Virus security tool

Résolu
michel -  
 visjepa -
Bonjour,
Depuis quelques jours j'ai un message securité tool qui m'empêche d'aller sur internet,que faire?windows xp

31 réponses

  • 1
  • 2
Résumé de la discussion

Un message de sécurité, désigné Security Tool, empêche l'accès à Internet sur Windows XP utilisant Firefox 2.0.0.12 et génère une alerte qui bloque les navigations jusqu'à résolution.
Plusieurs méthodes permettent de désinfecter le poste et contourner le blocage, notamment démarrer en mode sans échec avec prise en charge réseau et lancer un outil de diagnostic comme ZHPDiag pour établir un rapport.
L'usage de ZHPDiag permet d'obtenir un rapport à transmettre pour assistance, et Malwarebytes Anti-Malware ou Kaspersky sont évoqués comme solutions de détection et de suppression des infections.
Certaines interventions indiquent que le virus peut se cacher dans AppData et que certains téléchargements restent bloqués, ce qui peut nécessiter l'usage d'un autre ordinateur pour obtenir les outils adéquats.

Généré automatiquement par IA
sur la base des meilleures réponses
  1. Jean-François Pillou Messages postés 18961 Date d'inscription   Statut Webmaster Dernière intervention   63 308
     
    Il y a une fiche pratique prête à l'emploi ici :
    http://www.commentcamarche.net/faq/24055-security-tool
    Jean-François Pillou

    Fondateur de CommentCaMarche.net

    3
    1. Mstr Messages postés 12018 Date d'inscription   Statut Contributeur sécurité Dernière intervention   1 900
       
      Salut Jeff,

      Attention, le Security Tool qui traine depuis quelques jours à l'air d'avoir subit quelques mutations...
      Rkill et MBAM sont pour le moment inutiles..

      Il faut désormais s'y prendre autrement !

      A la prochaine !
      0
    2. Jean-François Pillou Messages postés 18961 Date d'inscription   Statut Webmaster Dernière intervention   63 308
       
      ah ok, merci pour cette info. Il faudra mettre à jour la FAQ quand on aura trouvé le remède alors :-)
      0
    3. Mstr Messages postés 12018 Date d'inscription   Statut Contributeur sécurité Dernière intervention   1 900
       
      J'y pense, si c'est pas fais dans pas longtemps, je m'en chargerais.

      On essaye déjà d'avoir un peu plus d'infos sur le vecteur d'infection, qui semble avoir changé lui aussi..

      A plus ! :)
      0
    4. michel
       
      Bonjour
      Je ne sais plus comment faire
      J'ai fais tous ce que l'on m'a dis,
      0
    5. crapoulou Messages postés 28002 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   8 046
       
      Lu Mstr,

      On essaye déjà d'avoir un peu plus d'infos sur le vecteur d'infection, qui semble avoir changé lui aussi..

      Si t'as des infos, fais tourner là où tu sais.... ;-)
      Merci.

      Lu Jeff, eh oui, forte recrudescence de Security tool!
      0
  2. crapoulou Messages postés 28002 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   8 046
     
    Travaille en mode sans échec avec prise en charge réseau.

    Pour redémarrer en mode sans échec :

    /!\ Ne jamais démarrer en mode sans échec via MSCONFIG /!\

    * Clique sur Démarrer
    * Clique sur Arrêter
    * Sélectionne Redémarrer et au redémarrage
    * Appuie sur la touche F8 ou F5 selon ta machine sans discontinuer "1 appuis seconde" dès qu'un écran de texte apparaît puis disparaît
    * Utilise les touches de direction pour sélectionner mode sans échec avec prise en charge réseau
    * Puis appuis sur ENTRÉE
    * Il faudra choisir ta session habituelle, pas le compte "Administrateur" ou une autre.
    * Une fois démarré ne t'inquiète pas si les couleurs et les icônes ne sont pas comme d'habitude, c'est tout à fait normal.
    2
    1. michel
       
      Bonjour
      Je suis arrivé désolé voici le lien
      http://www.cijoint.fr/cjlink.php?file=cj201009/cijIRMCtvE.txt
      Merci
      0
  3. crapoulou Messages postés 28002 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   8 046
     
    Salut,

    On va regarder cela ensembles.

    Télécharge ZHPDiag sur ton bureau :

    = = = = =>>>En cliquant ici <<<= = = = = =

    Une fois le téléchargement achevé, double clique sur ZHPDiag.exe et suis les instructions pour l'installer.
    N'oublie pas de cocher la case qui permet de mettre un raccourci sur le Bureau.

    Double clique sur le raccourci ZHPDiag sur ton Bureau pour le lancer ou lance le automatiquement lors de la fin de l'installation.

    /!\ L'outil crée 2 icônes ZHPDiag et ZHPFix /!\

    Si une fenêtre de licencs SigCheck s'ouvre... accepte, si tu as un parefeu qui demande si SigCheck tente de se connecter à internet, accepte également.

    Clique sur le tournevis en haut à droite de ZHPDiag et clique sur "Tous" pour cocher toutes les cases.
    Clique sur la loupe pour lancer l'analyse.
    Laisse l'outil travailler, il peut être assez long, c'est normal.
    Enregistre le rapport (icône de la Disquette) sur ton PC (repère où tu l'as enregistré).
    Ferme ZHPDiag en fin d'analyse.

    Pour transmettre le rapport clique sur ce lien :
    http://www.cijoint.fr/
    Clique sur Parcourir et cherche le répertoire où est installé ZHPDiag (en général C:\Program Files\ZHPDiag).
    Sélectionne le fichier ZHPDiag.txt.
    Clique sur "Cliquez ici pour déposer le fichier".

    Un lien de cette forme :
    http://www.cijoint.fr/cjlink.php?file=cj200905/cijSKAP5fU.txt
    est ajouté dans la page. Copie ce lien dans ta réponse.

    Aide en images pour poster un rapport sur cijoint.
    1
    1. michel
       
      Bonjour
      Merci de bien vouloir m'aider.
      J'ai téléchargé ZHPDiag security tool m'empèche de l'ouvrir;
      0
    2. michel
       
      j'ai lancé ZHPDiag puis suivi tous ce qu'il fallait faire
      puis transmis le rapport avec le lien
      Je n'ai pas trouvé le lien ajouté dans la page
      0
    3. michel
       
      Les fichiers avec l'extension ne peuvent pas être déposés !
      0
    4. Charles03410
       
      http://www.cijoint.fr/cjlink.php?file=cj201010/cijQjQuGnS.txt

      voila pour moi ! en attendant une réponse dans les plus bref délais merci
      0
    5. crapoulou Messages postés 28002 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   8 046
       
      Charles03410,

      Merci de créer votre propre message sur le forum afin d'obtenir une aide personnalisée :

      http://sd-1.archive-host.com/...

      Crapoulou, Modérateur CCM.
      0
  4. Firewall
     
    Le fichier concerné se trouve dans le dossier appdata (dossier cacher) .Le virus est un fichier éxécutable de la forme 312523653.exe(si tu trouves un fichier avec autant de chiffre + le .EXE c'est ton virus) .Si tu te sers de Kaspersky (je ne veux pas faire de pub) il te le détectera et te le supprimera. J'ai essayé Malwarebytes' Anti-Malware en mode sans echec . Il m'a détecté les virus , me les a supprimés, et quelle surprise de les retrouver en lançant windows normalement .J'ai passé ma soirée pour trouver un logiciel adéquat et kaspersky est fiable .En sachant que le PC que je désinfecte n'est pas le mien.

