Répondre à : infecté par web shield 2016-09-08T13:40:09+00:00
isa1988
Participant
Nombre d'articles : 18

malwarebyte m’a demandé de redémarrer, ce que j’ai fait , et en redemarant en mode normal je n’ai plus le virus !!!! yes !!! merci beaucoup !!!!

voila le rapport demandé (enfin si je me suis pas tromper car j’ai pas eu cette partie de tes instructions :
•Clic sur Copier dans le Presse-papiers

•Un rapport va s’ouvrir. Copie/Colle son contenue dans ta prochaine réponse.

a la place ca m’a demandé de redémarrer. le rapport je l’ai récupéré dans l’historique j espere que c’est bon)

Malwarebytes Anti-Malware
http://www.malwarebytes.org

Scan Date: 11/05/2014
Scan Time: 20:06:09
Logfile:
Administrator: Yes

Version: 2.00.1.1004
Malware Database: v2014.05.11.07
Rootkit Database: v2014.03.27.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Chameleon: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: JC

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 263682
Time Elapsed: 8 min, 59 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 67
PUP.Optional.Consumer.Input.A, HKLMSOFTWARECLASSESConsumerInputUpdate.CoCreateAsync, Quarantined, [3be8da761e5dee4858664b4b7b87ea16],
PUP.Optional.Consumer.Input.A, HKLMSOFTWARECLASSESConsumerInputUpdate.CoCreateAsync.1.0, Quarantined, [869d420e562579bdcfef9ff7857d718f],
PUP.Optional.Consumer.Input.A, HKLMSOFTWARECLASSESConsumerInputUpdate.CoreClass, Quarantined, [ab78203089f22f0715a95b3b17eb0ef2],
PUP.Optional.Consumer.Input.A, HKLMSOFTWARECLASSESConsumerInputUpdate.CoreClass.1, Quarantined, [f92ae7691b60b581209e1284ae5453ad],
PUP.Optional.Consumer.Input.A, HKLMSOFTWARECLASSESConsumerInputUpdate.CoreMachineClass, Quarantined, [0221ea66156653e3f6c84e4871914fb1],
PUP.Optional.Consumer.Input.A, HKLMSOFTWARECLASSESConsumerInputUpdate.CoreMachineClass.1, Quarantined, [e93a0947d6a5ce68dee0247233cfb749],
PUP.Optional.Consumer.Input.A, HKLMSOFTWARECLASSESConsumerInputUpdate.CredentialDialogMachine, Quarantined, [c55e3a16304ba393625c9ef882809868],
PUP.Optional.Consumer.Input.A, HKLMSOFTWARECLASSESConsumerInputUpdate.CredentialDialogMachine.1.0, Quarantined, [d64da8a898e3be786b53b0e64cb638c8],
PUP.Optional.Consumer.Input.A, HKLMSOFTWARECLASSESConsumerInputUpdate.OnDemandCOMClassMachine, Quarantined, [2201d97796e575c18b333363e51ddb25],
PUP.Optional.Consumer.Input.A, HKLMSOFTWARECLASSESConsumerInputUpdate.OnDemandCOMClassMachine.1.0, Quarantined, [b37096ba29529e98813d5442c1412ed2],
PUP.Optional.Consumer.Input.A, HKLMSOFTWARECLASSESConsumerInputUpdate.OnDemandCOMClassMachineFallback, Quarantined, [38eb2d23700b96a01ba3494df21050b0],
PUP.Optional.Consumer.Input.A, HKLMSOFTWARECLASSESConsumerInputUpdate.OnDemandCOMClassMachineFallback.1.0, Quarantined, [64bffa5680fb56e0f9c50f87ad55ff01],
PUP.Optional.Consumer.Input.A, HKLMSOFTWARECLASSESConsumerInputUpdate.OnDemandCOMClassSvc, Quarantined, [73b0ec64d0abbb7b5e60573f37cbcf31],
PUP.Optional.Consumer.Input.A, HKLMSOFTWARECLASSESConsumerInputUpdate.OnDemandCOMClassSvc.1.0, Quarantined, [63c082ce88f32313348ad1c5fd051be5],
PUP.Optional.Consumer.Input.A, HKLMSOFTWARECLASSESConsumerInputUpdate.ProcessLauncher, Quarantined, [ed36a1afa3d81d19bc02593d8280b749],
PUP.Optional.Consumer.Input.A, HKLMSOFTWARECLASSESConsumerInputUpdate.ProcessLauncher.1.0, Quarantined, [70b3e8686714a98d6757692d1de58878],
PUP.Optional.Consumer.Input.A, HKLMSOFTWARECLASSESConsumerInputUpdate.Update3COMClassService, Quarantined, [f033ef61136804324975484e1ce64fb1],
PUP.Optional.Consumer.Input.A, HKLMSOFTWARECLASSESConsumerInputUpdate.Update3COMClassService.1.0, Quarantined, [35ee321e611ad36313ab801618ea39c7],
