Posez votre question Signaler

Protected search [Résolu]

naninonu - Dernière réponse le 29 déc. 2011 à 23:20
Bonjour,
j'ai le même problème que les gens avec protected search qui bouffe ma page d 'accueil
help me please lol
merci de vos réponses
Lire la suite 
Réponse
+1
moins plus
Salut,

1/
Télécharge AdwCleaner (merci à Xplode)
Ou ADWCleaner ici
Lance AdwCleaner
Clique sur le bouton [ Suppression ]
Patiente...
Poste le rapport qui apparait en fin de recherche.
Il se trouve également à C:\AdwCleaner[SX] (où X est un chiffre)

2/
Nous allons effectuer un diagnostic de ton PC:
*Télécharge ZHPDiag sur ton bureau :

http://telechargement.zebulon.fr/zhpdiag.html
ou :
http://www.premiumorange.com/zeb-help-process/zhpdiag.html

* Laisse toi guider lors de l'installation,coche "Ajouter une icône sur le bureau" et décoche la case "Exécuter ZHPDiag"

/!\Utilisateur de Vista et Seven : Clique droit sur le logo de ZHPdiag, « exécuter en tant qu'Administrateur »

* Clique sur l'icône représentant une loupe (« Lancer le diagnostic »)
* Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
* Héberge le rapport ZHPDiag.txt sur un des sites ci dessous, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum : http://www.cijoint.fr/
Si indisponible, tu peux essayer avec l'un de ces liens:
http://dl.free.fr
http://www.toofiles.com/fr/documents-upload.html
http://www.terafiles.net/
http://www.casimages.com
http://pjjoint.malekal.com/

* Tuto zhpdiag :
http://www.premiumorange.com/zeb-help-process/zhpdiag.html

Hébergement de rapport sur cijoint.fr/

Rend toi sur ce site : http://www.cijoint.fr/
Clique sur Choisissez un fichier
Clique sur "Cliquez ici pour déposer le fichier".
Un lien de cette forme : http://www.cijoint.fr/cjlink.php?file=cj44123/cijSKAP5fU.txt
est ajouté dans la page. Copie ce lien dans ta réponse.
============================================
Aide : >>> hébergement ICI <<<

@+
naninonu- 2 déc. 2011 à 16:17
http://www.toofiles.com/fr/oip/documents/txt/6075_zhpdiag.html

j 'espere que c 'est bien sa qu'il fallait faire
merci
Répondre
catherine- 10 déc. 2011 à 21:37
voici le rapport de zhpdiag

http://dl.free.fr/fdhZpH6Ul

Merci pour votre aide
Répondre
deejayxav- 29 déc. 2011 à 23:20
Bonsoir,

Merci de m'aider à nettoyer mon PC qui présente le meme symptome que naninonu.

1/ rapport AdwCleaner :

# AdwCleaner v1.403 - Rapport créé le 29/12/2011 à 22:57:21
# Mis à jour le 24/12/11 à 14h par Xplode
# Système d'exploitation : Windows Vista (TM) Ultimate Service Pack 1 (32 bits)
# Nom d'utilisateur : Xavier - PCSOUSVISTA (Administrateur)
# Exécuté depuis : C:\Users\Xavier\Downloads\adwcleaner.exe
# Option [Suppression]


***** [Services] *****

Arrêté & Supprimé : : Application Updater

***** [Fichiers / Dossiers] *****

Dossier Supprimé : C:\ProgramData\Babylon
Dossier Supprimé : C:\Users\Xavier\AppData\Roaming\Babylon
Dossier Supprimé : C:\Users\Xavier\AppData\Roaming\Complitly
Dossier Supprimé : C:\Users\Xavier\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
Dossier Supprimé : C:\Users\Xavier\AppData\Local\Babylon
Dossier Supprimé : C:\Users\Xavier\AppData\LocalLow\Search Settings
Dossier Supprimé : C:\Users\Xavier\AppData\LocalLow\pdfforge
Dossier Supprimé : C:\Users\Xavier\AppData\LocalLow\Toolbar4
Dossier Supprimé : C:\Program Files\Complitly
Dossier Supprimé : C:\Program Files\pdfforge Toolbar
Dossier Supprimé : C:\Program Files\Common Files\spigot
Dossier Supprimé : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Dossier Supprimé : C:\Users\Xavier\AppData\Roaming\Mozilla\Firefox\Profiles\ztsbc9q5.default\extensions\{33E0DAA6-3AF3-D8B5-6752-10E949C61516}

