Home antivirus 2010

maxdunord92 -  
Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   -
Bonjour,

quelqu'un pourrait-il m'aider à me débarrasser de Home antivirus 2010 ?

Cela fait plusieurs semaines qu'il est présent dans mon système j'espère trouver une solution...

Voici mon rapport HijackThis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:12:49, on 19/08/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\MSI\Live Update 3\LMonitor.exe
C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
C:\Program Files\EoRezo\EoEngine.exe
C:\Documents and Settings\Benoit\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\WINDOWS\system32\braviax.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBZE.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\HomeAntivirus2010\HomeAntivirus2010.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\Maxime\Mes documents\Téléchargements\HiJackThis(3).exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://y.lo.st
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [LiveMonitor] C:\Program Files\MSI\Live Update 3\LMonitor.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MyWebSearch Plugin] rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\M3PLUGIN.DLL,UPF
O4 - HKLM\..\Run: [My Web Search Bar] rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\MWSBAR.DLL,S
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKLM\..\Run: [EoEngine] "C:\Program Files\EoRezo\EoEngine.exe"
O4 - HKLM\..\Run: [SoftwareHelper] C:\Documents and Settings\Benoit\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
O4 - HKLM\..\Run: [Regedit32] C:\WINDOWS\system32\regedit.exe
O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
O4 - HKLM\..\Run: [msctrl.exe] C:\Program Files\Microsoft Security Adviser\msctrl.exe
O4 - HKLM\..\Run: [msavsc.exe] C:\Program Files\Microsoft Security Adviser\msavsc.exe
O4 - HKLM\..\Run: [msscan.exe] C:\Program Files\Microsoft Security Adviser\msscan.exe
O4 - HKLM\..\Run: [msiemon.exe] C:\Program Files\Microsoft Security Adviser\msiemon.exe
O4 - HKLM\..\Run: [msfw.exe] C:\Program Files\Microsoft Security Adviser\msfw.exe
O4 - HKLM\..\Run: [13337694] C:\Documents and Settings\All Users\Application Data\13337694\13337694.exe
O4 - HKLM\..\Run: [10882344] C:\Documents and Settings\All Users\Application Data\10882344\10882344.exe
O4 - HKLM\..\Run: [Home Antivirus 2010] "C:\Program Files\HomeAntivirus2010\HomeAntivirus2010.exe" /hide
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [braviax] braviax.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [EPSON Stylus D92 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBZE.EXE /FU "C:\DOCUME~1\Maxime\LOCALS~1\Temp\E_S119.tmp" /EF "HKCU"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-21-385160944-3990610132-1039464959-1008\..\Run: [agent.exe] C:\Program Files\PCenter\agent.exe (User 'Benoit')
O4 - HKUS\S-1-5-21-385160944-3990610132-1039464959-1008\..\Run: [Google Update] "C:\Documents and Settings\Benoit\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c (User 'Benoit')
O4 - HKUS\S-1-5-21-385160944-3990610132-1039464959-1008\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (User 'Benoit')
O4 - HKUS\S-1-5-21-385160944-3990610132-1039464959-1008\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'Benoit')
O4 - HKUS\S-1-5-21-385160944-3990610132-1039464959-1008\..\Run: [Mon Widget RMC] "C:\Program Files\Nosibay\Mon Widget RMC\launcher.exe" (User 'Benoit')
O4 - HKUS\S-1-5-21-385160944-3990610132-1039464959-1008\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe (User 'Benoit')
O4 - HKUS\S-1-5-21-385160944-3990610132-1039464959-1008\..\Run: [WinUsr] C:\Program Files\Winsudate\gibusr.exe (User 'Benoit')
O4 - HKUS\S-1-5-21-385160944-3990610132-1039464959-1008\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" (User 'Benoit')
O4 - HKUS\S-1-5-21-385160944-3990610132-1039464959-1008\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" (User 'Benoit')
O4 - HKUS\S-1-5-21-385160944-3990610132-1039464959-1008\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun (User 'Benoit')
O4 - HKUS\S-1-5-21-385160944-3990610132-1039464959-1008\..\Run: [EPSON Stylus D92 Series (Copie 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBZE.EXE /FU "C:\DOCUME~1\Benoit\LOCALS~1\Temp\E_S33.tmp" /EF "HKCU" (User 'Benoit')
O4 - HKUS\S-1-5-21-385160944-3990610132-1039464959-1008\..\Run: [EPSON Stylus D92 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBZE.EXE /FU "C:\DOCUME~1\Benoit\LOCALS~1\Temp\E_S86.tmp" /EF "HKCU" (User 'Benoit')
O4 - HKUS\S-1-5-21-385160944-3990610132-1039464959-1008\..\Run: [msctrl.exe] C:\Program Files\Microsoft Security Adviser\msctrl.exe (User 'Benoit')
O4 - HKUS\S-1-5-21-385160944-3990610132-1039464959-1008\..\Run: [msavsc.exe] C:\Program Files\Microsoft Security Adviser\msavsc.exe (User 'Benoit')
O4 - HKUS\S-1-5-21-385160944-3990610132-1039464959-1008\..\Run: [msscan.exe] C:\Program Files\Microsoft Security Adviser\msscan.exe (User 'Benoit')
O4 - HKUS\S-1-5-21-385160944-3990610132-1039464959-1008\..\Run: [msiemon.exe] C:\Program Files\Microsoft Security Adviser\msiemon.exe (User 'Benoit')
O4 - HKUS\S-1-5-21-385160944-3990610132-1039464959-1008\..\Run: [msfw.exe] C:\Program Files\Microsoft Security Adviser\msfw.exe (User 'Benoit')
O4 - HKUS\S-1-5-21-385160944-3990610132-1039464959-1008\..\Run: [mssadv.exe] (User 'Benoit')
O4 - HKUS\S-1-5-21-385160944-3990610132-1039464959-1008\..\Run: [braviax] C:\WINDOWS\system32\braviax.exe (User 'Benoit')
O4 - HKUS\S-1-5-21-385160944-3990610132-1039464959-1008\..\Run: [nudccjqx] "c:\documents and settings\benoit\local settings\application data\nudccjqx.exe" nudccjqx (User 'Benoit')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: play2p.lnk = C:\Program Files\play2p\play2p.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZSman000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{FD79A15B-8498-4A9B-8B4E-9A94223DECE7}: NameServer = 85.255.112.97,85.255.112.64
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.112.97,85.255.112.64
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.112.97,85.255.112.64
O20 - AppInit_DLLs: cru629.dat
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: Google Update Service (gupdate1c9f33d686aa190) (gupdate1c9f33d686aa190) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: My Web Search Service (MyWebSearchService) - MyWebSearch.com - C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: Gestionnaire de mise à jour Winsudate (WinSvc) - Unknown owner - C:\Program Files\Winsudate\gibsvc.exe (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe

