Pour supprimer le rogue suivre les indications de la page suivante : http://forum.malekal.com/supprimer-les- ... t5472.html
Les détections possibles :
Win32/Zbot
Win32/Kelihos
Win32/Pameseg.XX
Win32/PriceGong
JS/Medfos.B
Win32/Conficker.X
Win32/Sality.XX
JS/Seedabutor.B
Win32/Pramro.F
Win32/OpenCandy
Win32/Nitol.A
Win32/Tracur.XX
Win32/Sinowal.gen!X
Win32/Ifnapod.X
Win32/Zwangi
Win32/Ramnit.X
Win32/Dorkbot.A
JS/Redirector.XX
Win32/Daurso
Win32/Hary.A
Win32/Mabezat.A
Win32/Malword.X
Win32/Quervar.X
Win32/Usen
Win32/Xinkey
Win32/Zafi
Win32/Cameobe.X
Win32/Casus.2_0
Win32/Chedap.A
Win32/Ciucio
Win32/Zbot, also called Zeus, is a Trojan horse that attempts to steal confidential information from the compromised computer.
Win32/Kelihos is a trojan family that distributes spam email messages. The spam messages could contain hyperlinks to installers of Win32/Kelihos malware.
Win32/Pameseg.XX is the detection for a fake installer that asks users to send SMS messages to a premium number.
PriceGong is an adware program that displays certain deals related to search terms you enter in any webpage's search field.
JS/Medfos.B is a malicious JavaScript file that redirects search queries when using websites such as AOL, Ask, Bing, Google and Yahoo.
Win32/Conficker.X is a worm that infects other computers across a network by exploiting a vulnerability in the Windows Server service (SVCHOST.EXE).
Win32/Sality.AT is a detection for a virus that spreads by infecting Windows executable files and by copying itself to removable and remote drives.
JS/Seedabutor.B is a JavaScript trojan that attempts to redirect your browser to another website.
Win32/Pramro.F is a trojan that creates a proxy on an infected computer. Proxy servers may be used by attackers to hide the origin of malicious activity.
Win32/OpenCandy is an adware program that may be bundled with certain third-party software installation programs.
Win32/Nitol.A is a malware that performs DDOS (Distributed Denial of Service) attacks against a target system, which is usually a website.
Win32/Tracur is a malware that redirects Internet search queries to a malicious URL and allows backdoor access and control.
Win32/Sinowal is a family of password-stealing and backdoor programs. It may capture banking credentials and send the data to the attacker.
Win32/Ifnapod.X contains malicious software which it dropsand installs on the affected system. Also it allows remote access to infected systems.
BrowserModifier:Win32/Zwangi is a program that runs as a service in the background and modifies Internet browser search functionality.
Win32/Ramnit is a trojan that allows limited remote access and control to an affected computer.
Win32/Dorkbot.A is a worm that spreads via instant messaging and removable drives. Also it allows control of the affected computer.
This is a trojan that is contained within websites that are malicious. It may redirect your browser to a website other than the one you expect.
This threat is classified as a password-stealing troian. This trojan installs a keystroke logger which records keystrokes and sends it to remote attackers.
Worm:Win32/Hary.A is a worm that poses as a copy of J K Rowling's book "Harry Potter and the Deathly Hallows". The worm spreads between USB drives.
Worm:Win32/Mabezat.A is a worm that attempts to spread by copying itself to newly attached media devices, such as USB drives or USB media cards.
Win32/Malword is a detection used to identify maliciously formed Word documents that contain code that attempts to exploit a vulnerability in Wordpad.
Virus:Win32/Quervar is a virus that infects specific Microsoft Office document files and executable files.
This threat is classified as a worm that spreads over the network. A pure network worm propagates without any user interaction.
This threat is classified as a trojan that steals data. A data theft trojan gathers personal data, often of a financial nature, from affected systems.
Win32/Zafi is a family of mass-mailing worms. The worm sends itself to e-mail addresses that it finds on the infected computer.
This is a malicious program that is unable to spread of its own accord. It may perform a number of actions of an attacker's choice on an affected computer.
This threat is classified as a backdoor trojan. A backdoor trojan provides remote, usually surreptitious, access to affected systems.
PWS:Win32/Chedap.A is a password stealer that targets SSH user accounts.
Win32/Ciucio is a family of trojans that connect to certain websites in order to download arbitrary files.
Fausses alertes :
Attention ! activité à risque détectée
Durant le surf, vous pouvez obtenir le message ci-dessous :
Attention ! Le site auquel vous essayez d’accéder pourrait endommager votre ordinateur !
Merci à Xylitol pour le sample.