Supprimer MS removal tool
Fermé
Scandrino
-
7 avril 2011 à 21:27
Valuu Messages postés 2163 Date d'inscription lundi 4 octobre 2010 Statut Contributeur Dernière intervention 12 avril 2015 - 13 avril 2011 à 15:31
Valuu Messages postés 2163 Date d'inscription lundi 4 octobre 2010 Statut Contributeur Dernière intervention 12 avril 2015 - 13 avril 2011 à 15:31
A voir également:
- Supprimer MS removal tool
- Supprimer une page word - Guide
- Supprimer compte instagram - Guide
- Media creation tool - Télécharger - Systèmes d'exploitation
- Hp format tool - Télécharger - Stockage
- Supprimer edge - Guide
7 réponses
Valuu
Messages postés
2163
Date d'inscription
lundi 4 octobre 2010
Statut
Contributeur
Dernière intervention
12 avril 2015
201
7 avril 2011 à 21:35
7 avril 2011 à 21:35
Bonjour :)
* Télécharge RogueKiller sur le bureau
* Quitte tous les programmes en cours
* Sous Vista/Seven , clic droit -> lancer en tant qu'administrateur
* Sinon lance simplement RogueKiller.exe
* Lorsque demandé, tape 1 et valide
* Un rapport à dû s'ouvrir (RKreport.txt se trouve également à côté de l'exécutable), donner son contenu à la personne qui vous aide
* Si le programme a été bloqué, ne pas hésiter a essayer plusieurs fois. Si vraiment cela ne passe pas (ça peut arriver), le renommer en winlogon.exe
* Télécharge RogueKiller sur le bureau
* Quitte tous les programmes en cours
* Sous Vista/Seven , clic droit -> lancer en tant qu'administrateur
* Sinon lance simplement RogueKiller.exe
* Lorsque demandé, tape 1 et valide
* Un rapport à dû s'ouvrir (RKreport.txt se trouve également à côté de l'exécutable), donner son contenu à la personne qui vous aide
* Si le programme a été bloqué, ne pas hésiter a essayer plusieurs fois. Si vraiment cela ne passe pas (ça peut arriver), le renommer en winlogon.exe
RogueKiller V4.3.7 par Tigzy
contact sur http://www.sur-la-toile.com
mail: tigzyRK<at>gmail<dot>com
Remontees: http://www.sur-la-toile.com/discussion-193725-1-BRogueKillerD-Remontees.html
Systeme d'exploitation: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Demarrage : Mode normal
Utilisateur: Administrateur [Droits d'admin]
Mode: Recherche -- Date : 07/04/2011 21:40:56
Processus malicieux: 0
Entrees de registre: 2
[APPDT/TMP/DESKTOP] HKCU\[...]\RunOnce : mMe06511nMgOd06511 (C:\Documents and Settings\All Users\Application Data\mMe06511nMgOd06511\mMe06511nMgOd06511.exe) -> FOUND
[APPDT/TMP/DESKTOP] HKUS\S-1-5-21-3287185371-2355442775-3374723605-500[...]\RunOnce : mMe06511nMgOd06511 (C:\Documents and Settings\All Users\Application Data\mMe06511nMgOd06511\mMe06511nMgOd06511.exe) -> FOUND
Fichier HOSTS:
Termine : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt
contact sur http://www.sur-la-toile.com
mail: tigzyRK<at>gmail<dot>com
Remontees: http://www.sur-la-toile.com/discussion-193725-1-BRogueKillerD-Remontees.html
Systeme d'exploitation: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Demarrage : Mode normal
Utilisateur: Administrateur [Droits d'admin]
Mode: Recherche -- Date : 07/04/2011 21:40:56
Processus malicieux: 0
Entrees de registre: 2
[APPDT/TMP/DESKTOP] HKCU\[...]\RunOnce : mMe06511nMgOd06511 (C:\Documents and Settings\All Users\Application Data\mMe06511nMgOd06511\mMe06511nMgOd06511.exe) -> FOUND
[APPDT/TMP/DESKTOP] HKUS\S-1-5-21-3287185371-2355442775-3374723605-500[...]\RunOnce : mMe06511nMgOd06511 (C:\Documents and Settings\All Users\Application Data\mMe06511nMgOd06511\mMe06511nMgOd06511.exe) -> FOUND
Fichier HOSTS:
Termine : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt
Valuu
Messages postés
2163
Date d'inscription
lundi 4 octobre 2010
Statut
Contributeur
Dernière intervention
12 avril 2015
201
7 avril 2011 à 21:56
7 avril 2011 à 21:56
* Télécharge RogueKiller sur le bureau
* Quitte tous les programmes en cours
* Sous Vista/Seven , clic droit -> lancer en tant qu'administrateur
* Sinon lance simplement RogueKiller.exe
* Lorsque demandé, tape 2 et valide
* Un rapport à dû s'ouvrir (RKreport.txt se trouve également à côté de l'exécutable), donner son contenu à la personne qui vous aide
* Si le programme a été bloqué, ne pas hésiter a essayer plusieurs fois. Si vraiment cela ne passe pas (ça peut arriver), le renommer en winlogon.exe
MBAM
* Télécharge Malwarebytes' Anti-Malware
* Tu auras un tutoriel à ta disposition pour l'installer et l'utiliser correctement.
