A voir également:
- Virus !!!
- Youtu.be virus - Accueil - Guide virus
- Svchost.exe virus - Guide
- Faux message virus ordinateur - Accueil - Arnaque
- Softonic virus ✓ - Forum Virus
- Faux message virus iphone - Forum iPhone
10 réponses
Utilisateur anonyme
Modifié par lamer01 le 3/06/2010 à 20:25
Modifié par lamer01 le 3/06/2010 à 20:25
bonjour quel sont les problème avec ton PC ?
tu a un rogue un faux logiciel de sécurité
plus d'explication
Fais sa Télécharge rkill
https://download.bleepingcomputer.com/grinler/rkill.exe
Enregistre-le sur ton Bureau
Double-clique sur l'icone rkill ( pour Vista/Seven clic-droit Exécuter en tant qu'Administrateur)
Un bref écran noir t'indiquera que le tool s'est correctement exécuter, s'il ne lance pas
change de lien de téléchargement en utilisant le suivant à partir d'ici:
http://download.bleepingcomputer.com/grinler/rkill.pif
https://download.bleepingcomputer.com/grinler/rkill.scr
https://download.bleepingcomputer.com/grinler/rkill.com
une fois qu'il aura terminé
Téléchargez MalwareByte's Anti-Malware
http://www.malwarebytes.org/mbam/program/mbam-setup.exe
. Enregistres le sur le bureau
. Double cliques sur le fichier téléchargé pour lancer le processus d'installation.
. Dans l'onglet "mise à jour", cliques sur le bouton Recherche de mise à jour
. Si le pare-feu demande l'autorisation de se connecter pour malwarebytes, accepte
. Une fois la mise à jour terminé
. Rend-toi dans l'onglet, Recherche
. Sélectionnes Exécuter un examen complet (examen assez long)
. Cliques sur Rechercher
. Le scan démarre.
. A la fin de l'analyse, un message s'affiche : L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.
. Cliques sur Ok pour poursuivre.
. Si des malwares ont été détectés, clique sur Afficher les résultats
. Sélectionnes tout (ou laisses cochés) et cliques sur Supprimer la sélection Malwarebytes va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
. Malwarebytes va ouvrir le bloc-notes et y copier le rapport d'analyse.
. Rends toi dans l'onglet rapport/log
. Tu cliques dessus pour l'afficher, une fois affiché
. Tu cliques sur edition en haut du boc notes, et puis sur sélectionner tous
. Tu recliques sur edition et puis sur copier et tu reviens sur le forum et dans ta réponse
. tu cliques droit dans le cadre de la reponse et coller
Si tu as besoin d'aide regarde ces tutoriels :
Aide: https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
http://www.infos-du-net.com/forum/278396-11-tuto-malwarebytes-anti-malware-mbam
tu a un rogue un faux logiciel de sécurité
plus d'explication
Fais sa Télécharge rkill
https://download.bleepingcomputer.com/grinler/rkill.exe
Enregistre-le sur ton Bureau
Double-clique sur l'icone rkill ( pour Vista/Seven clic-droit Exécuter en tant qu'Administrateur)
Un bref écran noir t'indiquera que le tool s'est correctement exécuter, s'il ne lance pas
change de lien de téléchargement en utilisant le suivant à partir d'ici:
http://download.bleepingcomputer.com/grinler/rkill.pif
https://download.bleepingcomputer.com/grinler/rkill.scr
https://download.bleepingcomputer.com/grinler/rkill.com
une fois qu'il aura terminé
Téléchargez MalwareByte's Anti-Malware
http://www.malwarebytes.org/mbam/program/mbam-setup.exe
. Enregistres le sur le bureau
. Double cliques sur le fichier téléchargé pour lancer le processus d'installation.
. Dans l'onglet "mise à jour", cliques sur le bouton Recherche de mise à jour
. Si le pare-feu demande l'autorisation de se connecter pour malwarebytes, accepte
. Une fois la mise à jour terminé
. Rend-toi dans l'onglet, Recherche
. Sélectionnes Exécuter un examen complet (examen assez long)
. Cliques sur Rechercher
. Le scan démarre.
. A la fin de l'analyse, un message s'affiche : L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.
. Cliques sur Ok pour poursuivre.
. Si des malwares ont été détectés, clique sur Afficher les résultats
. Sélectionnes tout (ou laisses cochés) et cliques sur Supprimer la sélection Malwarebytes va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
. Malwarebytes va ouvrir le bloc-notes et y copier le rapport d'analyse.
. Rends toi dans l'onglet rapport/log
. Tu cliques dessus pour l'afficher, une fois affiché
. Tu cliques sur edition en haut du boc notes, et puis sur sélectionner tous
. Tu recliques sur edition et puis sur copier et tu reviens sur le forum et dans ta réponse
. tu cliques droit dans le cadre de la reponse et coller
Si tu as besoin d'aide regarde ces tutoriels :
Aide: https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
http://www.infos-du-net.com/forum/278396-11-tuto-malwarebytes-anti-malware-mbam
Utilisateur anonyme
3 juin 2010 à 21:30
3 juin 2010 à 21:30
* Télécharge UsbFix sur ton bureau .
http://pagesperso-orange.fr/NosTools/Chiquitine29/UsbFix.exe
(!) Branche tes sources de données externes à ton PC, (clé USB, disque dur externe,carte SD etc...) susceptible d'avoir été infectées sans les ouvrir
* Double clic sur "UsbFix.exe"
* Choisis l'option Recherche sur le Panneau de contrôle .
* Laisse travailler l'outil.
