Virus bloque toutes les actions -

TomZanovich Messages postés 39 Date d'inscription   Statut Membre Dernière intervention   -  
juju666 Messages postés 35446 Date d'inscription   Statut Contributeur sécurité Dernière intervention   -
Bonjour,

J'écris ce message depuis mon netbook.
Mon 2e ordinateur, celui de la config d'en dessous, à reçu un beau cheval de troie qui s'active à chaque démarrage sans que je ne puis rien n'y faire. Il s'agit d'un logiciel copiant windows security, mais avec des différences flagrantes. Il me fait un scan (Que j'arrête immédiatement) mais qui détecte des virus. Bien sûr, il me demande d'envoyer mon e-mail pour avoir une nouvelle version pour les supprimer. Cette merde aurait pu rester anodine, mais elle bloque toute mes actions : Je ne peut plus lancer internet, et le gestionnaire de tâches se ferme automatiquement. J'ai accès à Avast et j'ai lancé un scan au démarrage qui se passe en ce moment, mais j'ai peur pour ma machine.

25 réponses

  • 1
  • 2
  1. juju666 Messages postés 35446 Date d'inscription   Statut Contributeur sécurité Dernière intervention   4 796
     
    Bonjour.

    ▶ Télécharge sur le bureau RogueKiller (par tigzy)

    ▶ ▶ Sous Windows XP, double clic gauche

    ▶ ▶ Sous Vista/Seven, clique droit, lancer en tant qu'administrateur

    ▶ Quitte tous tes programmes en cours
    ▶ Lance RogueKiller.exe.
    ▶ Un scan se lance, puis tu verra d''indiqué dans la fenêtre
    ♦ 1. Recherche (écrit en vert)
    ♦ 2. Suppression(écrit en rouge)
    ♦ 3. Hosts RAZ (écrit en rouge)
    ♦ 4. Proxy RAZ (écrit en rouge)
    ♦ 5. DNS RAZ (écrit en rouge)
    ♦ 6. Raccourcis RAZ (écrit en rouge)
    ♦ 0. Quitter (écrit en vert)
    A ce moment tape 1 et valide

    ▶ Une fois terminé, un rapport (RKreport1.txt) a du se créer à côté de l'exécutable, colle son contenu dans la réponse.
    ▶ Utilise l'option 0 pour fermer RogueKiller à ce moment là.

    ▶ Si le programme a été bloqué, ne pas hésiter à essayer plusieurs fois ou a changer son nom en winlogon.exe

    Tutoriel : http://forums-fec.be/entraide/viewtopic.php?f=55&t=24
    1
  2. Kamomil Messages postés 13 Statut Membre 4
     
    J'ai eu un virus comme ça, c'est un marchand de logiciel qui vous dit d'acheter son truc pour protégéer votre ordi.
    J'ai pu restaurer mon sys à une date antérieure et m'en suis ainsi débarrassé.
    0
  3. TomZanovich Messages postés 39 Date d'inscription   Statut Membre Dernière intervention  
     
    Bon, j'ai terminé mon scan. Cela n'a rien changé. J'ai planifié un autre scan, celui ci pour les programmes se lançant au démarrage. Je m'en occuperai demain.

    Au fait, à propos de Rogue Killer : Je ne peut pas accéder à internet, je ne peut donc pas le télécharger
    0
  4. juju666 Messages postés 35446 Date d'inscription   Statut Contributeur sécurité Dernière intervention   4 796
     
    bah comment tu fais pour venir ici alors ?
    télécharge roguekiller depuis le netbook et transfère via clé usb sur le pc malade ;)
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. TomZanovich Messages postés 39 Date d'inscription   Statut Membre Dernière intervention  
     
    C'est bizarre, mais... Mon ordinateur refonctionne ! Privacy Protection à disparu comme par magie...
    0
  7. juju666 Messages postés 35446 Date d'inscription   Statut Contributeur sécurité Dernière intervention   4 796
     
    Passe RogueKiller, c'est un faux espoir :)
    0
  8. TomZanovich Messages postés 39 Date d'inscription   Statut Membre Dernière intervention  
     
    OK :

    RogueKiller V6.1.10 [18/11/2011] par Tigzy
    mail: tigzyRK<at>gmail<dot>com
    Remontees: https://www.luanagames.com/index.fr.html
    Blog: http://tigzyrk.blogspot.com

    Systeme d'exploitation: Windows XP (5.1.2600 Service Pack 2) 32 bits version
    Demarrage : Mode normal
    Utilisateur: ChloÚ [Droits d'admin]
    Mode: Recherche -- Date : 21/11/2011 17:17:00

    ¤¤¤ Processus malicieux: 0 ¤¤¤

    ¤¤¤ Entrees de registre: 13 ¤¤¤
    [SUSP PATH] HKCU\[...]\Run : engel (C:\Documents and Settings\ChloÚ\Application Data\updates\updates.exe) -> FOUND
    [SUSP PATH] HKCU\[...]\Run : CE8SIIFGSU (C:\DOCUME~1\CHLO~1\LOCALS~1\Temp\Usq.exe) -> FOUND
    [BLACKLIST DLL] HKCU\[...]\Run : Wyusi (rundll32.exe "C:\WINDOWS\mfdscdms.dll",Startup) -> FOUND
    [SUSP PATH] HKCU\[...]\Run : Privacy Protection (C:\Documents and Settings\All Users\Application Data\privacy.exe) -> FOUND
    [PREVRUN] HKLM\[...]\Run : NvMediaCenter (RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login) -> FOUND
    [PREVRUN] HKLM\[...]\Run : NvCplDaemon (RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup) -> FOUND
    [SUSP PATH] HKUS\S-1-5-21-1960408961-1425521274-725345543-1003[...]\Run : engel (C:\Documents and Settings\ChloÚ\Application Data\updates\updates.exe) -> FOUND
    [SUSP PATH] HKUS\S-1-5-21-1960408961-1425521274-725345543-1003[...]\Run : CE8SIIFGSU (C:\DOCUME~1\CHLO~1\LOCALS~1\Temp\Usq.exe) -> FOUND
    [BLACKLIST DLL] HKUS\S-1-5-21-1960408961-1425521274-725345543-1003[...]\Run : Wyusi (rundll32.exe "C:\WINDOWS\mfdscdms.dll",Startup) -> FOUND
    [SUSP PATH] HKUS\S-1-5-21-1960408961-1425521274-725345543-1003[...]\Run : Privacy Protection (C:\Documents and Settings\All Users\Application Data\privacy.exe) -> FOUND
    [BLACKLIST] HKLM\[...]\Root : LEGACY_SSHNAS () -> FOUND
    [HJ] HKLM\[...]\SystemRestore : DisableSR (1) -> FOUND
    [HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

    ¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤

    ¤¤¤ Driver: [LOADED] ¤¤¤

    ¤¤¤ Infection : Rogue.AntiSpy-SP ¤¤¤

    ¤¤¤ Fichier HOSTS: ¤¤¤
    127.0.0.1 localhost

    Termine : << RKreport[2].txt >>
    RKreport[1].txt ; RKreport[2].txt
    0
  9. TomZanovich Messages postés 39 Date d'inscription   Statut Membre Dernière intervention  
     
    Quelqu'un sait quoi faire ? Je dois supprimer ?
    0
  10. TomZanovich Messages postés 39 Date d'inscription   Statut Membre Dernière intervention  
     
    S'il vous plaît, il va falloir que je parte et je ne suis pas sûr que mon PC refonctionnera
    0
  11. juju666 Messages postés 35446 Date d'inscription   Statut Contributeur sécurité Dernière intervention   4 796
     
    Je peux manger ? xD

    Relance roguekiller en option 2 puis 0

    poste le rapport.
    0
  12. TomZanovich Messages postés 39 Date d'inscription   Statut Membre Dernière intervention  
     
    Pardon,

    J'apprécie ce que vous faites pour moi :

    RogueKiller V6.1.10 [18/11/2011] par Tigzy
    mail: tigzyRK<at>gmail<dot>com
    Remontees: https://www.luanagames.com/index.fr.html
    Blog: http://tigzyrk.blogspot.com

    Systeme d'exploitation: Windows XP (5.1.2600 Service Pack 2) 32 bits version
    Demarrage : Mode normal
    Utilisateur: ChloÚ [Droits d'admin]
    Mode: Suppression -- Date : 21/11/2011 17:36:57

    ¤¤¤ Processus malicieux: 0 ¤¤¤

    ¤¤¤ Entrees de registre: 9 ¤¤¤
    [SUSP PATH] HKCU\[...]\Run : engel (C:\Documents and Settings\ChloÚ\Application Data\updates\updates.exe) -> DELETED
    [SUSP PATH] HKCU\[...]\Run : CE8SIIFGSU (C:\DOCUME~1\CHLO~1\LOCALS~1\Temp\Usq.exe) -> DELETED
    [BLACKLIST DLL] HKCU\[...]\Run : Wyusi (rundll32.exe "C:\WINDOWS\mfdscdms.dll",Startup) -> DELETED
    [SUSP PATH] HKCU\[...]\Run : Privacy Protection (C:\Documents and Settings\All Users\Application Data\privacy.exe) -> DELETED
    [PREVRUN] HKLM\[...]\Run : NvMediaCenter (RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login) -> DELETED
    [PREVRUN] HKLM\[...]\Run : NvCplDaemon (RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup) -> DELETED
    [BLACKLIST] HKLM\[...]\Root : LEGACY_SSHNAS () -> DELETED
    [HJ] HKLM\[...]\SystemRestore : DisableSR (1) -> REPLACED (0)
    [HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

    ¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤

    ¤¤¤ Driver: [LOADED] ¤¤¤

    ¤¤¤ Infection : Rogue.AntiSpy-SP ¤¤¤

    ¤¤¤ Fichier HOSTS: ¤¤¤
    127.0.0.1 localhost

    Termine : << RKreport[1].txt >>
    RKreport[1].txt
    0
  13. juju666 Messages postés 35446 Date d'inscription   Statut Contributeur sécurité Dernière intervention   4 796
     
    Là il est désactivé, mais l'infection est toujours présente.

    Il y a également l'infection Renos.

    Ton infection est donc une infection qui se propage par disques amovibles (clefs USB, disque dur externe, carte flash etc..).
    Les disques amovibles que tu as insérés dans l'ordinateur quand celui-ci était infecté ont été infectés à leur tour.

    Le simple faite d'ouvrir le poste de travail et de double-cliquer sur ta clef USB/disque dur externe va réinfecter ton système.
    Tu trouveras un lien explicatif sur la propagation de ces infections, comment s'en protéger etc.... à partir de ces liens :

    https://forum.malekal.com/viewtopic.php?t=5544&start=

    ▶ Télécharge ici : USBFIX sur ton bureau

    OU lien alternatif : http://general-changelog-team.fr/telechargements/logiciels/viewdownload/80-outils-de-el-desaparecido/32-usbfix

    branche tous tes périphériques externes sans les ouvrir (MP3, MP4, clé USB, disque dur externe, GSM, ...)

    /!\ Désactive provisoirement et seulement le temps de l'utilisation d'USBFIX, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent gêner fortement la procédure de recherche et de nettoyage de l'outil.

    si tu as XP => double clique
    si tu as Vista ou windows 7 => clic droit "executer en tant que...."


    sur l'icône Usbfix située sur ton Bureau.
    Sur la page, clique sur le bouton :

    ▶ choisi l option Suppression

    ▶ UsbFix scannera ton pc , laisse travailler l outil.

    ▶ Ensuite poste le rapport UsbFix.txt qui apparaitra avec le bureau .

    ▶ Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque.( C:\UsbFix.txt )

    ( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

    Tutoriel : http://forums-fec.be/entraide/viewtopic.php?f=55&t=9

    ~~

    ▶ Télécharge MBAM et installe le selon l'emplacement par défaut
    https://www.malwarebytes.com/mwb-download/
    ▶ Effectue la mise à jour et lance Malwarebytes' Anti-Malware

    ▶ ▶ Si tu n''arrive pas à le mettre à jour, télécharge ce fichier , ferme MBAM, et exécute le

    ▶ Clique dans l'onglet du haut "Recherche"
    ▶ Coche l'option "Exécuter un examen complet" puis sur le bouton "Rechercher"
    ▶ Choisis de scanner tous tes disques durs, puis clique sur 'Lancer l'examen"

    A la fin de l'analyse, si MBAM n'a rien trouvé :

    ▶ Clique sur OK, le rapport s'ouvre spontanément

    Si des menaces ont été détectées :

