Sujet Précédent Sujet Suivant

Easysear.ch intempestif: rapport navilog1

Résolu/Fermé
clemcedric - 5 févr. 2011 à 19:41
 Utilisateur anonyme - 10 févr. 2011 à 00:06
Bonjour,
en lisant votre forum j'ai trouvé une procédure pour me debarasser d'un problème: ma page d'accueil firefox est remplacée par "easysear.ch"
vous proposez d'utiliser navilog1 et de poster le rapport cleannavi.
le voici. Pourriez vous m'aider?
Merci!
Fix Navipromo version 4.0.9 commencé le 05/02/2011 18:50:07,10

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!

Outil exécuté depuis C:\navilog1

Mise à jour le 24.11.2010 à 16h00 par IL-MAFIOSO

Microsoft® Windows Vista(TM) Édition Familiale Premium ( v6.0.6002 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) Dual CPU T2310 @ 1.46GHz )
BIOS : Default System BIOS
USER : clémentine ( Administrator )
BOOT : Normal boot




C:\ (Local Disk) - NTFS - Total:55 Go (Free:0 Go)
D:\ (Local Disk) - NTFS - Total:49 Go (Free:27 Go)
E:\ (CD or DVD)


Recherche executée en mode normal

Nettoyage exécuté au redémarrage de l'ordinateur


c:\progra~2\micros~1\windows\startm~1\programs\WebMediaPlayer supprimé !


Nettoyage contenu C:\Windows\Temp effectué !
Nettoyage contenu C:\Users\CLMENT~1\AppData\Local\Temp effectué !


*** Sauvegarde du Registre vers dossier Safebackup ***

sauvegarde du Registre réalisée avec succès !

*** Nettoyage Registre ***

Nettoyage Registre Ok

Certificat Electronic-Group supprimé !
Certificat OOO-Favorit supprimé !



*** Scan terminé 05/02/2011 19:03:20,00



20 réponses

Réponse 1 / 20
Utilisateur anonyme
5 févr. 2011 à 19:52
Salut





1)* Télécharge ZHPDiag (de Nicolas coolman)

* ZHPDiag est un outil de diagnostic (Réalisé par Nicolas Coolman) .
Le logiciel permet d'effectuer un diagnostic rapide et complet de son système d'exploitation plus complet qu un rapport d'HijackThis
Il scrute ta Base de Registre et énumère les zones sensibles qui sont susceptibles d'être infectées.

ICI >> ZHPDiag (de Nicolas coolman)

* Une fois le téléchargement achevé,
* double clique sur ZHPDiag.exe et suis les instructions.
* /!\Utilisateurs de Windows Vista et Windows 7
* >> Clique droit sur le logo de ZHPDiag.exe, « exécuter en tant qu'Administrateur »
* Laisse toi guider lors de l'installation,
* coche >> créer une icône sur le bureau
* il se lancera automatiquement à la fin.
* Clique sur l'icône représentant une loupe (« Lancer le diagnostic »)
* Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
* Héberge le rapport sur ce site,
>> Cijoint.fr
* puis copie/colle le lien fourni dans ta prochaine réponse sur le forum.


* Pour t aider ,pour heberger le rapport
* rends toi sur Cijoint.fr
* clic sur Parcourir
* trouve >> le rapport que tu viens d'enregistrer qui doit par exemple être sur ton bureau
* et valide en cliquant sur >> Cliquez ici pour déposer le Fichier
* un lien de ce genre http://www.cijoint.fr/cjlink.php?file=cj201004/cijecaEGX.txt te sera généré,
* il te suffit de le poster ici pour que je puisse voir le rapport

ensuite

2) * Télécharge de AD-Remover sur ton Bureau. (Merci à C_XX)

* Ad-Remover permet d'éliminer proprement les publiciels vérolés, « adware » en anglais.
* Affichant de la publicité en échange d'un service gratuit,
* certains d'entre eux contiennent des logiciels espions violant votre vie privée numérique tout en modifiant le comportement de ton système.

ICI >>AD-Remover

/!\ Déconnecte-toi d'internet et ferme toutes applications en cours /!\

* Double-clique sur l'icône Ad-remover située sur ton Bureau.
* Sur la page, clique sur le bouton « Scanner »
* Confirme l'opération
* Poste le rapport qui apparaît à la fin.
* (Le rapport est sauvegardé aussi sous C:\Ad-report.)
* (CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)





Membre Contributeur sécurité CCM
0
Réponse 2 / 20
clemcedric Messages postés 14 Date d'inscription samedi 5 février 2011 Statut Membre Dernière intervention 17 juin 2011
5 févr. 2011 à 20:09
http://www.cijoint.fr/cjlink.php?file=cj201102/cijfVtHmor.txt

voilà!
0
Réponse 3 / 20
clemcedric Messages postés 14 Date d'inscription samedi 5 février 2011 Statut Membre Dernière intervention 17 juin 2011
5 févr. 2011 à 20:14
et voilà !

======= RAPPORT D'AD-REMOVER 2.0.0.2,D | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 29/01/11 à 16:00
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 20:10:16 le 05/02/2011, Mode normal

Microsoft® Windows Vista(TM) Édition Familiale Premium Service Pack 2 (X86)
clémentine@PC-DE-CLÉMENTIN (ASUSTeK Computer Inc. A8SR)

============== RECHERCHE ==============

Service: "sdmBackupIP" Présent

Fichier trouvé: C:\Users\clémentine\AppData\Local\esiavea.bat
Dossier trouvé: C:\Program Files\Installer
Fichier trouvé: C:\Windows\system32\Utils.dll
Dossier trouvé: C:\Windows\BackupIP
Dossier trouvé: C:\Users\clémentine\AppData\Roaming\Mozilla\FireFox\Profiles\c94m1nxd.default\conduit
Fichier trouvé: C:\Users\clémentine\AppData\Roaming\Mozilla\FireFox\Profiles\c94m1nxd.default\searchplugins\conduit.xml
Dossier trouvé: C:\Users\clémentine\AppData\Roaming\Dealio
Dossier trouvé: C:\Users\clémentine\AppData\Roaming\Search Settings
Dossier trouvé: C:\Users\clémentine\AppData\LocalLow\Search Settings
Dossier trouvé: C:\Program Files\Search Settings
Dossier trouvé: C:\Users\clémentine\AppData\Local\networker

Clé trouvée: HKLM\Software\Classes\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
Clé trouvée: HKLM\Software\Classes\Interface\{D5A1EF9A-7948-435D-8B87-D6A598317288}
Clé trouvée: HKLM\Software\Classes\TypeLib\{CD082CCA-086F-4FD8-8FD7-247A0DBBD1CC}
Clé trouvée: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\esiavea
Clé trouvée: HKLM\Software\Classes\SearchSettings.BHO
Clé trouvée: HKLM\Software\Classes\SearchSettings.BHO.1
Clé trouvée: HKLM\Software\Install Pedia Limited
Clé trouvée: HKLM\Software\Dealio
Clé trouvée: HKLM\Software\Search Settings
Clé trouvée: HKCU\Software\Dealio
Clé trouvée: HKCU\Software\Search Settings
Clé trouvée: HKCU\Software\WebMediaPlayer
Clé trouvée: HKLM\Software\Classes\Installer\Products\81337C0DA4B761D40A4CB3380F57AE88
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\81337C0DA4B761D40A4CB3380F57AE88
Clé trouvée: HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\au
Clé trouvée: HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\SearchSettings
Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3D0464EC-2D1F-4EB4-A0DD-5DCDCD306686}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D0C73318-7B4A-4D16-A0C4-3B83F075EA88}
Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\Search Settings