* Fais la mise à jour du logiciel (elle se fait normalement à l'installation)
* Lance une analyse complète en cliquant sur "Exécuter un examen complet"
* Sélectionne les disques que tu veux analyser et clique sur "Lancer l'examen"
* L'analyse peut durer un bon moment.....
* Une fois l'analyse terminée, clique sur "OK" puis sur "Afficher les résultats"
* Vérifie que tout est bien coché et clique sur "Supprimer la sélection" => et ensuite sur "OK"
* Il se pourrait que certains fichiers devront être supprimés au redémarrage du PC... Fais le en cliquant sur "oui" à la question posée
* Un rapport va s'ouvrir dans le bloc note... Fais un copié/collé du rapport dans ta prochaine réponse sur le forum
* Quitte tous les programmes en cours
* Sous Vista/Seven , clic droit -> lancer en tant qu'administrateur
* Sinon lance simplement RogueKiller.exe
* Lorsque demandé, tape 2 et valide
* Un rapport à dû s'ouvrir (RKreport.txt se trouve également à côté de l'exécutable), donner son contenu à la personne qui vous aide
* Si le programme a été bloqué, ne pas hésiter a essayer plusieurs fois. Si vraiment cela ne passe pas (ça peut arriver), le renommer en winlogon.exe
MBAM
* Télécharge Malwarebytes' Anti-Malware
* Tu auras un tutoriel à ta disposition pour l'installer et l'utiliser correctement.
* Fais la mise à jour du logiciel (elle se fait normalement à l'installation)
* Lance une analyse complète en cliquant sur "Exécuter un examen complet"
* Sélectionne les disques que tu veux analyser et clique sur "Lancer l'examen"
* L'analyse peut durer un bon moment.....
* Une fois l'analyse terminée, clique sur "OK" puis sur "Afficher les résultats"
* Vérifie que tout est bien coché et clique sur "Supprimer la sélection" => et ensuite sur "OK"
* Il se pourrait que certains fichiers devront être supprimés au redémarrage du PC... Fais le en cliquant sur "oui" à la question posée
* Un rapport va s'ouvrir dans le bloc note... Fais un copié/collé du rapport dans ta prochaine réponse sur le forum
RogueKiller V4.3.7 par Tigzy
contact sur http://www.sur-la-toile.com
mail: tigzyRK<at>gmail<dot>com
Remontees: http://www.sur-la-toile.com/discussion-193725-1-BRogueKillerD-Remontees.html
Systeme d'exploitation: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Demarrage : Mode normal
Utilisateur: Administrateur [Droits d'admin]
Mode: Suppression -- Date : 07/04/2011 22:06:02
Processus malicieux: 0
Entrees de registre: 1
[APPDT/TMP/DESKTOP] HKCU\[...]\RunOnce : mMe06511nMgOd06511 (C:\Documents and Settings\All Users\Application Data\mMe06511nMgOd06511\mMe06511nMgOd06511.exe) -> DELETED
Fichier HOSTS:
Termine : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt
contact sur http://www.sur-la-toile.com
mail: tigzyRK<at>gmail<dot>com
Remontees: http://www.sur-la-toile.com/discussion-193725-1-BRogueKillerD-Remontees.html
Systeme d'exploitation: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Demarrage : Mode normal
Utilisateur: Administrateur [Droits d'admin]
Mode: Suppression -- Date : 07/04/2011 22:06:02
Processus malicieux: 0
Entrees de registre: 1
[APPDT/TMP/DESKTOP] HKCU\[...]\RunOnce : mMe06511nMgOd06511 (C:\Documents and Settings\All Users\Application Data\mMe06511nMgOd06511\mMe06511nMgOd06511.exe) -> DELETED
Fichier HOSTS:
Termine : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Scandrino
Messages postés
2
Date d'inscription
vendredi 8 avril 2011
Statut
Membre
Dernière intervention
8 avril 2011
8 avril 2011 à 12:21
8 avril 2011 à 12:21
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Version de la base de données: 6304
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
08/04/2011 09:09:22
mbam-log-2011-04-08 (09-09-22).txt
Type d'examen: Examen complet (C:\|D:\|K:\|)
Elément(s) analysé(s): 419828
Temps écoulé: 3 heure(s), 39 minute(s), 31 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 96
Valeur(s) du Registre infectée(s): 6
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 7
Fichier(s) infecté(s): 28
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{1C044AAD-7955-4cbd-8175-501A165C4E5D} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1C044AAD-7955-4CBD-8175-501A165C4E5D} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{460AC4DB-B0DE-4626-A0F0-175DD84DCB9B} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{5B2E150D-4C8A-40E4-8C36-DD9C02771C67} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{CCC6E232-AA4C-4813-A019-9C14B27776B6} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{49155DAE-C471-40FA-98EE-B2B3CAD115CE} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Toolbar.HtmlMenuUI.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Toolbar.HtmlMenuUI (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{627D894A-8A77-416E-B522-432EAF2C818E} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Toolbar.ToolbarCtl.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Toolbar.ToolbarCtl (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7138F250-5B72-48DD-ADFB-9A83B429DD9E} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{0923208C-E259-4ED5-A778-CB607DA350AD} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3F0915B8-B238-4C2D-AD1E-60DB1E14D27A} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Srv.CoreServices.