--
End of file - 11972 bytes

Merci d'avance :)
Configuration: Windows XP
Firefox 3.5.2

44 réponses

  • 1
  • 2
  • 3
Résumé de la discussion

Un utilisateur cherche comment se débarrasser de Home Antivirus 2010 après plusieurs semaines d'infection sur Windows XP et partage un rapport HijackThis détaillé pour identifier les éléments persistants. Des recommandations proposent d'exécuter RSIT avec l'option 3 mois et de poster le rapport, puis d'utiliser DrWeb Process ou d'autres outils pour repérer et mettre en quarantaine les composants malveillants. Des éléments du log montrent des services et des programmes douteux, notamment HomeAntivirus2010.exe, des entrées Run et MyWebSearch/Google, nécessitant suppression, quarantine et nettoyage des clés de registre. En cas d’échec, la conversation mentionne l’utilisation de la Quarantine Qoobox et la suppression manuelle de DLL et d’exécutables malveillants, ainsi que des redémarrages propres pour assurer l’absence de redémarrage automatique.

Généré automatiquement par IA
sur la base des meilleures réponses
  1. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    Bonjour,

    /!\ Désactive tes protections résidentes (Antivirus, etc...) /!\

    --> Télécharge ComboFix (de sUBs) sur ton Bureau.
    --> Double-clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.
    --> Il va te demander d'installer la console de récupération : accepte.
    --> Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\Combofix.txt) dans ta prochaine réponse.

    Pour t'aider : Un guide et un tutoriel sur l'utilisation de ComboFix
    0
  2. maxdunord92
     
    Merci de ta réponse très rapide. :)

    Malheureusement, à la fin de la recherche l'ordinateur redémarre systématiquement (j'ai essayé plusieurs fois)
    et donc impossible de t'indiquer le rapport....
    0
  3. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    --> Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.

    --> Double-clique sur RSIT.exe afin de lancer le programme.
    (Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)

    --> Clique sur Continue à l'écran Disclaimer.