Valeur trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing\Trust Database\0|goicfboogidikkejccmclpieicihhlpo hpfanicgkffmccehnpkikogcffaepkfp
Valeur trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing\Trust Database\0|goicfboogidikkejccmclpieicihhlpo dgnckdmmolaijpbbakmplfhlfpdhglgc
Valeur trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|installer
Valeur trouvée: HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
Valeur trouvée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F}


============== SCAN ADDITIONNEL ==============

** Mozilla Firefox Version [3.6 (fr)] **

-- C:\Users\clémentine\AppData\Roaming\Mozilla\FireFox\Profiles\c94m1nxd.default\Prefs.js --
browser.startup.homepage, www.easysear.ch/
browser.startup.homepage_override.mstone, rv:1.9.2

========================================

** Internet Explorer Version [8.0.6001.18999] **

[HKCU\Software\Microsoft\Internet Explorer\Main]
AutoHide: yes
Do404Search: 0x01000000
Enable Browser Extensions: yes
Local Page: C:\Windows\system32\blank.htm
Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Show_ToolBar: yes
Start Page: www.easysear.ch/

[HKLM\Software\Microsoft\Internet Explorer\Main]
AutoHide: yes
Default_Page_URL: hxxp://www.asus.com
Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Delete_Temp_Files_On_Exit: yes
Local Page: C:\Windows\System32\blank.htm
Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Start Page: hxxp://go.microsoft.com/fwlink/?LinkId=69157

[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
Tabs: res://ieframe.dll/tabswelcome.htm
Blank: res://mshtml.dll/blank.htm

========================================

C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 1 Fichier(s)

C:\Ad-Report-SCAN[1].txt - 05/02/2011 (4983 Octet(s))

Fin à: 20:12:07, 05/02/2011

============== E.O.F ==============
0
Réponse 4 / 20
Utilisateur anonyme
5 févr. 2011 à 20:20
Re


lis bien et fais dans l ordre

1) /!\ Déconnecte-toi d'internet et ferme toutes applications en cours /!\

* Double-clique sur l'icône Ad-remover située sur ton Bureau.
* Sur la page, clique sur le bouton « Nettoyer »
* Confirme l'opération
* Poste le rapport qui apparaît à la fin.
* (Le rapport est sauvegardé aussi sous C:\Ad-report.)
* (CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)


ensuite


2) * tu as Malwarebytes

* Lances--> Malwarebytes (MBAM)
* Fais une mise a jour <== à faire
* Puis vas dans l'onglet "Recherche", coche >> Exécuter un examen complet
* puis "Rechercher"
* Sélectionnes tes disques durs" puis clique sur "Lancer l'examen"
* A la fin du scan, clique sur Afficher les résultats puis sur Enregistrer le rapport
*Si MalwareBytes' détecte des infections, clique sur ==>Afficher les résultats, puis sur ==>Supprimer la sélection
* S'il t' es demandé de redémarrer, clique sur "oui "
* aprés la suppression(s) de ou des infections trouvées -->poste le rapport ici



Membre Contributeur sécurité CCM
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 20
clemcedric Messages postés 14 Date d'inscription samedi 5 février 2011 Statut Membre Dernière intervention 17 juin 2011
5 févr. 2011 à 22:16
et voilà :

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Version de la base de données: 4052

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18999

05/02/2011 22:16:12
mbam-log-2011-02-05 (22-16-12).txt

Type d'examen: Examen complet (C:\|D:\|)
Elément(s) analysé(s): 266598
Temps écoulé: 1 heure(s), 46 minute(s), 31 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 2
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\avsoft (Trojan.Fraudpack) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\avsoft (Trojan.Fraudpack) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
0
Réponse 6 / 20
Utilisateur anonyme
6 févr. 2011 à 06:26
Salut



1) rapport d Ad-Remover ??

1) Poste moi >> le rapport >> C:\Ad-Report-CLEAN[1].txt
>>> cliques >> Démarrer >> Ordinateur >> Disque >> C:\Ad-Report-CLEAN[1].txt

une fois ce rapport posté

2) Malwarebytes
Heureusement que j avais marqué >> * Fais une mise a jour <== à faire
Ta version et base de données ne sont pas à jour

* Lances Malwarebytes
* cliques sur >> quarantaine>> selectionnes tout et supprimes tout ok !!
* si il te demande de redémarrer >> redémarre ton PC
et

* Fais la mise a jour

* tu refais avec Malwarebytes une analyse rapide + Suppression(s) de ce que tu trouveras éventuellement

* Poste le rapport



Membre Contributeur sécurité CCM
0
Réponse 7 / 20
clemcedric Messages postés 14 Date d'inscription samedi 5 février 2011 Statut Membre Dernière intervention 17 juin 2011
Modifié par clemcedric le 6/02/2011 à 13:26
Au passage: Merci pour l'aide !

j'ai demandé à Malwarebytes de faire une mise à jour! Je te promets!! Je refais. Effectivement j'ai planté la mise à jour, c'est en train de scanner (déjà 12elements infectés! :s)

Voici le rapport:
======= RAPPORT D'AD-REMOVER 2.0.0.2,D | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 29/01/11 à 16:00
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 20:10:16 le 05/02/2011, Mode normal

Microsoft® Windows Vista(TM) Édition Familiale Premium Service Pack 2 (X86)
clémentine@PC-DE-CLÉMENTIN (ASUSTeK Computer Inc. A8SR)

============== RECHERCHE ==============

Service: "sdmBackupIP" Présent

Fichier trouvé: C:\Users\clémentine\AppData\Local\esiavea.bat
Dossier trouvé: C:\Program Files\Installer
Fichier trouvé: C:\Windows\system32\Utils.dll
Dossier trouvé: C:\Windows\BackupIP
Dossier trouvé: C:\Users\clémentine\AppData\Roaming\Mozilla\FireFox\Profiles\c94m1nxd.default\conduit
Fichier trouvé: C:\Users\clémentine\AppData\Roaming\Mozilla\FireFox\Profiles\c94m1nxd.default\searchplugins\conduit.xml
Dossier trouvé: C:\Users\clémentine\AppData\Roaming\Dealio
Dossier trouvé: C:\Users\clémentine\AppData\Roaming\Search Settings
Dossier trouvé: C:\Users\clémentine\AppData\LocalLow\Search Settings
Dossier trouvé: C:\Program Files\Search Settings
Dossier trouvé: C:\Users\clémentine\AppData\Local\networker

Clé trouvée: HKLM\Software\Classes\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
Clé trouvée: HKLM\Software\Classes\Interface\{D5A1EF9A-7948-435D-8B87-D6A598317288}
Clé trouvée: HKLM\Software\Classes\TypeLib\{CD082CCA-086F-4FD8-8FD7-247A0DBBD1CC}
Clé trouvée: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\esiavea
Clé trouvée: HKLM\Software\Classes\SearchSettings.BHO
Clé trouvée: HKLM\Software\Classes\SearchSettings.BHO.1
Clé trouvée: HKLM\Software\Install Pedia Limited
Clé trouvée: HKLM\Software\Dealio
Clé trouvée: HKLM\Software\Search Settings
Clé trouvée: HKCU\Software\Dealio
Clé trouvée: HKCU\Software\Search Settings
Clé trouvée: HKCU\Software\WebMediaPlayer
Clé trouvée: HKLM\Software\Classes\Installer\Products\81337C0DA4B761D40A4CB3380F57AE88
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\81337C0DA4B761D40A4CB3380F57AE88
Clé trouvée: HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\au
Clé trouvée: HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\SearchSettings
Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3D0464EC-2D1F-4EB4-A0DD-5DCDCD306686}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D0C73318-7B4A-4D16-A0C4-3B83F075EA88}
Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\Search Settings

