Sujet Précédent Sujet Suivant

Virus zango

rom -  
jlpjlp Messages postés 52399 Statut Contributeur sécurité -
Bonjour,
j'aimerai savoir comment on peut faire pour virer un virus qui s'appel zango, ca me soule ca ma niké ma connexion, j'ai resolu en partie ce pb mais c'a m'a aussi niké le son merci, de m'aider
A voir également:

4 réponses

Réponse 1 / 4
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
slt,

scan avec
MalwareByte's Anti-Malware après mise a jour, en mode normal et vire ce qui est trouvé et colle le rapport

https://www.malekal.com/tutoriel-malwarebyte-anti-malware/

____________________

Télécharge ici :

http://images.malwareremoval.com/random/RSIT.exe

random's system information tool (RSIT) par andom/random et sauvegarde-le sur le Bureau.

Double-clique sur RSIT.exe afin de lancer RSIT.

Clique Continue à l'écran Disclaimer.

Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.

Poste le contenu de log.txt (<<qui sera affiché)
ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).

NB : Les rapports sont sauvegardés dans le dossier C:\rsit
1
Réponse 2 / 4
rom
 
Malwarebytes' Anti-Malware 1.33
Version de la base de données: 1742
Windows 5.1.2600 Service Pack 2

10/02/2009 11:48:11
mbam-log-2009-02-10 (11-48-11).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 137911
Temps écoulé: 1 hour(s), 24 minute(s), 28 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 2
Clé(s) du Registre infectée(s): 69
Valeur(s) du Registre infectée(s): 11
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 26
Fichier(s) infecté(s): 105

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
C:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll (Adware.Shopper) -> Delete on reboot.
C:\WINDOWS\system32\afmain0.dll (Trojan.Agent) -> Delete on reboot.