    --> Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

    --> Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

    Note : les rapports sont sauvegardés dans le dossier C:\rsit.
    0
  4. maxdunord92
     
    Merci une nouvelle fois de ta réponse des plus brèves.

    Voila ce que ça donne:

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Maxime at 2009-08-19 19:00:21
    Microsoft Windows XP Édition familiale Service Pack 2
    System drive C: has 111 GB (73%) free of 153 GB
    Total RAM: 1791 MB (68% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:00:24, on 19/08/2009
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir Desktop\sched.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\carpserv.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\MSI\Live Update 3\LMonitor.exe
    C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
    C:\Documents and Settings\Benoit\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
    C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
    C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\system32\FsUsbExService.Exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Google\Update\GoogleUpdate.exe
    C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
    C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
    C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
    C:\WINDOWS\system32\braviax.exe
    C:\Program Files\Steam\Steam.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Documents and Settings\Maxime\Bureau\RSIT.exe
    C:\Documents and Settings\Maxime\Mes documents\Téléchargements\Maxime.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
    O4 - HKLM\..\Run: [CARPService] carpserv.exe
    O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [LiveMonitor] C:\Program Files\MSI\Live Update 3\LMonitor.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [MyWebSearch Plugin] rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\M3PLUGIN.DLL,UPF
    O4 - HKLM\..\Run: [My Web Search Bar] rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\MWSBAR.DLL,S
    O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
    O4 - HKLM\..\Run: [EoEngine] "C:\Program Files\EoRezo\EoEngine.exe"
    O4 - HKLM\..\Run: [SoftwareHelper] C:\Documents and Settings\Benoit\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
    O4 - HKLM\..\Run: [Regedit32] C:\WINDOWS\system32\regedit.exe
    O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
    O4 - HKLM\..\Run: [msctrl.exe] C:\Program Files\Microsoft Security Adviser\msctrl.exe
    O4 - HKLM\..\Run: [msavsc.exe] C:\Program Files\Microsoft Security Adviser\msavsc.exe
    O4 - HKLM\..\Run: [msscan.exe] C:\Program Files\Microsoft Security Adviser\msscan.exe
    O4 - HKLM\..\Run: [msiemon.exe] C:\Program Files\Microsoft Security Adviser\msiemon.exe
    O4 - HKLM\..\Run: [msfw.exe] C:\Program Files\Microsoft Security Adviser\msfw.exe
    O4 - HKLM\..\Run: [13337694] C:\Documents and Settings\All Users\Application Data\13337694\13337694.exe
    O4 - HKLM\..\Run: [10882344] C:\Documents and Settings\All Users\Application Data\10882344\10882344.exe
    O4 - HKLM\..\Run: [Home Antivirus 2010] "C:\Program Files\HomeAntivirus2010\HomeAntivirus2010.exe" /hide
    O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
    O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
    O4 - HKLM\..\Run: [braviax] braviax.exe
    O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
    O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKCU\..\Run: [EPSON Stylus D92 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBZE.EXE /FU "C:\DOCUME~1\Maxime\LOCALS~1\Temp\E_S119.tmp" /EF "HKCU"
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\Run: [setup2.exe] C:\WINDOWS\system32\setup2.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: play2p.lnk = C:\Program Files\play2p\play2p.exe
    O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZSman000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{FD79A15B-8498-4A9B-8B4E-9A94223DECE7}: NameServer = 85.255.112.97,85.255.112.64
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.112.97,85.255.112.64
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.112.97,85.255.112.64
    O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
    O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
    O23 - Service: Google Update Service (gupdate1c9f33d686aa190) (gupdate1c9f33d686aa190) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
    O23 - Service: Gestionnaire de mise à jour Winsudate (WinSvc) - Unknown owner - C:\Program Files\Winsudate\gibsvc.exe (file missing)
    O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    Le PC est très infecté.

    Glisse le fichier suivant sur ComboFix :
    http://www.microsoft.com/downloads/details.aspx?FamilyId=15491F07-99F7-4A2D-983D-81C2137FF464&displaylang=fr
    0
  7. maxdunord92
     
    Pardon mais que dois-je faire en clair ??

    Télécharger l'utilitaire ?
    Que dois-je en faire ?
    Peut-tu être plus précis pour "glisser"?

    Merci d'avance
    0
  8. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    Oui, télécharge le fichier et glisse-le comme ceci :
    http://img.bleepingcomputer.com/combofix/usage/rc.gif
    0
  9. maxdunord92
     
    Malheureusement je n'arrive pas télécharger à l'utilitaire :

    Mozilla m'affiche que la connexion a échoué et
    Internet Explorer que le lien semble corrompu....
    0
  10. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    Ce sont les infections qui te bloquent certains sites.

