-PC\Local Settings\Application Data\Microsoft\wXFrrODt.exe ()
O20 - HKLM Winlogon: UserInit - (C:\Program Files\QuickTime\ntHNOegC.exe) - C:\Program Files\QuickTime\ntHNOegC.exe ()
[2013/08/27 14:48:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Guest\Local Settings\Application Data\GNbzkoHn
[2013/08/27 12:37:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Guest\Local Settings\Application Data\Dirty
[2013/08/27 12:37:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Guest\Application Data\Dirty
[2013/08/27 08:23:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur.JB-PC\Application Data\iSafe
[2013/08/27 08:23:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur.JB-PC\Local Settings\Application Data\GNbzkoHn
[2013/08/27 08:15:40 | 000,633,672 | ---- | C] (Woodtale Technology Inc) -- C:\Documents and Settings\Administrateur.JB-PC\Bureau\iSafedl.exe
[2013/08/27 07:51:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur.JB-PC\Local Settings\Application Data\Dirty
[2013/08/27 07:51:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur.JB-PC\Application Data\Dirty
[2013/08/23 11:39:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jérôme\Local Settings\Application Data\GNbzkoHn
[2013/08/23 11:39:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jérôme\Local Settings\Application Data\ydetCJMi
[2013/08/23 11:39:24 | 000,000,000 | ---D | C] -- C:\Program Files\Dirty
[2013/08/23 11:39:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jérôme\Local Settings\Application Data\Dirty
[2013/08/23 11:39:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jérôme\Application Data\Dirty
[HKLM\SOFTWARE_ON_C\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
* donne le rapport, redémarre le PC
o sous Personnalisation (Custom Scan), copie_colle le contenu du cadre ci dessous (bien prendre :OTL en début).
Clic Correction (Fix), un rapport apparraitra, copie/colle le contenu ici:
:OTL
O4 - HKU\Guest_ON_C..\Run: [vwtMRQnx] C:\Documents and Settings\Guest\Local Settings\Application Data\Microsoft\wXFrrODt.exe ()
O4 - HKU\Jérôme_ON_C..\Run: [vwtMRQnx] C:\Documents and Settings\Jérôme\Local Settings\Application Data\Microsoft\wXFrrODt.exe ()
O4 - HKU\Administrateur.JB-PC_ON_C..\Run: [vwtMRQnx] C:\Documents and Settings\Administrateur.JB-PC\Local Settings\Application Data\Microsoft\wXFrrODt.exe ()
O20 - HKLM Winlogon: UserInit - (C:\Program Files\QuickTime\ntHNOegC.exe) - C:\Program Files\QuickTime\ntHNOegC.exe ()
[2013/08/27 14:48:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Guest\Local Settings\Application Data\GNbzkoHn
[2013/08/27 12:37:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Guest\Local Settings\Application Data\Dirty
[2013/08/27 12:37:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Guest\Application Data\Dirty
[2013/08/27 08:23:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur.JB-PC\Application Data\iSafe
[2013/08/27 08:23:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur.JB-PC\Local Settings\Application Data\GNbzkoHn
[2013/08/27 08:15:40 | 000,633,672 | ---- | C] (Woodtale Technology Inc) -- C:\Documents and Settings\Administrateur.JB-PC\Bureau\iSafedl.exe
[2013/08/27 07:51:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur.JB-PC\Local Settings\Application Data\Dirty
[2013/08/27 07:51:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur.JB-PC\Application Data\Dirty
[2013/08/23 11:39:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jérôme\Local Settings\Application Data\GNbzkoHn
[2013/08/23 11:39:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jérôme\Local Settings\Application Data\ydetCJMi
[2013/08/23 11:39:24 | 000,000,000 | ---D | C] -- C:\Program Files\Dirty
[2013/08/23 11:39:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jérôme\Local Settings\Application Data\Dirty
[2013/08/23 11:39:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jérôme\Application Data\Dirty
[HKLM\SOFTWARE_ON_C\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
* donne le rapport, redémarre le PC
Voici ci-dessous le nouveau rapport:
========== OTL ==========
Registry value HKEY_USERS\Guest_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\vwtMRQnx deleted successfully.
C:\Documents and Settings\Guest\Local Settings\Application Data\Microsoft\wXFrrODt.exe moved successfully.
Registry value HKEY_USERS\Jérôme_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\vwtMRQnx deleted successfully.
C:\Documents and Settings\Jérôme\Local Settings\Application Data\Microsoft\wXFrrODt.exe moved successfully.
Registry value HKEY_USERS\Administrateur.JB-PC_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\vwtMRQnx deleted successfully.
