Se connecter / S'enregistrer
Votre question

Probleme carte Sd raccourci

Tags :
  • Virus
  • Sécurité
Dernière réponse : dans Sécurité et virus
20 Juillet 2012 00:25:08

Bonsoir, j'ai un probléme avec ma carte SD et certaines de mes clés USB quand je les insére sur mn pc beaucoup de raccourci apparaissent et impossible de voir mes photos. Or j'ai vraiment besoin d'avoir ces photos je les vois sur mon appareil mais pas sur mon pc. Si quelqu'un pourrez m'aider ce serait vraiment très gentils.0
Merciiii!!!!!

Autres pages sur : probleme carte raccourci

a c 548 8 Sécurité
20 Juillet 2012 14:54:39

Bonjour,

Insère les carte SD et les clé usb en cause, puis fait ceci :

Télécharge UsbFix (de El Desaparecido) sur ton Bureau.

/!\ Déconnecte-toi et ferme toutes les applications en cours /!\
/!\ Branche tous tes périphériques ayant pu être infectés (clés usb, disque dur externe, etc ...) /!\


  • Double-clique sur "UsbFix" pour lancer le programme
    (Utilisateur de Vista/Windows 7, clique-droit sur UsbFix > Exécuter en tant qu'administrateur)
  • Clique sur "Recherche" pour lancer le scan. Branche tes périphériques si ce n'est pas fait, puis valide l'avertissement.
  • Laisse travailler l'outil.
  • A la fin, un rapport apparaitra (sinon, il est situé ici C:\Usbfix.txt). Poste-le dans ta prochaine réponse


    Pour les rapports, merci d'utiliser ce service de rapport en ligne : dépose le fichier via "parcourir" et poste simplement le lien obtenu.
    m
    0
    l
    20 Juillet 2012 15:19:28

    Le lien usbfix ne fonctionne pas. Quand vous dites que je dois me déconnecter c'est à dire que je dois quitter ce site ?
    C'est bon je le télécharge je vais faire ce que vous m'avez dit.
    m
    0
    l
    Contenus similaires
    a c 267 8 Sécurité
    20 Juillet 2012 15:24:54

    Bonjour,

    Désactive temporairement ton antivirus et tu pourras télécharger UsbFix.
    m
    0
    l
    20 Juillet 2012 15:50:46

    Voici le rapport que j'ai eu à la fin de l'analyse avec USBFIX:


    ############################## | UsbFix V 7.093 | [Recherche]

    Utilisateur: Mymy (Administrateur) # PC-DE-MYMY
    Mis à jour le 08/07/2012 par El Desaparecido
    Lancé à 15:28:05 | 20/07/2012

    Site Web: http://eldesaparecido.com
    Forum: http://forum.eldesaparecido.com
    Fichier suspect ? : http://eldesaparecido.com/upload.php
    Contact: contact@eldesaparecido.com

    PC: Hewlett-Packard (Compaq Presario CQ70 Notebook PC) (X86-based PC) # Notebook
    CPU: Intel(R) Pentium(R) Dual CPU T3400 @ 2.16GHz (2166)
    RAM -> [Total : 3002 | Free : 1350]
    BIOS: Default System BIOS
    BOOT: Normal boot

    OS: Microsoft® Windows Vista™ Édition Familiale Basique (6.0.6002 32-Bit) # Service Pack 2
    WB: Windows Internet Explorer 9.0.8112.16421

    SC: Security Center Service [Enabled]
    WU: Windows Update Service [Enabled]
    AV: avast! Antivirus [(!) Disabled | Updated]
    FW: Windows FireWall Service [Enabled]

    C:\ (%systemdrive%) -> Disque fixe # 223 Go (24 Go libre(s) - 11%) [] # NTFS
    D:\ -> Disque fixe # 10 Go (2 Go libre(s) - 17%) [RECOVERY] # NTFS
    E:\ -> CD-ROM
    F:\ -> Disque amovible # 968 Mo (25 Mo libre(s) - 3%) [] # FAT