Valeur trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing\Trust Database\0|goicfboogidikkejccmclpieicihhlpo hpfanicgkffmccehnpkikogcffaepkfp
Valeur trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing\Trust Database\0|goicfboogidikkejccmclpieicihhlpo dgnckdmmolaijpbbakmplfhlfpdhglgc
Valeur trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|installer
Valeur trouvée: HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
Valeur trouvée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F}


============== SCAN ADDITIONNEL ==============

** Mozilla Firefox Version [3.6 (fr)] **

-- C:\Users\clémentine\AppData\Roaming\Mozilla\FireFox\Profiles\c94m1nxd.default\Prefs.js --
browser.startup.homepage, www.easysear.ch/
browser.startup.homepage_override.mstone, rv:1.9.2

========================================

** Internet Explorer Version [8.0.6001.18999] **

[HKCU\Software\Microsoft\Internet Explorer\Main]
AutoHide: yes
Do404Search: 0x01000000
Enable Browser Extensions: yes
Local Page: C:\Windows\system32\blank.htm
Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Show_ToolBar: yes
Start Page: www.easysear.ch/

[HKLM\Software\Microsoft\Internet Explorer\Main]
AutoHide: yes
Default_Page_URL: hxxp://www.asus.com
Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Delete_Temp_Files_On_Exit: yes
Local Page: C:\Windows\System32\blank.htm
Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Start Page: hxxp://go.microsoft.com/fwlink/?LinkId=69157

[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
Tabs: res://ieframe.dll/tabswelcome.htm
Blank: res://mshtml.dll/blank.htm

========================================

C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 1 Fichier(s)

C:\Ad-Report-SCAN[1].txt - 05/02/2011 (4983 Octet(s))

Fin à: 20:12:07, 05/02/2011

============== E.O.F ==============
0
Réponse 8 / 20
clemcedric Messages postés 14 Date d'inscription samedi 5 février 2011 Statut Membre Dernière intervention 17 juin 2011
6 févr. 2011 à 16:55
voilà le rapport.

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Version de la base de données: 5688

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18999

06/02/2011 16:47:43
mbam-log-2011-02-06 (16-47-43).txt

Type d'examen: Examen complet (C:\|D:\|)
Elément(s) analysé(s): 298293
Temps écoulé: 1 heure(s), 23 minute(s), 28 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 9
Valeur(s) du Registre infectée(s): 3
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 5
Fichier(s) infecté(s): 274

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} (PUP.Dealio) -> Not selected for removal.
HKEY_CLASSES_ROOT\TypeLib\{CD082CCA-086F-4FD8-8FD7-247A0DBBD1CC} (PUP.Dealio) -> Not selected for removal.
HKEY_CLASSES_ROOT\Interface\{D5A1EF9A-7948-435D-8B87-D6A598317288} (PUP.Dealio) -> Not selected for removal.
HKEY_CLASSES_ROOT\SearchSettings.BHO.1 (PUP.Dealio) -> Not selected for removal.
HKEY_CLASSES_ROOT\SearchSettings.BHO (PUP.Dealio) -> Not selected for removal.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} (PUP.Dealio) -> Not selected for removal.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} (PUP.Dealio) -> Not selected for removal.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} (PUP.Dealio) -> Not selected for removal.
HKEY_LOCAL_MACHINE\SOFTWARE\Dealio (PUP.Dealio) -> Not selected for removal.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\SEARCH SETTINGS\KB127\SEARCHSETTINGS.DLL (PUP.Dealio) -> Value: SEARCHSETTINGS.DLL -> Not selected for removal.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} (PUP.Dealio) -> Value: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} -> Not selected for removal.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} (PUP.Dealio) -> Value: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} -> Not selected for removal.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
c:\Users\clémentine\AppData\Roaming\Dealio (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\res (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\temp (PUP.Dealio) -> Not selected for removal.