    ▶ Clique sur OK puis "Afficher les résultats"
    ▶ Choisis l'option "Supprimer la sélection"
    ▶ Si MBAM demande le redémarrage de Windows : Clique sur "Oui"
    ▶ Une fois le PC redémarré, le rapport se trouve dans l'onglet "Rapports/Logs"
    ▶ Sinon le rapport s'ouvre automatiquement après la suppression

    Quelque soit le résultat, copie/colle le rapport dans le prochain message

    Tutoriel : http://forums-fec.be/entraide/viewtopic.php?f=55&t=10
    0
  14. TomZanovich Messages postés 39 Date d'inscription   Statut Membre Dernière intervention  
     
    Rapport USB fix (Je fais Malwere en ce moment même) :

    ############################## | UsbFix V 7.069 | [Suppression]

    Utilisateur: ChloÚ (Administrateur) # CHLOE
    Mis à jour le 20/11/2011 par El Desaparecido
    Lancé à 17:42:41 | 21/11/2011

    Site Web: https://www.sosvirus.net/
    Fichier suspect ? : http://eldesaparecido.com/support.php
    Contact: contact@eldesaparecido.com

    PC: Gigabyte Technology Co., Ltd. (GA-MA69GM-S2H) (X86-based PC) # Desktop Computer
    CPU: AMD Athlon(tm) 64 X2 Dual Core Processor 5200+ (2706)
    CPU: AMD Athlon(tm) 64 X2 Dual Core Processor 5200+ (2706)
    RAM -> [ Total : 3326 | Free : 2493 ]
    BIOS: Award Modular BIOS v6.00PG
    BOOT: Normal boot

    OS: Microsoft Windows XP Professionnel (5.1.2600 32-Bit) # Service Pack 2
    WB: Windows Internet Explorer 6.0.2900.2180

    SC: Security Center Service [ (!) Disabled ]
    WU: Windows Update Service [ Enabled ]
    FW: Windows FireWall Service [ Enabled ]

    C:\ (%systemdrive%) -> Disque fixe # 298 Go (145 Go libre(s) - 49%) [] # NTFS
    D:\ -> CD-ROM
    G:\ -> Disque amovible # 4 Go (1 Go libre(s) - 36%) [KINGSTON] # FAT32

    ################## | Processus Actif |

    C:\WINDOWS\System32\smss.exe (720)
    C:\WINDOWS\system32\winlogon.exe (796)
    C:\WINDOWS\system32\services.exe (840)
    C:\WINDOWS\system32\lsass.exe (852)
    C:\WINDOWS\system32\nvsvc32.exe (1008)
    C:\WINDOWS\system32\svchost.exe (1084)
    C:\WINDOWS\System32\svchost.exe (1244)
    C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (1488)
    C:\WINDOWS\Explorer.EXE (1708)
    C:\Program Files\Vtune\TBPanel.exe (460)
    C:\WINDOWS\RTHDCPL.EXE (476)
    C:\Program Files\Microsoft IntelliType Pro\type32.exe (492)
    C:\Program Files\Microsoft IntelliPoint\point32.exe (504)
    C:\WINDOWS\System32\svchost.exe (524)
    C:\WINDOWS\system32\svchost.exe (748)
    C:\Program Files\Google\Update\GoogleUpdate.exe (816)
    C:\WINDOWS\system32\svchost.exe (856)
    C:\Program Files\Java\jre6\bin\jqs.exe (1092)
    C:\WINDOWS\System32\svchost.exe (1688)
    C:\WINDOWS\System32\svchost.exe (1720)
    C:\WINDOWS\system32\PnkBstrA.exe (1016)
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (2072)
    C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe (2180)
    C:\WINDOWS\system32\svchost.exe (2204)
    C:\WINDOWS\system32\mspmspsv.exe (2256)
    C:\WINDOWS\system32\wbem\wmiapsrv.exe (2892)
    C:\Program Files\Java\jre6\bin\jusched.exe (3284)
    C:\Program Files\Alwil Software\Avast5\avastUI.exe (3308)
    C:\WINDOWS\VM_STI.EXE (3328)
    C:\PROGRA~1\iMesh Applications\MediaBar\Datamngr\datamngrUI.exe (3368)
    C:\Program Files\QuickTime\qttask.exe (3376)
    C:\WINDOWS\system32\RunDLL32.exe (3392)
    C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe (3512)
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe (3532)
    C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (3588)
    C:\WINDOWS\system32\ctfmon.exe (3600)
    C:\WINDOWS\lclock.exe (3624)
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe (3632)
    C:\Documents and Settings\ChloÚ\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (3652)
    C:\Documents and Settings\ChloÚ\Local Settings\Application Data\Akamai\netsession_win.exe (3704)
    C:\Documents and Settings\ChloÚ\Local Settings\Application Data\Akamai\netsession_win.exe (3948)
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (4020)
    C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe (4032)
    C:\Program Files\Philips\SPC 200NC PC Camera\TrayMin200.exe (4060)
    C:\Program Files\MagicDisc\MagicDisc.exe (228)
    C:\Program Files\OpenOffice.org 3\program\soffice.exe (1376)
    C:\Program Files\OpenOffice.org 3\program\soffice.bin (2348)
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe (2536)
    C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe (3056)
    C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe (3244)
    C:\Program Files\Java\jre6\bin\jucheck.exe (2156)
    C:\Program Files\Mozilla Firefox\firefox.exe (3304)
    C:\UsbFix\UsbFix.exe (1660)

