Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

[RESOLU] Connecté à Internet mais surf impossible

alainj77

Par alainj77
dans Analyses et éradication malwares

 Partager

Messages recommandés

alainj77 Mega Power Member

alainj77

Posté(e)
Posté(e) (modifié)

Bonjour

 

C'est encore moi, je crois que je vais finir par me faire payer et partager avec vous.

Encore un cas bizarre sur le PC d'un ami, je ne sais pas si je poste dans le bon forum, mais si ce n'est pas le cas j'irai dans un autre. Cependant j'ai quand même un petit doute.

Bon d'après lui il n'a pas de virus, mais comme il a Avast j'en doute, il est connecté à Inernet via le Neuf et cependant avec IE impossible d'ouvrir une page. Pour m'assurer que cela ne vient pas de son FAI, j'ai ramené son PC chez moi, j'ai installé une nouvelle connexion sur Orange, j'ai passé Malwarebytes' Anti-Malware qui a trouvé 400 infections!! Je ne peux pas faire d'analyse de virus en ligne puisqu'il est impossible d'ouvrir aucune page web. Le PC paraît connecté, j'ai tenté une mise à jour d'Avast qui apparemment se fait normalement. J'ai donc installé Firefox pour être sûr que cela ne venait pas de IE, résultat identique.

 

Pensez vous que cela peut être un problème de virus ou de malware? Si oui je pourrais vous faire un rapport HJT et à tout hasard j'ai gardé celui de MBAM.

 

Merci d'avance de votre réponse très éclairée.

 

Alain

Modifié par alainj77

Berfizan Godlike Member

Berfizan

Posté(e)
Posté(e)

Bonjour

 

Que donnent les commandes suivantes :

 

( Je suppose que cela se passe sous XP )

 

Démarrer === exécuter === tu tapes cmd /k ping 192.168.1.1 puis clic sur ok

 

ensuite dans la même fenêtre :

 

ping www.orange.fr

 

ping 193.252.149.20

alainj77 Mega Power Member

alainj77

Posté(e)
  • Auteur
Posté(e)

Bonjour

Merci de ta réponse rapide.

Non c'est sous vista familiale premium, mais c'est pas grave, j'avais déja fait des pings hier qui marchaient très bien, je viens de faire ceux que tu demandes et aucun problème, aucune perte de paquets durée entre 56 et 60 millisecondes, moyenne 56 millisecondes.

alainj77 Mega Power Member

alainj77

Posté(e)
  • Auteur
Posté(e) (modifié)

Rien lol !

Juste celui de Windows

 

Edit :

J'ai oublié de te dire mais je n'ai pas pu installer la connexion orange a partir du CD "impossible d'obtenir une adresse IP".

Modifié par alainj77
Apollo Devil Member !

Apollo

Posté(e)
Posté(e) (modifié)

Bonjour,

 

Poste le rapport de MBAM stp.

 

Ensuite fais un nouveau log Hijackthis.

 

Télécharge HijackThisV2 sur ton bureau.

  • Double-clique sur HJTInstall.exe et suis les instructions d'installation.
  • Tu trouveras un tutoriel pour l'installation et la génération d'un rapport ici
  • Lance le, valide le message d'avertissement, puis clique sur Do a system scan and save a logfile.
  • A la fin de l'analyse, le bloc-notes va s'ouvrir. Copie-colle tout son contenu ici à la suite.
  • Poste le rapport généré sur le forum.

 

@++

 

EDIT:

Juste celui de Windows
Le pare-feu de Windows/Vista est acceptable. Un autre peut être installé à condition de désactiver celui embarqué. Modifié par Apollo
Berfizan Godlike Member

Berfizan

Posté(e)
Posté(e) (modifié)
Rien lol !

Juste celui de Windows

 

T'es sur qu'il n'y a pas un vieux reste de Norton qui traine là-dedans ?

 

Edit :

J'ai oublié de te dire mais je n'ai pas pu installer la connexion orange a partir du CD "impossible d'obtenir une adresse IP".

 

Tant mieux c'est une source d'ennuis

 

Il est connecté comment ce PC ? RJ45, Usb, Wifi ?