***** [Registre] *****

[*] Clé Supprimée : HKLM\SOFTWARE\Classes\TBSB02609.IEToolbar
[*] Clé Supprimée : HKLM\SOFTWARE\Classes\TBSB02609.IEToolbar.1
[*] Clé Supprimée : HKLM\SOFTWARE\Classes\TBSB02609.TBSB02609
[*] Clé Supprimée : HKLM\SOFTWARE\Classes\TBSB02609.TBSB02609.3
[*] Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar3.TBSB02609
[*] Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar3.TBSB02609.1
Clé Supprimée : HKCU\Software\Complitly
Clé Supprimée : HKCU\Software\AppDataLow\Software\AskToolbar
Clé Supprimée : HKCU\Software\AppDataLow\Software\pdfforge
Clé Supprimée : HKCU\Software\AppDataLow\Software\Search Settings
Clé Supprimée : HKLM\SOFTWARE\Application Updater
Clé Supprimée : HKLM\SOFTWARE\Babylon
Clé Supprimée : HKLM\SOFTWARE\pdfforge
Clé Supprimée : HKLM\SOFTWARE\Search Settings
Clé Supprimée : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
Clé Supprimée : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
Clé Supprimée : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Clé Supprimée : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Clé Supprimée : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO
Clé Supprimée : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO.1
Clé Supprimée : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Clé Supprimée : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Clé Supprimée : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Clé Supprimée : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Clé Supprimée : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Clé Supprimée : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Clé Supprimée : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Clé Supprimée : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Clé Supprimée : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Clé Supprimée : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Clé Supprimée : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Clé Supprimée : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager
Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager.1
Clé Supprimée : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook
Clé Supprimée : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\SoftwareUpdate.exe
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{CDB982ED-F9D6-4E3B-B94B-96F705D35AD1}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{D433A9D0-8267-40CB-8AD5-24F22FA5373F}
Clé Supprimée : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Clé Supprimée : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Clé Supprimée : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2796BAE63F1801E277261BA0D77770028F20EEE4
Clé Supprimée : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DE28F4A4FFE5B92FA3C503D1A349A7F9962A8212
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8856F961-340A-11D0-A96B-00C04FD705A2}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{B922D405-6D13-4A2B-AE89-08A030DA4402}]
Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{CA3EB689-8F09-4026-AA10-B9534C691CE0}]
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{B922D405-6D13-4A2B-AE89-08A030DA4402}]
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CDB982ED-F9D6-4E3B-B94B-96F705D35AD1}]

***** [Navigateurs] *****

-\\ Internet Explorer v8.0.6001.19019

Remplacé : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://webplayersearch.com/ --> hxxp://www.google.fr
Remplacé : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://webplayersearch.com/ --> hxxp://www.google.fr

-\\ Mozilla Firefox v8.0 (fr)

Profil : ztsbc9q5.default
Fichier : C:\Users\Xavier\AppData\Roaming\Mozilla\Firefox\Profiles\ztsbc9q5.default\prefs.js

C:\Users\Xavier\AppData\Roaming\Mozilla\Firefox\Profiles\ztsbc9q5.default\user.js ... Supprimé !

Supprimée : user_pref("browser.startup.homepage", "hxxp://search.webplayer.tv");
Supprimée : user_pref("extensions.asktb.cbid", "N9");
Supprimée : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://fr.ask.com/web?q={query}&qsrc={qsrc}&[...]
Supprimée : user_pref("extensions.asktb.dtid", "YYYYYYYYFR");
Supprimée : user_pref("extensions.asktb.fresh-install", false);
Supprimée : user_pref("extensions.asktb.l", "dis");
Supprimée : user_pref("extensions.asktb.last-config-req", "1298014935279");
Supprimée : user_pref("extensions.asktb.locale", "fr_FR");
Supprimée : user_pref("extensions.asktb.nero.userName", "");
Supprimée : user_pref("extensions.asktb.o", "15418");
Supprimée : user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
Supprimée : user_pref("extensions.asktb.qsrc", "2871");
Supprimée : user_pref("extensions.asktb.r", "2");

*************************

AdwCleaner[S1].txt - [12330 octets] - [29/12/2011 22:57:21]

*************************

Dossier Temporaire : 86 dossier(s)et 1150 fichier(s) supprimés

########## EOF - C:\AdwCleaner[S1].txt - [12554 octets] ##########


2/ lien rapport ZHPDiag :

http://dl.free.fr/jN1K6gwbD

Merci pour votre précieuse aide
Répondre
Ajouter un commentaire
Annonces
 
moins plus
Réponse
+0
moins plus
Re,

Oh, ton PC est très infecté surtout par des adwares!!!

