Pub Spyware secure

JEROME50720 · Membre Inscrit le: 10 Sep 2008 Messages: 21

Salut ! j'ai eu des pubs intempestives avec Spyware secure qui me disaient que mon ordi était infecté de partout... j'avais de gros ralentissements alors j'ai payé le dépannage qu'ils proposent et j'ai vu sur votre site que c'était des escros j'ai encore des pubs et ralentissements mais moins. J'ai téléchargé Navilog 1 en voici le rapport.
Merci.

Search Navipromo version 3.6.5 commencé le 10/09/2008 à 19:50:44,55

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "Jérôme"

Mise à jour le 22.08.2008 à 17h30 par IL-MAFIOSO

Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.13
Système de fichiers : NTFS

Recherche executé en mode normal

*** Recherche Programmes installés ***

Favorit

*** Recherche dossiers dans "C:\WINDOWS" ***

*** Recherche dossiers dans "C:\Program Files" ***

*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***

*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***

*** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" ***

*** Recherche dossiers dans "C:\Documents and Settings\Jérôme\applic~1" ***

*** Recherche dossiers dans "C:\DOCUME~1\JRME~2\applic~1" ***

*** Recherche dossiers dans "C:\Documents and Settings\Jérôme\locals~1\applic~1" ***

*** Recherche dossiers dans "C:\Documents and Settings\Jérôme\menudm~1\progra~1" ***

*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net

*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!

* Recherche dans "C:\WINDOWS\system32" *

* Recherche dans "C:\Documents and Settings\Jérôme\locals~1\applic~1" *

*** Recherche fichiers ***

C:\Documents and Settings\J‚r“me\locals~1\Temp\pack.epk trouvé !
C:\WINDOWS\pack.epk trouvé !
C:\WINDOWS\system32\nvs2.inf trouvé !

*** Recherche clés spécifiques dans le Registre ***

HKEY_CURRENT_USER\Software\Lanconfig trouvé !

*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche nouveaux fichiers Instant Access :

2)Recherche Heuristique :

* Dans "C:\WINDOWS\system32" :

trfpwro.dat trouvé !
trfpwro.exe trouvé !
trfpwro_nav.dat trouvé !
trfpwro_navps.dat trouvé !

* Dans "C:\Documents and Settings\Jérôme\locals~1\applic~1" :

ssosg.dat trouvé !
ssosg_nav.dat trouvé !
ssosg_navps.dat trouvé !

3)Recherche Certificats :

Certificat Egroup trouvé !
Certificat Electronic-Group trouvé !
Certificat Montorgueil absent !
Certificat OOO-Favorit trouvé !
Certificat Sunny-Day-Design-Ltd absent !

4)Recherche fichiers connus :

*** Analyse terminée le 10/09/2008 à 20:00:30,46 ***

Haribo76 · Posté le: 13 Sep 2008 20:08 Sujet du message:

Salut JEROME50720 :coucou:

Arf... Il fallait surtout pas payer. C'était leur but.
Maintenant que tu es là on va s'en occuper ne tkt pas.
Mais tu t'es juste fais arnaquer Désolé

. Juste comme ca. Tu as payé combien?
Car là tu as une belle infection Navipromo...

Voici un programme de désinfection en quelques étapes que je t'ai préparé. Nous allons le suivre ensemble.
Je te demande à l'avance de les suivre à la lettre. Ne fais rien de plus et rien de moins de ce qui te sera demandé et tout se passera correctement :nickel: .
Je me ferais également une joie de répondre à toutes tes questions, concernant les procédures ou non Ane

.

1°) Passe un coup de CCleaner(Merci à Ruru21 pour le beau tuto)

2°)Télécharge et Installe Malwarebyte's Anti-Malware (Attend quelques secondes un encadré de téléchargement va s'afficher)

Fais exactement ce qu'il y à sur ce tuto stp ==> Tuto MalwareByte's Antimalware (Merci à notre cher modo Drago pour le tuto )
Fais bien l'analyse en mode sans echec comme conseillé dans le tuto (Tapote la touche F8 à l'affichage du BIOS)
Fais moi un copier collé du rapport qui sera généré

Remarque: En mode sans échec tu n'as pas accés à internet. Je te conseil donc d'imprimer la procédure ou de la noter sur une feuille

3°) Fais un scan en ligne avec BitDefender (Tuto BitDefender)

Commence tout d'abord par couper ton Anti-virus ainsi que d'autres éventuelles protections en temps réel afin d'éviter tout conflit
Il faut obligatoirement que tu utilises Internet Explorer pour le scan
Fais moi un copié/collé du rapport qui sera généré stp
Réactive ton Anti-virus

Si tu rencontres un problème pendant l'utilisation de cette procédure. N'hésite surtout pas à venir m'en parler :rolleyes: .

