Avira me signale sans arrêt des virus [Résolu/Fermé]

Signaler
-
 Utilisateur anonyme -
Bonjour,

Depuis quelques jours, mon système antivirus Avira Antivir me signale toutes les minutes et en rafale de nombreux antivirus et chevaux de troie qui tente d'attaquer mon système. En plus du bruit qui commence à devenir très désagréable, je commence à m'inquiéter du nombre grandissant de ces attaques.
Je suis débutant en informatique, merci de votre aide par avance.


30 réponses


Salut, je ne suis pas très dispo, en ce moment mais moi ou un autre te répondra si tu postes ton rapport "Antivir" ici:

a+

bonsoir,

hello Archet9,
je prends :-)

@pueldemission :

* Télécharge ZHPDiag sur ton bureau :

https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html

* Laisse toi guider lors de l'installation, il se lancera automatiquement à la fin.

/!\Utilisateur de Vista et Seven : Clique droit sur le logo de ZHPdiag, « exécuter en tant qu'Administrateur »

* Clique sur l'icône représentant une loupe (« Lancer le diagnostic »)
* Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
* Héberge le rapport ZHPDiag.txt sur Cijoint, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum :
http://www.cijoint.fr/


Salut et merci Elec...

x-))
Utilisateur anonyme
;-)

Voila le lien cijoint:

http://www.cijoint.fr/cjlink.php?file=cj201007/cijDygfnE2.txt

MERCI ENCORE

tu es infecté par plusieur toolbars inféctieux !!!
les toolbars ne sont pas obligatoires !!!

* /!\ Utilisateur de Vista : Ne pas oublier de désactiver l'UAC juste le temps de désinfection de ton pc, il sera à réactiver plus tard :
Tuto : https://www.commentcamarche.net/faq/8343-vista-desactiver-l-uac

Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cpVobGk5bHnxrhQ4yaoEUDJvOYNnEGyYjgqHZz5GqZLfutR3fMFPlsC3-CGIilfupPAguYATNyua3csodN_frdMK8sSzUpit10Yac-QJCOkMqJKkbdKcP6ySs8trWPgoNVIq4TGGWCe6o0txXQv-ZueJF9vZzw3RXsGwFYIqN2lvF2LPdQzS8mE1d5kWOVOz6EMzQuE5-lClSJM869uq3oc7-t7yg%3D%3D&attredirects=3
ou ici : https://sites.google.com/site/toolbarsd/

* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique maintenant sur le raccourci de Toolbar-S&D.
/!\Utilisateur de Vista : Clique droit sur le logo de Toolbar-S&D, « exécuter en tant qu'Administrateur »

* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option 2. Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)

Tuto :
https://www.malekal.com/adwcleaner-supprimer-virus-adwares-pup/


Voila le rapport:


-----------\\ ToolBar S&D 1.2.9 XP/Vista

Microsoft® Windows Vista(TM) Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU T5800 @ 2.00GHz )
BIOS : Ver 1.00PARTTBL
USER : Tristan ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:220 Go (Free:143 Go)
D:\ (CD or DVD)

"C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
Option : [2] ( 25/07/2010|15:50 )

[ UAC => 0 ]

-----------\\ SUPPRESSION

Supprime! - C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\ShopperReports
Supprime! - C:\Users\Tristan\AppData\Roaming\MICROS~1\Windows\Cookies\tristan@cs.shopperreports[2].txt
Supprime! - C:\ProgramData\2ACA5CC3-0F83-453D-A079-1076FE1A8B65

-----------\\ Recherche de Fichiers / Dossiers ...


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\Windows\\system32\\blank.htm"
"Start Page"="https://www.msn.com/fr-fr"
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Search Bar"="http://go.microsoft.com/fwlink/?linkid=54896"
"Default_search_url"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Url"="http://go.microsoft.com/fwlink/?LinkId=75720"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.msn.com/fr-fr/"
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Local Page"="C:\\Windows\\System32\\blank.htm"
"Search bar"="http://www.bing.com/spresults.aspx"


--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[ UAC => 1 ]


1 - "C:\ToolBar SD\TB_1.txt" - 25/07/2010|15:51 - Option : [2]