 

Mais bon, je laisse faire l'analyse en terme de sécurité ..( Je n'avais pas fait gaffe au forum où l'on se trouvait )

Modifié par Berfizan
alainj77 Mega Power Member

alainj77

Posté(e)
  • Auteur
Posté(e)

Bonjour Apollo

 

MBAM a été fait en analyse rapide mais déjà avec ce qu'il a trouvé je n'ai pas eu le courage de faire une analyse complète. Voilà le rapport

 

Malwarebytes' Anti-Malware 1.28

Version de la base de données: 1134

Windows 6.0.6001 Service Pack 1

 

14/10/2008 14:45:49

mbam-log-2008-10-14 (14-45-49).txt

 

Type de recherche: Examen rapide

Eléments examinés: 56287

Temps écoulé: 6 minute(s), 47 second(s)

 

Processus mémoire infecté(s): 2

Module(s) mémoire infecté(s): 3

Clé(s) du Registre infectée(s): 174

Valeur(s) du Registre infectée(s): 7

Elément(s) de données du Registre infecté(s): 5

Dossier(s) infecté(s): 58

Fichier(s) infecté(s): 197

 

Processus mémoire infecté(s):

C:\Program Files\MyWebSearch\bar\2.bin\M3SRCHMN.EXE (Adware.MyWebSearch) -> Unloaded process successfully.

C:\Program Files\MyWebSearch\bar\2.bin\MWSOEMON.EXE (Adware.MyWebSearch) -> Unloaded process successfully.

 

Module(s) mémoire infecté(s):

C:\Program Files\MyWebSearch\bar\2.bin\MWSOESTB.DLL (Adware.MyWebSearch) -> Delete on reboot.

C:\Program Files\MSN Messenger\msimg32.dll (Adware.MyWebSearch) -> Delete on reboot.

C:\Program Files\MyWebSearch\bar\2.bin\F3REPROX.DLL (Adware.MyWebSearch) -> Delete on reboot.

 

Clé(s) du Registre infectée(s):