    ################## | Processus Stoppés |

    Stoppé! C:\WINDOWS\system32\nvsvc32.exe (1008)
    Stoppé! C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (1488)
    Stoppé! C:\WINDOWS\Explorer.EXE (1708)
    Stoppé! C:\Program Files\Vtune\TBPanel.exe (460)
    Stoppé! C:\WINDOWS\RTHDCPL.EXE (476)
    Stoppé! C:\Program Files\Microsoft IntelliType Pro\type32.exe (492)
    Stoppé! C:\Program Files\Microsoft IntelliPoint\point32.exe (504)
    Stoppé! C:\Program Files\Google\Update\GoogleUpdate.exe (816)
    Stoppé! C:\Program Files\Java\jre6\bin\jqs.exe (1092)
    Stoppé! C:\WINDOWS\system32\PnkBstrA.exe (1016)
    Stoppé! C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (2072)
    Stoppé! C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe (2180)
    Stoppé! C:\WINDOWS\system32\mspmspsv.exe (2256)
    Stoppé! C:\WINDOWS\system32\wbem\wmiapsrv.exe (2892)
    Stoppé! C:\Program Files\Java\jre6\bin\jusched.exe (3284)
    Stoppé! C:\Program Files\Alwil Software\Avast5\avastUI.exe (3308)
    Stoppé! C:\WINDOWS\VM_STI.EXE (3328)
    Stoppé! C:\PROGRA~1\iMesh Applications\MediaBar\Datamngr\datamngrUI.exe (3368)
    Stoppé! C:\Program Files\QuickTime\qttask.exe (3376)
    Stoppé! C:\WINDOWS\system32\RunDLL32.exe (3392)
    Stoppé! C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe (3512)
    Stoppé! C:\Program Files\HP\HP Software Update\HPWuSchd2.exe (3532)
    Stoppé! C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (3588)
    Stoppé! C:\WINDOWS\system32\ctfmon.exe (3600)
    Stoppé! C:\WINDOWS\lclock.exe (3624)
    Stoppé! C:\Program Files\Windows Live\Messenger\msnmsgr.exe (3632)
    Stoppé! C:\Documents and Settings\ChloÚ\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (3652)
    Stoppé! C:\Documents and Settings\ChloÚ\Local Settings\Application Data\Akamai\netsession_win.exe (3704)
    Stoppé! C:\Documents and Settings\ChloÚ\Local Settings\Application Data\Akamai\netsession_win.exe (3948)
    Stoppé! C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (4020)
    Stoppé! C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe (4032)
    Stoppé! C:\Program Files\Philips\SPC 200NC PC Camera\TrayMin200.exe (4060)
    Stoppé! C:\Program Files\MagicDisc\MagicDisc.exe (228)
    Stoppé! C:\Program Files\OpenOffice.org 3\program\soffice.exe (1376)
    Stoppé! C:\Program Files\OpenOffice.org 3\program\soffice.bin (2348)
    Stoppé! C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe (2536)
    Stoppé! C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe (3056)
    Stoppé! C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe (3244)
    Stoppé! C:\Program Files\Java\jre6\bin\jucheck.exe (2156)
    Stoppé! C:\Program Files\Mozilla Firefox\firefox.exe (3304)

    ################## | Éléments infectieux |

    Supprimé! C:\Recycler\S-1-5-21-1960408961-1425521274-725345543-1003

    (!) Fichiers temporaires supprimés.

    ################## | Registre |

    Supprimé! HKCU\Software\Microsoft\Handle
    Supprimé! HKU\.DEFAULT\Software\Microsoft\Handle
    Supprimé! HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\

    ################## | Mountpoints2 |

    Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{f9ba8c98-134a-11e0-9122-001d7de62e8a}