-----------\\ Fin du rapport a 15:51:11,68
repasse un autre zhpdiag, aide toi de ce poste, pas besoin de le retélecharger :
https://forums.commentcamarche.net/forum/affich-18602960-avira-me-signale-sans-arret-des-virus#2

O.o°*??? Membre, Contributeur Sécurité CCM o°.Oø¤º°'°º¤ø

Voila le lien cijoint:

http://www.cijoint.fr/cjlink.php?file=cj201007/cijDQBsiUC.txt

* /!\ Utilisateur de Vista : Ne pas oublier de désactiver l'UAC juste le temps de désinfection de ton pc, il sera à réactiver plus tard :
Tuto : https://www.commentcamarche.net/faq/8343-vista-desactiver-l-uac

Télécharge Malwarebytes' Anti-Malware et enregistre le sur ton bureau:
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/

ou ici : http://www.malwarebytes.org/mbam/program/mbam-setup.exe


/!\Utilisateur de Vista et Windows 7 : Clique droit sur le logo de Malwarebytes' Anti-Malware, « exécuter en tant qu'Administrateur »

. Double cliques sur le fichier téléchargé pour lancer le processus d'installation.
. Dans l'onglet "mise à jour", cliques sur le bouton Recherche de mise à jour
. si le pare-feu demande l'autorisation de se connecter pour malwarebytes, acceptes
. Une fois la mise à jour terminé
. rend-toi dans l'onglet, Recherche
. Sélectionnes Exécuter un examen complet
. Cliques sur Rechercher
. Le scan démarre.
. A la fin de l'analyse, un message s'affiche : L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.
. Cliques sur Ok pour poursuivre.
. Si des malwares ont été détectés, cliques sur Afficher les résultats
. Sélectionnes tout (ou laisses cochés) et cliques sur Supprimer la sélection Malwarebytes va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine
.
. Malwarebytes va ouvrir le bloc-notes et y copier le rapport d'analyse.
. rends toi dans l'onglet rapport/log
. tu cliques dessus pour l'afficher une fois affiché
. tu cliques sur edition en haut du boc notes,et puis sur sélectionner tous
. tu recliques sur edition et puis sur copier et tu reviens sur le forum et dans ta réponse
. Tu cliques droit dans le cadre de la réponse et coller
. À la fin du scan, il se peut que MBAM ait besoin de redémarrer le pc pour finaliser la suppression, donc pas de panique, redémarre ton pc !!!

Si tu as besoin d'aide regarde ce tutoriel :
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/


Voila le rapport Malware:

Malwarebytes' Anti-Malware 1.44
Version de la base de données: 3745
Windows 6.0.6001 Service Pack 1
Internet Explorer 8.0.6001.18928

25/07/2010 18:50:15
mbam-log-2010-07-25 (18-50-15).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 256887
Temps écoulé: 1 hour(s), 52 minute(s), 44 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 4
Clé(s) du Registre infectée(s): 40
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 9
Fichier(s) infecté(s): 14

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
C:\Program Files\ShopperReports3\bin\3.0.489.0\CmndFF.dll (Adware.ShopperReports) -> Delete on reboot.
C:\Program Files\ShopperReports3\bin\3.0.489.0\mozillaps.dll (Adware.ShopperReports) -> Delete on reboot.
C:\Program Files\ShopperReports3\bin\3.0.489.0\Pltfrm.dll (Adware.ShopperReports) -> Delete on reboot.
C:\Program Files\ShopperReports3\bin\3.0.489.0\firefox\firefoxtoolbar\extensions\components\BRNstFF.dll (Adware.ShopperReports) -> Delete on reboot.