    Lien provisoire :
    http://destrio5.free.fr/Telechargement_CCM/WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe
    0
  11. maxdunord92
     
    J'ai essayé plusieurs fois mais l'ordinateur redémarre toujours à la fin de la recherche
    Donc toujours pas de rapport...
    0
  12. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    ---> Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
    ---> Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
    ---> Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
    ---> Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
    ---> Sélectionne Exécuter un examen rapide.
    ---> Clique sur Rechercher. L'analyse démarre.

    A la fin de l'analyse, un message s'affiche :

    L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

    ---> Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
    ---> Ferme tes navigateurs.
    Si des malwares ont été détectés, clique sur Afficher les résultats.
    ---> Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
    ---> MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.
    0
  13. maxdunord92
     
    Merci beaucoup.

    Voila le rapport :

    Malwarebytes' Anti-Malware 1.40
    Version de la base de données: 2551
    Windows 5.1.2600 Service Pack 2

    19/08/2009 21:42:56
    mbam-log-2009-08-19 (21-42-56).txt

    Type de recherche: Examen rapide
    Eléments examinés: 128416
    Temps écoulé: 8 minute(s), 31 second(s)

    Processus mémoire infecté(s): 4
    Module(s) mémoire infecté(s): 2
    Clé(s) du Registre infectée(s): 71
    Valeur(s) du Registre infectée(s): 18
    Elément(s) de données du Registre infecté(s): 12
    Dossier(s) infecté(s): 38
    Fichier(s) infecté(s): 209

    Processus mémoire infecté(s):
    C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE (Adware.MyWebSearch) -> Unloaded process successfully.
    C:\Program Files\EoRezo\EoEngine.exe (Adware.EoRezo) -> Unloaded process successfully.
    C:\Documents and Settings\Benoit\Application Data\EoRezo\SoftwareUpdate\SoftwareUpdateHP.exe (Adware.EoRezo) -> Unloaded process successfully.
    C:\WINDOWS\system32\braviax.exe (Trojan.FakeAlert) -> Unloaded process successfully.

    Module(s) mémoire infecté(s):
    C:\Program Files\EoRezo\EoAdv\EoAdv.dll (Adware.EoRezo) -> Delete on reboot.
    C:\Program Files\Mozilla Firefox\plugins\NPMyWebS.dll (Adware.MyWeb) -> Delete on reboot.

    Clé(s) du Registre infectée(s):
    HKEY_CLASSES_ROOT\mywebsearch.chatsessionplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\TypeLib\{e79dfbc0-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{72ee7f04-15bd-4845-a005-d6711144d86a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{e79dfbc9-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{e79dfbcb-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\mywebsearch.chatsessionplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{07b18eaa-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{07b18eac-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{1093995a-ba37-41d2-836e-091067c4ad17} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{120927bf-1700-43bc-810f-fab92549b390} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{17de5e5e-bfe3-4e83-8e1f-8755795359ec} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{1f52a5fa-a705-4415-b975-88503b291728} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{247a115f-06c2-4fb3-967d-2d62d3cf4f0a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{2e3537fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{3e1656ed-f60e-4597-b6aa-b6a58e171495} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{3e53e2cb-86db-4a4a-8bd9-ffeb7a64df82} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{3e720451-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{3e720453-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{63d0ed2b-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{63d0ed2d-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{6e74766c-4d93-4cc0-96d1-47b8e07ff9ca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{7473d291-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{7473d293-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{7473d295-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{7473d297-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{90449521-d834-4703-bb4e-d3aa44042ff8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{991aac62-b100-47ce-8b75-253965244f69} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{a626cdbd-3d13-4f78-b819-440a28d7e8fc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{bbabdc90-f3d5-4801-863a-ee6ae529862d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{d6ff3684-ad3b-48eb-bbb4-b9e6c5a355c1} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{de38c398-b328-4f4c-a3ad-1b5e4ed93477} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25e} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25f} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{eb9e5c1c-b1f9-4c2b-be8a-27d6446fdaf8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{f87d7fb5-9dc5-4c8c-b998-d8dfe02e2978} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{1e0de227-5ce4-4ea3-ab0c-8b03e1aa76bc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Typelib\{56acb669-4139-5611-cbba-f5acb0f4db09} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Typelib\{e47caee0-deea-464a-9326-3f2801535a4d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Typelib\{f42228fb-e84e-479e-b922-fbbd096e792c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{bc4be15d-6a34-4356-9e97-79e43da32b1d} (Adware.Shopper) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\WinBlueSoft (Rogue.WinBlue) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\securentm (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\WinBlueSoft (Rogue.WinBlue) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWay) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo (Rogue.Eorezo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Privacy center (Rogue.PrivacyCenter) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SystemSecurity2009 (Rogue.SystemSecurity) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\sfxdrv (Rootkit.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Alfampeg (Trojan.DNSChanger) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\eoengine (Adware.EoRezo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\softwarehelper (Adware.EoRezo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\msctrl.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\msavsc.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\msscan.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\msiemon.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\msfw.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mssadv.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\braviax (Trojan.Downloader) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Search\(default) (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources\f3PopularScreensavers (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Control Panel\don't load\scui.cpl (Hijack.SecurityCenter) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Control Panel\don't load\wscui.cpl (Hijack.SecurityCenter) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\ForceClassicControlPanel (Hijack.ControlPanelStyle) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\13337694 (Rogue.Multiple) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\10882344 (Rogue.Multiple) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\sfx (Rootkit.Agent) -> Quarantined and deleted successfully.

