Le mechant Antivirus IS
dailleur
Messages postés
15
Statut
Membre
-
dailleur Messages postés 15 Statut Membre -
dailleur Messages postés 15 Statut Membre -
Bonjour,
voilà j ai un souci avec mon ordi qui est infecté par cet antivirus ... virus , j ai constaté que j été loin d'être le seul et qu au final j'était un peu mieux lotis que d'autre car je peux quand même utilisé internet et le mode sans echec.
Bref j ai suivi les instructions données sur un autre post par moment de grace (https://forums.commentcamarche.net/forum/affich-19244745-faux-antivirus-qui-ne-s-enlevent-pas#),
telechargement du logiciel Malwarebyte's Antimalware puis j ai suivi les indications et j ai donc recouper mon rapport d'erreurs que j affiche en dessous .
Merci pour l aide
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Version de la base de données: 4052
Windows 5.1.2600 Service Pack 2 (Safe Mode)
Internet Explorer 8.0.6001.18702
05/10/2010 02:10:39
mbam-log-2010-10-05 (02-10-39).txt
Type d'examen: Examen complet (C:\|D:\|)
Elément(s) analysé(s): 328251
Temps écoulé: 2 heure(s), 28 minute(s), 13 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 69
Valeur(s) du Registre infectée(s): 5
Elément(s) de données du Registre infecté(s): 10
Dossier(s) infecté(s): 11
Fichier(s) infecté(s): 61
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\syswebtelecom.syswebtelecom (Trojan.Dialer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\whiehelperobj.whiehelperobj.1 (Adware.WebHancer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{639581d0-8376-4073-b73b-45993fa45156} (Trojan.Dialer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{66b0c472-a6b5-4e86-8330-f4875af90929} (Trojan.Dialer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{85e06077-c824-43d0-a8dc-5efb17bc348a} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{8b8f6968-2f24-41e3-b653-e9613226f14d} (Trojan.KeenValue) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{c89435b0-cdfe-11d3-976a-00e02913a9e0} (Adware.WebHancer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8d8baf56-b581-4b90-a549-c4ac6b03f1bb} (Adware.EGDAccess) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ba749bc1-143e-430d-b1da-1d2af67a3658} (Adware.EGDAccess) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c2481ed1-9896-4d49-ae90-69858dfde446} (Adware.EGDAccess) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c900b400-cdfe-11d3-976a-00e02913a9e0} (Adware.WebHancer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{efb22865-f3bc-4309-adfa-c8e078a7f762} (Trojan.Dialer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{c8cb3870-cdfe-11d3-976a-00e02913a9e0} (Adware.WebHancer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{21de6877-97c0-4fc7-9c16-666b996db4a2} (Trojan.Dialer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{de289bfa-737b-4abb-a4ec-f8753551b875} (Trojan.KeenValue) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c900b400-cdfe-11d3-976a-00e02913a9e0} (Adware.WebHancer) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8d8baf56-b581-4b90-a549-c4ac6b03f1bb} (Adware.EGDAccess) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{c2481ed1-9896-4d49-ae90-69858dfde446} (Adware.EGDAccess) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{efb22865-f3bc-4309-adfa-c8e078a7f762} (Trojan.Dialer) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c900b400-cdfe-11d3-976a-00e02913a9e0} (Adware.WebHancer) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{90b5a95a-afd5-4d11-b9bd-a69d53d22226} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\pragmamslpfthqsd (Trojan.DNSChanger) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\new.net (Adware.NewDotNet) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\pragma (Rootkit.TDSS) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\PRAGMA (Rootkit.TDSS) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Digital Protection (Rogue.DigitalProtection) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MyWay (Adware.MyWaySearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Cydoor (AdWare.Cydoor) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Malware Defense (Rogue.MalwareDefense) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Paladin Antivirus (Rogue.PaladinAntivirus) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Paladin Antivirus (Rogue.PaladinAntivirus) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Malware Defense (Rogue.MalwareDefense) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/eglivecam_1028.dll (Adware.EGDAccess) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\egauth.egegauth (Adware.EGDAccess) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\egauth.egegauth.1 (Adware.EGDAccess) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\egcomservice.egcomsvc (Adware.EGDAccess) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\egcomservice.egcomsvc.1 (Adware.EGDAccess) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\egcomservice2.egcomsvc2 (Adware.EGDAccess) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\egcomservice2.egcomsvc2.1 (Adware.EGDAccess) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hottvplayer.htplayer (Adware.EGDAccess) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hottvplayer.htplayer.1 (Adware.EGDAccess) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\whiehelperobj.whiehelperobj (Adware.WebHancer) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\AVR (Rogue.AdvancedVirusRemover) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\egdhtml (Adware.EGDAccess) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\HotTVPlayer (Adware.EGDAccess) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\aldd (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\MS Juan (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Online Add-on (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\jkwslist (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Juan (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Instant Access (Adware.EGDAccess) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\webHancer Agent (Adware.WebHancer) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\whSurvey (Adware.WebHancer) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\webHancer (Adware.WebHancer) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\winantivirus pro 2006 (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Masta (Dialer.Masta) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\New.net (Adware.NewDotNet) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\epk_extr (Trojan.Skintrim) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{07aa283a-43d7-4cbe-a064-32a21112d94d} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sysmon64x.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\digital protection (Rogue.DigitalProtection) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\WINDOWS\system32\eglivecam_1028.dll (Adware.EGDAccess) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\General\wallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\System (Rootkit.DNSChanger.H) -> Data: kdxtq.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.114.53 85.255.112.16 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{0943558e-97f0-4e60-93c0-35ad155e01a2}\NameServer (Trojan.DNSChanger) -> Data: 85.255.114.53,85.255.112.16 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{24959abd-578a-42c2-96f3-fd27e966117b}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.114.53,85.255.112.16 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{24959abd-578a-42c2-96f3-fd27e966117b}\NameServer (Trojan.DNSChanger) -> Data: 85.255.114.53,85.255.112.16 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{7f2090e4-1c3b-4a33-8449-552588b354e6}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.114.53,85.255.112.16 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{f07b2490-2bc4-45f4-86c5-726080348053}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.114.53,85.255.112.16 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{f07b2490-2bc4-45f4-86c5-726080348053}\NameServer (Trojan.DNSChanger) -> Data: 85.255.114.53,85.255.112.16 -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
C:\Program Files\AdvancedVirusRemover (Rogue.AdvancedVirusRemover) -> Quarantined and deleted successfully.
C:\Program Files\MyWay (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar\History (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar\Settings (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\NewDotNet (Adware.NewDotNet) -> Quarantined and deleted successfully.
C:\Program Files\webHancer (Adware.WebHancer) -> Quarantined and deleted successfully.
C:\Program Files\webHancer\Programs (Adware.WebHancer) -> Quarantined and deleted successfully.
C:\Program Files\Digital Protection (Rogue.DigitalProtection) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mr\Menu Démarrer\Programmes\Digital Protection (Rogue.DigitalProtection) -> Quarantined and deleted successfully.
C:\WINDOWS\PRAGMAmslpfthqsd (Trojan.DNSChanger) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\WINDOWS\PRAGMAmslpfthqsd\PRAGMAd.sys (Trojan.DNSChanger) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar\History\search (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar\Settings\prevcfg.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\NewDotNet\readme.html (Adware.NewDotNet) -> Quarantined and deleted successfully.
C:\Program Files\NewDotNet\uninstall.exe (Adware.NewDotNet) -> Quarantined and deleted successfully.
C:\Program Files\webHancer\Programs\license.txt (Adware.WebHancer) -> Quarantined and deleted successfully.
C:\Program Files\webHancer\Programs\readme.txt (Adware.WebHancer) -> Quarantined and deleted successfully.