    ################## | Processus Actif |

    C:\Windows\system32\csrss.exe (548)
    C:\Windows\system32\wininit.exe (592)
    C:\Windows\system32\csrss.exe (600)
    C:\Windows\system32\services.exe (636)
    C:\Windows\system32\lsass.exe (648)
    C:\Windows\system32\lsm.exe (656)
    C:\Windows\system32\winlogon.exe (712)
    C:\Windows\system32\svchost.exe (856)
    C:\Windows\system32\svchost.exe (932)
    C:\Windows\System32\svchost.exe (984)
    C:\Windows\System32\svchost.exe (1060)
    C:\Windows\System32\svchost.exe (1124)
    C:\Windows\system32\svchost.exe (1136)
    C:\Windows\system32\svchost.exe (1252)
    C:\Windows\system32\SLsvc.exe (1276)
    C:\Windows\system32\svchost.exe (1360)
    C:\Windows\system32\svchost.exe (1560)
    C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (1668)
    C:\Windows\system32\WLANExt.exe (1688)
    C:\Windows\System32\spoolsv.exe (1948)
    C:\Windows\system32\svchost.exe (1972)
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (440)
    C:\Program Files\Bonjour\mDNSResponder.exe (556)
    C:\Windows\system32\FsUsbExService.Exe (584)
    C:\Windows\system32\svchost.exe (1024)
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe (1316)
    C:\Windows\System32\svchost.exe (1568)
    C:\Windows\System32\svchost.exe (732)
    C:\Windows\system32\svchost.exe (2008)
    C:\Program Files\SMINST\BLService.exe (436)
    C:\Program Files\CyberLink\Shared files\RichVideo.exe (2080)
    C:\Windows\system32\svchost.exe (2456)
    C:\Windows\System32\svchost.exe (2488)
    C:\Windows\system32\DRIVERS\xaudio.exe (2632)
    C:\Windows\system32\taskeng.exe (3240)
    C:\Windows\system32\wbem\wmiprvse.exe (3816)
    C:\Windows\system32\taskeng.exe (2436)
    C:\Windows\system32\Dwm.exe (2444)
    C:\Windows\Explorer.EXE (2832)
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (3056)
    C:\Program Files\HP\QuickPlay\QPService.exe (2912)
    C:\Program Files\Windows Defender\MSASCui.exe (3296)
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe (1080)
    C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (1324)
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe (748)
    C:\Program Files\Common Files\Java\Java Update\jusched.exe (2368)
    C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe (3160)
    C:\Program Files\Alwil Software\Avast5\AvastUI.exe (2384)
    C:\Program Files\Athan\Athan.exe (3484)
    C:\Windows\WindowsMobile\wmdSync.exe (2344)
    C:\Program Files\SweetIM\Messenger\SweetIM.exe (3204)
    C:\Program Files\Real\RealPlayer\Update\realsched.exe (2876)
    C:\Windows\System32\hkcmd.exe (3292)
    C:\Windows\System32\igfxpers.exe (3196)
    C:\Program Files\iTunes\iTunesHelper.exe (3236)
    C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe (3128)
    C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe (3596)
    C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (3352)
    C:\Program Files\OfferBox\OfferBox.exe (3388)
    C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (3120)
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (3400)
    C:\Windows\system32\igfxsrvc.exe (1484)
    C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (3612)
    C:\Windows\system32\svchost.exe (1184)
    C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe (3940)
    C:\Windows\system32\wbem\wmiprvse.exe (1072)
    C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE (3284)
    C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe (3632)
    C:\Program Files\iPod\bin\iPodService.exe (3992)
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe (4408)
    C:\Windows\system32\svchost.exe (4900)
    C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe (4944)
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (5340)
    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (5412)
    C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe (5536)
    C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe (5744)
    c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe (2220)
    C:\Windows\system32\vssvc.exe (2072)
    C:\Windows\System32\svchost.exe (5800)
    C:\Program Files\Google\Chrome\Application\chrome.exe (916)
    C:\Program Files\Google\Chrome\Application\chrome.exe (4480)
    C:\Windows\system32\rundll32.exe (4556)
    C:\Program Files\Google\Chrome\Application\chrome.exe (4784)
    C:\Windows\system32\msiexec.exe (4884)
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (4088)
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (4172)
    C:\Windows\servicing\TrustedInstaller.exe (5312)
    C:\Windows\system32\wuauclt.exe (4964)
    C:\Windows\system32\taskeng.exe (4896)
    C:\Program Files\Google\Chrome\Application\chrome.exe (1708)
    C:\Windows\system32\WUDFHost.exe (6064)
    C:\Windows\system32\MsiExec.exe (4576)
    C:\UsbFix\Go.exe (412)
    C:\Windows\system32\SearchIndexer.exe (5812)

    ################## | Éléments infectieux |

    Présent! F:\juvob.exe
    Présent! F:\juvobx.exe
    Présent! F:\x.exe
    Présent! F:\New Folder.lnk
    Présent! F:\Passwords.lnk
    Présent! F:\Documents.lnk
    Présent! F:\Pictures.lnk
    Présent! F:\Music.lnk
    Présent! F:\Video.lnk
    Présent! F:\DCIM.lnk
    Présent! F:\MISC.lnk
    Présent! F:\FOUND.000.lnk
    Présent! F:\juvob.scr
    Présent! E:\AutoRunLauncher.exe
    Présent! F:\nbnud.pif
    Présent! E:\autorun.inf
    Présent! E:\autorun.exe
    Présent! E:\Updates
    Présent! F:\x.exe
    Présent! F:\autorun.inf
    Présent! F:\ert.dll
    Présent! F:\zmF.lnk
    Présent! F:\zHb.lnk
    Présent! F:\zSB.lnk
    Présent! F:\zxi.lnk
    Présent! F:\zOZ.lnk
    Présent! F:\zLn.lnk
    Présent! F:\zMJ.lnk
    Présent! F:\zZw.lnk
    Présent! F:\zKZ.lnk
    Présent! F:\juvobx.exe