A très bientôt

JEROME50720 · Membre Inscrit le: 10 Sep 2008 Messages: 21

Salut

Pour SpywareSecur ils demandent 5€ le dépannage et 40€ la protection permanente au bout de plusieurs mois j'ai payé les 5€.
Sinon voici le rapport :

Malwarebytes' Anti-Malware 1.28
Version de la base de données: 1157
Windows 5.1.2600 Service Pack 2

16/09/2008 19:33:50
mbam-log-2008-09-16 (19-33-22).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 92359
Temps écoulé: 5 hour(s), 10 minute(s), 52 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 29
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 33
Fichier(s) infecté(s): 83

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\setup.player (Spyware.MarketScore) -> No action taken.
HKEY_CLASSES_ROOT\setup.player.2k2 (Spyware.MarketScore) -> No action taken.
HKEY_CLASSES_ROOT\shoppingreport.hbax (Adware.Shopping.Report) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{e343edfc-1e6c-4cb5-aa29-e9c922641c80} (Adware.Shopping.Report) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{d8560ac2-21b5-4c1a-bdd4-bd12bc83b082} (Adware.Shopping.Report) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{20ea9658-6bc3-4599-a87d-6371fe9295fc} (Adware.Shopping.Report) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{a16ad1e9-f69a-45af-9462-b1c286708842} (Adware.Shopping.Report) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.Shopping.Report) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.Shopping.Report) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{c9ccbb35-d123-4a31-affc-9b2933132116} (Adware.Shopping.Report) -> No action taken.
HKEY_CLASSES_ROOT\shoppingreport.hbax.1 (Adware.Shopping.Report) -> No action taken.
HKEY_CLASSES_ROOT\shoppingreport.hbinfoband (Adware.Shopping.Report) -> No action taken.
HKEY_CLASSES_ROOT\shoppingreport.hbinfoband.1 (Adware.Shopping.Report) -> No action taken.
HKEY_CLASSES_ROOT\shoppingreport.iebutton (Adware.Shopping.Report) -> No action taken.
HKEY_CLASSES_ROOT\shoppingreport.iebutton.1 (Adware.Shopping.Report) -> No action taken.
HKEY_CLASSES_ROOT\shoppingreport.iebuttona (Adware.Shopping.Report) -> No action taken.
HKEY_CLASSES_ROOT\shoppingreport.iebuttona.1 (Adware.Shopping.Report) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{8ad9ad05-36be-4e40-ba62-5422eb0d02fb} (Adware.Shopping.Report) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{aebf09e2-0c15-43c8-99bf-928c645d98a0} (Adware.Shopping.Report) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{35b7e48b-9d81-4c6c-9578-5fd4f620d886} (Spyware.MarketScore) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{cdca70d8-c6a6-49ee-9bed-7429d6c477a2} (Adware.Shopping.Report) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{d136987f-e1c4-4ccc-a220-893df03ec5df} (Adware.Shopping.Report) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1962c5bc-e475-465b-823b-133e711bceb9} (Adware.Starware) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{e550dc77-ef3b-474f-b59c-b3e2aa1fa6a5} (Adware.Starware) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.Shopping.Report) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.Shopping.Report) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\ShoppingReport (Adware.Shopping.Report) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\ShoppingReport (Adware.Shopping.Report) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\starware370 (Adware.Starware) -> No action taken.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\StartMenuLogOff (Hijack.StartMenu) -> Bad: (1) Good: (0) -> No action taken.