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Srv.CoreServices (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8971CB48-9FCA-445A-BE77-E8E8A4CC9DF7} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{08755390-F46D-4D09-968C-3430166B3189} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{34E29700-0D13-46AA-B9A5-ACE68E21A091} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\HostOL.MailAnim.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\HostOL.MailAnim (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{93B0FA7B-50F6-41B4-AC7E-612A72CE8C3C} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{087C4054-0A2B-4F35-B0DB-BED3E21650F4} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{00B77587-BE1B-4201-B8E9-09FCF50AB771} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\HBMain.CommBand.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\HBMain.CommBand (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{93B0FA7B-50F6-41B4-AC7E-612A72CE8C3C} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{93B0FA7B-50F6-41B4-AC7E-612A72CE8C3C} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{B0CB585F-3271-4E42-88D9-AE5C9330D554} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{229D2451-A617-4B30-B5E8-8138694240CB} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{4E8B851B-05B0-4BAF-B24D-D0DFE88DDED3} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CoreSrv.LfgAx.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CoreSrv.LfgAx (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{B88E4484-3FF6-4EA9-815B-A54FE20D4387} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\HostOL.WebmailSend.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\HostOL.WebmailSend (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{BF1BF02C-5A86-4ECF-ADAC-472C54C4D21E} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{BFC08CFF-C737-4433-BD5A-0EE7EFCFEE54} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{9720DE03-5820-4059-B4A4-639D5E52BD09} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{E420A65F-9984-4B8C-9FA9-1ED69D3B0A13} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\InstIE.HbInstObj.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\InstIE.HbInstObj (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{BFC08CFF-C737-4433-BD5A-0EE7EFCFEE54} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{D2221CCB-F2BB-4858-AAD4-57C754153603} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CoreSrv.CoreServices.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CoreSrv.CoreServices (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{EA0B6A1A-6A59-4A58-9C41-9966504898A5} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbr.HbMain.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbr.HbMain (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{C23FA5A4-1FEA-419F-8B14-F7465DF062BC} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2B81F920-6660-4F76-93BF-B1C67BF5D1A0} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Products\568267ACFC5644DAB06F058006DDBAE3 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07AA283A-43D7-4CBE-A064-32A21112D94D} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{09F1ADAC-76D8-4D0F-99A5-5C907DADB988} (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1A26F07F-0D60-4835-91CF-1E1766A0EC56} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2178F3FB-2560-458F-BDEE-631E2FE0DFE4} (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{343CE214-9998-4B21-A151-FFE970167297} (Rogue.Installer) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B18DD50-C996-44FC-AC52-0FECFF82ED58} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{549B5CA7-4A86-11D7-A4DF-000874180BB3} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{549B5CA7-4A86-11D7-A4DF-000874180BB3} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{54A3F8B7-228E-4ED8-895B-DE832B2C3959} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{54A3F8B7-228E-4ED8-895B-DE832B2C3959} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6D794CB4-C7CD-4C6F-BFDC-9B77AFBDC02C} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{90B5A95A-AFD5-4D11-B9BD-A69D53D22226} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{90B5A95A-AFD5-4D11-B9BD-A69D53D22226} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{B64F4A7C-97C9-11DA-8BDE-F66BAD1E3F3A} (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{B8B55274-0F9A-41E5-9067-A3539BD9E860} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C2EEB4FA-B6D6-41B9-9CFA-ABA87F862BCB} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{E596DF5F-4239-4D40-8367-EBADF0165917} (Rogue.Installer) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F919FBD3-A96B-4679-AF26-F551439BB5FD} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EDDBB5EE-BB64-4bfc-9DBE-E7C85941335B} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AVExplorer.ShellExtension (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AVExplorer.ShellExtension.2 (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\HostIE.Bho (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\HostIE.Bho.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\HotbarAX.UserProfiles (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\HotbarAX.UserProfiles.