Supprimer Antimalware Doctor
Ave Maria
Messages postés
37
Statut
Membre
-
Ave Maria Messages postés 37 Statut Membre -
Ave Maria Messages postés 37 Statut Membre -
Bonjour à tous!
Bon voilà, mon problème est simple et pas très rare non plus mais j'ai été infecté par ce satané Antimalware doctor et mes connaissances informatiques sont quelque peu limitées!
Au début, au demarrage de mon ordinateur, juste après avoir tapé mon mot de passe pour ouvrir ma session, un truc du non de " Antispy safeware" se lancer (avant même que le bureau n'arrive) et me proposait un scan que j'étais obligée d'effectuer. Une fois le scan effectué, le bureau arrivait, et j'avais deux choix: "install heuristic module" ou "continue unprotected".
Tout ce petit cirque m'a empeché d'ouvrir presque tous mes explorateurs internet (IE, mozilla, safari, chrome) à part Browser. Pas possible de réinstaller Avast, ou encore de restaurer le système à l'aide du CD de restauration.
J'ai aussi remarqué l'apparition d'antimalware doctor sur mon pc.
J'ai cherché antispy safeware pensant le trouver sur mon pc mais il restait introuvable, ensuite j'ai essayé de désinstaller antimalware, mais sans succès également.
Ensuite j'ai téléchargé malwarebytes antimalware, effectué un examen rapide de mon ordinateur, et supprimé toutes les menaces. Mais elles n'ont pas toutes été supprimées par MBAM...
Et pour finir, j'ai essayé de le supprimer manuellement en recherchant tous les dossiers portant le nom du rogue qui m'a infecté et en les supprimant, j'ai aussi pensé à arreter le processus avec le gestionnaire de taches mais ne sachant pas le nom du processus d'antimalware, je n'ai rien pu faire.
Enfin bref, je vous envoi aussi le rapport que m'a donné MBAM à la fin de la suppression des menaces, et si vous avez une idée de comment m'aider, n'hesitez pas!
Merci!!!
Bon voilà, mon problème est simple et pas très rare non plus mais j'ai été infecté par ce satané Antimalware doctor et mes connaissances informatiques sont quelque peu limitées!
Au début, au demarrage de mon ordinateur, juste après avoir tapé mon mot de passe pour ouvrir ma session, un truc du non de " Antispy safeware" se lancer (avant même que le bureau n'arrive) et me proposait un scan que j'étais obligée d'effectuer. Une fois le scan effectué, le bureau arrivait, et j'avais deux choix: "install heuristic module" ou "continue unprotected".
Tout ce petit cirque m'a empeché d'ouvrir presque tous mes explorateurs internet (IE, mozilla, safari, chrome) à part Browser. Pas possible de réinstaller Avast, ou encore de restaurer le système à l'aide du CD de restauration.
J'ai aussi remarqué l'apparition d'antimalware doctor sur mon pc.
J'ai cherché antispy safeware pensant le trouver sur mon pc mais il restait introuvable, ensuite j'ai essayé de désinstaller antimalware, mais sans succès également.
Ensuite j'ai téléchargé malwarebytes antimalware, effectué un examen rapide de mon ordinateur, et supprimé toutes les menaces. Mais elles n'ont pas toutes été supprimées par MBAM...
Et pour finir, j'ai essayé de le supprimer manuellement en recherchant tous les dossiers portant le nom du rogue qui m'a infecté et en les supprimant, j'ai aussi pensé à arreter le processus avec le gestionnaire de taches mais ne sachant pas le nom du processus d'antimalware, je n'ai rien pu faire.
Enfin bref, je vous envoi aussi le rapport que m'a donné MBAM à la fin de la suppression des menaces, et si vous avez une idée de comment m'aider, n'hesitez pas!
Merci!!!
