Breaking News Alert Résolu/Fermé

Question

Bonjour à tous, 

Je suis nouveau sur le forum et comme j'ai pu le voir, beaucoup de gens ont été infecté par ce virus, et ont fini par trouver une solution.

J'ai donc suivi le maximum d'étapes pour me débrouiller seul, et j'en suis désormais à ce points, j'ai les trois liens générés par le logiciel FRST, et je ne sais désormais pas quoi faire avec : 

https://pjjoint.malekal.com/files.php?id=20150709_q515q5v5v13
https://pjjoint.malekal.com/files.php?id=20150709_j11y11n13g6m10
https://pjjoint.malekal.com/files.php?id=20150709_m8z6k7f14w6

Un coup de main ne serait pas de refus !

Merci d'avance à ceux qui essayeront de m'aider ! :)

Malekal_morte- · Answer

Salut,

Je regarde cela.

Cyrial42 · Answer

Déjà, un grand merci pour ta réactivité, c'est super sympa ! Voici le contenu du fichier après redémarrage : Fix result of Farbar Recovery Scan Tool (x64) Version:05-07-2015 Ran by Martin at 2015-07-09 16:10:29 Run:1 Running from C:\Users\Martin\Desktop Loaded Profiles: Martin (Available Profiles: Martin) Boot Mode: Normal ============================================== fixlist content: HKU\S-1-5-21-1151583445-1938816678-1973413860-1001\...\Run: [Super Optimizer] => C:\Program Files (x86)\Super Optimizer\SupOptLauncher.exe BHO-x32: LuckyTab Class -> {51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F} -> C:\Program Files (x86)\MiuiTab\SupTab.dll No File R2 QBDPAZVvVtb; C:\ProgramData\bSKlKwuDmtJ\QBDPAZVvVtb.exe [2731488 2015-06-12] (Useful Technology) S2 53a1c4d9; c:\Program Files (x86)\Optimizer Pro 3.96\OptProMon.dll [2985616 2015-06-12] () <==== ATTENTION 2015-06-12 14:31 - 2015-06-12 14:31 - 00000000 ____D C:\ProgramData\InstallSightSDK 2015-06-12 14:20 - 2015-07-08 20:48 - 00000000 ____D C:\ProgramData\Ealluelrroiu 2015-06-12 14:20 - 2015-06-12 14:20 - 00003260 _____ C:\WINDOWS\System32\Tasks\Optimizer Pro Schedule 2015-06-12 14:18 - 2015-06-12 14:19 - 00000000 _____ C:\WINDOWS\act.exe 2015-06-12 14:16 - 2015-07-09 02:53 - 00000000 ____D C:\Users\Martin\AppData\Local\BreakingNewsAlert 2015-06-12 14:16 - 2015-06-12 14:16 - 00000000 ____D C:\ProgramData\IHProtectUpDate 2015-06-12 14:16 - 2015-06-12 14:16 - 00000000 _____ C:\WINDOWS\prleth.sys 2015-06-12 14:16 - 2015-06-12 14:16 - 00000000 _____ C:\WINDOWS\hgfs.sys 2015-06-12 14:15 - 2015-06-12 17:31 - 00000000 ____D C:\ProgramData\{13127d68-f301-4004-1312-27d68f30f5a3} 2015-06-12 14:15 - 2015-06-12 14:38 - 00000000 ____D C:\Users\Martin\AppData\Roaming\mystartsearch 2015-06-12 14:15 - 2015-06-12 14:38 - 00000000 ____D C:\ProgramData\MailUpdate 2015-06-12 14:15 - 2015-06-12 14:23 - 00000362 _____ C:\WINDOWS\Tasks\Bidaily Synchronize Task[74c7].job 2015-06-12 14:15 - 2015-06-12 14:23 - 00000362 _____ C:\WINDOWS\Tasks\Bidaily Synchronize Task[3c32].job 2015-06-12 14:15 - 2015-06-12 14:16 - 00000000 ____D C:\Program Files (x86)\Super Optimizer 2015-06-12 14:15 - 2015-06-12 14:15 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GUPlayer 2015-06-12 14:15 - 2015-06-12 14:15 - 00000000 ____D C:\Users\Martin\AppData\Roaming\MailUpdate 2015-06-12 14:15 - 2015-06-12 14:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Super Optimizer 2015-06-12 14:15 - 2015-06-12 14:15 - 00000000 ____D C:\ProgramData\bSKlKwuDmtJ 2015-06-12 14:15 - 2015-06-12 14:15 - 00000000 ____D C:\Program Files (x86)\Optimizer Pro 3.96 2015-06-12 14:15 - 2013-08-22 15:25 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hp.bak 2015-06-12 14:14 - 2015-06-25 01:21 - 00000000 ____D C:\Users\Martin\AppData\Roaming\4C4C4544-1434111278-4E10-8037-B1C04F325831 2015-06-12 14:14 - 2015-06-12 17:31 - 00000000 ____D C:\ProgramData\{a1ea59da-03b8-a2e3-a1ea-a59da03b6768} 2015-06-12 14:14 - 2015-06-12 14:30 - 00000000 ____D C:\Users\Martin\AppData\Local\WebBar 2015-06-12 14:14 - 2015-06-12 