C:\Program Files\webHancer\Programs\sporder.dll (Adware.WebHancer) -> Quarantined and deleted successfully.
C:\Program Files\webHancer\Programs\whAgent.ini (Adware.WebHancer) -> Quarantined and deleted successfully.
C:\Program Files\webHancer\Programs\whSurvey.ini (Adware.WebHancer) -> Quarantined and deleted successfully.
C:\Program Files\Digital Protection\about.ico (Rogue.DigitalProtection) -> Quarantined and deleted successfully.
C:\Program Files\Digital Protection\activate.ico (Rogue.DigitalProtection) -> Quarantined and deleted successfully.
C:\Program Files\Digital Protection\buy.ico (Rogue.DigitalProtection) -> Quarantined and deleted successfully.
C:\Program Files\Digital Protection\dig.db (Rogue.DigitalProtection) -> Quarantined and deleted successfully.
C:\Program Files\Digital Protection\help.ico (Rogue.DigitalProtection) -> Quarantined and deleted successfully.
C:\Program Files\Digital Protection\scan.ico (Rogue.DigitalProtection) -> Quarantined and deleted successfully.
C:\Program Files\Digital Protection\settings.ico (Rogue.DigitalProtection) -> Quarantined and deleted successfully.
C:\Program Files\Digital Protection\splash.mp3 (Rogue.DigitalProtection) -> Quarantined and deleted successfully.
C:\Program Files\Digital Protection\update.ico (Rogue.DigitalProtection) -> Quarantined and deleted successfully.
C:\Program Files\Digital Protection\virus.mp3 (Rogue.DigitalProtection) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mr\Menu Démarrer\Programmes\Digital Protection\About.lnk (Rogue.DigitalProtection) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mr\Menu Démarrer\Programmes\Digital Protection\Activate.lnk (Rogue.DigitalProtection) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mr\Menu Démarrer\Programmes\Digital Protection\Buy.lnk (Rogue.DigitalProtection) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mr\Menu Démarrer\Programmes\Digital Protection\Digital Protection Support.lnk (Rogue.DigitalProtection) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mr\Menu Démarrer\Programmes\Digital Protection\Digital Protection.lnk (Rogue.DigitalProtection) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mr\Menu Démarrer\Programmes\Digital Protection\Scan.lnk (Rogue.DigitalProtection) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mr\Menu Démarrer\Programmes\Digital Protection\Settings.lnk (Rogue.DigitalProtection) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mr\Menu Démarrer\Programmes\Digital Protection\Update.lnk (Rogue.DigitalProtection) -> Quarantined and deleted successfully.
C:\WINDOWS\PRAGMAmslpfthqsd\PRAGMAc.dll (Trojan.DNSChanger) -> Quarantined and deleted successfully.
C:\WINDOWS\PRAGMAmslpfthqsd\PRAGMAcfg.ini (Trojan.DNSChanger) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\pragmamfeklnmal.dll (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mr\Local Settings\Temp\pragmamainqt.dll (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\pragmamainqt.dll (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mr\Local Settings\Temp\PRAGMA8664.tmp (Trojan.DNSChanger) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Favoris\_favdata.dat (Malware.Trace) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\fiosejgfse.dll (Rogue.Trace) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mr\Application Data\Microsoft\Internet Explorer\Quick Launch\Advanced Virus Remover.lnk (Rogue.AdvancedVirusRemover) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mr\Menu Démarrer\Advanced Virus Remover.lnk (Rogue.AdvancedVirusRemover) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mr\Menu Démarrer\NoCreditCard.lnk (Trojan.Dialer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mr\Menu Démarrer\NoCreditCard.url (Trojan.Dialer) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\agkqyyc_nav.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\uqpbtdyag_nav.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\agkqyyc_navps.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\uqpbtdyag_navps.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\WINTRUST.DLL.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\eglivecam_1028.dll (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gjkkj.bak1 (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gjkkj.ini (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mcrh.tmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\msegcompid.dll (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\npqss.tmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\BM230e4d31.txt (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\BM230e4d31.xml (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\cookies.ini (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\dialerexe.ini (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\WINDOWS\photo51.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\photo9.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\pskt.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\tmlpcert2007 (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\WINDOWS\smdat32a.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\smdat32m.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
voilà j ai un souci avec mon ordi qui est infecté par cet antivirus ... virus , j ai constaté que j été loin d'être le seul et qu au final j'était un peu mieux lotis que d'autre car je peux quand même utilisé internet et le mode sans echec.