* Ensuite poste le rapport UsbFix.txt qui apparaitra.
* Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque. ( C:\UsbFix.txt )
( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
tuto pour t'aidez http://pagesperso-orange.fr/NosTools/tuto_usbfix2.html
* Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
http://pagesperso-orange.fr/NosTools/Chiquitine29/UsbFix.exe
(!) Branche tes sources de données externes à ton PC, (clé USB, disque dur externe,carte SD etc...) susceptible d'avoir été infectées sans les ouvrir
* Double clic sur "UsbFix.exe"
* Choisis l'option Recherche sur le Panneau de contrôle .
* Laisse travailler l'outil.
* Ensuite poste le rapport UsbFix.txt qui apparaitra.
* Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque. ( C:\UsbFix.txt )
( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
tuto pour t'aidez http://pagesperso-orange.fr/NosTools/tuto_usbfix2.html
* Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
Utilisateur anonyme
3 juin 2010 à 21:48
3 juin 2010 à 21:48
Suppression
Branche tes sources de données externes à ton PC, (clé USB, disque dur externe......) susceptibles d'avoir été infectés sans les ouvrir
(1) Double clic sur le raccourci UsbFix présent sur ton bureau
(2) Choisi l'option Suppression
UsbFix scannera ton pc , laisse travailler l outil.
Ensuite poste le rapport UsbFix.txt qui apparaitra avec le bureau .
Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque.( C:\UsbFix.txt )
( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
Branche tes sources de données externes à ton PC, (clé USB, disque dur externe......) susceptibles d'avoir été infectés sans les ouvrir
(1) Double clic sur le raccourci UsbFix présent sur ton bureau
(2) Choisi l'option Suppression
UsbFix scannera ton pc , laisse travailler l outil.
Ensuite poste le rapport UsbFix.txt qui apparaitra avec le bureau .
Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque.( C:\UsbFix.txt )
( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
bonjour et okiii merci le scan est en train de se dérouler !
Mon problème était que j avais beaucoup de message qui me disai que j avai un virus qui infectait mon ordi .
En effet je pense avoir des probleme car 1m30 de scan et deja 30 fichiers infectés detectés.
Merci encore je vais suivre tes indications .
Mon problème était que j avais beaucoup de message qui me disai que j avai un virus qui infectait mon ordi .
En effet je pense avoir des probleme car 1m30 de scan et deja 30 fichiers infectés detectés.
Merci encore je vais suivre tes indications .
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Version de la base de données: 4167
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
03/06/2010 21:25:45
mbam-log-2010-06-03 (21-25-45).txt
Type d'examen: Examen complet (C:\|D:\|)
Elément(s) analysé(s): 240956
Temps écoulé: 51 minute(s), 16 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 95
Valeur(s) du Registre infectée(s): 7
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 15
Fichier(s) infecté(s): 55
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
C:\Users\RACHID\AppData\Local\Temp\sshnas21.dll (Trojan.Downloader) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\coresrv.lfgax (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{0729f461-8054-47dc-8d39-a31b61cc0119} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{40ca90f3-4098-4877-ae87-23eb612b18c7} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{4c3b62af-ca25-4fba-8405-32e44f83bb6f} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{5a635a91-c303-45c9-8db9-f759d98a3b9d} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7e335d04-2e6e-4d0e-a921-c3d9192e7121} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{99ccfb8c-6380-4a14-8fdd-ef3e7e95335d} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{b20d7add-989c-4bc0-a797-f6fe7998efd7} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{bfc20a15-b0ac-44cc-a25a-a7039014ba9f} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{f019aec4-4c95-46de-a107-e302473e3b9a} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2d00aa2a-69ef-487a-8a40-b3e27f07c91e} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{86c5840b-80c4-4c30-a655-37344a542009} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b0cb585f-3271-4e42-88d9-ae5c9330d554} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\coresrv.lfgax.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostie.bho (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostie.bho.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hotbarweather.weathercontroller (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hotbarweather.weathercontroller.1 (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\srv.coreservices (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\srv.coreservices.1 (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2f9ad413-2e0b-4a85-bb2a-cf961238262a} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{70880ce6-308c-4204-a89e-b266c3f7b7fa} (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8c788aa2-7530-43be-97b7-4d491f13bea3} (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a078f691-9c07-4af2-bf43-35e79eecf8b7} (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a078f691-9c07-4af2-bf43-35e79eecf8b7} (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{eddbb5ee-bb64-4bfc-9dbe-e7c85941335b} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{a078f691-9c07-4af2-bf43-35e79eecf8b7} (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{148e1447-c728-48fd-beec-a7d06c5fff58} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{8ee46f55-1ce1-4db9-811a-68938ec7f3dd} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{a87dfd99-cf81-4241-85ce-881e0026b686} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{c96b9fae-a032-4100-bb47-32ef05e28be4} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{14113b47-d59c-4f0f-9d10-ff1730265584} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a9c42a57-421c-4572-8b12-249c59183d1c} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{8292078f-f6e9-412b-8eb1-360c05c5ece5} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2447e305-5e90-42a8-bd1e-0bc333b807e1} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{50d2fdcc-2707-49cb-8223-7fe0424909aa} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{878ce013-7ba9-4650-a78c-b2234c0c1648} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a5b6fa30-d317-41ca-9cb1-c898d3c7f34e} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{cc19a5f2-b4ad-41d5-a5c9-0680904c1483} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{76d54105-99eb-4ecb-95b2-a944f50cc566} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{30b15818-e110-4527-9c05-46ace5a3460d} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{618aad04-921f-44c2-be38-c0818af69861} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{b5d2ed96-62f9-4c2c-956d-e425b1f67337} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{d3a412e8-1e4b-47d2-9b12-f88291f5afbb} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a3e67daa-da01-4da5-98be-3088b554a11e} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{a3e67daa-da01-4da5-98be-3088b554a11e} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d95c7240-0282-4c01-93f5-673bca03da86} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{d95c7240-0282-4c01-93f5-673bca03da86} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{03d7ff6e-9781-40b5-bb7f-94291a361604} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3ceb04ab-08af-45f4-81b4-70d13c1f7b85} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{a7213d71-47e1-4832-92d7-d61dfe9f231f} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{cf82f350-e1c4-4916-ac12-ba73db60afb7} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{c62a9e79-2b52-439b-af57-2e60bb06e86c} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{15fd8424-d12a-4c51-8c6c-d5d57b80f781} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{67b3becf-7b6f-42b2-99f0-f7656f89cffa} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{715ffd42-4e05-4eab-9513-c8daa5395ae2} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{759d6f7c-8d30-45b6-abea-fa51c190eed5} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{9a4a64a4-a2fb-48fa-9bba-1ac50267695d} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{62906e60-bce2-4e1b-9ed0-8b9042ee15e4} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{f9bfa98d-9935-4ea4-a05a-72c7f0778f02} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{cdc73256-a88d-4642-844e-a8f20b76789c} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{d1063603-f045-475f-afbc-8cba7d5797fb} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\cntntcntr.cntntdic (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\cntntcntr.cntntdic.