    ################## | Registre |

    Présent! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System|DisableTaskMgr
    Présent! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoClose

    ################## | Mountpoints2 |

    HKCU\.\.\.\.\Explorer\MountPoints2\{805ef82a-73f9-11de-a6e4-806e6f6e6963}
    Shell\AutoRun\Command = E:\AutoRunLauncher.exe

    HKCU\.\.\.\.\Explorer\MountPoints2\{a74c5b6d-e677-11df-9333-001f167a2967}
    Shell\AutoRun\Command = F:\PLAY.EXE "playlist.m3u"



    ################## | Vaccin |

    (!) Cet ordinateur n'est pas vacciné!

    ################## | E.O.F |
    m
    0
    l
    20 Juillet 2012 15:58:56

    Je sais pas si c'est comme sa qu'il fallait que je vous passe mon rapport mais sur le lien de service de rapport en ligne il n'y a pas de "parcourir"
    m
    0
    l
    a c 548 8 Sécurité
    20 Juillet 2012 16:11:11

    Re,

    Oui c'est bon, ça ira ;) 

    la suite :

    Relance USBFix :

    /!\ Déconnecte-toi et ferme toutes les applications en cours /!\
    /!\ Branche tous tes périphériques ayant pu être infectés (clés usb, disque dur externe, etc ...) /!\


  • Double-clique sur "UsbFix" pour lancer le programme
    (Utilisateur de Vista/Windows 7, clique-droit sur UsbFix > Exécuter en tant qu'administrateur)
  • Clique sur "Suppression" pour lancer le nettoyage. Branche tes périphériques si ce n'est pas fait, puis valide l'avertissement.
  • Laisse travailler l'outil, ton bureau va disparaitre, c'est normal.
  • S'il te demande d'envoyer un fichier .zip, accepte.
  • A la fin, un rapport apparaitra (sinon, il est situé ici C:\Usbfix.txt). Poste-le dans ta prochaine réponse


    Pour les rapports, merci d'utiliser ce service de rapport en ligne : dépose le fichier via "parcourir" et poste simplement le lien obtenu.
    Une aide à l'utilisation ici


    Ensuite :

    2) Télécharge OTL (de Old Timer) sur ton bureau.
  • Ferme toutes tes fenêtres, puis double clique sur OTL.exe pour le lancer.
    (Utilisateur de Vista/Windows 7 faites un clic droit -> "Exécuter en tant qu'administrateur")
  • Coche en haut la case devant "Tous les utilisateurs"
  • Sous Personnalisation, copie-colle l'ensemble du texte ci-dessous, laisse les autres options par défaut.
    netsvcs
    msconfig
    drivers32
    activex
    /md5start
    explorer.exe
    wininit.exe
    winlogon.exe
    userinit.exe
    services.exe
    /md5stop
    %SYSTEMDRIVE%\*.exe
    %ALLUSERSPROFILE%\Application Data\*.
    %ALLUSERSPROFILE%\Application Data\*.exe /s
    %APPDATA%\*.
    %APPDATA%\*.exe /s
    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\syswow64\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\syswow64\drivers\*.sys /lockedfiles
    hklm\software\clients\startmenuinternet|command /rs
    hklm\software\clients\startmenuinternet|command /64 /rs
    CREATERESTOREPOINT

  • Clique sur le bouton Analyse en haut à gauche puis patiente quelques instants.
  • A la fin du scan, deux rapports s'ouvriront OTL.Txt et Extras.Txt.

