Téléchargement
illégal
Posez votre question Signaler

Virus security tool [Résolu]

michel - Dernière réponse le 30 oct. 2010 à 17:15
Bonjour,
Depuis quelques jours j'ai un message securité tool qui m'empêche d'aller sur internet,que faire?windows xp
Lire la suite 

Virus security tool »

Suggestions
Plus
91 réponses
Réponse
+1
moins plus
crapoulou 33375Messages postés 28 novembre 2007Date d'inscription ModérateurStatut 28 avril 2012Dernière intervention 26 sept. 2010 à 17:25
Salut,

On va regarder cela ensembles.

Télécharge ZHPDiag sur ton bureau :

= = = = =>>>En cliquant ici <<<= = = = = =

Une fois le téléchargement achevé, double clique sur ZHPDiag.exe et suis les instructions pour l'installer.
N'oublie pas de cocher la case qui permet de mettre un raccourci sur le Bureau.

Double clique sur le raccourci ZHPDiag sur ton Bureau pour le lancer ou lance le automatiquement lors de la fin de l'installation.

/!\ L'outil crée 2 icônes ZHPDiag et ZHPFix /!\

Si une fenêtre de licencs SigCheck s'ouvre... accepte, si tu as un parefeu qui demande si SigCheck tente de se connecter à internet, accepte également.

Clique sur le tournevis en haut à droite de ZHPDiag et clique sur "Tous" pour cocher toutes les cases.
Clique sur la loupe pour lancer l'analyse.
Laisse l'outil travailler, il peut être assez long, c'est normal.
Enregistre le rapport (icône de la Disquette) sur ton PC (repère où tu l'as enregistré).
Ferme ZHPDiag en fin d'analyse.

Pour transmettre le rapport clique sur ce lien :
http://www.cijoint.fr/
Clique sur Parcourir et cherche le répertoire où est installé ZHPDiag (en général C:\Program Files\ZHPDiag).
Sélectionne le fichier ZHPDiag.txt.
Clique sur "Cliquez ici pour déposer le fichier".

Un lien de cette forme :
http://www.cijoint.fr/cjlink.php?file=cj200905/cijSKAP5fU.txt
est ajouté dans la page. Copie ce lien dans ta réponse.

Aide en images pour poster un rapport sur cijoint.

Ajouter un commentaire - Site web
Afficher les 5 commentaires
michel - 27 sept. 2010 à 07:35
Les fichiers avec l'extension ne peuvent pas être déposés !
Charles03410 - 18 oct. 2010 à 19:17
http://www.cijoint.fr/cjlink.php?file=cj201010/cijQjQuGnS.txt

voila pour moi ! en attendant une réponse dans les plus bref délais merci
crapoulou- 18 oct. 2010 à 20:01
Charles03410,

Merci de créer votre propre message sur le forum afin d'obtenir une aide personnalisée :

http://sd-1.archive-host.com/...

Crapoulou, Modérateur CCM.
Ajouter un commentaire
Réponse
+2
moins plus
crapoulou 33375Messages postés 28 novembre 2007Date d'inscription ModérateurStatut 28 avril 2012Dernière intervention 26 sept. 2010 à 19:40
Travaille en mode sans échec avec prise en charge réseau.

Pour redémarrer en mode sans échec :

/!\ Ne jamais démarrer en mode sans échec via MSCONFIG /!\

* Clique sur Démarrer
* Clique sur Arrêter
* Sélectionne Redémarrer et au redémarrage
* Appuie sur la touche F8 ou F5 selon ta machine sans discontinuer "1 appuis seconde" dès qu'un écran de texte apparaît puis disparaît
* Utilise les touches de direction pour sélectionner mode sans échec avec prise en charge réseau
* Puis appuis sur ENTRÉE
* Il faudra choisir ta session habituelle, pas le compte "Administrateur" ou une autre.
* Une fois démarré ne t'inquiète pas si les couleurs et les icônes ne sont pas comme d'habitude, c'est tout à fait normal.

Ajouter un commentaire - Site web
michel - 27 sept. 2010 à 12:53
Bonjour
Je suis arrivé désolé voici le lien
http://www.cijoint.fr/cjlink.php?file=cj201009/cijIRMCtvE.txt
Merci
Ajouter un commentaire
Réponse
+0
moins plus
crapoulou 33375Messages postés 28 novembre 2007Date d'inscription ModérateurStatut 28 avril 2012Dernière intervention 26 sept. 2010 à 22:05
michel, regarde l'aide en images pour uploader le rapport sur cijoint :
http://sd-1.archive-host.com/membres/up/68979205412808752/CCM/cijoint.htm

Après avoir cliqué sur "Cliquez ici pour déposer le fichier", un lien bleu apparait juste au-dessus dudit bouton.
Copie-colle le moi.

Ajouter un commentaire - Site web
michel - 27 sept. 2010 à 07:44
Bonjour
Désolé tu vas croire que je suis idiot,j'ai fais comme tu m'as expliqué,Après avoir cliqué sur "Cliquez ici pour déposer le fichier"il y a soit "Les fichiers avec l'extension ne peuvent pas être déposés !soit vous n'avez pas déposé de fichier.
michel - 27 sept. 2010 à 12:58
voici le lien http://www.cijoint.fr/cjlink.php?file=cj201009/cijIRMCtvE.txt
merci
Ajouter un commentaire
Réponse
+3
moins plus
Jeff 15570Messages postés 17 mai 2000Date d'inscription ModérateurStatut 16 mai 2012Dernière intervention 27 sept. 2010 à 10:26
Il y a une fiche pratique prête à l'emploi ici :
http://www.commentcamarche.net/faq/24055-security-tool

Ajouter un commentaire - Site web
Afficher les 8 commentaires
Mstr- 27 sept. 2010 à 21:42
Lu crapoulou,

En ce moment même il y a des gens qui font mumuse avec des droppers sur les VM ! :D

Pour l'instant, il n'y a que des suspicions sur les vecteurs d'infection..

Au moins, le moyen de le virer à quasiment 100% a rapidement été trouvé, c'est déjà ça.. :D

Les infos tourneront dés qu'on en saura un peu plus !

A pluche !
crapoulou- 27 sept. 2010 à 21:55
Ok.
Fais tourner les droppers également stp.
Merci.
++.
Mstr- 27 sept. 2010 à 22:18
Re,

Les droppers sont sur WT, si tu n'y est pas, je t'enverrais les liens en MP..!

A pluche
Ajouter un commentaire
Réponse
+0
moins plus
crapoulou 33375Messages postés 28 novembre 2007Date d'inscription ModérateurStatut 28 avril 2012Dernière intervention 27 sept. 2010 à 13:23
Rends-toi à cette adresse :

http://www.bleepingcomputer.com/submit-malware.php?channel=12

Remplis le formulaire ainsi :

Link to topic where this file was requested:
=> Copie-colle l'adresse de cette discussion :
http://www.commentcamarche.net/forum/affich-19303713-virus-security-tool


Browse to the file you want to submit:
=> Sélectionne ce fichier :
C:\Documents And Settings\michel hager\Local Settings\Application Data\87244.exe

Leave any comments, further information about this file, or contact information:
=> Copie-colle ceci :
Security-Tool / Crapoulou

********

Fais de même avec ce fichier :
C:\Documents And Settings\michel hager\Local Settings\Application Data\938626.exe

Dis moi une fois que c'est fait.