1/
Lance ADWCleaner comme je t'ai demandé >>> ICI <<< en 1/ puis poste le rapport stp

2/
* Télécharge de AD-Remover sur ton Bureau.
http://www.teamxscript.org/adremoverTelechargement.html

/!\ Ferme toutes applications en cours /!\

- Double sur l'icône Ad-remover située sur ton Bureau.
-Pour vista/Seven : clique avec le bouton droit de la souris et choisis « exécuter en tant qu'administrateur »
- Sur la page, clique sur le bouton « Nettoyer »
- Confirme lancement du scan
- Laisse travailler l'outil.
- Poste le rapport qui apparaît à la fin.

(Le rapport est sauvegardé aussi sous C:\Ad-report(Scan/clean).Txt)

(CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour c

3/
/!\ ATTENTION : cette analyse peut durer quelques heures /!\

* Télécharge MBAM et installe le selon l'emplacement par défaut
http://www.malwarebytes.org/mwb-download.php
* Lance Malwarebytes' Anti-Malware
* Fais la mise à jour
* Clique dans l'onglet "Recherche"
* Coche l'option "Exécuter un examen complet" puis sur le bouton "Rechercher"
* Choisis de scanner tous tes disques durs, puis clique sur 'Lancer l'examen"

A la fin de l'analyse, si MBAM n'a rien trouvé :

* Clique sur OK, le rapport s'ouvre spontanément

Si des menaces ont été détectées :

* Clique sur OK puis "Afficher les résultats"
*Vérifie que toutes les lignes sont cochées
* Choisis l'option "Supprimer la sélection"
* Si MBAM demande le redémarrage de Windows : Clique sur "Oui"
* Le rapport s'ouvre automatiquement après la suppression, il se trouve aussi dans l'onglet "Rapports/Logs"

* Copie/colle le rapport dans le prochain message


Remarque :
- S'il y'a un problème de mise à jour de mbam, tu peux la faire manuellement en téléchargeant ce fichier puis en l'exécutant.


@+
Ajouter un commentaire
Annonces
 
moins plus
Réponse
+0
moins plus
le rapport de mbam

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Version de la base de données: 8292

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

03/12/2011 02:12:21
mbam-log-2011-12-03 (02-12-21).txt

Type d'examen: Examen complet (C:\|E:\|)
Elément(s) analysé(s): 226253
Temps écoulé: 42 minute(s), 32 seconde(s)

Processus mémoire infecté(s): 5
Module(s) mémoire infecté(s): 2
Clé(s) du Registre infectée(s): 10
Valeur(s) du Registre infectée(s): 9
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 3
Fichier(s) infecté(s): 109

Processus mémoire infecté(s):
c:\program files\questscan\questscan.exe (Adware.Agent.ZGen) -> 152 -> Unloaded process successfully.
c:\program files\questscan\questscan.exe (Adware.Agent.ZGen) -> 3328 -> Unloaded process successfully.
c:\WINDOWS\system32\config\systemprofile\local settings\application data\windows internet name service\wins.exe (Trojan.Sefnit) -> 3420 -> Unloaded process successfully.
c:\WINDOWS\system32\config\systemprofile\local settings\application data\windows internet name service\wins.exe (Trojan.Sefnit) -> 3336 -> Unloaded process successfully.
c:\program files\brightbreeze\bin\2.0.5.0\brightbreezesa.exe (Adware.HotBar.BB) -> 3892 -> Unloaded process successfully.

Module(s) mémoire infecté(s):
c:\program files\questscan\questscan.dll (Adware.Agent.ZGen) -> Delete on reboot.
c:\program files\brightbreeze\bin\2.0.5.0\brightbreezesahook.dll (Adware.HotBar.BB) -> Delete on reboot.

