Sujet Précédent Sujet Suivant

Virus du nom "antivirus software"

Fermé
bill - 29 déc. 2010 à 16:43
 Utilisateur anonyme - 29 déc. 2010 à 20:54
Bonjour, depuis aujourd'hui j'ai un virus sur mon ordinateur et je n'arrive pas a m'en débarrasser. Il s'appelle antivirus software. si quelqu'un pouvait m'aider je lui en serait reconnaissant.

Merci d'avance



7 réponses

Réponse 1 / 7
Utilisateur anonyme
29 déc. 2010 à 16:46
Bonjour

Pour de plus amples informations, fait ceci stp

Ouvre ce lien et télécharge ZHPDiag de Nicolas Coolman :

https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html

Ou

https://www.commentcamarche.net/telecharger/utilitaires/24803-zhpdiag/

Serveur N°2

Ou

http://www.premiumorange.com/zeb-help-process/zhpdiag.html
en bas de la page ZHP avec un numéro de version.

Une fois le téléchargement achevé, dé zippe le fichier obtenu et place ZHPDiag.exe sur ton Bureau.

Double-clique sur l'icône pour lancer le programme. Sous Vista ou Seven clic droit « exécuter en tant que administrateur »


Clique sur la loupe pour lancer l'analyse.

Laisse l'outil travailler, il peut être assez long.

Ferme ZHPDiag en fin d'analyse.


Pour transmettre le rapport clique sur ce lien :

http://www.cijoint.fr/index.php

ou

http://ww38.toofiles.com/fr/documents-upload.html

Clique sur Parcourir et cherche le répertoire où est installé ZHPDiag (en général C:\Program Files\ZHPDiag).

Sélectionne le fichier ZHPDiag.txt.

Clique sur "Cliquez ici pour déposer le fichier".

Un lien de cette forme :

http://www.cijoint.fr/cjlink.php?file=cj200905/cijSKAP5fU.txt

est ajouté dans la page.

Copie ce lien dans ta réponse.

Merci

A+
0
Réponse 2 / 7
bill
29 déc. 2010 à 16:58
http://www.cijoint.fr/cjlink.php?file=cj201012/cijTWE1IF1.txt

j'espère que c'est bien sa...
0
Réponse 3 / 7
Utilisateur anonyme
Modifié par Guillaume5188 le 29/12/2010 à 17:09
Re



* Lance Malwarebyte's. Sous Vista et Seven (clic droit de la souris « exécuter en tant que administrateur »)

Met le à jour

Fais un examen dit "Complet"

--> Laisse le programme travailler ( et ne rien faire d'autre avec le PC durant le scan ).
--> à la fin tu cliques sur "Afficher les résultats" " .
--> Vérifie que tous les objets infectés soient validés, puis clique sur " supprimer la sélection " .

Note : si il faut redémarrer ton PC pour finir le nettoyage, fais le !


Poste le rapport sauvegardé après la suppression des objets infectés (dans l'onglet "rapport/log"de Malwaresbytes, le dernier en date)

@+
---------Contributeur Sécurité---------
On a tous été un jour débutant dans quelque chose.
Mais le savoir est la récompense de l'assiduité.
0
Réponse 4 / 7
bill
29 déc. 2010 à 18:20
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Version de la base de données: 5416

Windows 6.0.6002 Service Pack 2 (Safe Mode)
Internet Explorer 8.0.6001.18999

29/12/2010 18:09:43
mbam-log-2010-12-29 (18-09-43).txt

Type d'examen: Examen complet (C:\|D:\|)
Elément(s) analysé(s): 254174
Temps écoulé: 38 minute(s), 49 seconde(s)

Processus mémoire infecté(s): 2
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 47
Valeur(s) du Registre infectée(s): 22
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 45
Fichier(s) infecté(s): 142

Processus mémoire infecté(s):
c:\Users\theophane\AppData\Roaming\dwm.exe (Trojan.FakeAV) -> 1312 -> Unloaded process successfully.
c:\Users\theophane\AppData\Roaming\microsoft\conhost.exe (Spyware.Passwords.XGen) -> 1396 -> Unloaded process successfully.