Dossier(s) infecté(s):
C:\Program Files\ShoppingReport (Adware.Shopping.Report) -> No action taken.
C:\Program Files\ShoppingReport\Bin (Adware.Shopping.Report) -> No action taken.
C:\Program Files\ShoppingReport\Bin\2.5.0 (Adware.Shopping.Report) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware370 (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware370\contexts (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware370\SimpleUpdate (Adware.Starware) -> No action taken.
C:\Casino (Adware.Casino) -> No action taken.
C:\Documents and Settings\Jérôme\Application Data\ShoppingReport (Adware.Shopping.Report) -> No action taken.
C:\Documents and Settings\Jérôme\Application Data\ShoppingReport\cs (Adware.Shopping.Report) -> No action taken.
C:\Documents and Settings\Jérôme\Application Data\ShoppingReport\cs\Application Data (Adware.Shopping.Report) -> No action taken.
C:\Documents and Settings\Jérôme\Application Data\ShoppingReport\cs\db (Adware.Shopping.Report) -> No action taken.
C:\Documents and Settings\Jérôme\Application Data\ShoppingReport\cs\dwld (Adware.Shopping.Report) -> No action taken.
C:\Documents and Settings\Jérôme\Application Data\ShoppingReport\cs\report (Adware.Shopping.Report) -> No action taken.
C:\Documents and Settings\Jérôme\Application Data\ShoppingReport\cs\res2 (Adware.Shopping.Report) -> No action taken.
C:\Documents and Settings\Jérôme\Application Data\Starware370 (Adware.Starware) -> No action taken.
C:\Documents and Settings\Jérôme\Application Data\Starware370\BrowserSearch (Adware.Starware) -> No action taken.
C:\Documents and Settings\Jérôme\Application Data\Starware370\Button_6 (Adware.Starware) -> No action taken.
C:\Documents and Settings\Jérôme\Application Data\Starware370\Button_7 (Adware.Starware) -> No action taken.
C:\Documents and Settings\Jérôme\Application Data\Starware370\Button_8 (Adware.Starware) -> No action taken.
C:\Documents and Settings\Jérôme\Application Data\Starware370\Configurator (Adware.Starware) -> No action taken.
C:\Documents and Settings\Jérôme\Application Data\Starware370\ErrorSearch (Adware.Starware) -> No action taken.
C:\Documents and Settings\Jérôme\Application Data\Starware370\Layouts (Adware.Starware) -> No action taken.
C:\Documents and Settings\Jérôme\Application Data\Starware370\Manager (Adware.Starware) -> No action taken.
C:\Documents and Settings\Jérôme\Application Data\Starware370\Paroles (Adware.Starware) -> No action taken.
C:\Documents and Settings\Jérôme\Application Data\Starware370\Radio_FR (Adware.Starware) -> No action taken.
C:\Documents and Settings\Jérôme\Application Data\Starware370\Recherche_de_musique (Adware.Starware) -> No action taken.
C:\Documents and Settings\Jérôme\Application Data\Starware370\RelatedSearch (Adware.Starware) -> No action taken.
C:\Documents and Settings\Jérôme\Application Data\Starware370\Telechargement (Adware.Starware) -> No action taken.
C:\Documents and Settings\Jérôme\Application Data\Starware370\Toolbar (Adware.Starware) -> No action taken.
C:\Documents and Settings\Jérôme\Application Data\Starware370\ToolbarLogo (Adware.Starware) -> No action taken.
C:\Documents and Settings\Jérôme\Application Data\Starware370\ToolbarSearch (Adware.Starware) -> No action taken.
C:\Documents and Settings\Jérôme\Application Data\Starware370\TravelSearch (Adware.Starware) -> No action taken.