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\HotbarSA (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IProxyProvider (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\HostOL.MailAnim (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\Addins\HostOL.MailAnim (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\__c006E5E4 (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\__c0092A89 (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\__c009E7A9 (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HotbarSA (Adware.Hotbar) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ShellBrowser\{07AA283A-43D7-4CBE-A064-32A21112D94D} (Adware.Zango) -> Value: {07AA283A-43D7-4CBE-A064-32A21112D94D} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{07AA283A-43D7-4CBE-A064-32A21112D94D} (Adware.Zango) -> Value: {07AA283A-43D7-4CBE-A064-32A21112D94D} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ShellBrowser\{07AA283A-43D7-4CBE-A064-32A21112D94D} (Adware.Zango) -> Value: {07AA283A-43D7-4CBE-A064-32A21112D94D} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{07AA283A-43D7-4CBE-A064-32A21112D94D} (Adware.Zango) -> Value: {07AA283A-43D7-4CBE-A064-32A21112D94D} -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\extensions\Hotbar@Hotbar.com (Adware.Hotbar) -> Value: Hotbar@Hotbar.com -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\BootStera (Rogue.WinAntiVirus) -> Value: BootStera -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
c:\documents and settings\all users\application data\2aca5cc3-0f83-453d-a079-1076fe1a8b65 (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\HotbarSA (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\documents and settings\administrateur\application data\weatherdpa (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\documents and settings\administrateur\application data\weatherdpa\Weather (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\program files\winantivirus pro 2006 (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
c:\program files\winantivirus pro 2006\PGBase (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
c:\documents and settings\all users\menu démarrer\programmes\Hotbar (Adware.Hotbar) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
c:\documents and settings\administrateur\application data\Sun\Java\deployment\cache\6.0\18\2b331e92-729ae83f (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\mme06511nmgod06511\mme06511nmgod06511.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\program files\mozilla firefox\rk_quarantine\mme06511nmgod06511.exe.vir (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\clkcnt.txt (Trojan.Vundo) -> Quarantined and deleted successfully.
c:\WINDOWS\bm93a4e35c.txt (Trojan.Vundo) -> Quarantined and deleted successfully.
c:\WINDOWS\bm93a4e35c.xml (Trojan.Vundo) -> Quarantined and deleted successfully.
c:\WINDOWS\cookies.ini (Malware.Trace) -> Quarantined and deleted successfully.
c:\WINDOWS\pskt.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\HotbarSA\HotbarSA.dat (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\HotbarSA\hotbarsaabout.mht (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\HotbarSA\hotbarsaau.dat (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\HotbarSA\hotbarsaeula.mht (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\HotbarSA\hotbarsa_gdf.dat (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\HotbarSA\hotbarsa_kyf.dat (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\documents and settings\administrateur\application data\weatherdpa\Weather\log.txt (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\program files\winantivirus pro 2006\history.db (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
c:\program files\winantivirus pro 2006\License.rtf (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
c:\program files\winantivirus pro 2006\phigh.bin (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
c:\program files\winantivirus pro 2006\plugins.htm (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
c:\program files\winantivirus pro 2006\pmedium.bin (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
c:\program files\winantivirus pro 2006\prerules.xml (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
c:\program files\winantivirus pro 2006\unins000.exe (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
c:\program files\winantivirus pro 2006\uninstallpage.html (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
c:\program files\winantivirus pro 2006\PGBase\vbpv.dat (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
c:\documents and settings\all users\menu démarrer\programmes\Hotbar\about hotbar.lnk (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\documents and settings\all users\menu démarrer\programmes\Hotbar\hotbar customer support center.lnk (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\documents and settings\all users\menu démarrer\programmes\Hotbar\reset cursor.lnk (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\documents and settings\all users\menu démarrer\programmes\Hotbar\uninstall hotbar.lnk (Adware.Hotbar) -> Quarantined and deleted successfully.