HKEY_CLASSES_ROOT\TypeLib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\funwebproducts.datacontrol (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\TypeLib\{c8cecde3-1ae1-4c4a-ad82-6d5b00212144} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{17de5e5e-bfe3-4e83-8e1f-8755795359ec} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{1f52a5fa-a705-4415-b975-88503b291728} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{a626cdbd-3d13-4f78-b819-440a28d7e8fc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\funwebproducts.datacontrol.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\funwebproducts.historykillerscheduler (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\TypeLib\{8ca01f0e-987c-49c3-b852-2f1ac4a7094c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{1093995a-ba37-41d2-836e-091067c4ad17} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{120927bf-1700-43bc-810f-fab92549b390} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{247a115f-06c2-4fb3-967d-2d62d3cf4f0a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{3e53e2cb-86db-4a4a-8bd9-ffeb7a64df82} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{90449521-d834-4703-bb4e-d3aa44042ff8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{991aac62-b100-47ce-8b75-253965244f69} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{bbabdc90-f3d5-4801-863a-ee6ae529862d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{d6ff3684-ad3b-48eb-bbb4-b9e6c5a355c1} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{eb9e5c1c-b1f9-4c2b-be8a-27d6446fdaf8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{0f8ecf4f-3646-4c3a-8881-8e138ffcaf70} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{b813095c-81c0-4e40-aa14-67520372b987} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{c9d7be3e-141a-4c85-8cd6-32461f3df2c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{cff4ce82-3aa2-451f-9b77-7165605fb835} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\funwebproducts.historykillerscheduler.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\funwebproducts.historyswattercontrolbar (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\funwebproducts.historyswattercontrolbar.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\funwebproducts.htmlmenu (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\TypeLib\{e47caee0-deea-464a-9326-3f2801535a4d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{3e1656ed-f60e-4597-b6aa-b6a58e171495} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{98d9753d-d73b-42d5-8c85-4469cda897ab} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98d9753d-d73b-42d5-8c85-4469cda897ab} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\funwebproducts.htmlmenu.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\funwebproducts.htmlmenu.2 (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\funwebproducts.killerobjmanager (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\funwebproducts.killerobjmanager.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\funwebproducts.popswatterbarbutton (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\TypeLib\{8e6f1830-9607-4440-8530-13be7c4b1d14} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{63d0ed2b-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{63d0ed2d-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{8e6f1832-9607-4440-8530-13be7c4b1d14} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{a9571378-68a1-443d-b082-284f960c6d17} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\funwebproducts.popswatterbarbutton.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\funwebproducts.popswattersettingscontrol (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\funwebproducts.popswattersettingscontrol.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\mywebsearch.chatsessionplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\TypeLib\{e79dfbc0-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{72ee7f04-15bd-4845-a005-d6711144d86a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{e79dfbc9-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{e79dfbcb-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\mywebsearch.chatsessionplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\mywebsearch.htmlpanel (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\TypeLib\{3e720450-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{3e720451-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{3e720453-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{3e720452-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3e720452-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\mywebsearch.htmlpanel.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\mywebsearch.outlookaddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\mywebsearch.outlookaddin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\mywebsearch.pseudotransparentplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\TypeLib\{7473d290-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{7473d291-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{7473d293-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{7473d295-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{7473d297-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{7473d292-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{7473d296-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\mywebsearch.pseudotransparentplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\mywebsearchtoolbar.settingsplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\TypeLib\{07b18ea0-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{07b18eaa-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{07b18eac-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{f87d7fb5-9dc5-4c8c-b998-d8dfe02e2978} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{53ced2d0-5e9a-4761-9005-648404e6f7e5} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\mywebsearchtoolbar.settingsplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\mywebsearchtoolbar.toolbarplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\mywebsearchtoolbar.toolbarplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\screensavercontrol.screensaverinstaller (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\TypeLib\{29d67d3c-509a-4544-903f-c8c1b8236554} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{2e3537fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{938aa51a-996c-4884-98ce-80dd16a5c9da} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\screensavercontrol.screensaverinstaller.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{6e74766c-4d93-4cc0-96d1-47b8e07ff9ca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{967a494a-6aec-4555-9caf-fa6eb00acf91} (Rogue.PestPatrol) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{9692be2f-eb8f-49d9-a11c-c24c1ef734d5} (Rogue.PestPatrol) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{b6a3935f-8fe4-49a4-b987-a1c09e53589f} (Trojan.FakeAlert) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{bd5258af-20ae-4bd3-b748-b2851aca7335} (Adware.Seekmo) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{de38c398-b328-4f4c-a3ad-1b5e4ed93477} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25e} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25f} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{ef94a58f-599b-4602-9c34-99683c5859b1} (Trojan.FakeAlert) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{00a6faf6-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{84da4fdf-a1cf-4195-8688-3e961f505983} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{9afb8248-617f-460d-9366-d71cdeda3179} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{adb01e81-3c79-4272-a0f1-7b2be7a782dc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{d9fffb27-d62a-4d64-8cec-1ff006528805} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\TypeLib\{0d26bc71-a633-4e71-ad31-eadc3a1b6a3a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Typelib\{cdc0999c-999c-4ee1-875b-5c3542641768} (Trojan.FakeAlert) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Typelib\{f42228fb-e84e-479e-b922-fbbd096e792c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Typelib\{995e885e-3ff5-4f66-a107-8bfb3a0f8f12} (Adware.Seekmo) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Typelib\{fbb40fdf-b715-4342-ab82-244ecc66e979} (Adware.Seekmo) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\AppID\{40b2127e-cc18-37d0-43ca-afa158c64001} (Adware.BHO) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\AppID\{4a40e8fc-c7e4-4f57-9fa4-85dd77402897} (Adware.Seekmo) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{914a8f99-38e4-47ec-b875-2b0653516030} (Adware.Seekmo) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1f158a1e-a687-4a11-9679-b3ac64b86a1c} (Adware.Seekmo) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{e313f5dc-cfe7-4568-84a4-c76653547571} (Adware.Seekmo) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5f90c0e3-4c0a-4d54-a8ac-5afe6163a99e} (Adware.Starware) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{914a8f99-38e4-47ec-b875-2b0653516030} (Adware.Seekmo) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\webmediaplayer (Adware.EGDAccess) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\browsingenhancer (Adware.PlayMP3Z-biz) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\playmp3 (Adware.PlayMP3Z) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\AppID\BrowsingEnhancer.DLL (Adware.Agent) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\BrowsingEnhancer (Adware.Agent) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\seekmosa (Adware.Seekmo) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Spyware-Secure (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Spyware-Secure (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWay) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\iVideo (Trojan.DNSChanger) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\iVideo (Trojan.DNSChanger) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\iVideo (Trojan.DNSChanger) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\MediaHoldings (Adware.PlayMP3Z) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Mirar (Adware.Mirar) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\PlayMP3 (Adware.PlayMP3Z) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\MySearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\MS Juan (Trojan.Vundo) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\SecuriSoft SARL (Trojan.FakeAlert) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\EZVideo (Trojan.DNSChanger) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\EZVideo (Trojan.DNSChanger) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\EZVideo (Trojan.DNSChanger) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Security Tools (Trojan.Zlob) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> Quarantined and deleted successfully.