    ################## | Listing |

    [26/09/2008 - 18:14:45 | D ] C:\Alexandra Ledermann 6
    [24/09/2008 - 04:09:56 | N | 0] C:\AUTOEXEC.BAT
    [24/09/2008 - 12:47:05 | N | 224] C:\boot.ini
    [28/08/2001 - 15:00:00 | N | 4952] C:\Bootfont.bin
    [05/04/2009 - 13:34:24 | N | 362] C:\checkrun.txt
    [23/03/2011 - 12:14:33 | D ] C:\Codemasters
    [21/11/2011 - 17:04:55 | D ] C:\Config.Msi
    [24/09/2008 - 04:09:56 | N | 0] C:\CONFIG.SYS
    [24/09/2008 - 12:50:38 | N | 86] C:\csb.log
    [08/05/2011 - 13:19:17 | D ] C:\Documents and Settings
    [24/09/2008 - 06:02:24 | D ] C:\Drivers
    [28/02/2009 - 21:31:14 | D ] C:\fa060d4d563105ba8bb351
    [19/11/2011 - 16:41:23 | D ] C:\Fraps
    [30/08/2010 - 18:02:13 | D ] C:\Games
    [29/06/2010 - 13:09:44 | N | 253] C:\Info.txt
    [24/09/2008 - 04:09:56 | N | 0] C:\IO.SYS
    [24/09/2008 - 04:09:56 | N | 0] C:\MSDOS.SYS
    [10/11/2010 - 14:07:13 | D ] C:\Nexon
    [03/08/2004 - 23:38:34 | N | 47564] C:\NTDETECT.COM
    [03/08/2004 - 23:59:44 | N | 251712] C:\ntldr
    [01/12/2010 - 14:58:44 | D ] C:\NVIDIA
    [21/11/2011 - 16:59:01 | ASH | 2145386496] C:\pagefile.sys
    [12/11/2011 - 17:56:55 | D ] C:\Program Files
    [14/11/2010 - 18:13:01 | D ] C:\ProgramData
    [14/09/2011 - 17:38:59 | N | 33664388] C:\ProvingGrounds_PMC.emf
    [21/11/2011 - 17:45:36 | SHD ] C:\RECYCLER
    [17/04/2011 - 13:44:01 | D ] C:\Red Storm Entertainment
    [24/09/2008 - 12:47:55 | N | 797] C:\RHDSetup.log
    [08/10/2010 - 20:02:57 | D ] C:\sierra
    [28/10/2008 - 17:27:51 | N | 268] C:\sqmdata00.sqm
    [30/10/2008 - 22:05:49 | N | 268] C:\sqmdata01.sqm
    [13/01/2009 - 18:32:26 | N | 232] C:\sqmdata02.sqm
    [28/01/2009 - 08:51:00 | N | 232] C:\sqmdata03.sqm
    [28/01/2009 - 10:31:31 | N | 232] C:\sqmdata04.sqm
    [29/01/2009 - 00:38:48 | N | 232] C:\sqmdata05.sqm
    [29/01/2009 - 00:53:16 | N | 232] C:\sqmdata06.sqm
    [29/01/2009 - 22:05:55 | N | 232] C:\sqmdata07.sqm
    [30/01/2009 - 14:56:44 | N | 232] C:\sqmdata08.sqm
    [31/01/2009 - 00:06:13 | N | 208] C:\sqmdata09.sqm
    [31/01/2009 - 09:52:11 | N | 232] C:\sqmdata10.sqm
    [28/10/2008 - 17:27:51 | N | 244] C:\sqmnoopt00.sqm
    [30/10/2008 - 22:05:49 | N | 244] C:\sqmnoopt01.sqm
    [13/01/2009 - 18:32:26 | N | 244] C:\sqmnoopt02.sqm
    [28/01/2009 - 08:51:00 | N | 244] C:\sqmnoopt03.sqm
    [28/01/2009 - 10:31:31 | N | 244] C:\sqmnoopt04.sqm
    [29/01/2009 - 00:38:48 | N | 244] C:\sqmnoopt05.sqm
    [29/01/2009 - 00:53:16 | N | 244] C:\sqmnoopt06.sqm
    [29/01/2009 - 22:05:55 | N | 244] C:\sqmnoopt07.sqm
    [30/01/2009 - 14:56:44 | N | 244] C:\sqmnoopt08.sqm
    [31/01/2009 - 00:06:13 | N | 172] C:\sqmnoopt09.sqm
    [31/01/2009 - 09:52:11 | N | 244] C:\sqmnoopt10.sqm
    [14/03/2009 - 11:43:19 | N | 122] C:\ss_nb.dat
    [14/03/2009 - 11:43:20 | N | 122] C:\ss_udp.dat
    [14/03/2009 - 11:43:19 | N | 122] C:\ss_udp2.dat
    [24/09/2008 - 12:45:50 | SHD ] C:\System Volume Information
    [22/08/2010 - 10:02:00 | N | 3] C:\t.tmp
    [24/09/2011 - 12:22:45 | N | 59845568] C:\Takistan.emf
    [25/10/2009 - 10:30:54 | D ] C:\temp
    [04/05/2011 - 21:54:31 | D ] C:\tmp
    [31/10/2008 - 14:53:00 | N | 11] C:\TOMBPATH.TXT
    [29/12/2008 - 10:23:05 | D ] C:\TOMBRAID
    [26/12/2008 - 13:59:39 | D ] C:\TR2-1.net
    [29/12/2008 - 10:23:05 | N | 22] C:\TUBPATH.BAT
    [21/11/2011 - 17:45:36 | D ] C:\UsbFix
    [21/11/2011 - 17:46:52 | A | 6919] C:\UsbFix.txt
    [21/11/2011 - 17:00:23 | D ] C:\WINDOWS
    [14/09/2011 - 16:33:21 | N | 43441916] C:\Zargabad.emf
    [09/11/2011 - 13:38:36 | N | 346112] G:\O.doc
    [05/09/2010 - 11:04:52 | N | 1335149] G:\cours_01-02.pdf
    [21/08/2010 - 23:05:52 | N | 1969381] G:\arthrosethèse.pdf
    [06/11/2011 - 18:02:20 | N | 9953280] G:\Bienvenue sur O.doc
    [05/10/2011 - 14:46:44 | N | 4651254] G:\Copie de Sans titre 2.bmp
    [15/10/2011 - 19:05:54 | N | 1885696] G:\Normal.dot
    [10/10/2011 - 11:57:02 | N | 14717952] G:\O1.doc
    [14/09/2011 - 16:21:12 | N | 5738496] G:\~WRL2820.tmp
    [11/11/2011 - 14:46:04 | N | 1347512] G:\015.JPG
    [11/11/2011 - 14:47:02 | N | 1218655] G:\018.JPG
    [11/11/2011 - 14:47:24 | N | 1462301] G:\022.JPG
    [11/11/2011 - 15:01:02 | N | 638281] G:\029.JPG
    [11/11/2011 - 14:50:04 | N | 1431239] G:\030.JPG
    [11/11/2011 - 14:50:16 | N | 1270616] G:\031.JPG
    [11/11/2011 - 14:50:36 | N | 1230916] G:\032.JPG
    [13/10/2011 - 11:26:44 | D ] G:\a garder
    [17/10/2011 - 12:04:24 | N | 40448] G:\Oma.doc
    [25/10/2011 - 10:04:02 | N | 32768] G:\Prologu111e.doc
    [11/04/2008 - 07:23:32 | N | 58721180] G:\Leçon Salsa N°1.mov
    [14/08/2010 - 15:37:24 | D ] G:\Musique

    ################## | Vaccin |

    C:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
    G:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

    ################## | Upload |

    Veuillez envoyer le fichier: C:\UsbFix_Upload_Me_CHLOE.zip
    http://eldesaparecido.com/upload.htmlp
    Merci de votre contribution.

    ################## | Reboot |

    (!) L'ordinateur n'à été redémarré!

    ################## | E.O.F |
    0
    1. juju666 Messages postés 35446 Date d'inscription   Statut Contributeur sécurité Dernière intervention   4 796
       
      Vu.
      0
  15. TomZanovich Messages postés 39 Date d'inscription   Statut Membre Dernière intervention  
     
    Tu est sûr ? Rien de grave ?

    Malware bosse dur en ce moment même
    0
  16. TomZanovich Messages postés 39 Date d'inscription   Statut Membre Dernière intervention  
     
    Waho... Déjà 74 éléments infectés après 12 minutes
    0
  17. juju666 Messages postés 35446 Date d'inscription   Statut Contributeur sécurité Dernière intervention   4 796
     
    je sais :)
    0
  18. TomZanovich Messages postés 39 Date d'inscription   Statut Membre Dernière intervention  
     
    Re mon ami !

    Malwarebytes' Anti-Malware 1.51.2.1300
    www.malwarebytes.org

    Version de la base de données: 8209

    Windows 5.1.2600 Service Pack 2
    Internet Explorer 6.0.2900.2180

    21/11/2011 19:08:45
    mbam-log-2011-11-21 (19-08-45).txt

    Type d'examen: Examen complet (C:\|D:\|G:\|)
    Elément(s) analysé(s): 425524
    Temps écoulé: 1 heure(s), 8 minute(s), 11 seconde(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 85
    Valeur(s) du Registre infectée(s): 7
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 38
    Fichier(s) infecté(s): 137