www.malwarebytes.org
Version de la base de données: 6304
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
08/04/2011 09:09:22
mbam-log-2011-04-08 (09-09-22).txt
Type d'examen: Examen complet (C:\|D:\|K:\|)
Elément(s) analysé(s): 419828
Temps écoulé: 3 heure(s), 39 minute(s), 31 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 96
Valeur(s) du Registre infectée(s): 6
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 7
Fichier(s) infecté(s): 28
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{1C044AAD-7955-4cbd-8175-501A165C4E5D} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1C044AAD-7955-4CBD-8175-501A165C4E5D} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{460AC4DB-B0DE-4626-A0F0-175DD84DCB9B} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{5B2E150D-4C8A-40E4-8C36-DD9C02771C67} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{CCC6E232-AA4C-4813-A019-9C14B27776B6} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{49155DAE-C471-40FA-98EE-B2B3CAD115CE} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Toolbar.HtmlMenuUI.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Toolbar.HtmlMenuUI (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{627D894A-8A77-416E-B522-432EAF2C818E} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Toolbar.ToolbarCtl.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Toolbar.ToolbarCtl (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7138F250-5B72-48DD-ADFB-9A83B429DD9E} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{0923208C-E259-4ED5-A778-CB607DA350AD} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3F0915B8-B238-4C2D-AD1E-60DB1E14D27A} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Srv.CoreServices.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Srv.CoreServices (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8971CB48-9FCA-445A-BE77-E8E8A4CC9DF7} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{08755390-F46D-4D09-968C-3430166B3189} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{34E29700-0D13-46AA-B9A5-ACE68E21A091} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\HostOL.MailAnim.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\HostOL.MailAnim (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{93B0FA7B-50F6-41B4-AC7E-612A72CE8C3C} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{087C4054-0A2B-4F35-B0DB-BED3E21650F4} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{00B77587-BE1B-4201-B8E9-09FCF50AB771} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\HBMain.CommBand.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\HBMain.CommBand (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{93B0FA7B-50F6-41B4-AC7E-612A72CE8C3C} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{93B0FA7B-50F6-41B4-AC7E-612A72CE8C3C} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{B0CB585F-3271-4E42-88D9-AE5C9330D554} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{229D2451-A617-4B30-B5E8-8138694240CB} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{4E8B851B-05B0-4BAF-B24D-D0DFE88DDED3} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CoreSrv.LfgAx.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CoreSrv.LfgAx (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{B88E4484-3FF6-4EA9-815B-A54FE20D4387} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\HostOL.WebmailSend.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\HostOL.WebmailSend (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{BF1BF02C-5A86-4ECF-ADAC-472C54C4D21E} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{BFC08CFF-C737-4433-BD5A-0EE7EFCFEE54} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{9720DE03-5820-4059-B4A4-639D5E52BD09} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{E420A65F-9984-4B8C-9FA9-1ED69D3B0A13} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\InstIE.HbInstObj.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\InstIE.HbInstObj (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{BFC08CFF-C737-4433-BD5A-0EE7EFCFEE54} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{D2221CCB-F2BB-4858-AAD4-57C754153603} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CoreSrv.CoreServices.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CoreSrv.CoreServices (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{EA0B6A1A-6A59-4A58-9C41-9966504898A5} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbr.HbMain.