Sujet Précédent Sujet Suivant

Supprimer MS removal tool

Scandrino -  
Valuu Messages postés 2258 Statut Contributeur -
Bonjour,

depuis hier soir j'ai le virus ms removal tool sur mon ordinateur et étant nullissime en informatique je ne comprends rien aux indications données sur les autres messages pour le supprimer. Pouvez-vous m'aider ?
Merci beaucoup.
A voir également:

7 réponses

Réponse 1 / 7
Valuu Messages postés 2258 Statut Contributeur 201
 
Bonjour :)

* Télécharge RogueKiller sur le bureau
* Quitte tous les programmes en cours
* Sous Vista/Seven , clic droit -> lancer en tant qu'administrateur
* Sinon lance simplement RogueKiller.exe
* Lorsque demandé, tape 1 et valide
* Un rapport à dû s'ouvrir (RKreport.txt se trouve également à côté de l'exécutable), donner son contenu à la personne qui vous aide
* Si le programme a été bloqué, ne pas hésiter a essayer plusieurs fois. Si vraiment cela ne passe pas (ça peut arriver), le renommer en winlogon.exe
0
Réponse 2 / 7
Scandrino
 
RogueKiller V4.3.7 par Tigzy
contact sur http://www.sur-la-toile.com
mail: tigzyRK<at>gmail<dot>com
Remontees: http://www.sur-la-toile.com/discussion-193725-1-BRogueKillerD-Remontees.html

Systeme d'exploitation: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Demarrage : Mode normal
Utilisateur: Administrateur [Droits d'admin]
Mode: Recherche -- Date : 07/04/2011 21:40:56

Processus malicieux: 0

Entrees de registre: 2
[APPDT/TMP/DESKTOP] HKCU\[...]\RunOnce : mMe06511nMgOd06511 (C:\Documents and Settings\All Users\Application Data\mMe06511nMgOd06511\mMe06511nMgOd06511.exe) -> FOUND
[APPDT/TMP/DESKTOP] HKUS\S-1-5-21-3287185371-2355442775-3374723605-500[...]\RunOnce : mMe06511nMgOd06511 (C:\Documents and Settings\All Users\Application Data\mMe06511nMgOd06511\mMe06511nMgOd06511.exe) -> FOUND

Fichier HOSTS:

Termine : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt
0
Scandrino
 
Et maintenant je fais quoi ? :)
0
Réponse 3 / 7
Valuu Messages postés 2258 Statut Contributeur 201
 
* Télécharge RogueKiller sur le bureau
* Quitte tous les programmes en cours
* Sous Vista/Seven , clic droit -> lancer en tant qu'administrateur
* Sinon lance simplement RogueKiller.exe
* Lorsque demandé, tape 2 et valide
* Un rapport à dû s'ouvrir (RKreport.txt se trouve également à côté de l'exécutable), donner son contenu à la personne qui vous aide
* Si le programme a été bloqué, ne pas hésiter a essayer plusieurs fois. Si vraiment cela ne passe pas (ça peut arriver), le renommer en winlogon.exe

MBAM
* Télécharge Malwarebytes' Anti-Malware
* Tu auras un tutoriel à ta disposition pour l'installer et l'utiliser correctement.
* Fais la mise à jour du logiciel (elle se fait normalement à l'installation)
* Lance une analyse complète en cliquant sur "Exécuter un examen complet"
* Sélectionne les disques que tu veux analyser et clique sur "Lancer l'examen"
* L'analyse peut durer un bon moment.....
* Une fois l'analyse terminée, clique sur "OK" puis sur "Afficher les résultats"
* Vérifie que tout est bien coché et clique sur "Supprimer la sélection" => et ensuite sur "OK"
* Il se pourrait que certains fichiers devront être supprimés au redémarrage du PC... Fais le en cliquant sur "oui" à la question posée
* Un rapport va s'ouvrir dans le bloc note... Fais un copié/collé du rapport dans ta prochaine réponse sur le forum
0
Réponse 4 / 7
Scandrino
 
