supprimer virus Gen:Variant.Adware.1Fermé

Question

Bonjour, 
Depuis cet apres-midi et un peu de surf sur internet, bitdefender me signale qu'il a bloqué un virus: Gen:Variant.Adware.1
il a aussi traité les fichiers infectés mais le scan ne retrouve rien et l'alerte virus continue d'apparaitre. et là il me dit qu'il n'a pas pu desinfecter, supprimer ou mettre en quarantaine cet element et que l'objet a été interdit.
Je n'ai pas retrouver d'info sur le site de bitdefender pour supprimer ce virus!
Si quelqu'un pouvait m'aider à supprimer ce virus, ce serait bien! merci


Configuration: Windows 7 / Firefox 3.6.6

Shad || x || · Accepted Answer

Tu es infectée par le spyware HotBar/ShopperReports qui fait parti des barres d'outils pour Internet Explorer qui affiche des popup de publicités ou transmets les sites WEB que vous visitez à des serveurs tiers.
Ces programmes sont proposés via des popups de pubs sur des sites Bannières/popups de publicités dangereuses sur la toile.

# Ouvre Ajout/suppression de programmes dans le Panneau de configuration, désinstalle tous les programmes comportants le mot :

    * HbTools
    * Hotbar
    * SpamBlockerUtility
    * ShopperReports



Ensuite:

* Télécharge Malwarebytes Antimalware :
http://data-cdn.mbamupdates.com/v0/program/data/mbam-setup-1.46.exe
* Fais la mise à jour du logiciel (elle se fait normalement à l'installation) 

# Choisis « Exécuter un examen complet » en cliquant dessus. 
Sélectionne les disques que tu veux analyser et clique sur "Lancer l'examen"
# Clique sur Rechercher 
# Patiente jusqu'à la fin du scan.....une fenêtre s'ouvrira, clique alors sur OK 
# Si MalwareByte's n'a rien détecté, clique sur Ok. Un rapport va apparaître ferme-le. 
# Si MalwareByte's a détecté des infections, clique sur Afficher les résultats puis sur Supprimer la sélection 
# Enregistre le rapport sur ton Bureau pour le trouver plus facilement.
#Poste ensuite ce rapport. 

Note : Si MalwareByte's a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.

Shad || x || · Answer

Salut,

>> Télécharge ZHPDiag sur ton bureau :  

https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html  

>> Laisse toi guider lors de l'installation, il se lancera automatiquement à la fin.  

>> Clique sur l'icône représentant une loupe (« Lancer le diagnostic »)  
>> Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette  
>> Héberge le rapport ZHPDiag.txt sur Cijoint, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum :  
http://www.cijoint.fr/

marieb.44 · Answer

voici ce que ça donne:
http://www.cijoint.fr/cjlink.php?file=cj201007/cijw2YBrI6.txt

marieb.44 · Answer

concernant les programmes à supprimer avec les mots que tu m'as donné j'en avais qu'un! en fait j'avais déjà supprimé certains programme avant de poster ma question. j'ai fais ce que tu m'as dis ensuite, voici le rapport:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Version de la base de données: 4313

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

14/07/2010 19:27:52
mbam-log-2010-07-14 (19-27-52).txt

Type d'examen: Examen complet (C:\|D:\|)
Elément(s) analysé(s): 367306
Temps écoulé: 53 minute(s), 18 seconde(s)

Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 107
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 10
Fichier(s) infecté(s): 18

Processus mémoire infecté(s):
C:\Users\marie\AppData\Local\Temp\saiE980.exe (Adware.Zwangi) -> Unloaded process successfully.