Fichier(s) infecté(s):
c:\program files\search settings\kb127\searchsettings.dll (PUP.Dealio) -> Not selected for removal.
c:\program files\installer\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\program files\typeasy\keybrd.en.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\program files\typeasy\typeasy.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\Users\clémentine\AppData\Local\assembly\dl3\2LZBDAYY.JPT\ZD9KZWWN.C3L\ad03d243\1f0664ab_1abbcb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\clémentine\AppData\Local\assembly\dl3\2LZBDAYY.JPT\ZD9KZWWN.C3L\ad03d243\20b017fc_c1aacb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\clémentine\AppData\Local\assembly\dl3\2LZBDAYY.JPT\ZD9KZWWN.C3L\ad03d243\218821ee_7db6cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\clémentine\AppData\Local\assembly\dl3\2LZBDAYY.JPT\ZD9KZWWN.C3L\ad03d243\239633e8_5ec5cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\clémentine\AppData\Local\assembly\dl3\2LZBDAYY.JPT\ZD9KZWWN.C3L\ad03d243\23c156a1_6ac5cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\clémentine\AppData\Local\assembly\dl3\2LZBDAYY.JPT\ZD9KZWWN.C3L\ad03d243\2c8b8b63_11b0cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\clémentine\AppData\Local\assembly\dl3\2LZBDAYY.JPT\ZD9KZWWN.C3L\ad03d243\40195c73_a0aacb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\clémentine\AppData\Local\assembly\dl3\2LZBDAYY.JPT\ZD9KZWWN.C3L\ad03d243\40c36479_41a1cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\clémentine\AppData\Local\assembly\dl3\2LZBDAYY.JPT\ZD9KZWWN.C3L\ad03d243\469da0eb_51b6cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\clémentine\AppData\Local\assembly\dl3\2LZBDAYY.JPT\ZD9KZWWN.C3L\ad03d243\5606a669_f6c5cb01\networker.exe (Trojan.Agent) -> Delete on reboot.
c:\Users\clémentine\AppData\Local\assembly\dl3\2LZBDAYY.JPT\ZD9KZWWN.C3L\ad03d243\82e82ae7_51a1cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\clémentine\AppData\Local\assembly\dl3\2LZBDAYY.JPT\ZD9KZWWN.C3L\ad03d243\9cb34ed4_efafcb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\clémentine\AppData\Local\assembly\dl3\2LZBDAYY.JPT\ZD9KZWWN.C3L\ad03d243\9e882607_14bbcb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\clémentine\AppData\Local\assembly\dl3\2LZBDAYY.JPT\ZD9KZWWN.C3L\ad03d243\a261d631_20bbcb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\clémentine\AppData\Local\assembly\dl3\2LZBDAYY.JPT\ZD9KZWWN.C3L\ad03d243\a357eb29_8cc5cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\clémentine\AppData\Local\assembly\dl3\2LZBDAYY.JPT\ZD9KZWWN.C3L\ad03d243\d6906332_b3b5cb01\networker.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\res\err_mainwindow.html (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\res\alerts.gif (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\res\alerts_over.gif (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\res\alerts_rec.gif (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\res\alerts_rec_over.gif (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\res\chevron-small.gif (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\res\dealiosearch.html (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\res\deals-leftcap.gif (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\res\deal_report.jpg (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\res\ebay_login.jpg (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\res\err_toolbar.html (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\res\global_scripts.js (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\res\headerbgthin.jpg (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\res\highlight-bg.png (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\res\logo.gif (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\res\logo_over.gif (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\res\man_toolbar.css (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\res\man_toolbar.html (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\res\man_toolbar.js (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\res\man_toolbarl.js (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\res\post-this-deal.gif (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\res\post-this-deal_over.gif (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\res\scripts.js (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\res\scroller.js (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\res\search-chevron.gif (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\res\search-chevron_over.gif (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\res\search_bg_blink.gif (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\res\separator.gif (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\res\settings.gif (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\res\settings_over.gif (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\res\yahoo-search.png (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\index.76.35 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.196.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.198.56 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.199.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.200.53 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.201.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.202.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.203.71 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.205.62 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.213.71 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.214.49 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.215.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.216.67 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.217.67 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.218.52 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.219.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.220.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.221.57 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.223.68 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.226.68 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.227.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.228.62 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.229.76 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.23.63 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.239.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.24.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.240.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.241.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.242.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.243.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.244.63 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.245.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.247.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.248.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.249.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.251.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.252.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.253.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.254.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.255.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.256.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.257.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.279.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.28.58 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.282.75 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.283.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.284.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.289.67 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.290.62 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.291.61 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.296.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.297.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.189.45 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.222.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.250.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.304.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.34.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.365.53 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.391.60 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.415.62 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.435.64 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.458.70 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.50.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.307.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.308.75 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.31.47 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.310.46 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.311.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.315.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.316.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.317.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.318.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.319.49 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.32.48 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.334.44 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.335.60 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.336.44 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.337.44 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.338.75 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.339.47 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.340.47 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.341.47 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.349.50 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.35.48 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.350.50 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.351.51 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.352.54 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.353.51 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.354.51 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.357.62 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.358.52 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.359.52 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.360.53 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.361.54 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.362.68 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.363.58 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.364.54 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.367.56 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.368.58 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.369.55 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.370.56 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.371.56 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.372.57 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.373.55 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.375.56 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.376.57 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.377.55 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.378.65 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.384.58 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.386.71 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.387.59 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.388.59 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.389.59 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.390.60 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.392.60 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.393.60 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.394.60 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.396.61 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.397.61 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.398.60 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.399.60 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.403.61 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.404.63 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.405.61 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.406.61 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.407.76 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.408.63 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.409.61 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.412.62 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.413.62 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.414.62 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.416.62 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.417.62 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.418.62 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.419.62 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.420.62 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.421.62 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.423.63 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.424.63 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.425.63 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.426.63 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.427.63 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.428.65 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.429.63 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.430.63 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.432.65 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.433.64 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.434.65 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.436.76 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.437.64 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.438.71 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.439.71 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.440.75 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.442.73 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.443.73 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.444.73 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.445.68 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.446.69 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.450.67 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.451.67 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.452.68 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.453.68 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.454.69 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.456.69 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.457.75 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.459.70 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.460.69 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.462.74 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.463.69 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.464.70 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.465.68 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.468.70 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.469.70 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.470.70 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.471.73 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.472.70 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.478.74 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.479.73 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.480.68 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.481.71 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.482.74 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.49.67 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.500.71 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.501.74 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.502.71 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.51.69 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.52.72 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.520.76 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.521.76 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.522.76 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.53.51 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.531.76 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.532.75 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.534.75 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.54.47 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.55.45 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.56.69 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.57.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.58.47 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.593.76 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.595.76 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.63.57 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.66.47 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.70.75 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.71.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.10.76 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.109.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.110.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.12.52 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.13.58 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.130.58 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.135.50 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.153.44 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.155.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.156.49 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.16.60 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.161.52 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.178.66 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.184.55 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.188.52 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\temp\dod_cache.xml (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\temp\_toolbar_tmp_4584_5204_1.html (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\temp\_toolbar_tmp_4584_5204_3.html (PUP.Dealio) -> Not selected for removal.
0
Réponse 9 / 20
Utilisateur anonyme
6 févr. 2011 à 20:23
Salut


Bref !! Tu n as rien supprimé ni avec Ad-Remover ni avec Malwarebytes

Lis bien cette fois çi
Malwarebytes tu peux choisir la langue Française ainsi

Lances Malwarebytes >> Paramétres >> en bas à gauche > Langue >> choisis Français
aprés

1) *toujours dans Malwarebytes
* cliques sur >> quarantaine>> selectionnes tout et supprimes tout ok !!
* si il te demande de redémarrer >> redémarre ton PC
et
* Fais la mise a jour

* tu refais avec Malwarebytes une analyse rapide + Suppression(s) de ce que tu trouveras éventuellement

* Poste le rapport

ensuite


2) Fais un passage avec Ad-Remover

/!\ Déconnecte-toi d'internet et ferme toutes applications en cours /!\

* Double-clique sur l'icône Ad-remover située sur ton Bureau.
* Sur la page, clique sur le bouton « Nettoyer »
* Confirme l'opération
* Poste le rapport qui apparaît à la fin.
* (Le rapport est sauvegardé aussi sous C:\Ad-report.)
* (CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)





Membre Contributeur sécurité CCM
0
Réponse 10 / 20
clemcedric Messages postés 14 Date d'inscription samedi 5 février 2011 Statut Membre Dernière intervention 17 juin 2011
7 févr. 2011 à 09:11
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Version de la base de données: 5698

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18999

07/02/2011 09:10:27
mbam-log-2011-02-07 (09-10-27).txt

Type d'examen: Examen rapide
Elément(s) analysé(s): 154840
Temps écoulé: 18 minute(s), 20 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 9
Valeur(s) du Registre infectée(s): 3
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 5
Fichier(s) infecté(s): 255

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} (PUP.Dealio) -> Not selected for removal.
HKEY_CLASSES_ROOT\TypeLib\{CD082CCA-086F-4FD8-8FD7-247A0DBBD1CC} (PUP.Dealio) -> Not selected for removal.
HKEY_CLASSES_ROOT\Interface\{D5A1EF9A-7948-435D-8B87-D6A598317288} (PUP.Dealio) -> Not selected for removal.
HKEY_CLASSES_ROOT\SearchSettings.BHO.1 (PUP.Dealio) -> Not selected for removal.
HKEY_CLASSES_ROOT\SearchSettings.BHO (PUP.Dealio) -> Not selected for removal.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} (PUP.Dealio) -> Not selected for removal.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} (PUP.Dealio) -> Not selected for removal.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} (PUP.Dealio) -> Not selected for removal.
HKEY_LOCAL_MACHINE\SOFTWARE\Dealio (PUP.Dealio) -> Not selected for removal.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\SEARCH SETTINGS\KB127\SEARCHSETTINGS.DLL (PUP.Dealio) -> Value: SEARCHSETTINGS.DLL -> Not selected for removal.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} (PUP.Dealio) -> Value: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} -> Not selected for removal.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} (PUP.Dealio) -> Value: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} -> Not selected for removal.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
c:\Users\clémentine\AppData\Roaming\Dealio (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\res (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\temp (PUP.Dealio) -> Not selected for removal.