A voir également:
- Supprimer Antimalware Doctor
- Supprimer rond bleu whatsapp - Guide
- Supprimer page word - Guide
- Supprimer pub youtube - Accueil - Streaming
- Fichier impossible à supprimer - Guide
- Supprimer application windows 10 - Guide
2 réponses
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Version de la base de données: 4736
Windows 6.0.6000
Internet Explorer 7.0.6000.17037
03/10/2010 23:14:19
mbam-log-2010-10-03 (23-14-19).txt
Type d'examen: Examen rapide
Elément(s) analysé(s): 153352
Temps écoulé: 24 minute(s), 50 seconde(s)
Processus mémoire infecté(s): 8
Module(s) mémoire infecté(s): 2
Clé(s) du Registre infectée(s): 33
Valeur(s) du Registre infectée(s): 18
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 3
Fichier(s) infecté(s): 36
Processus mémoire infecté(s):
C:\Users\S.A.M\AppData\Roaming\hotfix.exe (Trojan.FakeAlert) -> Unloaded process successfully.
C:\Users\S.A.M\AppData\Local\Temp\t811ipiyqm.exe (Malware.Packer.Gen) -> Unloaded process successfully.
C:\Users\S.A.M\AppData\Local\Temp\x75im.exe (Malware.Packer.Gen) -> Unloaded process successfully.
C:\Users\S.A.M\AppData\Local\Temp\x75im.exe (Malware.Packer.Gen) -> Unloaded process successfully.
C:\Users\S.A.M\AppData\Local\Temp\cmd.exe (Trojan.Downloader) -> Unloaded process successfully.
C:\Users\S.A.M\AppData\Local\Temp\wininst.exe (Trojan.Downloader) -> Unloaded process successfully.
C:\Users\S.A.M\AppData\Local\Temp\nvsvc32.exe (Trojan.Downloader) -> Unloaded process successfully.
C:\Users\S.A.M\AppData\Roaming\sdra64.exe (Spyware.Zbot) -> Unloaded process successfully.
Module(s) mémoire infecté(s):
C:\Users\S.A.M\AppData\Local\Temp\r88dch9e.dll (Trojan.Downloader) -> Delete on reboot.
C:\Users\S.A.M\AppData\Local\Temp\tte5js.dll (Trojan.Downloader) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\shoppingreport.hbax (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{e343edfc-1e6c-4cb5-aa29-e9c922641c80} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{d8560ac2-21b5-4c1a-bdd4-bd12bc83b082} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{20ea9658-6bc3-4599-a87d-6371fe9295fc} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a16ad1e9-f69a-45af-9462-b1c286708842} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c9ccbb35-d123-4a31-affc-9b2933132116} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.hbax.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.hbinfoband (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.hbinfoband.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebutton (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebutton.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebuttona (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebuttona.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.rprtctrl (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.rprtctrl.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{8ad9ad05-36be-4e40-ba62-5422eb0d02fb} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{aebf09e2-0c15-43c8-99bf-928c645d98a0} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{cdca70d8-c6a6-49ee-9bed-7429d6c477a2} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{d136987f-e1c4-4ccc-a220-893df03ec5df} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\shoppingreport (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Antimalware Doctor Inc (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Antimalware Doctor (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\ShoppingReport (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\ShoppingReport (Adware.ShopperReports) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cskcomka (Trojan.FakeAlert.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lvifczkfgrawe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lvhghfngeowc (Malware.Packer.Gen) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lvifczkfgsqc (Malware.Packer.Gen) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lvhghfngeo (Malware.Packer.Gen) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mwnacxesro.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lvifczkfgrrb (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lvifczkfgnz (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lvhghfngnb (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lvifczkfgsre (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lvhghfngruf (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lvifczkfgpw+ (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lvhghfngsfp (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{90b8b761-df2b-48ac-bbe0-bcc03a819b3b} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\userinit (Spyware.Zbot) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\shell (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\winid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\desktop sms (Worm.P2P) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Program Files\ShoppingReport (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Program Files\ShoppingReport\Bin (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Program Files\ShoppingReport\Bin\2.5.0 (Adware.ShopperReports) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Users\S.A.M\cskcomka.exe (Trojan.FakeAlert.H) -> Quarantined and deleted successfully.
