maxspeed

Comme beaucoup j'ai eut ce trojan, Antivir me la détecté il y a une heure environ, il affiche des page publicitaire non souhaité et ralentit mon ordi et ma connexion (je crois) qui est déjà vraiment aps térrible.
Bref en suivant les explication de divers forum comme le votre j'ai installé "Malwarebytes" et effectué un,e recherche rapide qui a repéré un peu plus d'une vingtaine de fichier contaminée. J'ai donc supprimer ces fichier et voici le rapport :
(a oui avant ca j'ai supp tt le dossier TEMP dans le C:.)

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Version de la base de données: 6320

Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

10/04/2011 00:10:03
mbam-log-2011-04-10 (00-10-03).txt

Type d'examen: Examen rapide
Elément(s) analysé(s): 153633
Temps écoulé: 1 minute(s), 44 seconde(s)

Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 3
Clé(s) du Registre infectée(s): 7
Valeur(s) du Registre infectée(s): 3
Elément(s) de données du Registre infecté(s): 4
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 15

Processus mémoire infecté(s):
c:\WINDOWS\Dxebya.exe (Trojan.Downloader) -> 2608 -> Unloaded process successfully.

Module(s) mémoire infecté(s):
c:\WINDOWS\system32\sshnas21.dll (Trojan.Downloader) -> Delete on reboot.
c:\WINDOWS\vefcon.dll (Trojan.Hiloti) -> Delete on reboot.
c:\WINDOWS\system32\jghcgwcm.dll (IPH.GenericBHO) -> Delete on reboot.

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{8DAFDC90-E303-400D-11E6-EF862110AC0F} (IPH.GenericBHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Hdrughmh (IPH.GenericBHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8DAFDC90-E303-400D-11E6-EF862110AC0F} (IPH.GenericBHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8DAFDC90-E303-400D-11E6-EF862110AC0F} (IPH.GenericBHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\NtWqIVLZEWZU (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\ (Hijack.Zones) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SSHNAS (Trojan.Renos) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Rvajali (Trojan.Hiloti) -> Value: Rvajali -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\GAGEZ8R8ZB (Trojan.Downloader) -> Value: GAGEZ8R8ZB -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\NtWqIVLZEWZU (Trojan.FakeAlert) -> Value: NtWqIVLZEWZU -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowHelp (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowSearch (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyDocs (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSMHelp (PUM.Hijack.Help) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
c:\WINDOWS\system32\sshnas21.dll (Trojan.Downloader) -> Delete on reboot.
c:\WINDOWS\vefcon.dll (Trojan.Hiloti) -> Delete on reboot.
c:\WINDOWS\Dxebya.exe (Trojan.Downloader) -> Delete on reboot.
c:\WINDOWS\system32\jghcgwcm.dll (IPH.GenericBHO) -> Delete on reboot.
c:\documents and settings\Maxspeed\local settings\Temp\ditef.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\documents and settings\Maxspeed\local settings\Temp\jjjj.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\WINDOWS\Temp\Dvb.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\WINDOWS\Temp\Dvc.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\WINDOWS\Temp\Dvd.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\WINDOWS\Temp\Dve.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\WINDOWS\Temp\sshnas21.dll (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Update.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\WINDOWS\Tasks\{22116563-108c-42c0-a7ce-60161b75e508}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\WINDOWS\Tasks\{bbaeaeaf-1275-40e2-bd6c-bc8f88bd114a}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\WINDOWS\Tasks\{810401e2-dde0-454e-b0e2-aa89c9e5967c}.job (Trojan.FraudPack) -> Quarantined and deleted successfully.









Suis-je sortis d'affaire ? En tout cas on dirait qu'il n'y a plus de pub et de ralentissements !