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\QuestScan Service (Adware.Agent.ZGen) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Windows Internet Name Service (Trojan.Sefnit) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\brightbreezesa (Adware.HotBar.BB) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\BrightBreeze (Adware.HotBar.BB) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BrightBreezeSA (Adware.HotBar.BB) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\QUESTSCAN (Adware.QuestScan) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\QUESTSCAN (Adware.QuestScan) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_QUESTSCAN_SERVICE (Adware.QuestScan) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Chat-Landmessenger (Trojan.Hijacker) -> Value: Chat-Landmessenger -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{EB620C54-E229-4942-87CE-E717109FC8C6} (Adware.ShoppingReport2) -> Value: {EB620C54-E229-4942-87CE-E717109FC8C6} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{EB620C54-E229-4942-87CE-E717109FC8C6} (Adware.ShoppingReport2) -> Value: {EB620C54-E229-4942-87CE-E717109FC8C6} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{DB38E21A-0133-419d-92AD-ECDFD5244D6D} (Adware.ShoppingReport2) -> Value: {DB38E21A-0133-419d-92AD-ECDFD5244D6D} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{DB38E21A-0133-419d-92AD-ECDFD5244D6D} (Adware.ShoppingReport2) -> Value: {DB38E21A-0133-419d-92AD-ECDFD5244D6D} -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\BrightBreezeSA (Adware.HotBar.BB) -> Value: BrightBreezeSA -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\QuestScan\DisplayName (Adware.QuestScan) -> Value: DisplayName -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\QuestScan\DllPath (Adware.QuestScan) -> Value: DllPath -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Windows Internet Name Service\ImagePath (Trojan.P2P) -> Value: ImagePath -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Internet Explorer\control panel\HomePage (PUM.Hijack.HomePageControl) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
c:\program files\brightbreeze\bin (Adware.HotBar.BB) -> Delete on reboot.
c:\program files\brightbreeze\bin\2.0.5.0 (Adware.HotBar.BB) -> Delete on reboot.
c:\documents and settings\all users\application data\brightbreezesa (Adware.HotBar.BB) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
c:\program files\questscan\questscan.exe (Adware.Agent.ZGen) -> Quarantined and deleted successfully.
c:\program files\questscan\questscan.dll (Adware.Agent.ZGen) -> Delete on reboot.
c:\WINDOWS\system32\config\systemprofile\local settings\application data\windows internet name service\wins.exe (Trojan.Sefnit) -> Delete on reboot.
c:\documents and settings\Userinit\chat-land\chat-landmessenger.exe (Trojan.Hijacker) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\questscan\questscan191.exe (Adware.Agent.ZGen) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\questscan\questscan193.exe (Adware.Agent.ZGen) -> Quarantined and deleted successfully.
c:\program files\ad-remover\quarantine\C\program files\mywebsearch\bar\1.bin\f3imstub.dll.vir (PUP.FunWebProducts) -> Quarantined and deleted successfully.
c:\program files\ad-remover\quarantine\C\program files\mywebsearch\bar\1.bin\m3ieovr.dll.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\ad-remover\quarantine\C\program files\mywebsearch\bar\1.bin\m3srchmn.exe.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\ad-remover\quarantine\C\program files\mywebsearch\bar\1.bin\f3cjpeg.dll.vir (PUP.FunWebProducts) -> Quarantined and deleted successfully.
c:\program files\ad-remover\quarantine\C\program files\mywebsearch\bar\1.bin\f3dtactl.dll.vir (PUP.FunWebProducts) -> Quarantined and deleted successfully.
c:\program files\ad-remover\quarantine\C\program files\mywebsearch\bar\1.bin\f3histsw.dll.vir (PUP.FunWebProducts) -> Quarantined and deleted successfully.
c:\program files\ad-remover\quarantine\C\program files\mywebsearch\bar\1.bin\f3hkstub.dll.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\ad-remover\quarantine\C\program files\mywebsearch\bar\1.bin\f3htmlmu.dll.vir (PUP.FunWebProducts) -> Quarantined and deleted successfully.
c:\program files\ad-remover\quarantine\C\program files\mywebsearch\bar\1.bin\f3httpct.dll.vir (PUP.FunWebProducts) -> Quarantined and deleted successfully.