C:\Users\S.A.M\AppData\Roaming\hotfix.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Users\S.A.M\AppData\Local\Temp\r88dch9e.dll (Trojan.Downloader) -> Delete on reboot.
C:\Users\S.A.M\AppData\Local\Temp\t811ipiyqm.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\Users\S.A.M\AppData\Local\Temp\tte5js.dll (Trojan.Downloader) -> Delete on reboot.
C:\Users\S.A.M\AppData\Local\Temp\x75im.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\Users\S.A.M\AppData\Local\Temp\mwnacxesro.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\Users\S.A.M\AppData\Local\Temp\taskmgr.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\S.A.M\AppData\Local\Temp\cmd.exe (Trojan.Downloader) -> Delete on reboot.
C:\Users\S.A.M\AppData\Local\Temp\wininst.exe (Trojan.Downloader) -> Delete on reboot.
C:\Users\S.A.M\AppData\Local\Temp\nvsvc32.exe (Trojan.Downloader) -> Delete on reboot.
C:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Windows\system32\Drivers\demuptio.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\Users\S.A.M\AppData\Local\Temp\n8xbm8zc.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\Users\S.A.M\AppData\Local\Temp\j739denrb6vaj5.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\S.A.M\AppData\Local\Temp\talshpmt.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\Users\S.A.M\AppData\Local\Temp\p21rvcvfox.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\S.A.M\AppData\Local\Temp\wrenocaxsm.exe (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\Users\S.A.M\AppData\Local\Temp\yyed.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Users\S.A.M\AppData\Local\Temp\iexplorer.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Users\S.A.M\AppData\Local\Temp\omcarwxnes.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\S.A.M\AppData\Local\Temp\7265.tmp (Trojan.Dropper.Gen) -> Quarantined and deleted successfully.
C:\Users\S.A.M\AppData\Local\Temp\cmaroewxsn.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\S.A.M\AppData\Local\Temp\404E.tmp (Trojan.Dropper.Gen) -> Quarantined and deleted successfully.
C:\Users\S.A.M\AppData\Local\Temp\e2uhfpq.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\Windows\Temp\nsl5604.tmp\NSISdl.dll (Trojan.Banker) -> Quarantined and deleted successfully.
C:\Windows\Temp\nsq1981.tmp\NSISdl.dll (Trojan.Banker) -> Quarantined and deleted successfully.
C:\Windows\Temp\nsb659E.tmp\NSISdl.dll (Trojan.Banker) -> Quarantined and deleted successfully.
C:\Program Files\ShoppingReport\Uninst.exe (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Users\S.A.M\AppData\Roaming\jsdfgs.bat (Malware.Trace) -> Quarantined and deleted successfully.
C:\Users\S.A.M\AppData\Roaming\sdra64.exe (Spyware.Zbot) -> Quarantined and deleted successfully.
C:\Users\S.A.M\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Antimalware Doctor.lnk (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully.
C:\Users\S.A.M\AppData\Roaming\Microsoft\Windows\Start Menu\Antimalware Doctor.lnk (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully.
C:\Users\S.A.M\AppData\Local\Temp\skaioejiesfjoee.tmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\Users\Public\Documents\Server\admin.txt (Malware.Trace) -> Quarantined and deleted successfully.