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\TypeLib\{e343edfc-1e6c-4cb5-aa29-e9c922641c80} (Adware.Shopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{d8560ac2-21b5-4c1a-bdd4-bd12bc83b082} (Adware.Shopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.Shopper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.Shopper) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.Shopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{20ea9658-6bc3-4599-a87d-6371fe9295fc} (Adware.Shopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a16ad1e9-f69a-45af-9462-b1c286708842} (Adware.Shopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.Shopper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.Shopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c9ccbb35-d123-4a31-affc-9b2933132116} (Adware.Shopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\coresrv.lfgax (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\coresrv.lfgax.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.hbax (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.hbax.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.hbinfoband (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.hbinfoband.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebutton (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebutton.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebuttona (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebuttona.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.rprtctrl (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.rprtctrl.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{8ad9ad05-36be-4e40-ba62-5422eb0d02fb} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{aebf09e2-0c15-43c8-99bf-928c645d98a0} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b0cb585f-3271-4e42-88d9-ae5c9330d554} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{cdca70d8-c6a6-49ee-9bed-7429d6c477a2} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{d136987f-e1c4-4ccc-a220-893df03ec5df} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6fd31ed6-7c94-4bbc-8e95-f927f4d3a949} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{eddbb5ee-bb64-4bfc-9dbe-e7c85941335b} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\shoppingreport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{bb4c402f-882a-4526-8c08-51278ea437c1} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MySearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\WakeNet (Trojan.Adware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\zangosa (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Zango (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\zangoax.clientdetector (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\zangoax.clientdetector.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\zangoax.userprofiles (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\zangoax.userprofiles.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\wallpaper.wallpapermanager (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\wallpaper.wallpapermanager.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\toolbar.toolbarctl (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\toolbar.toolbarctl.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\toolbar.htmlmenuui (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\toolbar.htmlmenuui.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\srv.coreservices (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\srv.coreservices.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostol.webmailsend (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostol.webmailsend.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostol.mailanim (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostol.mailanim.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostie.bho (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostie.bho.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbr.hbmain (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbr.hbmain.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbmain.commband (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbmain.commband.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\coresrv.coreservices (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\coresrv.coreservices.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\zango (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srosa (Rootkit.Bagle) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{90b8b761-df2b-48ac-bbe0-bcc03a819b3b} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{90b8b761-df2b-48ac-bbe0-bcc03a819b3b} (Adware.BHO) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\icxani (Adware.Navipromo.H) -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\kamsoft (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cdoosoft (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{bb4c402f-882a-4526-8c08-51278ea437c1} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mule_st_key (Trojan.Agent) -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\netsearchsoft.com (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\www.netsearchsoft.com (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\Zango@Zango.com (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\zango 10.3.75.0 (Adware.Zango) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\CheckedValue (Hijack.System.Hidden) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
C:\Program Files\Zango (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\Zango\bin (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\Zango\bin\10.3.75.0 (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\ShoppingReport (Adware.Shopping.Report) -> Delete on reboot.
C:\Program Files\ShoppingReport\Bin (Adware.Shopping.Report) -> Delete on reboot.
C:\Program Files\ShoppingReport\Bin\2.5.0 (Adware.Shopping.Report) -> Delete on reboot.
C:\Program Files\SystemDoctor Free (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