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\shopperreports.hbax (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.hbax.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.hbinfoband (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.hbinfoband.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.iebutton (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.iebutton.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.iebuttona (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.iebuttona.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.rprtctrl (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.rprtctrl.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{9bec9b38-bf39-4899-806e-a1c5dfeb60a2} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e6961c59-cfce-4ccd-b794-bc78db98413a} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a078f691-9c07-4af2-bf43-35e79eecf8b7} (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{dee758b4-c3fb-4a5b-9939-848b9c77a2fb} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{573f4abb-a1a2-44ed-9ba9-a8dad40aac46} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{71e02280-5212-45c3-b174-4d5a35da254f} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{396cfc12-932d-496b-a0a8-5d7201e105e1} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{60da826c-b1c6-4358-bdec-4837ced45470} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{74c22317-5b90-471f-9ad2-fec049870a16} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c1089f63-7afc-4538-b0eb-bea0f4225a57} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{02aed140-2b62-4b49-8b3b-179020cc39b9} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{17bf1e05-c0e8-413c-bd1f-a481eea3b8e9} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{83b2fe06-ba20-4f7d-96c6-6fc3a4e877d3} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{b32966a2-f7c2-4362-a6cf-399ec8b44110} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{cc7bd6f1-565c-47ce-a5bb-9c935e77b59d} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{cfc16189-8a92-4a29-a940-60248385f426} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{5fe0ceae-cb69-40af-a323-40f94257dacb} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{65a16874-2ed0-460e-a547-5fe2ec3a13a7} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2721a8e5-bfdb-4562-9912-9e0531ca616c} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{f1a1892c-2a6c-4817-98b4-ff81443cba20} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e25da6d6-c365-46cf-abaf-dc5893135d7a} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{09325003-167c-483d-a4ba-8b3122abb432} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{6dd76b7b-6423-4df0-9a07-84a6cad973a0} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7f6cfb6a-9227-4bb8-b941-f2b067e76f51} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ab0ee208-df60-4fa7-a617-c4269760033e} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e12aeab6-7d12-4c07-8e36-5892efb4dafb} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e2f2c137-a782-4fb5-81af-086156f5eb0a} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{f1d06c9f-51f0-4476-bede-5ddf91be304e} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{f3a32df2-7413-4fb1-b575-1ac920a17b76} (Adware.ShopperReports) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Program Files\ShopperReports3 (Adware.ShopperReports) -> Delete on reboot.
C:\Program Files\ShopperReports3\bin (Adware.ShopperReports) -> Delete on reboot.
C:\Program Files\ShopperReports3\bin\3.0.489.0 (Adware.ShopperReports) -> Delete on reboot.
C:\Program Files\ShopperReports3\bin\3.0.489.0\firefox (Adware.ShopperReports) -> Delete on reboot.
C:\Program Files\ShopperReports3\bin\3.0.489.0\firefox\firefoxtoolbar (Adware.ShopperReports) -> Delete on reboot.
C:\Program Files\ShopperReports3\bin\3.0.489.0\firefox\firefoxtoolbar\extensions (Adware.ShopperReports) -> Delete on reboot.
C:\Program Files\ShopperReports3\bin\3.0.489.0\firefox\firefoxtoolbar\extensions\chrome (Adware.ShopperReports) -> Delete on reboot.
C:\Program Files\ShopperReports3\bin\3.0.489.0\firefox\firefoxtoolbar\extensions\components (Adware.ShopperReports) -> Delete on reboot.
C:\Users\Tristan\AppData\Roaming\ShopperReports3 (Adware.ShopperReports) -> Delete on reboot.

Fichier(s) infecté(s):
C:\Program Files\ShopperReports3\bin\3.0.489.0\BRNstIE.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Program Files\ShopperReports3\bin\3.0.489.0\CmndFF.dll (Adware.ShopperReports) -> Delete on reboot.
C:\Program Files\ShopperReports3\bin\3.0.489.0\CntntCntr.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Program Files\ShopperReports3\bin\3.0.489.0\LaunchHelp.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Program Files\ShopperReports3\bin\3.0.489.0\link.ico (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Program Files\ShopperReports3\bin\3.0.489.0\mozillaps.dll (Adware.ShopperReports) -> Delete on reboot.
C:\Program Files\ShopperReports3\bin\3.0.489.0\Pltfrm.dll (Adware.ShopperReports) -> Delete on reboot.
C:\Program Files\ShopperReports3\bin\3.0.489.0\ShopperReports.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Program Files\ShopperReports3\bin\3.0.489.0\ShopperReportsUninstaller.exe (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Program Files\ShopperReports3\bin\3.0.489.0\firefox\firefoxtoolbar\extensions\chrome.manifest (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Program Files\ShopperReports3\bin\3.0.489.0\firefox\firefoxtoolbar\extensions\install.rdf (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Program Files\ShopperReports3\bin\3.0.489.0\firefox\firefoxtoolbar\extensions\chrome\firefoxtoolbar.jar (Adware.ShopperReports) -> Delete on reboot.
C:\Program Files\ShopperReports3\bin\3.0.489.0\firefox\firefoxtoolbar\extensions\components\BRNstFF.dll (Adware.ShopperReports) -> Delete on reboot.
C:\Program Files\ShopperReports3\bin\3.0.489.0\firefox\firefoxtoolbar\extensions\components\BRNstFF.xpt (Adware.ShopperReports) -> Quarantined and deleted successfully.

