Mon ordinateur est lent et rame

melinda270680 Messages postés 6 Statut Membre -  
 Utilisateur anonyme -
Bonjour,
j'ai posté un message il y a 2 jours et suite à une erreur de création, mon compte a été supprimé. Toutes le conversations ont donc aussi été supprimées sans avoir réglé tous les problèmes.
La personne qui s'occupait de moi avait le pseudo suivant : Kduc

Mon problème est donc le suivant. Mon ordi rame beaucoup au démarrage mais pas seulement. J'avais des publicités intempestives mais ce problème a pu être résolu par Navilog.


Vous m'avez dit ensuite de faire la chose suivante :

Salut,

Maintenant,

Fais un clic-droit sur le lien ci-dessous :
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe (par AndyManchesta)

Choisis "Enregistrer sous" (dans IE c'est "Enregistrer la cible/le lien sous..")
et sauvegarde-le (Enregistrer dans) sur le Bureau.

Important : dans "Nom du fichier" enregistre (renomme) "sdfix" ou "SdFix.exe" en sd-fix.exe

Redémarre en mode sans échec ...
https://www.pcastuces.com/pratique/windows/mode_sans_echec/page2.htm
(de préférence par F8 au démarrage).

--------------------------------------------
Tu n' auras pas accès à Internet pendant le "mode sans échec".
Aussi, copie/colle la procédure dans un fichier texte (word) et mets-la
sur le "bureau" pour l' avoir à ta disposition.
--------------------------------------------

Sur le bureau, double-clique sur sd-fix.exe et choisis Install pour l'extraire sur le Bureau.
Ouvre le dossier SDFix qui vient d'être créé sur le Bureau et double clique sur
RunThis.cmd (ou RunThis.bat) pour lancer le script.

Appuie sur Y pour commencer le processus de nettoyage.
Il va supprimer les services et les entrées du Registre des trojans trouvés puis te
demandera d'appuyer sur une touche pour redémarrer. Fais-le.

Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va
continuer à s'exécuter et supprimer des fichiers.

Après le chargement du Bureau, l'outil terminera son travail et affichera "Finished".
Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.

Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera
aussi dans le dossier SDFix sous le nom Report.txt.

Copie/colle le contenu du fichier Report.txt dans ta prochaine réponse.

Ensuite, ...

Télécharge, installe et mets à jour Malwarebytes Anti-Malwares …
http://forum.telecharger.01net.com/forum/ puis, lance un scan COMPLET et poste le rapport.

PS : si MalwareByte's a détecté des infections, clique sur Afficher les résultats,
puis sur Supprimer la sélection.




Voici donc les 2 rapports :

le premier pour SD-Fix :

[b]SDFix: Version 1.240 /b
Run by Emmanuelle on 02/08/2009 at 18:19

Microsoft Windows XP [version 5.1.2600]
Running From: C:\SDFix

[b]Checking Services /b:


Restoring Default Security Values
Restoring Default Hosts File

Rebooting


[b]Checking Files /b:

No Trojan Files Found






Removing Temp Files

[b]ADS Check /b:



[b]Final Check /b:

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-08-02 18:24:49
Windows 5.1.2600 Service Pack 2 FAT NTAPI

scanning hidden processes ...

scanning hidden services ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


[b]Remaining Services /b:




Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\T‚l‚chargement PHOTOWAYS\\Photoways.exe"="C:\\Program Files\\T‚l‚chargement PHOTOWAYS\\Photoways.exe:*:Enabled:Photoways"
"D:\\Ac.exe"="D:\\Ac.exe:*:Enabled:Agatha Christie - Devinez qui"
"C:\\Program Files\\Mozilla Thunderbird\\thunderbird.exe"="C:\\Program Files\\Mozilla Thunderbird\\thunderbird.exe:*:Enabled:Mozilla Thunderbird"
"C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Enabled:Internet Explorer"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Disabled:Windows Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"="C:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"="C:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"

[b]Remaining Files /b:



[b]Files with Hidden Attributes /b:

Wed 13 Oct 2004 1,694,208 ..SH. --- "C:\Program Files\Messenger\msmsgs.exe"
Fri 3 Nov 2006 64,000 A.SH. --- "C:\Program Files\Windows Media Player\wmplayer.exe"
Mon 29 Jun 2009 634,632 A.SH. --- "C:\Program Files\Internet Explorer\iexplore.exe"
Fri 24 Mar 2006 186,368 A.SH. --- "C:\Program Files\Outlook Express\msimn.exe"
Thu 3 Jan 2008 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv02.tmp"
Mon 24 Mar 2008 716,800 A.SH. --- "C:\Documents and Settings\Emmanuelle\Mes documents\Mes images\Amis\EMILIE\VAYRES 260408\SIV198.tmp"
Tue 22 Apr 2008 1,253,376 A.SH. --- "C:\Documents and Settings\Emmanuelle\Mes documents\Mes images\Amis\EMILIE\VAYRES 260408\SIV2C.tmp"
Tue 22 Apr 2008 962,560 A.SH. --- "C:\Documents and Settings\Emmanuelle\Mes documents\Mes images\Amis\EMILIE\VAYRES 260408\SIV2D.tmp"
Tue 22 Apr 2008 876,544 A.SH. --- "C:\Documents and Settings\Emmanuelle\Mes documents\Mes images\Amis\EMILIE\VAYRES 260408\SIV2E.tmp"
Tue 22 Apr 2008 823,296 A.SH. --- "C:\Documents and Settings\Emmanuelle\Mes documents\Mes images\Amis\EMILIE\VAYRES 260408\SIV2F.tmp"
Tue 22 Apr 2008 786,432 A.SH. --- "C:\Documents and Settings\Emmanuelle\Mes documents\Mes images\Amis\EMILIE\VAYRES 260408\SIV30.tmp"
Tue 22 Apr 2008 577,536 A.SH. --- "C:\Documents and Settings\Emmanuelle\Mes documents\Mes images\Amis\EMILIE\VAYRES 260408\SIV31.tmp"
Tue 22 Apr 2008 749,568 A.SH. --- "C:\Documents and Settings\Emmanuelle\Mes documents\Mes images\Amis\EMILIE\VAYRES 260408\SIV32.tmp"
Tue 22 Apr 2008 647,168 A.SH. --- "C:\Documents and Settings\Emmanuelle\Mes documents\Mes images\Amis\EMILIE\VAYRES 260408\SIV33.tmp"
Tue 22 Apr 2008 540,672 A.SH. --- "C:\Documents and Settings\Emmanuelle\Mes documents\Mes images\Amis\EMILIE\VAYRES 260408\SIV34.tmp"
Tue 22 Apr 2008 589,824 A.SH. --- "C:\Documents and Settings\Emmanuelle\Mes documents\Mes images\Amis\EMILIE\VAYRES 260408\SIV35.tmp"
Tue 22 Apr 2008 540,672 A.SH. --- "C:\Documents and Settings\Emmanuelle\Mes documents\Mes images\Amis\EMILIE\VAYRES 260408\SIV36.tmp"
Tue 22 Apr 2008 589,824 A.SH. --- "C:\Documents and Settings\Emmanuelle\Mes documents\Mes images\Amis\EMILIE\VAYRES 260408\SIV37.tmp"
Tue 22 Apr 2008 610,304 A.SH. --- "C:\Documents and Settings\Emmanuelle\Mes documents\Mes images\Amis\EMILIE\VAYRES 260408\SIV38.tmp"
Tue 22 Apr 2008 516,096 A.SH. --- "C:\Documents and Settings\Emmanuelle\Mes documents\Mes images\Amis\EMILIE\VAYRES 260408\SIV39.tmp"
Tue 22 Apr 2008 552,960 A.SH. --- "C:\Documents and Settings\Emmanuelle\Mes documents\Mes images\Amis\EMILIE\VAYRES 260408\SIV3A.tmp"
Tue 22 Apr 2008 524,288 A.SH. --- "C:\Documents and Settings\Emmanuelle\Mes documents\Mes images\Amis\EMILIE\VAYRES 260408\SIV3B.tmp"
Tue 22 Apr 2008 544,768 A.SH. --- "C:\Documents and Settings\Emmanuelle\Mes documents\Mes images\Amis\EMILIE\VAYRES 260408\SIV3C.tmp"
Tue 22 Apr 2008 405,504 A.SH. --- "C:\Documents and Settings\Emmanuelle\Mes documents\Mes images\Amis\EMILIE\VAYRES 260408\SIV3D.tmp"
Tue 22 Apr 2008 413,696 A.SH. --- "C:\Documents and Settings\Emmanuelle\Mes documents\Mes images\Amis\EMILIE\VAYRES 260408\SIV3E.tmp"
Tue 22 Apr 2008 434,176 A.SH. --- "C:\Documents and Settings\Emmanuelle\Mes documents\Mes images\Amis\EMILIE\VAYRES 260408\SIV3F.tmp"
Tue 22 Apr 2008 430,080 A.SH. --- "C:\Documents and Settings\Emmanuelle\Mes documents\Mes images\Amis\EMILIE\VAYRES 260408\SIV40.tmp"
Tue 22 Apr 2008 430,080 A.SH. --- "C:\Documents and Settings\Emmanuelle\Mes documents\Mes images\Amis\EMILIE\VAYRES 260408\SIV41.tmp"
Tue 22 Apr 2008 135,168 A.SH. --- "C:\Documents and Settings\Emmanuelle\Mes documents\Mes images\Amis\EMILIE\VAYRES 260408\SIV42.tmp"
Wed 31 Jan 2007 192,512 A.SH. --- "C:\Documents and Settings\Emmanuelle\Mes documents\Mes images\Famille\PAQUES 2008\MES PHOTOS\SIV40.tmp"
Wed 31 Jan 2007 294,912 A.SH. --- "C:\Documents and Settings\Emmanuelle\Mes documents\Mes images\Famille\PAQUES 2008\MES PHOTOS\SIV41.tmp"