RogueKiller V4.3.7 par Tigzy
contact sur http://www.sur-la-toile.com
mail: tigzyRK<at>gmail<dot>com
Remontees: http://www.sur-la-toile.com/discussion-193725-1-BRogueKillerD-Remontees.html

Systeme d'exploitation: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Demarrage : Mode normal
Utilisateur: Administrateur [Droits d'admin]
Mode: Suppression -- Date : 07/04/2011 22:06:02

Processus malicieux: 0

Entrees de registre: 1
[APPDT/TMP/DESKTOP] HKCU\[...]\RunOnce : mMe06511nMgOd06511 (C:\Documents and Settings\All Users\Application Data\mMe06511nMgOd06511\mMe06511nMgOd06511.exe) -> DELETED

Fichier HOSTS:

Termine : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt
0
Scandrino
 
Par contre quand j'essaye de mettre le deuxieme rapport il me dit " Titre du message non renseigné"
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 7
Scandrino Messages postés 2 Statut Membre
 
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Version de la base de données: 6304

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

08/04/2011 09:09:22
mbam-log-2011-04-08 (09-09-22).txt

Type d'examen: Examen complet (C:\|D:\|K:\|)
Elément(s) analysé(s): 419828
Temps écoulé: 3 heure(s), 39 minute(s), 31 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 96
Valeur(s) du Registre infectée(s): 6
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 7
Fichier(s) infecté(s): 28