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{3DE88BEB-F271-484A-BA71-01D30F439F0C} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{42C7C39F-3128-4a17-BDB7-91C46032B5B9} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{AC5AB953-ED25-4F9C-87F0-B086B0178FFA} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{6160F76A-1992-4B17-A32D-0C706D159105} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ExplorerBar.FunExplorer.1 (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ExplorerBar.FunExplorer (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{42C7C39F-3128-4A17-BDB7-91C46032B5B9} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{42C7C39F-3128-4A17-BDB7-91C46032B5B9} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{42C7C39F-3128-4A17-BDB7-91C46032B5B9} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{50AD41D2-B1F0-47CC-9EA7-395355EAEEBD} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8CEB185E-81A5-46D3-BC20-C555D605AFBD} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{A72522BA-9FF3-4C83-ABC6-9B476728A396} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{C5762628-AE15-4ca6-96C4-B00DD17F3419} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{D062E03E-65CA-49E4-9B15-31938BA98922} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{2A743834-05F4-4ED4-8A1C-41332B10AC0C} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{1081D532-7DE4-40BD-B912-388FA6B27C78} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{565DD573-549E-4DA9-8CD7-6AE3DF25339A} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{877F3EAB-4462-44DF-8475-6064EAFD7FBF} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{883DFC00-8A21-411D-956C-73A4E4B7D16F} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{480098C6-F6AD-4C61-9B5C-2BAE228A34D1} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{F5B8C69C-9B45-4A6A-9380-DF225C546AE7} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{629CD6C2-E4C5-4554-AEB8-12E4E2CD40FF} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Explorer\Bars\{B72681C0-A222-4b21-A0E2-53A5A5CA3D411} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Explorer\Bars\{CAC89FF9-34A9-4431-8CFE-292A47F843BC} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{CAC89FF9-34A9-4431-8CFE-292A47F843BC} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CAC89FF9-34A9-4431-8CFE-292A47F843BC} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{1D74E9DD-8987-448B-B2CB-67FFF2B8A932} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D74E9DD-8987-448B-B2CB-67FFF2B8A932} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{B72681C0-A222-4B21-A0E2-53A5A5CA3D41} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{B72681C0-A222-4B21-A0E2-53A5A5CA3D41} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{EB4A577D-BCAD-4B1C-8AF2-9A74B8DD3431} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EB4A577D-BCAD-4B1C-8AF2-9A74B8DD3431} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{95F19350-A3A2-491B-A404-54BDD34DB49D} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ExplorerBar.FunRedirector (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ExplorerBar.FunRedirector.1 (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Solt Lake Software (Rogue.ProAntiSpyware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Pro Antispyware 2009 4.6 (Rogue.ProAntiSpyware) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Media Access Startup (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\QuestService (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Web Search Operator (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\AppDataLow\SOFTWARE\Internet Today (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\QuestService (Adware.DoubleD) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\conhost (Spyware.Passwords.XGen) -> Value: conhost -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\conhost (Spyware.Passwords.XGen) -> Value: conhost -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mscj.exe (Backdoor.Bot) -> Value: mscj.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mscjm.exe (Trojan.VB) -> Value: mscjm.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mscjm (Trojan.VB) -> Value: mscjm -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\aewyfxlh (Trojan.Dropper) -> Value: aewyfxlh -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2} (Adware.DoubleD) -> Value: {D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2} -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2} (Adware.DoubleD) -> Value: {D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2} -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{40f1eb95-4de4-4f36-a826-054ee36bb905} (Adware.DoubleD) -> Value: {40f1eb95-4de4-4f36-a826-054ee36bb905} -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{40f1eb95-4de4-4f36-a826-054ee36bb905} (Adware.DoubleD) -> Value: {40f1eb95-4de4-4f36-a826-054ee36bb905} -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{E63605FC-D583-4C81-867F-9457BDB3EA1B} (Adware.DoubleD) -> Value: {E63605FC-D583-4C81-867F-9457BDB3EA1B} -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{E63605FC-D583-4C81-867F-9457BDB3EA1B} (Adware.DoubleD) -> Value: {E63605FC-D583-4C81-867F-9457BDB3EA1B} -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{8141440E-08F0-4339-9959-5C31C6A69F23} (Adware.DoubleD) -> Value: {8141440E-08F0-4339-9959-5C31C6A69F23} -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{8141440E-08F0-4339-9959-5C31C6A69F23} (Adware.DoubleD) -> Value: {8141440E-08F0-4339-9959-5C31C6A69F23} -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{E889F097-B0BE-471B-89AD-B86B6F04B506} (Adware.DoubleD) -> Value: {E889F097-B0BE-471B-89AD-B86B6F04B506} -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{E889F097-B0BE-471B-89AD-B86B6F04B506} (Adware.DoubleD) -> Value: {E889F097-B0BE-471B-89AD-B86B6F04B506} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Load (Trojan.Agent) -> Value: Load -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\54757331 (Rogue.Multiple) -> Value: 54757331 -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\{80D1903C-9807-20E9-B2A3-286BA29BAD8E} (Trojan.ZbotR.Gen) -> Value: {80D1903C-9807-20E9-B2A3-286BA29BAD8E} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Hijack.Shell) -> Value: Shell -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform\VB_gameztar (Adware.DoubleD) -> Value: VB_gameztar -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Internet Today Task (Adware.Agent) -> Value: Internet Today Task -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Load (Trojan.Agent) -> Bad: (C:\Users\THEOPH~1\AppData\Local\Temp\csrss.exe) Good: () -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
c:\programdata\54757331 (Rogue.Multiple) -> Quarantined and deleted successfully.
c:\programdata\questservice (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\solt lake software (Rogue.ProAntiSpyware) -> Quarantined and deleted successfully.
c:\programdata\solt lake software\pro antispyware 2009 (Rogue.ProAntiSpyware) -> Quarantined and deleted successfully.
c:\programdata\solt lake software\pro antispyware 2009\BASE (Rogue.ProAntiSpyware) -> Quarantined and deleted successfully.
c:\programdata\solt lake software\pro antispyware 2009\DELETED (Rogue.ProAntiSpyware) -> Quarantined and deleted successfully.
c:\programdata\solt lake software\pro antispyware 2009\LOG (Rogue.ProAntiSpyware) -> Quarantined and deleted successfully.
c:\programdata\solt lake software\pro antispyware 2009\SAVED (Rogue.ProAntiSpyware) -> Quarantined and deleted successfully.
c:\program files\automated content enhancer (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\automated content enhancer\4.1.0.5190 (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\automated content enhancer\4.1.0.5190\Data (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\automated content enhancer\4.1.0.5190\FF (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\automated content enhancer\4.1.0.5190\FF\chrome (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\automated content enhancer\4.1.0.5190\FF\chrome\content (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\automated content enhancer\4.1.0.5190\FF\components (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\content management wizard (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\content management wizard\1.1.0.1870 (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\customized platform advancer (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\customized platform advancer\3.1.0.1630 (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\customized platform advancer\3.1.0.1630\Data (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\customized platform advancer\3.1.0.1630\FF (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\customized platform advancer\3.1.0.1630\FF\chrome (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\customized platform advancer\3.1.0.1630\FF\chrome\content (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\customized platform advancer\3.1.0.1630\FF\components (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\internet today (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\internet today\1.1.0.1190 (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\questservice (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\textual content provider (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\textual content provider\1.1.0.1610 (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\textual content provider\1.1.0.1610\data (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\textual content provider\1.1.0.1610\for_anti_av (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\textual content provider\1.1.0.1610\for_anti_av\1.1.0.1610 (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\web search operator (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\web search operator\3.1.0.1840 (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\web search operator\3.1.0.1840\Data (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\web search operator\3.1.0.1840\FF (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\web search operator\3.1.0.1840\FF\chrome (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\web search operator\3.1.0.1840\FF\chrome\content (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\web search operator\3.1.0.1840\FF\components (Adware.Agent) -> Quarantined and deleted successfully.
c:\Users\theophane\local settings\application data\internet today (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\Users\theophane\local settings\application data\textual content provider (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\Users\theophane\local settings\application data\textual content provider\1.1.0.1610 (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\Users\theophane\local settings\application data\textual content provider\1.1.0.1610\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\Users\theophane\local settings\application data\web search operator (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\Users\theophane\local settings\application data\web search operator\3.1.0.1840 (Adware.DoubleD) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