C:\Program Files\Fichiers communs\SystemDoctor (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\down (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Program Files\MySearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MySearch\bar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MySearch\bar\History (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MySearch\bar\Settings (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Documents and Settings\Romain\Application Data\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Romain\Application Data\ShoppingReport\cs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Romain\Application Data\ShoppingReport\cs\db (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Romain\Application Data\ShoppingReport\cs\dwld (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Romain\Application Data\ShoppingReport\cs\report (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Romain\Application Data\ShoppingReport\cs\res1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\ZangoSA (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SystemDoctor Free (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SystemDoctor Free\Data (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
C:\Documents and Settings\Romain\Application Data\SystemDoctor Free (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
C:\Documents and Settings\Romain\Application Data\SystemDoctor Free\Logs (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
C:\Documents and Settings\Romain\Application Data\m (Trojan.Agent) -> Delete on reboot.
C:\Documents and Settings\All Users\Application Data\2ACA5CC3-0F83-453D-A079-1076FE1A8B65 (Adware.Seekmo) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Documents and Settings\Romain\Local Settings\Application Data\amiwiuq_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Romain\Local Settings\Application Data\amiwiuq_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Romain\Local Settings\Application Data\amiwiuq.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Romain\Local Settings\Application Data\icxani_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Romain\Local Settings\Application Data\icxani_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Romain\Local Settings\Application Data\icxani.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Romain\Local Settings\Application Data\icxani.exe (Adware.Navipromo.H) -> Delete on reboot.
C:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll (Adware.Shopper) -> Delete on reboot.
C:\Documents and Settings\Romain\Application Data\drivers\srosa2.sys (Rootkit.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Romain\Application Data\drivers\wfsintwq.sys (Rootkit.Bagle) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DE1A40D7-8861-4E76-ACA5-2069FD541E93}\RP1000\A0226618.sys (Rootkit.Bagle) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DE1A40D7-8861-4E76-ACA5-2069FD541E93}\RP1000\A0226602.sys (Rootkit.Bagle) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DE1A40D7-8861-4E76-ACA5-2069FD541E93}\RP1000\A0226603.sys (Rootkit.Bagle) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DE1A40D7-8861-4E76-ACA5-2069FD541E93}\RP1000\A0226619.sys (Rootkit.Bagle) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DE1A40D7-8861-4E76-ACA5-2069FD541E93}\RP1001\A0226645.sys (Rootkit.Bagle) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DE1A40D7-8861-4E76-ACA5-2069FD541E93}\RP1001\A0226646.sys (Rootkit.Bagle) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DE1A40D7-8861-4E76-ACA5-2069FD541E93}\RP1001\A0226784.sys (Rootkit.Bagle) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DE1A40D7-8861-4E76-ACA5-2069FD541E93}\RP1001\A0226785.sys (Rootkit.Bagle) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DE1A40D7-8861-4E76-ACA5-2069FD541E93}\RP1001\A0226910.sys (Rootkit.Bagle) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DE1A40D7-8861-4E76-ACA5-2069FD541E93}\RP1001\A0226911.sys (Rootkit.Bagle) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DE1A40D7-8861-4E76-ACA5-2069FD541E93}\RP1001\A0226811.sys (Rootkit.Bagle) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DE1A40D7-8861-4E76-ACA5-2069FD541E93}\RP1001\A0226812.sys (Rootkit.Bagle) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DE1A40D7-8861-4E76-ACA5-2069FD541E93}\RP1001\A0226858.sys (Rootkit.Bagle) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DE1A40D7-8861-4E76-ACA5-2069FD541E93}\RP1001\A0226859.sys (Rootkit.Bagle) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DE1A40D7-8861-4E76-ACA5-2069FD541E93}\RP1001\A0226884.sys (Rootkit.Bagle) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DE1A40D7-8861-4E76-ACA5-2069FD541E93}\RP1001\A0226885.sys (Rootkit.Bagle) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DE1A40D7-8861-4E76-ACA5-2069FD541E93}\RP1001\A0226935.sys (Rootkit.Bagle) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DE1A40D7-8861-4E76-ACA5-2069FD541E93}\RP1001\A0226936.sys (Rootkit.Bagle) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DE1A40D7-8861-4E76-ACA5-2069FD541E93}\RP1002\A0226966.sys (Rootkit.Bagle) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DE1A40D7-8861-4E76-ACA5-2069FD541E93}\RP1002\A0226967.sys (Rootkit.Bagle) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DE1A40D7-8861-4E76-ACA5-2069FD541E93}\RP1003\A0226999.sys (Rootkit.Bagle) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DE1A40D7-8861-4E76-ACA5-2069FD541E93}\RP1003\A0227000.sys (Rootkit.Bagle) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DE1A40D7-8861-4E76-ACA5-2069FD541E93}\RP1003\A0227033.sys (Rootkit.Bagle) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DE1A40D7-8861-4E76-ACA5-2069FD541E93}\RP1003\A0227034.sys (Rootkit.Bagle) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DE1A40D7-8861-4E76-ACA5-2069FD541E93}\RP1003\A0227073.sys (Rootkit.Bagle) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DE1A40D7-8861-4E76-ACA5-2069FD541E93}\RP1003\A0227074.sys (Rootkit.Bagle) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DE1A40D7-8861-4E76-ACA5-2069FD541E93}\RP1003\A0227097.sys (Rootkit.Bagle) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DE1A40D7-8861-4E76-ACA5-2069FD541E93}\RP1003\A0227098.sys (Rootkit.Bagle) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DE1A40D7-8861-4E76-ACA5-2069FD541E93}\RP997\A0226364.sys (Rootkit.Bagle) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DE1A40D7-8861-4E76-ACA5-2069FD541E93}\RP997\A0226365.sys (Rootkit.Bagle) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DE1A40D7-8861-4E76-ACA5-2069FD541E93}\RP998\A0226391.sys (Rootkit.Bagle) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DE1A40D7-8861-4E76-ACA5-2069FD541E93}\RP998\A0226392.sys (Rootkit.Bagle) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DE1A40D7-8861-4E76-ACA5-2069FD541E93}\RP998\A0226451.sys (Rootkit.Bagle) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DE1A40D7-8861-4E76-ACA5-2069FD541E93}\RP998\A0226452.sys (Rootkit.Bagle) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DE1A40D7-8861-4E76-ACA5-2069FD541E93}\RP998\A0226481.sys (Rootkit.Bagle) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DE1A40D7-8861-4E76-ACA5-2069FD541E93}\RP999\A0226519.sys (Rootkit.Bagle) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DE1A40D7-8861-4E76-ACA5-2069FD541E93}\RP999\A0226520.sys (Rootkit.Bagle) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\down\140437.exe (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\down\232312.exe (Trojan.Packed) -> Quarantined and deleted successfully.