Fichier(s) infecté(s):
C:\Documents and Settings\Jérôme\Local Settings\Application Data\ssosg_navps.dat (Adware.Navipromo.H) -> No action taken.
C:\Documents and Settings\Jérôme\Local Settings\Application Data\ssosg_nav.dat (Adware.Navipromo.H) -> No action taken.
C:\Documents and Settings\Jérôme\Local Settings\Application Data\ssosg.dat (Adware.Navipromo.H) -> No action taken.
C:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll (Adware.Shopping.Report) -> No action taken.
C:\Program Files\ShoppingReport\Uninst.exe (Adware.Shopping.Report) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\563_button_1b_def.bmp (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\563_button_1b_over.bmp (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\572_button_1b_def.bmp (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\572_button_1b_over.bmp (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\573_button_1b_def.bmp (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\573_button_1b_over.bmp (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\Button_60.bmp (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\Button_70.bmp (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\Button_80.bmp (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\FindIt.bmp (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\FindItHot.bmp (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\findithotxp.png (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\finditxp.png (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\findit_music.bmp (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\Highlight.bmp (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\HighlightHot.bmp (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\highlighthotxp.png (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\highlightxp.png (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\logo.bmp (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\logoxp.bmp (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\lyrics.bmp (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\music_search.bmp (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\radio.bmp (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\starware_toolbar_icon.bmp (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware370\contexts\error.xml (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware370\contexts\Related.xml (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware370\contexts\Travel.xml (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware370\SimpleUpdate\ProductMessagingConfig.xml (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware370\SimpleUpdate\ProductMessagingConfig.xml.backup (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware370\SimpleUpdate\SimpleUpdateConfig.xml (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware370\SimpleUpdate\SimpleUpdateConfig.xml.backup (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware370\SimpleUpdate\TimerManagerConfig.xml (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware370\SimpleUpdate\TimerManagerConfig.xml.backup (Adware.Starware) -> No action taken.
C:\Documents and Settings\Jérôme\Application Data\ShoppingReport\cs\Config.xml (Adware.Shopping.Report) -> No action taken.
C:\Documents and Settings\Jérôme\Application Data\ShoppingReport\cs\db\Aliases.dbs (Adware.Shopping.Report) -> No action taken.
C:\Documents and Settings\Jérôme\Application Data\ShoppingReport\cs\db\Sites.dbs (Adware.Shopping.Report) -> No action taken.
C:\Documents and Settings\Jérôme\Application Data\ShoppingReport\cs\dwld\WhiteList.xip (Adware.Shopping.Report) -> No action taken.
C:\Documents and Settings\Jérôme\Application Data\ShoppingReport\cs\report\aggr_storage.xml (Adware.Shopping.Report) -> No action taken.
C:\Documents and Settings\Jérôme\Application Data\ShoppingReport\cs\report\send_storage.xml (Adware.Shopping.Report) -> No action taken.
C:\Documents and Settings\Jérôme\Application Data\ShoppingReport\cs\res2\WhiteList.dbs (Adware.Shopping.Report) -> No action taken.
C:\Documents and Settings\Jérôme\Application Data\Starware370\BrowserSearch\BrowserSearch.xml (Adware.Starware) -> No action taken.
C:\Documents and Settings\Jérôme\Application Data\Starware370\BrowserSearch\BrowserSearch.xml.backup (Adware.Starware) -> No action taken.
C:\Documents and Settings\Jérôme\Application Data\Starware370\Button_6\Button_6Options.xml (Adware.Starware) -> No action taken.
C:\Documents and Settings\Jérôme\Application Data\Starware370\Button_6\Button_6Options.xml.backup (Adware.Starware) -> No action taken.
C:\Documents and Settings\Jérôme\Application Data\Starware370\Button_7\Button_7Options.xml (Adware.Starware) -> No action taken.
C:\Documents and Settings\Jérôme\Application Data\Starware370\Button_7\Button_7Options.xml.backup (Adware.Starware) -> No action taken.
C:\Documents and Settings\Jérôme\Application Data\Starware370\Button_8\Button_8Options.xml (Adware.Starware) -> No action taken.
C:\Documents and Settings\Jérôme\Application Data\Starware370\Button_8\Button_8Options.xml.backup (Adware.Starware) -> No action taken.
C:\Documents and Settings\Jérôme\Application Data\Starware370\Configurator\Configurator.xml (Adware.Starware) -> No action taken.
C:\Documents and Settings\Jérôme\Application Data\Starware370\Configurator\Configurator.xml.backup (Adware.Starware) -> No action taken.
C:\Documents and Settings\Jérôme\Application Data\Starware370\ErrorSearch\ErrorSearchOptions.xml (Adware.Starware) -> No action taken.
C:\Documents and Settings\Jérôme\Application Data\Starware370\ErrorSearch\ErrorSearchOptions.xml.backup (Adware.Starware) -> No action taken.
C:\Documents and Settings\Jérôme\Application Data\Starware370\Layouts\ToolbarLayout.xml (Adware.Starware) -> No action taken.
C:\Documents and Settings\Jérôme\Application Data\Starware370\Layouts\ToolbarLayout.xml.backup (Adware.Starware) -> No action taken.
C:\Documents and Settings\Jérôme\Application Data\Starware370\Manager\ManagerOptions.xml (Adware.Starware) -> No action taken.
C:\Documents and Settings\Jérôme\Application Data\Starware370\Manager\ManagerOptions.xml.backup (Adware.Starware) -> No action taken.
C:\Documents and Settings\Jérôme\Application Data\Starware370\Paroles\ParolesOptions.xml (Adware.Starware) -> No action taken.
C:\Documents and Settings\Jérôme\Application Data\Starware370\Paroles\ParolesOptions.xml.backup (Adware.Starware) -> No action taken.
C:\Documents and Settings\Jérôme\Application Data\Starware370\Radio_FR\Radio_FROptions.xml (Adware.Starware) -> No action taken.
C:\Documents and Settings\Jérôme\Application Data\Starware370\Radio_FR\Radio_FROptions.xml.backup (Adware.Starware) -> No action taken.
C:\Documents and Settings\Jérôme\Application Data\Starware370\Recherche_de_musique\Recherche_de_musiqueOptions.xml (Adware.Starware) -> No action taken.
C:\Documents and Settings\Jérôme\Application Data\Starware370\Recherche_de_musique\Recherche_de_musiqueOptions.xml.backup (Adware.Starware) -> No action taken.
C:\Documents and Settings\Jérôme\Application Data\Starware370\RelatedSearch\RelatedSearchOptions.xml (Adware.Starware) -> No action taken.
C:\Documents and Settings\Jérôme\Application Data\Starware370\RelatedSearch\RelatedSearchOptions.xml.backup (Adware.Starware) -> No action taken.
C:\Documents and Settings\Jérôme\Application Data\Starware370\Telechargement\TelechargementOptions.xml (Adware.Starware) -> No action taken.
C:\Documents and Settings\Jérôme\Application Data\Starware370\Telechargement\TelechargementOptions.xml.backup (Adware.Starware) -> No action taken.
C:\Documents and Settings\Jérôme\Application Data\Starware370\Toolbar\TBProductsOptions.xml (Adware.Starware) -> No action taken.
C:\Documents and Settings\Jérôme\Application Data\Starware370\Toolbar\TBProductsOptions.xml.backup (Adware.Starware) -> No action taken.
C:\Documents and Settings\Jérôme\Application Data\Starware370\ToolbarLogo\ToolbarLogoOptions.xml (Adware.Starware) -> No action taken.
C:\Documents and Settings\Jérôme\Application Data\Starware370\ToolbarLogo\ToolbarLogoOptions.xml.backup (Adware.Starware) -> No action taken.
C:\Documents and Settings\Jérôme\Application Data\Starware370\ToolbarSearch\ToolbarSearchOptions.xml (Adware.Starware) -> No action taken.
C:\Documents and Settings\Jérôme\Application Data\Starware370\ToolbarSearch\ToolbarSearchOptions.xml.backup (Adware.Starware) -> No action taken.
C:\Documents and Settings\Jérôme\Application Data\Starware370\TravelSearch\TravelSearchOptions.xml (Adware.Starware) -> No action taken.
C:\Documents and Settings\Jérôme\Application Data\Starware370\TravelSearch\TravelSearchOptions.xml.backup (Adware.Starware) -> No action taken.
C:\WINDOWS\system32\trfpwro_navps.dat (Adware.NaviPromo) -> No action taken.
C:\WINDOWS\system32\trfpwro_nav.dat (Adware.NaviPromo) -> No action taken.
C:\WINDOWS\system32\nvs2.inf (Adware.EGDAccess) -> No action taken.
C:\Documents and Settings\Jérôme\Bureau\Repair Your Registry.lnk (Rogue.Link) -> No action taken.