Bref j ai suivi les instructions données sur un autre post par moment de grace (https://forums.commentcamarche.net/forum/affich-19244745-faux-antivirus-qui-ne-s-enlevent-pas#),
telechargement du logiciel Malwarebyte's Antimalware puis j ai suivi les indications et j ai donc recouper mon rapport d'erreurs que j affiche en dessous .
Merci pour l aide
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Version de la base de données: 4052
Windows 5.1.2600 Service Pack 2 (Safe Mode)
Internet Explorer 8.0.6001.18702
05/10/2010 02:10:39
mbam-log-2010-10-05 (02-10-39).txt
Type d'examen: Examen complet (C:\|D:\|)
Elément(s) analysé(s): 328251
Temps écoulé: 2 heure(s), 28 minute(s), 13 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 69
Valeur(s) du Registre infectée(s): 5
Elément(s) de données du Registre infecté(s): 10
Dossier(s) infecté(s): 11
Fichier(s) infecté(s): 61
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\syswebtelecom.syswebtelecom (Trojan.Dialer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\whiehelperobj.whiehelperobj.1 (Adware.WebHancer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{639581d0-8376-4073-b73b-45993fa45156} (Trojan.Dialer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{66b0c472-a6b5-4e86-8330-f4875af90929} (Trojan.Dialer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{85e06077-c824-43d0-a8dc-5efb17bc348a} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{8b8f6968-2f24-41e3-b653-e9613226f14d} (Trojan.KeenValue) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{c89435b0-cdfe-11d3-976a-00e02913a9e0} (Adware.WebHancer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8d8baf56-b581-4b90-a549-c4ac6b03f1bb} (Adware.EGDAccess) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ba749bc1-143e-430d-b1da-1d2af67a3658} (Adware.EGDAccess) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c2481ed1-9896-4d49-ae90-69858dfde446} (Adware.EGDAccess) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c900b400-cdfe-11d3-976a-00e02913a9e0} (Adware.WebHancer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{efb22865-f3bc-4309-adfa-c8e078a7f762} (Trojan.Dialer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{c8cb3870-cdfe-11d3-976a-00e02913a9e0} (Adware.WebHancer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{21de6877-97c0-4fc7-9c16-666b996db4a2} (Trojan.Dialer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{de289bfa-737b-4abb-a4ec-f8753551b875} (Trojan.KeenValue) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c900b400-cdfe-11d3-976a-00e02913a9e0} (Adware.WebHancer) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8d8baf56-b581-4b90-a549-c4ac6b03f1bb} (Adware.EGDAccess) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{c2481ed1-9896-4d49-ae90-69858dfde446} (Adware.EGDAccess) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{efb22865-f3bc-4309-adfa-c8e078a7f762} (Trojan.Dialer) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c900b400-cdfe-11d3-976a-00e02913a9e0} (Adware.WebHancer) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{90b5a95a-afd5-4d11-b9bd-a69d53d22226} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\pragmamslpfthqsd (Trojan.DNSChanger) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\new.net (Adware.NewDotNet) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\pragma (Rootkit.TDSS) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\PRAGMA (Rootkit.TDSS) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Digital Protection (Rogue.DigitalProtection) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MyWay (Adware.MyWaySearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Cydoor (AdWare.Cydoor) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Malware Defense (Rogue.MalwareDefense) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Paladin Antivirus (Rogue.PaladinAntivirus) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Paladin Antivirus (Rogue.PaladinAntivirus) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Malware Defense (Rogue.MalwareDefense) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/system32/eglivecam_1028.dll (Adware.EGDAccess) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\egauth.egegauth (Adware.EGDAccess) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\egauth.egegauth.1 (Adware.EGDAccess) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\egcomservice.egcomsvc (Adware.EGDAccess) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\egcomservice.egcomsvc.1 (Adware.EGDAccess) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\egcomservice2.egcomsvc2 (Adware.EGDAccess) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\egcomservice2.egcomsvc2.1 (Adware.EGDAccess) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hottvplayer.htplayer (Adware.EGDAccess) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hottvplayer.htplayer.1 (Adware.EGDAccess) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\whiehelperobj.whiehelperobj (Adware.WebHancer) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\AVR (Rogue.AdvancedVirusRemover) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\egdhtml (Adware.EGDAccess) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\HotTVPlayer (Adware.EGDAccess) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\aldd (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\MS Juan (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Online Add-on (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\jkwslist (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Juan (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Instant Access (Adware.EGDAccess) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\webHancer Agent (Adware.WebHancer) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\whSurvey (Adware.WebHancer) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\webHancer (Adware.WebHancer) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\winantivirus pro 2006 (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Masta (Dialer.Masta) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\New.net (Adware.NewDotNet) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\epk_extr (Trojan.Skintrim) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{07aa283a-43d7-4cbe-a064-32a21112d94d} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sysmon64x.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\digital protection (Rogue.DigitalProtection) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\WINDOWS\system32\eglivecam_1028.dll (Adware.EGDAccess) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\General\wallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\System (Rootkit.DNSChanger.H) -> Data: kdxtq.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.114.53 85.255.112.16 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{0943558e-97f0-4e60-93c0-35ad155e01a2}\NameServer (Trojan.DNSChanger) -> Data: 85.255.114.53,85.255.112.16 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{24959abd-578a-42c2-96f3-fd27e966117b}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.114.53,85.255.112.16 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{24959abd-578a-42c2-96f3-fd27e966117b}\NameServer (Trojan.DNSChanger) -> Data: 85.255.114.53,85.255.112.16 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{7f2090e4-1c3b-4a33-8449-552588b354e6}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.114.53,85.255.112.16 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{f07b2490-2bc4-45f4-86c5-726080348053}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.114.53,85.255.112.16 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{f07b2490-2bc4-45f4-86c5-726080348053}\NameServer (Trojan.DNSChanger) -> Data: 85.255.114.53,85.255.112.16 -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
C:\Program Files\AdvancedVirusRemover (Rogue.AdvancedVirusRemover) -> Quarantined and deleted successfully.
C:\Program Files\MyWay (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar\History (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar\Settings (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\NewDotNet (Adware.NewDotNet) -> Quarantined and deleted successfully.
C:\Program Files\webHancer (Adware.WebHancer) -> Quarantined and deleted successfully.
C:\Program Files\webHancer\Programs (Adware.WebHancer) -> Quarantined and deleted successfully.
C:\Program Files\Digital Protection (Rogue.DigitalProtection) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mr\Menu Démarrer\Programmes\Digital Protection (Rogue.DigitalProtection) -> Quarantined and deleted successfully.
C:\WINDOWS\PRAGMAmslpfthqsd (Trojan.DNSChanger) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\WINDOWS\PRAGMAmslpfthqsd\PRAGMAd.sys (Trojan.DNSChanger) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar\History\search (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar\Settings\prevcfg.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\NewDotNet\readme.html (Adware.NewDotNet) -> Quarantined and deleted successfully.
C:\Program Files\NewDotNet\uninstall.exe (Adware.NewDotNet) -> Quarantined and deleted successfully.