Voila le rapport Malware:

Malwarebytes' Anti-Malware 1.44
Version de la base de données: 3745
Windows 6.0.6001 Service Pack 1
Internet Explorer 8.0.6001.18928

25/07/2010 18:50:15
mbam-log-2010-07-25 (18-50-15).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 256887
Temps écoulé: 1 hour(s), 52 minute(s), 44 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 4
Clé(s) du Registre infectée(s): 40
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 9
Fichier(s) infecté(s): 14

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
C:\Program Files\ShopperReports3\bin\3.0.489.0\CmndFF.dll (Adware.ShopperReports) -> Delete on reboot.
C:\Program Files\ShopperReports3\bin\3.0.489.0\mozillaps.dll (Adware.ShopperReports) -> Delete on reboot.
C:\Program Files\ShopperReports3\bin\3.0.489.0\Pltfrm.dll (Adware.ShopperReports) -> Delete on reboot.
C:\Program Files\ShopperReports3\bin\3.0.489.0\firefox\firefoxtoolbar\extensions\components\BRNstFF.dll (Adware.ShopperReports) -> Delete on reboot.

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\shopperreports.hbax (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.hbax.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.hbinfoband (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.hbinfoband.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.iebutton (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.iebutton.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.iebuttona (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.iebuttona.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.rprtctrl (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.rprtctrl.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{9bec9b38-bf39-4899-806e-a1c5dfeb60a2} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e6961c59-cfce-4ccd-b794-bc78db98413a} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a078f691-9c07-4af2-bf43-35e79eecf8b7} (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{dee758b4-c3fb-4a5b-9939-848b9c77a2fb} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{573f4abb-a1a2-44ed-9ba9-a8dad40aac46} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{71e02280-5212-45c3-b174-4d5a35da254f} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{396cfc12-932d-496b-a0a8-5d7201e105e1} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{60da826c-b1c6-4358-bdec-4837ced45470} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{74c22317-5b90-471f-9ad2-fec049870a16} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c1089f63-7afc-4538-b0eb-bea0f4225a57} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{02aed140-2b62-4b49-8b3b-179020cc39b9} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{17bf1e05-c0e8-413c-bd1f-a481eea3b8e9} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{83b2fe06-ba20-4f7d-96c6-6fc3a4e877d3} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{b32966a2-f7c2-4362-a6cf-399ec8b44110} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{cc7bd6f1-565c-47ce-a5bb-9c935e77b59d} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{cfc16189-8a92-4a29-a940-60248385f426} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{5fe0ceae-cb69-40af-a323-40f94257dacb} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{65a16874-2ed0-460e-a547-5fe2ec3a13a7} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2721a8e5-bfdb-4562-9912-9e0531ca616c} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{f1a1892c-2a6c-4817-98b4-ff81443cba20} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e25da6d6-c365-46cf-abaf-dc5893135d7a} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{09325003-167c-483d-a4ba-8b3122abb432} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{6dd76b7b-6423-4df0-9a07-84a6cad973a0} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7f6cfb6a-9227-4bb8-b941-f2b067e76f51} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ab0ee208-df60-4fa7-a617-c4269760033e} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e12aeab6-7d12-4c07-8e36-5892efb4dafb} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e2f2c137-a782-4fb5-81af-086156f5eb0a} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{f1d06c9f-51f0-4476-bede-5ddf91be304e} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{f3a32df2-7413-4fb1-b575-1ac920a17b76} (Adware.ShopperReports) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Program Files\ShopperReports3 (Adware.ShopperReports) -> Delete on reboot.
C:\Program Files\ShopperReports3\bin (Adware.ShopperReports) -> Delete on reboot.
C:\Program Files\ShopperReports3\bin\3.0.489.0 (Adware.ShopperReports) -> Delete on reboot.
C:\Program Files\ShopperReports3\bin\3.0.489.0\firefox (Adware.ShopperReports) -> Delete on reboot.
C:\Program Files\ShopperReports3\bin\3.0.489.0\firefox\firefoxtoolbar (Adware.ShopperReports) -> Delete on reboot.
C:\Program Files\ShopperReports3\bin\3.0.489.0\firefox\firefoxtoolbar\extensions (Adware.ShopperReports) -> Delete on reboot.
C:\Program Files\ShopperReports3\bin\3.0.489.0\firefox\firefoxtoolbar\extensions\chrome (Adware.ShopperReports) -> Delete on reboot.
C:\Program Files\ShopperReports3\bin\3.0.489.0\firefox\firefoxtoolbar\extensions\components (Adware.ShopperReports) -> Delete on reboot.
C:\Users\Tristan\AppData\Roaming\ShopperReports3 (Adware.ShopperReports) -> Delete on reboot.