 

Valeur(s) du Registre infectée(s):

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\my web search bar search scope monitor (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mywebsearch email plugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mywebsearch email plugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources\f3PopularScreensavers (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.

 

Elément(s) de données du Registre infecté(s):

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyComputer (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.114.4 85.255.112.73 -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.114.4 85.255.112.73 -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.114.4 85.255.112.73 -> Quarantined and deleted successfully.

 

Dossier(s) infecté(s):

C:\Program Files\MyWebSearch (Adware.MyWebSearch) -> Delete on reboot.

C:\Program Files\MyWebSearch\bar (Adware.MyWebSearch) -> Delete on reboot.

C:\Program Files\MyWebSearch\bar\1.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\2.bin (Adware.MyWebSearch) -> Delete on reboot.

C:\Program Files\MyWebSearch\bar\Avatar (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Cache (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Game (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\History (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\icons (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Message (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Notifier (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Settings (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\SrchAstt (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\SrchAstt\1.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\SrchAstt\2.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\FunWebProducts\ScreenSaver (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\FunWebProducts\ScreenSaver\Images (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\FunWebProducts\Shared (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\FunWebProducts\Shared\Cache (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\Instant Access (Adware.EGDAccess) -> Quarantined and deleted successfully.

C:\Program Files\WebMediaPlayer (Adware.EGDAccess) -> Quarantined and deleted successfully.

C:\Program Files\WebMediaPlayer\resources (Adware.EGDAccess) -> Quarantined and deleted successfully.

C:\Program Files\WebMediaPlayer\skins (Adware.EGDAccess) -> Quarantined and deleted successfully.

C:\Program Files\WebMediaPlayer\updates (Adware.EGDAccess) -> Quarantined and deleted successfully.

C:\Program Files\EZVideo (Trojan.DNSChanger) -> Quarantined and deleted successfully.

C:\Program Files\iVideo (Trojan.DNSChanger) -> Quarantined and deleted successfully.

C:\Program Files\MySearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MySearch\bar (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MySearch\bar\History (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MySearch\bar\Settings (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\BrowsingEnhancer (Adware.PlayMP3Z-biz) -> Quarantined and deleted successfully.

C:\Program Files\PlayMP3z (Adware.PlayMP3Z) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\help (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\help\help_Full_FR (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\help\help_Full_FR\images (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\help\help_Full_FR\images\FR (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\help\help_Full_FR\rubs (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\help\help_Trial_FR (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\help\help_Trial_FR\images (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\help\help_Trial_FR\images\FR (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\help\help_Trial_FR\rubs (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\Quarantine (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\resources (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\Temp (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Windows\System32\netrax05 (Trojan.Agent) -> Quarantined and deleted successfully.

C:\Windows\System32\modtrux18 (Trojan.Agent) -> Quarantined and deleted successfully.

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EZVideo (Trojan.DNSChanger) -> Quarantined and deleted successfully.

C:\Users\gcoquillard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EZVideo (Trojan.DNSChanger) -> Quarantined and deleted successfully.

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayMP3z (Adware.PlayMP3Z) -> Quarantined and deleted successfully.

C:\Users\gcoquillard\AppData\Roaming\Seekmo (Adware.Agent) -> Delete on reboot.

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware-Secure (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Users\gcoquillard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spyware-Secure (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\ProgramData\SecuriSoft SARL (Rogue.WinSpywareProtect) -> Delete on reboot.

C:\ProgramData\SecuriSoft SARL\WinSpywareProtect (Rogue.WinSpywareProtect) -> Quarantined and deleted successfully.