C:\Program Files\webHancer\Programs\license.txt (Adware.WebHancer) -> Quarantined and deleted successfully.
C:\Program Files\webHancer\Programs\readme.txt (Adware.WebHancer) -> Quarantined and deleted successfully.
C:\Program Files\webHancer\Programs\sporder.dll (Adware.WebHancer) -> Quarantined and deleted successfully.
C:\Program Files\webHancer\Programs\whAgent.ini (Adware.WebHancer) -> Quarantined and deleted successfully.
C:\Program Files\webHancer\Programs\whSurvey.ini (Adware.WebHancer) -> Quarantined and deleted successfully.
C:\Program Files\Digital Protection\about.ico (Rogue.DigitalProtection) -> Quarantined and deleted successfully.
C:\Program Files\Digital Protection\activate.ico (Rogue.DigitalProtection) -> Quarantined and deleted successfully.
C:\Program Files\Digital Protection\buy.ico (Rogue.DigitalProtection) -> Quarantined and deleted successfully.
C:\Program Files\Digital Protection\dig.db (Rogue.DigitalProtection) -> Quarantined and deleted successfully.
C:\Program Files\Digital Protection\help.ico (Rogue.DigitalProtection) -> Quarantined and deleted successfully.
C:\Program Files\Digital Protection\scan.ico (Rogue.DigitalProtection) -> Quarantined and deleted successfully.
C:\Program Files\Digital Protection\settings.ico (Rogue.DigitalProtection) -> Quarantined and deleted successfully.
C:\Program Files\Digital Protection\splash.mp3 (Rogue.DigitalProtection) -> Quarantined and deleted successfully.
C:\Program Files\Digital Protection\update.ico (Rogue.DigitalProtection) -> Quarantined and deleted successfully.
C:\Program Files\Digital Protection\virus.mp3 (Rogue.DigitalProtection) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mr\Menu Démarrer\Programmes\Digital Protection\About.lnk (Rogue.DigitalProtection) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mr\Menu Démarrer\Programmes\Digital Protection\Activate.lnk (Rogue.DigitalProtection) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mr\Menu Démarrer\Programmes\Digital Protection\Buy.lnk (Rogue.DigitalProtection) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mr\Menu Démarrer\Programmes\Digital Protection\Digital Protection Support.lnk (Rogue.DigitalProtection) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mr\Menu Démarrer\Programmes\Digital Protection\Digital Protection.lnk (Rogue.DigitalProtection) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mr\Menu Démarrer\Programmes\Digital Protection\Scan.lnk (Rogue.DigitalProtection) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mr\Menu Démarrer\Programmes\Digital Protection\Settings.lnk (Rogue.DigitalProtection) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mr\Menu Démarrer\Programmes\Digital Protection\Update.lnk (Rogue.DigitalProtection) -> Quarantined and deleted successfully.
C:\WINDOWS\PRAGMAmslpfthqsd\PRAGMAc.dll (Trojan.DNSChanger) -> Quarantined and deleted successfully.