c:\Users\theophane\AppData\Roaming\dwm.exe (Trojan.FakeAV) -> Quarantined and deleted successfully.
c:\Users\theophane\AppData\Roaming\microsoft\conhost.exe (Spyware.Passwords.XGen) -> Quarantined and deleted successfully.
c:\Users\theophane\AppData\Roaming\96133\mscj.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\Users\theophane\AppData\Roaming\96133\mscjm.exe (Trojan.VB) -> Quarantined and deleted successfully.
c:\Users\theophane\AppData\Local\Temp\jfdxwprtp\vjtauiflajb.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\program files\customized platform advancer\3.1.0.1630\cpaieaddon.dll (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\content management wizard\1.1.0.1870\cmwsh.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\customized platform advancer\3.1.0.1630\cpaieaddonsubl.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\web search operator\3.1.0.1840\FF\components\wsoffaddon.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\windows live\messenger\msimg32.dll (PUP.FunWebProducts) -> Not selected for removal.
c:\program files\windows live\messenger\riched20.dll (PUP.FunWebProducts) -> Not selected for removal.
c:\programdata\{09e43f98-1dea-4220-ab2b-ab6ad067e5d3}\Setup.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{09e43f98-1dea-4220-ab2b-ab6ad067e5d3}\OFFLINE\3A0AAFF0\B94081D6\mvbsvc.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\programdata\{09e43f98-1dea-4220-ab2b-ab6ad067e5d3}\OFFLINE\48C8FBD2\B94081D6\productinfo.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{09e43f98-1dea-4220-ab2b-ab6ad067e5d3}\OFFLINE\53CCABA1\B94081D6\mvbdl.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{09e43f98-1dea-4220-ab2b-ab6ad067e5d3}\OFFLINE\75918810\B94081D6\mvbapp.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\programdata\{09e43f98-1dea-4220-ab2b-ab6ad067e5d3}\OFFLINE\93CE9E2B\B94081D6\mvbasst.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\programdata\{09e43f98-1dea-4220-ab2b-ab6ad067e5d3}\OFFLINE\mfilebagide.dll\bag\aiaSetup.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{09e43f98-1dea-4220-ab2b-ab6ad067e5d3}\OFFLINE\mfilebagide.dll\bag\CMWSetup.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{09e43f98-1dea-4220-ab2b-ab6ad067e5d3}\OFFLINE\mfilebagide.dll\bag\ITSetup.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{09e43f98-1dea-4220-ab2b-ab6ad067e5d3}\OFFLINE\mfilebagide.dll\bag\mvbpx.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\programdata\{09e43f98-1dea-4220-ab2b-ab6ad067e5d3}\OFFLINE\mfilebagide.dll\bag\mvbterm.exe (Adware.ColorSoft) -> Quarantined and deleted successfully.
c:\programdata\{09e43f98-1dea-4220-ab2b-ab6ad067e5d3}\OFFLINE\mfilebagide.dll\bag\productinfo.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{09e43f98-1dea-4220-ab2b-ab6ad067e5d3}\OFFLINE\mfilebagide.dll\bag\psksetup.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{09e43f98-1dea-4220-ab2b-ab6ad067e5d3}\OFFLINE\mfilebagide.dll\bag\sessetup.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{09e43f98-1dea-4220-ab2b-ab6ad067e5d3}\OFFLINE\mfilebagide.dll\bag\TPSetup.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{09e43f98-1dea-4220-ab2b-ab6ad067e5d3}\setuparchive\9B0CAB90\B94081D6\mvbapp.dll (Adware.DoubleD.Gen) -> Quarantined and deleted successfully.
c:\Users\theophane\AppData\Local\9479401.exe (Rogue.SecurityTool) -> Quarantined and deleted successfully.
c:\Users\theophane\AppData\Local\nvcysrsyaa.exe (Trojan.GBFE) -> Quarantined and deleted successfully.
c:\Users\theophane\AppData\Local\microsoft\Windows\temporary internet files\Low\gameztar toolbar\2.1.1.5750\bin\mvbup.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\theophane\AppData\Local\microsoft\Windows\temporary internet files\Low\{d45817b8-3ead-4d1d-8fca-ec63a8e35de2}\mvbup.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\theophane\AppData\Local\microsoft\Windows\temporary internet files\Low\{d45817b8-3ead-4d1d-8fca-ec63a8e35de2}\productinfo.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\Users\theophane\AppData\Local\microsoft\Windows\temporary internet files\Low\{d45817b8-3ead-4d1d-8fca-ec63a8e35de2}\Setup.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\Users\theophane\AppData\Local\microsoft\Windows\temporary internet files\Low\{d45817b8-3ead-4d1d-8fca-ec63a8e35de2}\tdf.dat (Adware.BHO) -> Quarantined and deleted successfully.
c:\Users\theophane\AppData\Local\Temp\0.15274515998319993.exe (Trojan.Vilsel) -> Quarantined and deleted successfully.
c:\Users\theophane\AppData\Local\Temp\0.3764444342175973.exe (Trojan.Vilsel) -> Quarantined and deleted successfully.
c:\Users\theophane\AppData\Local\Temp\18d9ce30.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Users\theophane\AppData\Local\Temp\5adab155.exe (Spyware.Passwords.XGen) -> Quarantined and deleted successfully.
c:\Users\theophane\AppData\Local\Temp\FF7.exe (Spyware.Passwords.XGen) -> Quarantined and deleted successfully.
c:\Users\theophane\AppData\Roaming\15129\781.exe (Trojan.GBFE) -> Quarantined and deleted successfully.
c:\Users\theophane\AppData\Roaming\15129\mscj.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\Users\theophane\AppData\Roaming\15129\mscjm.exe (Trojan.VB) -> Quarantined and deleted successfully.
c:\Users\theophane\downloads\mywebfacesetup2.3.70.1.nosa.nohp.grfox000.exe (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\Windows\Temp\QUE3938.tmp\upgrade.exe (Adware.Dropper.Gen) -> Quarantined and deleted successfully.