    Elément(s) de données du Registre infecté(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.97,85.255.112.64 -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{fd79a15b-8498-4a9b-8b4e-9a94223dece7}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.97,85.255.112.64 -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.97,85.255.112.64 -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{fd79a15b-8498-4a9b-8b4e-9a94223dece7}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.97,85.255.112.64 -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.97,85.255.112.64 -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{fd79a15b-8498-4a9b-8b4e-9a94223dece7}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.97,85.255.112.64 -> Quarantined and deleted successfully.

    Dossier(s) infecté(s):
    C:\Program Files\Microsoft Security Adviser (Trojan.Downloader) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\1.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Avatar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Game (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\History (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\icons (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Message (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Notifier (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Settings (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\FunWebProducts\PopSwatr (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\FunWebProducts\PopSwatr\History (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\FunWebProducts\ScreenSaver (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\FunWebProducts\ScreenSaver\Images (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\FunWebProducts\Shared (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\FunWebProducts\Shared\Cache (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Benoit\Menu Démarrer\Programmes\System Security (Rogue.SystemSecurity) -> Quarantined and deleted successfully.
    C:\Program Files\PCenter (Rogue.PCenter) -> Quarantined and deleted successfully.
    C:\Program Files\PCenter\faq (Rogue.PCenter) -> Quarantined and deleted successfully.
    C:\Program Files\PCenter\faq\images (Rogue.PCenter) -> Quarantined and deleted successfully.
    C:\Program Files\PCenter\sounds (Rogue.PCenter) -> Quarantined and deleted successfully.
    C:\Program Files\PCenter\tools (Rogue.PCenter) -> Quarantined and deleted successfully.
    C:\Program Files\PCenter\tools\sc (Rogue.PCenter) -> Quarantined and deleted successfully.
    C:\Program Files\PCenter\tools\sp (Rogue.PCenter) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Benoit\Application Data\PCenter (Rogue.PCenter) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Benoit\Application Data\PCenter\dbases (Rogue.PCenter) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Benoit\Application Data\PCenter\keys (Rogue.PCenter) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Benoit\Application Data\PCenter\temp (Rogue.PCenter) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Benoit\Menu Démarrer\Programmes\Alfampeg (Trojan.DNSChanger) -> Quarantined and deleted successfully.
    C:\Program Files\Alfampeg (Trojan.DNSChanger) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Benoit\Menu Démarrer\Programmes\HomeAntivirus2010 (Rogue.HomeAntiVirus) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Maxime\Menu Démarrer\Programmes\HomeAntivirus2010 (Rogue.HomeAntiVirus) -> Quarantined and deleted successfully.
    C:\Program Files\HomeAntivirus2010 (Rogue.HomeAntiVirus) -> Quarantined and deleted successfully.
    C:\Program Files\HomeAntivirus2010\data (Rogue.HomeAntiVirus) -> Quarantined and deleted successfully.
    C:\Program Files\HomeAntivirus2010\Microsoft.VC80.CRT (Rogue.HomeAntiVirus) -> Quarantined and deleted successfully.