PUP.Optional.Consumer.Input.A, HKLMSOFTWARECLASSESConsumerInputUpdate.Update3WebMachine, Quarantined, [ca59f8585c1f6cca45790591946e1de3],
PUP.Optional.Consumer.Input.A, HKLMSOFTWARECLASSESConsumerInputUpdate.Update3WebMachine.1.0, Quarantined, [bb68ee623c3f00368a34fe9853af6997],
PUP.Optional.Consumer.Input.A, HKLMSOFTWARECLASSESConsumerInputUpdate.Update3WebMachineFallback, Quarantined, [32f1044cb9c22e08c2fc31652ed4728e],
PUP.Optional.Consumer.Input.A, HKLMSOFTWARECLASSESConsumerInputUpdate.Update3WebMachineFallback.1.0, Quarantined, [2102f35d2f4c96a09c221f7716ec6a96],
PUP.Optional.Consumer.Input.A, HKLMSOFTWARECLASSESConsumerInputUpdate.Update3WebSvc, Quarantined, [dd4673dd99e2aa8cf3cbf6a0e31ffa06],
PUP.Optional.Consumer.Input.A, HKLMSOFTWARECLASSESConsumerInputUpdate.Update3WebSvc.1.0, Quarantined, [44df7dd3c7b451e586383e58788a27d9],
Security.Hijack, HKLMSOFTWAREMICROSOFTWINDOWS NTCURRENTVERSIONIMAGE FILE EXECUTION OPTIONSk9filter.exe, Quarantined, [a083afa16e0df541abdd9130828132ce],
Security.Hijack, HKLMSOFTWAREMICROSOFTWINDOWS NTCURRENTVERSIONIMAGE FILE EXECUTION OPTIONSmpcmdrun, Quarantined, [190abe920c6f04329107e8a641c12dd3],
Security.Hijack, HKLMSOFTWAREMICROSOFTWINDOWS NTCURRENTVERSIONIMAGE FILE EXECUTION OPTIONSmpsvc.dll, Quarantined, [dd4683cd5c1fc5711188a6e813ef748c],
Security.Hijack, HKLMSOFTWAREMICROSOFTWINDOWS NTCURRENTVERSIONIMAGE FILE EXECUTION OPTIONSmpuxsrv.exe, Quarantined, [7ca7b69a2457ae88d1744e490ef406fa],
Security.Hijack, HKLMSOFTWAREMICROSOFTWINDOWS NTCURRENTVERSIONIMAGE FILE EXECUTION OPTIONSmsascui, Quarantined, [cc571f315922ef47801a612de81a649c],
Security.Hijack, HKLMSOFTWAREMICROSOFTWINDOWS NTCURRENTVERSIONIMAGE FILE EXECUTION OPTIONSMSASCUI.exe, Quarantined, [081b98b8166579bd8b332ee7679ca060],
Security.Hijack, HKLMSOFTWAREMICROSOFTWINDOWS NTCURRENTVERSIONIMAGE FILE EXECUTION OPTIONSMSconfig.exe, Quarantined, [9390ba96abd094a2685d1cf99e65669a],
Security.Hijack, HKLMSOFTWAREMICROSOFTWINDOWS NTCURRENTVERSIONIMAGE FILE EXECUTION OPTIONSMSMPENG.exe, Quarantined, [ac77f957d6a577bf0ec339dc3fc4ee12],
Security.Hijack, HKLMSOFTWAREMICROSOFTWINDOWS NTCURRENTVERSIONIMAGE FILE EXECUTION OPTIONSMSseces, Quarantined, [71b278d865167cba7b20711d6a98b14f],
PUP.Optional.Consumer.Input.A, HKLMSOFTWAREWOW6432NODECLASSESConsumerInputUpdate.CoCreateAsync, Quarantined, [081bd67a87f4d75f368897ffc0421ae6],
PUP.Optional.Consumer.Input.A, HKLMSOFTWAREWOW6432NODECLASSESConsumerInputUpdate.CoCreateAsync.1.0, Quarantined, [be65f45cea9103334f6fcec87a888080],
PUP.Optional.Consumer.Input.A, HKLMSOFTWAREWOW6432NODECLASSESConsumerInputUpdate.CoreClass, Quarantined, [bc67b49c6b10d561ffbf33631ae8f60a],
PUP.Optional.Consumer.Input.A, HKLMSOFTWAREWOW6432NODECLASSESConsumerInputUpdate.CoreClass.1, Quarantined, [32f15ff1e69557df4c724353aa581ce4],
PUP.Optional.Consumer.Input.A, HKLMSOFTWAREWOW6432NODECLASSESConsumerInputUpdate.CoreMachineClass, Quarantined, [0a19143c2754aa8c5866acea04fe53ad],
PUP.Optional.Consumer.Input.A, HKLMSOFTWAREWOW6432NODECLASSESConsumerInputUpdate.CoreMachineClass.1, Quarantined, [4fd4e8685328999d9529cbcb60a2fc04],
PUP.Optional.Consumer.Input.A, HKLMSOFTWAREWOW6432NODECLASSESConsumerInputUpdate.CredentialDialogMachine, Quarantined, [c95a82ceb5c669cdc4fa6630c43eb848],
PUP.Optional.Consumer.Input.A, HKLMSOFTWAREWOW6432NODECLASSESConsumerInputUpdate.CredentialDialogMachine.1.0, Quarantined, [c2613e12691282b42995088e14ee19e7],
PUP.Optional.Consumer.Input.A, HKLMSOFTWAREWOW6432NODECLASSESConsumerInputUpdate.OnDemandCOMClassMachine, Quarantined, [9f8462ee463539fd3a840492a35f05fb],
PUP.Optional.Consumer.Input.A, HKLMSOFTWAREWOW6432NODECLASSESConsumerInputUpdate.OnDemandCOMClassMachine.1.0, Quarantined, [ed3665eb0f6c95a1c9f541554bb77d83],