Fichier(s) infecté(s):
C:\Program Files\ShopperReports3\bin\3.0.489.0\BRNstIE.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Program Files\ShopperReports3\bin\3.0.489.0\CmndFF.dll (Adware.ShopperReports) -> Delete on reboot.
C:\Program Files\ShopperReports3\bin\3.0.489.0\CntntCntr.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Program Files\ShopperReports3\bin\3.0.489.0\LaunchHelp.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Program Files\ShopperReports3\bin\3.0.489.0\link.ico (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Program Files\ShopperReports3\bin\3.0.489.0\mozillaps.dll (Adware.ShopperReports) -> Delete on reboot.
C:\Program Files\ShopperReports3\bin\3.0.489.0\Pltfrm.dll (Adware.ShopperReports) -> Delete on reboot.
C:\Program Files\ShopperReports3\bin\3.0.489.0\ShopperReports.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Program Files\ShopperReports3\bin\3.0.489.0\ShopperReportsUninstaller.exe (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Program Files\ShopperReports3\bin\3.0.489.0\firefox\firefoxtoolbar\extensions\chrome.manifest (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Program Files\ShopperReports3\bin\3.0.489.0\firefox\firefoxtoolbar\extensions\install.rdf (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Program Files\ShopperReports3\bin\3.0.489.0\firefox\firefoxtoolbar\extensions\chrome\firefoxtoolbar.jar (Adware.ShopperReports) -> Delete on reboot.
C:\Program Files\ShopperReports3\bin\3.0.489.0\firefox\firefoxtoolbar\extensions\components\BRNstFF.dll (Adware.ShopperReports) -> Delete on reboot.
C:\Program Files\ShopperReports3\bin\3.0.489.0\firefox\firefoxtoolbar\extensions\components\BRNstFF.xpt (Adware.ShopperReports) -> Quarantined and deleted successfully.

redemarre ton pc pour que MBAM términe la suppression des fichiers infectés !

relance MBAM, vide sa quarantaine, lance une mise à jour, il n'est pas à jour

puis lance un scan rapide de ton pc, s'il trouve des choses, à la quarantaine, puis poste son rapport.

Impossible d'effectuer la mise à jour code d'erreur 732 (0,0)!

Les messages d'Avira continuent d'arriver sur mon PC

tu es sous vista, lance le MBAM en tant qu'administrteur, puis clique sur la mise à jour :-)

Oui je le fais mais l'erreur apparaît quand même

J'ai téléchargé l'upload de Malwarebites et je lance un examen rapide du système

voila le rapport de l'examen rapide:

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Version de la base de données: 4052

Windows 6.0.6001 Service Pack 1
Internet Explorer 8.0.6001.18928

25/07/2010 19:32:20
mbam-log-2010-07-25 (19-32-20).txt

Type d'examen: Examen rapide
Elément(s) analysé(s): 118430
Temps écoulé: 9 minute(s), 47 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 2

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AntiVirus Plus (Rogue.AntiVirusPlus) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AntiVirus Plus\Antivirus Plus.lnk (Rogue.AntiVirusPlus) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AntiVirus Plus\EULA.lnk (Rogue.AntiVirusPlus) -> Quarantined and deleted successfully.

