Quelques programmes ne s'ouvrent plus !
Résolu
yazid20
Messages postés
74
Date d'inscription
Statut
Membre
Dernière intervention
-
fabul Messages postés 40888 Date d'inscription Statut Modérateur Dernière intervention -
fabul Messages postés 40888 Date d'inscription Statut Modérateur Dernière intervention -
Bonjour,
Quelques logiciels sur mon pc comme Utorrent, Document texte ne s'ouvrent plus. Pourriez-vous m'aider?
J'ai Windows 7 :)
Merci d'avance :)
Quelques logiciels sur mon pc comme Utorrent, Document texte ne s'ouvrent plus. Pourriez-vous m'aider?
J'ai Windows 7 :)
Merci d'avance :)
A voir également:
- Quelques programmes ne s'ouvrent plus !
- Programmes au démarrage windows - Guide
- Mettre en veille des programmes - Guide
- Cette action ne peut pas être réalisée car le fichier est ouvert dans un autre programme - Guide
- Complément logiciel microsoft publier au format pdf ou xps pour les programmes microsoft office 2007 - Télécharger - Bureautique
- Certains sites ne s'ouvrent pas ✓ - Forum Microsoft Edge / Internet Explorer
5 réponses
Salut,
Pense tu a une infection ?
Pense tu a une infection ?
yazid20
Messages postés
74
Date d'inscription
Statut
Membre
Dernière intervention
1
Oui je pense qu'il y a un programme qui bloque l'ouverture car avant ça marchait
Fais un nettoyage avec AdwCleaner
Installe RegRun Reanimator
Clic sur "Fix problems".
Clic sur "Scan windows startup...".
Coche la case "Use deep level scanning once (For advanced users)".
Clic sur "Make scan now".
Clic sur "Fix problems".
Si il y a plus d'une quinzaine de détections, Prohibited/Suspicious , tu peux me le dire, on procédera différemment.
Clic-droit dans le milieu de la fenêtre et choisis "Save to file" pour copier le résultat dans un fichier texte.
Nomme le 1 (tout court), le .txt sera généré automatiquement.
Clic sur la flèche verte pour passer a l'item suivant, fait comme pour le premier et nomme le 2, et ainsi de suite avec les autres.
A la fin, clic sur "Exit".
Poste les résultats contenus dans les fichiers texte dans ton prochain message. (Lire en bas)
Met un espace d'une ligne entre chaque item détecté pour que ça soit lisible.
PS:
Si l'ouverture des document txt ne fonctionne pas , poste les sur Cjoint et donne nous les lien Cjoint.
Installe RegRun Reanimator
Clic sur "Fix problems".
Clic sur "Scan windows startup...".
Coche la case "Use deep level scanning once (For advanced users)".
Clic sur "Make scan now".
Clic sur "Fix problems".
Si il y a plus d'une quinzaine de détections, Prohibited/Suspicious , tu peux me le dire, on procédera différemment.
Clic-droit dans le milieu de la fenêtre et choisis "Save to file" pour copier le résultat dans un fichier texte.
Nomme le 1 (tout court), le .txt sera généré automatiquement.
Clic sur la flèche verte pour passer a l'item suivant, fait comme pour le premier et nomme le 2, et ainsi de suite avec les autres.
A la fin, clic sur "Exit".
Poste les résultats contenus dans les fichiers texte dans ton prochain message. (Lire en bas)
Met un espace d'une ligne entre chaque item détecté pour que ça soit lisible.
PS:
Si l'ouverture des document txt ne fonctionne pas , poste les sur Cjoint et donne nous les lien Cjoint.