14:30 - 00000000 ____D C:\Program Files\WebBar 2015-06-12 14:14 - 2015-06-12 14:14 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PepperZip 2015-06-12 14:14 - 2015-06-12 14:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PepperZip 2015-06-12 12:52 - 2015-06-12 12:52 - 00000000 ____D C:\Program Files (x86)\Dell Digital Delivery 2015-06-23 19:01 - 2015-06-23 19:01 - 02326976 _____ (Beepa Pty Ltd) C:\Users\Martin\Downloads\setup.exe HKU\S-1-5-21-1151583445-1938816678-1973413860-1001\Software\Microsoft\Windows\CurrentVersion\Run\Super Optimizer => value removed successfully "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}" => key removed successfully "HKCR\Wow6432Node\CLSID\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}" => key removed successfully QBDPAZVvVtb => Unable to stop service. QBDPAZVvVtb => Service removed successfully 53a1c4d9 => Service removed successfully C:\ProgramData\InstallSightSDK => moved successfully. C:\ProgramData\Ealluelrroiu => moved successfully. C:\WINDOWS\System32\Tasks\Optimizer Pro Schedule => moved successfully. C:\WINDOWS\act.exe => moved successfully. C:\Users\Martin\AppData\Local\BreakingNewsAlert => moved successfully. C:\ProgramData\IHProtectUpDate => moved successfully. C:\WINDOWS\prleth.sys => moved successfully. C:\WINDOWS\hgfs.sys => moved successfully. C:\ProgramData\{13127d68-f301-4004-1312-27d68f30f5a3} => moved successfully. C:\Users\Martin\AppData\Roaming\mystartsearch => moved successfully. C:\ProgramData\MailUpdate => moved successfully. C:\WINDOWS\Tasks\Bidaily Synchronize Task[74c7].job => moved successfully. C:\WINDOWS\Tasks\Bidaily Synchronize Task[3c32].job => moved successfully. C:\Program Files (x86)\Super Optimizer => moved successfully. C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GUPlayer => moved successfully. C:\Users\Martin\AppData\Roaming\MailUpdate => moved successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Super Optimizer => moved successfully. "C:\ProgramData\bSKlKwuDmtJ" folder move: Could not move "C:\ProgramData\bSKlKwuDmtJ" folder => Scheduled to move on reboot. C:\Program Files (x86)\Optimizer Pro 3.96 => moved successfully. C:\WINDOWS\system32\Drivers\etc\hp.bak => moved successfully. C:\Users\Martin\AppData\Roaming\4C4C4544-1434111278-4E10-8037-B1C04F325831 => moved successfully. C:\ProgramData\{a1ea59da-03b8-a2e3-a1ea-a59da03b6768} => moved successfully. C:\Users\Martin\AppData\Local\WebBar => moved successfully. C:\Program Files\WebBar => moved successfully. C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PepperZip => moved successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PepperZip => moved successfully. "C:\Program Files (x86)\Dell Digital Delivery" folder move: Could not move "C:\Program Files (x86)\Dell Digital Delivery" folder => Scheduled to move on reboot. C:\Users\Martin\Downloads\setup.exe => moved successfully. Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-07-09 16:13:43)<= C:\ProgramData\bSKlKwuDmtJ => Is moved successfully C:\Program Files (x86)\Dell Digital Delivery => Is moved successfully End of Fixlog 16:13:43

Malekal_morte- · Answer

vois ce que cela donne.

Malekal_morte- · Answer

=)


Voila, c'est terminé, tu peux supprimer les programmes utilisés. 

Quelques conseils : 


Pour prévenir les sites malicieux, tu peux installer Blockulicious : https://forum.malekal.com/viewtopic.php?t=46656&start= 


Pour ne plus te faire avoir. 
A lire - Programmes parasites / PUPs : https://www.malekal.com/adwares-pup-protection/ 
(Surtout active les détections LPIs pour détecter les programmes parasites et publicitaires)


Le reste de la sécurité : http://forum.malekal.com/comment-securiser-son-ordinateur.html

Breaking News Alert

4 réponses

End of Fixlog 16:13:43

Discussions similaires

Newsletters