c:\program files\ad-remover\quarantine\C\program files\mywebsearch\bar\1.bin\f3popswt.dll.vir (PUP.FunWebProducts) -> Quarantined and deleted successfully.
c:\program files\ad-remover\quarantine\C\program files\mywebsearch\bar\1.bin\f3pssavr.scr.vir (PUP.FunWebProducts) -> Quarantined and deleted successfully.
c:\program files\ad-remover\quarantine\C\program files\mywebsearch\bar\1.bin\f3reghk.dll.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\ad-remover\quarantine\C\program files\mywebsearch\bar\1.bin\f3reprox.dll.vir (PUP.FunWebProducts) -> Quarantined and deleted successfully.
c:\program files\ad-remover\quarantine\C\program files\mywebsearch\bar\1.bin\f3restub.dll.vir (PUP.FunWebProducts) -> Quarantined and deleted successfully.
c:\program files\ad-remover\quarantine\C\program files\mywebsearch\bar\1.bin\f3schmon.exe.vir (PUP.FunWebProducts) -> Quarantined and deleted successfully.
c:\program files\ad-remover\quarantine\C\program files\mywebsearch\bar\1.bin\f3scrctr.dll.vir (PUP.FunWebProducts) -> Quarantined and deleted successfully.
c:\program files\ad-remover\quarantine\C\program files\mywebsearch\bar\1.bin\f3wphook.dll.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\ad-remover\quarantine\C\program files\mywebsearch\bar\1.bin\m3auxstb.dll.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\ad-remover\quarantine\C\program files\mywebsearch\bar\1.bin\m3dlghk.dll.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\ad-remover\quarantine\C\program files\mywebsearch\bar\1.bin\m3highin.exe.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\ad-remover\quarantine\C\program files\mywebsearch\bar\1.bin\m3html.dll.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\ad-remover\quarantine\C\program files\mywebsearch\bar\1.bin\m3idle.dll.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\ad-remover\quarantine\C\program files\mywebsearch\bar\1.bin\m3impipe.exe.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\ad-remover\quarantine\C\program files\mywebsearch\bar\1.bin\m3medint.exe.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\ad-remover\quarantine\C\program files\mywebsearch\bar\1.bin\m3msg.dll.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\ad-remover\quarantine\C\program files\mywebsearch\bar\1.bin\m3outlcn.dll.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\ad-remover\quarantine\C\program files\mywebsearch\bar\1.bin\m3plugin.dll.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\ad-remover\quarantine\C\program files\mywebsearch\bar\1.bin\m3skin.dll.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\ad-remover\quarantine\C\program files\mywebsearch\bar\1.bin\m3skplay.exe.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\ad-remover\quarantine\C\program files\mywebsearch\bar\1.bin\m3slsrch.exe.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\ad-remover\quarantine\C\program files\mywebsearch\bar\1.bin\mwsbar.dll.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\ad-remover\quarantine\C\program files\mywebsearch\bar\1.bin\mwsmlbtn.dll.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\ad-remover\quarantine\C\program files\mywebsearch\bar\1.bin\mwsoemon.exe.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\ad-remover\quarantine\C\program files\mywebsearch\bar\1.bin\mwsoeplg.dll.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\ad-remover\quarantine\C\program files\mywebsearch\bar\1.bin\mwsoestb.dll.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\ad-remover\quarantine\C\program files\mywebsearch\bar\1.bin\mwssrcas.dll.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\ad-remover\quarantine\C\program files\mywebsearch\bar\1.bin\mwssvc.exe.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\ad-remover\quarantine\C\program files\mywebsearch\bar\1.bin\mwsuabtn.dll.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\ad-remover\quarantine\C\program files\mywebsearch\bar\1.bin\npmywebs.dll.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\ad-remover\quarantine\C\program files\shoppingreport2\Bin\2.7.37\shoppingreport.dll.vir (Adware.SmartShopper) -> Quarantined and deleted successfully.
c:\program files\ad-remover\quarantine\C\WINDOWS\system32\f3pssavr.scr.vir (PUP.FunWebProducts) -> Quarantined and deleted successfully.