C:\Program Files\Zango\bin\10.3.75.0\HostOE.dll (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\ShoppingReport\Uninst.exe (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Program Files\SystemDoctor Free\Activate.dat (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
C:\Program Files\SystemDoctor Free\bhpv.dat (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
C:\Program Files\SystemDoctor Free\bhupdater.dat (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
C:\Program Files\SystemDoctor Free\bnlink.dat (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
C:\Program Files\SystemDoctor Free\DataBase.sav (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
C:\Program Files\SystemDoctor Free\hmlink.dat (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
C:\Program Files\SystemDoctor Free\lapv.dat (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
C:\Program Files\SystemDoctor Free\License.rtf (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
C:\Program Files\SystemDoctor Free\mProp (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
C:\Program Files\SystemDoctor Free\pv.dat (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
C:\Program Files\SystemDoctor Free\readme.rtf (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
C:\Program Files\SystemDoctor Free\ReportListFile.dat (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
C:\Program Files\SystemDoctor Free\ResErrors.log (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
C:\Program Files\SystemDoctor Free\sdurl.url (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
C:\Program Files\SystemDoctor Free\sr.log (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
C:\Program Files\SystemDoctor Free\st.dat (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
C:\Program Files\SystemDoctor Free\support.url (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
C:\Program Files\SystemDoctor Free\umain.xml (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
C:\Program Files\SystemDoctor Free\unins000.dat (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
C:\Program Files\SystemDoctor Free\up.dat (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
C:\Program Files\SystemDoctor Free\updater.dat (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
C:\Program Files\SystemDoctor Free\urls.xml (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
C:\Program Files\Fichiers communs\SystemDoctor\err.log (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
C:\Program Files\Fichiers communs\SystemDoctor\up.dat (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
C:\Program Files\MySearch\bar\History\search (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Documents and Settings\Romain\Application Data\ShoppingReport\cs\Config.xml (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Romain\Application Data\ShoppingReport\cs\db\Aliases.dbs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Romain\Application Data\ShoppingReport\cs\db\Sites.dbs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Romain\Application Data\ShoppingReport\cs\dwld\WhiteList.xip (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Romain\Application Data\ShoppingReport\cs\report\aggr_storage.xml (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Romain\Application Data\ShoppingReport\cs\report\send_storage.xml (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Romain\Application Data\ShoppingReport\cs\res1\WhiteList.dbs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\ZangoSA\ZangoSA.dat (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\ZangoSA\ZangoSAAbout.mht (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\ZangoSA\ZangoSAau.dat (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\ZangoSA\ZangoSAEula.mht (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\ZangoSA\ZangoSA_kyf.dat (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SystemDoctor Free\Data\Abbr (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SystemDoctor Free\Data\ActivationCode (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SystemDoctor Free\Data\HOURS (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SystemDoctor Free\Data\ProductCode (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
C:\Documents and Settings\Romain\Application Data\SystemDoctor Free\Logs\update.log (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
C:\Documents and Settings\Romain\Application Data\m\data.oct (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Romain\Application Data\m\list.oct (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Romain\Application Data\m\srvlist.oct (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kamsoft.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\m0vnonh.bat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\olhrwef.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\afmain0.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\afmain1.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mdelk.exe (Trojan.Spammer) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wintems.exe (Trojan.Spammer) -> Delete on reboot.
C:\Documents and Settings\Romain\Application Data\m\flec006.exe (Trojan.Agent) -> Delete on reboot.
C:\Documents and Settings\Romain\Application Data\drivers\winupgro.exe (Trojan.Agent) -> Delete on reboot.
0
Réponse 3 / 4
rom
 
bonjour, j'ai bien scanné mon pc avec malware et ca m'a bien mis les dossiers en quarentaine le son est enfin revenu, je te remerci, mais le pb de la connexion est tj present en fait, il faut que je fasse demarer executer regedit et changer un truc de connexion: star; car le virus me le passe en 4 fois ce qui fait que je n'ai plus de connexion , il faut que je le remette en 3 avant dx'eteindre mon pc pour avoir le net, aurais tu une solution jlpjlp
je te remerci d'avance
0
Réponse 4 / 4
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
colle le rapport rsit pour voir et dis moi si tu es en wifi ou ethernet ou usb pour le net
0

Discussions similaires

Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
virus Artemis!
mabiche37 -
Malekal_morte- -

14 réponses
Désinstaller Softonic
Diguimette -
lilidurhone -

5 réponses
Message Apple virus !!
Souclik67 -
MPMP10 -

3 réponses
a quoi sert softonic ?
durup1928 -
jacklyn -

25 réponses