    Pour info pour télécharger n'importe quelle fichiers , il vous faut une autre bécane car Sécurity Tool empêche tous téléchargements .
    1
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. crapoulou Messages postés 28002 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   8 046
     
    michel, regarde l'aide en images pour uploader le rapport sur cijoint :
    http://sd-1.archive-host.com/membres/up/68979205412808752/CCM/cijoint.htm

    Après avoir cliqué sur "Cliquez ici pour déposer le fichier", un lien bleu apparait juste au-dessus dudit bouton.
    Copie-colle le moi.
    0
    1. michel
       
      Bonjour
      Désolé tu vas croire que je suis idiot,j'ai fais comme tu m'as expliqué,Après avoir cliqué sur "Cliquez ici pour déposer le fichier"il y a soit "Les fichiers avec l'extension ne peuvent pas être déposés !soit vous n'avez pas déposé de fichier.
      0
    2. michel
       
      voici le lien http://www.cijoint.fr/cjlink.php?file=cj201009/cijIRMCtvE.txt
      merci
      0
  7. crapoulou Messages postés 28002 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   8 046
     
    Rends-toi à cette adresse :

    https://www.bleepingcomputer.com/submit-malware.php?channel=12

    Remplis le formulaire ainsi :

    Link to topic where this file was requested:
    => Copie-colle l'adresse de cette discussion :
    http://www.commentcamarche.net/forum/affich-19303713-virus-security-tool

    Browse to the file you want to submit:
    => Sélectionne ce fichier :
    C:\Documents And Settings\michel hager\Local Settings\Application Data\87244.exe

    Leave any comments, further information about this file, or contact information:
    => Copie-colle ceci :
    Security-Tool / Crapoulou

    ********

    Fais de même avec ce fichier :
    C:\Documents And Settings\michel hager\Local Settings\Application Data\938626.exe

    Dis moi une fois que c'est fait.
    0
    1. michel
       
      oui c'est fait
      0
    2. S!Ri Messages postés 932 Statut Contributeur sécurité 10
       
      Merci pour l'upload du fichier ;)
      0
    3. michel
       
      Bonjour
      Qu'es-que je dois faire?
      0
  8. crapoulou Messages postés 28002 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   8 046
     
    Pas de quoi S!ri.

    On va aller droit au but !
    Il semblerait que chez toi, le rogue te laisse travailler.
    Ainsi :

    Suppression avec AD-R :

    Télécharge AD-R (de C_XX ) sur ton bureau :
    = = = =>>> En cliquant ici <<<= = = =

    /!\ Déconnecte-toi et ferme toutes applications en cours, désactive ton antivirus le temps de la manipulation/!\

    * Exécute AD-R.
    * Au menu principal clique sur le bouton "Nettoyer".
    * Poste le rapport qui apparaît à la fin.
    (Le rapport est sauvegardé aussi sous Ad-Report-CLEAN[1].txt)

    *********

    Télécharge Malwarebytes' Anti-Malware
    = = = = >>> En cliquant ici <<< = = = =

    - Enregistre le sur le bureau
    - Double clique sur le fichier téléchargé pour lancer le processus d'installation
    - Lorsqu'il te le sera demandé, mets à jour Malwarebytes anti malware
    - Si le pare-feu demande l'autorisation de se connecter pour malwarebytes, acceptes
    - Une fois la mise à jour terminée, ferme Malwarebytes
    - Double-clique sur l'icône de malwarebytes pour le relancer
    - Dans l'onglet, Recherche, probablement ouvert par défaut,
    - Sélectionne Exécuter un examen complet
    - Clique sur Rechercher
    - Le scan démarre
    - A la fin de l'analyse, un message s'affiche : L'examen s'est terminé normalement. Cliquez sur `Afficher les résultats' pour afficher tous les objets trouvés.
    - Clique sur Ok pour poursuivre.
    - Si des malwares ont été détectés, cliques sur Afficher les résultats
    - Sélectionnes tout (ou laisses cochés) et cliques sur Supprimer la sélection Malwarebytes va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
    - Malwarebytes va ouvrir le bloc-notes et y copier le rapport d'analyse.
    - Rends toi dans l'onglet rapport/log
    - Tu clique dessus pour l'afficher.
    - Une fois affiché, cliques sur édition en haut du bloc notes, et puis sur sélectionner tout
    - Tu recliques sur édition et puis sur copier et tu reviens sur le forum et dans ta réponse
    - Tu clique droit dans le cadre de la réponse et coller

    Si tu as besoin d'aide regarde ce tutorial https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
    0
  9. michel
     
    Bonjour
    Malwarebytes' Anti-Malware 1.46
    www.malwarebytes.org

    Version de la base de données: 4710

    Windows 5.1.2600 Service Pack 3
    Internet Explorer 8.0.6001.18702

    28/09/2010 14:01:47
    mbam-log-2010-09-28 (14-01-47).txt

    Type d'examen: Examen complet (C:\|D:\|)
    Elément(s) analysé(s): 216031
    Temps écoulé: 51 minute(s), 24 seconde(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 133
    Valeur(s) du Registre infectée(s): 7
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 53
    Fichier(s) infecté(s): 234