Fichier(s) infecté(s):
c:\program files\search settings\kb127\searchsettings.dll (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\res\err_mainwindow.html (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\res\alerts.gif (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\res\alerts_over.gif (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\res\alerts_rec.gif (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\res\alerts_rec_over.gif (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\res\chevron-small.gif (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\res\dealiosearch.html (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\res\deals-leftcap.gif (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\res\deal_report.jpg (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\res\ebay_login.jpg (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\res\err_toolbar.html (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\res\global_scripts.js (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\res\headerbgthin.jpg (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\res\highlight-bg.png (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\res\logo.gif (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\res\logo_over.gif (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\res\man_toolbar.css (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\res\man_toolbar.html (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\res\man_toolbar.js (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\res\man_toolbarl.js (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\res\post-this-deal.gif (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\res\post-this-deal_over.gif (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\res\scripts.js (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\res\scroller.js (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\res\search-chevron.gif (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\res\search-chevron_over.gif (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\res\search_bg_blink.gif (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\res\separator.gif (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\res\settings.gif (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\res\settings_over.gif (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\res\yahoo-search.png (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\index.76.35 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.196.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.198.56 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.199.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.200.53 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.201.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.202.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.203.71 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.205.62 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.213.71 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.214.49 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.215.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.216.67 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.217.67 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.218.52 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.219.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.220.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.221.57 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.223.68 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.226.68 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.227.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.228.62 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.229.76 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.23.63 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.239.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.24.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.240.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.241.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.242.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.243.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.244.63 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.245.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.247.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.248.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.249.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.251.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.252.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.253.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.254.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.255.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.256.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.257.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.279.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.28.58 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.282.75 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.283.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.284.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.289.67 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.290.62 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.291.61 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.296.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.297.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.189.45 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.222.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.250.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.304.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.34.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.365.53 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.391.60 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.415.62 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.435.64 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.458.70 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.50.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.307.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.308.75 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.31.47 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.310.46 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.311.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.315.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.316.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.317.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.318.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.319.49 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.32.48 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.334.44 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.335.60 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.336.44 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.337.44 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.338.75 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.339.47 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.340.47 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.341.47 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.349.50 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.35.48 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.350.50 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.351.51 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.352.54 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.353.51 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.354.51 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.357.62 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.358.52 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.359.52 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.360.53 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.361.54 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.362.68 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.363.58 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.364.54 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.367.56 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.368.58 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.369.55 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.370.56 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.371.56 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.372.57 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.373.55 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.375.56 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.376.57 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.377.55 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.378.65 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.384.58 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.386.71 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.387.59 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.388.59 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.389.59 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.390.60 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.392.60 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.393.60 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.394.60 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.396.61 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.397.61 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.398.60 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.399.60 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.403.61 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.404.63 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.405.61 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.406.61 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.407.76 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.408.63 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.409.61 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.412.62 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.413.62 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.414.62 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.416.62 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.417.62 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.418.62 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.419.62 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.420.62 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.421.62 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.423.63 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.424.63 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.425.63 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.426.63 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.427.63 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.428.65 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.429.63 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.430.63 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.432.65 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.433.64 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.434.65 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.436.76 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.437.64 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.438.71 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.439.71 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.440.75 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.442.73 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.443.73 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.444.73 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.445.68 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.446.69 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.450.67 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.451.67 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.452.68 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.453.68 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.454.69 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.456.69 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.457.75 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.459.70 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.460.69 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.462.74 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.463.69 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.464.70 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.465.68 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.468.70 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.469.70 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.470.70 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.471.73 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.472.70 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.478.74 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.479.73 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.480.68 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.481.71 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.482.74 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.49.67 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.500.71 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.501.74 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.502.71 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.51.69 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.52.72 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.520.76 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.521.76 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.522.76 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.53.51 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.531.76 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.532.75 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.534.75 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.54.47 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.55.45 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.56.69 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.57.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.58.47 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.593.76 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.595.76 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.63.57 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.66.47 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.70.75 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.71.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.10.76 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.109.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.110.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.12.52 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.13.58 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.130.58 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.135.50 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.153.44 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.155.43 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.156.49 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.16.60 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.161.52 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.178.66 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.184.55 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\rules\rules.1.188.52 (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\temp\dod_cache.xml (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\temp\_toolbar_tmp_4584_5204_1.html (PUP.Dealio) -> Not selected for removal.
c:\Users\clémentine\AppData\Roaming\Dealio\kb127\temp\_toolbar_tmp_4584_5204_3.html (PUP.Dealio) -> Not selected for removal.
0
Réponse 11 / 20
clemcedric Messages postés 14 Date d'inscription samedi 5 février 2011 Statut Membre Dernière intervention 17 juin 2011
7 févr. 2011 à 09:19
======= RAPPORT D'AD-REMOVER 2.0.0.2,D | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 29/01/11 à 16:00
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 09:12:00 le 07/02/2011, Mode normal

Microsoft® Windows Vista(TM) Édition Familiale Premium Service Pack 2 (X86)
clémentine@PC-DE-CLÉMENTIN (ASUSTeK Computer Inc. A8SR)

============== ACTION(S) ==============

Service: "sdmBackupIP" Stoppé et supprimé

Fichier supprimé: C:\Users\clémentine\AppData\Local\esiavea.bat
Dossier supprimé: C:\Program Files\Installer
Fichier supprimé: C:\Windows\system32\Utils.dll
Dossier supprimé: C:\Windows\BackupIP
Dossier supprimé: C:\Users\clémentine\AppData\Roaming\Mozilla\FireFox\Profiles\c94m1nxd.default\conduit
Fichier supprimé: C:\Users\clémentine\AppData\Roaming\Mozilla\FireFox\Profiles\c94m1nxd.default\searchplugins\conduit.xml
Dossier supprimé: C:\Users\clémentine\AppData\Roaming\Dealio
Dossier supprimé: C:\Users\clémentine\AppData\Roaming\Search Settings
Dossier supprimé: C:\Users\clémentine\AppData\LocalLow\Search Settings
Dossier supprimé: C:\Program Files\Search Settings
Dossier supprimé: C:\Users\clémentine\AppData\Local\networker

(!) -- Fichiers temporaires supprimés.


Clé supprimée: HKLM\Software\Classes\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
Clé supprimée: HKLM\Software\Classes\Interface\{D5A1EF9A-7948-435D-8B87-D6A598317288}
Clé supprimée: HKLM\Software\Classes\TypeLib\{CD082CCA-086F-4FD8-8FD7-247A0DBBD1CC}
Clé supprimée: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\esiavea
Clé supprimée: HKLM\Software\Classes\SearchSettings.BHO
Clé supprimée: HKLM\Software\Classes\SearchSettings.BHO.1
Clé supprimée: HKLM\Software\Install Pedia Limited
Clé supprimée: HKLM\Software\Dealio
Clé supprimée: HKLM\Software\Search Settings
Clé supprimée: HKCU\Software\Dealio
Clé supprimée: HKCU\Software\Search Settings
Clé supprimée: HKCU\Software\WebMediaPlayer
Clé supprimée: HKLM\Software\Classes\Installer\Products\81337C0DA4B761D40A4CB3380F57AE88
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\81337C0DA4B761D40A4CB3380F57AE88
Clé supprimée: HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\au
Clé supprimée: HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\SearchSettings
Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3D0464EC-2D1F-4EB4-A0DD-5DCDCD306686}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D0C73318-7B4A-4D16-A0C4-3B83F075EA88}
Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\Search Settings