C:\WINDOWS\PRAGMAmslpfthqsd\PRAGMAcfg.ini (Trojan.DNSChanger) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\pragmamfeklnmal.dll (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mr\Local Settings\Temp\pragmamainqt.dll (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\pragmamainqt.dll (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mr\Local Settings\Temp\PRAGMA8664.tmp (Trojan.DNSChanger) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Favoris\_favdata.dat (Malware.Trace) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\fiosejgfse.dll (Rogue.Trace) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mr\Application Data\Microsoft\Internet Explorer\Quick Launch\Advanced Virus Remover.lnk (Rogue.AdvancedVirusRemover) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mr\Menu Démarrer\Advanced Virus Remover.lnk (Rogue.AdvancedVirusRemover) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mr\Menu Démarrer\NoCreditCard.lnk (Trojan.Dialer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mr\Menu Démarrer\NoCreditCard.url (Trojan.Dialer) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\agkqyyc_nav.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\uqpbtdyag_nav.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\agkqyyc_navps.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\uqpbtdyag_navps.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\WINTRUST.DLL.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\eglivecam_1028.dll (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gjkkj.bak1 (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gjkkj.ini (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mcrh.tmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\msegcompid.dll (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\npqss.tmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\BM230e4d31.txt (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\BM230e4d31.xml (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\cookies.ini (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\dialerexe.ini (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\WINDOWS\photo51.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\photo9.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\pskt.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\tmlpcert2007 (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\WINDOWS\smdat32a.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\smdat32m.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
A voir également:
- Le mechant Antivirus IS
- What is my movie français - Télécharger - Divers TV & Vidéo
- Comodo antivirus - Télécharger - Sécurité
- Panda antivirus - Télécharger - Antivirus & Antimalwares
- Norton antivirus gratuit - Télécharger - Antivirus & Antimalwares
- Who is on my wifi - Télécharger - Outils Internet
27 réponses
Fais un nouveau rapport ZHPdiag stp
Rend toi sur Cjoint : http://www.cijoint.fr/
Clique sur "Parcourir " dans la partie " Joindre un fichier[...] "
Sélectionne le rapport ZHPdiag.txt qui se trouve sur ton bureau
Clique ensuite sur "Cliquez ici pour déposer le fichier " et copie/colle le lien dans ton prochain message
Rend toi sur Cjoint : http://www.cijoint.fr/
Clique sur "Parcourir " dans la partie " Joindre un fichier[...] "
Sélectionne le rapport ZHPdiag.txt qui se trouve sur ton bureau
Clique ensuite sur "Cliquez ici pour déposer le fichier " et copie/colle le lien dans ton prochain message
Copie tout le texte présent en gras ci-dessous ( tu le selectionnes avec ta souris / Clique droit dessus et choisis "copier" ou fait Ctrl+C )
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:27811
[HKLM\Software\cxupzdlqp]
[HKLM\Software\etzyywfl]
[HKLM\Software\hpqmnrek]
[HKLM\Software\mmtbtu]
O42 - Logiciel: ShopperReports - (.ShopperReports.) [HKLM] -- ShopperReports
[HKCU\Software\180solutions]
[HKCU\Software\Prodiff]
[HKLM\Software\SearchUpgrader]
O43 - CFD:Common File Directory ----D- C:\Program Files\ShopperReports
Puis Lance ZHPFix depuis le raccourci du bureau .
* Une fois l'outil ZHPFix ouvert , clique sur le bouton [ H ] ( "coller les lignes Helper" ) .
* Dans l'encadré principal tu verras donc les lignes que tu as copié précédemment apparaitrent .
Vérifie que toutes les lignes que je t'ai demandé de copier (et seulement elles) sont dans la fenêtre.
Clique sur " Ok " , puis " Tous " et enfin " Nettoyer ".
Copie/Colle le rapport à l'écran dans ton prochain message
le rapport se trouve dans le dossier de zhpdiag dans program files sous le nom de ZHPFixReport
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:27811
[HKLM\Software\cxupzdlqp]
[HKLM\Software\etzyywfl]
[HKLM\Software\hpqmnrek]
[HKLM\Software\mmtbtu]
O42 - Logiciel: ShopperReports - (.ShopperReports.) [HKLM] -- ShopperReports
[HKCU\Software\180solutions]
[HKCU\Software\Prodiff]
[HKLM\Software\SearchUpgrader]
O43 - CFD:Common File Directory ----D- C:\Program Files\ShopperReports
Puis Lance ZHPFix depuis le raccourci du bureau .
* Une fois l'outil ZHPFix ouvert , clique sur le bouton [ H ] ( "coller les lignes Helper" ) .
* Dans l'encadré principal tu verras donc les lignes que tu as copié précédemment apparaitrent .
Vérifie que toutes les lignes que je t'ai demandé de copier (et seulement elles) sont dans la fenêtre.