c'est mieux, mais il n'est toujours pas à jour !

on est à la version 43**

recommence, tu vas y arriver :-)

j'en suis sur :-)

En voila encore un:

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Version de la base de données: 4346

Windows 6.0.6001 Service Pack 1
Internet Explorer 8.0.6001.18928

25/07/2010 19:59:19
mbam-log-2010-07-25 (19-59-19).txt

Type d'examen: Examen rapide
Elément(s) analysé(s): 130215
Temps écoulé: 16 minute(s), 29 seconde(s)

Processus mémoire infecté(s): 2
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 74
Valeur(s) du Registre infectée(s): 3
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 15
Fichier(s) infecté(s): 26

Processus mémoire infecté(s):
C:\ProgramData\QuestDns\questdns111.exe (Adware.QuestDns) -> Unloaded process successfully.
C:\Program Files\QuestDns\questdns.exe (Adware.QuestDns) -> Unloaded process successfully.

Module(s) mémoire infecté(s):
C:\Program Files\QuestDns\questdns.dll (Adware.QuestDns) -> Delete on reboot.

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\clickpotatoliteax.info (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{c55ca95c-324b-451c-b2d2-6e895aa75fec} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{618aad04-921f-44c2-be38-c0818af69861} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1602f07d-8bf3-4c08-bdd6-dddb1c48aedc} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1602f07d-8bf3-4c08-bdd6-dddb1c48aedc} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ac6d819e-aa8f-4418-a3bb-d165c1b18bb5} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{ac6d819e-aa8f-4418-a3bb-d165c1b18bb5} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\clickpotatoliteax.info.1 (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\clickpotatoliteax.userprofiles (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\clickpotatoliteax.userprofiles.1 (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\menubuttonie.buttonie (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\menubuttonie.buttonie.1 (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{21ba420e-161c-413a-b21e-4e42ae1f4226} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{419eda30-6dff-432c-b534-e15d899abee4} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{453db0c5-f41c-4d97-8dd6-cc72ecd5f699} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{4afc07d0-59bb-46b8-b097-1a46e88eef71} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{6511ce4c-4722-40d0-ad3d-4afa2f50978a} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{b86d82bf-d39f-439a-a07c-43eddc6f6ea6} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{da6305b9-0869-4235-8c1d-533a65e639e5} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{f8b4ec8a-2407-4be0-aee2-0f430d65a90d} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{0d82acd6-a652-4496-a298-2bde705f4227} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{11c27351-716b-4052-9361-e3b0a3f8221c} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{7025e484-d4b0-441a-9f0b-69063bd679ce} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{8258b35c-05b8-4c0e-9525-9bccc70f8f2d} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{a89256ad-ec17-4a83-bef5-4b8bc4f39306} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7a3d6d17-9dd5-4c60-8076-d1784dabaf8c} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{814baa91-dc22-4350-87d6-0c86e93f7f08} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{acc62306-9a63-4864-bd2f-c8825d2d7ea6} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{b58926d6-cfb0-45d2-9c28-4b5a0f0368ae} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{b58926d6-cfb0-45d2-9c28-4b5a0f0368ae} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\questdns (Adware.QuestDns) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\QuestDns (Adware.QuestDns) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\QuestDns Service (Adware.QuestDns) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\BRNstIE.DLL (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\CmndFF.DLL (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\MenuButtonIE.DLL (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\mozillaps.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\Pltfrm.DLL (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.asyncreporter (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.asyncreporter.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.cntntdic (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.cntntdic.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.cntntdisp (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.cntntdisp.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.dwnldr (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.dwnldr.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.hbguru (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.hbguru.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.kopff (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.kopff.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.mozillanvgtntrpr (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.mozillanvgtntrpr.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.mozillapsexecuter (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.mozillapsexecuter.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.reportdata (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.reportdata.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.reporter (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.reporter.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.scopes (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.scopes.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.stock (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.stock.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.triggerimmidiate (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.triggerimmidiate.