C:\ProgramData\SeekmoSA (Adware.Seekmo) -> Quarantined and deleted successfully.

C:\ProgramData\2ACA5CC3-0F83-453D-A079-1076FE1A8B65 (Adware.Seekmo) -> Quarantined and deleted successfully.

 

Fichier(s) infecté(s):

C:\Users\gcoquillard\Local Settings\Application Data\czgcptjff_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.

C:\Users\gcoquillard\Local Settings\Application Data\czgcptjff_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.

C:\Users\gcoquillard\Local Settings\Application Data\czgcptjff.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.

C:\Users\gcoquillard\Local Settings\Application Data\guagu_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.

C:\Users\gcoquillard\Local Settings\Application Data\guagu_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.

C:\Users\gcoquillard\Local Settings\Application Data\guagu.dat (Adware.Navipromo.H) -> Delete on reboot.

C:\Users\gcoquillard\Local Settings\Application Data\guagu.exe (Adware.Navipromo.H) -> Delete on reboot.

C:\Program Files\MyWebSearch\bar\2.bin\MWSOESTB.DLL (Adware.MyWebSearch) -> Delete on reboot.

C:\Program Files\MyWebSearch\bar\2.bin\M3SRCHMN.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MSN Messenger\msimg32.dll (Adware.MyWebSearch) -> Delete on reboot.

C:\Program Files\MyWebSearch\bar\2.bin\F3REPROX.DLL (Adware.MyWebSearch) -> Delete on reboot.

C:\Program Files\MyWebSearch\bar\2.bin\MWSOEMON.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\2.bin\F3DTACTL.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\2.bin\F3HISTSW.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\2.bin\F3HTMLMU.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\2.bin\F3POPSWT.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\2.bin\M3MSG.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\2.bin\M3HTML.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\2.bin\M3SKIN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\2.bin\MWSBAR.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\2.bin\F3SCRCTR.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\SrchAstt\2.bin\MWSSRCAS.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\2.bin\F3CJPEG.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\2.bin\F3HTTPCT.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\2.bin\MWSOEPLG.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Windows\System32\f3PSSavr.scr (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\Internet Explorer\msimg32.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\1.bin\MWSOESTB.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\2.bin\F3BKGERR.JPG (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\2.bin\F3IMSTUB.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\2.bin\F3PSSAVR.SCR (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\2.bin\F3RESTUB.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\2.bin\F3SCHMON.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\2.bin\F3SPACER.WMV (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\2.bin\F3WALLPP.DAT (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\2.bin\F3WPHOOK.DLL.xpx (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\2.bin\FWPBUDDY.PNG (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\2.bin\M3FFXTBR.JAR (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\2.bin\M3FFXTBR.MANIFEST (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\2.bin\M3HIGHIN.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\2.bin\M3IDLE.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\2.bin\M3IMPIPE.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\2.bin\M3MEDINT.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\2.bin\M3NTSTBR.JAR (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\2.bin\M3NTSTBR.MANIFEST (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\2.bin\M3PLUGIN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\2.bin\M3SKPLAY.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\2.bin\M3SLSRCH.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\2.bin\NPMYWEBS.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Avatar\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Cache\000E1E32 (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Cache\000E3043 (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Cache\0025C4A3.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Cache\0025C7B1.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Cache\0025C937.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Cache\0194C1AD.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Cache\0194EB2E.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Cache\files.ini (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Game\CHECKERS.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Game\CHESS.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Game\REVERSI.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\History\search2 (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\icons\CM.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\icons\MFC.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\icons\PSS.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\icons\SMILEY.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\icons\WB.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\icons\ZWINKY.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Message\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Notifier\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Notifier\DOG.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Notifier\FISH.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Notifier\KUNGFU.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Notifier\LIFEGARD.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Notifier\MAID.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Notifier\MAILBOX.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Notifier\OPERA.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Notifier\ROBOT.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Notifier\SEDUCT.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Notifier\SURFER.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Settings\prevcfg2.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\FunWebProducts\Shared\Cache\CursorManiaBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\FunWebProducts\Shared\Cache\SmileyCentralBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\WebMediaPlayer\Conditions générales.url (Adware.EGDAccess) -> Quarantined and deleted successfully.

C:\Program Files\WebMediaPlayer\Confidentialité.url (Adware.EGDAccess) -> Quarantined and deleted successfully.