[b]Finished!/b



Voici le 2° rapport pour le malwarebytes :

Malwarebytes' Anti-Malware 1.39
Version de la base de données: 2547
Windows 5.1.2600 Service Pack 2

03/08/2009 02:11:26
mbam-log-2009-08-03 (02-11-26).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 201555
Temps écoulé: 7 hour(s), 27 minute(s), 42 second(s)

Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 2
Clé(s) du Registre infectée(s): 171
Valeur(s) du Registre infectée(s): 9
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 75
Fichier(s) infecté(s): 185

Processus mémoire infecté(s):
C:\Program Files\MyWebSearch\bar\3.bin\MWSOEMON.EXE (Adware.MyWebSearch) -> Unloaded process successfully.

Module(s) mémoire infecté(s):
C:\Program Files\MyWebSearch\bar\3.bin\MWSOESTB.DLL (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\3.bin\M3OUTLCN.DLL (Adware.MyWeb) -> Delete on reboot.

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{adb01e81-3c79-4272-a0f1-7b2be7a782dc} (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.datacontrol (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{c8cecde3-1ae1-4c4a-ad82-6d5b00212144} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{17de5e5e-bfe3-4e83-8e1f-8755795359ec} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{1f52a5fa-a705-4415-b975-88503b291728} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{a626cdbd-3d13-4f78-b819-440a28d7e8fc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.datacontrol.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.historykillerscheduler (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{8ca01f0e-987c-49c3-b852-2f1ac4a7094c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{1093995a-ba37-41d2-836e-091067c4ad17} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{120927bf-1700-43bc-810f-fab92549b390} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{247a115f-06c2-4fb3-967d-2d62d3cf4f0a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e53e2cb-86db-4a4a-8bd9-ffeb7a64df82} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{90449521-d834-4703-bb4e-d3aa44042ff8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{991aac62-b100-47ce-8b75-253965244f69} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{bbabdc90-f3d5-4801-863a-ee6ae529862d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{d6ff3684-ad3b-48eb-bbb4-b9e6c5a355c1} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{eb9e5c1c-b1f9-4c2b-be8a-27d6446fdaf8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0f8ecf4f-3646-4c3a-8881-8e138ffcaf70} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b813095c-81c0-4e40-aa14-67520372b987} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c9d7be3e-141a-4c85-8cd6-32461f3df2c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{cff4ce82-3aa2-451f-9b77-7165605fb835} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.historykillerscheduler.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.historyswattercontrolbar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.historyswattercontrolbar.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.htmlmenu (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{e47caee0-deea-464a-9326-3f2801535a4d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e1656ed-f60e-4597-b6aa-b6a58e171495} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{98d9753d-d73b-42d5-8c85-4469cda897ab} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98d9753d-d73b-42d5-8c85-4469cda897ab} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.htmlmenu.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.htmlmenu.2 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.killerobjmanager (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.killerobjmanager.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.popswatterbarbutton (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.popswatterbarbutton.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.popswattersettingscontrol (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.popswattersettingscontrol.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.chatsessionplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{e79dfbc0-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{72ee7f04-15bd-4845-a005-d6711144d86a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e79dfbc9-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e79dfbcb-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.chatsessionplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.htmlpanel (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{3e720450-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e720451-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e720453-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3e720452-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3e720452-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.htmlpanel.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.outlookaddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.outlookaddin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.pseudotransparentplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{7473d290-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d291-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d293-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d295-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d297-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7473d292-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7473d296-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.pseudotransparentplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.settingsplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{07b18ea0-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{07b18eaa-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{07b18eac-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{f87d7fb5-9dc5-4c8c-b998-d8dfe02e2978} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{53ced2d0-5e9a-4761-9005-648404e6f7e5} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.settingsplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.toolbarplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.toolbarplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\screensavercontrol.screensaverinstaller (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{29d67d3c-509a-4544-903f-c8c1b8236554} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2e3537fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{938aa51a-996c-4884-98ce-80dd16a5c9da} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\screensavercontrol.screensaverinstaller.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.hbax (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.hbax.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.hbinfoband (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.hbinfoband.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebutton (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebutton.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebuttona (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebuttona.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.rprtctrl (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.rprtctrl.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{63d0ed2b-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{63d0ed2d-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{6e74766c-4d93-4cc0-96d1-47b8e07ff9ca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{8ad9ad05-36be-4e40-ba62-5422eb0d02fb} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{aebf09e2-0c15-43c8-99bf-928c645d98a0} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{d8560ac2-21b5-4c1a-bdd4-bd12bc83b082} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{de38c398-b328-4f4c-a3ad-1b5e4ed93477} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25e} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25f} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c9ccbb35-d123-4a31-affc-9b2933132116} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a16ad1e9-f69a-45af-9462-b1c286708842} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{20ea9658-6bc3-4599-a87d-6371fe9295fc} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{00a6faf6-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1e0de227-5ce4-4ea3-ab0c-8b03e1aa76bc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{84da4fdf-a1cf-4195-8688-3e961f505983} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8e6f1832-9607-4440-8530-13be7c4b1d14} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a9571378-68a1-443d-b082-284f960c6d17} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d9fffb27-d62a-4d64-8cec-1ff006528805} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{0d26bc71-a633-4e71-ad31-eadc3a1b6a3a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{cdca70d8-c6a6-49ee-9bed-7429d6c477a2} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{d136987f-e1c4-4ccc-a220-893df03ec5df} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{e343edfc-1e6c-4cb5-aa29-e9c922641c80} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{8e6f1830-9607-4440-8530-13be7c4b1d14} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{f42228fb-e84e-479e-b922-fbbd096e792c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{09f1adac-76d8-4d0f-99a5-5c907dadb988} (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Setup.exe (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\shoppingreport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\starware316 (Adware.Starware) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWay) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\starware316 (Adware.Starware) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Screensavers.com (Adware.Comet) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{00a6faf6-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\mysearchnow.com (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\www.mysearchnow.com (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Search\(default) (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources\f3PopularScreensavers (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Documents and Settings\Emmanuelle\Application Data\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
c:\documents and settings\emmanuelle\application data\shoppingreport\cs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
c:\documents and settings\emmanuelle\application data\shoppingreport\cs\dwld (Adware.Shopping.Report) -> Quarantined and deleted successfully.
c:\documents and settings\emmanuelle\application data\shoppingreport\cs\report (Adware.Shopping.Report) -> Quarantined and deleted successfully.
c:\documents and settings\emmanuelle\application data\shoppingreport\cs\db (Adware.Shopping.Report) -> Quarantined and deleted successfully.
c:\documents and settings\emmanuelle\application data\shoppingreport\cs\res2 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Program Files\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
c:\program files\shoppingreport\Bin (Adware.Shopping.Report) -> Quarantined and deleted successfully.
c:\program files\shoppingreport\Bin\2.0.21 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
c:\program files\shoppingreport\cs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch (Adware.MyWebSearch) -> Delete on reboot.
c:\program files\mywebsearch\bar (Adware.MyWebSearch) -> Delete on reboot.
c:\program files\mywebsearch\bar\1.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Avatar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Message (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Message\COMMON (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Notifier (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Game (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\icons (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Settings (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Cache (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\History (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\2.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\3.bin (Adware.MyWebSearch) -> Delete on reboot.
c:\program files\mywebsearch\SrchAstt (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\SrchAstt\1.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\SrchAstt\2.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\SrchAstt\3.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\ScreenSaver (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\screensaver\Images (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\Shared (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\Shared\Cache (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\Starware316 (Adware.Starware) -> Quarantined and deleted successfully.
c:\program files\starware316\bin (Adware.Starware) -> Quarantined and deleted successfully.