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\cntntcntr.cntntdisp (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\cntntcntr.cntntdisp.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\coresrv.coreservices (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\coresrv.coreservices.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbcoresrv.dynamicprop (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbcoresrv.dynamicprop.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbmain.commband (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbmain.commband.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbr.hbmain (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbr.hbmain.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostol.mailanim (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostol.mailanim.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostol.webmailsend (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostol.webmailsend.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hotbarax.info (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hotbarax.info.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hotbarax.userprofiles (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hotbarax.userprofiles.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\toolbar.htmlmenuui (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\toolbar.htmlmenuui.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\toolbar.toolbarctl (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\toolbar.toolbarctl.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Antimalware Doctor Inc (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\avsoft (Trojan.Fraudpack) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\avsuite (Rogue.AntivirusSuite) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\hotbarsa (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\M5T8QL3YW3 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Hotbar (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HotbarSA (Adware.Hotbar) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\nxymugml (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\hsfe8owijfisjhgs7ye39gjsoighsd7y3eu (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\halo2 (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\winid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\hsfg9w8gujsokgahi8gysgnsdgefshyjy (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\m5t8ql3yw3 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mcexecwin (Trojan.Agent) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\ProgramData\2ACA5CC3-0F83-453D-A079-1076FE1A8B65 (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Users\RACHID\AppData\Roaming\Hotbar (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Users\RACHID\AppData\Roaming\Hotbar\Weather (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Users\RACHID\AppData\Roaming\Hotbar\Weather\WeatherDPA (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Users\RACHID\AppData\Roaming\Hotbar\Weather\WeatherDPA\Weather_XML (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Users\RACHID\AppData\Roaming\Hotbar\Weather\Weather_XML (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\ProgramData\HotbarSA (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Users\RACHID\AppData\Roaming\WeatherDPA (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Hotbar (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Hotbar\bin (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Hotbar\bin\11.0.175.0 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Hotbar\bin\11.0.175.0\firefox (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Hotbar\bin\11.0.175.0\firefox\extensions (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Hotbar\bin\11.0.175.0\firefox\extensions\plugins (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotbar (Adware.Hotbar) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Users\RACHID\AppData\Local\thevsqxcf\otbatpatssd.exe (Trojan.Agent) -> Delete on reboot.
C:\Program Files (x86)\Hotbar\bin\11.0.175.0\CoreSrv.dll (Adware.Zango) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Hotbar\bin\11.0.175.0\firefox\extensions\plugins\npclntax_HotbarSA.dll (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\plugins\npclntax_HotbarSA.dll (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Users\RACHID\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0U223RL8\hypwhc[1].htm (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\RACHID\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0U223RL8\kkemu[1].htm (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\Users\RACHID\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0U223RL8\oriqbjdp[1].htm (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\RACHID\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N4BKKY42\rvqxfn[1].htm (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\RACHID\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\REKI187R\yptozgozmu[1].htm (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\RACHID\AppData\Local\Temp\axr9i0.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\RACHID\AppData\Local\Temp\ci9d0ja72te.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\RACHID\AppData\Local\Temp\drweb.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\RACHID\AppData\Local\Temp\exaorcwnms.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\RACHID\AppData\Local\Temp\gmfrxpgv.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\RACHID\AppData\Local\Temp\rknfl.exe (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\Users\RACHID\AppData\Local\Temp\taskmgr.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\RACHID\AppData\Local\Temp\wgvyd.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\RACHID\AppData\Local\Temp\wxanrmsceo.exe (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\RACHID\AppData\Local\VirtualStore\Windows\SysWOW64\net.net (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\RACHID\Desktop\setup(2).exe (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Users\RACHID\Desktop\setup(3).exe (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Users\RACHID\AppData\Roaming\Hotbar\Weather\WeatherStartup.xml (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Users\RACHID\AppData\Roaming\Hotbar\Weather\Weather_XML\Genera1 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Users\RACHID\AppData\Roaming\Hotbar\Weather\Weather_XML\General (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\ProgramData\HotbarSA\HotbarSA.dat (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\ProgramData\HotbarSA\HotbarSAAbout.mht (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\ProgramData\HotbarSA\HotbarSAau.dat (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\ProgramData\HotbarSA\HotbarSAEULA.mht (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\ProgramData\HotbarSA\HotbarSA_hpk.dat (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\ProgramData\HotbarSA\HotbarSA_kyf.dat (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Hotbar\bin\11.0.175.0\arrow.ico (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Hotbar\bin\11.0.175.0\CntntCntr.dll (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Hotbar\bin\11.0.175.0\copyright.txt (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Hotbar\bin\11.0.175.0\HostOL.dll (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Hotbar\bin\11.0.175.0\HotbarSAAX.dll (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Hotbar\bin\11.0.175.0\HotbarSADF.exe (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Hotbar\bin\11.0.175.0\HotbarSAHook.dll (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Hotbar\bin\11.0.175.0\HotbarUninstaller.exe (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Hotbar\bin\11.0.175.0\Srv.exe (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Hotbar\bin\11.0.175.0\Toolbar.dll (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Hotbar\bin\11.0.175.0\Weather.exe (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Hotbar\bin\11.0.175.0\WeSkin.dll (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Hotbar\bin\11.0.175.0\firefox\extensions\chrome.manifest (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Hotbar\bin\11.0.175.0\firefox\extensions\install.rdf (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotbar\About Hotbar.lnk (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotbar\Hotbar Customer Support Center.lnk (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotbar\Hotbar Games!.lnk (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotbar\Hotbar Uninstall Instructions.lnk (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotbar\Hotbar Videos!.lnk (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotbar\Reset Cursor.lnk (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotbar\Weather.lnk (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Users\RACHID\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Antimalware Doctor.lnk (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully.