c:\Windows\Temp\QUE4578.tmp\upgrade.exe (Adware.Dropper.Gen) -> Quarantined and deleted successfully.
c:\Windows\Temp\QUE74E1.tmp\upgrade.exe (Adware.Dropper.Gen) -> Quarantined and deleted successfully.
c:\Windows\Temp\QUEBBCF.tmp\upgrade.exe (Adware.Dropper.Gen) -> Quarantined and deleted successfully.
c:\Windows\Temp\QUECCA1.tmp\upgrade.exe (Adware.Dropper.Gen) -> Quarantined and deleted successfully.
c:\Windows\Temp\QUED45E.tmp\upgrade.exe (Adware.Dropper.Gen) -> Quarantined and deleted successfully.
c:\Windows\Temp\QUED548.tmp\upgrade.exe (Adware.Dropper.Gen) -> Quarantined and deleted successfully.
c:\Users\theophane\AppData\Roaming\microsoft\Windows\start menu\Programs\security shield.lnk (Rogue.SecurityShield) -> Quarantined and deleted successfully.
c:\Users\theophane\favorites\myquickfinder.url (Malware.Trace) -> Quarantined and deleted successfully.
c:\program files\mozilla firefox\searchplugins\questservice129.xml (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\mozilla firefox\searchplugins\questservice133.xml (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\mozilla firefox\searchplugins\questservice135.xml (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\mozilla firefox\searchplugins\questservice137.xml (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\mozilla firefox\searchplugins\questservice141.xml (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\mozilla firefox\searchplugins\questservice143.xml (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\mozilla firefox\searchplugins\questservice145.xml (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\Users\theophane\AppData\Roaming\microsoft\Windows\start menu\Programs\security tool.lnk (Rogue.SecurityTool) -> Quarantined and deleted successfully.
c:\Users\theophane\AppData\Local\Temp\csrss.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\program files\internet today\1.1.0.1190\internettoday.exe (Adware.Agent) -> Quarantined and deleted successfully.
c:\programdata\solt lake software\pro antispyware 2009\LOG\20081114223856568.log (Rogue.ProAntiSpyware) -> Quarantined and deleted successfully.
c:\programdata\solt lake software\pro antispyware 2009\LOG\20081114224221828.log (Rogue.ProAntiSpyware) -> Quarantined and deleted successfully.
c:\programdata\solt lake software\pro antispyware 2009\LOG\20081114225735847.log (Rogue.ProAntiSpyware) -> Quarantined and deleted successfully.
c:\programdata\solt lake software\pro antispyware 2009\LOG\20081116120308542.log (Rogue.ProAntiSpyware) -> Quarantined and deleted successfully.
c:\programdata\solt lake software\pro antispyware 2009\LOG\20081116181758703.log (Rogue.ProAntiSpyware) -> Quarantined and deleted successfully.
c:\programdata\solt lake software\pro antispyware 2009\LOG\20081121170024283.log (Rogue.ProAntiSpyware) -> Quarantined and deleted successfully.
c:\programdata\solt lake software\pro antispyware 2009\LOG\20081121210518738.log (Rogue.ProAntiSpyware) -> Quarantined and deleted successfully.
c:\programdata\solt lake software\pro antispyware 2009\LOG\20081205171153420.log (Rogue.ProAntiSpyware) -> Quarantined and deleted successfully.
c:\program files\automated content enhancer\4.1.0.5190\acecommon.dll (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\automated content enhancer\4.1.0.5190\aceieaddonsub.dll (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\automated content enhancer\4.1.0.5190\aceieaddonsubl.dll (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\automated content enhancer\4.1.0.5190\acepx.exe (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\automated content enhancer\4.1.0.5190\unins000.dat (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\automated content enhancer\4.1.0.5190\unins000.exe (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\automated content enhancer\4.1.0.5190\Data\config.md (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\automated content enhancer\4.1.0.5190\FF\chrome.manifest (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\automated content enhancer\4.1.0.5190\FF\install.rdf (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\automated content enhancer\4.1.0.5190\FF\chrome\ACEAddOn.jar (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\automated content enhancer\4.1.0.5190\FF\chrome\content\ACEAddOn.js (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\automated content enhancer\4.1.0.5190\FF\chrome\content\ACEAddOn.xul (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\automated content enhancer\4.1.0.5190\FF\components\aceffaddon.dll (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\automated content enhancer\4.1.0.5190\FF\components\aceffaddon.xpt (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\automated content enhancer\4.1.0.5190\FF\components\aceffhelpercomponent.js (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\content management wizard\1.1.0.1870\cmwpx.exe (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\content management wizard\1.1.0.1870\config.mx (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\content management wizard\1.1.0.1870\data.mx (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\content management wizard\1.1.0.1870\exclude.mx (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\content management wizard\1.1.0.1870\matchingdata.zd5 (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\content management wizard\1.1.0.1870\pxtmpdata.mx (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\content management wizard\1.1.0.1870\unins000.dat (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\content management wizard\1.1.0.1870\unins000.exe (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\customized platform advancer\3.1.0.1630\cpacommon.dll (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\customized platform advancer\3.1.0.1630\cpaieaddonsub.dll (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\customized platform advancer\3.1.0.1630\cpapx.exe (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\customized platform advancer\3.1.0.1630\unins000.dat (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\customized platform advancer\3.1.0.1630\unins000.exe (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\customized platform advancer\3.1.0.1630\Data\config.md (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\customized platform advancer\3.1.0.1630\FF\chrome.manifest (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\customized platform advancer\3.1.0.1630\FF\install.rdf (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\customized platform advancer\3.1.0.1630\FF\chrome\CPAAddOn.jar (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\customized platform advancer\3.1.0.1630\FF\chrome\content\CPAAddOn.js (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\customized platform advancer\3.1.0.1630\FF\chrome\content\CPAAddOn.xul (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\customized platform advancer\3.1.0.1630\FF\components\cpaffaddon.dll (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\customized platform advancer\3.1.0.1630\FF\components\cpaffaddon.xpt (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\customized platform advancer\3.1.0.1630\FF\components\cpaffhelpercomponent.js (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\internet today\1.1.0.1190\internettoday.ico (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\internet today\1.1.0.1190\internettoday.skf (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\internet today\1.1.0.1190\mfc80.dll (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\internet today\1.1.0.1190\microsoft.vc80.mfc.manifest (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\internet today\1.1.0.1190\pixellogexe.exe (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\internet today\1.1.0.1190\skincrafterdll.dll (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\internet today\1.1.0.1190\unins000.dat (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\internet today\1.1.0.1190\unins000.exe (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\questservice\questservice.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\questservice\uninstall.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files\textual content provider\1.1.0.1610\tcppx.exe (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\textual content provider\1.1.0.1610\unins000.dat (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\textual content provider\1.1.0.1610\unins000.exe (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\textual content provider\1.1.0.1610\data\pxtmpdata.mx (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\textual content provider\1.1.0.1610\data\tp_config.mx (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\textual content provider\1.1.0.1610\data\TP_Data.mx (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\textual content provider\1.1.0.1610\data\tp_domainexcludelist.mx (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\textual content provider\1.1.0.1610\for_anti_av\1.1.0.1610\TCPIE.dll (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\web search operator\3.1.0.1840\unins000.dat (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\web search operator\3.1.0.1840\unins000.exe (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\web search operator\3.1.0.1840\wsocommon.dll (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\web search operator\3.1.0.1840\wsopx.exe (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\web search operator\3.1.0.1840\Data\config.md (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\web search operator\3.1.0.1840\FF\chrome.manifest (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\web search operator\3.1.0.1840\FF\install.rdf (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\web search operator\3.1.0.1840\FF\chrome\WSOAddOn.jar (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\web search operator\3.1.0.1840\FF\chrome\content\WSOAddOn.js (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\web search operator\3.1.0.1840\FF\chrome\content\WSOAddOn.xul (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\web search operator\3.1.0.1840\FF\components\wsoffaddon.xpt (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\web search operator\3.1.0.1840\FF\components\wsoffhelpercomponent.js (Adware.Agent) -> Quarantined and deleted successfully.
c:\Users\theophane\local settings\application data\textual content provider\1.1.0.1610\Data\tp_config.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\Users\theophane\local settings\application data\textual content provider\1.1.0.1610\Data\TP_Data.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\Users\theophane\local settings\application data\textual content provider\1.1.0.1610\Data\tp_domainexcludelist.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\Users\theophane\local settings\application data\web search operator\3.1.0.1840\config.md (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\Users\theophane\downloads\rundll32.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.