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{1C044AAD-7955-4cbd-8175-501A165C4E5D} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1C044AAD-7955-4CBD-8175-501A165C4E5D} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{460AC4DB-B0DE-4626-A0F0-175DD84DCB9B} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{5B2E150D-4C8A-40E4-8C36-DD9C02771C67} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{CCC6E232-AA4C-4813-A019-9C14B27776B6} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{49155DAE-C471-40FA-98EE-B2B3CAD115CE} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Toolbar.HtmlMenuUI.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Toolbar.HtmlMenuUI (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{627D894A-8A77-416E-B522-432EAF2C818E} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Toolbar.ToolbarCtl.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Toolbar.ToolbarCtl (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7138F250-5B72-48DD-ADFB-9A83B429DD9E} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{0923208C-E259-4ED5-A778-CB607DA350AD} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3F0915B8-B238-4C2D-AD1E-60DB1E14D27A} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Srv.CoreServices.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Srv.CoreServices (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8971CB48-9FCA-445A-BE77-E8E8A4CC9DF7} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{08755390-F46D-4D09-968C-3430166B3189} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{34E29700-0D13-46AA-B9A5-ACE68E21A091} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\HostOL.MailAnim.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\HostOL.MailAnim (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{93B0FA7B-50F6-41B4-AC7E-612A72CE8C3C} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{087C4054-0A2B-4F35-B0DB-BED3E21650F4} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{00B77587-BE1B-4201-B8E9-09FCF50AB771} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\HBMain.CommBand.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\HBMain.CommBand (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{93B0FA7B-50F6-41B4-AC7E-612A72CE8C3C} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{93B0FA7B-50F6-41B4-AC7E-612A72CE8C3C} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{B0CB585F-3271-4E42-88D9-AE5C9330D554} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{229D2451-A617-4B30-B5E8-8138694240CB} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{4E8B851B-05B0-4BAF-B24D-D0DFE88DDED3} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CoreSrv.LfgAx.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CoreSrv.LfgAx (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{B88E4484-3FF6-4EA9-815B-A54FE20D4387} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\HostOL.WebmailSend.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\HostOL.WebmailSend (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{BF1BF02C-5A86-4ECF-ADAC-472C54C4D21E} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{BFC08CFF-C737-4433-BD5A-0EE7EFCFEE54} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{9720DE03-5820-4059-B4A4-639D5E52BD09} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{E420A65F-9984-4B8C-9FA9-1ED69D3B0A13} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\InstIE.HbInstObj.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\InstIE.HbInstObj (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{BFC08CFF-C737-4433-BD5A-0EE7EFCFEE54} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{D2221CCB-F2BB-4858-AAD4-57C754153603} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CoreSrv.CoreServices.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CoreSrv.CoreServices (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{EA0B6A1A-6A59-4A58-9C41-9966504898A5} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbr.HbMain.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbr.HbMain (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{C23FA5A4-1FEA-419F-8B14-F7465DF062BC} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2B81F920-6660-4F76-93BF-B1C67BF5D1A0} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Products\568267ACFC5644DAB06F058006DDBAE3 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07AA283A-43D7-4CBE-A064-32A21112D94D} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{09F1ADAC-76D8-4D0F-99A5-5C907DADB988} (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1A26F07F-0D60-4835-91CF-1E1766A0EC56} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2178F3FB-2560-458F-BDEE-631E2FE0DFE4} (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{343CE214-9998-4B21-A151-FFE970167297} (Rogue.Installer) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B18DD50-C996-44FC-AC52-0FECFF82ED58} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{549B5CA7-4A86-11D7-A4DF-000874180BB3} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{549B5CA7-4A86-11D7-A4DF-000874180BB3} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{54A3F8B7-228E-4ED8-895B-DE832B2C3959} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{54A3F8B7-228E-4ED8-895B-DE832B2C3959} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6D794CB4-C7CD-4C6F-BFDC-9B77AFBDC02C} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{90B5A95A-AFD5-4D11-B9BD-A69D53D22226} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{90B5A95A-AFD5-4D11-B9BD-A69D53D22226} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{B64F4A7C-97C9-11DA-8BDE-F66BAD1E3F3A} (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{B8B55274-0F9A-41E5-9067-A3539BD9E860} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C2EEB4FA-B6D6-41B9-9CFA-ABA87F862BCB} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{E596DF5F-4239-4D40-8367-EBADF0165917} (Rogue.Installer) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F919FBD3-A96B-4679-AF26-F551439BB5FD} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EDDBB5EE-BB64-4bfc-9DBE-E7C85941335B} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AVExplorer.ShellExtension (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AVExplorer.ShellExtension.2 (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\HostIE.Bho (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\HostIE.Bho.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\HotbarAX.UserProfiles (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\HotbarAX.UserProfiles.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\HotbarSA (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IProxyProvider (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\HostOL.MailAnim (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\Addins\HostOL.MailAnim (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\__c006E5E4 (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\__c0092A89 (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\__c009E7A9 (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HotbarSA (Adware.Hotbar) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ShellBrowser\{07AA283A-43D7-4CBE-A064-32A21112D94D} (Adware.Zango) -> Value: {07AA283A-43D7-4CBE-A064-32A21112D94D} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{07AA283A-43D7-4CBE-A064-32A21112D94D} (Adware.Zango) -> Value: {07AA283A-43D7-4CBE-A064-32A21112D94D} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ShellBrowser\{07AA283A-43D7-4CBE-A064-32A21112D94D} (Adware.Zango) -> Value: {07AA283A-43D7-4CBE-A064-32A21112D94D} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{07AA283A-43D7-4CBE-A064-32A21112D94D} (Adware.Zango) -> Value: {07AA283A-43D7-4CBE-A064-32A21112D94D} -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\extensions\Hotbar@Hotbar.com (Adware.Hotbar) -> Value: Hotbar@Hotbar.com -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\BootStera (Rogue.WinAntiVirus) -> Value: BootStera -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
c:\documents and settings\all users\application data\2aca5cc3-0f83-453d-a079-1076fe1a8b65 (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\HotbarSA (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\documents and settings\administrateur\application data\weatherdpa (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\documents and settings\administrateur\application data\weatherdpa\Weather (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\program files\winantivirus pro 2006 (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
c:\program files\winantivirus pro 2006\PGBase (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
c:\documents and settings\all users\menu démarrer\programmes\Hotbar (Adware.Hotbar) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
c:\documents and settings\administrateur\application data\Sun\Java\deployment\cache\6.0\18\2b331e92-729ae83f (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\mme06511nmgod06511\mme06511nmgod06511.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\program files\mozilla firefox\rk_quarantine\mme06511nmgod06511.exe.vir (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\clkcnt.txt (Trojan.Vundo) -> Quarantined and deleted successfully.
c:\WINDOWS\bm93a4e35c.txt (Trojan.Vundo) -> Quarantined and deleted successfully.
c:\WINDOWS\bm93a4e35c.xml (Trojan.Vundo) -> Quarantined and deleted successfully.
c:\WINDOWS\cookies.ini (Malware.Trace) -> Quarantined and deleted successfully.
c:\WINDOWS\pskt.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\HotbarSA\HotbarSA.dat (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\HotbarSA\hotbarsaabout.mht (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\HotbarSA\hotbarsaau.dat (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\HotbarSA\hotbarsaeula.mht (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\HotbarSA\hotbarsa_gdf.dat (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\HotbarSA\hotbarsa_kyf.dat (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\documents and settings\administrateur\application data\weatherdpa\Weather\log.txt (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\program files\winantivirus pro 2006\history.db (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
c:\program files\winantivirus pro 2006\License.rtf (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
c:\program files\winantivirus pro 2006\phigh.bin (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
c:\program files\winantivirus pro 2006\plugins.htm (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
c:\program files\winantivirus pro 2006\pmedium.bin (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
c:\program files\winantivirus pro 2006\prerules.xml (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
c:\program files\winantivirus pro 2006\unins000.exe (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
c:\program files\winantivirus pro 2006\uninstallpage.html (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
c:\program files\winantivirus pro 2006\PGBase\vbpv.dat (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
c:\documents and settings\all users\menu démarrer\programmes\Hotbar\about hotbar.lnk (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\documents and settings\all users\menu démarrer\programmes\Hotbar\hotbar customer support center.lnk (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\documents and settings\all users\menu démarrer\programmes\Hotbar\reset cursor.lnk (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\documents and settings\all users\menu démarrer\programmes\Hotbar\uninstall hotbar.lnk (Adware.Hotbar) -> Quarantined and deleted successfully.
0
Scandrino Messages postés 2 Statut Membre
 