C:\Users\RACHID\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Antimalware Doctor.lnk (Rogue.AntiMalwareDoctor) -> Quarantined and deleted successfully.
C:\Users\RACHID\AppData\Local\Temp\jisfije9fjoiee.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\RACHID\AppData\Local\Temp\sshnas21.dll (Trojan.Downloader) -> Delete on reboot.
VOILA LE RAPPORT ... Merci encore !
www.malwarebytes.org
Version de la base de données: 4167
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
03/06/2010 21:25:45
mbam-log-2010-06-03 (21-25-45).txt
Type d'examen: Examen complet (C:\|D:\|)
Elément(s) analysé(s): 240956
Temps écoulé: 51 minute(s), 16 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 95
Valeur(s) du Registre infectée(s): 7
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 15
Fichier(s) infecté(s): 55
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
C:\Users\RACHID\AppData\Local\Temp\sshnas21.dll (Trojan.Downloader) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\coresrv.lfgax (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{0729f461-8054-47dc-8d39-a31b61cc0119} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{40ca90f3-4098-4877-ae87-23eb612b18c7} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{4c3b62af-ca25-4fba-8405-32e44f83bb6f} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{5a635a91-c303-45c9-8db9-f759d98a3b9d} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7e335d04-2e6e-4d0e-a921-c3d9192e7121} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{99ccfb8c-6380-4a14-8fdd-ef3e7e95335d} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{b20d7add-989c-4bc0-a797-f6fe7998efd7} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{bfc20a15-b0ac-44cc-a25a-a7039014ba9f} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{f019aec4-4c95-46de-a107-e302473e3b9a} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2d00aa2a-69ef-487a-8a40-b3e27f07c91e} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{86c5840b-80c4-4c30-a655-37344a542009} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b0cb585f-3271-4e42-88d9-ae5c9330d554} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\coresrv.lfgax.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostie.bho (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostie.bho.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hotbarweather.weathercontroller (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hotbarweather.weathercontroller.1 (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\srv.coreservices (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\srv.coreservices.1 (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2f9ad413-2e0b-4a85-bb2a-cf961238262a} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{70880ce6-308c-4204-a89e-b266c3f7b7fa} (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8c788aa2-7530-43be-97b7-4d491f13bea3} (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a078f691-9c07-4af2-bf43-35e79eecf8b7} (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a078f691-9c07-4af2-bf43-35e79eecf8b7} (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{eddbb5ee-bb64-4bfc-9dbe-e7c85941335b} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{a078f691-9c07-4af2-bf43-35e79eecf8b7} (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{148e1447-c728-48fd-beec-a7d06c5fff58} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{8ee46f55-1ce1-4db9-811a-68938ec7f3dd} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{a87dfd99-cf81-4241-85ce-881e0026b686} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{c96b9fae-a032-4100-bb47-32ef05e28be4} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{14113b47-d59c-4f0f-9d10-ff1730265584} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a9c42a57-421c-4572-8b12-249c59183d1c} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{8292078f-f6e9-412b-8eb1-360c05c5ece5} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2447e305-5e90-42a8-bd1e-0bc333b807e1} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{50d2fdcc-2707-49cb-8223-7fe0424909aa} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{878ce013-7ba9-4650-a78c-b2234c0c1648} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a5b6fa30-d317-41ca-9cb1-c898d3c7f34e} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{cc19a5f2-b4ad-41d5-a5c9-0680904c1483} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{76d54105-99eb-4ecb-95b2-a944f50cc566} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{30b15818-e110-4527-9c05-46ace5a3460d} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{618aad04-921f-44c2-be38-c0818af69861} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{b5d2ed96-62f9-4c2c-956d-e425b1f67337} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{d3a412e8-1e4b-47d2-9b12-f88291f5afbb} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a3e67daa-da01-4da5-98be-3088b554a11e} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{a3e67daa-da01-4da5-98be-3088b554a11e} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d95c7240-0282-4c01-93f5-673bca03da86} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{d95c7240-0282-4c01-93f5-673bca03da86} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{03d7ff6e-9781-40b5-bb7f-94291a361604} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3ceb04ab-08af-45f4-81b4-70d13c1f7b85} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{a7213d71-47e1-4832-92d7-d61dfe9f231f} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{cf82f350-e1c4-4916-ac12-ba73db60afb7} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{c62a9e79-2b52-439b-af57-2e60bb06e86c} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{15fd8424-d12a-4c51-8c6c-d5d57b80f781} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{67b3becf-7b6f-42b2-99f0-f7656f89cffa} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{715ffd42-4e05-4eab-9513-c8daa5395ae2} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{759d6f7c-8d30-45b6-abea-fa51c190eed5} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{9a4a64a4-a2fb-48fa-9bba-1ac50267695d} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{62906e60-bce2-4e1b-9ed0-8b9042ee15e4} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{f9bfa98d-9935-4ea4-a05a-72c7f0778f02} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{cdc73256-a88d-4642-844e-a8f20b76789c} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{d1063603-f045-475f-afbc-8cba7d5797fb} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\cntntcntr.cntntdic (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\cntntcntr.cntntdic.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\cntntcntr.cntntdisp (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\cntntcntr.cntntdisp.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\coresrv.coreservices (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\coresrv.coreservices.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbcoresrv.dynamicprop (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbcoresrv.dynamicprop.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbmain.commband (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbmain.commband.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbr.hbmain (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbr.hbmain.