Voilà
Item Name: Windows Live{87,0,105,0,110,0,100,0,111,0,119,0,115,0,32,0,76,0,105,0,118,0,101,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0(512)}
Author:
Related File: C:\Users\Cherkaoui\AppData\Roaming\Windows Live\vmgyorhygb.exe
Type: Zero Access Rootkit
Item Name: {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0(512)}
Author:
Related File:
Type: Zero Access Rootkit
Item Name: Windows Update Installer
Author:
Current Setting: C:\USERS\CHERKAOUI\APPDATA\ROAMING\WINDOWSUPDATE\UPDATER.EXE
Type: Registry Run
Item Name: DownSave
Author:
Current Setting: C:\PROGRAMDATA\DOWNSAVE\
Type: Unwanted Software Files
Item Name: RegularDeals
Author:
Current Setting: C:\PROGRAMDATA\REGULARDEALS\
Type: Unwanted Software Files
Item Name: netcut.exe
Author: Arcai.com
Related File: C:\PROGRAM FILES\NETCUT\NETCUT.EXE
Type: Running Processes
Item Name: shell
Author: Unknown
Related File: C:\Users\Cherkaoui\AppData\Roaming\WindowsUpdate\MSupdate.exe,explorer.exe,C:\Users\Cherkaoui\AppData\Roaming\Update\MSupdate.exe
Type: User Shell
Item Name: Windows Live
Author: Unknown
Related File: C:\USERS\CHERKAOUI\APPDATA\ROAMING\WINDOWS LIVE\VMGYORHYGB.EXE
Type: Explorer Run
Item Name: 2484766543
Author:
Related File: C:\PROGRA~2\msfpaittk.exe
Type: Explorer Run
Item Name: taskman
Author: Microsoft Corporation
Related File: C:\USERS\CHERKAOUI\APPDATA\ROAMING\WINDOWSUPDATE\MSUPDATE.EXE
Type: Winlogon System
Item Name: XFDriver
Author:
Current Setting: \??\C:\Program Files\Xfire2\XFDriver.sys
Type: Drivers
Item Name: Windows Live Installer
Author:
Current Setting: C:\USERS\CHERKAOUI\APPDATA\ROAMING\WINDOWSUPDATE\LIVE.EXE
Type: Registry Run
Item Name: Windows Update Manager
Author:
Current Setting: C:\USERS\CHERKAOUI\APPDATA\ROAMING\WINDOWSUPDATE\MSUPDATE.EXE
Type: Registry Run
Item Name: c731200
Author:
Current Setting: C:\USERS\CHERKAOUI\APPDATA\ROAMING\C731200
Type: Detected using Heuristic Algorithm
Item Name: VHDMP.SYS
Author:
Current Setting: C:\WINDOWS\SYSTEM32\DRIVERS\VHDMP.SYS
Type: Detected using Heuristic Algorithm
Item Name: adwcleaner_4.205.exe
Author:
Related File: C:\USERS\CHERKAOUI\DOWNLOADS\ADWCLEANER_4.205.EXE
Type: Running Processes
Item Name: RtVOsd.exe
Author: Realtek Semiconductor Corp.