j'ai tout supprimé et du coup le virus n'apparait plus
est ce finis ?
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 7
Utilisateur anonyme
29 déc. 2010 à 18:56
Re


Non;poursuis avec ceci:


1)Vide la quarantaine de Malwaresbytes.



2) Télécharge Ad-remover ( de C_XX ) sur ton bureau :

http://www.teamxscript.org/adremoverTelechargement.html

! Déconnecte toi et ferme toutes applications en cours !

* Double clique ou clic droit (exécuter en tant que admin...sur Vista et Windows7) sur "Ad-R.exe" pour lancer l'installation et laisse les paramètres d'installation par défaut.

* Double-clique ou clic droit (exécuter en tant que admin...sur Vista et Windows 7) sur le raccourci Ad-remover qui est sur ton bureau pour lancer l'outil .

* Au menu principal choisis l'option "Nettoyer"
et sur [entrée] .

* Laisse travailler l'outil et ne touche à rien ...

--> Poste le rapport qui apparaît à la fin , sur le forum ...

( Le rapport est sauvegardé aussi sous C:\Ad-report.log )
( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )

Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.


Les toolbars, c'est pas obligatoire ( par Malekal ) :https://forum.malekal.com/viewtopic.php?t=6173&start=


@+
0
Réponse 6 / 7
bill
29 déc. 2010 à 19:10
voila le rapport
======= RAPPORT D'AD-REMOVER 2.0.0.2,C | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 22/12/10 à 11:40
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 18:59:32 le 29/12/2010, Mode normal

Microsoft® Windows Vista(TM) Édition Familiale Premium Service Pack 2 (X86)
Theophane@PC-DE-THEOPHANE (Micro-Star International MSI Notebook ER710)

============== ACTION(S) ==============


Dossier supprimé: C:\Users\Theophane\AppData\LocalLow\Automated Content Enhancer
Dossier supprimé: C:\Users\Theophane\AppData\LocalLow\Customized Platform Advancer
Dossier supprimé: C:\Users\Theophane\AppData\LocalLow\FunWebProducts
Dossier supprimé: C:\Users\Theophane\AppData\LocalLow\MyWebSearch
Fichier supprimé: C:\Program Files\Windows Live\Messenger\Riched20.dll
Fichier supprimé: C:\Program Files\Windows Live\Messenger\Msimg32.dll

(!) -- Fichiers temporaires supprimés.


-- Fichier ouvert: C:\Users\Theophane\AppData\Roaming\Mozilla\FireFox\Profiles\2p9hcnxe.default\Prefs.js --
Ligne supprimée:
Ligne supprimée:
Ligne supprimée: user_pref("general.useragent.extra.hotvideobar", "hotvideobar_1_2_82408361376146_771_39 VB_gameztar"...
Ligne supprimée: user_pref("hotvideobar.startonce", "false");
-- Fichier Fermé --