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbr.HbMain (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{C23FA5A4-1FEA-419F-8B14-F7465DF062BC} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2B81F920-6660-4F76-93BF-B1C67BF5D1A0} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Products\568267ACFC5644DAB06F058006DDBAE3 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07AA283A-43D7-4CBE-A064-32A21112D94D} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{09F1ADAC-76D8-4D0F-99A5-5C907DADB988} (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1A26F07F-0D60-4835-91CF-1E1766A0EC56} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2178F3FB-2560-458F-BDEE-631E2FE0DFE4} (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{343CE214-9998-4B21-A151-FFE970167297} (Rogue.Installer) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B18DD50-C996-44FC-AC52-0FECFF82ED58} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{549B5CA7-4A86-11D7-A4DF-000874180BB3} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{549B5CA7-4A86-11D7-A4DF-000874180BB3} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{54A3F8B7-228E-4ED8-895B-DE832B2C3959} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{54A3F8B7-228E-4ED8-895B-DE832B2C3959} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6D794CB4-C7CD-4C6F-BFDC-9B77AFBDC02C} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{90B5A95A-AFD5-4D11-B9BD-A69D53D22226} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{90B5A95A-AFD5-4D11-B9BD-A69D53D22226} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{B64F4A7C-97C9-11DA-8BDE-F66BAD1E3F3A} (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{B8B55274-0F9A-41E5-9067-A3539BD9E860} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C2EEB4FA-B6D6-41B9-9CFA-ABA87F862BCB} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{E596DF5F-4239-4D40-8367-EBADF0165917} (Rogue.Installer) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F919FBD3-A96B-4679-AF26-F551439BB5FD} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EDDBB5EE-BB64-4bfc-9DBE-E7C85941335B} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AVExplorer.ShellExtension (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AVExplorer.ShellExtension.2 (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\HostIE.Bho (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\HostIE.Bho.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\HotbarAX.UserProfiles (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\HotbarAX.UserProfiles.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\HotbarSA (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IProxyProvider (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\HostOL.MailAnim (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\Addins\HostOL.MailAnim (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\__c006E5E4 (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\__c0092A89 (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\__c009E7A9 (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HotbarSA (Adware.Hotbar) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ShellBrowser\{07AA283A-43D7-4CBE-A064-32A21112D94D} (Adware.Zango) -> Value: {07AA283A-43D7-4CBE-A064-32A21112D94D} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{07AA283A-43D7-4CBE-A064-32A21112D94D} (Adware.Zango) -> Value: {07AA283A-43D7-4CBE-A064-32A21112D94D} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ShellBrowser\{07AA283A-43D7-4CBE-A064-32A21112D94D} (Adware.Zango) -> Value: {07AA283A-43D7-4CBE-A064-32A21112D94D} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{07AA283A-43D7-4CBE-A064-32A21112D94D} (Adware.Zango) -> Value: {07AA283A-43D7-4CBE-A064-32A21112D94D} -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\extensions\Hotbar@Hotbar.com (Adware.Hotbar) -> Value: Hotbar@Hotbar.com -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\BootStera (Rogue.WinAntiVirus) -> Value: BootStera -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
c:\documents and settings\all users\application data\2aca5cc3-0f83-453d-a079-1076fe1a8b65 (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\HotbarSA (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\documents and settings\administrateur\application data\weatherdpa (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\documents and settings\administrateur\application data\weatherdpa\Weather (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\program files\winantivirus pro 2006 (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
c:\program files\winantivirus pro 2006\PGBase (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
c:\documents and settings\all users\menu démarrer\programmes\Hotbar (Adware.Hotbar) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
c:\documents and settings\administrateur\application data\Sun\Java\deployment\cache\6.0\18\2b331e92-729ae83f (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\mme06511nmgod06511\mme06511nmgod06511.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\program files\mozilla firefox\rk_quarantine\mme06511nmgod06511.exe.vir (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\clkcnt.txt (Trojan.Vundo) -> Quarantined and deleted successfully.
c:\WINDOWS\bm93a4e35c.txt (Trojan.Vundo) -> Quarantined and deleted successfully.
c:\WINDOWS\bm93a4e35c.xml (Trojan.Vundo) -> Quarantined and deleted successfully.
c:\WINDOWS\cookies.ini (Malware.Trace) -> Quarantined and deleted successfully.