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\shopperreports.hbax (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{e343edfc-1e6c-4cb5-aa29-e9c922641c80} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{d8560ac2-21b5-4c1a-bdd4-bd12bc83b082} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{20ea9658-6bc3-4599-a87d-6371fe9295fc} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a16ad1e9-f69a-45af-9462-b1c286708842} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c9ccbb35-d123-4a31-affc-9b2933132116} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.hbax.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.hbinfoband (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.hbinfoband.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.iebutton (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.iebutton.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.iebuttona (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.iebuttona.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.rprtctrl (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.rprtctrl.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{21ba420e-161c-413a-b21e-4e42ae1f4226} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{453db0c5-f41c-4d97-8dd6-cc72ecd5f699} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{4afc07d0-59bb-46b8-b097-1a46e88eef71} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{6511ce4c-4722-40d0-ad3d-4afa2f50978a} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{8ad9ad05-36be-4e40-ba62-5422eb0d02fb} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{9bec9b38-bf39-4899-806e-a1c5dfeb60a2} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{aebf09e2-0c15-43c8-99bf-928c645d98a0} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{b86d82bf-d39f-439a-a07c-43eddc6f6ea6} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{da6305b9-0869-4235-8c1d-533a65e639e5} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e6961c59-cfce-4ccd-b794-bc78db98413a} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{f8b4ec8a-2407-4be0-aee2-0f430d65a90d} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{0d82acd6-a652-4496-a298-2bde705f4227} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{7025e484-d4b0-441a-9f0b-69063bd679ce} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{8258b35c-05b8-4c0e-9525-9bccc70f8f2d} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{a89256ad-ec17-4a83-bef5-4b8bc4f39306} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{acc62306-9a63-4864-bd2f-c8825d2d7ea6} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{cdca70d8-c6a6-49ee-9bed-7429d6c477a2} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{d136987f-e1c4-4ccc-a220-893df03ec5df} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{dee758b4-c3fb-4a5b-9939-848b9c77a2fb} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{573f4abb-a1a2-44ed-9ba9-a8dad40aac46} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{71e02280-5212-45c3-b174-4d5a35da254f} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{396cfc12-932d-496b-a0a8-5d7201e105e1} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{60da826c-b1c6-4358-bdec-4837ced45470} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{74c22317-5b90-471f-9ad2-fec049870a16} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c1089f63-7afc-4538-b0eb-bea0f4225a57} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{02aed140-2b62-4b49-8b3b-179020cc39b9} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{17bf1e05-c0e8-413c-bd1f-a481eea3b8e9} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{83b2fe06-ba20-4f7d-96c6-6fc3a4e877d3} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{b32966a2-f7c2-4362-a6cf-399ec8b44110} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{cc7bd6f1-565c-47ce-a5bb-9c935e77b59d} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{cfc16189-8a92-4a29-a940-60248385f426} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{5fe0ceae-cb69-40af-a323-40f94257dacb} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{65a16874-2ed0-460e-a547-5fe2ec3a13a7} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2721a8e5-bfdb-4562-9912-9e0531ca616c} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{f1a1892c-2a6c-4817-98b4-ff81443cba20} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e25da6d6-c365-46cf-abaf-dc5893135d7a} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{09325003-167c-483d-a4ba-8b3122abb432} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{6dd76b7b-6423-4df0-9a07-84a6cad973a0} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7f6cfb6a-9227-4bb8-b941-f2b067e76f51} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ab0ee208-df60-4fa7-a617-c4269760033e} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e12aeab6-7d12-4c07-8e36-5892efb4dafb} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e2f2c137-a782-4fb5-81af-086156f5eb0a} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{f1d06c9f-51f0-4476-bede-5ddf91be304e} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{f3a32df2-7413-4fb1-b575-1ac920a17b76} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\BRNstIE.DLL (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\CmndFF.DLL (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\mozillaps.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\Pltfrm.DLL (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.asyncreporter (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.asyncreporter.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.cntntdic (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.cntntdic.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.cntntdisp (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.cntntdisp.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.dwnldr (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.dwnldr.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.hbguru (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.hbguru.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.kopff (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.kopff.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.mozillanvgtntrpr (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.mozillanvgtntrpr.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.mozillapsexecuter (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.mozillapsexecuter.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.reportdata (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.reportdata.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.reporter (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.reporter.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.scopes (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.scopes.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.stock (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.stock.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.triggerimmidiate (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.triggerimmidiate.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.triggerimmidiateorrandomts (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.triggerimmidiateorrandomts.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.triggeronceinday (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.triggeronceinday.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\ShopperReports3 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ShopperReportsSA (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\ShopperReports3 (Adware.ShopperReports) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\extensions\shopperreports@shopperreports.com (ShopperReports) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Users\marie\AppData\Roaming\ShopperReports3 (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Program Files (x86)\ShopperReports3 (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Program Files (x86)\ShopperReports3\bin (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Program Files (x86)\ShopperReports3\bin\3.0.485.0 (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Program Files (x86)\ShopperReports3\bin\3.0.485.0\firefox (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Program Files (x86)\ShopperReports3\bin\3.0.485.0\firefox\firefoxtoolbar (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Program Files (x86)\ShopperReports3\bin\3.0.485.0\firefox\firefoxtoolbar\extensions (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Program Files (x86)\ShopperReports3\bin\3.0.485.0\firefox\firefoxtoolbar\extensions\chrome (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Program Files (x86)\ShopperReports3\bin\3.0.485.0\firefox\firefoxtoolbar\extensions\components (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShopperReports (Adware.ShopperReports) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Users\marie\AppData\Local\Temp\saiE980.exe (Adware.Zwangi) -> Quarantined and deleted successfully.
C:\Program Files (x86)\ShopperReports3\bin\3.0.485.0\ShopperReports.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Program Files (x86)\ShopperReports3\bin\3.0.485.0\BRNstIE.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Program Files (x86)\ShopperReports3\bin\3.0.485.0\CmndFF.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Program Files (x86)\ShopperReports3\bin\3.0.485.0\CntntCntr.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Program Files (x86)\ShopperReports3\bin\3.0.485.0\mozillaps.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Program Files (x86)\ShopperReports3\bin\3.0.485.0\Pltfrm.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Program Files (x86)\ShopperReports3\bin\3.0.485.0\ShopperReportsUninstaller.exe (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Program Files (x86)\ShopperReports3\bin\3.0.485.0\firefox\firefoxtoolbar\extensions\components\BRNstFF.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Users\marie\Downloads\VLCSetup.exe (Adware.HotBar) -> Quarantined and deleted successfully.
C:\Program Files (x86)\ShopperReports3\bin\3.0.485.0\link.ico (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Program Files (x86)\ShopperReports3\bin\3.0.485.0\firefox\firefoxtoolbar\extensions\chrome.manifest (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Program Files (x86)\ShopperReports3\bin\3.0.485.0\firefox\firefoxtoolbar\extensions\install.rdf (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Program Files (x86)\ShopperReports3\bin\3.0.485.0\firefox\firefoxtoolbar\extensions\chrome\firefoxtoolbar.jar (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Program Files (x86)\ShopperReports3\bin\3.0.485.0\firefox\firefoxtoolbar\extensions\components\BRNstFF.xpt (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShopperReports\About Us.lnk (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShopperReports\Customer Support.lnk (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShopperReports\ShopperReports Uninstall Instructions.lnk (Adware.ShopperReports) -> Quarantined and deleted successfully.