    Fichier(s) infecté(s):
    C:\Documents and Settings\Benoit\Local Settings\Application Data\nudccjqx_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Benoit\Local Settings\Application Data\nudccjqx_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Benoit\Local Settings\Application Data\nudccjqx.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Benoit\Local Settings\Application Data\nudccjqx.exe (Adware.Navipromo.H) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\1.bin\MWSOESTB.DLL (Adware.MyWeb) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE (Adware.MyWeb) -> Quarantined and deleted successfully.
    C:\Program Files\EoRezo\EoEngine.exe (Adware.EoRezo) -> Quarantined and deleted successfully.
    C:\Program Files\EoRezo\EoAdv\EoAdv.dll (Adware.EoRezo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Benoit\Application Data\EoRezo\SoftwareUpdate\SoftwareUpdateHP.exe (Adware.EoRezo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\braviax.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Mozilla Firefox\plugins\NPMyWebS.dll (Adware.MyWeb) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL (Adware.MyWeb) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (Adware.MyWeb) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\1.bin\M3MSG.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\1.bin\F3REPROX.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\1.bin\F3HTMLMU.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\1.bin\MWSOEPLG.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\WINDOWS\braviax.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\f3PSSavr.scr (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Benoit\Local Settings\Temp\b.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Microsoft Security Adviser\msctrl.log (Trojan.Downloader) -> Quarantined and deleted successfully.
    C:\Program Files\Microsoft Security Adviser\mssadv.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
    C:\Program Files\Microsoft Security Adviser\mssadv.log (Trojan.Downloader) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\1.bin\F3BKGERR.JPG (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\1.bin\F3CJPEG.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\1.bin\F3DTACTL.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\1.bin\F3HISTSW.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\1.bin\F3HKSTUB.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\1.bin\F3HTTPCT.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\1.bin\F3POPSWT.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\1.bin\F3PSSAVR.SCR (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\1.bin\F3REGHK.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\1.bin\F3RESTUB.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\1.bin\F3SCHMON.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\1.bin\F3SCRCTR.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\1.bin\F3SPACER.WMV (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\1.bin\F3WALLPP.DAT (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\1.bin\F3WPHOOK.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\1.bin\FWPBUDDY.PNG (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\1.bin\M3FFXTBR.JAR (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\1.bin\M3FFXTBR.MANIFEST (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\1.bin\M3HIGHIN.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\1.bin\M3HTML.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\1.bin\M3IDLE.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\1.bin\M3IMPIPE.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\1.bin\M3MEDINT.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\1.bin\M3NTSTBR.JAR (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\1.bin\M3NTSTBR.MANIFEST (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\1.bin\M3OUTLCN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\1.bin\M3SKIN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\1.bin\M3SKPLAY.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\1.bin\M3SLSRCH.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\1.bin\MWSSVC.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\1.bin\NPMYWEBS.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Avatar\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\00018B7D (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\0001C992 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\0001F7A7 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\0001F879 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\0001FF7A (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\00025883 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\0002C40C (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\00032181 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\00050996 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\0005491E (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\0007B4F4 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\00115B25 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\0014531B (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\0020636A (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\00224DA6 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\0025984E (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\002722DC (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\00284C1F.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\00284D41.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\00284E5A.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\00284F9A.