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_CLASSES_ROOT\AppID\{0D82ACD6-A652-4496-A298-2BDE705F4227} (Adware.ClickPotato) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\AppID\{7025E484-D4B0-441a-9F0B-69063BD679CE} (Adware.ClickPotato) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\AppID\{8258B35C-05B8-4c0e-9525-9BCCC70F8F2D} (Adware.ClickPotato) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\AppID\{A89256AD-EC17-4a83-BEF5-4B8BC4F39306} (Adware.ClickPotato) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\AppID\{D2083641-E57F-4eab-BB85-0582424F4A29} (Adware.HotBar.CP) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{09325003-167C-483d-A4BA-8B3122ABB432} (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\TypeLib\{F1A1892C-2A6C-4817-98B4-FF81443CBA20} (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{E25DA6D6-C365-46CF-ABAF-DC5893135D7A} (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\ShopperReports.HbGuru.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\ShopperReports.HbGuru (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{1602F07D-8BF3-4c08-BDD6-DDDB1C48AEDC} (Adware.ClickPotato) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\TypeLib\{C55CA95C-324B-451c-B2D2-6E895AA75FEC} (Adware.ClickPotato) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{30B15818-E110-4527-9C05-46ACE5A3460D} (Adware.ClickPotato) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\ClickPotatoLiteAX.info.1 (Adware.ClickPotato) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\ClickPotatoLiteAX.info (Adware.ClickPotato) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1602F07D-8BF3-4C08-BDD6-DDDB1C48AEDC} (Adware.ClickPotato) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{2721A8E5-BFDB-4562-9912-9E0531CA616C} (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\TypeLib\{5FE0CEAE-CB69-40af-A323-40F94257DACB} (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{65A16874-2ED0-460E-A547-5FE2EC3A13A7} (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\ShopperReports.MozillaPSExecuter.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\ShopperReports.MozillaPSExecuter (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{396CFC12-932D-496b-A0A8-5D7201E105E1} (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\TypeLib\{573F4ABB-A1A2-44ed-9BA9-A8DAD40AAC46} (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{71E02280-5212-45C3-B174-4D5A35DA254F} (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\ShopperReports.MozillaNvgtnTrpr.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\ShopperReports.MozillaNvgtnTrpr (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{6DD76B7B-6423-4df0-9A07-84A6CAD973A0} (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\ShopperReports.Dwnldr.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\ShopperReports.Dwnldr (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{74C22317-5B90-471f-9AD2-FEC049870A16} (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\ShopperReports.Scopes.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\ShopperReports.Scopes (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{7A3D6D17-9DD5-4C60-8076-D1784DABAF8C} (Adware.ClickPotato) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\TypeLib\{814BAA91-DC22-4350-87D6-0C86E93F7F08} (Adware.ClickPotato) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{419EDA30-6DFF-432C-B534-E15D899ABEE4} (Adware.ClickPotato) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\MenuButtonIE.ButtonIE.1 (Adware.ClickPotato) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\MenuButtonIE.ButtonIE (Adware.ClickPotato) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{7F6CFB6A-9227-4bb8-B941-F2B067E76F51} (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\ShopperReports.TriggerImmidiateOrRandomTS.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\ShopperReports.TriggerImmidiateOrRandomTS (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{AB0EE208-DF60-4fa7-A617-C4269760033E} (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\ShopperReports.Reporter.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\ShopperReports.Reporter (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{AC6D819E-AA8F-4418-A3BB-D165C1B18BB5} (Adware.ClickPotato) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\ClickPotatoLiteAX.UserProfiles.1 (Adware.ClickPotato) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\ClickPotatoLiteAX.UserProfiles (Adware.ClickPotato) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AC6D819E-AA8F-4418-A3BB-D165C1B18BB5} (Adware.ClickPotato) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{DEE758B4-C3FB-4a5b-9939-848B9C77A2FB} (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\ShopperReports.Stock.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\ShopperReports.Stock (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{E12AEAB6-7D12-4c07-8E36-5892EFB4DAFB} (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\ShopperReports.TriggerImmidiate.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\ShopperReports.TriggerImmidiate (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{E2F2C137-A782-4fb5-81AF-086156F5EB0A} (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\ShopperReports.AsyncReporter.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\ShopperReports.AsyncReporter (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{F1D06C9F-51F0-4476-BEDE-5DDF91BE304E} (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\ShopperReports.ReportData.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\ShopperReports.ReportData (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{F3A32DF2-7413-4fb1-B575-1AC920A17B76} (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\ShopperReports.TriggerOnceInDay.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\ShopperReports.TriggerOnceInDay (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Typelib\{ACC62306-9A63-4864-BD2F-C8825D2D7EA6} (Adware.ClickPotato) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{21BA420E-161C-413A-B21E-4E42AE1F4226} (Adware.ClickPotato) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7} (Adware.Softomate) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{69725738-CD68-4f36-8D02-8C43722EE5DA} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{89F88394-3828-4d03-A0CF-8203604C3DA6} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D4233F04-1789-483c-A137-731E8F113DD5} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\AppID\BRNstIE.DLL (Adware.ClickPotato) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\AppID\CmndFF.DLL (Adware.ClickPotato) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\AppID\MenuButtonIE.DLL (Adware.ClickPotato) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\AppID\mozillaps.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\AppID\Pltfrm.DLL (Adware.ClickPotato) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\3ETECE6I8G (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\CE8SIIFGSU (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\ShopperReports3 (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\clickpotatolitesa (Adware.ClickPotato) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\EoRezo (Rogue.Eorezo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\ClickPotatoLite (Adware.ClickPotato) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\ShopperReports3 (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ClickPotatoLiteSA (Adware.ClickPotato) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ShopperReportsSA (Adware.ShopperReports) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdate_is1 (Adware.EoRezo) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> Value: {B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{B58926D6-CFB0-45d2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> Value: {B58926D6-CFB0-45d2-9C28-4B5A0F0368AE} -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\ShopperReports 3.1.22.0 (Adware.HotBar) -> Value: ShopperReports 3.1.22.0 -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\SRS_IT_E8790470B07659543FAD92 (Malware.Trace) -> Value: SRS_IT_E8790470B07659543FAD92 -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\eorezo (Rogue.Eorezo) -> Value: eorezo -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\extensions\ShopperReports@ShopperReports.com (ShopperReports) -> Value: ShopperReports@ShopperReports.com -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\extensions\ClickPotatoLite@ClickPotatoLite.com (Adware.ClickPotato) -> Value: ClickPotatoLite@ClickPotatoLite.com -> Quarantined and deleted successfully.