C:\Program Files\WebMediaPlayer\sqlite3.dll (Adware.EGDAccess) -> Quarantined and deleted successfully.

C:\Program Files\WebMediaPlayer\uninst.exe (Adware.EGDAccess) -> Quarantined and deleted successfully.

C:\Program Files\WebMediaPlayer\Website.url (Adware.EGDAccess) -> Quarantined and deleted successfully.

C:\Program Files\WebMediaPlayer\resources\languages_v2.xml (Adware.EGDAccess) -> Quarantined and deleted successfully.

C:\Program Files\WebMediaPlayer\resources\webmedias (Adware.EGDAccess) -> Quarantined and deleted successfully.

C:\Program Files\WebMediaPlayer\skins\classic.skn (Adware.EGDAccess) -> Quarantined and deleted successfully.

C:\Program Files\EZVideo\Uninstall.exe (Trojan.DNSChanger) -> Quarantined and deleted successfully.

C:\Program Files\iVideo\Uninstall.exe (Trojan.DNSChanger) -> Quarantined and deleted successfully.

C:\Program Files\MySearch\bar\History\search (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\BrowsingEnhancer\BrowsingEnhancer.dat (Adware.PlayMP3Z-biz) -> Quarantined and deleted successfully.

C:\Program Files\BrowsingEnhancer\pcre3.dll (Adware.PlayMP3Z-biz) -> Quarantined and deleted successfully.

C:\Program Files\BrowsingEnhancer\uninstall.exe (Adware.PlayMP3Z-biz) -> Quarantined and deleted successfully.

C:\Program Files\PlayMP3z\uninstall.exe (Adware.PlayMP3Z) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\config.s3db (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\Gfx_fr.bin (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\guid (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\language (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\Launcher.exe (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\nbmw (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\quarantine.s3db (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\serial (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\skin (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\Spyware-Secure.url (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\sqlite3.dll (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\uninst.exe (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\unrar.dll (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\help\help_Full_FR.zip (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\help\help_Trial_FR.zip (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\help\help_Full_FR\explo_intro.htm (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\help\help_Full_FR\explo_menu.htm (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\help\help_Full_FR\file.gif (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\help\help_Full_FR\folder.gif (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\help\help_Full_FR\folder_f.gif (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\help\help_Full_FR\folder_o.gif (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\help\help_Full_FR\index.htm (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\help\help_Full_FR\menu3.js (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\help\help_Full_FR\spy.gif (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\help\help_Full_FR\trait_coud.gif (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\help\help_Full_FR\trait_droit.gif (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\help\help_Full_FR\trait_vert.gif (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\help\help_Full_FR\images\fleche.gif (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\help\help_Full_FR\images\folder.gif (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\help\help_Full_FR\images\key.gif (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\help\help_Full_FR\images\menu.gif (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\help\help_Full_FR\images\support.gif (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\help\help_Full_FR\images\title-hepfile.gif (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\help\help_Full_FR\images\FR\dowload-file-antispyware.gif (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\help\help_Full_FR\images\FR\menu.gif (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\help\help_Full_FR\images\FR\scstep2.gif (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\help\help_Full_FR\rubs\3differentscan.htm (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\help\help_Full_FR\rubs\contactus.htm (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\help\help_Full_FR\rubs\found-objects.htm (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\help\help_Full_FR\rubs\lexic.htm (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\help\help_Full_FR\rubs\navigtabs.htm (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\help\help_Full_FR\rubs\quarantine.htm (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\help\help_Trial_FR\explo_intro.htm (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\help\help_Trial_FR\explo_menu.htm (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\help\help_Trial_FR\file.gif (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\help\help_Trial_FR\folder.gif (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\help\help_Trial_FR\folder_f.gif (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\help\help_Trial_FR\folder_o.gif (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\help\help_Trial_FR\index.htm (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\help\help_Trial_FR\menu3.js (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\help\help_Trial_FR\spy.gif (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\help\help_Trial_FR\trait_coud.gif (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\help\help_Trial_FR\trait_droit.gif (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\help\help_Trial_FR\trait_vert.gif (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\help\help_Trial_FR\images\fleche.gif (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\help\help_Trial_FR\images\folder.gif (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\help\help_Trial_FR\images\key.gif (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\help\help_Trial_FR\images\menu.gif (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\help\help_Trial_FR\images\support.gif (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\help\help_Trial_FR\images\title-hepfile.gif (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\help\help_Trial_FR\images\FR\dowload-file-antispyware.gif (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\help\help_Trial_FR\images\FR\menu.gif (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\help\help_Trial_FR\images\FR\scstep2.gif (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\help\help_Trial_FR\rubs\3differentscan.htm (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\help\help_Trial_FR\rubs\contactus.htm (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\help\help_Trial_FR\rubs\found-objects.htm (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\help\help_Trial_FR\rubs\lexic.htm (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\help\help_Trial_FR\rubs\navigtabs.htm (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\help\help_Trial_FR\rubs\quarantine.htm (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\help\help_Trial_FR\rubs\register.htm (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\resources\cookies_1-12.dat (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\resources\filesDesc_1-10.dic (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\resources\filesDesc_1-11.dic (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\resources\filesDesc_1-12.dat (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\resources\filesDesc_1-12.dic (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\resources\filesExt_1-12.dat (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\resources\filesMulti_1-12.idx (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\resources\filesSimple_1-12.idx (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\resources\malwaresDB_1-10 (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\resources\malwaresDB_1-11 (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\resources\malwaresDB_1-12 (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\resources\register_1-12.dat (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\resources\trad_demo_EN.txt (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\resources\trad_demo_ES.txt (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\Program Files\Spyware-Secure\resources\trad_demo_FR.txt (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EZVideo\Uninstall.lnk (Trojan.DNSChanger) -> Quarantined and deleted successfully.