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_CLASSES_ROOT\cntntcntr.cntntdic (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\TypeLib\{148e1447-c728-48fd-beec-a7d06c5fff58} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{8ee46f55-1ce1-4db9-811a-68938ec7f3dd} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{a87dfd99-cf81-4241-85ce-881e0026b686} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{c96b9fae-a032-4100-bb47-32ef05e28be4} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{14113b47-d59c-4f0f-9d10-ff1730265584} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{a9c42a57-421c-4572-8b12-249c59183d1c} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\cntntcntr.cntntdic.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\cntntcntr.cntntdisp (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\cntntcntr.cntntdisp.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\coresrv.coreservices (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\TypeLib\{0729f461-8054-47dc-8d39-a31b61cc0119} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{40ca90f3-4098-4877-ae87-23eb612b18c7} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{4c3b62af-ca25-4fba-8405-32e44f83bb6f} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{5a635a91-c303-45c9-8db9-f759d98a3b9d} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{7e335d04-2e6e-4d0e-a921-c3d9192e7121} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{99ccfb8c-6380-4a14-8fdd-ef3e7e95335d} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{b20d7add-989c-4bc0-a797-f6fe7998efd7} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{bfc20a15-b0ac-44cc-a25a-a7039014ba9f} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{f019aec4-4c95-46de-a107-e302473e3b9a} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{2d00aa2a-69ef-487a-8a40-b3e27f07c91e} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{86c5840b-80c4-4c30-a655-37344a542009} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{b0cb585f-3271-4e42-88d9-ae5c9330d554} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\coresrv.coreservices.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\coresrv.lfgax (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\coresrv.lfgax.1 (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\hbcoresrv.dynamicprop (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\hbcoresrv.dynamicprop.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\hostol.mailanim (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\TypeLib\{8292078f-f6e9-412b-8eb1-360c05c5ece5} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{2447e305-5e90-42a8-bd1e-0bc333b807e1} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{50d2fdcc-2707-49cb-8223-7fe0424909aa} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{878ce013-7ba9-4650-a78c-b2234c0c1648} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{a5b6fa30-d317-41ca-9cb1-c898d3c7f34e} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{cc19a5f2-b4ad-41d5-a5c9-0680904c1483} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\hostol.mailanim.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\hostol.webmailsend (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\hostol.webmailsend.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\seekmoax.clientdetector (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\TypeLib\{85e5e8d1-0b63-4588-a5a0-b927a23f5f60} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{30b15818-e110-4527-9c05-46ace5a3460d} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{618aad04-921f-44c2-be38-c0818af69861} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{b5d2ed96-62f9-4c2c-956d-e425b1f67337} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{d3a412e8-1e4b-47d2-9b12-f88291f5afbb} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{90d9e343-d350-44ba-9329-1aa35b038657} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{90d9e343-d350-44ba-9329-1aa35b038657} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{e8bdff85-f8c2-4281-8669-31253e646518} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{e8bdff85-f8c2-4281-8669-31253e646518} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\seekmoax.clientdetector.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\seekmoax.info (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\seekmoax.info.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\seekmoax.userprofiles (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\seekmoax.userprofiles.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\shoppingreport.hbax (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\TypeLib\{e343edfc-1e6c-4cb5-aa29-e9c922641c80} (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{d8560ac2-21b5-4c1a-bdd4-bd12bc83b082} (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{20ea9658-6bc3-4599-a87d-6371fe9295fc} (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{a16ad1e9-f69a-45af-9462-b1c286708842} (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{c9ccbb35-d123-4a31-affc-9b2933132116} (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\shoppingreport.hbax.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\shoppingreport.hbinfoband (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\shoppingreport.hbinfoband.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\shoppingreport.iebutton (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\shoppingreport.iebutton.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\shoppingreport.iebuttona (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\shoppingreport.iebuttona.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\shoppingreport.rprtctrl (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\shoppingreport.rprtctrl.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\srv.coreservices (Adware.Softomate) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\srv.coreservices.1 (Adware.Softomate) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\toolbar.htmlmenuui (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\TypeLib\{c62a9e79-2b52-439b-af57-2e60bb06e86c} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{15fd8424-d12a-4c51-8c6c-d5d57b80f781} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{67b3becf-7b6f-42b2-99f0-f7656f89cffa} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{715ffd42-4e05-4eab-9513-c8daa5395ae2} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{759d6f7c-8d30-45b6-abea-fa51c190eed5} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{9a4a64a4-a2fb-48fa-9bba-1ac50267695d} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{62906e60-bce2-4e1b-9ed0-8b9042ee15e4} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{f9bfa98d-9935-4ea4-a05a-72c7f0778f02} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\toolbar.htmlmenuui.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\toolbar.toolbarctl (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\toolbar.toolbarctl.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{2557dd3f-23a0-477c-bcd8-90fd0aecc4b8} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{2893116c-a176-42b1-8794-da8c9fc45564} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{3ceb04ab-08af-45f4-81b4-70d13c1f7b85} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{8ad9ad05-36be-4e40-ba62-5422eb0d02fb} (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{99fdca0c-7380-4e9c-8d99-5dc4750334ef} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{a7213d71-47e1-4832-92d7-d61dfe9f231f} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{aebf09e2-0c15-43c8-99bf-928c645d98a0} (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{b1d9f4b1-b9ff-463f-bf15-ab9cb26160f7} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{cf82f350-e1c4-4916-ac12-ba73db60afb7} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{d1063603-f045-475f-afbc-8cba7d5797fb} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{70880ce6-308c-4204-a89e-b266c3f7b7fa} (Adware.Softomate) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{8c788aa2-7530-43be-97b7-4d491f13bea3} (Adware.Softomate) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Typelib\{03d7ff6e-9781-40b5-bb7f-94291a361604} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Typelib\{a57470de-14c7-4fcd-9d4c-e5711f24f0ed} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Typelib\{cdc73256-a88d-4642-844e-a8f20b76789c} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Typelib\{cdca70d8-c6a6-49ee-9bed-7429d6c477a2} (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Typelib\{d136987f-e1c4-4ccc-a220-893df03ec5df} (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{90b8b761-df2b-48ac-bbe0-bcc03a819b3b} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{90b8b761-df2b-48ac-bbe0-bcc03a819b3b} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a078f691-9c07-4af2-bf43-35e79eecf8b7} (Adware.Softomate) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{eddbb5ee-bb64-4bfc-9dbe-e7c85941335b} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{69725738-cd68-4f36-8d02-8c43722ee5da} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{a078f691-9c07-4af2-bf43-35e79eecf8b7} (Adware.Softomate) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\shoppingreport (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\AppID\seekmoax.clientdetector (Adware.Seekmo) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\AppID\seekmoax.clientdetector.1 (Adware.Seekmo) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\AppID\seekmoax.info (Adware.Seekmo) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\AppID\seekmoax.info.1 (Adware.Seekmo) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\AppID\seekmoax.userprofiles (Adware.Seekmo) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\AppID\seekmoax.userprofiles.1 (Adware.Seekmo) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\egdhtml (Adware.EGDAccess) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\seekmo (Adware.Seekmo) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\seekmosa (Adware.Seekmo) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\ShoppingReport (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\Winsudate (Adware.GibMedia) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\HostOL.MailAnim (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\Addins\HostOL.MailAnim (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\seekmosa (Adware.Seekmo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\seekmo (Adware.Seekmo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\ShoppingReport (Adware.ShopperReports) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\87244 (Malware.Packer.Gen) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\938626 (Malware.Packer.Gen) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\seekmosa (Adware.Seekmo) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{90b8b761-df2b-48ac-bbe0-bcc03a819b3b} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\extensions\seekmo@seekmo.com (Adware.SeekMo) -> Quarantined and deleted successfully.

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    C:\Documents and Settings\All Users\Application Data\2ACA5CC3-0F83-453D-A079-1076FE1A8B65 (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\All Users\Application Data\SeekmoSA (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\Weather (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\Weather\WeatherDPA (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\Weather\WeatherDPA\Weather_XML (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\Weather\Weather_XML (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\IESkins (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5 (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1 (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2 (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\dynamic (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\dynamic\ustat (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\dynamic\TooltipXML (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\HostOL (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\HostOL\dynamic (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\HostOL\static (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\HostOL\static\DownLoad (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\HostOL\static\1 (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\HostOL\static\2 (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\HostOI (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\HostOI\dynamic (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\ShoppingReport (Adware.ShopperReports) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\ShoppingReport\cs (Adware.ShopperReports) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\ShoppingReport\cs\dwld (Adware.ShopperReports) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\ShoppingReport\cs\report (Adware.ShopperReports) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\ShoppingReport\cs\db (Adware.ShopperReports) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\ShoppingReport\cs\res1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\WeatherDPA (Adware.Hotbar) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Multi (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Multi\20061129201137 (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Multi\20061129201137\Common (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Multi\20061129201137\medias (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Multi\20061129201137\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\DesktopIcons (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Center (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Seekmo (Adware.180Solutions) -> Quarantined and deleted successfully.
    C:\Program Files\Seekmo\bin (Adware.180Solutions) -> Quarantined and deleted successfully.
    C:\Program Files\Seekmo\bin\11.0.96.0 (Adware.180Solutions) -> Quarantined and deleted successfully.
    C:\Program Files\Seekmo\bin\11.0.96.0\firefox (Adware.180Solutions) -> Quarantined and deleted successfully.
    C:\Program Files\Seekmo\bin\11.0.96.0\firefox\extensions (Adware.180Solutions) -> Quarantined and deleted successfully.
    C:\Program Files\Seekmo\bin\11.0.96.0\firefox\extensions\components (Adware.180Solutions) -> Quarantined and deleted successfully.
    C:\Program Files\Seekmo\bin\11.0.96.0\firefox\extensions\plugins (Adware.180Solutions) -> Quarantined and deleted successfully.
    C:\Program Files\ShoppingReport (Adware.ShopperReports) -> Quarantined and deleted successfully.
    C:\Program Files\ShoppingReport\Bin (Adware.ShopperReports) -> Quarantined and deleted successfully.
    C:\Program Files\ShoppingReport\Bin\2.6.63 (Adware.ShopperReports) -> Quarantined and deleted successfully.
    C:\Program Files\ShoppingReport\Bin\2.6.71 (Adware.ShopperReports) -> Quarantined and deleted successfully.
    C:\Program Files\Winsudate (Adware.Gibmedia) -> Quarantined and deleted successfully.
    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Seekmo (Adware.Seekmo) -> Quarantined and deleted successfully.