Ajouter un commentaire - Site web
michel - 27 sept. 2010 à 14:07
oui c'est fait
S!Ri- 27 sept. 2010 à 14:22
Merci pour l'upload du fichier ;)
michel - 27 sept. 2010 à 17:10
Bonjour
Qu'es-que je dois faire?
Ajouter un commentaire
Réponse
+0
moins plus
crapoulou 33375Messages postés 28 novembre 2007Date d'inscription ModérateurStatut 28 avril 2012Dernière intervention 27 sept. 2010 à 21:23
Pas de quoi S!ri.

On va aller droit au but !
Il semblerait que chez toi, le rogue te laisse travailler.
Ainsi :

Suppression avec AD-R :

Télécharge AD-R (de C_XX ) sur ton bureau :
= = = =>>> En cliquant ici <<<= = = =

/!\ Déconnecte-toi et ferme toutes applications en cours, désactive ton antivirus le temps de la manipulation/!\

* Exécute AD-R.
* Au menu principal clique sur le bouton "Nettoyer".
* Poste le rapport qui apparaît à la fin.
(Le rapport est sauvegardé aussi sous Ad-Report-CLEAN[1].txt)

*********

Télécharge Malwarebytes' Anti-Malware
= = = = >>> En cliquant ici <<< = = = =

- Enregistre le sur le bureau
- Double clique sur le fichier téléchargé pour lancer le processus d'installation
- Lorsqu'il te le sera demandé, mets à jour Malwarebytes anti malware
- Si le pare-feu demande l'autorisation de se connecter pour malwarebytes, acceptes
- Une fois la mise à jour terminée, ferme Malwarebytes
- Double-clique sur l'icône de malwarebytes pour le relancer
- Dans l'onglet, Recherche, probablement ouvert par défaut,
- Sélectionne Exécuter un examen complet
- Clique sur Rechercher
- Le scan démarre
- A la fin de l'analyse, un message s'affiche : L'examen s'est terminé normalement. Cliquez sur `Afficher les résultats' pour afficher tous les objets trouvés.
- Clique sur Ok pour poursuivre.
- Si des malwares ont été détectés, cliques sur Afficher les résultats
- Sélectionnes tout (ou laisses cochés) et cliques sur Supprimer la sélection Malwarebytes va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
- Malwarebytes va ouvrir le bloc-notes et y copier le rapport d'analyse.
- Rends toi dans l'onglet rapport/log
- Tu clique dessus pour l'afficher.
- Une fois affiché, cliques sur édition en haut du bloc notes, et puis sur sélectionner tout
- Tu recliques sur édition et puis sur copier et tu reviens sur le forum et dans ta réponse
- Tu clique droit dans le cadre de la réponse et coller

Si tu as besoin d'aide regarde ce tutorial http://www.malekal.com/tutorial_MalwareBytes_AntiMalware.php

Ajouter un commentaire - Site web
Ajouter un commentaire
Réponse
-1
moins plus
noob 28 sept. 2010 à 10:33
J'ai trouvé un moyen assez simple de détruire cette saloperie :

Démarre ton ordi normalement, et avant que ne s'ouvre security tool tu ctrl alt supr > gestionnaire de taches > processus

Dans la liste il y a normalement un programme chiffré (du genre 06829101020.exe, je ne me rapelle pas combien de chiffres mais c'est a priori le seul qui a un nom comme ca). C'est security tool. Termine le processus, et tu es libre de télécharger malwarebyte pour t'en débarasser.

j'espere t'avoir aidé :)

 Ajouter un commentaire
michel - 28 sept. 2010 à 16:53
Bonjour
Merci noob pour l'info j'ai pu téléchargé malwarebyte,j'ai envoyé le rapport j'attends des infos pour continuer;Je ne sais pas quoi faire maintenant.
Merci beaucoup
noob - 29 sept. 2010 à 10:15
normalement malawarebyte te trouve les virus, tu fais "afficher rapport" puis tu supprime les elements selectionnés et hop !
Ajouter un commentaire
Réponse
+0
moins plus
michel 28 sept. 2010 à 14:05
Bonjour
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Version de la base de données: 4710

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

28/09/2010 14:01:47
mbam-log-2010-09-28 (14-01-47).txt

Type d'examen: Examen complet (C:\|D:\|)
Elément(s) analysé(s): 216031
Temps écoulé: 51 minute(s), 24 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 133
Valeur(s) du Registre infectée(s): 7
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 53
Fichier(s) infecté(s): 234