c:\program files\WinRAR\Patch.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\system volume information\_restore{a1980575-00f1-4c9c-a335-a696ad1a9f3c}\RP143\A0017791.dll (Adware.Agent.ZGen) -> Quarantined and deleted successfully.
c:\system volume information\_restore{a1980575-00f1-4c9c-a335-a696ad1a9f3c}\RP143\A0017792.exe (Adware.Agent.ZGen) -> Quarantined and deleted successfully.
c:\system volume information\_restore{a1980575-00f1-4c9c-a335-a696ad1a9f3c}\RP143\A0017793.exe (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\system volume information\_restore{a1980575-00f1-4c9c-a335-a696ad1a9f3c}\RP143\A0017795.DLL (PUP.FunWebProducts) -> Quarantined and deleted successfully.
c:\system volume information\_restore{a1980575-00f1-4c9c-a335-a696ad1a9f3c}\RP143\A0017796.DLL (PUP.FunWebProducts) -> Quarantined and deleted successfully.
c:\system volume information\_restore{a1980575-00f1-4c9c-a335-a696ad1a9f3c}\RP143\A0017797.DLL (PUP.FunWebProducts) -> Quarantined and deleted successfully.
c:\system volume information\_restore{a1980575-00f1-4c9c-a335-a696ad1a9f3c}\RP144\A0018039.exe (Trojan.Hijacker) -> Quarantined and deleted successfully.
c:\system volume information\_restore{a1980575-00f1-4c9c-a335-a696ad1a9f3c}\RP149\A0022130.exe (Adware.Agent.ZGen) -> Quarantined and deleted successfully.
c:\system volume information\_restore{a1980575-00f1-4c9c-a335-a696ad1a9f3c}\RP152\A0022163.dll (Adware.Agent.ZGen) -> Quarantined and deleted successfully.
c:\system volume information\_restore{a1980575-00f1-4c9c-a335-a696ad1a9f3c}\RP152\A0022164.exe (Adware.Agent.ZGen) -> Quarantined and deleted successfully.
c:\system volume information\_restore{a1980575-00f1-4c9c-a335-a696ad1a9f3c}\RP152\A0022165.dll (Adware.Agent.ZGen) -> Quarantined and deleted successfully.
c:\system volume information\_restore{a1980575-00f1-4c9c-a335-a696ad1a9f3c}\RP152\A0022166.exe (Adware.Agent.ZGen) -> Quarantined and deleted successfully.
c:\system volume information\_restore{a1980575-00f1-4c9c-a335-a696ad1a9f3c}\RP194\A0030373.scr (PUP.FunWebProducts) -> Quarantined and deleted successfully.
c:\system volume information\_restore{a1980575-00f1-4c9c-a335-a696ad1a9f3c}\RP194\A0030387.DLL (PUP.FunWebProducts) -> Quarantined and deleted successfully.
c:\system volume information\_restore{a1980575-00f1-4c9c-a335-a696ad1a9f3c}\RP194\A0030388.DLL (PUP.FunWebProducts) -> Quarantined and deleted successfully.
c:\system volume information\_restore{a1980575-00f1-4c9c-a335-a696ad1a9f3c}\RP194\A0030389.DLL (PUP.FunWebProducts) -> Quarantined and deleted successfully.
c:\system volume information\_restore{a1980575-00f1-4c9c-a335-a696ad1a9f3c}\RP194\A0030390.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\system volume information\_restore{a1980575-00f1-4c9c-a335-a696ad1a9f3c}\RP194\A0030391.DLL (PUP.FunWebProducts) -> Quarantined and deleted successfully.
c:\system volume information\_restore{a1980575-00f1-4c9c-a335-a696ad1a9f3c}\RP194\A0030392.DLL (PUP.FunWebProducts) -> Quarantined and deleted successfully.
c:\system volume information\_restore{a1980575-00f1-4c9c-a335-a696ad1a9f3c}\RP194\A0030393.DLL (PUP.FunWebProducts) -> Quarantined and deleted successfully.
c:\system volume information\_restore{a1980575-00f1-4c9c-a335-a696ad1a9f3c}\RP194\A0030394.DLL (PUP.FunWebProducts) -> Quarantined and deleted successfully.
c:\system volume information\_restore{a1980575-00f1-4c9c-a335-a696ad1a9f3c}\RP194\A0030396.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\system volume information\_restore{a1980575-00f1-4c9c-a335-a696ad1a9f3c}\RP194\A0030397.DLL (PUP.FunWebProducts) -> Quarantined and deleted successfully.
c:\system volume information\_restore{a1980575-00f1-4c9c-a335-a696ad1a9f3c}\RP194\A0030398.DLL (PUP.FunWebProducts) -> Quarantined and deleted successfully.
c:\system volume information\_restore{a1980575-00f1-4c9c-a335-a696ad1a9f3c}\RP194\A0030399.EXE (PUP.FunWebProducts) -> Quarantined and deleted successfully.
c:\system volume information\_restore{a1980575-00f1-4c9c-a335-a696ad1a9f3c}\RP194\A0030400.DLL (PUP.FunWebProducts) -> Quarantined and deleted successfully.