Related File: C:\PROGRAM FILES\REALTEK\RTVOSD\RTVOSD.EXE
Type: Running Processes
Item Name: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Snapfish.lnk
Author:
Current Setting: https://www8.hp.com/fr/fr/home.html
Type: Internet Shortcuts
Item Name: Windows Live{87,0,105,0,110,0,100,0,111,0,119,0,115,0,32,0,76,0,105,0,118,0,101,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0(512)}
Author:
Related File: C:\Users\Cherkaoui\AppData\Roaming\Windows Live\vmgyorhygb.exe
Type: Zero Access Rootkit
Item Name: {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0(512)}
Author:
Related File:
Type: Zero Access Rootkit
Item Name: Windows Update Installer
Author:
Current Setting: C:\USERS\CHERKAOUI\APPDATA\ROAMING\WINDOWSUPDATE\UPDATER.EXE
Type: Registry Run
Item Name: DownSave
Author:
Current Setting: C:\PROGRAMDATA\DOWNSAVE\
Type: Unwanted Software Files
Item Name: RegularDeals
Author:
Current Setting: C:\PROGRAMDATA\REGULARDEALS\
Type: Unwanted Software Files
Item Name: netcut.exe
Author: Arcai.com
Related File: C:\PROGRAM FILES\NETCUT\NETCUT.EXE
Type: Running Processes
Item Name: shell
Author: Unknown
Related File: C:\Users\Cherkaoui\AppData\Roaming\WindowsUpdate\MSupdate.exe,explorer.exe,C:\Users\Cherkaoui\AppData\Roaming\Update\MSupdate.exe
Type: User Shell
Item Name: Windows Live
Author: Unknown
Related File: C:\USERS\CHERKAOUI\APPDATA\ROAMING\WINDOWS LIVE\VMGYORHYGB.EXE
Type: Explorer Run
Item Name: 2484766543
Author:
Related File: C:\PROGRA~2\msfpaittk.exe
Type: Explorer Run
Item Name: taskman
Author: Microsoft Corporation
Related File: C:\USERS\CHERKAOUI\APPDATA\ROAMING\WINDOWSUPDATE\MSUPDATE.EXE
Type: Winlogon System
Item Name: XFDriver
Author:
Current Setting: \??\C:\Program Files\Xfire2\XFDriver.sys
Type: Drivers
Item Name: Windows Live Installer
Author:
Current Setting: C:\USERS\CHERKAOUI\APPDATA\ROAMING\WINDOWSUPDATE\LIVE.EXE
Type: Registry Run
Item Name: Windows Update Manager
Author:
Current Setting: C:\USERS\CHERKAOUI\APPDATA\ROAMING\WINDOWSUPDATE\MSUPDATE.EXE
Type: Registry Run
Item Name: c731200
Author:
Current Setting: C:\USERS\CHERKAOUI\APPDATA\ROAMING\C731200
Type: Detected using Heuristic Algorithm
Item Name: VHDMP.SYS
Author:
Current Setting: C:\WINDOWS\SYSTEM32\DRIVERS\VHDMP.SYS
Type: Detected using Heuristic Algorithm
Item Name: adwcleaner_4.205.exe
Author:
Related File: C:\USERS\CHERKAOUI\DOWNLOADS\ADWCLEANER_4.205.EXE
Type: Running Processes
Item Name: RtVOsd.exe
Author: Realtek Semiconductor Corp.
Related File: C:\PROGRAM FILES\REALTEK\RTVOSD\RTVOSD.EXE
Type: Running Processes
Item Name: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Snapfish.lnk
Author:
Current Setting: https://www8.hp.com/fr/fr/home.html
Type: Internet Shortcuts
Recommence l'analyse et choisis False positive pour ceux la ->
Item Name: netcut.exe
Author: Arcai.com
Related File: C:\PROGRAM FILES\NETCUT\NETCUT.EXE
Type: Running Processes
Item Name: XFDriver
Author:
Current Setting: \??\C:\Program Files\Xfire2\XFDriver.sys
Type: Drivers
Item Name: VHDMP.SYS
Author:
Current Setting: C:\WINDOWS\SYSTEM32\DRIVERS\VHDMP.SYS
Type: Detected using Heuristic Algorithm
Item Name: adwcleaner_4.205.exe
Author:
Related File: C:\USERS\CHERKAOUI\DOWNLOADS\ADWCLEANER_4.205.EXE
Type: Running Processes
Item Name: RtVOsd.exe
Author: Realtek Semiconductor Corp.
Related File: C:\PROGRAM FILES\REALTEK\RTVOSD\RTVOSD.EXE
Type: Running Processes
Item Name: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Snapfish.lnk
Author:
Current Setting: HTTP://REDIRECT.HP.COM/SVS/RDR?TYPE=4&TP=ONLINESVS&S=SNAPFISH&PF=CNNB&LOCALE=FR_FR&BD=ALL&C=104
Type: Internet Shortcuts
Choisis Get it out -> Delete pour tous les autres.
Clic Reboot a la fin et accepte pour redémarrer le PC.