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\cntntcntr.cntntdic (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{148e1447-c728-48fd-beec-a7d06c5fff58} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{8ee46f55-1ce1-4db9-811a-68938ec7f3dd} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{a87dfd99-cf81-4241-85ce-881e0026b686} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{c96b9fae-a032-4100-bb47-32ef05e28be4} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{14113b47-d59c-4f0f-9d10-ff1730265584} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a9c42a57-421c-4572-8b12-249c59183d1c} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\cntntcntr.cntntdic.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\cntntcntr.cntntdisp (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\cntntcntr.cntntdisp.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\coresrv.coreservices (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{0729f461-8054-47dc-8d39-a31b61cc0119} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{40ca90f3-4098-4877-ae87-23eb612b18c7} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{4c3b62af-ca25-4fba-8405-32e44f83bb6f} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{5a635a91-c303-45c9-8db9-f759d98a3b9d} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7e335d04-2e6e-4d0e-a921-c3d9192e7121} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{99ccfb8c-6380-4a14-8fdd-ef3e7e95335d} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{b20d7add-989c-4bc0-a797-f6fe7998efd7} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{bfc20a15-b0ac-44cc-a25a-a7039014ba9f} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{f019aec4-4c95-46de-a107-e302473e3b9a} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2d00aa2a-69ef-487a-8a40-b3e27f07c91e} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{86c5840b-80c4-4c30-a655-37344a542009} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b0cb585f-3271-4e42-88d9-ae5c9330d554} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\coresrv.coreservices.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\coresrv.lfgax (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\coresrv.lfgax.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbcoresrv.dynamicprop (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbcoresrv.dynamicprop.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostol.mailanim (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{8292078f-f6e9-412b-8eb1-360c05c5ece5} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2447e305-5e90-42a8-bd1e-0bc333b807e1} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{50d2fdcc-2707-49cb-8223-7fe0424909aa} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{878ce013-7ba9-4650-a78c-b2234c0c1648} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a5b6fa30-d317-41ca-9cb1-c898d3c7f34e} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{cc19a5f2-b4ad-41d5-a5c9-0680904c1483} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostol.mailanim.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostol.webmailsend (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostol.webmailsend.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\seekmoax.clientdetector (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{85e5e8d1-0b63-4588-a5a0-b927a23f5f60} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{30b15818-e110-4527-9c05-46ace5a3460d} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{618aad04-921f-44c2-be38-c0818af69861} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{b5d2ed96-62f9-4c2c-956d-e425b1f67337} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{d3a412e8-1e4b-47d2-9b12-f88291f5afbb} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{90d9e343-d350-44ba-9329-1aa35b038657} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{90d9e343-d350-44ba-9329-1aa35b038657} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e8bdff85-f8c2-4281-8669-31253e646518} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{e8bdff85-f8c2-4281-8669-31253e646518} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\seekmoax.clientdetector.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\seekmoax.info (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\seekmoax.info.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\seekmoax.userprofiles (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\seekmoax.userprofiles.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.hbax (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{e343edfc-1e6c-4cb5-aa29-e9c922641c80} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{d8560ac2-21b5-4c1a-bdd4-bd12bc83b082} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{20ea9658-6bc3-4599-a87d-6371fe9295fc} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a16ad1e9-f69a-45af-9462-b1c286708842} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c9ccbb35-d123-4a31-affc-9b2933132116} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.hbax.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.hbinfoband (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.hbinfoband.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebutton (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebutton.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebuttona (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebuttona.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.rprtctrl (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.rprtctrl.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\srv.coreservices (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\srv.coreservices.1 (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\toolbar.htmlmenuui (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{c62a9e79-2b52-439b-af57-2e60bb06e86c} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{15fd8424-d12a-4c51-8c6c-d5d57b80f781} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{67b3becf-7b6f-42b2-99f0-f7656f89cffa} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{715ffd42-4e05-4eab-9513-c8daa5395ae2} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{759d6f7c-8d30-45b6-abea-fa51c190eed5} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{9a4a64a4-a2fb-48fa-9bba-1ac50267695d} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{62906e60-bce2-4e1b-9ed0-8b9042ee15e4} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{f9bfa98d-9935-4ea4-a05a-72c7f0778f02} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\toolbar.htmlmenuui.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\toolbar.toolbarctl (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\toolbar.toolbarctl.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2557dd3f-23a0-477c-bcd8-90fd0aecc4b8} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2893116c-a176-42b1-8794-da8c9fc45564} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3ceb04ab-08af-45f4-81b4-70d13c1f7b85} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{8ad9ad05-36be-4e40-ba62-5422eb0d02fb} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{99fdca0c-7380-4e9c-8d99-5dc4750334ef} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{a7213d71-47e1-4832-92d7-d61dfe9f231f} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{aebf09e2-0c15-43c8-99bf-928c645d98a0} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{b1d9f4b1-b9ff-463f-bf15-ab9cb26160f7} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{cf82f350-e1c4-4916-ac12-ba73db60afb7} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{d1063603-f045-475f-afbc-8cba7d5797fb} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{70880ce6-308c-4204-a89e-b266c3f7b7fa} (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8c788aa2-7530-43be-97b7-4d491f13bea3} (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{03d7ff6e-9781-40b5-bb7f-94291a361604} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{a57470de-14c7-4fcd-9d4c-e5711f24f0ed} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{cdc73256-a88d-4642-844e-a8f20b76789c} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{cdca70d8-c6a6-49ee-9bed-7429d6c477a2} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{d136987f-e1c4-4ccc-a220-893df03ec5df} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{90b8b761-df2b-48ac-bbe0-bcc03a819b3b} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{90b8b761-df2b-48ac-bbe0-bcc03a819b3b} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a078f691-9c07-4af2-bf43-35e79eecf8b7} (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{eddbb5ee-bb64-4bfc-9dbe-e7c85941335b} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{69725738-cd68-4f36-8d02-8c43722ee5da} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{a078f691-9c07-4af2-bf43-35e79eecf8b7} (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\shoppingreport (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\seekmoax.clientdetector (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\seekmoax.clientdetector.1 (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\seekmoax.info (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\seekmoax.info.1 (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\seekmoax.userprofiles (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\seekmoax.userprofiles.1 (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\egdhtml (Adware.EGDAccess) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\seekmo (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\seekmosa (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\ShoppingReport (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Winsudate (Adware.GibMedia) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\HostOL.MailAnim (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\Addins\HostOL.MailAnim (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\seekmosa (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\seekmo (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\ShoppingReport (Adware.ShopperReports) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\87244 (Malware.Packer.Gen) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\938626 (Malware.Packer.Gen) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\seekmosa (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{90b8b761-df2b-48ac-bbe0-bcc03a819b3b} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\extensions\seekmo@seekmo.com (Adware.SeekMo) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Documents and Settings\All Users\Application Data\2ACA5CC3-0F83-453D-A079-1076FE1A8B65 (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SeekmoSA (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\Weather (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\Weather\WeatherDPA (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\Weather\WeatherDPA\Weather_XML (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\Weather\Weather_XML (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\IESkins (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5 (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1 (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2 (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\dynamic (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\dynamic\ustat (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\dynamic\TooltipXML (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\HostOL (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\HostOL\dynamic (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\HostOL\static (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\HostOL\static\DownLoad (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\HostOL\static\1 (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\HostOL\static\2 (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\HostOI (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\HostOI\dynamic (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\ShoppingReport (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\ShoppingReport\cs (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\ShoppingReport\cs\dwld (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\ShoppingReport\cs\report (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\ShoppingReport\cs\db (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\ShoppingReport\cs\res1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\WeatherDPA (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files\Instant Access (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\Instant Access\Multi (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\Instant Access\Multi\20061129201137 (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\Instant Access\Multi\20061129201137\Common (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\Instant Access\Multi\20061129201137\medias (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\Instant Access\Multi\20061129201137\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\Instant Access\DesktopIcons (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\Instant Access\Center (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\Seekmo (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\Seekmo\bin (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\Seekmo\bin\11.0.96.0 (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\Seekmo\bin\11.0.96.0\firefox (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\Seekmo\bin\11.0.96.0\firefox\extensions (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\Seekmo\bin\11.0.96.0\firefox\extensions\components (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\Seekmo\bin\11.0.96.0\firefox\extensions\plugins (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\ShoppingReport (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Program Files\ShoppingReport\Bin (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Program Files\ShoppingReport\Bin\2.6.63 (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Program Files\ShoppingReport\Bin\2.6.71 (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Program Files\Winsudate (Adware.Gibmedia) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Seekmo (Adware.Seekmo) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Documents and Settings\michel hager\Local Settings\Application Data\87244.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Local Settings\Application Data\938626.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\Program Files\Seekmo\bin\11.0.96.0\SeekmoSA.exe (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Program Files\Seekmo\bin\11.0.96.0\CntntCntr.dll (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files\Seekmo\bin\11.0.96.0\CoreSrv.dll (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files\Seekmo\bin\11.0.96.0\HostOL.dll (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files\Seekmo\bin\11.0.96.0\SeekmoSAAX.dll (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files\ShoppingReport\Bin\2.6.71\ShoppingReport.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Program Files\Seekmo\bin\11.0.96.0\Toolbar.dll (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files\Seekmo\bin\11.0.96.0\Srv.exe (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files\Mozilla Firefox\plugins\npclntax_SeekmoSA.dll (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Program Files\ShoppingReport\Bin\2.6.63\ShoppingReport.dll (Adware.SmartShopper) -> Quarantined and deleted successfully.
C:\Program Files\Seekmo\bin\11.0.96.0\SeekmoUninstaller.exe (Adware.Zango) -> Quarantined and deleted successfully.
C:\Program Files\Seekmo\bin\11.0.96.0\WeSkin.dll (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files\Seekmo\bin\11.0.96.0\firefox\extensions\plugins\npclntax_SeekmoSA.dll (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Program Files\Winsudate\gibidl.dll (Adware.Gibmedia) -> Quarantined and deleted successfully.
C:\Program Files\Winsudate\gibupt.exe (Adware.Gibmedia) -> Quarantined and deleted successfully.