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    c:\documents and settings\all users\application data\clickpotatolitesa (Adware.ClickPotato) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\clickpotatolite (Adware.ClickPotato) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\shopperreports3 (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\shopperreports3\Firefox (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\shopperreports3\Firefox\cs (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\shopperreports3\Firefox\cs\db (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\shopperreports3\Firefox\cs\dwld (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\shopperreports3\Firefox\cs\report (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\shopperreports3\Firefox\cs\res1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\shopperreports3\IE (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\shopperreports3\IE\cs (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\shopperreports3\IE\cs\db (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\shopperreports3\IE\cs\dwld (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\shopperreports3\IE\cs\report (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\shopperreports3\IE\cs\res1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\program files\clickpotatolite (Adware.ClickPotato) -> Quarantined and deleted successfully.
    c:\program files\clickpotatolite\bin (Adware.ClickPotato) -> Quarantined and deleted successfully.
    c:\program files\clickpotatolite\bin\10.0.659.0 (Adware.ClickPotato) -> Quarantined and deleted successfully.
    c:\program files\clickpotatolite\bin\10.0.659.0\firefox (Adware.ClickPotato) -> Quarantined and deleted successfully.
    c:\program files\clickpotatolite\bin\10.0.659.0\firefox\extensions (Adware.ClickPotato) -> Quarantined and deleted successfully.
    c:\program files\clickpotatolite\bin\10.0.659.0\firefox\extensions\plugins (Adware.ClickPotato) -> Quarantined and deleted successfully.
    c:\program files\shopperreports3 (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\program files\shopperreports3\bin (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\program files\shopperreports3\bin\3.1.22.0 (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\program files\shopperreports3\bin\3.1.22.0\firefox (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\program files\shopperreports3\bin\3.1.22.0\firefox\firefoxtoolbar (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\program files\shopperreports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\program files\shopperreports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\chrome (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\program files\shopperreports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\chrome\content (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\program files\shopperreports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\components (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\documents and settings\all users\menu démarrer\programmes\clickpotato (Adware.ClickPotato) -> Quarantined and deleted successfully.
    c:\documents and settings\all users\menu démarrer\programmes\shopperreports (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_classic (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_station_meteo (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\softwareupdate (Adware.EoRezo) -> Quarantined and deleted successfully.

    Fichier(s) infecté(s):
    c:\program files\shopperreports3\bin\3.1.22.0\BRNstIE.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\documents and settings\all users\application data\szdsq.exqa (Trojan.Agent.CoXGen) -> Quarantined and deleted successfully.
    c:\program files\Steam\steamapps\common\hitman blood money\pdtrain.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
    c:\program files\Steam\steamapps\common\mafia ii - public demo\pc\mafia.ii.[demo]-patch.exe (PUP.Hacktool.Patcher) -> Not selected for removal.
    c:\documents and settings\all users\application data\clickpotatolitesa\clickpotatolitesa.dat (Adware.ClickPotato) -> Quarantined and deleted successfully.
    c:\documents and settings\all users\application data\clickpotatolitesa\clickpotatolitesaabout.mht (Adware.ClickPotato) -> Quarantined and deleted successfully.
    c:\documents and settings\all users\application data\clickpotatolitesa\clickpotatolitesaau.dat (Adware.ClickPotato) -> Quarantined and deleted successfully.
    c:\documents and settings\all users\application data\clickpotatolitesa\clickpotatolitesaeula.mht (Adware.ClickPotato) -> Quarantined and deleted successfully.
    c:\documents and settings\all users\application data\clickpotatolitesa\clickpotatolitesa_kyf.dat (Adware.ClickPotato) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\shopperreports3\Firefox\cs\Config.xml (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\shopperreports3\Firefox\cs\db\Aliases.dbs (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\shopperreports3\Firefox\cs\db\Sites.dbs (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\shopperreports3\Firefox\cs\dwld\whitelist.xip (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\shopperreports3\Firefox\cs\report\aggr_storage.xml (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\shopperreports3\Firefox\cs\report\send_storage.xml (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\shopperreports3\Firefox\cs\res1\whitelist.dbs (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\shopperreports3\IE\cs\Config.xml (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\shopperreports3\IE\cs\db\Aliases.dbs (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\shopperreports3\IE\cs\db\Sites.dbs (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\shopperreports3\IE\cs\dwld\whitelist.xip (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\shopperreports3\IE\cs\report\aggr_storage.xml (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\shopperreports3\IE\cs\report\send_storage.xml (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\shopperreports3\IE\cs\res1\whitelist.dbs (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\program files\clickpotatolite\bin\10.0.659.0\firefox\extensions\install.rdf (Adware.ClickPotato) -> Quarantined and deleted successfully.
    c:\program files\shopperreports3\bin\3.1.22.0\link.ico (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\program files\shopperreports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\chrome.manifest (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\program files\shopperreports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\install.rdf (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\program files\shopperreports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\chrome\content\infopane.js (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\program files\shopperreports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\chrome\content\InfoPane.xul (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\program files\shopperreports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\components\BRNstFF.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\program files\shopperreports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\components\BRNstFF.xpt (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\program files\shopperreports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\components\browserextensionff.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\program files\shopperreports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\components\browserextensionff.xpt (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\documents and settings\all users\menu démarrer\programmes\clickpotato\About Us.lnk (Adware.ClickPotato) -> Quarantined and deleted successfully.
    c:\documents and settings\all users\menu démarrer\programmes\clickpotato\clickpotato customer support.lnk (Adware.ClickPotato) -> Quarantined and deleted successfully.
    c:\documents and settings\all users\menu démarrer\programmes\clickpotato\clickpotato uninstall instructions.lnk (Adware.ClickPotato) -> Quarantined and deleted successfully.
    c:\documents and settings\all users\menu démarrer\programmes\shopperreports\About Us.lnk (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\documents and settings\all users\menu démarrer\programmes\shopperreports\customer support.lnk (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\documents and settings\all users\menu démarrer\programmes\shopperreports\shopperreports uninstall instructions.lnk (Adware.ShopperReports) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\cache (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\cmhost.cyp (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\confmedia.cyp (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather.cfg (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\host.cyp (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\user.cyp (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\eoweather.cfg (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\eoweatherval_02ec282.cfg (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_classic\67_day.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_classic\67_night.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_classic\69_day.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_classic\69_night.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_classic\70_day.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_classic\70_night.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_classic\78_day.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_classic\78_night.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_classic\82_day.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_classic\82_night.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_classic\83_day.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_classic\83_night.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_classic\84_day.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_classic\84_night.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_classic\85_day.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_classic\85_night.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_classic\89_day.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_classic\89_night.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_classic\back.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_classic\background.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_classic\background_1.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_classic\background_1days.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_classic\background_2days.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_classic\background_7days.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_classic\backpressed.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_classic\band.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_classic\band_small.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_classic\close.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_classic\closepressed.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_classic\dayprevisionbackground.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_classic\dayprevisionclose.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_classic\earth.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_classic\fonds_écran.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_classic\help.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_classic\helppressed.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_classic\minimise.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_classic\minimisepressed.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_classic\next.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_classic\nextpressed.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_classic\option.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_classic\optionpressed.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_classic\reflet_ecran.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_classic\small_background.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_classic\Thumbs.db (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_station_meteo\67_day.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_station_meteo\67_night.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_station_meteo\69_day.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_station_meteo\69_night.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_station_meteo\70_day.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_station_meteo\70_night.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_station_meteo\78_day.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_station_meteo\78_night.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_station_meteo\82_day.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_station_meteo\82_night.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_station_meteo\83_day.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_station_meteo\83_night.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_station_meteo\84_day.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_station_meteo\84_night.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_station_meteo\85_day.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_station_meteo\85_night.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_station_meteo\89_day.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_station_meteo\89_night.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_station_meteo\about.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_station_meteo\back.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_station_meteo\background.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_station_meteo\background_1.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_station_meteo\background_1days.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_station_meteo\background_2days.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_station_meteo\background_7days.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_station_meteo\backpressed.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_station_meteo\close.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_station_meteo\closepressed.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_station_meteo\dayprevisionbackground.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_station_meteo\dayprevisionclose.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_station_meteo\earth.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_station_meteo\fonds_écran.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_station_meteo\help.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_station_meteo\helppressed.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_station_meteo\minimise.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_station_meteo\minimisepressed.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_station_meteo\next.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_station_meteo\nextpressed.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_station_meteo\option.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_station_meteo\optionpressed.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_station_meteo\reflet_ecran.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_station_meteo\Thumbs.db (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\eoweather\images_station_meteo\txt_14x13.png (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\softwareupdate\unins000.dat (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\softwareupdate\unins000.exe (Adware.EoRezo) -> Quarantined and deleted successfully.
    c:\documents and settings\ChloÚ\application data\EoRezo\softwareupdate\user_profil.cyp (Adware.EoRezo) -> Quarantined and deleted successfully.
    0
  19. juju666 Messages postés 35446 Date d'inscription   Statut Contributeur sécurité Dernière intervention   4 796
     