marieb.44 · Answer

j'avais pas beaucoup de programmes avec les mots que tu m'as donné, juste un! j'avais déjà supprimé certains programmes comme ça avant de poser ma question. j'ai fais tout ce que tu m'as dit et je mets le rapport su le même site que precedemment.
Tu penses que le virus a completement disparu?
http://www.cijoint.fr/cjlink.php?file=cj201007/cijdAfXX5G.txt

merci

Shad || x || · Answer

Ok.

>> Télécharge CCleaner: 
http://download.piriform.com/ccsetup233.exe 
>Installe-le en prenant soin de décocher les diverses options dont la barre Yahoo et la mise à jour. 

> Lance CCleaner puis Clique sur "Options", "Avancé" et décoche la case "Effacer uniquement les fichiers, du dossier Temp de Windows, plus vieux que 48 heures". 

>Pour les autres paramètres, laisse-le avec ses réglages par défaut. 

> Puis dans le menu Nettoyeur 
> Clique sur Analyse (laisser travailler cela peut durer longtemps la 1ere fois) 
> Clique sur le bouton Lancer le nettoyage. 
> Clique une seconde fois sur le bouton Lancer le nettoyage 
> Fait de même pour le menu "Chercher des erreurs"

=>A faire régulièrement (1 à 2 fois par semaine par exemple). 



Refais moi un rapport avec ZHPDiag stp, pour voir où on en est.

melanie63 · Answer

Bonjour,
J'ai exactement le même soucis que marieb.44
J'ai fait ce que tu lui a dit de faire voila le 1er rapport : 

http://www.cijoint.fr/cjlink.php?file=cj201007/cij4AYDI3U.txt 

Et là je suis entrain d'analyser mon pc avec Malwarebytes Antimalware.