C:\Program Files\Winsudate\gibcom.dll (Adware.Gibmedia) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SeekmoSA\SeekmoSA_kyf.dat (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SeekmoSA\SeekmoSA.dat (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SeekmoSA\SeekmoSAAbout.mht (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SeekmoSA\SeekmoSAEula.mht (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SeekmoSA\SeekmoSAau.dat (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\Weather\WeatherStartup.xml (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\Weather\history (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\Weather\WeatherDPA\WeatherPreferences (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\Weather\WeatherDPA\Links (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\Weather\WeatherDPA\Weather_XML\Loading (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\Weather\WeatherDPA\Weather_XML\screen2 (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\Weather\WeatherDPA\Weather_XML\Display (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\Weather\Weather_XML\General (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\Weather\Weather_XML\Genera1 (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\Weather\Weather_XML\Default (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\Default_511745-514279.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\Default_Games.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\Default_Hide.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\Default_Hotmail.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\Default_Mails.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\Default_categorize.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\Default_comparison.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\Default_explorer-Mails.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\Default_explorer-people.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\Default_favorites.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\Default_hotbarcom.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\Default_hsskin.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\Default_new.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\Default_premium.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\Default_searchfor.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\Default_searchgo.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\Default_weather.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\Default_yellowpages.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\Top7_theweb.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\blackdomain.list (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\btntrans.idx (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\btntrans1.dat (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\buttondir.txt (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\components.cdf (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\cursors.res (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\d_icons_buttons_1000.res (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\d_icons_buttons_2000.res (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\d_icons_buttons_3000.res (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\d_icons_buttons_bar.res (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\d_icons_buttons_bbar1.res (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\d_icons_buttons_logos.res (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\d_icons_buttons_other.res (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\d_icons_weather.res (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\default.cdf (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\email-def-511724-548964.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\email-def-511724-9595.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\email-t1-bg.res (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\icons2.res (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\ie_games_icon.res (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\ie_video.res (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\keywords.idx (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\keywords1.dat (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\layout.cdf (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\linkpathlegal.txt (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\private_mode.res (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\privatemode.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\progress.res (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\s_icons_buttons.res (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\sales_buttons.res (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\seekmo.res (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\seekmo_ie_menu.res (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\t2_bg.res (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\theweb.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\top7.cdf (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\tsd_bg.res (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\1\weathericon.res (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\buttondir.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\samplegroups2.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\samplegroups2.txt (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\linkpathlegal.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\layout.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\d_icons_buttons_1000.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\d_icons_buttons_2000.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\d_icons_buttons_3000.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\d_icons_buttons_logos.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\d_icons_buttons_other.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\private_mode.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\blackdomain.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\weathericon.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\d_icons_weather.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\tsd_bg.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\t2_bg.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\s_icons_buttons.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\progress.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\d_icons_buttons_bar.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\d_icons_buttons_bbar1.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\sales_buttons.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\seekmo.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\ie_games_icon.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\ie_video.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\cursors.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\email-t1-bg.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\keywords.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\keywords1.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\BtnTrans.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\BtnTrans1.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\default.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\icons2.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\top7.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\DownLoad\seekmo_ie_menu.xip (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\Default_511745-514279.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\Default_Games.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\Default_Hide.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\Default_Hotmail.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\Default_Mails.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\Default_categorize.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\Default_comparison.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\Default_explorer-Mails.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\Default_explorer-people.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\Default_favorites.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\Default_hotbarcom.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\Default_hsskin.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\Default_new.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\Default_premium.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\Default_searchfor.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\Default_searchgo.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\Default_weather.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\Default_yellowpages.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\Top7_theweb.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\blackdomain.list (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\btntrans.idx (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\btntrans1.dat (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\buttondir.txt (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\components.cdf (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\cursors.res (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\d_icons_buttons_1000.res (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\d_icons_buttons_2000.res (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\d_icons_buttons_3000.res (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\d_icons_buttons_bar.res (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\d_icons_buttons_bbar1.res (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\d_icons_buttons_logos.res (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\d_icons_buttons_other.res (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\d_icons_weather.res (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\default.cdf (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\email-def-511724-548964.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\email-def-511724-9595.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\email-t1-bg.res (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\icons2.res (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\ie_games_icon.res (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\ie_video.res (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\keywords.idx (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\keywords1.dat (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\layout.cdf (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\linkpathlegal.txt (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\private_mode.res (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\privatemode.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\progress.res (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\s_icons_buttons.res (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\sales_buttons.res (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\seekmo.res (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\seekmo_ie_menu.res (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\t2_bg.res (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\theweb.mnu (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\top7.cdf (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\tsd_bg.res (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\static\2\weathericon.res (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\dynamic\1.sdf (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\dynamic\domains.txt (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\dynamic\1817352.sdf (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\dynamic\3894561.sdf (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\dynamic\2883915.sdf (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\dynamic\ustat\392a.dat (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\dynamic\ustat\392d.dat (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\dynamic\TooltipXML\1000057533 (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\dynamic\TooltipXML\528757 (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\dynamic\TooltipXML\705022 (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\dynamic\TooltipXML\1000052615 (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\dynamic\TooltipXML\76110 (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\dynamic\TooltipXML\41952 (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\dynamic\TooltipXML\220086 (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\dynamic\TooltipXML\1000063625 (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\dynamic\TooltipXML\1000032930 (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\dynamic\TooltipXML\69156 (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\dynamic\TooltipXML\1000069767 (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\dynamic\TooltipXML\1000063198 (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\dynamic\TooltipXML\1000061533 (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\dynamic\TooltipXML\1000061197 (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\dynamic\TooltipXML\705211 (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\dynamic\TooltipXML\710858 (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Seekmo\v3.5\Seekmo\dynamic\TooltipXML\1000057972 (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\ShoppingReport\cs\Config.xml (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\ShoppingReport\cs\dwld\WhiteList.xip (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\ShoppingReport\cs\report\aggr_storage.xml (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\ShoppingReport\cs\report\send_storage.xml (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\ShoppingReport\cs\db\Aliases.dbs (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\ShoppingReport\cs\db\Sites.dbs (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\ShoppingReport\cs\res1\WhiteList.dbs (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Program Files\Instant Access\Multi\20061129201137\dialerexe.ini (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\Instant Access\Multi\20061129201137\Common\module.php (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\Instant Access\Multi\20061129201137\medias\button1.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\Instant Access\Multi\20061129201137\medias\button4.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\Instant Access\Multi\20061129201137\medias\button2.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\Instant Access\Multi\20061129201137\medias\button3.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\Instant Access\Multi\20061129201137\medias\3804_dialer.ico (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\Instant Access\Multi\20061129201137\js\js_api_dialer.php (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\Instant Access\DesktopIcons\Acces-Sex.lnk (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\Instant Access\Center\Acces-Sex.lnk (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\Seekmo\bin\11.0.96.0\arrow.ico (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\Seekmo\bin\11.0.96.0\copyright.txt (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\Seekmo\bin\11.0.96.0\firefox\extensions\install.rdf (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\Seekmo\bin\11.0.96.0\firefox\extensions\chrome.manifest (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\Seekmo\bin\11.0.96.0\firefox\extensions\components\npclntax.xpt (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\ShoppingReport\Uninst.exe (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Seekmo\Reset Cursor.lnk (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Seekmo\Seekmo Customer Support Center.lnk (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Seekmo\Seekmo Uninstall Instructions.lnk (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Application Data\Icones\icones_pa.ico (Adware.GibMedia) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Bureau\Pages Annuaire.lnk (Adware.GibMedia) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Menu Démarrer\Programmes\Security Tool.LNK (Rogue.SecurityTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\michel hager\Menu Démarrer\Pages Annuaire.lnk (Adware.GibMedia) -> Quarantined and deleted successfully.
C:\WINDOWS\dialerexe.ini (Adware.EGDAccess) -> Quarantined and deleted successfully.