Voila desolé de la longueur du rapport :) C'est terminé ? Parce que là mon fond d'ecran est redevenu normal.
0
Réponse 6 / 7
Valuu Messages postés 2258 Statut Contributeur 201
 
Hé bah ! pour du ménage c'est du ménage !

T'avais principalement du rogue et de l'adware :
Rogue : faux logiciel de sécurité qui t'incite à le télécharger pour virer tes douze mille menaces de ton pc alors qu'en fait t'as rien...

Adware : logiciel qui affiche de la publicité intempestive.

On va vérifier pour les adwares si il reste qqch :
* Télécharge AD-Remover(de la TeamXscript) sur ton Bureau.
Déconnecte toi et ferme toutes les applications en cours
* Double-clique sur l'icône AD-Remover
* Au menu principal, clique sur Nettoyer
* Confirme le lancement de l'analyse et laisse l'outil travailler
* Poste le rapport qui apparait à la fin (il est aussi sauvegardé sous C:\Ad-report-CLEAN.txt )

Puis,
Utilise ce logiciel de diagnostic :

* Télécharge ZHPDiag (de Nicolas Coolman)
* Laisse toi guider lors de l'installation, il se lancera automatiquement à la fin.
* Clique sur l'icône représentant une loupe (« Lancer le diagnostic »)
* Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
* Héberge le rapport ZHPDiag.txt sur ce site, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum.
0
Réponse 7 / 7
mpc
 
j'ai eu le même problème, la meilleure solution est de restaurer automatiquement l'ordinateur à une date antérieure. avant l'entrée du virus, ça fonctionne bien
0
Valuu Messages postés 2258 Statut Contributeur 201
 
pas forcément de date assez ancienne pour restaurer, mais généralement ça se vire bien.
0