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware-Secure\Uninstall.lnk (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware-Secure\Website.lnk (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

C:\ProgramData\SeekmoSA\SeekmoSA.dat (Adware.Seekmo) -> Quarantined and deleted successfully.

C:\ProgramData\SeekmoSA\SeekmoSAAbout.mht (Adware.Seekmo) -> Quarantined and deleted successfully.

C:\ProgramData\SeekmoSA\SeekmoSAau.dat (Adware.Seekmo) -> Quarantined and deleted successfully.

C:\ProgramData\SeekmoSA\SeekmoSAEULA.mht (Adware.Seekmo) -> Quarantined and deleted successfully.

C:\ProgramData\SeekmoSA\SeekmoSA_kyf.dat (Adware.Seekmo) -> Quarantined and deleted successfully.

C:\Windows\System32\pac.txt (Malware.Trace) -> Quarantined and deleted successfully.

C:\Windows\rs.txt (Malware.Trace) -> Quarantined and deleted successfully.

C:\Windows\System32\nvs2.inf (Adware.EGDAccess) -> Quarantined and deleted successfully.

 

 

Et le HJT que je viens de faire en faisant exécuter en tant qu'admin sinon il génère un pb sur le fichier hosts

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 09:30:24, on 15/10/2008

Platform: Windows Vista SP1 (WinNT 6.00.1905)

MSIE: Internet Explorer v7.00 (7.00.6001.18000)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Windows\RtHDVCpl.exe

C:\Program Files\Lexmark 2500 Series\lxddmon.exe

C:\Program Files\Lexmark 2500 Series\lxddamon.exe

C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe

C:\Program Files\Alwil Software\Avast4\ashDisp.exe

C:\Windows\System32\wpcumi.exe

C:\Program Files\Omni\OmniMouse Driver\4.06\Mouse32A.exe

C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe

C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\DialMessenger\dialmessenger.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\MSN Messenger\msnmsgr.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe

C:\Program Files\Neuf\Media Center\MediaCenter.exe

C:\Program Files\BVRP Connection Manager\Nomad.exe

C:\Windows\ehome\ehmsas.exe

C:\Windows\System32\rundll32.exe

C:\Windows\system32\conime.exe

C:\Windows\explorer.exe

C:\Windows\system32\Taskmgr.exe

C:\HJT\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://format.packardbell.com/cgi-bin/redi...amp;key=IESTART

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://format.packardbell.com/cgi-bin/redi...amp;key=IESTART

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.emjysoft.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)

O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll

O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"

O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"

O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe

O4 - HKLM\..\Run: [lxddmon.exe] "C:\Program Files\Lexmark 2500 Series\lxddmon.exe"