C:\Users\Public\Documents\Server\server.dat (Malware.Trace) -> Quarantined and deleted successfully.
www.malwarebytes.org
Version de la base de données: 4736
Windows 6.0.6000
Internet Explorer 7.0.6000.17037
03/10/2010 23:14:19
mbam-log-2010-10-03 (23-14-19).txt
Type d'examen: Examen rapide
Elément(s) analysé(s): 153352
Temps écoulé: 24 minute(s), 50 seconde(s)
Processus mémoire infecté(s): 8
Module(s) mémoire infecté(s): 2
Clé(s) du Registre infectée(s): 33
Valeur(s) du Registre infectée(s): 18
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 3
Fichier(s) infecté(s): 36
Processus mémoire infecté(s):
C:\Users\S.A.M\AppData\Roaming\hotfix.exe (Trojan.FakeAlert) -> Unloaded process successfully.
C:\Users\S.A.M\AppData\Local\Temp\t811ipiyqm.exe (Malware.Packer.Gen) -> Unloaded process successfully.
C:\Users\S.A.M\AppData\Local\Temp\x75im.exe (Malware.Packer.Gen) -> Unloaded process successfully.
C:\Users\S.A.M\AppData\Local\Temp\x75im.exe (Malware.Packer.Gen) -> Unloaded process successfully.
C:\Users\S.A.M\AppData\Local\Temp\cmd.exe (Trojan.Downloader) -> Unloaded process successfully.
C:\Users\S.A.M\AppData\Local\Temp\wininst.exe (Trojan.Downloader) -> Unloaded process successfully.
C:\Users\S.A.M\AppData\Local\Temp\nvsvc32.exe (Trojan.Downloader) -> Unloaded process successfully.
C:\Users\S.A.M\AppData\Roaming\sdra64.exe (Spyware.Zbot) -> Unloaded process successfully.
Module(s) mémoire infecté(s):
C:\Users\S.A.M\AppData\Local\Temp\r88dch9e.dll (Trojan.Downloader) -> Delete on reboot.
C:\Users\S.A.M\AppData\Local\Temp\tte5js.dll (Trojan.Downloader) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\shoppingreport.hbax (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{e343edfc-1e6c-4cb5-aa29-e9c922641c80} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{d8560ac2-21b5-4c1a-bdd4-bd12bc83b082} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{20ea9658-6bc3-4599-a87d-6371fe9295fc} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a16ad1e9-f69a-45af-9462-b1c286708842} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c9ccbb35-d123-4a31-affc-9b2933132116} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.hbax.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.hbinfoband (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.hbinfoband.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebutton (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebutton.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebuttona (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebuttona.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.rprtctrl (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.rprtctrl.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{8ad9ad05-36be-4e40-ba62-5422eb0d02fb} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{aebf09e2-0c15-43c8-99bf-928c645d98a0} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{cdca70d8-c6a6-49ee-9bed-7429d6c477a2} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{d136987f-e1c4-4ccc-a220-893df03ec5df} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\shoppingreport (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Antimalware Doctor Inc (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Antimalware Doctor (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\ShoppingReport (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\ShoppingReport (Adware.ShopperReports) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cskcomka (Trojan.FakeAlert.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lvifczkfgrawe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lvhghfngeowc (Malware.Packer.Gen) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lvifczkfgsqc (Malware.Packer.Gen) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lvhghfngeo (Malware.Packer.Gen) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mwnacxesro.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lvifczkfgrrb (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lvifczkfgnz (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lvhghfngnb (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lvifczkfgsre (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lvhghfngruf (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lvifczkfgpw+ (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lvhghfngsfp (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{90b8b761-df2b-48ac-bbe0-bcc03a819b3b} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\userinit (Spyware.Zbot) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\shell (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\winid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\desktop sms (Worm.P2P) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Program Files\ShoppingReport (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Program Files\ShoppingReport\Bin (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Program Files\ShoppingReport\Bin\2.5.0 (Adware.ShopperReports) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Users\S.A.M\cskcomka.exe (Trojan.FakeAlert.H) -> Quarantined and deleted successfully.
C:\Users\S.A.M\AppData\Roaming\hotfix.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Users\S.A.M\AppData\Local\Temp\r88dch9e.dll (Trojan.Downloader) -> Delete on reboot.