Aidez moi s'il vous plait...

Merci

marieb.44 · Answer

merci, j'ai fait ce que tu m'as dit ac c cleaner puis j'ai relancé le rapport, voici le lien:
http://www.cijoint.fr/cjlink.php?file=cj201007/cijCCeksxU.txt
Tiens moi au courant!
merci

Shad || x || · Answer

Ok. Je ne comprends pas que Malwarebytes soit passé à coté de ça:

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified

...breff on va faire autrement.... ;)


- Clique-droit: exécuter en tant qu'administrateur sur l'icône ZHPFix  présent sur le bureau ou l'icône en forme d'écu.

- Clique sur le bouton "H".

- Copie colle ce qui est en gras ci-dessous dans la fenêtre qui c'est vidée de ZHPFix


[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKCU\Software\Conduit]   
[HKLM\Software\Conduit]    
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Conduit    
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe    
O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe    
O4 - HKLM\..\Wow6432Node\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe    
O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe    


- Clique sur OK

- Coche toutes les cases (ou clique sur TOUS) puis Nettoyer .

- Poste le rapport qui apparaîtra à la fin.


Relance ensuite Malwarebytes mais choisis cette fois d'exécuter un Examen rapide.

Poste le rapport de malwarebytes dans ton prochain message.

marieb.44 · Answer

voici le rapport:
Rapport de ZHPFix v1.12.3121 par Nicolas Coolman, Update du 14/07/2010
Fichier d'export Registre : C:\ZHPExportRegistry-15-07-2010-19-41-10.txt
Run by marie at 15/07/2010 19:41:10
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html
Contact : nicolascoolman@yahoo.fr

========== Clé du Registre ==========
HKCU\Software\Conduit  => Clé absente
HKLM\Software\Conduit  => Clé absente

========== Valeur du Registre ==========
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe  => Valeur supprimée avec succès
O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe  => Valeur supprimée avec succès
O4 - HKLM\..\Wow6432Node\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe  => Valeur absente
O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe  => Valeur absente

========== Elément de données du Registre ==========
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified  => Donnée supprimée avec succès

========== Dossier ==========
C:\Program Files (x86)\Conduit  => Supprimé et mis en quarantaine

========== Fichier ==========
c:\program files (x86)\adobe\reader 9.0\reader\reader_sl.exe  => Supprimé et mis en quarantaine

marieb.44 · Answer

et je te mets le rapport de mbam sur cijoint:
http://www.cijoint.fr/cjlink.php?file=cj201007/cij5y9MpeC.txt

marieb.44 · Answer

l'antivirus ne trouve plus rien et je te mets le rapport zphdiag sur ci joint! mais je crois qu'il n'y a plus rien!
http://www.cijoint.fr/cjlink.php?file=cj201007/cijbHCl6XB.txt

marieb.44 · Answer

en fait, j'ai un petit probleme avec toolscleaner 2, je le lance et je lance la recherche mais soit le programme arrete de répondre, soit même en laissant tourner la recherche, ça n'avance pas du tout!j'avoue que j'ai essayé plusieurs fois sans succes!

marieb.44 · Answer

ok j'ai fait ça et maintenant je fais le truc avec les points de restauration ou pas? ç'est quoi l'interet de supprimer les fichiers de restauration?

nounoumou · Answer

j'ai un virus sur mon portable " Gen:Variant.Adware.adseo1" qui persiste sachgant que j'ai bitDefender 10. cijoint le raqpport issu de l'analuse de mon pc avec ZHPDiag:
 http://ww38.toofiles.com/fr/oip/documents/txt/6350_zhpdiag.html
Merci pour votre reponse

ninjadz · Answer

Pour le virus variant   et toutes autres menaces BitDefender s'en occupe en mode secours.
Clic sur protection/clic mode secours
/L'ordinateur redémarre comme si c'était en mode sans echec
,/Choisir mode secours  BitDefender.
Apres l'ouverture  de l'interface il y'aura genre de fichier il suffit de cliquer sur ses fichier un par un et bit te donnera la main pour analyser ses fichiers un par un

Ca serra un peut long mais ce que je peux vous assurer que rien a gratter avec cette superbe machine   BitDefender.
Salutation

Supprimer virus Gen:Variant.Adware.1

16 réponses

Discussions similaires

Newsletters