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\0029199D (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\002D2AB8 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\0030A325 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\0035AE56 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\003C64BF (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\003CEA74 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\0054898C (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\00573815 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\005A3855 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\0063AEE1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\006CB008 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\00762914 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\008915E6 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\008A5E39 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\008B93CF (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\008BF8E4 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\008C98A7 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\009FEC28 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\00A2F64E (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\00BAF461 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\00BB63E8 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\00BBEDA5 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\00BC542D (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\00D22501 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\00D9DD98 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\00F121EF (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\0100EB91 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\0102F5F5 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\0116C821 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\0120AE01.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\0120AFEC.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\012F15ED (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\012FCBB6 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\01A67AEE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\01AE8231 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\01B06AC9 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\01B0F377 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\01F9C91B (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\021F3676 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\026BC8A1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\03E8D1BC (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Cache\files.ini (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Game\CHECKERS.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Game\CHESS.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Game\REVERSI.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\History\search3 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\icons\CM.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\icons\MFC.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\icons\PSS.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\icons\SMILEY.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\icons\WB.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\icons\ZWINKY.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Message\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Notifier\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Notifier\DOG.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Notifier\FISH.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Notifier\KUNGFU.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Notifier\LIFEGARD.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Notifier\MAID.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Notifier\MAILBOX.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Notifier\OPERA.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Notifier\ROBOT.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Notifier\SEDUCT.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Notifier\SURFER.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Settings\prevcfg2.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\MyWebSearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\FunWebProducts\PopSwatr\History\allowed (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\FunWebProducts\PopSwatr\History\notallow (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\FunWebProducts\Shared\Cache\CursorManiaBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\FunWebProducts\Shared\Cache\SmileyCentralBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Program Files\FunWebProducts\Shared\Cache\WebfettiBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Benoit\Menu Démarrer\Programmes\System Security\System Security (Rogue.SystemSecurity) -> Quarantined and deleted successfully.
    C:\Program Files\PCenter\faq\guide.html (Rogue.PCenter) -> Quarantined and deleted successfully.
    C:\Program Files\PCenter\faq\images\gimg1.jpg (Rogue.PCenter) -> Quarantined and deleted successfully.
    C:\Program Files\PCenter\faq\images\gimg10.jpg (Rogue.PCenter) -> Quarantined and deleted successfully.
    C:\Program Files\PCenter\faq\images\gimg2.jpg (Rogue.PCenter) -> Quarantined and deleted successfully.
    C:\Program Files\PCenter\faq\images\gimg3.jpg (Rogue.PCenter) -> Quarantined and deleted successfully.
    C:\Program Files\PCenter\faq\images\gimg4.jpg (Rogue.PCenter) -> Quarantined and deleted successfully.
    C:\Program Files\PCenter\faq\images\gimg5.jpg (Rogue.PCenter) -> Quarantined and deleted successfully.
    C:\Program Files\PCenter\faq\images\gimg6.jpg (Rogue.PCenter) -> Quarantined and deleted successfully.
    C:\Program Files\PCenter\faq\images\gimg7.jpg (Rogue.PCenter) -> Quarantined and deleted successfully.
    C:\Program Files\PCenter\faq\images\gimg8.jpg (Rogue.PCenter) -> Quarantined and deleted successfully.
    C:\Program Files\PCenter\faq\images\gimg9.jpg (Rogue.PCenter) -> Quarantined and deleted successfully.
    C:\Program Files\PCenter\sounds\1.mp3 (Rogue.PCenter) -> Quarantined and deleted successfully.