  • Pour les rapports, merci d'utiliser ce service de rapport en ligne : dépose le fichier via "parcourir" et poste simplement le lien obtenu dans ta réponse.
    Une aide à l'utilisation ici


    Note : Les rapports sont aussi enregistrés sur le bureau
  • [/i]
    m
    0
    l
    20 Juillet 2012 16:30:30

    Pour USB FIX voici le rapport :

    ############################## | UsbFix V 7.093 | [Suppression]

    Utilisateur: Mymy (Administrateur) # PC-DE-MYMY
    Mis à jour le 08/07/2012 par El Desaparecido
    Lancé à 16:13:17 | 20/07/2012

    Site Web: http://eldesaparecido.com
    Forum: http://forum.eldesaparecido.com
    Fichier suspect ? : http://eldesaparecido.com/upload.php
    Contact: contact@eldesaparecido.com

    PC: Hewlett-Packard (Compaq Presario CQ70 Notebook PC) (X86-based PC) # Notebook
    CPU: Intel(R) Pentium(R) Dual CPU T3400 @ 2.16GHz (2166)
    RAM -> [Total : 3002 | Free : 1504]
    BIOS: Default System BIOS
    BOOT: Normal boot

    OS: Microsoft® Windows Vista™ Édition Familiale Basique (6.0.6002 32-Bit) # Service Pack 2
    WB: Windows Internet Explorer 9.0.8112.16421

    SC: Security Center Service [Enabled]
    WU: Windows Update Service [Enabled]
    AV: avast! Antivirus [(!) Disabled | Updated]
    FW: Windows FireWall Service [Enabled]

    C:\ (%systemdrive%) -> Disque fixe # 223 Go (19 Go libre(s) - 9%) [] # NTFS
    D:\ -> Disque fixe # 10 Go (2 Go libre(s) - 17%) [RECOVERY] # NTFS
    E:\ -> CD-ROM
    F:\ -> Disque amovible # 968 Mo (25 Mo libre(s) - 3%) [] # FAT

    ################## | Processus Actif |

    C:\Windows\system32\csrss.exe (548)
    C:\Windows\system32\wininit.exe (592)
    C:\Windows\system32\csrss.exe (600)
    C:\Windows\system32\services.exe (636)
    C:\Windows\system32\lsass.exe (648)
    C:\Windows\system32\lsm.exe (656)
    C:\Windows\system32\winlogon.exe (712)
    C:\Windows\system32\svchost.exe (856)
    C:\Windows\system32\svchost.exe (932)
    C:\Windows\System32\svchost.exe (984)
    C:\Windows\System32\svchost.exe (1060)
    C:\Windows\System32\svchost.exe (1124)
    C:\Windows\system32\svchost.exe (1136)
    C:\Windows\system32\svchost.exe (1252)
    C:\Windows\system32\SLsvc.exe (1276)
    C:\Windows\system32\svchost.exe (1360)
    C:\Windows\system32\svchost.exe (1560)
    C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (1668)
    C:\Windows\system32\WLANExt.exe (1688)
    C:\Windows\System32\spoolsv.exe (1948)
    C:\Windows\system32\svchost.exe (1972)
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (440)
    C:\Program Files\Bonjour\mDNSResponder.exe (556)
    C:\Windows\system32\FsUsbExService.Exe (584)
    C:\Windows\system32\svchost.exe (1024)
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe (1316)
    C:\Windows\System32\svchost.exe (1568)
    C:\Windows\System32\svchost.exe (732)
    C:\Windows\system32\svchost.exe (2008)
    C:\Program Files\SMINST\BLService.exe (436)
    C:\Program Files\CyberLink\Shared files\RichVideo.exe (2080)
    C:\Windows\system32\svchost.exe (2456)
    C:\Windows\System32\svchost.exe (2488)
    C:\Windows\system32\DRIVERS\xaudio.exe (2632)
    C:\Windows\system32\taskeng.exe (3240)
    C:\Windows\system32\wbem\wmiprvse.exe (3816)
    C:\Windows\system32\taskeng.exe (2436)
    C:\Windows\system32\Dwm.exe (2444)
    C:\Windows\Explorer.EXE (2832)
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (3056)
    C:\Program Files\HP\QuickPlay\QPService.exe (2912)
    C:\Program Files\Windows Defender\MSASCui.exe (3296)
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe (1080)
    C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (1324)
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe (748)
    C:\Program Files\Common Files\Java\Java Update\jusched.exe (2368)
    C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe (3160)
    C:\Program Files\Alwil Software\Avast5\AvastUI.exe (2384)
    C:\Program Files\Athan\Athan.exe (3484)
    C:\Windows\WindowsMobile\wmdSync.exe (2344)
    C:\Program Files\SweetIM\Messenger\SweetIM.exe (3204)
    C:\Program Files\Real\RealPlayer\Update\realsched.exe (2876)
    C:\Windows\System32\hkcmd.exe (3292)
    C:\Windows\System32\igfxpers.exe (3196)
    C:\Program Files\iTunes\iTunesHelper.exe (3236)
    C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe (3128)
    C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe (3596)
    C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (3352)
    C:\Program Files\OfferBox\OfferBox.exe (3388)
    C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (3120)
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (3400)
    C:\Windows\system32\igfxsrvc.exe (1484)
    C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (3612)
    C:\Windows\system32\svchost.exe (1184)
    C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe (3940)
    C:\Windows\system32\wbem\wmiprvse.exe (1072)
    C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE (3284)
    C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe (3632)
    C:\Program Files\iPod\bin\iPodService.exe (3992)
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe (4408)
    C:\Windows\system32\svchost.exe (4900)
    C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe (4944)
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (5340)
    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (5412)
    C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe (5536)
    C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe (5744)
    c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe (2220)
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (4088)
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (4172)
    C:\Windows\servicing\TrustedInstaller.exe (5312)
    C:\Windows\system32\WUDFHost.exe (6064)
    C:\Windows\system32\SearchIndexer.exe (5812)
    C:\Windows\system32\conime.exe (3324)
    C:\Windows\system32\wuauclt.exe (4120)
    C:\Program Files\Google\Chrome\Application\chrome.exe (1264)
    C:\Program Files\Google\Chrome\Application\chrome.exe (1340)
    C:\Windows\system32\rundll32.exe (5568)
    C:\Program Files\Google\Chrome\Application\chrome.exe (5804)
    C:\Program Files\Google\Chrome\Application\chrome.exe (2676)
    C:\UsbFix\Go.exe (5672)