 Ajouter un commentaire
Ajouter un commentaire
Réponse
+0
moins plus
crapoulou 33375Messages postés 28 novembre 2007Date d'inscription ModérateurStatut 28 avril 2012Dernière intervention 28 sept. 2010 à 18:46 
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 133
Valeur(s) du Registre infectée(s): 7
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 53
Fichier(s) infecté(s): 234


Ton rapport MBAM a fait un énorme ménage !
Envoie le entier sur cijoint stp :

Aide en images.

Ajouter un commentaire - Site web
Afficher les 4 commentaires
michel - 28 sept. 2010 à 19:19
http://www.cijoint.fr/cjlink.php?file=cj201009/cijFLIIuVa.txt
Qu'es-que je dois faire?
Comment détruire le virus avec malwarebytes?
Laura - 16 oct. 2010 à 00:44
j'ai le meme problème et j'arrive pas à envoyer le lien, quelqu'un peut m'aider ?
http://www.cijoint.fr/cjlink.php?file=cj201010/cijrpm6lGz.txt
Merci d'avance !
crapoulou- 16 oct. 2010 à 23:06
Laura,

Merci de créer ton propre message sur le forum afin d'obtenir une aide personnalisée :

http://sd-1.archive-host.com/...

Crapoulou, Modérateur CCM.
Ajouter un commentaire
Réponse
+0
moins plus
crapoulou 33375Messages postés 28 novembre 2007Date d'inscription ModérateurStatut 28 avril 2012Dernière intervention 28 sept. 2010 à 19:27
Euh, ce n'est pas ça que je voulais mais ce n'est pas grave.

******

Démarre en mode sans échec et supprime ce fichier :
C:\Documents And Settings\michel hager\Local Settings\Application Data\87244.exe

********

Suppression avec AD-R :

Télécharge AD-R (de C_XX ) sur ton bureau :
= = = =>>> En cliquant ici <<<= = = =

/!\ Déconnecte-toi et ferme toutes applications en cours, désactive ton antivirus le temps de la manipulation/!\

* Exécute AD-R.
* Au menu principal clique sur le bouton "Nettoyer".
* Poste le rapport qui apparaît à la fin.
(Le rapport est sauvegardé aussi sous Ad-Report-CLEAN[1].txt)

Ajouter un commentaire - Site web
Afficher les 8 commentaires
michel - 29 sept. 2010 à 12:11
voici le rapport de ad-r
======= RAPPORT D'AD-REMOVER 2.0.0.1,F | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par C_XX le 16/09/10 à 13:30
Contact: AdRemover.contact[AT]gmail.com
Site web: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 11:59:30 le 29/09/2010, Mode sans echec

Microsoft Windows XP Édition familiale Service Pack 3 (X86)
michel hager@FIFOU ( )

============== ACTION(S) ==============



(!) -- Fichiers temporaires supprimés.



============== SCAN ADDITIONNEL ==============

** Mozilla Firefox Version [3.5.13 (fr)] **

-- C:\Documents and Settings\michel hager\Application Data\Mozilla\FireFox\Profiles\0blpg92v.default\Prefs.js --
browser.download.lastDir, C:\\Documents and Settings\\michel hager\\Mes documents
browser.search.defaultenginename, Durable
browser.search.defaulturl, hxxp://www.durable.com/result?cx=partner-pub-7902900401080901%3Azbljezwsgul&cof=FORID%3A10&ie...
browser.search.selectedEngine, Google
browser.startup.homepage, hxxp://www.durable.com/recherche
browser.startup.homepage_override.mstone, rv:1.9.1.13
keyword.URL, hxxp://www.durable.com/result?cx=partner-pub-7902900401080901%3Azbljezwsgul&cof=FORID%3A10&ie=UTF-8&q=
privacy.popups.showBrowserMessage, false

-- C:\Documents and Settings\Administrateur\Application Data\Mozilla\FireFox\Profiles\9qgf79q7.default\Prefs.js --
browser.startup.homepage, hxxp://en-us.start.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:fr:official
browser.startup.homepage_override.mstone, rv:1.9.1.12

========================================

** Internet Explorer Version [8.0.6001.18702] **

[HKCU\Software\Microsoft\Internet Explorer\Main]
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Do404Search: 0x01000000
Enable Browser Extensions: yes
Local Page: C:\WINDOWS\system32\blank.htm
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Show_ToolBar: yes
Start Page: hxxp://fr.msn.com/
Use Search Asst: no

[HKLM\Software\Microsoft\Internet Explorer\Main]
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Local Page: C:\WINDOWS\system32\blank.htm
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/

[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
Tabs: res://ieframe.dll/tabswelcome.htm
Blank: res://mshtml.dll/blank.htm

========================================

C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 13 Fichier(s)

C:\Ad-Report-CLEAN[1].txt - 29/09/2010 (478 Octet(s))

Fin à: 12:08:11, 29/09/2010

============== E.O.F ==============
michel - 29 sept. 2010 à 12:31
comment supprimer le fichier C:\Documents And Settings\michel hager\Local Settings\Application Data\87244.exe
merci
crapoulou- 29 sept. 2010 à 12:35
Clic droit => Supprimer.
S'il te dit que le processus est en cours d'exécution, arrête le avec le gestionnaire des tâches avant comme demandé ici :
http://www.commentcamarche.net/forum/affich-19303713-virus-security-tool#35
Ajouter un commentaire
Réponse
+0
moins plus
crapoulou 33375Messages postés 28 novembre 2007Date d'inscription ModérateurStatut 28 avril 2012Dernière intervention 29 sept. 2010 à 12:22
En apparence, Security Tool est-il toujours présent sur le PC ?
Comment va le PC ?