C:\Documents and Settings\Administrateur.JB-PC\Local Settings\Application Data\Microsoft\wXFrrODt.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:C:\Program Files\QuickTime\ntHNOegC.exe deleted successfully.
C:\Program Files\QuickTime\ntHNOegC.exe moved successfully.
C:\Documents and Settings\Guest\Local Settings\Application Data\GNbzkoHn\images\content folder moved successfully.
C:\Documents and Settings\Guest\Local Settings\Application Data\GNbzkoHn\images folder moved successfully.
C:\Documents and Settings\Guest\Local Settings\Application Data\GNbzkoHn\css folder moved successfully.
C:\Documents and Settings\Guest\Local Settings\Application Data\GNbzkoHn folder moved successfully.
C:\Documents and Settings\Guest\Local Settings\Application Data\Dirty folder moved successfully.
C:\Documents and Settings\Guest\Application Data\Dirty folder moved successfully.
C:\Documents and Settings\Administrateur.JB-PC\Application Data\iSafe folder moved successfully.
C:\Documents and Settings\Administrateur.JB-PC\Local Settings\Application Data\GNbzkoHn\images\content folder moved successfully.
C:\Documents and Settings\Administrateur.JB-PC\Local Settings\Application Data\GNbzkoHn\images folder moved successfully.
C:\Documents and Settings\Administrateur.JB-PC\Local Settings\Application Data\GNbzkoHn\css folder moved successfully.
C:\Documents and Settings\Administrateur.JB-PC\Local Settings\Application Data\GNbzkoHn folder moved successfully.
C:\Documents and Settings\Administrateur.JB-PC\Bureau\iSafedl.exe moved successfully.
C:\Documents and Settings\Administrateur.JB-PC\Local Settings\Application Data\Dirty folder moved successfully.
C:\Documents and Settings\Administrateur.JB-PC\Application Data\Dirty folder moved successfully.
C:\Documents and Settings\Jérôme\Local Settings\Application Data\GNbzkoHn\images\content folder moved successfully.
C:\Documents and Settings\Jérôme\Local Settings\Application Data\GNbzkoHn\images folder moved successfully.
C:\Documents and Settings\Jérôme\Local Settings\Application Data\GNbzkoHn\css folder moved successfully.
C:\Documents and Settings\Jérôme\Local Settings\Application Data\GNbzkoHn folder moved successfully.
C:\Documents and Settings\Jérôme\Local Settings\Application Data\ydetCJMi folder moved successfully.
C:\Program Files\Dirty folder moved successfully.
C:\Documents and Settings\Jérôme\Local Settings\Application Data\Dirty folder moved successfully.
C:\Documents and Settings\Jérôme\Application Data\Dirty folder moved successfully.
File LM\SOFTWARE_ON_C\Microsoft\Windows NT\CurrentVersion\Winlogon] not found.
OTLPE by OldTimer - Version 3.1.48.0 log created on 09022013_185257
========== OTL ==========
Registry value HKEY_USERS\Guest_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\vwtMRQnx deleted successfully.
C:\Documents and Settings\Guest\Local Settings\Application Data\Microsoft\wXFrrODt.exe moved successfully.
Registry value HKEY_USERS\Jérôme_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\vwtMRQnx deleted successfully.
C:\Documents and Settings\Jérôme\Local Settings\Application Data\Microsoft\wXFrrODt.exe moved successfully.
Registry value HKEY_USERS\Administrateur.JB-PC_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\vwtMRQnx deleted successfully.
C:\Documents and Settings\Administrateur.JB-PC\Local Settings\Application Data\Microsoft\wXFrrODt.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:C:\Program Files\QuickTime\ntHNOegC.exe deleted successfully.
C:\Program Files\QuickTime\ntHNOegC.exe moved successfully.
C:\Documents and Settings\Guest\Local Settings\Application Data\GNbzkoHn\images\content folder moved successfully.
C:\Documents and Settings\Guest\Local Settings\Application Data\GNbzkoHn\images folder moved successfully.
C:\Documents and Settings\Guest\Local Settings\Application Data\GNbzkoHn\css folder moved successfully.
C:\Documents and Settings\Guest\Local Settings\Application Data\GNbzkoHn folder moved successfully.
C:\Documents and Settings\Guest\Local Settings\Application Data\Dirty folder moved successfully.
C:\Documents and Settings\Guest\Application Data\Dirty folder moved successfully.
C:\Documents and Settings\Administrateur.JB-PC\Application Data\iSafe folder moved successfully.
C:\Documents and Settings\Administrateur.JB-PC\Local Settings\Application Data\GNbzkoHn\images\content folder moved successfully.