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostol.mailanim (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostol.mailanim.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostol.webmailsend (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostol.webmailsend.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hotbarax.info (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hotbarax.info.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hotbarax.userprofiles (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hotbarax.userprofiles.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\toolbar.htmlmenuui (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\toolbar.htmlmenuui.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\toolbar.toolbarctl (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\toolbar.toolbarctl.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Antimalware Doctor Inc (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\avsoft (Trojan.Fraudpack) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\avsuite (Rogue.AntivirusSuite) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\hotbarsa (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\M5T8QL3YW3 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Hotbar (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HotbarSA (Adware.Hotbar) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\nxymugml (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\hsfe8owijfisjhgs7ye39gjsoighsd7y3eu (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\halo2 (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\winid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\hsfg9w8gujsokgahi8gysgnsdgefshyjy (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\m5t8ql3yw3 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mcexecwin (Trojan.Agent) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\ProgramData\2ACA5CC3-0F83-453D-A079-1076FE1A8B65 (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Users\RACHID\AppData\Roaming\Hotbar (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Users\RACHID\AppData\Roaming\Hotbar\Weather (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Users\RACHID\AppData\Roaming\Hotbar\Weather\WeatherDPA (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Users\RACHID\AppData\Roaming\Hotbar\Weather\WeatherDPA\Weather_XML (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Users\RACHID\AppData\Roaming\Hotbar\Weather\Weather_XML (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\ProgramData\HotbarSA (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Users\RACHID\AppData\Roaming\WeatherDPA (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Hotbar (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Hotbar\bin (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Hotbar\bin\11.0.175.0 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Hotbar\bin\11.0.175.0\firefox (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Hotbar\bin\11.0.175.0\firefox\extensions (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Hotbar\bin\11.0.175.0\firefox\extensions\plugins (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotbar (Adware.Hotbar) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Users\RACHID\AppData\Local\thevsqxcf\otbatpatssd.exe (Trojan.Agent) -> Delete on reboot.
C:\Program Files (x86)\Hotbar\bin\11.0.175.0\CoreSrv.dll (Adware.Zango) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Hotbar\bin\11.0.175.0\firefox\extensions\plugins\npclntax_HotbarSA.dll (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\plugins\npclntax_HotbarSA.dll (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Users\RACHID\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0U223RL8\hypwhc[1].htm (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\RACHID\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0U223RL8\kkemu[1].htm (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\Users\RACHID\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0U223RL8\oriqbjdp[1].htm (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\RACHID\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N4BKKY42\rvqxfn[1].htm (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\RACHID\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\REKI187R\yptozgozmu[1].htm (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\RACHID\AppData\Local\Temp\axr9i0.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\RACHID\AppData\Local\Temp\ci9d0ja72te.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\RACHID\AppData\Local\Temp\drweb.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\RACHID\AppData\Local\Temp\exaorcwnms.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\RACHID\AppData\Local\Temp\gmfrxpgv.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\RACHID\AppData\Local\Temp\rknfl.exe (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\Users\RACHID\AppData\Local\Temp\taskmgr.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\RACHID\AppData\Local\Temp\wgvyd.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\RACHID\AppData\Local\Temp\wxanrmsceo.exe (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\RACHID\AppData\Local\VirtualStore\Windows\SysWOW64\net.net (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\RACHID\Desktop\setup(2).exe (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Users\RACHID\Desktop\setup(3).exe (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Users\RACHID\AppData\Roaming\Hotbar\Weather\WeatherStartup.xml (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Users\RACHID\AppData\Roaming\Hotbar\Weather\Weather_XML\Genera1 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Users\RACHID\AppData\Roaming\Hotbar\Weather\Weather_XML\General (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\ProgramData\HotbarSA\HotbarSA.dat (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\ProgramData\HotbarSA\HotbarSAAbout.mht (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\ProgramData\HotbarSA\HotbarSAau.dat (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\ProgramData\HotbarSA\HotbarSAEULA.mht (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\ProgramData\HotbarSA\HotbarSA_hpk.dat (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\ProgramData\HotbarSA\HotbarSA_kyf.dat (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Hotbar\bin\11.0.175.0\arrow.ico (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Hotbar\bin\11.0.175.0\CntntCntr.dll (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Hotbar\bin\11.0.175.0\copyright.txt (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Hotbar\bin\11.0.175.0\HostOL.dll (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Hotbar\bin\11.0.175.0\HotbarSAAX.dll (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Hotbar\bin\11.0.175.0\HotbarSADF.exe (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Hotbar\bin\11.0.175.0\HotbarSAHook.dll (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Hotbar\bin\11.0.175.0\HotbarUninstaller.exe (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Hotbar\bin\11.0.175.0\Srv.exe (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Hotbar\bin\11.0.175.0\Toolbar.dll (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Hotbar\bin\11.0.175.0\Weather.exe (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Hotbar\bin\11.0.175.0\WeSkin.dll (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Hotbar\bin\11.0.175.0\firefox\extensions\chrome.manifest (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Hotbar\bin\11.0.175.0\firefox\extensions\install.rdf (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotbar\About Hotbar.lnk (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotbar\Hotbar Customer Support Center.lnk (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotbar\Hotbar Games!.lnk (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotbar\Hotbar Uninstall Instructions.lnk (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotbar\Hotbar Videos!.lnk (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotbar\Reset Cursor.lnk (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotbar\Weather.lnk (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Users\RACHID\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Antimalware Doctor.lnk (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully.