    ################## | Processus Stoppés |

    Stoppé! C:\Windows\system32\SLsvc.exe (1276)
    Stoppé! C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (1668)
    Stoppé! C:\Windows\system32\WLANExt.exe (1688)
    Stoppé! C:\Windows\System32\spoolsv.exe (1948)
    Stoppé! C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (440)
    Stoppé! C:\Program Files\Bonjour\mDNSResponder.exe (556)
    Stoppé! C:\Windows\system32\FsUsbExService.Exe (584)
    Stoppé! C:\Program Files\Common Files\LightScribe\LSSrvc.exe (1316)
    Stoppé! C:\Program Files\SMINST\BLService.exe (436)
    Stoppé! C:\Program Files\CyberLink\Shared files\RichVideo.exe (2080)
    Stoppé! C:\Windows\system32\DRIVERS\xaudio.exe (2632)
    Stoppé! C:\Windows\system32\taskeng.exe (3240)
    Stoppé! C:\Windows\system32\taskeng.exe (2436)
    Stoppé! C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (3056)
    Stoppé! C:\Program Files\HP\QuickPlay\QPService.exe (2912)
    Stoppé! C:\Program Files\Windows Defender\MSASCui.exe (3296)
    Stoppé! C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe (1080)
    Stoppé! C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (1324)
    Stoppé! C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe (748)
    Stoppé! C:\Program Files\Common Files\Java\Java Update\jusched.exe (2368)
    Stoppé! C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe (3160)
    Stoppé! C:\Program Files\Alwil Software\Avast5\AvastUI.exe (2384)
    Stoppé! C:\Program Files\Athan\Athan.exe (3484)
    Stoppé! C:\Windows\WindowsMobile\wmdSync.exe (2344)
    Stoppé! C:\Program Files\SweetIM\Messenger\SweetIM.exe (3204)
    Stoppé! C:\Program Files\Real\RealPlayer\Update\realsched.exe (2876)
    Stoppé! C:\Windows\System32\hkcmd.exe (3292)
    Stoppé! C:\Windows\System32\igfxpers.exe (3196)
    Stoppé! C:\Program Files\iTunes\iTunesHelper.exe (3236)
    Stoppé! C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe (3128)
    Stoppé! C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe (3596)
    Stoppé! C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (3352)
    Stoppé! C:\Program Files\OfferBox\OfferBox.exe (3388)
    Stoppé! C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (3120)
    Stoppé! C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (3400)
    Stoppé! C:\Windows\system32\igfxsrvc.exe (1484)
    Stoppé! C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (3612)
    Stoppé! C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe (3940)
    Stoppé! C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE (3284)
    Stoppé! C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe (3632)
    Stoppé! C:\Program Files\iPod\bin\iPodService.exe (3992)
    Stoppé! C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe (4408)
    Stoppé! C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe (4944)
    Stoppé! C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (5340)
    Stoppé! C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (5412)
    Stoppé! C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe (5536)
    Stoppé! C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe (5744)
    Stoppé! c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe (2220)
    Stoppé! C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (4088)
    Stoppé! C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (4172)
    Stoppé! C:\Windows\servicing\TrustedInstaller.exe (5312)
    Stoppé! C:\Windows\system32\WUDFHost.exe (6064)
    Stoppé! C:\Windows\system32\SearchIndexer.exe (5812)
    Stoppé! C:\Windows\system32\conime.exe (3324)
    Stoppé! C:\Windows\system32\wuauclt.exe (4120)