Ajouter un commentaire - Site web
michel - 29 sept. 2010 à 14:00
Crapoulou,
content peut être trop tôt,mais pour le moment plus de message de Security-Tool,le pc fonctionne correctement.Je te tiens au courent plus tard.
Merci beaucoup pour m'avoir aidé.merci à vous tous.
Ajouter un commentaire
Réponse
+0
moins plus
crapoulou 33375Messages postés 28 novembre 2007Date d'inscription ModérateurStatut 28 avril 2012Dernière intervention 29 sept. 2010 à 18:31
On va faire le point sur l'état de ton PC.
Suis les manipulations données ici qui devraient fonctionner :
http://www.commentcamarche.net/forum/affich-19303713-virus-security-tool#1

Ajouter un commentaire - Site web
Afficher les 5 commentaires
michel - 29 sept. 2010 à 21:53
Pour le moment je ne peux pas envoyer le fichier car Les fichiers avec l'extension ne peuvent pas être déposés !
je renouvèlerai la manip plus tard.
crapoulou- 29 sept. 2010 à 21:53
L'extension txt devrait fonctionner.
Ajouter un commentaire
Réponse
+0
moins plus
crapoulou 33375Messages postés 28 novembre 2007Date d'inscription ModérateurStatut 28 avril 2012Dernière intervention 30 sept. 2010 à 20:19
Ton PC est encore infecté.

Tu es infecté par un ver qui se propage dans ton ordinateur par support amovibles (clé USB, disquettes, appareils photos numériques, disques durs externes, ...)

Télécharge et installe UsbFix de C_XX & El_Desaparecido :
= = = = >>> En cliquant ici <<< = = = =

Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptibles d'avoir été infectés sans les ouvrir !

* Double clique sur le raccourci UsbFix présent sur ton bureau.
* Clique sur le bouton Recherche
* Laisse travailler l'outil.
* Ensuite poste l'intégralité du rapport UsbFix.txt qui apparaîtra.

Notes :
- Le rapport UsbFix.txt est sauvegardé a la racine du disque. (C:\UsbFix.txt)
(CTRL+A Pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller sur le forum).
- Si l'outil ne se lance pas, désactive ton antivirus le temps de la manipulation.

Ajouter un commentaire - Site web
michel - 30 sept. 2010 à 20:47
############################## | UsbFix 7.027 | [Recherche]

Utilisateur: michel hager (Administrateur) # FIFOU [ ]
Mis à jour le 28/09/10 par El Desaparecido / C_XX
Lancé à 20:44:40 | 30/09/2010
Site Web: http://www.teamxscript.org
Contact: FindyKill.Contact@gmail.com

CPU: Genuine Intel(R) CPU T2250 @ 1.73GHz
CPU 2: Genuine Intel(R) CPU T2250 @ 1.73GHz
Microsoft Windows XP Édition familiale (5.1.2600 32-Bit) # Service Pack 3
Internet Explorer 8.0.6001.18702

Pare-feu Windows: Activé
Antivirus: avast! antivirus 4.8.1368 [VPS 100930-0] 4.8.1368 [Enabled | Updated]
RAM -> 1022 Mo
C:\ (%systemdrive%) -> Disque fixe # 44 Go (14 Go libre(s) - 31%) [ACER] # FAT32
D:\ -> Disque fixe # 44 Go (44 Go libre(s) - 100%) [ACERDATA] # FAT32
E:\ -> CD-ROM
H:\ -> Disque fixe # 298 Go (121 Go libre(s) - 41%) [Philips External Hard Disk] # NTFS

################## | Éléments infectieux |



################## | Registre |


################## | Mountpoints2 |

HKCU\.\.\.\.\Explorer\MountPoints2\{78ce8f66-9e04-11dd-a8ce-001e583e4f09}
Shell\Auto\Command = fun.xls.exe
Shell\AutoRun\Command = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL fun.xls.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{ddb901a3-a12a-11de-a9a1-001e583e4f09}
Shell\AutoRun\Command = F:\USBAutoRun.exe


################## | Vaccin |

(!) Cet ordinateur n'est pas vacciné!

################## | E.O.F |
Ajouter un commentaire
Réponse
+0
moins plus
crapoulou 33375Messages postés 28 novembre 2007Date d'inscription ModérateurStatut 28 avril 2012Dernière intervention 30 sept. 2010 à 20:48
Bien pour USBFix.

Nettoyage avec UsbFix :

Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptibles d'avoir été infectés sans les ouvrir !

*Double clique sur le raccourci UsbFix présent sur ton bureau.
* Clique sur le bouton Suppression
* Ton bureau disparaîtra et le PC redémarrera.
* Au redémarrage, UsbFix scannera ton PC. Laisse travailler l'outil.
* Ensuite poste l'intégralité du rapport UsbFix.txt qui apparaîtra avec le bureau.

Note :
Le rapport UsbFix.txt est sauvegardé a la racine du disque. (C:\UsbFix.txt)

Ajouter un commentaire - Site web
michel - 30 sept. 2010 à 20:55
le pc n'a pas redémarré mais j'ai le rapport
############################## | UsbFix 7.027 | [Suppression]

Utilisateur: michel hager (Administrateur) # FIFOU [ ]
Mis à jour le 28/09/10 par El Desaparecido / C_XX
Lancé à 20:52:49 | 30/09/2010
Site Web: http://www.teamxscript.org
Contact: FindyKill.Contact@gmail.com

CPU: Genuine Intel(R) CPU T2250 @ 1.73GHz
CPU 2: Genuine Intel(R) CPU T2250 @ 1.73GHz
Microsoft Windows XP Édition familiale (5.1.2600 32-Bit) # Service Pack 3
Internet Explorer 8.0.6001.18702

Pare-feu Windows: Activé
Antivirus: avast! antivirus 4.8.1368 [VPS 100930-0] 4.8.1368 [Enabled | Updated]
RAM -> 1022 Mo
C:\ (%systemdrive%) -> Disque fixe # 44 Go (14 Go libre(s) - 31%) [ACER] # FAT32
D:\ -> Disque fixe # 44 Go (44 Go libre(s) - 100%) [ACERDATA] # FAT32
E:\ -> CD-ROM
H:\ -> Disque fixe # 298 Go (121 Go libre(s) - 41%) [Philips External Hard Disk] # NTFS

################## | Éléments infectieux |



################## | Registre |


################## | Mountpoints2 |

Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{78ce8f66-9e04-11dd-a8ce-001e583e4f09}
Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{ddb901a3-a12a-11de-a9a1-001e583e4f09}