MERCI

Haribo76 · Posté le: 17 Sep 2008 17:21 Sujet du message:

Re

J'attend BitDefender Siffle

Prend ton temps Content

++

JEROME50720 · Membre Inscrit le: 10 Sep 2008 Messages: 21

SALUT
BitDefender Online Scanner

Rapport d'analyse généré à: Wed, Sep 17, 2008 - 20:35:38

Voie d'analyse: C:\;D:\;

Statistiques

Temps
00:35:08

Fichiers
95499

Directoires
6139

Secteurs de boot
0

Archives
2435

Paquets programmes
6576

Résultats

Virus identifiés
21

Fichiers infectés
27

Fichiers suspects
0

Avertissements
0

Désinfectés
0

Fichiers effacés
27

Info sur les moteurs

Définition virus
1761947

Version des moteurs
AVCORE v1.7 (build 8314.19) (i386) (Sep 10 2008 19:37:42)

Analyse des plugins
16

Archive des plugins
43

Unpack des plugins
7

E-mail plugins
6

Système plugins
4

Paramètres d'analyse

Première action
Désinfecté

Seconde Action
Supprimé

Heuristique
Oui

Acceptez les avertissements
Oui

Extensions analysées
exe;com;dll;ocx;scr;bin;dat;386;vxd;sys;wdm;cla;class;ovl;ole;hlp;doc;dot;xls;ppt;wbk;wiz;pot;ppa;xla;xlt;vbs;vbe;mdb;rtf;htm;hta;html;xml;xtp;php;asp;js;shs;chm;lnk;pif;prc;url;smm;pfd;msi;ini;csc;cmd;bas;

Excludez les extensions

Analyse d'emails
Oui

Analyse des Archives
Oui

Analyser paquets programmes
Oui

Analyse des fichiers
Oui

Analyse de boot
Oui

Fichier analysé
Statut

C:\Documents and Settings\Jérôme\Bureau\SpywareSecure_trial_setup.exe
Détecté avec: Application.SpywareSecure.A

C:\Documents and Settings\Jérôme\Bureau\SpywareSecure_trial_setup.exe
Supprimé

C:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll
Détecté avec: Adware.Generic.29279

C:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll
Supprimé

C:\Program Files\ShoppingReport\Uninst.exe=>(NSIS o)=>lzma_nsis0001
Détecté avec: Adware.Shopper.O

C:\Program Files\ShoppingReport\Uninst.exe=>(NSIS o)=>lzma_nsis0001
Supprimé

C:\Program Files\ShoppingReport\Uninst.exe=>(NSIS o)
Echec de la mise à jour

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP164\A0054765.exe
Détecté avec: Application.SpywareSecure.A

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP164\A0054765.exe
Supprimé

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP166\A0056952.exe
Détecté avec: Adware.NaviPromo.Gen.1

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP166\A0056952.exe
Echec de la désinfection

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP166\A0056952.exe
Supprimé

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP167\A0060061.exe
Détecté avec: Adware.Zango.SC

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP167\A0060061.exe
Supprimé

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP169\A0061133.exe
Détecté avec: Adware.NaviPromo.Gen.1

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP169\A0061133.exe
Echec de la désinfection

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP169\A0061133.exe
Supprimé

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP170\A0063143.exe
Détecté avec: Adware.NaviPromo.Gen.1

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP170\A0063143.exe
Echec de la désinfection