PUP.Optional.Consumer.Input.A, HKLMSOFTWAREWOW6432NODECLASSESConsumerInputUpdate.OnDemandCOMClassMachineFallback, Quarantined, [e53eada393e81a1c8c3297ff7290bb45],
PUP.Optional.Consumer.Input.A, HKLMSOFTWAREWOW6432NODECLASSESConsumerInputUpdate.OnDemandCOMClassMachineFallback.1.0, Quarantined, [29fa401092e9f64047771b7baa5837c9],
PUP.Optional.Consumer.Input.A, HKLMSOFTWAREWOW6432NODECLASSESConsumerInputUpdate.OnDemandCOMClassSvc, Quarantined, [b073153b8af13cfa803e8a0cee14b050],
PUP.Optional.Consumer.Input.A, HKLMSOFTWAREWOW6432NODECLASSESConsumerInputUpdate.OnDemandCOMClassSvc.1.0, Quarantined, [bf6476daa7d415213f7f316511f10bf5],
PUP.Optional.Consumer.Input.A, HKLMSOFTWAREWOW6432NODECLASSESConsumerInputUpdate.ProcessLauncher, Quarantined, [67bc2b2568131d196d51dcba5da58d73],
PUP.Optional.Consumer.Input.A, HKLMSOFTWAREWOW6432NODECLASSESConsumerInputUpdate.ProcessLauncher.1.0, Quarantined, [5dc663eda0db37ff0bb3603653af7888],
PUP.Optional.Consumer.Input.A, HKLMSOFTWAREWOW6432NODECLASSESConsumerInputUpdate.Update3COMClassService, Quarantined, [56cda0b06a117db9c4fab2e4956d34cc],
PUP.Optional.Consumer.Input.A, HKLMSOFTWAREWOW6432NODECLASSESConsumerInputUpdate.Update3COMClassService.1.0, Quarantined, [e63d77d96c0f2313b30bb3e3ae546f91],
PUP.Optional.Consumer.Input.A, HKLMSOFTWAREWOW6432NODECLASSESConsumerInputUpdate.Update3WebMachine, Quarantined, [ba6960f0116a0e28ebd3672fc141ca36],
PUP.Optional.Consumer.Input.A, HKLMSOFTWAREWOW6432NODECLASSESConsumerInputUpdate.Update3WebMachine.1.0, Quarantined, [091af65a4932a1959d216a2c867cb947],
PUP.Optional.Consumer.Input.A, HKLMSOFTWAREWOW6432NODECLASSESConsumerInputUpdate.Update3WebMachineFallback, Quarantined, [0221dd7384f74ceab00e771ff70b629e],
PUP.Optional.Consumer.Input.A, HKLMSOFTWAREWOW6432NODECLASSESConsumerInputUpdate.Update3WebMachineFallback.1.0, Quarantined, [5ec565eb7b00ec4a2896267031d11ce4],
PUP.Optional.Consumer.Input.A, HKLMSOFTWAREWOW6432NODECLASSESConsumerInputUpdate.Update3WebSvc, Quarantined, [dc47fe523249c571764866300002728e],
PUP.Optional.Consumer.Input.A, HKLMSOFTWAREWOW6432NODECLASSESConsumerInputUpdate.Update3WebSvc.1.0, Quarantined, [fc2764ec106bb77f6f4fb9dd5fa33ac6],
Security.Hijack, HKLMSOFTWAREWOW6432NODEMICROSOFTWINDOWS NTCURRENTVERSIONIMAGE FILE EXECUTION OPTIONSk9filter.exe, Quarantined, [2df66de31764e74f7b0d2c95b54e7d83],
Security.Hijack, HKLMSOFTWAREWOW6432NODEMICROSOFTWINDOWS NTCURRENTVERSIONIMAGE FILE EXECUTION OPTIONSmpcmdrun, Quarantined, [f62d420e4734a0968216147a758ddb25],
Security.Hijack, HKLMSOFTWAREWOW6432NODEMICROSOFTWINDOWS NTCURRENTVERSIONIMAGE FILE EXECUTION OPTIONSmpsvc.dll, Quarantined, [71b2ff51354686b08613a0eefd0552ae],
Security.Hijack, HKLMSOFTWAREWOW6432NODEMICROSOFTWINDOWS NTCURRENTVERSIONIMAGE FILE EXECUTION OPTIONSmpuxsrv.exe, Quarantined, [6eb5262ac0bbec4a95b07f18996905fb],
Security.Hijack, HKLMSOFTWAREWOW6432NODEMICROSOFTWINDOWS NTCURRENTVERSIONIMAGE FILE EXECUTION OPTIONSmsascui, Quarantined, [74af8dc37b00ea4c28720d814eb4d32d],
Security.Hijack, HKLMSOFTWAREWOW6432NODEMICROSOFTWINDOWS NTCURRENTVERSIONIMAGE FILE EXECUTION OPTIONSMSASCUI.exe, Quarantined, [0e15aba50c6f93a33d815bba44bf30d0],
Security.Hijack, HKLMSOFTWAREWOW6432NODEMICROSOFTWINDOWS NTCURRENTVERSIONIMAGE FILE EXECUTION OPTIONSMSconfig.exe, Quarantined, [e0436ee287f4cd69774ea4717e853bc5],
Security.Hijack, HKLMSOFTWAREWOW6432NODEMICROSOFTWINDOWS NTCURRENTVERSIONIMAGE FILE EXECUTION OPTIONSMSMPENG.exe, Quarantined, [e93ab0a0fc7f1620ece547ceb84b7e82],
Security.Hijack, HKLMSOFTWAREWOW6432NODEMICROSOFTWINDOWS NTCURRENTVERSIONIMAGE FILE EXECUTION OPTIONSMSseces, Quarantined, [d05350000b702d09d1ca39558a78f40c],
Trojan.Agent, HKLMSYSTEMCURRENTCONTROLSETSERVICESBCKD, Quarantined, [2bf8dd734d2e0b2b7217a6e857abfb05],