Valeur supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing\Trust Database\0|goicfboogidikkejccmclpieicihhlpo hpfanicgkffmccehnpkikogcffaepkfp
Valeur supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing\Trust Database\0|goicfboogidikkejccmclpieicihhlpo dgnckdmmolaijpbbakmplfhlfpdhglgc
Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|installer
Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F}


============== SCAN ADDITIONNEL ==============

** Mozilla Firefox Version [3.6 (fr)] **

-- C:\Users\clémentine\AppData\Roaming\Mozilla\FireFox\Profiles\c94m1nxd.default\Prefs.js --
browser.startup.homepage, www.easysear.ch/
browser.startup.homepage_override.mstone, rv:1.9.2

========================================

** Internet Explorer Version [8.0.6001.18999] **

[HKCU\Software\Microsoft\Internet Explorer\Main]
AutoHide: yes
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Do404Search: 0x01000000
Enable Browser Extensions: yes
Local Page: C:\Windows\system32\blank.htm
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Show_ToolBar: yes
Start Page: hxxp://fr.msn.com/

[HKLM\Software\Microsoft\Internet Explorer\Main]
AutoHide: yes
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Local Page: C:\Windows\System32\blank.htm
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/

[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
Tabs: res://ieframe.dll/tabswelcome.htm
Blank: res://mshtml.dll/blank.htm

========================================

C:\Program Files\Ad-Remover\Quarantine: 274 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 16 Fichier(s)

C:\Ad-Report-CLEAN[1].txt - 07/02/2011 (5361 Octet(s))
C:\Ad-Report-SCAN[1].txt - 05/02/2011 (5112 Octet(s))

Fin à: 09:14:23, 07/02/2011

============== E.O.F ==============
0
Réponse 12 / 20
clemcedric Messages postés 14 Date d'inscription samedi 5 février 2011 Statut Membre Dernière intervention 17 juin 2011
7 févr. 2011 à 09:47
Il me semble que c'est bon non?
En tout cas, un grand merci à toi parce que je ne m'en serai jamais sortie seule! C'est top l'aide que vous offrez ici, j'espère qu'on vous le dit bien souvent parce que c'est énorme pour les non initiés que nous sommes!

Bonne continuation à vous!
0
Réponse 13 / 20
Utilisateur anonyme
7 févr. 2011 à 10:13
Salut

Pas de soucis je vais t aider

Ad-Remover c est bien tu as bien fait >> Nettoyer ok !!

Mais toujours rien supprimé avec Malwarebtes' Mbam

Lis bien doucement ce qui suit et ça ira !!


Malwarebytes tu peux choisir la langue Française ainsi

1) Lances Malwarebytes >> Paramétres >> en bas à gauche > Langue >> choisis Français
aprés

2) *toujours dans Malwarebytes

3) * cliques sur >> quarantaine>> selectionnes tout et supprimes tout ok !!
* si il te demande de redémarrer >> redémarre ton PC
et


4)* tu refais avec Malwarebytes une analyse rapide + Suppression(s) de ce que tu trouveras éventuellement


* Poste le rapport





Membre Contributeur sécurité CCM
0
Réponse 14 / 20
clemcedric Messages postés 14 Date d'inscription samedi 5 février 2011 Statut Membre Dernière intervention 17 juin 2011
7 févr. 2011 à 10:19
Alors la langue sélectionnée est d'ors et déjà le français , j'ai vérifié dans les paramètres (qui se trouvent au haut à droite!) Après l'installation à peut être été faite en français puisque c'est French et non français.)
Dans la Quarantaine je n'ai plus rien, je refais une analyse rapide mais il me semble qu'il n'avait rien trouvé.

Je relance malwarbytes. (à priori mon problème easysear.ch à l'air d'avoir disparu (mais bon avec plus de 200 éléments infectés, je suppose que c'est pas partie visible de l'iceberg)

j'y retourne.
0
Réponse 15 / 20
clemcedric Messages postés 14 Date d'inscription samedi 5 février 2011 Statut Membre Dernière intervention 17 juin 2011
7 févr. 2011 à 10:28
yeah! je n'ai aucun élément infecté!! (pour moi c'est l'équivalent d'un 0 faute en dictée ein! )

Bon je te laisse vérifier pour de vrai:

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Version de la base de données: 5698

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18999

07/02/2011 10:25:49
mbam-log-2011-02-07 (10-25-49).txt

Type d'examen: Examen rapide
Elément(s) analysé(s): 154566
Temps écoulé: 6 minute(s), 12 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
0
Réponse 16 / 20
Utilisateur anonyme
Modifié par VIRUS-C-C le 7/02/2011 à 10:41
Re

Ce coup- çi c'est ok !! Tu vois tu y arrives , lol !!



1) * Télécharge TFC crée par OldTimer
ICI >> TFC by OldTimer
* Double clique dessus pour le lancer.
* /!\Utilisateurs de Windows Vista et Windows 7
>> Clique droit sur le logo de TFC.exe « exécuter en tant qu'Administrateur »
* L'outil va fermer tous les programmes lors de son exécution, donc vérifies que tu ais sauvegardé tout ton travail en cours avant de commencer.
* Clique sur le bouton Start pour lancer le processus.
* Laisse le programme s'exécuter sans l'interrompre.
* Lorsqu'il a terminé, l'outil devrait faire redémarrer votre système. S'il ne le fait pas, fais redémarrer manuellement le PC toi même pour finir le nettoyage.




2) * Poste un nouveau ZHPDiag

* Héberge le rapport sur ce site,
>> Cijoint.fr
* puis copie/colle le lien fourni dans ta prochaine réponse sur le forum.

* Pour t aider ,pour heberger le rapport
* rends toi sur Cijoint.fr
* clic sur Parcourir
* trouve >> le rapport que tu viens d'enregistrer qui doit par exemple être sur ton bureau
* et valide en cliquant sur >> Cliquez ici pour déposer le Fichier
* un lien de ce genre http://www.cijoint.fr/cjlink.php?file=cj201004/cijecaEGX.txt te sera généré,
* il te suffit de le poster ici pour que je puisse voir le rapport




Membre Contributeur sécurité CCM
0
Réponse 17 / 20
clemcedric Messages postés 14 Date d'inscription samedi 5 février 2011 Statut Membre Dernière intervention 17 juin 2011
7 févr. 2011 à 11:10
Here you are !

http://www.cijoint.fr/cjlink.php?file=cj201102/cijsUruZMS.txt
0
Réponse 18 / 20
Utilisateur anonyme
7 févr. 2011 à 23:19
Salut




>> ZHPFix <<


* ferme toutes les applications ouvertes.
* Copies tout le texte présent en gras dans l'encadré ci-dessous
*( tu le selectionnes avec ta souris >> Clique droit dessus et choisis "copier" ou fait Ctrl+C )