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP170\A0063143.exe
Supprimé

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP174\A0064676.exe
Détecté avec: Application.SpywareSecure.A

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP174\A0064676.exe
Supprimé

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP176\A0065011.dll
Détecté avec: Adware.Generic.12861

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP176\A0065011.dll
Supprimé

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP176\A0065012.dll
Détecté avec: Adware.Zango.AN

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP176\A0065012.dll
Supprimé

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP176\A0065013.dll
Détecté avec: Adware.Generic.32845

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP176\A0065013.dll
Supprimé

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP176\A0065014.dll
Détecté avec: Adware.Generic.33639

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP176\A0065014.dll
Supprimé

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP176\A0065016.dll
Détecté avec: Adware.Generic.29276

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP176\A0065016.dll
Supprimé

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP176\A0065018.exe
Détecté avec: Adware.Generic.29277

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP176\A0065018.exe
Supprimé

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP176\A0065019.dll
Détecté avec: Adware.Generic.29274

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP176\A0065019.dll
Supprimé

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP176\A0065021.dll
Détecté avec: Adware.Generic.32849

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP176\A0065021.dll
Supprimé

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP176\A0065022.exe
Détecté avec: Adware.Generic.32852

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP176\A0065022.exe
Supprimé

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP176\A0065023.dll
Détecté avec: Adware.Generic.32963

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP176\A0065023.dll
Supprimé

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP176\A0065024.exe=>(NSIS o)=>lzma_solid_nsis0003
Détecté avec: Application.Generic.9850

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP176\A0065024.exe=>(NSIS o)=>lzma_solid_nsis0003
Echec de la désinfection

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP176\A0065024.exe=>(NSIS o)=>lzma_solid_nsis0003
Supprimé

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP176\A0065024.exe=>(NSIS o)
Echec de la mise à jour

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP176\A0065024.exe=>(NSIS o)=>lzma_solid_nsis0004
Détecté avec: Adware.Hotbar.FW

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP176\A0065024.exe=>(NSIS o)=>lzma_solid_nsis0004
Supprimé

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP176\A0065024.exe=>(NSIS o)
Echec de la mise à jour

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP176\A0065024.exe=>(NSIS o)=>lzma_solid_nsis0007
Détecté avec: Adware.Zango.AU

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP176\A0065024.exe=>(NSIS o)=>lzma_solid_nsis0007
Supprimé

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP176\A0065024.exe=>(NSIS o)
Echec de la mise à jour

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP176\A0065026.dll
Détecté avec: Adware.Generic.29280

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP176\A0065026.dll
Supprimé

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP176\A0065027.exe
Détecté avec: Adware.Generic.12747

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP176\A0065027.exe
Supprimé

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP176\A0065223.exe
Détecté avec: Application.SpywareSecure.A

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP176\A0065223.exe
Supprimé

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP176\A0065224.dll
Détecté avec: Adware.Generic.29279

C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP176\A0065224.dll
Supprimé

C:\WINDOWS\system32\trfpwro.exe
Infecté par: Trojan.Skintrim.APR

C:\WINDOWS\system32\trfpwro.exe
Supprimé

JEROME50720 · Membre Inscrit le: 10 Sep 2008 Messages: 21

SALUT

Je fais quoi maintenant ???
Help

Le virus est toujours là
Pleure

J'attends ton aide

Haribo76 · Posté le: 18 Sep 2008 19:07 Sujet du message:

Re

C'est normale qu'il sois encor elà.

As tu bien mis en quarantaine tout ce que t'a trouvé malwareByte's Antimalware comme demandé?

(mettre en quarantaine = supprimer la sélection)

++

JEROME50720 · Membre Inscrit le: 10 Sep 2008 Messages: 21

Je pense avoir fais comme demandé
Sinon je dois refaire un examen ? Comprends pas

JEROME50720 · Membre Inscrit le: 10 Sep 2008 Messages: 21

Qu'est ce que je dois faire de plus j'ai bien suivi la procédure donc je vois pas ça me saoul Dompteur

JEROME50720 · Membre Inscrit le: 10 Sep 2008 Messages: 21

JE Viens de recevoir message
C'est un bouclier rouge "you have a security problem"
et quand j'appui sur les touches du clavier ça marche pa à ts les coups

Haribo76 · Posté le: 19 Sep 2008 5:51 Sujet du message:

Re

Refais un scan MalwareByte's Antimalware en suivant éxactement cette procédure stp

==> Ici

++ Bonjour

JEROME50720 · Membre Inscrit le: 10 Sep 2008 Messages: 21

OK je crois bien que j'en ai chopé un nouveau

Je vais faire le plus vite possible mais je suis pas mal pris..
Tchao Content

Haribo76 · Posté le: 19 Sep 2008 17:26 Sujet du message:

Re

Pas de problemes.