Au redémarrage, il y aura peut être une autre analyse, note ce qui reste comme tu viens de faire.
Item Name: netcut.exe
Author: Arcai.com
Related File: C:\PROGRAM FILES\NETCUT\NETCUT.EXE
Type: Running Processes
Item Name: XFDriver
Author:
Current Setting: \??\C:\Program Files\Xfire2\XFDriver.sys
Type: Drivers
Item Name: VHDMP.SYS
Author:
Current Setting: C:\WINDOWS\SYSTEM32\DRIVERS\VHDMP.SYS
Type: Detected using Heuristic Algorithm
Item Name: adwcleaner_4.205.exe
Author:
Related File: C:\USERS\CHERKAOUI\DOWNLOADS\ADWCLEANER_4.205.EXE
Type: Running Processes
Item Name: RtVOsd.exe
Author: Realtek Semiconductor Corp.
Related File: C:\PROGRAM FILES\REALTEK\RTVOSD\RTVOSD.EXE
Type: Running Processes
Item Name: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Snapfish.lnk
Author:
Current Setting: HTTP://REDIRECT.HP.COM/SVS/RDR?TYPE=4&TP=ONLINESVS&S=SNAPFISH&PF=CNNB&LOCALE=FR_FR&BD=ALL&C=104
Type: Internet Shortcuts
Choisis Get it out -> Delete pour tous les autres.
Clic Reboot a la fin et accepte pour redémarrer le PC.
Au redémarrage, il y aura peut être une autre analyse, note ce qui reste comme tu viens de faire.
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Tu a Zero Access Rootkit
Il faudra surement que tu te crée une clé USB bootable ou un CD de Hiren's boot CD et que tu lance Reanimator a partir du Mini Windows XP de Hiren's boot CD.
https://forums.commentcamarche.net/forum/affich-37585754-hiren-boot-cd-tutoriel
Lance Reanimator dans Program Files -> Greatis -> Reanimator
Supprime Zero Access Rootkit
Il faudra surement que tu te crée une clé USB bootable ou un CD de Hiren's boot CD et que tu lance Reanimator a partir du Mini Windows XP de Hiren's boot CD.
https://forums.commentcamarche.net/forum/affich-37585754-hiren-boot-cd-tutoriel
Lance Reanimator dans Program Files -> Greatis -> Reanimator
Supprime Zero Access Rootkit
Commence par faire ce que j'ai dit la: https://forums.commentcamarche.net/forum/affich-32040449-quelques-programmes-ne-s-ouvrent-plus#6
Ensuite,
Tu va devoir te créer un CD bootable de Hiren's boot CD
Booter sur le CD
Entrer dans le mini Windows XP de Hiren's boot CD.
Trouver Reanimator dans Program Files -> Greatis -> Reanimator.exe
L'exécuter
Analyser
Supprimer ça:
Item Name: Windows Live{87,0,105,0,110,0,100,0,111,0,119,0,115,0,32,0,76,0,105,0,118,0,101,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0(512)}
Author:
Related File: C:\Users\Cherkaoui\AppData\Roaming\Windows Live\vmgyorhygb.exe
Type: Zero Access Rootkit
Item Name: {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0(512)}
Author:
Related File:
Type: Zero Access Rootkit
Ensuite,
Tu va devoir te créer un CD bootable de Hiren's boot CD
Booter sur le CD
Entrer dans le mini Windows XP de Hiren's boot CD.
Trouver Reanimator dans Program Files -> Greatis -> Reanimator.exe
L'exécuter
Analyser
Supprimer ça:
Item Name: Windows Live{87,0,105,0,110,0,100,0,111,0,119,0,115,0,32,0,76,0,105,0,118,0,101,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0(512)}
Author:
Related File: C:\Users\Cherkaoui\AppData\Roaming\Windows Live\vmgyorhygb.exe
Type: Zero Access Rootkit
Item Name: {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0(512)}
Author:
Related File:
Type: Zero Access Rootkit