    Fichier(s) infecté(s):
    C:\Documents and Settings\michel hager\Local Settings\Application Data\87244.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Local Settings\Application Data\938626.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
    C:\Program Files\Seekmo\bin\11.0.96.0\SeekmoSA.exe (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Program Files\Seekmo\bin\11.0.96.0\CntntCntr.dll (Adware.Hotbar) -> Quarantined and deleted successfully.
    C:\Program Files\Seekmo\bin\11.0.96.0\CoreSrv.dll (Adware.Hotbar) -> Quarantined and deleted successfully.
    C:\Program Files\Seekmo\bin\11.0.96.0\HostOL.dll (Adware.Hotbar) -> Quarantined and deleted successfully.
    C:\Program Files\Seekmo\bin\11.0.96.0\SeekmoSAAX.dll (Adware.Hotbar) -> Quarantined and deleted successfully.
    C:\Program Files\ShoppingReport\Bin\2.6.71\ShoppingReport.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
    C:\Program Files\Seekmo\bin\11.0.96.0\Toolbar.dll (Adware.Hotbar) -> Quarantined and deleted successfully.
    C:\Program Files\Seekmo\bin\11.0.96.0\Srv.exe (Adware.Hotbar) -> Quarantined and deleted successfully.
    C:\Program Files\Mozilla Firefox\plugins\npclntax_SeekmoSA.dll (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Program Files\ShoppingReport\Bin\2.6.63\ShoppingReport.dll (Adware.SmartShopper) -> Quarantined and deleted successfully.
    C:\Program Files\Seekmo\bin\11.0.96.0\SeekmoUninstaller.exe (Adware.Zango) -> Quarantined and deleted successfully.
    C:\Program Files\Seekmo\bin\11.0.96.0\WeSkin.dll (Adware.Hotbar) -> Quarantined and deleted successfully.
    C:\Program Files\Seekmo\bin\11.0.96.0\firefox\extensions\plugins\npclntax_SeekmoSA.dll (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Program Files\Winsudate\gibidl.dll (Adware.Gibmedia) -> Quarantined and deleted successfully.
    C:\Program Files\Winsudate\gibupt.exe (Adware.Gibmedia) -> Quarantined and deleted successfully.
    C:\Program Files\Winsudate\gibcom.dll (Adware.Gibmedia) -> Quarantined and deleted successfully.
    C:\Documents and Settings\All Users\Application Data\SeekmoSA\SeekmoSA_kyf.dat (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\All Users\Application Data\SeekmoSA\SeekmoSA.dat (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\All Users\Application Data\SeekmoSA\SeekmoSAAbout.mht (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\All Users\Application Data\SeekmoSA\SeekmoSAEula.mht (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\All Users\Application Data\SeekmoSA\SeekmoSAau.dat (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\Weather\WeatherStartup.xml (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\Weather\history (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\Weather\WeatherDPA\WeatherPreferences (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\Weather\WeatherDPA\Links (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\Weather\WeatherDPA\Weather_XML\Loading (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\Weather\WeatherDPA\Weather_XML\screen2 (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\Weather\WeatherDPA\Weather_XML\Display (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\Weather\Weather_XML\General (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\Weather\Weather_XML\Genera1 (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\Weather\Weather_XML\Default (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\Default_511745-514279.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\Default_Games.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\Default_Hide.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\Default_Hotmail.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\Default_Mails.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\Default_categorize.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\Default_comparison.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\Default_explorer-Mails.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\Default_explorer-people.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\Default_favorites.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\Default_hotbarcom.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\Default_hsskin.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\Default_new.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\Default_premium.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\Default_searchfor.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\Default_searchgo.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\Default_weather.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\Default_yellowpages.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\Top7_theweb.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\blackdomain.list (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\btntrans.idx (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\btntrans1.dat (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\buttondir.txt (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\components.cdf (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\cursors.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\d_icons_buttons_1000.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\d_icons_buttons_2000.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\d_icons_buttons_3000.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\d_icons_buttons_bar.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\d_icons_buttons_bbar1.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\d_icons_buttons_logos.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\d_icons_buttons_other.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\d_icons_weather.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\default.cdf (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\email-def-511724-548964.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\email-def-511724-9595.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\email-t1-bg.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\icons2.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\ie_games_icon.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\ie_video.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\keywords.idx (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\keywords1.dat (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\layout.cdf (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\linkpathlegal.txt (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\private_mode.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\privatemode.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\progress.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\s_icons_buttons.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\sales_buttons.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\seekmo.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\seekmo_ie_menu.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\t2_bg.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\theweb.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\top7.cdf (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\tsd_bg.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\weathericon.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\buttondir.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\samplegroups2.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\samplegroups2.txt (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\linkpathlegal.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\layout.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\d_icons_buttons_1000.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\d_icons_buttons_2000.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\d_icons_buttons_3000.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\d_icons_buttons_logos.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\d_icons_buttons_other.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\private_mode.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\blackdomain.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\weathericon.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\d_icons_weather.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\tsd_bg.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\t2_bg.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\s_icons_buttons.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\progress.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\d_icons_buttons_bar.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\d_icons_buttons_bbar1.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\sales_buttons.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\seekmo.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\ie_games_icon.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\ie_video.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\cursors.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\email-t1-bg.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\keywords.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\keywords1.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\BtnTrans.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\BtnTrans1.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\default.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\icons2.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\top7.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\seekmo_ie_menu.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\Default_511745-514279.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\Default_Games.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\Default_Hide.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\Default_Hotmail.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\Default_Mails.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\Default_categorize.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\Default_comparison.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\Default_explorer-Mails.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\Default_explorer-people.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\Default_favorites.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\Default_hotbarcom.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\Default_hsskin.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\Default_new.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\Default_premium.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\Default_searchfor.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\Default_searchgo.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\Default_weather.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\Default_yellowpages.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\Top7_theweb.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\blackdomain.list (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\btntrans.idx (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\btntrans1.dat (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\buttondir.txt (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\components.cdf (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\cursors.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\d_icons_buttons_1000.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\d_icons_buttons_2000.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\d_icons_buttons_3000.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\d_icons_buttons_bar.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\d_icons_buttons_bbar1.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\d_icons_buttons_logos.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\d_icons_buttons_other.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\d_icons_weather.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\default.cdf (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\email-def-511724-548964.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\email-def-511724-9595.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\email-t1-bg.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\icons2.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\ie_games_icon.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\ie_video.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\keywords.idx (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\keywords1.dat (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\layout.cdf (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\linkpathlegal.txt (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\private_mode.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\privatemode.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\progress.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\s_icons_buttons.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\sales_buttons.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\seekmo.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\seekmo_ie_menu.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\t2_bg.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\theweb.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\top7.cdf (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\tsd_bg.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\weathericon.res (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\dynamic\1.sdf (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\dynamic\domains.txt (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\dynamic\1817352.sdf (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\dynamic\3894561.sdf (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\dynamic\2883915.sdf (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\dynamic\ustat\392a.dat (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\dynamic\ustat\392d.dat (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\dynamic\TooltipXML\1000057533 (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\dynamic\TooltipXML\528757 (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\dynamic\TooltipXML\705022 (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\dynamic\TooltipXML\1000052615 (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\dynamic\TooltipXML\76110 (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\dynamic\TooltipXML\41952 (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\dynamic\TooltipXML\220086 (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\dynamic\TooltipXML\1000063625 (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\dynamic\TooltipXML\1000032930 (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\dynamic\TooltipXML\69156 (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\dynamic\TooltipXML\1000069767 (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\dynamic\TooltipXML\1000063198 (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\dynamic\TooltipXML\1000061533 (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\dynamic\TooltipXML\1000061197 (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\dynamic\TooltipXML\705211 (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\dynamic\TooltipXML\710858 (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\dynamic\TooltipXML\1000057972 (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\ShoppingReport\cs\Config.xml (Adware.ShopperReports) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\ShoppingReport\cs\dwld\WhiteList.xip (Adware.ShopperReports) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\ShoppingReport\cs\report\aggr_storage.xml (Adware.ShopperReports) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\ShoppingReport\cs\report\send_storage.xml (Adware.ShopperReports) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\ShoppingReport\cs\db\Aliases.dbs (Adware.ShopperReports) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\ShoppingReport\cs\db\Sites.dbs (Adware.ShopperReports) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\ShoppingReport\cs\res1\WhiteList.dbs (Adware.ShopperReports) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Multi\20061129201137\dialerexe.ini (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Multi\20061129201137\Common\module.php (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Multi\20061129201137\medias\button1.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Multi\20061129201137\medias\button4.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Multi\20061129201137\medias\button2.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Multi\20061129201137\medias\button3.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Multi\20061129201137\medias\3804_dialer.ico (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Multi\20061129201137\js\js_api_dialer.php (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\DesktopIcons\Acces-Sex.lnk (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Instant Access\Center\Acces-Sex.lnk (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Program Files\Seekmo\bin\11.0.96.0\arrow.ico (Adware.180Solutions) -> Quarantined and deleted successfully.
    C:\Program Files\Seekmo\bin\11.0.96.0\copyright.txt (Adware.180Solutions) -> Quarantined and deleted successfully.
    C:\Program Files\Seekmo\bin\11.0.96.0\firefox\extensions\install.rdf (Adware.180Solutions) -> Quarantined and deleted successfully.
    C:\Program Files\Seekmo\bin\11.0.96.0\firefox\extensions\chrome.manifest (Adware.180Solutions) -> Quarantined and deleted successfully.
    C:\Program Files\Seekmo\bin\11.0.96.0\firefox\extensions\components\npclntax.xpt (Adware.180Solutions) -> Quarantined and deleted successfully.
    C:\Program Files\ShoppingReport\Uninst.exe (Adware.ShopperReports) -> Quarantined and deleted successfully.
    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Seekmo\Reset Cursor.lnk (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Seekmo\Seekmo Customer Support Center.lnk (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Seekmo\Seekmo Uninstall Instructions.lnk (Adware.Seekmo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Application Data\Icones\icones_pa.ico (Adware.GibMedia) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Bureau\Pages Annuaire.lnk (Adware.GibMedia) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Menu Démarrer\Programmes\Security Tool.LNK (Rogue.SecurityTool) -> Quarantined and deleted successfully.
    C:\Documents and Settings\michel hager\Menu Démarrer\Pages Annuaire.lnk (Adware.GibMedia) -> Quarantined and deleted successfully.
    C:\WINDOWS\dialerexe.ini (Adware.EGDAccess) -> Quarantined and deleted successfully.
    0
  10. crapoulou Messages postés 28002 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   8 046
     