Clé supprimée: HKLM\Software\Classes\TypeLib\{819FFE20-35C7-4925-8CDA-4E0E2DB94302}
Clé supprimée: HKLM\Software\Classes\ExplorerBar.CMW
Clé supprimée: HKLM\Software\Classes\ExplorerBar.CMW.1
Clé supprimée: HKLM\Software\Classes\ExplorerBar.TCP
Clé supprimée: HKLM\Software\Classes\ExplorerBar.TCP.1
Clé supprimée: HKLM\Software\AppDataLow\Software\Automated Content Enhancer
Clé supprimée: HKLM\Software\AppDataLow\Software\Customized Platform Advancer
Clé supprimée: HKLM\Software\AppDataLow\Software\Web Search Operator
Clé supprimée: HKCU\Software\FunWebProducts
Clé supprimée: HKCU\Software\AppDataLow\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}
Clé supprimée: HKCU\Software\AppDataLow\Software\Automated Content Enhancer
Clé supprimée: HKCU\Software\AppDataLow\Software\CMW
Clé supprimée: HKCU\Software\AppDataLow\Software\Customized Platform Advancer
Clé supprimée: HKCU\Software\AppDataLow\Software\Fun Web Products
Clé supprimée: HKCU\Software\AppDataLow\Software\Gameztar Toolbar
Clé supprimée: HKCU\Software\AppDataLow\Software\Media Access Startup
Clé supprimée: HKCU\Software\AppDataLow\Software\MyWebSearch
Clé supprimée: HKCU\Software\AppDataLow\Software\Web Search Operator
Clé supprimée: HKCU\Software\AppDataLow\118f0958-18d7-b612-a4e5-013077f2cf40
Clé supprimée: HKLM\Software\Classes\Installer\Products\05391F592A3AB1944A4045DB3DD44BD9
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\05391F592A3AB1944A4045DB3DD44BD9
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{#EVAT_GUID}
Clé supprimée: HKLM\Software\MozillaPlugins\@mywebsearch.com/Plugin

Valeur supprimée: HKLM\Software\Mozilla\Firefox\Extensions|m3ffxtbr@mywebsearch.com


============== SCAN ADDITIONNEL ==============

** Mozilla Firefox Version [3.5.15 (fr)] **

-- C:\Users\Theophane\AppData\Roaming\Mozilla\FireFox\Profiles\2p9hcnxe.default\Prefs.js --
browser.download.dir, C:\\Users\\Theophane\\Downloads
browser.search.defaultenginename, Bing
browser.search.defaulturl, hxxp://www.bing.com/search?FORM=IEFM1&q=
browser.search.selectedEngine, Google
browser.startup.homepage, hxxp://fr.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:fr:official
browser.startup.homepage_override.mstone, rv:1.9.1.15
keyword.URL, hxxp://www.bing.com/search?FORM=IEFM1&q=

========================================

** Internet Explorer Version [8.0.6001.18999] **

[HKCU\Software\Microsoft\Internet Explorer\Main]
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Do404Search: 0x01000000
Local Page: C:\Windows\system32\blank.htm
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Show_ToolBar: yes
Start Page: hxxp://fr.msn.com/

[HKLM\Software\Microsoft\Internet Explorer\Main]
AutoHide: yes
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Local Page: C:\Windows\System32\blank.htm
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/

[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
Tabs: res://ieframe.dll/tabswelcome.htm
Blank: res://mshtml.dll/blank.htm

========================================

C:\Program Files\Ad-Remover\Quarantine: 112 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 16 Fichier(s)

C:\Ad-Report-CLEAN[1].txt - 29/12/2010 (4958 Octet(s))

Fin à: 19:01:28, 29/12/2010

============== E.O.F ==============
0
Réponse 7 / 7
Utilisateur anonyme
29 déc. 2010 à 20:54
Re

# Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.


Télécharge et installe UsbFix de El Desaparecido , C_XX & Chimay8
Ici http://www.teamxscript.org/usbfixTelechargement.html

Tutoriel de Malekal_Morte si besoin, merci à lui : https://www.malekal.com/usbfix-supprimer-virus-usb/

Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d avoir été infectés sans les ouvrir


# Clic droit "Exécuter en tant qu'administrateur" sur le raccourci UsbFix présent sur ton bureau.

# Choisi Suppression

# Laisse travailler l outil.

# Ensuite post le rapport UsbFix.txt qui apparaîtra.

# Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque. (C:\UsbFix.txt)

(CTRL+A Pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)


@+
0

Discussions similaires

"Nom de l'adresse" lors d'une inscription sur une site
ScarexStupid -
Rossignol -

9 réponses
Annuaire portable gratuit à partir d'un nom
dani26 -
Authority -

9 réponses
Est ce que le site tlauncher est dangereux ?
caribou -
bazfile -

1 réponse
Google Chrome "  Échec de l'analyse antivirus "
jmpower -
Coco71 -

15 réponses
A quoi correspond cette croix sur snapchat
Sbnet -
Lili -

6 réponses