Tien moi au courant C'est bon

++

JEROME50720 · Membre Inscrit le: 10 Sep 2008 Messages: 21

Voici le rapport.
Je fais BitDefender now ?
Excité

Malwarebytes' Anti-Malware 1.28
Version de la base de données: 1157
Windows 5.1.2600 Service Pack 2

20/09/2008 10:14:15
mbam-log-2008-09-20 (10-14-15).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 96432
Temps écoulé: 5 hour(s), 13 minute(s), 32 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 29
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 33
Fichier(s) infecté(s): 88

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\setup.player (Spyware.MarketScore) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\setup.player.2k2 (Spyware.MarketScore) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.hbax (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.hbax.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.hbinfoband (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.hbinfoband.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebutton (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebutton.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebuttona (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebuttona.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{8ad9ad05-36be-4e40-ba62-5422eb0d02fb} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{aebf09e2-0c15-43c8-99bf-928c645d98a0} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{d8560ac2-21b5-4c1a-bdd4-bd12bc83b082} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{35b7e48b-9d81-4c6c-9578-5fd4f620d886} (Spyware.MarketScore) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c9ccbb35-d123-4a31-affc-9b2933132116} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a16ad1e9-f69a-45af-9462-b1c286708842} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{20ea9658-6bc3-4599-a87d-6371fe9295fc} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{cdca70d8-c6a6-49ee-9bed-7429d6c477a2} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{d136987f-e1c4-4ccc-a220-893df03ec5df} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{e343edfc-1e6c-4cb5-aa29-e9c922641c80} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1962c5bc-e475-465b-823b-133e711bceb9} (Adware.Starware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{e550dc77-ef3b-474f-b59c-b3e2aa1fa6a5} (Adware.Starware) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\starware370 (Adware.Starware) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Somefox (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\StartMenuLogOff (Hijack.StartMenu) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
C:\Program Files\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Program Files\ShoppingReport\Bin (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Program Files\ShoppingReport\Bin\2.5.0 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370 (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\contexts (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\SimpleUpdate (Adware.Starware) -> Quarantined and deleted successfully.
C:\Casino (Adware.Casino) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jérôme\Application Data\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jérôme\Application Data\ShoppingReport\cs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jérôme\Application Data\ShoppingReport\cs\Application Data (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jérôme\Application Data\ShoppingReport\cs\db (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jérôme\Application Data\ShoppingReport\cs\dwld (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jérôme\Application Data\ShoppingReport\cs\report (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jérôme\Application Data\ShoppingReport\cs\res2 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jérôme\Application Data\Starware370 (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jérôme\Application Data\Starware370\BrowserSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jérôme\Application Data\Starware370\Button_6 (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jérôme\Application Data\Starware370\Button_7 (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jérôme\Application Data\Starware370\Button_8 (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jérôme\Application Data\Starware370\Configurator (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jérôme\Application Data\Starware370\ErrorSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jérôme\Application Data\Starware370\Layouts (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jérôme\Application Data\Starware370\Manager (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jérôme\Application Data\Starware370\Paroles (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jérôme\Application Data\Starware370\Radio_FR (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jérôme\Application Data\Starware370\Recherche_de_musique (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jérôme\Application Data\Starware370\RelatedSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jérôme\Application Data\Starware370\Telechargement (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jérôme\Application Data\Starware370\Toolbar (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jérôme\Application Data\Starware370\ToolbarLogo (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jérôme\Application Data\Starware370\ToolbarSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jérôme\Application Data\Starware370\TravelSearch (Adware.Starware) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Documents and Settings\Jérôme\Local Settings\Application Data\ssosg_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jérôme\Local Settings\Application Data\ssosg_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jérôme\Local Settings\Application Data\ssosg.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Program Files\ShoppingReport\Uninst.exe (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\563_button_1b_def.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\563_button_1b_over.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\572_button_1b_def.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\572_button_1b_over.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\573_button_1b_def.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\573_button_1b_over.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\Button_60.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\Button_70.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\Button_80.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\FindIt.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\FindItHot.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\findithotxp.png (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\finditxp.png (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\findit_music.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\Highlight.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\HighlightHot.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\highlighthotxp.png (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\highlightxp.png (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\logo.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\logoxp.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\lyrics.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\music_search.