C:\Users\RACHID\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Antimalware Doctor.lnk (Rogue.AntiMalwareDoctor) -> Quarantined and deleted successfully.
C:\Users\RACHID\AppData\Local\Temp\jisfije9fjoiee.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\RACHID\AppData\Local\Temp\sshnas21.dll (Trojan.Downloader) -> Delete on reboot.
VOILA LE RAPPORT ... Merci encore !
Ci joint rapport
############################## | Usbfix 7.004 | [Recherche]
Utilisateur: RACHID (Administrateur) # RACHID-PC [ASUSTeK Computer Inc. K70IC]
Mis à jour le 03/06/10 par El Desaparecido / C_XX
Lancé à 21:40:06 | 03/06/2010
Site Web: http://pagesperso-orange.fr/NosTools/index.html
Contact: FindyKill.Contact@gmail.com
CPU: Pentium(R) Dual-Core CPU T4300 @ 2.10GHz
CPU 2: Pentium(R) Dual-Core CPU T4300 @ 2.10GHz
Microsoft Windows 7 Édition Familiale Premium (6.1.7600 64-Bit) #
Internet Explorer 8.0.7600.16385
Pare-feu Windows: Activé
RAM -> 4095 Mo
C:\ (%systemdrive%) -> Disque fixe # 116 Go (58 Go libre(s) - 49%) [OS] # NTFS
D:\ -> Disque fixe # 335 Go (220 Go libre(s) - 66%) [DATA] # NTFS
E:\ -> CD-ROM
F:\ -> Disque amovible # 7 Go (7 Go libre(s) - 91%) [] # FAT32
G:\ -> Disque amovible # 2 Go (988 Mo libre(s) - 53%) [BLACKBERRY] # FAT
################## | Éléments infectieux |
Présent! C:\Users\RACHID\AppData\Local\Temp\a.dat
Présent! C:\Users\RACHID\AppData\Local\Temp\Krv.exe
Présent! C:\Windows\Temp\TS_45A7.tmp
Présent! C:\Windows\Temp\TS_4EEC.tmp
Présent! C:\Windows\Temp\TS_59D5.tmp
Présent! C:\Windows\Temp\TS_5C75.tmp
Présent! C:\Windows\Temp\TS_680A.tmp
Présent! C:\Windows\Temp\TS_6A2D.tmp
Présent! C:\Windows\Temp\TS_7E3A.tmp
Présent! C:\Windows\Temp\TS_84B1.tmp
Présent! C:\$Recycle.Bin\S-1-5-20
Présent! C:\$Recycle.Bin\S-1-5-21-4080371051-1183795208-399852074-1000
Présent! D:\$Recycle.Bin\S-1-5-21-4080371051-1183795208-399852074-1000
Présent! D:\$Recycle.Bin\S-1-5-21-4080371051-1183795208-399852074-500
################## | Registre |
################## | Mountpoints2 |
################## | Vaccin |
(!) Cet ordinateur n'est pas vacciné!