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.triggerimmidiateorrandomts (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.triggerimmidiateorrandomts.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.triggeronceinday (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shopperreports.triggeronceinday.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\clickpotatolitesa (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\ShopperReports3 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\ClickPotatoLite (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\clickpotatolitesa (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ShopperReportsSA (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\ShopperReports3 (Adware.ShopperReports) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\clickpotatolitesa (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\shopperreports 3.0.489.0 (Adware.HotBar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\extensions\shopperreports@shopperreports.com (ShopperReports) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\ProgramData\ClickPotatoLiteSA (Adware.ClickPotato) -> Quarantined and deleted successfully.
C:\Users\Tristan\AppData\Roaming\ClickPotatoLite (Adware.ClickPotato) -> Delete on reboot.
C:\Program Files\ClickPotatoLite (Adware.ClickPotato) -> Quarantined and deleted successfully.
C:\Program Files\ClickPotatoLite\bin (Adware.ClickPotato) -> Quarantined and deleted successfully.
C:\Program Files\ClickPotatoLite\bin\10.0.519.0 (Adware.ClickPotato) -> Quarantined and deleted successfully.
C:\Program Files\ClickPotatoLite\bin\10.0.519.0\firefox (Adware.ClickPotato) -> Quarantined and deleted successfully.
C:\Program Files\ClickPotatoLite\bin\10.0.519.0\firefox\extensions (Adware.ClickPotato) -> Quarantined and deleted successfully.
C:\Program Files\ClickPotatoLite\bin\10.0.519.0\firefox\extensions\plugins (Adware.ClickPotato) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClickPotato (Adware.ClickPotato) -> Quarantined and deleted successfully.
C:\Program Files\QuestDns (Adware.QuestDns) -> Delete on reboot.
C:\Program Files\Mozilla Firefox\extensions\{C91E1C68-B60A-4C9F-B53B-AAAEF0E7EF97} (Adware.QuestDns) -> Delete on reboot.
C:\Program Files\Mozilla Firefox\extensions\{C91E1C68-B60A-4C9F-B53B-AAAEF0E7EF97}\chrome (Adware.QuestDns) -> Delete on reboot.
C:\Program Files\Mozilla Firefox\extensions\{C91E1C68-B60A-4C9F-B53B-AAAEF0E7EF97}\defaults (Adware.QuestDns) -> Quarantined and deleted successfully.
C:\Program Files\Mozilla Firefox\extensions\{C91E1C68-B60A-4C9F-B53B-AAAEF0E7EF97}\defaults\preferences (Adware.QuestDns) -> Quarantined and deleted successfully.
C:\ProgramData\QuestDns (Adware.QuestDns) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\ProgramData\QuestDns\questdns111.exe (Adware.QuestDns) -> Quarantined and deleted successfully.
C:\Program Files\QuestDns\questdns.exe (Adware.QuestDns) -> Quarantined and deleted successfully.
C:\Program Files\ClickPotatoLite\bin\10.0.519.0\ClickPotatoLiteSAAX.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.
C:\Users\Tristan\downloads\VLCSetup(2).exe (Adware.HotBar) -> Quarantined and deleted successfully.
C:\Users\Tristan\downloads\VLCSetup.exe (Adware.HotBar) -> Quarantined and deleted successfully.
C:\ProgramData\ClickPotatoLiteSA\ClickPotatoLiteSA.dat (Adware.ClickPotato) -> Quarantined and deleted successfully.
C:\ProgramData\ClickPotatoLiteSA\ClickPotatoLiteSAAbout.mht (Adware.ClickPotato) -> Quarantined and deleted successfully.
C:\ProgramData\ClickPotatoLiteSA\ClickPotatoLiteSAau.dat (Adware.ClickPotato) -> Quarantined and deleted successfully.
C:\ProgramData\ClickPotatoLiteSA\ClickPotatoLiteSAEULA.mht (Adware.ClickPotato) -> Quarantined and deleted successfully.
C:\ProgramData\ClickPotatoLiteSA\ClickPotatoLiteSA_kyf_update.dat (Adware.ClickPotato) -> Quarantined and deleted successfully.
C:\Program Files\ClickPotatoLite\bin\10.0.519.0\ClickPotatoLiteSA.exe (Adware.ClickPotato) -> Quarantined and deleted successfully.
C:\Program Files\ClickPotatoLite\bin\10.0.519.0\ClickPotatoLiteUninstaller.exe (Adware.ClickPotato) -> Quarantined and deleted successfully.
C:\Program Files\ClickPotatoLite\bin\10.0.519.0\LaunchHelp.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.
C:\Program Files\ClickPotatoLite\bin\10.0.519.0\firefox\extensions\chrome.manifest (Adware.ClickPotato) -> Quarantined and deleted successfully.
C:\Program Files\ClickPotatoLite\bin\10.0.519.0\firefox\extensions\install.rdf (Adware.ClickPotato) -> Quarantined and deleted successfully.
C:\Program Files\ClickPotatoLite\bin\10.0.519.0\firefox\extensions\plugins\npclntax_ClickPotatoLiteSA.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClickPotato\About Us.lnk (Adware.ClickPotato) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClickPotato\ClickPotato Customer Support.lnk (Adware.ClickPotato) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClickPotato\ClickPotato Uninstall Instructions.lnk (Adware.ClickPotato) -> Quarantined and deleted successfully.
C:\Program Files\QuestDns\questdns.dll (Adware.QuestDns) -> Delete on reboot.
C:\Program Files\QuestDns\uninstall.exe (Adware.QuestDns) -> Quarantined and deleted successfully.
C:\Program Files\Mozilla Firefox\extensions\{C91E1C68-B60A-4C9F-B53B-AAAEF0E7EF97}\chrome.manifest (Adware.QuestDns) -> Quarantined and deleted successfully.
C:\Program Files\Mozilla Firefox\extensions\{C91E1C68-B60A-4C9F-B53B-AAAEF0E7EF97}\install.rdf (Adware.QuestDns) -> Quarantined and deleted successfully.
C:\Program Files\Mozilla Firefox\extensions\{C91E1C68-B60A-4C9F-B53B-AAAEF0E7EF97}\chrome\questdns.jar (Adware.QuestDns) -> Delete on reboot.
C:\Program Files\Mozilla Firefox\extensions\{C91E1C68-B60A-4C9F-B53B-AAAEF0E7EF97}\defaults\preferences\prefs.js (Adware.QuestDns) -> Quarantined and deleted successfully.
C:\Program Files\Mozilla Firefox\plugins\npclntax_ClickPotatoLiteSA.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.