c:\program files\starware316\icons (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\Starware316 (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware316\contexts (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware316\buttons (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware316\SimpleUpdate (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware316\images (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\emmanuelle\application data\Starware316 (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\emmanuelle\application data\starware316\Manager (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\emmanuelle\application data\starware316\BrowserSearch (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\emmanuelle\application data\starware316\TravelSearch (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\emmanuelle\application data\starware316\RelatedSearch (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\emmanuelle\application data\starware316\ErrorSearch (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\emmanuelle\application data\starware316\Configurator (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\emmanuelle\application data\starware316\Toolbar (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\emmanuelle\application data\starware316\ToolbarLogo (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\emmanuelle\application data\starware316\ToolbarSearch (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\emmanuelle\application data\starware316\Reference (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\emmanuelle\application data\starware316\Weather (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\emmanuelle\application data\starware316\Screensavers (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\emmanuelle\application data\starware316\Games (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\emmanuelle\application data\starware316\Games\images (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\emmanuelle\application data\starware316\Games\images\default (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\emmanuelle\application data\starware316\Games\images\active (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\emmanuelle\application data\starware316\ScreensaversMarketingSitePager (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\emmanuelle\application data\starware316\screensaversmarketingsitepager\images (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\emmanuelle\application data\starware316\screensaversmarketingsitepager\images\default (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\emmanuelle\application data\starware316\screensaversmarketingsitepager\images\active (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\emmanuelle\application data\starware316\Movies (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\emmanuelle\application data\starware316\Movies\images (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\emmanuelle\application data\starware316\Movies\images\default (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\emmanuelle\application data\starware316\Movies\images\active (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\emmanuelle\application data\starware316\Layouts (Adware.Starware) -> Quarantined and deleted successfully.
C:\Program Files\Screensavers.com (Adware.Comet) -> Quarantined and deleted successfully.
c:\program files\screensavers.com\SSSInst (Adware.Comet) -> Quarantined and deleted successfully.
c:\program files\screensavers.com\SSSInst\bin (Adware.Comet) -> Quarantined and deleted successfully.
c:\program files\screensavers.com\SSSInst\temp (Adware.Comet) -> Quarantined and deleted successfully.
c:\program files\screensavers.com\SSSInst\Ready (Adware.Comet) -> Quarantined and deleted successfully.
c:\program files\screensavers.com\SSSInst\Upload (Adware.Comet) -> Quarantined and deleted successfully.
c:\program files\screensavers.com\Wallpaper (Adware.Comet) -> Quarantined and deleted successfully.
C:\Program Files\Spyware-Secure (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Program Files\MyWebSearch\bar\3.bin\MWSOESTB.DLL (Adware.MyWeb) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\3.bin\MWSOEMON.EXE (Adware.MyWeb) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\3.bin\M3OUTLCN.DLL (Adware.MyWeb) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\3.bin\M3PLUGIN.DLL (Adware.MyWeb) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\3.bin\F3DTACTL.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\3.bin\F3HISTSW.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\3.bin\F3HTMLMU.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\3.bin\M3MSG.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\3.bin\M3HTML.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\3.bin\M3SKIN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\3.bin\MWSBAR.DLL (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\3.bin\F3SCRCTR.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\3.bin\F3CJPEG.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\3.bin\F3HTTPCT.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\3.bin\F3REPROX.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\3.bin\MWSOEPLG.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\f3PSSavr.scr (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\documents and settings\emmanuelle\Bureau\Setup.exe (Adware.Zango) -> Quarantined and deleted successfully.
c:\program files\windows live\messenger\riched20.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\1.bin\MWSBAR.DLL (Adware.MyWeb) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\1.bin\MWSOEMON.EXE (Adware.MyWeb) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\1.bin\MWSOEPLG.DLL (Adware.MyWeb) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\1.bin\MWSOESTB.DLL (Adware.MyWeb) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\2.bin\MWSBAR.DLL (Adware.MyWeb) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\3.bin\F3PSSAVR.SCR (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\3.bin\F3RESTUB.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\3.bin\F3SCHMON.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\3.bin\M3HIGHIN.EXE (Adware.MyWeb) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\3.bin\M3IDLE.DLL (Adware.MyWeb) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\3.bin\M3IMPIPE.EXE (Adware.MyWeb) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\3.bin\M3MEDINT.EXE (Adware.MyWeb) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\3.bin\M3SKPLAY.EXE (Adware.MyWeb) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\3.bin\MWSSVC.EXE (Adware.MyWeb) -> Quarantined and deleted successfully.
c:\documents and settings\emmanuelle\application data\shoppingreport\cs\Config.xml (Adware.Shopping.Report) -> Quarantined and deleted successfully.
c:\documents and settings\emmanuelle\application data\shoppingreport\cs\persist.dbs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
c:\documents and settings\emmanuelle\application data\shoppingreport\cs\dwld\WhiteList.xip (Adware.Shopping.Report) -> Quarantined and deleted successfully.
c:\documents and settings\emmanuelle\application data\shoppingreport\cs\report\aggr_storage.xml (Adware.Shopping.Report) -> Quarantined and deleted successfully.
c:\documents and settings\emmanuelle\application data\shoppingreport\cs\report\send_storage.xml (Adware.Shopping.Report) -> Quarantined and deleted successfully.
c:\documents and settings\emmanuelle\application data\shoppingreport\cs\db\Aliases.dbs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
c:\documents and settings\emmanuelle\application data\shoppingreport\cs\db\Sites.dbs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
c:\documents and settings\emmanuelle\application data\shoppingreport\cs\res2\WhiteList.dbs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
c:\program files\shoppingreport\Uninst.exe (Adware.Shopping.Report) -> Quarantined and deleted successfully.
c:\program files\shoppingreport\cs\persist.dbs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\1.bin\F3HTMLMU.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Avatar\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Message\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Message\COMMON\index.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Message\COMMON\ask_logo.gif (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Message\COMMON\autoup.gif (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Message\COMMON\autoup.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Message\COMMON\center.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Message\COMMON\mid_dots.gif (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Message\COMMON\mws_logo.gif (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Message\COMMON\protect.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Message\COMMON\shocked.gif (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Message\COMMON\stop.gif (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Message\COMMON\systray.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Message\COMMON\systrayp.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Message\COMMON\tp_grad.gif (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Message\COMMON\warn.gif (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Notifier\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Notifier\DOG.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Notifier\FISH.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Notifier\KUNGFU.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Notifier\LIFEGARD.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Notifier\MAID.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Notifier\MAILBOX.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Notifier\OPERA.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Notifier\ROBOT.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Notifier\SEDUCT.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Notifier\SURFER.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Game\CHECKERS.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Game\CHESS.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Game\REVERSI.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\icons\CM.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\icons\MFC.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\icons\PSS.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\icons\SMILEY.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\icons\WB.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\icons\ZWINKY.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Settings\prevcfg2.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Cache\files.ini (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Cache\004A55D8.A (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Cache\004A60F4.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Cache\004A624C.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Cache\004A6430.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Cache\004A6569.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Cache\004C128C.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Cache\004C1413.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Cache\004C153B.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Cache\004C16B2.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Cache\004C17EB (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Cache\0524A816 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\History\search3 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\2.bin\F3HTMLMU.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\3.bin\F3BKGERR.JPG (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\3.bin\F3SPACER.WMV (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\3.bin\F3WALLPP.DAT (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\3.bin\F3WPHOOK.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\3.bin\FWPBUDDY.PNG (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\3.bin\M3FFXTBR.JAR (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\3.bin\M3FFXTBR.MANIFEST (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\3.bin\M3NTSTBR.JAR (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\3.bin\M3NTSTBR.MANIFEST (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\Shared\Cache\WebfettiBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\Shared\Cache\MyFunCardsIMBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\Shared\Cache\CursorManiaBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\Shared\Cache\SmileyCentralBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\Shared\Cache\CursorManiaBtn-new.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\Shared\Cache\SmileyCentralBtn-new.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\starware316\brand.bmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\program files\starware316\Starware316Config.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\program files\starware316\Starware316Uninstall.exe (Adware.Starware) -> Quarantined and deleted successfully.
c:\program files\starware316\icons\star_16.ico (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware316\contexts\error.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware316\contexts\Travel.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware316\contexts\Related.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware316\buttons\starware_toolbar_icon.bmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware316\buttons\finditxp.png (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware316\buttons\findithotxp.png (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware316\buttons\FindIt.bmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware316\buttons\FindItHot.bmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware316\buttons\highlightxp.png (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware316\buttons\highlighthotxp.png (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware316\buttons\Highlight.bmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware316\buttons\HighlightHot.bmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\docu
A voir également:

10 réponses

Réponse 1 / 10
Utilisateur anonyme
 
salut pour voir s'il reste des traces de websearch :


▶ Télécharge Ad-remover ( de C_XX ) sur ton bureau :


▶ Déconnecte toi et ferme toutes applications en cours !

▶ Double clique sur "Ad-R.exe" pour lancer l'installation et laisse les paramètres d'installation par défaut .

▶ Double-clique sur le raccourci Ad-remover qui est sur ton bureau pour lancer l'outil .

▶ Au menu principal choisis l'option "L" et tape sur [entrée] .

▶ Laisse travailler l'outil et ne touche à rien ...

▶ Poste le rapport qui apparait à la fin , sur le forum ...

( Le rapport est sauvegardé aussi sous C:\Ad-report.log )
( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )

▶ Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
0
melinda270680 Messages postés 6 Statut Membre
 
Voici le rapport :


.
======= RAPPORT D'AD-REMOVER 1.1.4.5_O | UNIQUEMENT XP/VISTA/SEVEN =======
.
Mit à jour par C_XX le 24/06/2009 à 7:10 PM
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 0:52:10, 04/08/2009 | Mode Normal | Option: CLEAN
Exécuté de: C:\Program Files\Ad-remover\
Système d'exploitation: Microsoft® Windows XP™ Service Pack 2 v5.1.2600
Nom du PC: NOM-3A30206F189 | Utilisateur actuel: Emmanuelle
.
Administrateur: Administrateur
N'est pas administrateur: ASPNET
Administrateur: Emmanuelle
N'est pas administrateur: HelpAssistant *Desactive*
N'est pas administrateur: Invité *Desactive*
N'est pas administrateur: SUPPORT_388945a0 *Desactive*
.
============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
.
Service: "MyWebSearchService"
.
HKCR\CLSID\{9afb8248-617f-460d-9366-d71cdeda3179}
HKCU\Software\FunWebProducts
HKCU\Software\ItsLabel
HKLM\Software\ItsLabel
HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyWebSearch bar Uninstall
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\ItsTV_is1
HKLM\SYSTEM\ControlSet003\Enum\Root\LEGACY_MYWEBSEARCHSERVICE
HKLM\SYSTEM\ControlSet003\Services\MyWebSearchService
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\MyWebSearch Email Plugin
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ItsTv
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\My Web Search Bar Search Scope Monitor
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\MyWebSearch Email Plugin
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\MyWebSearch Plugin
.
C:\DOCUME~1\EMMANU~1\APPLIC~1\ItsLabel\ItsTV
C:\DOCUME~1\EMMANU~1\APPLIC~1\ItsLabel\ItsTV\itsTV.xml
C:\DOCUME~1\EMMANU~1\APPLIC~1\ItsLabel
C:\Program Files\Mozilla Firefox\chrome\m3ffxtbr.jar
C:\Program Files\Mozilla Firefox\chrome\m3ffxtbr.manifest
C:\WINDOWS\Prefetch\MWSOEMON.EXE-2D039BC2.pf
C:\DOCUME~1\EMMANU~1\Cookies\emmanuelle@imgfarm[2].txt
C:\DOCUME~1\EMMANU~1\Cookies\emmanuelle@kiwee[2].txt
C:\DOCUME~1\EMMANU~1\Cookies\emmanuelle@www1.kiwee[1].txt
C:\DOCUME~1\EMMANU~1\Cookies\emmanuelle@www.kiwee[1].txt
C:\DOCUME~1\EMMANU~1\Cookies\emmanuelle@mysearchnow[2].txt
C:\DOCUME~1\EMMANU~1\Cookies\emmanuelle@mywebsearch[1].txt
C:\DOCUME~1\EMMANU~1\Cookies\emmanuelle@mywebsearch[2].txt
C:\DOCUME~1\EMMANU~1\Cookies\emmanuelle@mywebsearch[4].txt
C:\DOCUME~1\EMMANU~1\Cookies\emmanuelle@pacificpoker[2].txt
C:\DOCUME~1\EMMANU~1\Cookies\emmanuelle@webfetti[1].txt

(!) -- Fichiers temporaires supprimés.

.
============== Scan additionnel ==============
.

* Mozilla FireFox Version 3.0.11 *

Nom du profil: 97chcsdf.default (Emmanuelle)
.
(Prefs.js) user_pref("browser.search.defaultenginename", "Google");
(Prefs.js) user_pref("browser.search.defaulturl", "hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=");
(Prefs.js) user_pref("browser.startup.homepage", "hxxp://www.google.com");
(Prefs.js) user_pref("browser.startup.homepage_override.mstone", "rv:1.9.0.11");
.
.

* Internet Explorer Version 7.0.5730.11 *

[HKEY_CURRENT_USER\..\Internet Explorer\Main]

Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Search Page: hxxp://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
Start Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]

Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/

[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]

Tabs: res://ieframe.dll/tabswelcome.htm

============== Suspect (Cracks, Serials ... ) ==============

.
C:\Documents and Settings\Emmanuelle\Bureau\t‚l‚chargements\QP1C_Patch_PC_OnLine_OfflLine_1_vers_1.1.exe
C:\Documents and Settings\Emmanuelle\Bureau\t‚l‚chargements\singles_patch_v1.4_version_europeenne_multi-langues_12394.exe
C:\Documents and Settings\Emmanuelle\Bureau\t‚l‚chargements\singles_patch_v1.5_version_europeenne_multi-langues_12585.exe
C:\Documents and Settings\Emmanuelle\Bureau\t‚l‚chargements\singles_patch_v1.6_multi-langues_13067.exe
C:\Documents and Settings\Emmanuelle\Bureau\t‚l‚chargements\Singles2Patch_1_2.exe
.
===================================
.
4643 Octet(s) - C:\Ad-Report-CLEAN.log
.
8 Fichier(s) - C:\DOCUME~1\EMMANU~1\LOCALS~1\Temp
3 Fichier(s) - C:\WINDOWS\Temp
.
17 Fichier(s) - C:\Program Files\Ad-remover\BACKUP
14 Fichier(s) - C:\Program Files\Ad-remover\QUARANTINE
.
Fin à: 1:09:13 | 04/08/2009
.
============== E.O.F ==============
.
0
Réponse 2 / 10
Utilisateur anonyme
 
vide la quarantaine de Malwarebytes , mets le a jour et refais un complet
0
Réponse 3 / 10
melinda270680 Messages postés 6 Statut Membre
 
C'est fait. Voici le dernier rapport.

Malwarebytes' Anti-Malware 1.40
Version de la base de données: 2554
Windows 5.1.2600 Service Pack 2

04/08/2009 03:07:29
mbam-log-2009-08-04 (03-07-29).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 201521
Temps écoulé: 59 minute(s), 47 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 25

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\System Volume Information\_restore{DF23D76D-A5E9-4C5D-97D5-763664491E4F}\RP481\A0070749.EXE (Adware.MyWeb) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DF23D76D-A5E9-4C5D-97D5-763664491E4F}\RP481\A0070750.DLL (Adware.MyWeb) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DF23D76D-A5E9-4C5D-97D5-763664491E4F}\RP481\A0070752.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DF23D76D-A5E9-4C5D-97D5-763664491E4F}\RP481\A0070754.DLL (Adware.MyWeb) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DF23D76D-A5E9-4C5D-97D5-763664491E4F}\RP481\A0070755.DLL (Adware.MyWeb) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DF23D76D-A5E9-4C5D-97D5-763664491E4F}\RP481\A0070756.DLL (Adware.MyWeb) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DF23D76D-A5E9-4C5D-97D5-763664491E4F}\RP481\A0070758.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DF23D76D-A5E9-4C5D-97D5-763664491E4F}\RP481\A0070759.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DF23D76D-A5E9-4C5D-97D5-763664491E4F}\RP481\A0070761.DLL (Adware.MyWeb) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DF23D76D-A5E9-4C5D-97D5-763664491E4F}\RP481\A0070762.scr (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DF23D76D-A5E9-4C5D-97D5-763664491E4F}\RP481\A0070764.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DF23D76D-A5E9-4C5D-97D5-763664491E4F}\RP481\A0070765.DLL (Adware.MyWeb) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DF23D76D-A5E9-4C5D-97D5-763664491E4F}\RP481\A0070766.EXE (Adware.MyWeb) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DF23D76D-A5E9-4C5D-97D5-763664491E4F}\RP481\A0070767.DLL (Adware.MyWeb) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DF23D76D-A5E9-4C5D-97D5-763664491E4F}\RP481\A0070768.DLL (Adware.MyWeb) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DF23D76D-A5E9-4C5D-97D5-763664491E4F}\RP481\A0070769.DLL (Adware.MyWeb) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DF23D76D-A5E9-4C5D-97D5-763664491E4F}\RP481\A0070770.SCR (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DF23D76D-A5E9-4C5D-97D5-763664491E4F}\RP481\A0070771.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DF23D76D-A5E9-4C5D-97D5-763664491E4F}\RP481\A0070772.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DF23D76D-A5E9-4C5D-97D5-763664491E4F}\RP481\A0070773.EXE (Adware.MyWeb) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DF23D76D-A5E9-4C5D-97D5-763664491E4F}\RP481\A0070774.DLL (Adware.MyWeb) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DF23D76D-A5E9-4C5D-97D5-763664491E4F}\RP481\A0070775.EXE (Adware.MyWeb) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DF23D76D-A5E9-4C5D-97D5-763664491E4F}\RP481\A0070776.EXE (Adware.MyWeb) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DF23D76D-A5E9-4C5D-97D5-763664491E4F}\RP481\A0070777.EXE (Adware.MyWeb) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{DF23D76D-A5E9-4C5D-97D5-763664491E4F}\RP481\A0070778.EXE (Adware.MyWeb) -> Quarantined and deleted successfully.
0
Réponse 4 / 10
Utilisateur anonyme
 