O4 - HKLM\..\Run: [lxddamon] "C:\Program Files\Lexmark 2500 Series\lxddamon.exe"

O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s

O4 - HKLM\..\Run: [LXDDCATS] rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\LXDDtime.dll,_RunDLLEntry@16

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [WPCUMI] C:\Windows\system32\WpcUmi.exe

O4 - HKLM\..\Run: [Error 1] "C:\ProgramData\fiveitchitch.kp2i0"

O4 - HKLM\..\Run: [CAMP SHIM EXIT HECK] "C:\ProgramData\thunk boob up.vxeezgd"

O4 - HKLM\..\Run: [LWBMOUSE] C:\Program Files\Omni\OmniMouse Driver\4.06\MOUSE32A.EXE

O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"

O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript

O4 - HKCU\..\Run: [smpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [DialMessenger] "C:\Program Files\DialMessenger\dialmessenger.exe" -background

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden

O4 - HKCU\..\Run: [Error 1] "C:\ProgramData\fiveitchitch.71nz1dn"

O4 - HKCU\..\Run: [Neuf Media Center] "C:\Program Files\Neuf\Media Center\MediaCenter.exe"

O4 - HKCU\..\Run: [Connection Manager] "C:\Program Files\BVRP Connection Manager\Nomad.exe" /runstart

O4 - HKCU\..\Run: [guagu] "c:\users\gcoquillard\appdata\local\guagu.exe" guagu

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-19\..\Run: [Connection Manager] "C:\Program Files\BVRP Connection Manager\Nomad.exe" /runstart (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [Connection Manager] "C:\Program Files\BVRP Connection Manager\Nomad.exe" /runstart (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [Connection Manager] "C:\Program Files\BVRP Connection Manager\Nomad.exe" /runstart (User 'Default user')

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

O4 - Global Startup: OFFICE One Startup v7.lnk = ?

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)

O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

O13 - Gopher Prefix:

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll

O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/sit...b?1221979906436

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1221649395589

O16 - DPF: {CC05BC12-2AA2-4AC7-AC81-0E40F83B1ADF} (Live365Player Class) - http://www.live365.com/players/play365.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{62F5D47A-596E-462F-9B59-5F93D1D703A3}: NameServer = 80.10.246.2,80.10.246.129

O17 - HKLM\System\CCS\Services\Tcpip\..\{ABB67AA7-D1CA-44B2-ABC8-B1676A936CB4}: NameServer = 80.118.91.100,80.118.196.36

O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL

O23 - Service: Acronis OS Selector Reinstall Service (AcronisOSSReinstallSvc) - Unknown owner - C:\Program Files\Common Files\Acronis\Partition Suite\oss_reinstall_svc.exe (file missing)

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe

O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe

O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe

O23 - Service: Validation de mot de passe Symantec IS (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe

O23 - Service: lxdd_device - - C:\Windows\system32\lxddcoms.exe

O23 - Service: Connection Manager (Nomad) - Unknown owner - C:\Program Files\BVRP Connection Manager\NomadSvr.exe

O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

O23 - Service: UPnPService - Magix AG - C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe

 

--

End of file - 12364 bytes

alainj77 Mega Power Member

alainj77

Posté(e)
  • Auteur
Posté(e)

Re Berfizan

 

Ben c'est un Packard Bell donc y a des reste de pas mal de chose j'ai l'impression. Même AOL qui se lançait automatiquement, mais que j'ai réussi à virer.

 

Pour Oraange ça se passe bien si on installe juste le dongle et la connexion et pas leur lanceur. Je l'ai fait sur le PC d'ou je suis connecté et je n'ai pas de pb. Mais bon c'est pas grave puisque les 2 sont connectés.

Apollo Devil Member !

Apollo

Posté(e)
Posté(e)

Salut à vous deux,

 

Pour les soucis hors sécurité, tu pourras aller retrouver Berzifan sur la partie des forums adéquate plus tard. :P

 

MBAM a été fait en analyse rapide mais déjà avec ce qu'il a trouvé je n'ai pas eu le courage de faire une analyse complète

 

Il faudra peut-être la faire quand-même mais je vais d'abord vérifier le log hijackthis.

 

Je reviens juste après.

 

@++

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...