################## | Listing |

[20/12/2005 - 11:17:28 | AD ] C:\i386
[05/08/2004 - 05:00:00 | AD ] C:\VALUEADD
[05/08/2004 - 05:00:00 | AD ] C:\dotnetfx
[29/09/2010 - 13:46:28 | ASH | 1610612736] C:\pagefile.sys
[08/11/2007 - 17:14:46 | D ] C:\Converted Music
[20/12/2005 - 11:17:34 | AD ] C:\Sysinfo
[20/12/2005 - 11:17:34 | AD ] C:\Book
[30/07/2006 - 11:02:26 | D ] C:\WINDOWS
[14/02/2005 - 10:58:16 | D ] C:\Documents and Settings
[14/02/2005 - 11:06:08 | RD ] C:\Program Files
[03/05/2006 - 06:49:46 | D ] C:\Acer
[05/08/2004 - 05:00:00 | RASH | 4952] C:\Bootfont.bin
[06/10/2008 - 07:20:36 | RASH | 252240] C:\ntldr
[05/08/2004 - 05:00:00 | RASH | 47564] C:\NTDETECT.COM
[02/04/2007 - 22:07:42 | RASH | 216] C:\boot.ini
[14/02/2005 - 11:07:12 | A | 0] C:\CONFIG.SYS
[27/06/2006 - 22:41:54 | A | 150] C:\AUTOEXEC.BAT
[14/02/2005 - 11:07:12 | RASH | 0] C:\IO.SYS
[14/02/2005 - 11:07:12 | RASH | 0] C:\MSDOS.SYS
[10/11/1999 - 08:17:54 | A | 49] C:\XPH.TAG
[27/06/2006 - 23:07:06 | RASH | 79] C:\Preload.aaa
[14/01/2009 - 16:10:12 | SHD ] C:\FOUND.000
[14/09/2009 - 20:21:28 | D ] C:\Sounds
[09/11/2009 - 16:59:30 | SHD ] C:\FOUND.001
[30/01/2010 - 14:56:48 | D ] C:\EPSON
[09/11/2006 - 03:50:20 | SHD ] C:\System Volume Information
[17/09/2010 - 17:43:16 | SHD ] C:\FOUND.002
[26/09/2010 - 19:22:02 | SHD ] C:\FOUND.003
[15/11/2008 - 19:55:56 | D ] C:\temp
[29/09/2010 - 12:09:10 | A | 2928] C:\Ad-Report-CLEAN[1].txt
[29/09/2010 - 13:46:30 | ASH | 1071763456] C:\hiberfil.sys
[30/09/2010 - 20:42:04 | D ] C:\UsbFix
[30/09/2010 - 20:52:50 | A | 949] C:\UsbFix.txt
[16/03/2008 - 13:57:04 | AH | 244] C:\sqmnoopt00.sqm
[16/03/2008 - 13:57:04 | AH | 268] C:\sqmdata00.sqm
[16/03/2008 - 13:57:04 | AH | 160] C:\sqmnoopt01.sqm
[16/03/2008 - 13:57:04 | AH | 148] C:\sqmdata01.sqm
[09/11/2006 - 12:09:06 | D ] C:\MWASPI
[09/11/2006 - 12:56:58 | SHD ] C:\Recycled
[02/05/2008 - 10:13:18 | AH | 244] C:\sqmnoopt02.sqm
[02/05/2008 - 10:13:18 | AH | 268] C:\sqmdata02.sqm
[31/08/2008 - 09:06:04 | AH | 244] C:\sqmnoopt03.sqm
[31/08/2008 - 09:06:04 | AH | 304] C:\sqmdata03.sqm
[10/10/2008 - 22:00:48 | AH | 244] C:\sqmnoopt04.sqm
[10/10/2008 - 22:00:48 | AH | 232] C:\sqmdata04.sqm
[11/10/2008 - 14:29:38 | AH | 244] C:\sqmnoopt05.sqm
[11/10/2008 - 14:29:38 | AH | 268] C:\sqmdata05.sqm
[25/10/2008 - 22:44:54 | AH | 244] C:\sqmnoopt06.sqm
[25/10/2008 - 22:44:54 | AH | 232] C:\sqmdata06.sqm
[10/11/2008 - 09:42:14 | AH | 244] C:\sqmnoopt07.sqm
[10/11/2008 - 09:42:14 | AH | 232] C:\sqmdata07.sqm
[11/11/2008 - 09:39:48 | AH | 244] C:\sqmnoopt08.sqm
[11/11/2008 - 09:39:48 | AH | 232] C:\sqmdata08.sqm
[12/11/2008 - 19:59:24 | AH | 244] C:\sqmnoopt09.sqm
[12/11/2008 - 19:59:24 | AH | 232] C:\sqmdata09.sqm
[13/11/2008 - 09:25:12 | AH | 244] C:\sqmnoopt10.sqm
[13/11/2008 - 09:25:12 | AH | 268] C:\sqmdata10.sqm
[06/02/2007 - 20:39:48 | AH | 244] C:\sqmnoopt11.sqm
[06/02/2007 - 20:39:48 | AH | 292] C:\sqmdata11.sqm
[06/02/2007 - 20:39:48 | AH | 244] C:\sqmnoopt12.sqm
[06/02/2007 - 20:39:48 | AH | 232] C:\sqmdata12.sqm
[12/09/2007 - 21:57:46 | AH | 244] C:\sqmnoopt13.sqm
[12/09/2007 - 21:57:46 | AH | 292] C:\sqmdata13.sqm
[13/01/2008 - 18:28:02 | AH | 244] C:\sqmnoopt14.sqm
[13/01/2008 - 18:28:02 | AH | 232] C:\sqmdata14.sqm
[13/01/2008 - 18:28:04 | AH | 244] C:\sqmnoopt15.sqm
[13/01/2008 - 18:28:04 | AH | 232] C:\sqmdata15.sqm
[13/01/2008 - 18:41:38 | AH | 244] C:\sqmnoopt16.sqm
[13/01/2008 - 18:41:38 | AH | 232] C:\sqmdata16.sqm
[14/01/2008 - 21:21:58 | AH | 244] C:\sqmnoopt17.sqm
[14/01/2008 - 21:21:58 | AH | 232] C:\sqmdata17.sqm
[16/03/2008 - 13:54:38 | AH | 244] C:\sqmnoopt18.sqm
[16/03/2008 - 13:54:38 | AH | 268] C:\sqmdata18.sqm
[16/03/2008 - 13:54:38 | AH | 136] C:\sqmnoopt19.sqm
[16/03/2008 - 13:54:38 | AH | 268] C:\sqmdata19.sqm
[22/02/2007 - 13:11:20 | D ] C:\Poker
[28/02/2007 - 21:51:00 | D ] C:\Données Ciel
[29/03/2007 - 19:22:06 | D ] C:\smartcaisse
[09/11/2006 - 03:53:24 | SHD ] D:\System Volume Information
[09/11/2006 - 13:53:46 | SHD ] D:\Recycled
[17/10/2007 - 20:30:34 | SH | 2644] D:\AlbumArtSmall.jpg
[17/10/2007 - 20:30:34 | SH | 2644] D:\AlbumArt_{CD5FAC0E-907A-4C54-8464-BE4473D65346}_Small.jpg
[17/10/2007 - 20:30:34 | SH | 10624] D:\Folder.jpg
[17/10/2007 - 20:30:34 | SH | 10624] D:\AlbumArt_{CD5FAC0E-907A-4C54-8464-BE4473D65346}_Large.jpg
[17/10/2007 - 20:30:34 | SH | 377] D:\desktop.ini
[08/05/2007 - 13:38:08 | SHD ] H:\$RECYCLE.BIN
[26/09/2009 - 21:52:12 | D ] H:\CD
[25/07/2006 - 09:34:58 | ASH | 78] H:\Desktop.ini
[26/09/2009 - 21:47:56 | D ] H:\FETARD'OC
[28/06/2010 - 12:55:49 | D ] H:\films mathieu
[28/06/2010 - 12:36:02 | D ] H:\Incoming
[08/07/2007 - 22:43:43 | D ] H:\MARIAGE AURELIE
[12/08/2010 - 13:55:27 | RAD ] H:\My Music
[22/05/2007 - 13:34:08 | RAD ] H:\My Pictures
[20/04/2007 - 15:29:54 | RAD ] H:\My Videos
[31/07/2006 - 12:12:27 | AD ] H:\Philips User Manual
[28/04/2007 - 22:41:31 | D ] H:\photos abeilles
[26/07/2007 - 12:45:45 | D ] H:\photos camion
[30/06/2007 - 21:48:27 | D ] H:\PHOTOS MATHIEU
[07/07/2007 - 09:18:25 | D ] H:\PHOTOS ZOO MITCH
[24/10/2008 - 10:37:29 | SHD ] H:\RECYCLER
[22/10/2008 - 20:47:40 | SHD ] H:\System Volume Information
[15/07/2007 - 21:50:44 | D ] H:\vacances