    ################## | Éléments infectieux |

    Supprimé! F:\juvob.exe
    Supprimé! F:\juvobx.exe
    Supprimé! F:\x.exe
    Supprimé! F:\New Folder.lnk
    Supprimé! F:\Passwords.lnk
    Supprimé! F:\Documents.lnk
    Supprimé! F:\Pictures.lnk
    Supprimé! F:\Music.lnk
    Supprimé! F:\Video.lnk
    Supprimé! F:\DCIM.lnk
    Supprimé! F:\MISC.lnk
    Supprimé! F:\FOUND.000.lnk
    Supprimé! F:\juvob.scr
    Non supprimé ! E:\AutoRunLauncher.exe
    Supprimé! F:\nbnud.pif
    Supprimé! C:\$RECYCLE.BIN\S-1-5-18
    Supprimé! C:\$RECYCLE.BIN\S-1-5-21-3293731675-180482292-126310539-1000
    Supprimé! C:\$RECYCLE.BIN\S-1-5-21-3293731675-180482292-126310539-500
    Supprimé! D:\$RECYCLE.BIN\S-1-5-21-3293731675-180482292-126310539-1000
    Supprimé! D:\$RECYCLE.BIN\S-1-5-21-3293731675-180482292-126310539-500
    Supprimé! D:\$RECYCLE.BIN\S-1-5-21-990403904-3720291175-2877729817-1000
    Supprimé! D:\$RECYCLE.BIN\S-1-5-21-990403904-3720291175-2877729817-500
    Non supprimé ! E:\autorun.inf
    Non supprimé ! E:\autorun.exe
    Non supprimé ! E:\Updates
    Supprimé! F:\autorun.inf
    Supprimé! F:\ert.dll
    Supprimé! F:\zmF.lnk
    Supprimé! F:\zHb.lnk
    Supprimé! F:\zSB.lnk
    Supprimé! F:\zxi.lnk
    Supprimé! F:\zOZ.lnk
    Supprimé! F:\zLn.lnk
    Supprimé! F:\zMJ.lnk
    Supprimé! F:\zZw.lnk
    Supprimé! F:\zKZ.lnk

    (!) Fichiers temporaires supprimés.

    ################## | Registre |

    Supprimé! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System|DisableTaskMgr
    Supprimé! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoClose

    ################## | Mountpoints2 |

    Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{805ef82a-73f9-11de-a6e4-806e6f6e6963}
    Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{a74c5b6d-e677-11df-9333-001f167a2967}