################## | E.O.F |
############################## | Usbfix 7.004 | [Recherche]
Utilisateur: RACHID (Administrateur) # RACHID-PC [ASUSTeK Computer Inc. K70IC]
Mis à jour le 03/06/10 par El Desaparecido / C_XX
Lancé à 21:40:06 | 03/06/2010
Site Web: http://pagesperso-orange.fr/NosTools/index.html
Contact: FindyKill.Contact@gmail.com
CPU: Pentium(R) Dual-Core CPU T4300 @ 2.10GHz
CPU 2: Pentium(R) Dual-Core CPU T4300 @ 2.10GHz
Microsoft Windows 7 Édition Familiale Premium (6.1.7600 64-Bit) #
Internet Explorer 8.0.7600.16385
Pare-feu Windows: Activé
RAM -> 4095 Mo
C:\ (%systemdrive%) -> Disque fixe # 116 Go (58 Go libre(s) - 49%) [OS] # NTFS
D:\ -> Disque fixe # 335 Go (220 Go libre(s) - 66%) [DATA] # NTFS
E:\ -> CD-ROM
F:\ -> Disque amovible # 7 Go (7 Go libre(s) - 91%) [] # FAT32
G:\ -> Disque amovible # 2 Go (988 Mo libre(s) - 53%) [BLACKBERRY] # FAT
################## | Éléments infectieux |
Présent! C:\Users\RACHID\AppData\Local\Temp\a.dat
Présent! C:\Users\RACHID\AppData\Local\Temp\Krv.exe
Présent! C:\Windows\Temp\TS_45A7.tmp
Présent! C:\Windows\Temp\TS_4EEC.tmp
Présent! C:\Windows\Temp\TS_59D5.tmp
Présent! C:\Windows\Temp\TS_5C75.tmp
Présent! C:\Windows\Temp\TS_680A.tmp
Présent! C:\Windows\Temp\TS_6A2D.tmp
Présent! C:\Windows\Temp\TS_7E3A.tmp
Présent! C:\Windows\Temp\TS_84B1.tmp
Présent! C:\$Recycle.Bin\S-1-5-20
Présent! C:\$Recycle.Bin\S-1-5-21-4080371051-1183795208-399852074-1000
Présent! D:\$Recycle.Bin\S-1-5-21-4080371051-1183795208-399852074-1000
Présent! D:\$Recycle.Bin\S-1-5-21-4080371051-1183795208-399852074-500
################## | Registre |
################## | Mountpoints2 |
################## | Vaccin |
(!) Cet ordinateur n'est pas vacciné!
################## | E.O.F |
HOHOOOOOOO ! probleme !
je n'arrive pas a supprimer !
Jai un message d erreur qui m indique que KILL.exe a cessé de fonctionné et que window va fermer ce programme .
je n'arrive pas a supprimer !
Jai un message d erreur qui m indique que KILL.exe a cessé de fonctionné et que window va fermer ce programme .
Utilisateur anonyme
3 juin 2010 à 22:44
3 juin 2010 à 22:44
On va utiliser une alternative à UsbFix :
Télécharge l'outil Flash_Disinfector de sUBs et enregistre le sur ton bureau
https://download.bleepingcomputer.com/sUBs/Flash_Disinfector.exe
Sous XP : Double clique sur Flash_Disinfector.exe pour l'exécuter.
sous vista : Clic-droit sur Flash_Disinfector présent sur le bureau et choisis "Exécuter en tant qu'administrateur"
Quand le message : [Plug in yours flash drive & clic Ok to begin disinfection] apparaitra :
Connecte au pc, clé USB, DD externes, susceptibles d'avoir été infectés.
Puis clic sur Ok
Les icônes sur le bureau vont disparaître jusqu'à l'apparition du message: [Done!!]
Appuie ensuite sur OK, pour faire réapparaître le bureau.
Télécharge l'outil Flash_Disinfector de sUBs et enregistre le sur ton bureau
https://download.bleepingcomputer.com/sUBs/Flash_Disinfector.exe
Sous XP : Double clique sur Flash_Disinfector.exe pour l'exécuter.
sous vista : Clic-droit sur Flash_Disinfector présent sur le bureau et choisis "Exécuter en tant qu'administrateur"
Quand le message : [Plug in yours flash drive & clic Ok to begin disinfection] apparaitra :
Connecte au pc, clé USB, DD externes, susceptibles d'avoir été infectés.
Puis clic sur Ok
Les icônes sur le bureau vont disparaître jusqu'à l'apparition du message: [Done!!]
Appuie ensuite sur OK, pour faire réapparaître le bureau.
Cette fois ci ca me dis que le programme ne c'est pas installer correctement , essayer de retelecharger une deuxième fois, j ai retente plusieurs fois l opération mais rien n'y fait . je COMMENCE A CROIRE QUE MON PROBLÈME EST PLUS GRAVE :-(( est ce le cas ? En tout cas merci pour votre aide c'est vraiment très gentils
Utilisateur anonyme
3 juin 2010 à 22:59
3 juin 2010 à 22:59
peux tu le faire en mode sans echec ?
Alors je l ai fait en mode sans echec avec USBFIX et cette fois ci cela a fonctionnerv
seulement au moment de vouloire redemarrer l ordi , il n y avai rien d autre qu un ecran noir .
j ai ete obligé de redemarrer manuellement et window a refuser de demmarrer . Cel ma mis plusieur chose en Anglais comme si une sécurité" window allais recuperer a un point de sauvegarde donné et ca a été le cas puisqu en se rallument je n ai plus rien de tous ce que j avais installe sur mon PC ..
En bref je vais recommencer tous le descriptif du topic demain .
seulement au moment de vouloire redemarrer l ordi , il n y avai rien d autre qu un ecran noir .
j ai ete obligé de redemarrer manuellement et window a refuser de demmarrer . Cel ma mis plusieur chose en Anglais comme si une sécurité" window allais recuperer a un point de sauvegarde donné et ca a été le cas puisqu en se rallument je n ai plus rien de tous ce que j avais installe sur mon PC ..
En bref je vais recommencer tous le descriptif du topic demain .
bonjour !!!
alors aujourd hui g tout recommencer et apparament ca a fonctionner . Maintenant c'est mon Internet Explorer qui ne fonctionne plus! G essayé de telecharge une nouvelle version mais
impossible . Ci joint diagn réseau de l ordi sur le problème avec explorer
MERCI A VOUS
Diagnostics réseau de Windows Détails de l'éditeur
Problèmes trouvés
Le périphérique ou la ressource distant n'accepte pas la connexion.Le périphérique ou la ressource distant n'accepte pas la connexion.