################## | Vaccin |

C:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX)
D:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX)
H:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX)

################## | E.O.F |
Ajouter un commentaire
Réponse
+0
moins plus
crapoulou 33375Messages postés 28 novembre 2007Date d'inscription ModérateurStatut 28 avril 2012Dernière intervention 30 sept. 2010 à 21:14
Bien.
Comment va le PC ?
Mets à jour MBAM.
Fais une analyse rapide du système stp.
Envoie le rapport.

Ajouter un commentaire - Site web
michel - 30 sept. 2010 à 21:31
Quelqu'un sur le site m'avait dit de faire ctrl alt sup désolé je ne me souvient pas de son prénom
En le faisant sécurité tool était en cour d'exécution je les sup.
Qu'es-que MBAM?
michel - 30 sept. 2010 à 21:35
J'ai a nouveau fait ctrl alt sup il est toujours en cour d'execution
Ajouter un commentaire
Réponse
+0
moins plus
crapoulou 33375Messages postés 28 novembre 2007Date d'inscription ModérateurStatut 28 avril 2012Dernière intervention 30 sept. 2010 à 21:40
MBAM = MalwareBytes anti malware.

Ajouter un commentaire - Site web
michel - 30 sept. 2010 à 21:43
desole
crapoulou- 30 sept. 2010 à 21:43
Pas de souci.
michel - 30 sept. 2010 à 21:51
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Version de la base de données: 4710

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

30/09/2010 21:50:40
mbam-log-2010-09-30 (21-50-40).txt

Type d'examen: Examen rapide
Elément(s) analysé(s): 148223
Temps écoulé: 7 minute(s), 43 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
Ajouter un commentaire
Réponse
+0
moins plus
Firewall 30 sept. 2010 à 21:55
Bonjour ,
Je viens de me débarrasser de SECURITY TOOL grâce à un utilitaire de chez Kaspersky .
Il faut aller à cette adresse http://support.kaspersky.com/fr/viruses/utility puis
télécharger Kaspersky Virus Removal Tool ( EXE,72,2MB). version 9.0.0.722

Démarrer le Pc en mode sans échec (F8) puis installer kaspersky Virus Removal Tool . Le lancer puis Il fera le reste après un scan de votre PC et vous serez débarrasser de ce virus.

 Ajouter un commentaire
Ajouter un commentaire
Réponse
+0
moins plus
crapoulou 33375Messages postés 28 novembre 2007Date d'inscription ModérateurStatut 28 avril 2012Dernière intervention 30 sept. 2010 à 22:10
As-tu un rapport de cet outil stp ?
Qu'a-t-il supprimé au juste ?

********

Télécharge SEAF.exe de C_XX sur ton bureau :
= = = = =>>> En cliquant ici <<<= = = = =

* Double clique sur SEAF.exe que tu viens de télécharger.
* Une fenêtre va s'ouvrir.
* Copie-colle ceci dans la barre de recherche blanche Security tool
* Coche sur la droite : "Chercher également dans le registre"
* Coche en bas "Afficher les ADS" et "Informations supplémentaires".
* Clique ensuite sur "Lancer la recherche".
* Patiente pendant la recherche.
* Une fenêtre avec un rapport au format ".txt" va s'afficher.
* Copie/colle ce rapport dans ta prochaine réponse.

Ajouter un commentaire - Site web
michel - 30 sept. 2010 à 22:22
1. ========================= SEAF 1.0.0.8 - C_XX
2.
3. Commencé à: 22:18:55 le 30/09/2010
4.
5. Valeur(s) recherchée(s):
6. Security tool
7.
8. (!) --- Informations supplémentaires
9. (!) --- Affichage des ADS
10. (!) --- Recherche registre
11.
12. ====== Fichier(s) (TC: Date de création, TM: Date de modification, DA, Dernier accès) ======
13.
14. Aucun fichier trouvé
15.
16.
17. ====== Entrée(s) du registre ======
18.
19. Aucun élément dans le registre trouvé
20.
21. =========================
22.
23. Fin à: 22:21:01 le 30/09/2010 ( E.O.F )
24.
25. =========================
michel - 30 sept. 2010 à 22:24
gestionnaire des taches
security tools en cours d'exécution
C'est l'intitulé du forum désolé
Ajouter un commentaire
Réponse
+1
moins plus
Firewall 30 sept. 2010 à 22:35
Le fichier concerné se trouve dans le dossier appdata (dossier cacher) .Le virus est un fichier éxécutable de la forme 312523653.exe(si tu trouves un fichier avec autant de chiffre + le .EXE c'est ton virus) .Si tu te sers de Kaspersky (je ne veux pas faire de pub) il te le détectera et te le supprimera. J'ai essayé Malwarebytes' Anti-Malware en mode sans echec . Il m'a détecté les virus , me les a supprimés, et quelle surprise de les retrouver en lançant windows normalement .J'ai passé ma soirée pour trouver un logiciel adéquat et kaspersky est fiable .En sachant que le PC que je désinfecte n'est pas le mien.


Pour info pour télécharger n'importe quelle fichiers , il vous faut une autre bécane car Sécurity Tool empêche tous téléchargements .

 Ajouter un commentaire
Ajouter un commentaire
Réponse
+0
moins plus
crapoulou 33375Messages postés 28 novembre 2007Date d'inscription ModérateurStatut 28 avril 2012Dernière intervention 30 sept. 2010 à 23:03
gestionnaire des taches
security tools en cours d'exécution
C'est l'intitulé du forum désolé

???

As-tu un rapport de cet outil stp ?
Qu'a-t-il supprimé au juste ?

Ajouter un commentaire - Site web
michel - 1 oct. 2010 à 07:29
de quel outil tu parles?
je suis que ce que toi tu me dis de faire
michel - 1 oct. 2010 à 19:32
Bonjour
Qu'es que je dois faire?
crapoulou- 1 oct. 2010 à 19:51
On en est là michel ;-)
http://www.commentcamarche.net/forum/affich-19303713-virus-security-tool?page=2#73

Quel est le nom du processus en cors d'exécution ??

On a bientôt terminé.
Ajouter un commentaire
1 2 Suivant
Posez votre question
Ce document intitulé « virus security tool » issu de CommentCaMarche (www.commentcamarche.net) est mis à disposition sous les termes de la licence Creative Commons. Vous pouvez copier, modifier des copies de cette page, dans les conditions fixées par la licence, tant que cette note apparaît clairement.
Dossier à la une
Passage au tout numérique : quel coût pour les particuliers ?
virus security tool - page 2