    ################## | Listing |

    [20/07/2012 - 16:24:41 | SHD ] C:\$RECYCLE.BIN
    [18/09/2006 - 23:43:36 | N | 24] C:\autoexec.bat
    [28/12/2011 - 04:16:32 | D ] C:\BigFishGamesCache
    [14/08/2009 - 02:14:28 | D ] C:\Boonty
    [27/07/2009 - 04:18:55 | SHD ] C:\boot
    [11/04/2009 - 08:36:36 | RASH | 333257] C:\bootmgr
    [18/09/2006 - 23:43:37 | N | 10] C:\config.sys
    [02/11/2006 - 14:59:44 | SHD ] C:\Documents and Settings
    [20/07/2012 - 15:06:26 | ASH | 3149078528] C:\hiberfil.sys
    [19/07/2009 - 03:19:24 | D ] C:\HP
    [19/07/2009 - 01:59:27 | D ] C:\Intel
    [26/10/2008 - 04:11:03 | RHD ] C:\MSOCache
    [20/07/2012 - 15:06:24 | ASH | 3462864896] C:\pagefile.sys
    [21/01/2008 - 04:43:50 | D ] C:\PerfLogs
    [20/07/2012 - 01:37:55 | D ] C:\Program Files
    [17/06/2012 - 17:14:02 | HD ] C:\ProgramData
    [19/07/2009 - 03:19:59 | D ] C:\SWSetup
    [20/07/2012 - 15:21:29 | SHD ] C:\System Volume Information
    [19/07/2009 - 03:19:59 | D ] C:\System.sav
    [12/11/2010 - 16:20:27 | D ] C:\Temp
    [20/07/2012 - 16:24:41 | D ] C:\UsbFix
    [20/07/2012 - 16:15:05 | A | 12274] C:\UsbFix.txt
    [17/06/2012 - 17:14:59 | N | 250] C:\user.js
    [19/07/2009 - 03:18:02 | D ] C:\Users
    [03/06/2012 - 16:54:16 | D ] C:\Windows
    [20/07/2012 - 16:24:41 | SHD ] D:\$RECYCLE.BIN
    [19/07/2009 - 03:18:41 | N | 13] D:\BLOCK.RIN
    [23/06/2009 - 18:12:39 | SHD ] D:\boot
    [04/10/2006 - 01:02:44 | SH | 438328] D:\bootmgr
    [12/09/2008 - 20:00:22 | SH | 1199] D:\Desktop.ini
    [23/06/2009 - 17:54:41 | N | 0] D:\DRECOVERY
    [10/09/2002 - 18:14:28 | N | 8134] D:\Folder.htt
    [23/06/2009 - 18:12:39 | D ] D:\HP
    [20/07/2012 - 15:07:28 | N | 196] D:\MASTER.LOG
    [23/06/2009 - 18:12:39 | SHD ] D:\PRELOAD
    [12/09/2008 - 19:18:34 | SH | 156098] D:\protect.arabic
    [15/09/2008 - 18:06:26 | N | 151163] D:\protect.bulgarian
    [12/09/2008 - 19:22:34 | SH | 149947] D:\protect.chinese hong kong
    [12/09/2008 - 19:30:34 | SH | 150503] D:\protect.chinese simplified
    [12/09/2008 - 19:30:56 | SH | 149947] D:\protect.chinese traditional
    [12/09/2008 - 19:31:20 | SH | 149591] D:\protect.czech
    [12/09/2008 - 19:31:40 | SH | 148911] D:\protect.danish
    [12/09/2008 - 19:32:00 | SH | 148212] D:\protect.dutch
    [12/09/2008 - 19:32:20 | N | 148950] D:\protect.ed
    [12/09/2008 - 19:32:38 | SH | 148952] D:\protect.english
    [12/09/2008 - 19:32:56 | SH | 148000] D:\protect.finnish
    [12/09/2008 - 19:33:20 | SH | 147655] D:\protect.french
    [12/09/2008 - 19:33:40 | SH | 147825] D:\protect.german
    [12/09/2008 - 19:33:58 | SH | 152670] D:\protect.greek
    [12/09/2008 - 19:34:22 | SH | 155060] D:\protect.hebrew
    [12/09/2008 - 19:34:40 | N | 148303] D:\protect.hungarian
    [12/09/2008 - 19:35:02 | SH | 147443] D:\protect.italian
    [12/09/2008 - 19:35:32 | SH | 151323] D:\protect.japanese
    [12/09/2008 - 19:35:50 | SH | 158134] D:\protect.korean
    [12/09/2008 - 19:36:08 | SH | 147950] D:\protect.norwegian
    [12/09/2008 - 19:36:24 | SH | 149293] D:\protect.polish
    [12/09/2008 - 19:36:42 | SH | 148077] D:\protect.portuguese
    [12/09/2008 - 19:36:58 | SH | 148808] D:\protect.portuguese brazilian
    [15/09/2008 - 18:06:54 | N | 152201] D:\protect.romanian
    [12/09/2008 - 19:37:16 | SH | 148947] D:\protect.russian
    [12/09/2008 - 19:37:32 | SH | 149967] D:\protect.slovak
    [12/09/2008 - 19:37:52 | SH | 147739] D:\protect.spanish
    [12/09/2008 - 19:38:10 | SH | 148308] D:\protect.swedish
    [12/09/2008 - 19:38:26 | SH | 149334] D:\protect.turkish
    [23/06/2009 - 18:12:40 | RD ] D:\RECOVERY
    [23/06/2009 - 18:12:39 | SHD ] D:\SOURCES
    [15/03/2010 - 18:49:06 | SHD ] D:\System Volume Information
    [23/06/2009 - 18:12:40 | D ] D:\Tools
    [23/06/2009 - 18:12:40 | D ] D:\WINDOWS
    [07/12/2004 - 15:07:33 | R | 153724] E:\00000000.016
    [07/12/2004 - 15:07:33 | R | 308280] E:\00000000.256
    [07/12/2004 - 15:07:34 | R | 2048] E:\00000001.TMP
    [04/11/2004 - 04:05:38 | R | 22528] E:\AutoRunLauncher.exe
    [18/11/2004 - 03:17:35 | R | 4200700] E:\Autorun.exe
    [04/11/2004 - 04:05:38 | R | 29838] E:\CSI.ico
    [09/10/2004 - 00:05:00 | R | 3521273] E:\CSI-Miami.exe
    [20/10/2004 - 22:58:52 | R | 35634] E:\CSI-miami.dir
    [07/12/2004 - 15:07:03 | D ] E:\Case_1
    [07/12/2004 - 15:07:03 | D ] E:\Code
    [07/12/2004 - 15:07:04 | D ] E:\CrimeFramework
    [07/12/2004 - 15:06:19 | D ] E:\Data
    [07/12/2004 - 15:07:04 | D ] E:\Detection
    [07/12/2004 - 15:07:31 | R | 24064] E:\DrvMgt.dll
    [18/11/2004 - 04:24:06 | R | 294779] E:\Les Experts - Miami.pdf
    [07/12/2004 - 15:07:04 | D ] E:\Library
    [07/12/2004 - 15:07:04 | D ] E:\Licensed
    [09/11/2004 - 00:30:18 | R | 1419] E:\Lingo.ini
    [07/12/2004 - 15:07:05 | D ] E:\Macromedia
    [06/11/2004 - 01:29:48 | R | 5907] E:\Readme.txt
    [07/12/2004 - 15:07:31 | R | 11973] E:\SECDRV.SYS
    [07/12/2004 - 15:07:09 | D ] E:\Shareware
    [07/12/2004 - 15:07:14 | D ] E:\Sound
    [07/12/2004 - 15:07:14 | D ] E:\Support
    [07/12/2004 - 15:07:17 | D ] E:\Updates
    [07/12/2004 - 15:06:38 | D ] E:\art
    [04/11/2004 - 04:05:38 | R | 51] E:\autorun.inf
    [26/11/2004 - 18:04:24 | R | 378279] E:\data1.cab
    [26/11/2004 - 18:04:24 | R | 351452] E:\data1.hdr
    [26/11/2004 - 18:05:55 | R | 512] E:\data2.cab
    [05/12/2002 - 23:16:00 | R | 418296] E:\engine32.cab
    [26/11/2004 - 18:08:31 | R | 78424] E:\layout.bin
    [07/12/2004 - 15:07:08 | D ] E:\register
    [26/11/2004 - 18:04:09 | R | 405649] E:\setup.boot
    [03/12/2002 - 00:33:00 | R | 107512] E:\setup.exe
    [26/11/2004 - 18:04:10 | R | 389] E:\setup.ini
    [22/11/2004 - 22:33:12 | R | 179539] E:\setup.inx
    [04/11/2004 - 04:05:40 | R | 766] E:\uninst.ico
    [12/10/2004 - 23:36:06 | R | 2011880] E:\xtra_6_1_montage.bik
    [12/10/2004 - 23:36:06 | R | 695428] E:\xtra_6_2_montage.bik
    [12/10/2004 - 23:36:06 | R | 1999876] E:\xtra_6_3_montage.bik
    [12/10/2004 - 23:36:06 | R | 1874376] E:\xtra_6_4_montage.bik
    [12/10/2004 - 23:36:06 | R | 1172336] E:\xtra_6_5_montage.bik
    [12/10/2004 - 23:36:08 | R | 2250472] E:\xtra_6_7_montage.bik
    [12/10/2004 - 23:36:08 | R | 2265816] E:\xtra_6_8_montage.bik
    [10/10/2005 - 10:10:10 | D ] F:\DCIM
    [04/08/2007 - 00:02:26 | D ] F:\MISC
    [04/12/2008 - 15:52:34 | D ] F:\FOUND.000
    [04/12/2008 - 15:52:38 | N | 1836] F:\BOOTEX.LOG
    [20/07/2009 - 20:05:44 | N | 296] F:\WMPInfo.xml