▶ Télécharge et install UsbFix par Chiquitine29

(!) Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d'avoir été infectées sans les ouvrir

▶ Double clic sur le raccourci UsbFix présent sur ton bureau .

▶ Au menu principal choisis l'option " F " pour français et tape sur [entrée] .

▶ Au second menu Choisis l'option " 1 " (recherche) et tape sur [entrée]

▶ Laisse travailler l'outil.

▶ Ensuite post le rapport UsbFix.txt qui apparaitra.

Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque. ( C:\UsbFix.txt )

( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 10
melinda270680 Messages postés 6 Statut Membre
 
Voici le rapport :


############################## | UsbFix V6.014 |

User : Emmanuelle (Administrateurs) # NOM-3A30206F189
Update on 04/08/09 by Chiquitine29 & C_XX
Start at: 18:36:21 | 04/08/2009
Website : http://pagesperso-orange.fr/NosTools/index.html

Intel(R) Core(TM)2 CPU T5500 @ 1.66GHz
Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 2
Internet Explorer 7.0.5730.11
Windows Firewall Status : Disabled
AV : Norton Internet Security 2005 [ Enabled | (!) Outdated ]
AV : avast! antivirus 4.8.1335 [VPS 090804-1] 4.8.1335 [ Enabled | Updated ]
FW : Norton Internet Security[ Enabled ]2005

C:\ -> Disque fixe local # 53,54 Go (2,28 Go free) # FAT32
D:\ -> Disque fixe local # 35,69 Go (28,24 Go free) [DATA] # FAT32
E:\ -> Disque CD-ROM
F:\ -> Disque amovible # 966,08 Mo (369,4 Mo free) [USB DISK] # FAT32

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\ATK0100\HControl.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Windows Live\Family Safety\fsssvc.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\sm56hlpr.exe
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\Wireless Console 2\wcourier.exe
C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\ASUS\Splendid\ACMON.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ACEngSvr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\Program Files\Windows Live\Family Safety\fsui.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Documents and Settings\Emmanuelle\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Documents and Settings\Emmanuelle\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Emmanuelle\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Emmanuelle\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Emmanuelle\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

################## | Fichiers # Dossiers infectieux |

Présent ! D:\game.exe
Présent ! D:\Setup.exe

################## | Other | https://www.virustotal.com/gui/ |

Suspect ! D:\Bootvis\BootVis.exe

################## | Registre # Clés Run infectieuses |


################## | Registre # Mountpoints2 |


################## | Cracks / Keygens / Serials |


################## | ! Fin du rapport # UsbFix V6.014 ! |
0
Réponse 6 / 10
Utilisateur anonyme
 
(!) Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d avoir été infectés sans les ouvrir

▶ Double clic (clic droit "en tant qu'administrateur" pour Vista)sur le raccourci UsbFix présent sur ton bureau

▶ Au menu principal choisis l'option " F " pour français et tape sur [entrée] .

▶ Au second menu Choisis l'option " 2 " ( Suppression ) et tape sur [entrée]

▶ Ton bureau disparaitra et le pc redémarrera .

▶ Au redémarrage , UsbFix scannera ton pc , laisse travailler l'outil.

▶ Ensuite post le rapport UsbFix.txt qui apparaitra avec le bureau .

Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque.( C:\UsbFix.txt )

( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
0
melinda270680 Messages postés 6 Statut Membre
 
ok. Voici le rapport :

############################## | UsbFix V6.014 |

User : Emmanuelle (Administrateurs) # NOM-3A30206F189
Update on 04/08/09 by Chiquitine29 & C_XX
Start at: 19:11:21 | 04/08/2009
Website : http://pagesperso-orange.fr/NosTools/index.html

Intel(R) Core(TM)2 CPU T5500 @ 1.66GHz
Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 2
Internet Explorer 7.0.5730.11
Windows Firewall Status : Enabled
AV : Norton Internet Security 2005 [ Enabled | (!) Outdated ]
AV : avast! antivirus 4.8.1335 [VPS 090804-1] 4.8.1335 [ Enabled | Updated ]
FW : Norton Internet Security[ Enabled ]2005

C:\ -> Disque fixe local # 53,54 Go (2,24 Go free) # FAT32
D:\ -> Disque fixe local # 35,69 Go (28,24 Go free) [DATA] # FAT32
E:\ -> Disque CD-ROM
F:\ -> Disque amovible # 966,08 Mo (369,4 Mo free) [USB DISK] # FAT32

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Windows Live\Family Safety\fsssvc.exe
C:\WINDOWS\eHome\ehRec.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe

################## | Fichiers # Dossiers infectieux |

Supprimé ! D:\game.exe
Supprimé ! D:\Setup.exe

################## | Other |


################## | Suspect ... | https://www.virustotal.com/gui/ |

Suspect ! D:\Bootvis\BootVis.exe

################## | Registre # Clés Run infectieuses |


################## | Registre # Mountpoints2 |


################## | Listing des fichiers présent |

[30/05/2006 01:33|-rah-----|524288] -> C:\F3Jc.BIN
[30/05/2006 01:31|-rah-----|524288] -> C:\F3Jm.BIN
[01/06/2006 07:35|--a------|3] -> C:\F3JC_F3JM.10
[?|?|?] -> C:\pagefile.sys
[11/01/2009 22:46|--a------|13030] -> C:\PDOXUSRS.NET
[24/03/2006 20:00|-rahs----|4952] -> C:\Bootfont.bin
[03/02/2007 12:42|-rahs----|252240] -> C:\ntldr
[24/03/2006 20:00|-rahs----|47564] -> C:\NTDETECT.COM
[03/09/2006 21:56|--a------|3] -> C:\SP2B.TXT
[16/05/2005 17:15|--a------|14] -> C:\XPMF2005.FRN
[08/03/2006 07:55|--a------|22] -> C:\RECOVERY.DAT
[09/04/2007 12:41|-rahs----|220] -> C:\boot.ini
[03/02/2007 11:57|--a------|0] -> C:\CONFIG.SYS
[03/02/2007 11:57|--a------|0] -> C:\AUTOEXEC.BAT
[03/02/2007 11:57|-rahs----|0] -> C:\IO.SYS
[03/02/2007 11:57|-rahs----|0] -> C:\MSDOS.SYS
[?|?|?] -> C:\hiberfil.sys
[29/03/2007 21:22|--a------|2572422] -> C:\nwe_install.log
[29/03/2007 21:16|--a------|24950] -> C:\SHORTCUT_DEBUG_DELETE_Nero Digital.txt
[29/03/2007 21:19|--a------|25304] -> C:\SHORTCUT_DEBUG_Nero Digital.txt
[29/03/2007 21:20|--a------|54347] -> C:\SHORTCUT_DEBUG_DELETE_Nero 6 Demo.txt
[29/03/2007 21:22|--a------|25396] -> C:\SHORTCUT_DEBUG_Nero OEM.txt
[29/03/2007 21:21|--a------|16432] -> C:\SHORTCUT_DEBUG_DELETE_Nero OEM.txt
[29/03/2007 21:22|--a------|851] -> C:\SHORTCUT_DEBUG_DELETE_Nero Media Player.txt
[29/03/2007 21:22|--a------|12324] -> C:\SHORTCUT_DEBUG_Nero Media Player.txt
[11/08/2007 04:14|--ah-----|268] -> C:\sqmdata02.sqm
[15/07/2007 16:32|--a------|2351704] -> C:\Photoways.exe
[02/08/2009 01:14|--a------|2137] -> C:\cleannavi.txt
[31/07/2007 01:39|--ah-----|172] -> C:\sqmnoopt00.sqm
[31/07/2007 01:39|--ah-----|268] -> C:\sqmdata00.sqm
[06/08/2007 01:22|--ah-----|244] -> C:\sqmnoopt01.sqm
[06/08/2007 01:22|--ah-----|268] -> C:\sqmdata01.sqm
[03/11/2007 22:10|--a------|649629] -> C:\wonderlog.txt
[11/08/2007 04:14|--ah-----|244] -> C:\sqmnoopt02.sqm
[11/08/2007 05:33|--ah-----|244] -> C:\sqmnoopt03.sqm
[11/08/2007 05:33|--ah-----|268] -> C:\sqmdata03.sqm
[11/08/2007 15:58|--ah-----|244] -> C:\sqmnoopt04.sqm
[11/08/2007 15:58|--ah-----|268] -> C:\sqmdata04.sqm
[14/08/2007 18:08|--a------|160303] -> C:\web-mail-1-2-3.xpi
[14/08/2007 21:26|--a------|148197] -> C:\hotmail-1-2-3.xpi
[14/08/2007 21:35|--a------|101103] -> C:\lycos-1-2-2.xpi
[15/08/2007 01:32|--ah-----|244] -> C:\sqmnoopt05.sqm
[15/08/2007 01:32|--ah-----|268] -> C:\sqmdata05.sqm
[23/08/2007 16:01|--a------|3101111] -> C:\KC_&_the_Sunshine_Band_-_Get_Down_Tonight.wma
[30/08/2007 23:33|--ah-----|244] -> C:\sqmnoopt06.sqm
[30/08/2007 23:33|--ah-----|268] -> C:\sqmdata06.sqm
[04/09/2007 03:44|--ah-----|244] -> C:\sqmnoopt07.sqm
[04/09/2007 03:44|--ah-----|268] -> C:\sqmdata07.sqm
[08/09/2007 00:22|--ah-----|172] -> C:\sqmnoopt08.sqm
[08/09/2007 00:22|--ah-----|304] -> C:\sqmdata08.sqm
[10/09/2007 14:46|--ah-----|244] -> C:\sqmnoopt09.sqm
[10/09/2007 14:46|--ah-----|268] -> C:\sqmdata09.sqm
[10/09/2007 14:47|--ah-----|172] -> C:\sqmnoopt10.sqm
[10/09/2007 14:47|--ah-----|208] -> C:\sqmdata10.sqm
[19/09/2007 19:44|--ah-----|244] -> C:\sqmnoopt11.sqm