    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 133
    Valeur(s) du Registre infectée(s): 7
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 53
    Fichier(s) infecté(s): 234 


    Ton rapport MBAM a fait un énorme ménage !
    Envoie le entier sur cijoint stp :

    Aide en images.
    0
    1. michel
       
      Bonjour
      Oui ok merci
      0
    2. michel
       
      http://www.cijoint.fr/cjlink.php?file=cj201009/cijFLIIuVa.txt
      Qu'es-que je dois faire?
      Comment détruire le virus avec malwarebytes?
      0
    3. Laura
       
      j'ai le meme problème et j'arrive pas à envoyer le lien, quelqu'un peut m'aider ?
      http://www.cijoint.fr/cjlink.php?file=cj201010/cijrpm6lGz.txt
      Merci d'avance !
      0
    4. crapoulou Messages postés 28002 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   8 046
       
      Laura,

      Merci de créer ton propre message sur le forum afin d'obtenir une aide personnalisée :

      http://sd-1.archive-host.com/...

      Crapoulou, Modérateur CCM.
      0
  11. crapoulou Messages postés 28002 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   8 046
     
    Euh, ce n'est pas ça que je voulais mais ce n'est pas grave.

    ******

    Démarre en mode sans échec et supprime ce fichier :
    C:\Documents And Settings\michel hager\Local Settings\Application Data\87244.exe

    ********

    Suppression avec AD-R :

    Télécharge AD-R (de C_XX ) sur ton bureau :
    = = = =>>> En cliquant ici <<<= = = =

    /!\ Déconnecte-toi et ferme toutes applications en cours, désactive ton antivirus le temps de la manipulation/!\

    * Exécute AD-R.
    * Au menu principal clique sur le bouton "Nettoyer".
    * Poste le rapport qui apparaît à la fin.
    (Le rapport est sauvegardé aussi sous Ad-Report-CLEAN[1].txt)
    0
    1. Mstr Messages postés 12018 Date d'inscription   Statut Contributeur sécurité Dernière intervention   1 900
       
      Salut crapoulou,

      Je me permets de polluer ton post pour te donner une astuce qui pourra certainement t'aider énormément pour ST (si tu ne l'a pas encore lue, j'en doute, elle est toute fraiche ^^)

      Télécharges ça :

      https://www.luanagames.com/index.fr.html

      C'est le taskmgr renommé en firefox.exe
      Il suffit donc de le lancer, on a accès aux gestionnaire, et on peut kill le processus (qui est une suite de chiffre, comme d'hab)
      On est donc débarrassé du rogue et on peut utiliser les tools sans problème, plus besoin de passer en MSE. MBAM le detecte correctement maintenant, ainsi que ZHPH.

      Note : Il est de retour au reboot quand même, évidemment..! :)


      Un grand merci a Tigzy pour l'astuce.

      PS : Il a édité la FAQ avec cette astuce : http://www.commentcamarche.net/faq/24055-security-tool

      Bonne chasse.
      0
    2. crapoulou Messages postés 28002 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   8 046
       
      Bizarre : testé sous VM, le gestionnaire des tâches s'est ouvert si CTRL + ALT + Suppr avant ST mais pas trouvé le processus de ST dans la liste !!!! (suite de chiffres).
      0
    3. Mstr Messages postés 12018 Date d'inscription   Statut Contributeur sécurité Dernière intervention   1 900
       
      Aucune idée, mais ça a été testé plusieurs fois et ça fonctionne apparemment.