C:\Documents and Settings\Administrateur.JB-PC\Local Settings\Application Data\GNbzkoHn\images folder moved successfully.
C:\Documents and Settings\Administrateur.JB-PC\Local Settings\Application Data\GNbzkoHn\css folder moved successfully.
C:\Documents and Settings\Administrateur.JB-PC\Local Settings\Application Data\GNbzkoHn folder moved successfully.
C:\Documents and Settings\Administrateur.JB-PC\Bureau\iSafedl.exe moved successfully.
C:\Documents and Settings\Administrateur.JB-PC\Local Settings\Application Data\Dirty folder moved successfully.
C:\Documents and Settings\Administrateur.JB-PC\Application Data\Dirty folder moved successfully.
C:\Documents and Settings\Jérôme\Local Settings\Application Data\GNbzkoHn\images\content folder moved successfully.
C:\Documents and Settings\Jérôme\Local Settings\Application Data\GNbzkoHn\images folder moved successfully.
C:\Documents and Settings\Jérôme\Local Settings\Application Data\GNbzkoHn\css folder moved successfully.
C:\Documents and Settings\Jérôme\Local Settings\Application Data\GNbzkoHn folder moved successfully.
C:\Documents and Settings\Jérôme\Local Settings\Application Data\ydetCJMi folder moved successfully.
C:\Program Files\Dirty folder moved successfully.
C:\Documents and Settings\Jérôme\Local Settings\Application Data\Dirty folder moved successfully.
C:\Documents and Settings\Jérôme\Application Data\Dirty folder moved successfully.
File LM\SOFTWARE_ON_C\Microsoft\Windows NT\CurrentVersion\Winlogon] not found.
OTLPE by OldTimer - Version 3.1.48.0 log created on 09022013_185257
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Relance OTL.
o sous Personnalisation (Custom Scan), copie_colle le contenu du cadre ci dessous (bien prendre :OTL en début).
Clic Correction (Fix), un rapport apparraitra, copie/colle le contenu ici:
:reg
[HKLM\SOFTWARE_ON_C\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
* Redémarre sur ton Windows, voir si tu as à nouveau la main.
Like the angel you are, you laugh creating a lightness in my chest,
Your eyes they penetrate me,
(Your answer's always 'maybe')
That's when I got up and left
o sous Personnalisation (Custom Scan), copie_colle le contenu du cadre ci dessous (bien prendre :OTL en début).
Clic Correction (Fix), un rapport apparraitra, copie/colle le contenu ici:
:reg
[HKLM\SOFTWARE_ON_C\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
* Redémarre sur ton Windows, voir si tu as à nouveau la main.
Like the angel you are, you laugh creating a lightness in my chest,
Your eyes they penetrate me,
(Your answer's always 'maybe')
That's when I got up and left
voici le dernier rapport:
========== REGISTRY ==========
HKLM\SOFTWARE_ON_C\Microsoft\Windows NT\CurrentVersion\Winlogon\\"Userinit"|"C:\\WINDOWS\\system32\\userinit.exe," /E : value set successfully!
OTLPE by OldTimer - Version 3.1.48.0 log created on 09022013_201303
========== REGISTRY ==========
HKLM\SOFTWARE_ON_C\Microsoft\Windows NT\CurrentVersion\Winlogon\\"Userinit"|"C:\\WINDOWS\\system32\\userinit.exe," /E : value set successfully!
OTLPE by OldTimer - Version 3.1.48.0 log created on 09022013_201303
Pour le moment ça fonctionne, j'ai pu aller sur internet et pas de virus pour le moment.
Merci beaucoup
Merci beaucoup
Ton malware chiffre les documents, il n'est pas possible des les récupérer.
Ce dernier se propage par de faux Flash Player sur les sites pornographiques.
Quand tu es sur les sites pornographiques et qu'on te propose Flash, faut refuser, ce sont des virus.
Plus d'infos : https://www.malekal.com/dirtydecrypt-et-virus-police-ministere-de-linterieur/
Aussi tu as Ad-Aware antivirus, je suis pas certains qu'il soit super efficace.
Sécuriser son PC : http://forum.malekal.com/comment-securiser-son-ordinateur.html
Ce dernier se propage par de faux Flash Player sur les sites pornographiques.
Quand tu es sur les sites pornographiques et qu'on te propose Flash, faut refuser, ce sont des virus.
Plus d'infos : https://www.malekal.com/dirtydecrypt-et-virus-police-ministere-de-linterieur/
Aussi tu as Ad-Aware antivirus, je suis pas certains qu'il soit super efficace.
Sécuriser son PC : http://forum.malekal.com/comment-securiser-son-ordinateur.html