C:\Users\S.A.M\AppData\Local\Temp\t811ipiyqm.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\Users\S.A.M\AppData\Local\Temp\tte5js.dll (Trojan.Downloader) -> Delete on reboot.
C:\Users\S.A.M\AppData\Local\Temp\x75im.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\Users\S.A.M\AppData\Local\Temp\mwnacxesro.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\Users\S.A.M\AppData\Local\Temp\taskmgr.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\S.A.M\AppData\Local\Temp\cmd.exe (Trojan.Downloader) -> Delete on reboot.
C:\Users\S.A.M\AppData\Local\Temp\wininst.exe (Trojan.Downloader) -> Delete on reboot.
C:\Users\S.A.M\AppData\Local\Temp\nvsvc32.exe (Trojan.Downloader) -> Delete on reboot.
C:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Windows\system32\Drivers\demuptio.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\Users\S.A.M\AppData\Local\Temp\n8xbm8zc.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\Users\S.A.M\AppData\Local\Temp\j739denrb6vaj5.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\S.A.M\AppData\Local\Temp\talshpmt.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\Users\S.A.M\AppData\Local\Temp\p21rvcvfox.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\S.A.M\AppData\Local\Temp\wrenocaxsm.exe (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\Users\S.A.M\AppData\Local\Temp\yyed.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Users\S.A.M\AppData\Local\Temp\iexplorer.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Users\S.A.M\AppData\Local\Temp\omcarwxnes.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\S.A.M\AppData\Local\Temp\7265.tmp (Trojan.Dropper.Gen) -> Quarantined and deleted successfully.
C:\Users\S.A.M\AppData\Local\Temp\cmaroewxsn.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\S.A.M\AppData\Local\Temp\404E.tmp (Trojan.Dropper.Gen) -> Quarantined and deleted successfully.
C:\Users\S.A.M\AppData\Local\Temp\e2uhfpq.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\Windows\Temp\nsl5604.tmp\NSISdl.dll (Trojan.Banker) -> Quarantined and deleted successfully.
C:\Windows\Temp\nsq1981.tmp\NSISdl.dll (Trojan.Banker) -> Quarantined and deleted successfully.
C:\Windows\Temp\nsb659E.tmp\NSISdl.dll (Trojan.Banker) -> Quarantined and deleted successfully.
C:\Program Files\ShoppingReport\Uninst.exe (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Users\S.A.M\AppData\Roaming\jsdfgs.bat (Malware.Trace) -> Quarantined and deleted successfully.
C:\Users\S.A.M\AppData\Roaming\sdra64.exe (Spyware.Zbot) -> Quarantined and deleted successfully.
C:\Users\S.A.M\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Antimalware Doctor.lnk (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully.
C:\Users\S.A.M\AppData\Roaming\Microsoft\Windows\Start Menu\Antimalware Doctor.lnk (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully.
C:\Users\S.A.M\AppData\Local\Temp\skaioejiesfjoee.tmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\Users\Public\Documents\Server\admin.txt (Malware.Trace) -> Quarantined and deleted successfully.
C:\Users\Public\Documents\Server\server.dat (Malware.Trace) -> Quarantined and deleted successfully.
Ah et à noter également qu'après le scan et la suppression de certaines menaces, "antispysafeware" n'apparait plus du tout pour l'instant, il ne reste qu'antimalware doctor.
Je peux également rouvrir le navigateur internet que j'utilisais (google chrome), mes téléchargement ont repris du poil de la bête, m'enfin je crois que mon ordi ne rame plus autant quoi...
Mais bon antimalware doctor lui, est toujours la...
Je peux également rouvrir le navigateur internet que j'utilisais (google chrome), mes téléchargement ont repris du poil de la bête, m'enfin je crois que mon ordi ne rame plus autant quoi...
Mais bon antimalware doctor lui, est toujours la...