    C:\Program Files\PCenter\sounds\3.mp3 (Rogue.PCenter) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Benoit\Application Data\PCenter\dbases\cg.dat (Rogue.PCenter) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Benoit\Application Data\PCenter\dbases\mw.dat (Rogue.PCenter) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Benoit\Application Data\PCenter\dbases\rd.dat (Rogue.PCenter) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Benoit\Application Data\PCenter\dbases\sc.dat (Rogue.PCenter) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Benoit\Application Data\PCenter\dbases\sm.dat (Rogue.PCenter) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Benoit\Application Data\PCenter\dbases\sp.dat (Rogue.PCenter) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Benoit\Application Data\PCenter\keys\cg.key (Rogue.PCenter) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Benoit\Application Data\PCenter\keys\rd.key (Rogue.PCenter) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Benoit\Application Data\PCenter\keys\sc.key (Rogue.PCenter) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Benoit\Application Data\PCenter\keys\sp.key (Rogue.PCenter) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Benoit\Application Data\PCenter\temp\settings.ini (Rogue.PCenter) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Benoit\Menu Démarrer\Programmes\Alfampeg\Uninstall.lnk (Trojan.DNSChanger) -> Quarantined and deleted successfully.
    C:\Program Files\Alfampeg\Uninstall.exe (Trojan.DNSChanger) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Benoit\Menu Démarrer\Programmes\HomeAntivirus2010\HomeAntivirus2010.lnk (Rogue.HomeAntiVirus) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Benoit\Menu Démarrer\Programmes\HomeAntivirus2010\Uninstall.lnk (Rogue.HomeAntiVirus) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Maxime\Menu Démarrer\Programmes\HomeAntivirus2010\HomeAntivirus2010.lnk (Rogue.HomeAntiVirus) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Maxime\Menu Démarrer\Programmes\HomeAntivirus2010\Uninstall.lnk (Rogue.HomeAntiVirus) -> Quarantined and deleted successfully.
    C:\Program Files\HomeAntivirus2010\AVEngn.dll (Rogue.HomeAntiVirus) -> Quarantined and deleted successfully.
    C:\Program Files\HomeAntivirus2010\HomeAntivirus2010.cfg (Rogue.HomeAntiVirus) -> Quarantined and deleted successfully.
    C:\Program Files\HomeAntivirus2010\htmlayout.dll (Rogue.HomeAntiVirus) -> Quarantined and deleted successfully.
    C:\Program Files\HomeAntivirus2010\pthreadVC2.dll (Rogue.HomeAntiVirus) -> Quarantined and deleted successfully.
    C:\Program Files\HomeAntivirus2010\wscui.cpl (Rogue.HomeAntiVirus) -> Quarantined and deleted successfully.
    C:\Program Files\HomeAntivirus2010\data\daily.cvd (Rogue.HomeAntiVirus) -> Quarantined and deleted successfully.
    C:\Program Files\HomeAntivirus2010\Microsoft.VC80.CRT\Microsoft.VC80.CRT.manifest (Rogue.HomeAntiVirus) -> Quarantined and deleted successfully.
    C:\Program Files\HomeAntivirus2010\Microsoft.VC80.CRT\msvcm80.dll (Rogue.HomeAntiVirus) -> Quarantined and deleted successfully.
    C:\Program Files\HomeAntivirus2010\Microsoft.VC80.CRT\msvcp80.dll (Rogue.HomeAntiVirus) -> Quarantined and deleted successfully.
    C:\Program Files\HomeAntivirus2010\Microsoft.VC80.CRT\msvcr80.dll (Rogue.HomeAntiVirus) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Benoit\Bureau\HomeAntivirus2010.lnk (Rogue.HomeAntiVirus) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Maxime\Bureau\HomeAntivirus2010.lnk (Rogue.HomeAntiVirus) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Benoit\Application Data\Microsoft\Internet Explorer\Quick Launch\HomeAntivirus2010.lnk (Rogue.HomeAntiVirus) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Maxime\Application Data\Microsoft\Internet Explorer\Quick Launch\HomeAntivirus2010.lnk (Rogue.HomeAntiVirus) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Benoit\Bureau\System Security 2009.lnk (Rogue.SystemSecurity) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Benoit\Local Settings\Temporary Internet Files\awuqy.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Benoit\Local Settings\Temporary Internet Files\kyputa.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\Tasks\{5B57CF47-0BFA-43c6-ACF9-3B3653DCADBA}.job (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Benoit\Bureau\PCenter.lnk (Rogue.PrivacyCenter) -> Quarantined and deleted successfully.
    C:\WINDOWS\Tasks\{783AF354-B514-42d6-970E-3E8BF0A5279C}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Benoit\Application Data\wiaserva.log (Malware.Trace) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Benoit\oashdihasidhasuidhiasdhiashdiuasdhasd (Trace.Pandex) -> Quarantined and deleted successfully.
    C:\Documents and Settings\LocalService\oashdihasidhasuidhiasdhiashdiuasdhasd (Trace.Pandex) -> Quarantined and deleted successfully.
    C:\WINDOWS\010112010146118114.dat (Worm.KoobFace) -> Quarantined and deleted successfully.
    C:\WINDOWS\0101120101464849.dat (Worm.KoobFace) -> Quarantined and deleted successfully.
    C:\Program Files\sFX\sfX.sYs (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\sFX\SfX.DlL (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\934fdfg34fgjf23 (Worm.KoobFace) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\ESQULzcounter (Trojan.Agent) -> Quarantined and deleted successfully.
    0
  14. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    Réessaie ComboFix maintenant.
    0
  15. maxdunord92
     
    Combofix redémarre toujours à la fin de la recherche...
    0
  16. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    As-tu essayé en mode sans échec ?
    0
  17. maxdunord92
     
    Non je n'ai encore jamais utilisé le mode sans échec.

    Donc Combofix en sans échec ?
    0
  18. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    ---> Pour redémarrer en mode sans échec :
    - Redémarre ton PC.
    - Au démarrage, tapote sur F8 (F5 sur certains PC) juste après l'affichage du BIOS et juste avant le chargement de Windows.
    - Dans le menu d'options avancées, choisis Mode sans échec.
    - Choisis ta session.
    0
  19. maxdunord92
     
    OK.

    Je ferai ça demain. Merci pour tout.
    En espérant que ce sera la bonne.

    Bonne soirée
    0
  20. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    Bonne soirée ;)
    0
  21. maxdunord92
     
    Bonjour,

    je ne peux pas mettre mon ordinateur en mode sans echec.

    Je tape bien F8, je choisis ensuite le mode sans échec mais l'ordinateur redémarre à chaque fois...
    0
  • 1
  • 2
  • 3