      Souvent les droppers se comportent un peu différemment sous VM.

      Je dois y aller, bonne chance ! ;)

      Post sur WT : http://web-tranquille.fr/general/recrudescence-de-cas-d%27infection-par-security-tool-que-se-passe-t%27il/30/
      0
    4. michel
       
      Bonjour
      comment désactiver les antivirus?
      comment fermé les applications en cours?
      0
    5. crapoulou Messages postés 28002 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   8 046
       
      As-tu bien supprimé le fichier demandé ?
      Lance AD-R sans te préoccuper de ton antivirus.
      Fermer les applications signifie : ne fais rien d'autre en même temps (jeux, naviguer sur internet, ...)
      0
  12. crapoulou Messages postés 28002 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   8 046
     
    En apparence, Security Tool est-il toujours présent sur le PC ?
    Comment va le PC ?
    0
    1. michel
       
      Crapoulou,
      content peut être trop tôt,mais pour le moment plus de message de Security-Tool,le pc fonctionne correctement.Je te tiens au courent plus tard.
      Merci beaucoup pour m'avoir aidé.merci à vous tous.
      0
  13. crapoulou Messages postés 28002 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   8 046
     
    On va faire le point sur l'état de ton PC.
    Suis les manipulations données ici qui devraient fonctionner :
    https://forums.commentcamarche.net/forum/affich-19303713-virus-security-tool#1
    0
    1. michel
       
      crapoulou,
      Je suis en mode normal aucun souci.
      Veux que je me mette en mode sans échec pour faire un point sur l'état du pc?
      Merci
      0
    2. crapoulou Messages postés 28002 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   8 046
       
      Non, reste en mode normal.
      0
    3. michel
       
      Pour le moment je ne peux pas envoyer le fichier car Les fichiers avec l'extension ne peuvent pas être déposés !
      je renouvèlerai la manip plus tard.
      0
    4. crapoulou Messages postés 28002 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   8 046
       
      L'extension txt devrait fonctionner.
      0
    5. michel
       
      http://www.cijoint.fr/cjlink.php?file=cj201009/cijMDOGX7N.txt
      0
  14. crapoulou Messages postés 28002 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   8 046
     
    Ton PC est encore infecté.

    Tu es infecté par un ver qui se propage dans ton ordinateur par support amovibles (clé USB, disquettes, appareils photos numériques, disques durs externes, ...)

    Télécharge et installe UsbFix de C_XX & El_Desaparecido :
    = = = = >>> En cliquant ici <<< = = = =

    Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptibles d'avoir été infectés sans les ouvrir !

    * Double clique sur le raccourci UsbFix présent sur ton bureau.
    * Clique sur le bouton Recherche
    * Laisse travailler l'outil.
    * Ensuite poste l'intégralité du rapport UsbFix.txt qui apparaîtra.

    Notes :
    - Le rapport UsbFix.txt est sauvegardé a la racine du disque. (C:\UsbFix.txt)
    (CTRL+A Pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller sur le forum).
    - Si l'outil ne se lance pas, désactive ton antivirus le temps de la manipulation.
    0
    1. michel
       
      ############################## | UsbFix 7.027 | [Recherche]

      Utilisateur: michel hager (Administrateur) # FIFOU [ ]
      Mis à jour le 28/09/10 par El Desaparecido / C_XX
      Lancé à 20:44:40 | 30/09/2010
      Site Web: http://www.teamxscript.org
      Contact: FindyKill.Contact@gmail.com

      CPU: Genuine Intel(R) CPU T2250 @ 1.73GHz
      CPU 2: Genuine Intel(R) CPU T2250 @ 1.73GHz
      Microsoft Windows XP Édition familiale (5.1.2600 32-Bit) # Service Pack 3
      Internet Explorer 8.0.6001.18702

      Pare-feu Windows: Activé
      Antivirus: avast! antivirus 4.8.1368 [VPS 100930-0] 4.8.1368 [Enabled | Updated]
      RAM -> 1022 Mo
      C:\ (%systemdrive%) -> Disque fixe # 44 Go (14 Go libre(s) - 31%) [ACER] # FAT32
      D:\ -> Disque fixe # 44 Go (44 Go libre(s) - 100%) [ACERDATA] # FAT32
      E:\ -> CD-ROM
      H:\ -> Disque fixe # 298 Go (121 Go libre(s) - 41%) [Philips External Hard Disk] # NTFS

      ################## | Éléments infectieux |



      ################## | Registre |


      ################## | Mountpoints2 |

      HKCU\.\.\.\.\Explorer\MountPoints2\{78ce8f66-9e04-11dd-a8ce-001e583e4f09}
      Shell\Auto\Command = fun.xls.exe
      Shell\AutoRun\Command = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL fun.xls.exe

      HKCU\.\.\.\.\Explorer\MountPoints2\{ddb901a3-a12a-11de-a9a1-001e583e4f09}
      Shell\AutoRun\Command = F:\USBAutoRun.exe


      ################## | Vaccin |

      (!) Cet ordinateur n'est pas vacciné!

      ################## | E.O.F |
      0
  15. crapoulou Messages postés 28002 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   8 046
     
    Bien pour USBFix.

    Nettoyage avec UsbFix :

    Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptibles d'avoir été infectés sans les ouvrir !

    *Double clique sur le raccourci UsbFix présent sur ton bureau.
    * Clique sur le bouton Suppression
    * Ton bureau disparaîtra et le PC redémarrera.
    * Au redémarrage, UsbFix scannera ton PC. Laisse travailler l'outil.
    * Ensuite poste l'intégralité du rapport UsbFix.txt qui apparaîtra avec le bureau.

    Note :
    Le rapport UsbFix.txt est sauvegardé a la racine du disque. (C:\UsbFix.txt)
    0
    1. michel
       
      le pc n'a pas redémarré mais j'ai le rapport
      ############################## | UsbFix 7.027 | [Suppression]

      Utilisateur: michel hager (Administrateur) # FIFOU [ ]
      Mis à jour le 28/09/10 par El Desaparecido / C_XX
      Lancé à 20:52:49 | 30/09/2010
      Site Web: http://www.teamxscript.org
      Contact: FindyKill.Contact@gmail.com

      CPU: Genuine Intel(R) CPU T2250 @ 1.73GHz
      CPU 2: Genuine Intel(R) CPU T2250 @ 1.73GHz
      Microsoft Windows XP Édition familiale (5.1.2600 32-Bit) # Service Pack 3
      Internet Explorer 8.0.6001.18702

      Pare-feu Windows: Activé
      Antivirus: avast! antivirus 4.8.1368 [VPS 100930-0] 4.8.1368 [Enabled | Updated]
      RAM -> 1022 Mo
      C:\ (%systemdrive%) -> Disque fixe # 44 Go (14 Go libre(s) - 31%) [ACER] # FAT32
      D:\ -> Disque fixe # 44 Go (44 Go libre(s) - 100%) [ACERDATA] # FAT32
      E:\ -> CD-ROM
      H:\ -> Disque fixe # 298 Go (121 Go libre(s) - 41%) [Philips External Hard Disk] # NTFS

      ################## | Éléments infectieux |



      ################## | Registre |


      ################## | Mountpoints2 |

      Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{78ce8f66-9e04-11dd-a8ce-001e583e4f09}
      Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{ddb901a3-a12a-11de-a9a1-001e583e4f09}