[19/09/2007 19:44|--ah-----|268] -> C:\sqmdata11.sqm
[23/09/2007 23:37|--ah-----|244] -> C:\sqmnoopt12.sqm
[23/09/2007 23:37|--ah-----|268] -> C:\sqmdata12.sqm
[02/12/2007 22:40|--ah-----|268] -> C:\sqmdata14.sqm
[01/10/2007 21:56|--ah-----|244] -> C:\sqmnoopt13.sqm
[01/10/2007 21:56|--ah-----|268] -> C:\sqmdata13.sqm
[02/12/2007 22:40|--ah-----|244] -> C:\sqmnoopt14.sqm
[16/01/2008 21:54|--ah-----|244] -> C:\sqmnoopt15.sqm
[16/01/2008 21:54|--ah-----|268] -> C:\sqmdata15.sqm
[04/04/2008 05:19|--ah-----|244] -> C:\sqmnoopt16.sqm
[04/04/2008 05:19|--ah-----|268] -> C:\sqmdata16.sqm
[27/04/2008 18:19|--a------|0] -> C:\Settings.ini
[19/08/2008 00:53|--ah-----|244] -> C:\sqmnoopt17.sqm
[19/08/2008 00:53|--ah-----|268] -> C:\sqmdata17.sqm
[04/08/2009 01:09|--a------|4959] -> C:\Ad-Report-CLEAN.log
[04/08/2009 19:12|--a------|7141] -> C:\UsbFix.txt
[03/02/2007 12:28|--a------|398] -> C:\RHDSetup.log
[03/02/2007 12:32|--a------|86] -> C:\setup.log
[03/02/2007 12:48|--a------|9] -> C:\Finish.log
[15/10/2005 00:31|--a------|85388] -> D:\layout.bin
[14/10/2005 23:25|--a------|407654] -> D:\data1.hdr
[14/10/2005 23:25|--a------|2167222] -> D:\data1.cab
[15/10/2005 00:31|--a------|241622] -> D:\setup.inx
[06/03/2009 23:52|--a------|592] -> D:\setup.ini
[06/03/2009 23:52|--a------|94] -> D:\setup.ibt
[07/10/2005 15:04|--a------|10458] -> D:\CURManual.txt
[08/03/2009 00:56|--a------|1625] -> D:\Game.ini
[23/09/2005 14:12|--a------|4398852] -> D:\protect.dll
[23/09/2005 14:13|--a------|652003] -> D:\protect.exe
[23/09/2005 14:09|--a------|3429961] -> D:\protect.x64
[06/03/2009 23:51|--a------|380928] -> D:\_setup.dll
[06/03/2009 23:57|--a------|2774528] -> D:\setup.ilg
[08/03/2009 00:56|--a------|5988] -> D:\display.drv
[08/03/2009 01:44|--a------|170770] -> D:\HICONTINUECHEAT.SAV
[08/03/2009 01:49|--a------|170770] -> D:\Part I.SAV
[27/02/2003 16:00|--a------|45056] -> D:\Video Card Setup.exe
[23/12/2005 10:47|--a------|1884160] -> D:\Runaway.exe
[31/08/2008 21:47|--a------|222208] -> D:\JkDefrag.exe
[31/08/2008 21:47|--a------|222720] -> D:\JkDefragCmd.exe
[31/08/2008 21:47|--a------|238592] -> D:\JkDefragScreenSaver.exe
[31/08/2008 21:47|--a------|98304] -> D:\JkDefragScreenSaver.scr
[31/07/2009 08:57|--a------|659196] -> D:\JkDefrag.log
[08/02/2009 09:05|--a------|4212] -> D:\changelog.txt
[01/08/2009 02:44|--a------|219] -> D:\info.ini
[27/07/2009 23:51|--a------|15529] -> D:\Adresses_fr_2_6.NDX
[27/07/2009 23:51|--a------|1786] -> D:\Adresses_fr_2_6.FIC
[27/07/2009 23:51|--a------|462] -> D:\123envoi.REP
[27/07/2009 23:51|--a------|1869] -> D:\Journal.NDX
[27/07/2009 23:51|--a------|1567] -> D:\Journal.FIC
[27/07/2009 23:51|--a------|210] -> D:\Journal.MMO
[27/07/2009 23:53|--a------|6539] -> D:\Messages_types.NDX
[27/07/2009 23:53|--a------|9826] -> D:\Messages_types.FIC
[27/07/2009 23:51|--a------|2661] -> D:\Infos_envoi.NDX
[27/07/2009 23:51|--a------|1592] -> D:\Infos_envoi.FIC
[08/02/2009 09:10|--a------|1999] -> D:\license.txt
[08/02/2009 09:06|--a------|677640] -> D:\QRegDefrag.exe
[25/03/2002 09:52|--a------|644976] -> D:\BootVis.exe
[02/08/2009 02:28|--a------|2137] -> D:\cleannavi.txt
[08/02/2007 19:58|--a------|989648] -> D:\google-toolbar-win.xpi
[08/02/2007 21:58|--a------|14896] -> D:\GoogleToolbarDownloader.exe
[22/02/2007 22:07|--a------|2326] -> D:\setup.log
[30/06/2007 00:00|--a------|179] -> D:\Raccourci vers Disque local (C).lnk
[30/07/2007 03:17|--ahs----|409600] -> F:\ehthumbs.db