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\radio.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\starware_toolbar_icon.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\contexts\error.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\contexts\Related.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\contexts\Travel.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\SimpleUpdate\ProductMessagingConfig.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\SimpleUpdate\ProductMessagingConfig.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\SimpleUpdate\SimpleUpdateConfig.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\SimpleUpdate\SimpleUpdateConfig.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\SimpleUpdate\TimerManagerConfig.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\SimpleUpdate\TimerManagerConfig.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jérôme\Application Data\ShoppingReport\cs\Config.xml (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jérôme\Application Data\ShoppingReport\cs\db\Aliases.dbs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jérôme\Application Data\ShoppingReport\cs\db\Sites.dbs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jérôme\Application Data\ShoppingReport\cs\dwld\WhiteList.xip (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jérôme\Application Data\ShoppingReport\cs\report\aggr_storage.xml (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jérôme\Application Data\ShoppingReport\cs\report\send_storage.xml (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jérôme\Application Data\ShoppingReport\cs\res2\WhiteList.dbs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jérôme\Application Data\Starware370\BrowserSearch\BrowserSearch.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jérôme\Application Data\Starware370\BrowserSearch\BrowserSearch.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jérôme\Application Data\Starware370\Button_6\Button_6Options.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jérôme\Application Data\Starware370\Button_6\Button_6Options.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jérôme\Application Data\Starware370\Button_7\Button_7Options.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jérôme\Application Data\Starware370\Button_7\Button_7Options.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jérôme\Application Data\Starware370\Button_8\Button_8Options.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jérôme\Application Data\Starware370\Button_8\Button_8Options.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jérôme\Application Data\Starware370\Configurator\Configurator.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jérôme\Application Data\Starware370\Configurator\Configurator.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jérôme\Application Data\Starware370\ErrorSearch\ErrorSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jérôme\Application Data\Starware370\ErrorSearch\ErrorSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jérôme\Application Data\Starware370\Layouts\ToolbarLayout.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jérôme\Application Data\Starware370\Layouts\ToolbarLayout.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jérôme\Application Data\Starware370\Manager\ManagerOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jérôme\Application Data\Starware370\Manager\ManagerOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jérôme\Application Data\Starware370\Paroles\ParolesOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jérôme\Application Data\Starware370\Paroles\ParolesOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jérôme\Application Data\Starware370\Radio_FR\Radio_FROptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jérôme\Application Data\Starware370\Radio_FR\Radio_FROptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jérôme\Application Data\Starware370\Recherche_de_musique\Recherche_de_musiqueOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jérôme\Application Data\Starware370\Recherche_de_musique\Recherche_de_musiqueOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jérôme\Application Data\Starware370\RelatedSearch\RelatedSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jérôme\Application Data\Starware370\RelatedSearch\RelatedSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jérôme\Application Data\Starware370\Telechargement\TelechargementOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jérôme\Application Data\Starware370\Telechargement\TelechargementOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jérôme\Application Data\Starware370\Toolbar\TBProductsOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jérôme\Application Data\Starware370\Toolbar\TBProductsOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jérôme\Application Data\Starware370\ToolbarLogo\ToolbarLogoOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jérôme\Application Data\Starware370\ToolbarLogo\ToolbarLogoOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jérôme\Application Data\Starware370\ToolbarSearch\ToolbarSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jérôme\Application Data\Starware370\ToolbarSearch\ToolbarSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jérôme\Application Data\Starware370\TravelSearch\TravelSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jérôme\Application Data\Starware370\TravelSearch\TravelSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Program Files\SAV\sav0.dat (Rogue.SystemAntivirus) -> Quarantined and deleted successfully.
C:\Program Files\SAV\sav1.dat (Rogue.SystemAntivirus) -> Quarantined and deleted successfully.
C:\Program Files\SAV\sav.ooo (Rogue.SystemAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jérôme\Local Settings\Temp\video232.cfg.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\trfpwro_navps.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\trfpwro_nav.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nvs2.inf (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jérôme\Bureau\System Antivirus 2008.lnk (Rogue.SystemAntivirus2008) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jérôme\Local Settings\Temp\video232.cfg (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jérôme\Bureau\Repair Your Registry.lnk (Rogue.Link) -> Quarantined and deleted successfully.

Haribo76 · Posté le: 20 Sep 2008 9:33 Sujet du message:

Re

1°)Si tu as Vista désactive le controle des comptes utilisateurs. Si tu as XP, laisse tomber cette étape.

Clic sur "démarrer"
Puis "panneau de configuration"
Double Cliquez sur l'icône "Comptes d'utilisateurs"
Clique ensuite sur "désactiver"
Valide

2°)Télécharge et installe Navilog

Lance Navilog
Exécute seulement l'option 1
Patiente jusqu'au message "*** Analyse Termine le ..... ***"
Appuie sur une touche comme demandé, le rapport s'ouvre
Fais moi un copié/collé du rapport qui sera généré stp

3°)Télécharge et installe SmitFraudFix

Lance SmitFraudFix
Exécute seulement l'option 1
Fais moi un copié/collé dur apport qui sera généré stp

4°)Télécharge BTFix de bibi26

Décompresses le bien, pour cela:
- "Clic droit"
- "Extraire ici"
Lances BTFix
Clic sur "Rechercher"
Poste moi le rapport qui sera généré stp

Si tu rencontres un problème pendant l'utilisation de cette procédure. N'hésite surtout pas à venir m'en parler :rolleyes: .

A très bientôt