OPT:O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
OPT:O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
OPT:O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
OPT:O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] oobefldr.dll
OPT:O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - Global Startup: C:\Users\clémentine\Desktop\Ludi.lnk - Clé orpheline
O23 - Service: (CLTNetCnService) - Clé orpheline
O23 - Service: (LiveUpdate Notice Ex) - Clé orpheline
O42 - Logiciel: installer - (.Install Pedia Limited.) [HKLM] -- installer
[HKLM\Software\Installer]
O51 - MPSK:{13976f06-8818-11df-9b35-000000000000}\Shell\AutoRun\command - Clé orpheline
O51 - MPSK:{13976f06-8818-11df-9b35-000000000000}\Shell\open\command - Clé orpheline
O64 - Services: CurCS - (.not file.) - MpKsl06f02b02 (MpKsl06f02b02) .(.Pas de propriétaire - Pas de description.) - LEGACY_MPKSL06F02B02
O64 - Services: CurCS - (.not file.) - MpKsl0f553217 (MpKsl0f553217) .(.Pas de propriétaire - Pas de description.) - LEGACY_MPKSL0F553217
O64 - Services: CurCS - (.not file.) - MpKsl2a291694 (MpKsl2a291694) .(.Pas de propriétaire - Pas de description.) - LEGACY_MPKSL2A291694
O64 - Services: CurCS - (.not file.) - MpKsl3ef6c234 (MpKsl3ef6c234) .(.Pas de propriétaire - Pas de description.) - LEGACY_MPKSL3EF6C234
O64 - Services: CurCS - (.not file.) - MpKsl4f27a1e7 (MpKsl4f27a1e7) .(.Pas de propriétaire - Pas de description.) - LEGACY_MPKSL4F27A1E7
O64 - Services: CurCS - (.not file.) - MpKsl7b1060a0 (MpKsl7b1060a0) .(.Pas de propriétaire - Pas de description.) - LEGACY_MPKSL7B1060A0
O64 - Services: CurCS - (.not file.) - MpKsl7daf56ce (MpKsl7daf56ce) .(.Pas de propriétaire - Pas de description.) - LEGACY_MPKSL7DAF56CE
O64 - Services: CurCS - (.not file.) - MpKsl7fc8aedf (MpKsl7fc8aedf) .(.Pas de propriétaire - Pas de description.) - LEGACY_MPKSL7FC8AEDF
O64 - Services: CurCS - (.not file.) - MpKsl83921b18 (MpKsl83921b18) .(.Pas de propriétaire - Pas de description.) - LEGACY_MPKSL83921B18
O64 - Services: CurCS - (.not file.) - MpKsl8ca83fba (MpKsl8ca83fba) .(.Pas de propriétaire - Pas de description.) - LEGACY_MPKSL8CA83FBA
O64 - Services: CurCS - (.not file.) - MpKsl8ddcbf07 (MpKsl8ddcbf07) .(.Pas de propriétaire - Pas de description.) - LEGACY_MPKSL8DDCBF07
O64 - Services: CurCS - (.not file.) - MpKsl95d7459d (MpKsl95d7459d) .(.Pas de propriétaire - Pas de description.) - LEGACY_MPKSL95D7459D
O64 - Services: CurCS - (.not file.) - MpKsl968f87ec (MpKsl968f87ec) .(.Pas de propriétaire - Pas de description.) - LEGACY_MPKSL968F87EC
O64 - Services: CurCS - (.not file.) - MpKsl9ad27804 (MpKsl9ad27804) .(.Pas de propriétaire - Pas de description.) - LEGACY_MPKSL9AD27804
O64 - Services: CurCS - (.not file.) - MpKslbff5666d (MpKslbff5666d) .(.Pas de propriétaire - Pas de description.) - LEGACY_MPKSLBFF5666D
O64 - Services: CurCS - (.not file.) - MpKslc8b2443a (MpKslc8b2443a) .(.Pas de propriétaire - Pas de description.) - LEGACY_MPKSLC8B2443A
O64 - Services: CurCS - (.not file.) - MpKsle015cf77 (MpKsle015cf77) .(.Pas de propriétaire - Pas de description.) - LEGACY_MPKSLE015CF77
O64 - Services: CurCS - (.not file.) - MpKsle35a0719 (MpKsle35a0719) .(.Pas de propriétaire - Pas de description.) - LEGACY_MPKSLE35A0719
O64 - Services: CurCS - (.not file.) - MpKslef5e01d7 (MpKslef5e01d7) .(.Pas de propriétaire - Pas de description.) - LEGACY_MPKSLEF5E01D7
O64 - Services: CurCS - (.not file.) - MpKslf2e6c0b9 (MpKslf2e6c0b9) .(.Pas de propriétaire - Pas de description.) - LEGACY_MPKSLF2E6C0B9
O64 - Services: CurCS - (.not file.) - MpKslf439118e (MpKslf439118e) .(.Pas de propriétaire - Pas de description.) - LEGACY_MPKSLF439118E






* Double Clique sur l'icone ZhpFix du bureau pour le lancer .
* Utilisateurs de Windows7/Vista >> Fais un clic-droit sur le raccourci de ZHPFix et choisis "Exécuter en temps qu'administrateur"
* Une fois l'outil ZHPFix ouvert ,

* clique sur le bouton [ H ] ==> Image ( "coller les lignes Helper" ) .

* Dans l'encadré principal
* tu verras donc les lignes que tu as copié précédemment apparaitre .
* Vérifie que toutes les lignes que je t'ai demandé de copier (et seulement elles) sont dans la fenêtre.
* cliques >> OK puis
* Cliques sur >>Tous
* Pour finir clique sur >> Nettoyer .
* colle le rapport obtenu .
( ce rapport est sauvegardé dans ce dossier C:\Program files\ZHPDiag\ZHPFixReport.txt )



Membre Contributeur sécurité CCM
0
Réponse 19 / 20
clemcedric Messages postés 14 Date d'inscription samedi 5 février 2011 Statut Membre Dernière intervention 17 juin 2011
8 févr. 2011 à 21:51
et voilà :

Rapport de ZHPFix 1.12.3249 par Nicolas Coolman, Update du 03/02/2011
Fichier d'export Registre : C:\ZHPExportRegistry-08-02-2011-21-49-56.txt
Run by clémentine at 08/02/2011 21:49:56
Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002)
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html
Contact : nicolascoolman@yahoo.fr