Le périphérique ou la ressource (www.google.fr) n'est pas configuré pour accepter les connexions sur le port « Service Web (HTTP) ». Détecté
Contactez votre administrateur réseau. Terminé
Problèmes trouvés Détails de la détection
5 Le périphérique ou la ressource distant n'accepte pas la connexion. Détecté
Le périphérique ou la ressource (www.google.fr) n'est pas configuré pour accepter les connexions sur le port « Service Web (HTTP) ».
Contactez votre administrateur réseau. Terminé
L'ordinateur ou le périphérique que vous essayez d'atteindre est disponible, mais il ne prend pas en charge ce que vous essayez de réaliser. Il peut s'agir d'un problème de configuration ou d'une limitation du périphérique.
Détails de la détection
Journal de diagnostic réseau
Nom de fichier: 64CD4436-11ED-499E-A09F-F693984A4BA0.Diagnose.0.etl
Autres configurations et journaux réseau
Nom de fichier: NetworkConfiguration.cab
Informations sur la collecte des données
Nom de l'ordinateur: RACHID-PC
Version de Windows: 6.1
Architecture: amd64
Heure: vendredi 4 juin 2010 18:03:32
Détails de l'éditeur
Diagnostics réseau de Windows
Détecte les problèmes de connectivité du réseau.
Version de package: 1.0
Éditeur: Microsoft Windows
alors aujourd hui g tout recommencer et apparament ca a fonctionner . Maintenant c'est mon Internet Explorer qui ne fonctionne plus! G essayé de telecharge une nouvelle version mais
impossible . Ci joint diagn réseau de l ordi sur le problème avec explorer
MERCI A VOUS
Diagnostics réseau de Windows Détails de l'éditeur
Problèmes trouvés
Le périphérique ou la ressource distant n'accepte pas la connexion.Le périphérique ou la ressource distant n'accepte pas la connexion.
Le périphérique ou la ressource (www.google.fr) n'est pas configuré pour accepter les connexions sur le port « Service Web (HTTP) ». Détecté
Contactez votre administrateur réseau. Terminé
Problèmes trouvés Détails de la détection
5 Le périphérique ou la ressource distant n'accepte pas la connexion. Détecté
Le périphérique ou la ressource (www.google.fr) n'est pas configuré pour accepter les connexions sur le port « Service Web (HTTP) ».
Contactez votre administrateur réseau. Terminé
L'ordinateur ou le périphérique que vous essayez d'atteindre est disponible, mais il ne prend pas en charge ce que vous essayez de réaliser. Il peut s'agir d'un problème de configuration ou d'une limitation du périphérique.
Détails de la détection
Journal de diagnostic réseau
Nom de fichier: 64CD4436-11ED-499E-A09F-F693984A4BA0.Diagnose.0.etl
Autres configurations et journaux réseau
Nom de fichier: NetworkConfiguration.cab
Informations sur la collecte des données
Nom de l'ordinateur: RACHID-PC
Version de Windows: 6.1
Architecture: amd64
Heure: vendredi 4 juin 2010 18:03:32
Détails de l'éditeur
Diagnostics réseau de Windows
Détecte les problèmes de connectivité du réseau.
Version de package: 1.0
Éditeur: Microsoft Windows
Utilisateur anonyme
Modifié par lamer01 le 3/06/2010 à 22:26
Modifié par lamer01 le 3/06/2010 à 22:26
Branche tes sources de données externes à ton PC, (clé USB, disque dur externe......) susceptibles d'avoir été infectés sans les ouvrir
---> Télécharge ComboFix.exe de sUBs sur ton Bureau :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
/!\ Déconnecte-toi du net et ferme toutes les applications, antivirus et antispyware y compris /!\
---> Double-clique sur Combofix.exe
Un "pop-up" va apparaître qui dit que "ComboFix est utilisé à vos risques et avec aucune garantie...".
Accepte en cliquant sur "Oui"
---> Mets-le en langue française F
Tape sur la touche 1 (Yes) pour démarrer le scan.
/!\ Ne touche à rien tant que le scan n'est pas terminé. /!\
En fin de scan, il est possible que ComboFix ait besoin de redémarrer le PC pour finaliser la désinfection, laisse-le faire.
Une fois le scan achevé, un rapport va s'afficher : Poste son contenu
/!\ Réactive la protection en temps réel de ton antivirus et de ton antispyware avant de te reconnecter à Internet. /!\
Note : Le rapport se trouve également là : C:\ComboFix.txt
---> Télécharge ComboFix.exe de sUBs sur ton Bureau :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
/!\ Déconnecte-toi du net et ferme toutes les applications, antivirus et antispyware y compris /!\
---> Double-clique sur Combofix.exe
Un "pop-up" va apparaître qui dit que "ComboFix est utilisé à vos risques et avec aucune garantie...".
Accepte en cliquant sur "Oui"
---> Mets-le en langue française F
Tape sur la touche 1 (Yes) pour démarrer le scan.
/!\ Ne touche à rien tant que le scan n'est pas terminé. /!\
En fin de scan, il est possible que ComboFix ait besoin de redémarrer le PC pour finaliser la désinfection, laisse-le faire.
Une fois le scan achevé, un rapport va s'afficher : Poste son contenu
/!\ Réactive la protection en temps réel de ton antivirus et de ton antispyware avant de te reconnecter à Internet. /!\
Note : Le rapport se trouve également là : C:\ComboFix.txt