################## | Vaccination |

# C:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.
# D:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.
# F:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.

################## | Cracks / Keygens / Serials |


################## | ! Fin du rapport # UsbFix V6.014 ! |
0
Réponse 7 / 10
Max#01 Messages postés 393 Statut Membre 76
 
Bonjour,

je vais peut être paraitre genant, mais as tu effectué un nettoyage de ton ordinateur avant de poser ton problème sur le forum ?

Bonjour,

Merci de faire tout d'abord du nettoyage dans votre ordinateur avec CCleaner , utilisez le Tutoriel CCLeaner pour vous aider.


Ensuite, vous installerez Spybot S&D pour enlever les logiciels espions et les vers pouvant infecter votre ordinateur.
voici les tuto pour vous aider: Tutoriel Spybot

Pour finir, installez MalwareBytes anti-Malware et faites une analyse pour détecter les trojan, win32 de votre machine.

Le Tutoriel MalwareBytes Anti-Malware devrait vous aider ;)

Une fois avoir fait tout cela, vous pourrez poster un rapport anti virus ou autre :)
0
Réponse 8 / 10
Utilisateur anonyme
 
Melinda na tiens pas compte du message de Max#01 stp
0
Réponse 9 / 10
Utilisateur anonyme
 
Télécharge OTL de OLDTimer

enregistre le sur ton Bureau.

▶ Double clic sur OTL.exe pour le lancer.

▶ Coche les 2 cases Lop et Purity

▶ Coche la case devant scan all users

▶ règle-le sur "60 Days"

▶Clic sur Run Scan.

A la fin du scan, le Bloc-Notes va s'ouvrir avec le rapport (OTL.txt).

Ce fichier est sur ton Bureau (en général C:\Documents and settings\le_nom_de_ta_session\OTL.txt)

▶▶▶ NE LE POSTE PAS SUR LE FORUM

Pour me le transmettre clique sur ce lien : http://www.cijoint.fr/

▶ Clique sur Parcourir et cherche le fichier ci-dessus.

▶ Clique sur Ouvrir.

▶ Clique sur "Cliquez ici pour déposer le fichier".

Un lien de cette forme :

http://www.cijoint.fr/cjlink.php?file=cjge368/cijSKAP5fU.txt

est ajouté dans la page.

▶ Copie ce lien dans ta réponse.

Tu feras la meme chose avec le "Extra.txt" s'il t'est demandé
0
melinda270680 Messages postés 6 Statut Membre
 
Je te remercie. Voici les 2 liens :

http://www.cijoint.fr/cjlink.php?file=cj200908/cijF8S0C0V.txt

http://www.cijoint.fr/cjlink.php?file=cj200908/cijHguvuwW.txt
0
Réponse 10 / 10
Utilisateur anonyme
 
desinstalle usbfix
desinstalle Navilog

ensuite :

▶ Double clic sur OTL.exe pour le lancer.


▶Copie la liste qui se trouve en gras ci-dessous,

▶ colle-la dans la zone sous Customs Scans/Fixes :

:processes
explorer.exe
iexplore.exe
firefox.exe
msnmsgr.exe
TeaTimer.exe

:OTL
O2 - BHO: () - {45A4902E-4479-4EAE-A186-8D0F7E4C78DE} - C:\Program Files\Starware316\bin\Starware316.dll File not found
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Starware Screensavers Toolbar) - {9FB3908C-6565-4CB0-95F8-E9F85258723C} - C:\Program Files\Starware316\bin\Starware316.dll File not found
O3 - HKU\S-1-5-21-3644584068-1884514739-437025490-1005\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-3644584068-1884514739-437025490-1005\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O4 - HKU\S-1-5-21-3644584068-1884514739-437025490-1005..\Run: [FAST Defrag] File not found
O4 - HKU\S-1-5-21-3644584068-1884514739-437025490-1005..\Run: [Intra Scr] C:\DOCUME~1\EMMANU~1\APPLIC~1\RDRGRI~1\city sect.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-3644584068-1884514739-437025490-1005\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-3644584068-1884514739-437025490-1005_Classes\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\msdaipp - No CLSID value found


:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=-
"Alcmtr"=-
"iTunesHelper"=-
"NeroFilterCheck"=-
"nwiz"=-
"QuickTime Task"=-
"RTHDCPL"=-

:files
C:\Program Files\Starware316
C:\Documents and Settings\All Users\Application Data\Show Fast Spam Byte

:commands
[emptytemp]
[reboot]


▶ Clique sur RunFix pour lancer la suppression.


▶ Poste le rapport.
0