========== Clé(s) du Registre ==========
O42 - Logiciel: installer - (.Install Pedia Limited.) [HKLM] -- installer => Désinstallation logicielle annulée par l'utilisateur ou désinstallation partielle!
O23 - Service: (CLTNetCnService) - Clé orpheline => Clé supprimée avec succès
O23 - Service: (LiveUpdate Notice Ex) - Clé orpheline => Clé supprimée avec succès
HKLM\Software\Installer => Clé supprimée avec succès
O51 - MPSK:{13976f06-8818-11df-9b35-000000000000}\Shell\AutoRun\command - Clé orpheline => Clé supprimée avec succès
O51 - MPSK:{13976f06-8818-11df-9b35-000000000000}\Shell\open\command - Clé orpheline => Clé absente
O64 - Services: CurCS - (.not file.) - MpKsl06f02b02 (MpKsl06f02b02) .(.Pas de propriétaire - Pas de description.) - LEGACY_MPKSL06F02B02 => Clé supprimée avec succès
O64 - Services: CurCS - (.not file.) - MpKsl0f553217 (MpKsl0f553217) .(.Pas de propriétaire - Pas de description.) - LEGACY_MPKSL0F553217 => Clé supprimée avec succès
O64 - Services: CurCS - (.not file.) - MpKsl2a291694 (MpKsl2a291694) .(.Pas de propriétaire - Pas de description.) - LEGACY_MPKSL2A291694 => Clé supprimée avec succès
O64 - Services: CurCS - (.not file.) - MpKsl3ef6c234 (MpKsl3ef6c234) .(.Pas de propriétaire - Pas de description.) - LEGACY_MPKSL3EF6C234 => Clé supprimée avec succès
O64 - Services: CurCS - (.not file.) - MpKsl4f27a1e7 (MpKsl4f27a1e7) .(.Pas de propriétaire - Pas de description.) - LEGACY_MPKSL4F27A1E7 => Clé supprimée avec succès
O64 - Services: CurCS - (.not file.) - MpKsl7b1060a0 (MpKsl7b1060a0) .(.Pas de propriétaire - Pas de description.) - LEGACY_MPKSL7B1060A0 => Clé supprimée avec succès
O64 - Services: CurCS - (.not file.) - MpKsl7daf56ce (MpKsl7daf56ce) .(.Pas de propriétaire - Pas de description.) - LEGACY_MPKSL7DAF56CE => Clé supprimée avec succès
O64 - Services: CurCS - (.not file.) - MpKsl7fc8aedf (MpKsl7fc8aedf) .(.Pas de propriétaire - Pas de description.) - LEGACY_MPKSL7FC8AEDF => Clé supprimée avec succès
O64 - Services: CurCS - (.not file.) - MpKsl83921b18 (MpKsl83921b18) .(.Pas de propriétaire - Pas de description.) - LEGACY_MPKSL83921B18 => Clé supprimée avec succès
O64 - Services: CurCS - (.not file.) - MpKsl8ca83fba (MpKsl8ca83fba) .(.Pas de propriétaire - Pas de description.) - LEGACY_MPKSL8CA83FBA => Clé supprimée avec succès
O64 - Services: CurCS - (.not file.) - MpKsl8ddcbf07 (MpKsl8ddcbf07) .(.Pas de propriétaire - Pas de description.) - LEGACY_MPKSL8DDCBF07 => Clé supprimée avec succès
O64 - Services: CurCS - (.not file.) - MpKsl95d7459d (MpKsl95d7459d) .(.Pas de propriétaire - Pas de description.) - LEGACY_MPKSL95D7459D => Clé supprimée avec succès
O64 - Services: CurCS - (.not file.) - MpKsl968f87ec (MpKsl968f87ec) .(.Pas de propriétaire - Pas de description.) - LEGACY_MPKSL968F87EC => Clé supprimée avec succès
O64 - Services: CurCS - (.not file.) - MpKsl9ad27804 (MpKsl9ad27804) .(.Pas de propriétaire - Pas de description.) - LEGACY_MPKSL9AD27804 => Clé supprimée avec succès
O64 - Services: CurCS - (.not file.) - MpKslbff5666d (MpKslbff5666d) .(.Pas de propriétaire - Pas de description.) - LEGACY_MPKSLBFF5666D => Clé supprimée avec succès
O64 - Services: CurCS - (.not file.) - MpKslc8b2443a (MpKslc8b2443a) .(.Pas de propriétaire - Pas de description.) - LEGACY_MPKSLC8B2443A => Clé supprimée avec succès
O64 - Services: CurCS - (.not file.) - MpKsle015cf77 (MpKsle015cf77) .(.Pas de propriétaire - Pas de description.) - LEGACY_MPKSLE015CF77 => Clé supprimée avec succès
O64 - Services: CurCS - (.not file.) - MpKsle35a0719 (MpKsle35a0719) .(.Pas de propriétaire - Pas de description.) - LEGACY_MPKSLE35A0719 => Clé supprimée avec succès
O64 - Services: CurCS - (.not file.) - MpKslef5e01d7 (MpKslef5e01d7) .(.Pas de propriétaire - Pas de description.) - LEGACY_MPKSLEF5E01D7 => Clé supprimée avec succès
O64 - Services: CurCS - (.not file.) - MpKslf2e6c0b9 (MpKslf2e6c0b9) .(.Pas de propriétaire - Pas de description.) - LEGACY_MPKSLF2E6C0B9 => Clé supprimée avec succès
O64 - Services: CurCS - (.not file.) - MpKslf439118e (MpKslf439118e) .(.Pas de propriétaire - Pas de description.) - LEGACY_MPKSLF439118E => Clé supprimée avec succès

========== Valeur(s) du Registre ==========
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe => Valeur supprimée avec succès
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe => Valeur supprimée avec succès
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe => Valeur supprimée avec succès
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] oobefldr.dll => Valeur supprimée avec succès
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] oobefldr.dll => Valeur supprimée avec succès

========== Fichier(s) ==========
c:\users\clémentine\desktop\ludi.lnk => Supprimé et mis en quarantaine


========== Récapitulatif ==========
27 : Clé(s) du Registre
5 : Valeur(s) du Registre
1 : Fichier(s)


End of the scan
0
Réponse 20 / 20
Utilisateur anonyme
10 févr. 2011 à 00:06
Salut


>>> Comment va ton PC ??


Fait ceci !!

1)* mets à jour la version d'Adobe Reader
Télécharge la version d'Adobe Reader
>> Adobe Reader
a l installation décoche la case d installation de McAfee Sécurity scan plus


2) *>> Mets à jour Mozilla Firefox
>> Mozilla Firefox

* Sécurise le navigateur Firefox(Utilise le en Priorité) avec AdBlock Plus
>> Securiser Firefox

* tu rajouteras aussi WOT il permet d'identifier aisément les sites dangereux dans les résultats de recherche et dans Firefox,explorer et Google Chrome
>> WOT


3) * Installe ce Soft qui te tiendra au courant des mises à jour de tes Logiciels installés

* Télécharge Update Checker

* logiciel permet de trouver la liste des logiciels installés sur ton PC ainsi que leurs versions actuelles, et en comparant cette liste avec la base des données du serveur.
* il peut dire quel logiciel n'est pas à jour, et il te propose également de le télécharger

ICI >> Update Checker
* Installe le avec les paramètres par défaut en cliquant chaque fois sur Suivant.
* Une fois installé, patiente quelques secondes et tu verras apparaître une icône verte dans ta barre des tâches te signalant qu'il y a des mises à jour disponibles.
* Double-cliques sur l'icône pour être redirigé sur le site de téléchargement des mises à jour.
* Un conseil : n'installe pas les BETA qui sont listées en dessous.>> Beta Updates Detected
* Tu installes les mises à jour



4) * Vaccines tes Amovibles

* Desactive ton antivirus le temps de la manip

* Telecharge et install UsbFix (de El Desaparecido et C_XX )
ICI >> UsbFix (de El Desaparecido et C_XX )
* Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptibles d'avoir été infectées sans les ouvrir
* Double clique sur le raccourci UsbFix présent sur ton bureau .
* Choisis l'option >> Vacciner
* Laisse travailler l'outil.
* Ensuite poste le rapport UsbFix.txt qui apparaîtra

* Réactive ton antivirus



5) * Télécharges Delfix de Xplode
* Utilitaire pour supprimer toutes les traces des logiciels qui ont servi à traiter les infections spécifiques :
ICI > DelFix.exe
* double clique sur DelFix.exe pour le lancer.

* Laisse toi guider lors de l'installation,
* cliques >> option2 (Suppression)
* </gras> Patiente pendant le scan jusqu'à l'ouverture du rapport.

* Copie/Colle le contenu du rapport .


>> Fais ceci est reviens aprés pour la suite et Fin §§



Membre Contributeur sécurité CCM
0