c:\system volume information\_restore{a1980575-00f1-4c9c-a335-a696ad1a9f3c}\RP194\A0030401.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\system volume information\_restore{a1980575-00f1-4c9c-a335-a696ad1a9f3c}\RP194\A0030402.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\system volume information\_restore{a1980575-00f1-4c9c-a335-a696ad1a9f3c}\RP194\A0030403.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\system volume information\_restore{a1980575-00f1-4c9c-a335-a696ad1a9f3c}\RP194\A0030404.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\system volume information\_restore{a1980575-00f1-4c9c-a335-a696ad1a9f3c}\RP194\A0030405.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\system volume information\_restore{a1980575-00f1-4c9c-a335-a696ad1a9f3c}\RP194\A0030406.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\system volume information\_restore{a1980575-00f1-4c9c-a335-a696ad1a9f3c}\RP194\A0030407.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\system volume information\_restore{a1980575-00f1-4c9c-a335-a696ad1a9f3c}\RP194\A0030408.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\system volume information\_restore{a1980575-00f1-4c9c-a335-a696ad1a9f3c}\RP194\A0030409.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\system volume information\_restore{a1980575-00f1-4c9c-a335-a696ad1a9f3c}\RP194\A0030410.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\system volume information\_restore{a1980575-00f1-4c9c-a335-a696ad1a9f3c}\RP194\A0030411.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\system volume information\_restore{a1980575-00f1-4c9c-a335-a696ad1a9f3c}\RP194\A0030413.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\system volume information\_restore{a1980575-00f1-4c9c-a335-a696ad1a9f3c}\RP194\A0030414.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\system volume information\_restore{a1980575-00f1-4c9c-a335-a696ad1a9f3c}\RP194\A0030415.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\system volume information\_restore{a1980575-00f1-4c9c-a335-a696ad1a9f3c}\RP194\A0030416.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\system volume information\_restore{a1980575-00f1-4c9c-a335-a696ad1a9f3c}\RP194\A0030418.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\system volume information\_restore{a1980575-00f1-4c9c-a335-a696ad1a9f3c}\RP194\A0030419.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\system volume information\_restore{a1980575-00f1-4c9c-a335-a696ad1a9f3c}\RP194\A0030420.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\system volume information\_restore{a1980575-00f1-4c9c-a335-a696ad1a9f3c}\RP194\A0030421.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\system volume information\_restore{a1980575-00f1-4c9c-a335-a696ad1a9f3c}\RP194\A0030422.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\system volume information\_restore{a1980575-00f1-4c9c-a335-a696ad1a9f3c}\RP194\A0030423.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\system volume information\_restore{a1980575-00f1-4c9c-a335-a696ad1a9f3c}\RP194\A0030424.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\system volume information\_restore{a1980575-00f1-4c9c-a335-a696ad1a9f3c}\RP194\A0030425.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\system volume information\_restore{a1980575-00f1-4c9c-a335-a696ad1a9f3c}\RP194\A0030426.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\system volume information\_restore{a1980575-00f1-4c9c-a335-a696ad1a9f3c}\RP194\A0030434.dll (Adware.SmartShopper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{a1980575-00f1-4c9c-a335-a696ad1a9f3c}\RP194\A0030395.SCR (PUP.FunWebProducts) -> Quarantined and deleted successfully.
c:\system volume information\_restore{a1980575-00f1-4c9c-a335-a696ad1a9f3c}\RP194\A0030412.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\WINDOWS\ie8\iexplore.exe (Trojan.FakeMS) -> Quarantined and deleted successfully.
c:\program files\brightbreeze\bin\2.0.5.0\brightbreezesa.exe (Adware.HotBar.BB) -> Quarantined and deleted successfully.
c:\program files\brightbreeze\bin\2.0.5.0\brightbreezesahook.dll (Adware.HotBar.BB) -> Delete on reboot.
c:\program files\brightbreeze\bin\2.0.5.0\brightbreezeuninstaller.exe (Adware.HotBar.BB) -> Quarantined and deleted successfully.
c:\program files\brightbreeze\bin\2.0.5.0\copyright.txt (Adware.HotBar.BB) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\brightbreezesa\brightbreezesa.dat (Adware.HotBar.BB) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\brightbreezesa\brightbreezesaau.dat (Adware.HotBar.BB) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\brightbreezesa\brightbreezesa_kyf.dat (Adware.HotBar.BB) -> Quarantined and deleted successfully.
Ajouter un commentaire
Réponse
+0
moins plus
Re,