      ################## | Listing |

      [20/12/2005 - 11:17:28 | AD ] C:\i386
      [05/08/2004 - 05:00:00 | AD ] C:\VALUEADD
      [05/08/2004 - 05:00:00 | AD ] C:\dotnetfx
      [29/09/2010 - 13:46:28 | ASH | 1610612736] C:\pagefile.sys
      [08/11/2007 - 17:14:46 | D ] C:\Converted Music
      [20/12/2005 - 11:17:34 | AD ] C:\Sysinfo
      [20/12/2005 - 11:17:34 | AD ] C:\Book
      [30/07/2006 - 11:02:26 | D ] C:\WINDOWS
      [14/02/2005 - 10:58:16 | D ] C:\Documents and Settings
      [14/02/2005 - 11:06:08 | RD ] C:\Program Files
      [03/05/2006 - 06:49:46 | D ] C:\Acer
      [05/08/2004 - 05:00:00 | RASH | 4952] C:\Bootfont.bin
      [06/10/2008 - 07:20:36 | RASH | 252240] C:\ntldr
      [05/08/2004 - 05:00:00 | RASH | 47564] C:\NTDETECT.COM
      [02/04/2007 - 22:07:42 | RASH | 216] C:\boot.ini
      [14/02/2005 - 11:07:12 | A | 0] C:\CONFIG.SYS
      [27/06/2006 - 22:41:54 | A | 150] C:\AUTOEXEC.BAT
      [14/02/2005 - 11:07:12 | RASH | 0] C:\IO.SYS
      [14/02/2005 - 11:07:12 | RASH | 0] C:\MSDOS.SYS
      [10/11/1999 - 08:17:54 | A | 49] C:\XPH.TAG
      [27/06/2006 - 23:07:06 | RASH | 79] C:\Preload.aaa
      [14/01/2009 - 16:10:12 | SHD ] C:\FOUND.000
      [14/09/2009 - 20:21:28 | D ] C:\Sounds
      [09/11/2009 - 16:59:30 | SHD ] C:\FOUND.001
      [30/01/2010 - 14:56:48 | D ] C:\EPSON
      [09/11/2006 - 03:50:20 | SHD ] C:\System Volume Information
      [17/09/2010 - 17:43:16 | SHD ] C:\FOUND.002
      [26/09/2010 - 19:22:02 | SHD ] C:\FOUND.003
      [15/11/2008 - 19:55:56 | D ] C:\temp
      [29/09/2010 - 12:09:10 | A | 2928] C:\Ad-Report-CLEAN[1].txt
      [29/09/2010 - 13:46:30 | ASH | 1071763456] C:\hiberfil.sys
      [30/09/2010 - 20:42:04 | D ] C:\UsbFix
      [30/09/2010 - 20:52:50 | A | 949] C:\UsbFix.txt
      [16/03/2008 - 13:57:04 | AH | 244] C:\sqmnoopt00.sqm
      [16/03/2008 - 13:57:04 | AH | 268] C:\sqmdata00.sqm
      [16/03/2008 - 13:57:04 | AH | 160] C:\sqmnoopt01.sqm
      [16/03/2008 - 13:57:04 | AH | 148] C:\sqmdata01.sqm
      [09/11/2006 - 12:09:06 | D ] C:\MWASPI
      [09/11/2006 - 12:56:58 | SHD ] C:\Recycled
      [02/05/2008 - 10:13:18 | AH | 244] C:\sqmnoopt02.sqm
      [02/05/2008 - 10:13:18 | AH | 268] C:\sqmdata02.sqm
      [31/08/2008 - 09:06:04 | AH | 244] C:\sqmnoopt03.sqm
      [31/08/2008 - 09:06:04 | AH | 304] C:\sqmdata03.sqm
      [10/10/2008 - 22:00:48 | AH | 244] C:\sqmnoopt04.sqm
      [10/10/2008 - 22:00:48 | AH | 232] C:\sqmdata04.sqm
      [11/10/2008 - 14:29:38 | AH | 244] C:\sqmnoopt05.sqm
      [11/10/2008 - 14:29:38 | AH | 268] C:\sqmdata05.sqm
      [25/10/2008 - 22:44:54 | AH | 244] C:\sqmnoopt06.sqm
      [25/10/2008 - 22:44:54 | AH | 232] C:\sqmdata06.sqm
      [10/11/2008 - 09:42:14 | AH | 244] C:\sqmnoopt07.sqm
      [10/11/2008 - 09:42:14 | AH | 232] C:\sqmdata07.sqm
      [11/11/2008 - 09:39:48 | AH | 244] C:\sqmnoopt08.sqm
      [11/11/2008 - 09:39:48 | AH | 232] C:\sqmdata08.sqm
      [12/11/2008 - 19:59:24 | AH | 244] C:\sqmnoopt09.sqm
      [12/11/2008 - 19:59:24 | AH | 232] C:\sqmdata09.sqm
      [13/11/2008 - 09:25:12 | AH | 244] C:\sqmnoopt10.sqm
      [13/11/2008 - 09:25:12 | AH | 268] C:\sqmdata10.sqm
      [06/02/2007 - 20:39:48 | AH | 244] C:\sqmnoopt11.sqm
      [06/02/2007 - 20:39:48 | AH | 292] C:\sqmdata11.sqm
      [06/02/2007 - 20:39:48 | AH | 244] C:\sqmnoopt12.sqm
      [06/02/2007 - 20:39:48 | AH | 232] C:\sqmdata12.sqm
      [12/09/2007 - 21:57:46 | AH | 244] C:\sqmnoopt13.sqm
      [12/09/2007 - 21:57:46 | AH | 292] C:\sqmdata13.sqm
      [13/01/2008 - 18:28:02 | AH | 244] C:\sqmnoopt14.sqm
      [13/01/2008 - 18:28:02 | AH | 232] C:\sqmdata14.sqm
      [13/01/2008 - 18:28:04 | AH | 244] C:\sqmnoopt15.sqm
      [13/01/2008 - 18:28:04 | AH | 232] C:\sqmdata15.sqm
      [13/01/2008 - 18:41:38 | AH | 244] C:\sqmnoopt16.sqm
      [13/01/2008 - 18:41:38 | AH | 232] C:\sqmdata16.sqm
      [14/01/2008 - 21:21:58 | AH | 244] C:\sqmnoopt17.sqm
      [14/01/2008 - 21:21:58 | AH | 232] C:\sqmdata17.sqm
      [16/03/2008 - 13:54:38 | AH | 244] C:\sqmnoopt18.sqm
      [16/03/2008 - 13:54:38 | AH | 268] C:\sqmdata18.sqm
      [16/03/2008 - 13:54:38 | AH | 136] C:\sqmnoopt19.sqm
      [16/03/2008 - 13:54:38 | AH | 268] C:\sqmdata19.sqm
      [22/02/2007 - 13:11:20 | D ] C:\Poker
      [28/02/2007 - 21:51:00 | D ] C:\Données Ciel
      [29/03/2007 - 19:22:06 | D ] C:\smartcaisse
      [09/11/2006 - 03:53:24 | SHD ] D:\System Volume Information
      [09/11/2006 - 13:53:46 | SHD ] D:\Recycled
      [17/10/2007 - 20:30:34 | SH | 2644] D:\AlbumArtSmall.jpg
      [17/10/2007 - 20:30:34 | SH | 2644] D:\AlbumArt_{CD5FAC0E-907A-4C54-8464-BE4473D65346}_Small.jpg
      [17/10/2007 - 20:30:34 | SH | 10624] D:\Folder.jpg
      [17/10/2007 - 20:30:34 | SH | 10624] D:\AlbumArt_{CD5FAC0E-907A-4C54-8464-BE4473D65346}_Large.jpg
      [17/10/2007 - 20:30:34 | SH | 377] D:\desktop.ini
      [08/05/2007 - 13:38:08 | SHD ] H:\$RECYCLE.BIN
      [26/09/2009 - 21:52:12 | D ] H:\CD
      [25/07/2006 - 09:34:58 | ASH | 78] H:\Desktop.ini
      [26/09/2009 - 21:47:56 | D ] H:\FETARD'OC
      [28/06/2010 - 12:55:49 | D ] H:\films mathieu
      [28/06/2010 - 12:36:02 | D ] H:\Incoming
      [08/07/2007 - 22:43:43 | D ] H:\MARIAGE AURELIE
      [12/08/2010 - 13:55:27 | RAD ] H:\My Music
      [22/05/2007 - 13:34:08 | RAD ] H:\My Pictures
      [20/04/2007 - 15:29:54 | RAD ] H:\My Videos
      [31/07/2006 - 12:12:27 | AD ] H:\Philips User Manual
      [28/04/2007 - 22:41:31 | D ] H:\photos abeilles
      [26/07/2007 - 12:45:45 | D ] H:\photos camion
      [30/06/2007 - 21:48:27 | D ] H:\PHOTOS MATHIEU
      [07/07/2007 - 09:18:25 | D ] H:\PHOTOS ZOO MITCH
      [24/10/2008 - 10:37:29 | SHD ] H:\RECYCLER
      [22/10/2008 - 20:47:40 | SHD ] H:\System Volume Information
      [15/07/2007 - 21:50:44 | D ] H:\vacances