Registry Values: 3
Rogue.WindowsExpert, HKLMSOFTWAREWOW6432NODEMICROSOFTWINDOWSCURRENTVERSIONRUN|MSmpeNG, C:UsersJCAppDataRoamingsvc-nqrm.exe, Quarantined, [a182dc7448335cdabc2147275ba6946c]
Rogue.WindowsExpert, HKUS-1-5-21-2245617856-292821049-958674300-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0SOFTWAREMICROSOFTWINDOWSCURRENTVERSIONRUN|MSmpeNG, C:UsersJCAppDataRoamingsvc-nqrm.exe, Quarantined, [a182dc7448335cdabc2147275ba6946c]
Trojan.Agent, HKLMSYSTEMCURRENTCONTROLSETSERVICESBCKD|ImagePath, 33.sys, Quarantined, [2bf8dd734d2e0b2b7217a6e857abfb05]

Registry Data: 0
(No malicious items detected)

Folders: 2
PUP.Optional.Consumer.Input.A, C:UsersJCAppDataLocalConsumer Input, Quarantined, [140f8fc1e596ca6ca10980ee1be733cd],
PUP.Optional.Consumer.Input.A, C:UsersJCAppDataLocalConsumer InputCrashReports, Quarantined, [140f8fc1e596ca6ca10980ee1be733cd],

Files: 5
Rogue.WindowsExpert, C:UsersJCAppDataRoamingsvc-nqrm.exe, Quarantined, [a182dc7448335cdabc2147275ba6946c],
PUP.Optional.SupraSavings.A, C:WindowsInstallerae30.msi, Quarantined, [e340a6aa6615a6902a09a39126de9967],
Malware.Trace.E, C:UsersJCAppDataRoamingdata.sec, Quarantined, [899aa9a789f2f54185fc3a87a261f60a],
PUP.Optional.Consumer.Input.A, C:WindowsTasksConsumerInputUpdateTaskMachineCore.job, Quarantined, [c75cb997c9b2ba7cace822a2e41f738d],
PUP.Optional.Consumer.Input.A, C:WindowsTasksConsumerInputUpdateTaskMachineUA.job, Quarantined, [c162361a740793a3a4f0c103ee15d32d],

Physical Sectors: 0
(No malicious items detected)

(end)