c:\WINDOWS\pskt.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\HotbarSA\HotbarSA.dat (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\HotbarSA\hotbarsaabout.mht (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\HotbarSA\hotbarsaau.dat (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\HotbarSA\hotbarsaeula.mht (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\HotbarSA\hotbarsa_gdf.dat (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\HotbarSA\hotbarsa_kyf.dat (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\documents and settings\administrateur\application data\weatherdpa\Weather\log.txt (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\program files\winantivirus pro 2006\history.db (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
c:\program files\winantivirus pro 2006\License.rtf (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
c:\program files\winantivirus pro 2006\phigh.bin (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
c:\program files\winantivirus pro 2006\plugins.htm (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
c:\program files\winantivirus pro 2006\pmedium.bin (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
c:\program files\winantivirus pro 2006\prerules.xml (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
c:\program files\winantivirus pro 2006\unins000.exe (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
c:\program files\winantivirus pro 2006\uninstallpage.html (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
c:\program files\winantivirus pro 2006\PGBase\vbpv.dat (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
c:\documents and settings\all users\menu démarrer\programmes\Hotbar\about hotbar.lnk (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\documents and settings\all users\menu démarrer\programmes\Hotbar\hotbar customer support center.lnk (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\documents and settings\all users\menu démarrer\programmes\Hotbar\reset cursor.lnk (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\documents and settings\all users\menu démarrer\programmes\Hotbar\uninstall hotbar.lnk (Adware.Hotbar) -> Quarantined and deleted successfully.
Scandrino
Messages postés
2
Date d'inscription
vendredi 8 avril 2011
Statut
Membre
Dernière intervention
8 avril 2011
8 avril 2011 à 12:21
8 avril 2011 à 12:21
Voila desolé de la longueur du rapport :) C'est terminé ? Parce que là mon fond d'ecran est redevenu normal.
Valuu
Messages postés
2163
Date d'inscription
lundi 4 octobre 2010
Statut
Contributeur
Dernière intervention
12 avril 2015
201
8 avril 2011 à 23:05
8 avril 2011 à 23:05
Hé bah ! pour du ménage c'est du ménage !
T'avais principalement du rogue et de l'adware :
Rogue : faux logiciel de sécurité qui t'incite à le télécharger pour virer tes douze mille menaces de ton pc alors qu'en fait t'as rien...
Adware : logiciel qui affiche de la publicité intempestive.
On va vérifier pour les adwares si il reste qqch :
* Télécharge AD-Remover(de la TeamXscript) sur ton Bureau.
Déconnecte toi et ferme toutes les applications en cours
* Double-clique sur l'icône AD-Remover
* Au menu principal, clique sur Nettoyer
* Confirme le lancement de l'analyse et laisse l'outil travailler
* Poste le rapport qui apparait à la fin (il est aussi sauvegardé sous C:\Ad-report-CLEAN.txt )
Puis,
Utilise ce logiciel de diagnostic :
* Télécharge ZHPDiag (de Nicolas Coolman)
* Laisse toi guider lors de l'installation, il se lancera automatiquement à la fin.
* Clique sur l'icône représentant une loupe (« Lancer le diagnostic »)
* Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
* Héberge le rapport ZHPDiag.txt sur ce site, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum.
T'avais principalement du rogue et de l'adware :
Rogue : faux logiciel de sécurité qui t'incite à le télécharger pour virer tes douze mille menaces de ton pc alors qu'en fait t'as rien...
Adware : logiciel qui affiche de la publicité intempestive.
On va vérifier pour les adwares si il reste qqch :
* Télécharge AD-Remover(de la TeamXscript) sur ton Bureau.
Déconnecte toi et ferme toutes les applications en cours
* Double-clique sur l'icône AD-Remover
* Au menu principal, clique sur Nettoyer
* Confirme le lancement de l'analyse et laisse l'outil travailler
* Poste le rapport qui apparait à la fin (il est aussi sauvegardé sous C:\Ad-report-CLEAN.txt )
Puis,
Utilise ce logiciel de diagnostic :
* Télécharge ZHPDiag (de Nicolas Coolman)
* Laisse toi guider lors de l'installation, il se lancera automatiquement à la fin.
* Clique sur l'icône représentant une loupe (« Lancer le diagnostic »)
* Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
* Héberge le rapport ZHPDiag.txt sur ce site, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum.
j'ai eu le même problème, la meilleure solution est de restaurer automatiquement l'ordinateur à une date antérieure. avant l'entrée du virus, ça fonctionne bien
Valuu
Messages postés
2163
Date d'inscription
lundi 4 octobre 2010
Statut
Contributeur
Dernière intervention
12 avril 2015
201
Modifié par Valuu le 13/04/2011 à 15:31
Modifié par Valuu le 13/04/2011 à 15:31
pas forcément de date assez ancienne pour restaurer, mais généralement ça se vire bien.