au niveau des rapports est ce bien ceci que tu voulais ?

de quoi viennent les ardwares ou trucs du genre, avec quoi je peux proteger mon pc ? de préférence gratuit.

En tous cas ma page d 'accueil n'est plus protected search donc je suppose que sa à fonctionné et je te remercie vraiment beaucoup de ton aide
Ajouter un commentaire
Réponse
+0
moins plus
Bonjour,

Ton PC est encore infecté, poste stp les rapports demandés pour le nettoyer...

=======================

Quelques informations sur les adwares : http://www.malekal.com/2011/09/08/supprimer-les-popups-de-publicites-adware/

A la fin de la désinfection on va installer des modules complémentaires Adblock plus et WOT pour sécuriser ton PC

@+

Ajouter un commentaire
Réponse
+0
moins plus
Bonjour,
1/
Désinstalle stp spybot, il ne sert à rien.

2/
* Télécharge OTM (OldTimer) sur ton Bureau

ICI >> OTM (OldTimer)
* Double clic "OTMoveIt3.exe"
* Utilisateurs Windows Vista / 7 Clic droit sur "OTMoveIt3.exe" choisis "exécuter en tant qu'administrateur" afin de le lancer.

- Copie (Ctrl+C) le texte suivant en gras ci-dessous :



:files
C:\Users\catherine\AppData\Roaming\Widestream
C:\Users\catherine\AppData\Local\widestream6 Air

:Reg
[-HKCU\Software\WideStream]
[-HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1a6dc111-b030-4c3e-be65-299284128b91}]
[-HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4}]

:commands
[emptytemp]




- Colle (Ctrl+V) le texte précédemment copié dans le cadre: Paste Instructions for Items to be Moved.
- Clique maintenant sur le bouton MoveIt!
Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.
- Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log

3/
Copie tout le texte présent en gras ci-dessous ( tu le selectionnes avec ta souris / Clique droit dessus et choisis "copier" ou fait Ctrl+C )


O43 - CFD: 16/11/2011 - 23:17:50 - [0,001] ----D- C:\Users\catherine\AppData\Roaming\widestream => Infection BT (Adware.SPointer)
O43 - CFD: 26/11/2011 - 14:12:56 - [0,200] ----D- C:\Users\catherine\AppData\Local\widestream6 Air => Infection BT (Adware.SPointer)
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[MD5.00000000000000000000000000000000] [APT] [OfferBoxUpdate] (...) -- C:\Program Files (x86)\OfferBox\OfferBox.exe (.not file.)
O43 - CFD: 26/11/2011 - 09:22:06 - [0] ----D- C:\Users\catherine\AppData\Local\{07733404-7FF6-4E93-9E68-7927AC177C83}
O43 - CFD: 27/11/2011 - 12:15:14 - [0] ----D- C:\Users\catherine\AppData\Local\{1360E589-B390-4375-9797-D90E16F98ACD}
O43 - CFD: 24/11/2011 - 18:39:40 - [0] ----D- C:\Users\catherine\AppData\Local\{1918BF5C-6E87-4372-AC84-FE0734D43FC3}
O43 - CFD: 25/11/2011 - 19:55:34 - [0] ----D- C:\Users\catherine\AppData\Local\{21B1316E-871E-4EDF-A3A6-8DF73BA783CD}
O43 - CFD: 25/11/2011 - 19:55:34 - [0] ----D- C:\Users\catherine\AppData\Local\{321A441C-2881-4973-8933-56AC47A10D65}
O43 - CFD: 25/11/2011 - 07:45:38 - [0] ----D- C:\Users\catherine\AppData\Local\{58FB44E7-4CDA-469D-A194-8922DC184ABF}
O43 - CFD: 28/11/2011 - 19:25:30 - [0] ----D- C:\Users\catherine\AppData\Local\{6C51D51E-1EE4-4E94-9B6F-AF342396B743}
O43 - CFD: 28/11/2011 - 00:16:10 - [0] ----D- C:\Users\catherine\AppData\Local\{775CCBBD-61CC-4A4F-8BF8-3F4517DA0DDF}
O43 - CFD: 25/11/2011 - 07:45:40 - [0] ----D- C:\Users\catherine\AppData\Local\{7A108A23-1E5A-4A32-B2D6-99851CD1B8CC}
O43 - CFD: 28/11/2011 - 00:16:00 - [0] ----D- C:\Users\catherine\AppData\Local\{7E188445-B813-4AF5-BD80-069FF8728153}
O43 - CFD: 24/11/2011 - 18:39:46 - [0] ----D- C:\Users\catherine\AppData\Local\{AED18E56-A5FA-4C34-A457-686A29E7F81E}
O43 - CFD: 26/11/2011 - 09:22:08 - [0] ----D- C:\Users\catherine\AppData\Local\{E120DDBE-8CCC-4ACB-8697-7F7194BA5499}
O43 - CFD: 27/11/2011 - 12:15:02 - [0] ----D- C:\Users\catherine\AppData\Local\{E92BE636-EE64-405A-A315-8C52AD623D22}

FirewallRAZ
EmptyTemp
EmptyFlash




Puis Lance ZHPFix depuis le raccourci du bureau .

* Une fois l'outil ZHPFix ouvert , clique sur le bouton [ H ] ( "coller les lignes Helper" ) .

* Dans l'encadré principal tu verras donc les lignes que tu as copié précédemment apparaitrent .

Vérifie que toutes les lignes que je t'ai demandé de copier (et seulement elles) sont dans la fenêtre.

Clique sur le bouton GO

Copie/Colle le rapport à l'écran dans ton prochain message.

@+

Ajouter un commentaire
Ce document intitulé «  protected search  » issu de CommentCaMarche (www.commentcamarche.net) est mis à disposition sous les termes de la licence Creative Commons. Vous pouvez copier, modifier des copies de cette page, dans les conditions fixées par la licence, tant que cette note apparaît clairement.

Vous n'êtes pas encore membre ?

inscrivez-vous, c'est gratuit et ça prend moins d'une minute !

Les membres obtiennent plus de réponses que les utilisateurs anonymes.

Le fait d'être membre vous permet d'avoir un suivi détaillé de vos demandes.

Le fait d'être membre vous permet d'avoir des options supplémentaires.