    Y'a pas que du rogue ...

    Télécharge AdwCleaner ( d'Xplode ) sur ton bureau.
    Lance le, clique sur [Recherche] puis patiente le temps du scan.
    Une fois le scan fini, un rapport s'ouvrira. Poste moi son contenu dans ta prochaine réponse.

    Note : Le rapport est également sauvegardé sous C:\AdwCleaner[R1].txt

    Tutoriel : http://forums-fec.be/entraide/viewtopic.php?f=55&t=16
    0
  20. TomZanovich Messages postés 39 Date d'inscription   Statut Membre Dernière intervention  
     
    Ok, je vais faire. Mais avant, mon PC marchais très bien. Protection machin ne viendra plus, hein ?
    0
  21. TomZanovich Messages postés 39 Date d'inscription   Statut Membre Dernière intervention  
     
    # AdwCleaner v1.319 - Rapport créé le 21/11/2011 à 19:22:04
    # Mis à jour le 20/11/11 à 11h par Xplode
    # Système d'exploitation : Microsoft Windows XP Service Pack 2 (32 bits)
    # Nom d'utilisateur : ChloÚ - CHLOE (Administrateur)
    # Exécuté depuis : C:\Documents and Settings\ChloÚ\Mes documents\Téléchargements\adwcleaner.exe
    # Option [Recherche]

    ***** [Services] *****

    ***** [Fichiers / Dossiers] *****

    Dossier Présent : C:\Documents and Settings\All Users\Application Data\Babylon
    Dossier Présent : C:\Documents and Settings\ChloÚ\Application Data\Babylon
    Dossier Présent : C:\Documents and Settings\ChloÚ\Application Data\OfferBox
    Dossier Présent : C:\Documents and Settings\ChloÚ\Application Data\PriceGong
    Dossier Présent : C:\Documents and Settings\ChloÚ\Local Settings\Application Data\Babylon
    Dossier Présent : C:\Documents and Settings\ChloÚ\Local Settings\Application Data\Conduit
    Dossier Présent : C:\Documents and Settings\ChloÚ\Local Settings\Application Data\ConduitEngine
    Dossier Présent : C:\Program Files\Ask.com
    Dossier Présent : C:\Program Files\Conduit
    Dossier Présent : C:\Program Files\ConduitEngine
    Dossier Présent : C:\Documents and Settings\ChloÚ\Application Data\Mozilla\Firefox\Profiles\kcnlynwl.default\Conduit
    Dossier Présent : C:\Documents and Settings\ChloÚ\Application Data\Mozilla\Firefox\Profiles\kcnlynwl.default\ConduitEngine
    Dossier Présent : C:\Documents and Settings\ChloÚ\Application Data\Mozilla\Firefox\Profiles\kcnlynwl.default\extensions\engine@conduit.com
    Fichier Présent : C:\WINDOWS\system32\conduitEngine.tmp
    Fichier Présent : C:\Documents and Settings\ChloÚ\Application Data\Mozilla\Firefox\Profiles\kcnlynwl.default\searchplugins\Askcom.xml
    Fichier Présent : C:\Documents and Settings\ChloÚ\Application Data\Mozilla\Firefox\Profiles\kcnlynwl.default\searchplugins\Conduit.xml

    ***** [Registre] *****

    Clé Présente : HKCU\Toolbar
    Clé Présente : HKCU\Software\Conduit
    Clé Présente : HKCU\Software\conduitEngine
    Clé Présente : HKCU\Software\DataMngr
    Clé Présente : HKCU\Software\DataMngr_Toolbar
    Clé Présente : HKCU\Software\Offerbox
    Clé Présente : HKCU\Software\PriceGong
    Clé Présente : HKLM\SOFTWARE\Conduit
    Clé Présente : HKLM\SOFTWARE\conduitEngine
    Clé Présente : HKLM\SOFTWARE\DataMngr
    Clé Présente : HKLM\SOFTWARE\OpenCandy NSIS SDK
    Clé Présente : HKLM\SOFTWARE\Messenger Plus!\OpenCandy
    Clé Présente : HKLM\SOFTWARE\Classes\Conduit.Engine
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1}
    Clé Présente : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2796BAE63F1801E277261BA0D77770028F20EEE4
    0
  • 1
  • 2