      ################## | Vaccin |

      C:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX)
      D:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX)
      H:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX)

      ################## | E.O.F |
      0
  16. crapoulou Messages postés 28002 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   8 046
     
    Bien.
    Comment va le PC ?
    Mets à jour MBAM.
    Fais une analyse rapide du système stp.
    Envoie le rapport.
    0
    1. michel
       
      Quelqu'un sur le site m'avait dit de faire ctrl alt sup désolé je ne me souvient pas de son prénom
      En le faisant sécurité tool était en cour d'exécution je les sup.
      Qu'es-que MBAM?
      0
    2. michel
       
      J'ai a nouveau fait ctrl alt sup il est toujours en cour d'execution
      0
  17. crapoulou Messages postés 28002 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   8 046
     
    MBAM = MalwareBytes anti malware.
    0
    1. michel
       
      desole
      0
    2. crapoulou Messages postés 28002 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   8 046
       
      Pas de souci.
      0
    3. michel
       
      Malwarebytes' Anti-Malware 1.46
      www.malwarebytes.org

      Version de la base de données: 4710

      Windows 5.1.2600 Service Pack 3
      Internet Explorer 8.0.6001.18702

      30/09/2010 21:50:40
      mbam-log-2010-09-30 (21-50-40).txt

      Type d'examen: Examen rapide
      Elément(s) analysé(s): 148223
      Temps écoulé: 7 minute(s), 43 seconde(s)

      Processus mémoire infecté(s): 0
      Module(s) mémoire infecté(s): 0
      Clé(s) du Registre infectée(s): 0
      Valeur(s) du Registre infectée(s): 0
      Elément(s) de données du Registre infecté(s): 0
      Dossier(s) infecté(s): 0
      Fichier(s) infecté(s): 0

      Processus mémoire infecté(s):
      (Aucun élément nuisible détecté)

      Module(s) mémoire infecté(s):
      (Aucun élément nuisible détecté)

      Clé(s) du Registre infectée(s):
      (Aucun élément nuisible détecté)

      Valeur(s) du Registre infectée(s):
      (Aucun élément nuisible détecté)

      Elément(s) de données du Registre infecté(s):
      (Aucun élément nuisible détecté)

      Dossier(s) infecté(s):
      (Aucun élément nuisible détecté)

      Fichier(s) infecté(s):
      (Aucun élément nuisible détecté)
      0
  18. Firewall
     
    Bonjour ,
    Je viens de me débarrasser de SECURITY TOOL grâce à un utilitaire de chez Kaspersky .
    Il faut aller à cette adresse https://support.kaspersky.com/fr/viruses/utility puis
    télécharger Kaspersky Virus Removal Tool ( EXE,72,2MB). version 9.0.0.722

    Démarrer le Pc en mode sans échec (F8) puis installer kaspersky Virus Removal Tool . Le lancer puis Il fera le reste après un scan de votre PC et vous serez débarrasser de ce virus.
    0
  19. crapoulou Messages postés 28002 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   8 046
     
    As-tu un rapport de cet outil stp ?
    Qu'a-t-il supprimé au juste ?

    ********

    Télécharge SEAF.exe de C_XX sur ton bureau :
    = = = = =>>> En cliquant ici <<<= = = = =

    * Double clique sur SEAF.exe que tu viens de télécharger.
    * Une fenêtre va s'ouvrir.
    * Copie-colle ceci dans la barre de recherche blanche Security tool
    * Coche sur la droite : "Chercher également dans le registre"
    * Coche en bas "Afficher les ADS" et "Informations supplémentaires".
    * Clique ensuite sur "Lancer la recherche".
    * Patiente pendant la recherche.
    * Une fenêtre avec un rapport au format ".txt" va s'afficher.
    * Copie/colle ce rapport dans ta prochaine réponse.
    0
    1. michel
       
      1. ========================= SEAF 1.0.0.8 - C_XX
      2.
      3. Commencé à: 22:18:55 le 30/09/2010
      4.
      5. Valeur(s) recherchée(s):
      6. Security tool
      7.
      8. (!) --- Informations supplémentaires
      9. (!) --- Affichage des ADS
      10. (!) --- Recherche registre
      11.
      12. ====== Fichier(s) (TC: Date de création, TM: Date de modification, DA, Dernier accès) ======
      13.
      14. Aucun fichier trouvé
      15.
      16.
      17. ====== Entrée(s) du registre ======
      18.
      19. Aucun élément dans le registre trouvé
      20.
      21. =========================
      22.
      23. Fin à: 22:21:01 le 30/09/2010 ( E.O.F )
      24.
      25. =========================
      0
    2. michel
       
      gestionnaire des taches
      security tools en cours d'exécution
      C'est l'intitulé du forum désolé
      0
  20. crapoulou Messages postés 28002 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   8 046
     
    gestionnaire des taches
    security tools en cours d'exécution
    C'est l'intitulé du forum désolé


    ???

    As-tu un rapport de cet outil stp ?
    Qu'a-t-il supprimé au juste ?
    0
    1. michel
       
      de quel outil tu parles?
      je suis que ce que toi tu me dis de faire
      0
    2. michel
       
      Bonjour
      Qu'es que je dois faire?
      0
  21. crapoulou Messages postés 28002 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   8 046
     
    Autant pour moi michel, j'ai confondu avec un autre message !

    J'ai a nouveau fait ctrl alt sup il est toujours en cour d'execution
    Quel est le nom du processus en cors d'exécution ??
    0
    1. michel
       
      En fait ctrl alt sup gestionnaire des taches je pensais que c'était le virus, en fait ce n'ai que l'intitulé de ce que je suis en train de faire.la page ou l'on s'écrit est intitulé virus security tool,rien de spécial désolé;
      0
  • 1
  • 2