Clique sur " Ok " , puis " Tous " et enfin " Nettoyer ".
Copie/Colle le rapport à l'écran dans ton prochain message
le rapport se trouve dans le dossier de zhpdiag dans program files sous le nom de ZHPFixReport
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
J ai le rapport , cependant j ai une petite question , j ai remarqué que dans la plus part de mes dossier voire la totalité (j ai pas vérifier) se trouve les icones d'engrenage Desktop.ini ou Thumbs.db , je pourrai en avoir la signification ? Merci
Voilà le rapport :
Rapport de ZHPFix 1.12.3206 par Nicolas Coolman, Update du 04/10/2010
Fichier d'export Registre :
Run by Mr at 14/10/2010 14:44:43
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html
Contact : nicolascoolman@yahoo.fr
========== Clé(s) du Registre ==========
HKLM\Software\cxupzdlqp => Clé absente
HKLM\Software\etzyywfl => Clé absente
HKLM\Software\hpqmnrek => Clé absente
HKLM\Software\mmtbtu => Clé absente
HKCU\Software\180solutions => Clé absente
HKCU\Software\Prodiff => Clé absente
HKLM\Software\SearchUpgrader => Clé absente
========== Elément(s) de donnée du Registre ==========
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:27811 => Donnée supprimée avec succès
========== Dossier(s) ==========
C:\Program Files\ShopperReports => Dossier absent
========== Logiciel(s) ==========
O42 - Logiciel: ShopperReports - (.ShopperReports.) [HKLM] -- ShopperReports => Logiciel déjà supprimé
========== Récapitulatif ==========
7 : Clé(s) du Registre
1 : Elément(s) de donnée du Registre
1 : Dossier(s)
1 : Logiciel(s)
End of the scan
Voilà le rapport :
Rapport de ZHPFix 1.12.3206 par Nicolas Coolman, Update du 04/10/2010
Fichier d'export Registre :
Run by Mr at 14/10/2010 14:44:43
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html
Contact : nicolascoolman@yahoo.fr
========== Clé(s) du Registre ==========
HKLM\Software\cxupzdlqp => Clé absente
HKLM\Software\etzyywfl => Clé absente
HKLM\Software\hpqmnrek => Clé absente
HKLM\Software\mmtbtu => Clé absente
HKCU\Software\180solutions => Clé absente
HKCU\Software\Prodiff => Clé absente
HKLM\Software\SearchUpgrader => Clé absente
========== Elément(s) de donnée du Registre ==========
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:27811 => Donnée supprimée avec succès
========== Dossier(s) ==========
C:\Program Files\ShopperReports => Dossier absent
========== Logiciel(s) ==========
O42 - Logiciel: ShopperReports - (.ShopperReports.) [HKLM] -- ShopperReports => Logiciel déjà supprimé
========== Récapitulatif ==========
7 : Clé(s) du Registre
1 : Elément(s) de donnée du Registre
1 : Dossier(s)
1 : Logiciel(s)
End of the scan
tu dois avoir les fichiers cachés d'affichés
Clique sur démarrer/panneau de configuration/option des dossiers/affichage
décocher afficher les dossiers cachés
coche la case "Masquer les fichiers protégés du système d'exploitation (recommandé)"
cocher masquer les extensions dont le type est connu
Puis fais «appliquer» pour valider les changements.
Et OK
........................
peux mettre à jour MBAM maintenant ?
Clique sur démarrer/panneau de configuration/option des dossiers/affichage
décocher afficher les dossiers cachés
coche la case "Masquer les fichiers protégés du système d'exploitation (recommandé)"
cocher masquer les extensions dont le type est connu
Puis fais «appliquer» pour valider les changements.
Et OK
........................
peux mettre à jour MBAM maintenant ?
Désolé pour le temps de réponse mais je suis trés peu sur l ordinateur ces temps si et une mise a jours de MBAM prend plusieurs heures sur mon ordi