Les signaux de Avira continuent toujours voire de plus en plus...

whooow !
Pas cool, ça faisait longtemps que j'avais pas vu autant d'infection sur un pc !!!

* /!\Avertissement :
Ce logiciel n'est à utiliser que prescrit par un helper qualifié et formé à l'outil.
Ne pas utiliser en dehors de ce cas de figure : dangereux!


/!\ Utilisateur de Vista : Ne pas oublier de désactiver l'UAC juste le temps de désinfection de ton pc, il sera à réactiver plus tard :
Tuto : https://www.commentcamarche.net/faq/8343-vista-desactiver-l-uac

► Télécharges ComboFix à partir de ce lien et enregistres le sur ton bureau :
https://forum.pcastuces.com/combofix_renomme_au_telechargement-f31s22.htm
ou ici :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
A lire
https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix

Avant d'utiliser ComboFix :
► Déconnecte toi d'internet et referme les fenêtres de tous les programmes en cours.
► Désactive provisoirement et seulement le temps de l'utilisation de ComboFix, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent gêner fortement la procédure de recherche et de nettoyage de l'outil.
Une fois fait, sur ton bureau double-clic sur Combofix.exe.

/!\Utilisateur de Vista : Clique droit sur le logo de Combofix, « exécuter en tant qu'Administrateur »

- Répond oui au message d'avertissement, pour que le programme commence à procéder à l'analyse du pc.

/!\ Pendant la durée de cette étape, ne te sert pas du pc et n'ouvre aucun programmes.

- En fin de scan il est possible que ComboFix ait besoin de redémarrer le pc pour finaliser la désinfection\recherche, laisses-le faire.
- Un rapport s'ouvrira ensuite dans le bloc notes, ce fichier rapport Combofix.txt, est automatiquement sauvegardé et rangé à C:\Combofix.txt)
► Réactive la protection en temps réel de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.
► Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.