    ################## | Vaccin |

    C:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
    D:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
    F:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

    ################## | Upload |

    Veuillez envoyer le fichier: C:\UsbFix_Upload_Me_PC-DE-MYMY.zip
    http://eldesaparecido.com/upload.php
    Merci de votre contribution.

    ################## | E.O.F |

    Maintenant je vais télécharger OTL je vous tiens au courant.
    m
    0
    l
    a c 548 8 Sécurité
    20 Juillet 2012 20:50:25

    Re,

    Ok on va continuer un peu le nettoyage, laisse les périphériques infecté branché :
    Mais franchement, sans vouloir être offensant ... ton pc est une poubelle ... des adwares dans tous les sens (logiciels et sponsors publicitaires), des infections de partout, des logiciels pas à jour, etc etc ...
    Va vraiment falloir revoir l'utilisation du pc et le comportement dessus si tu ne veux pas avoir à recommencer ce ménage rapidement ;) 
    (je donne des conseils à suivre en fin de procédure)

    1) Désinstalle les programmes suivant dans ta liste des programmes (si présents) :

    Note : si l'un des programmes ne veut pas se désinstaller, passe au suivant et poursuit la procédure

    - Google Toolbar for Internet Explorer (barre d'outil, sauf réelle utilité)
    - Java(TM) 6 Update 7 (version obsolète, tu possèdes une plus récente)

    - SweetIM Toolbar for Internet Explorer 3.9 (adware : logiciel publicitaire)
    - OfferBox (idem)
    - SweetIM for Messenger 3.1 (idem)
    - Babylon toolbar on IE (idem)
    - ClickPotato (idem)
    - eoEngine 9.1 (idem)
    - GamesBar 2.0.1.12 (idem)
    - jeuxob.fr Toolbar (idem)
    - Favorit (idem)
    - ShopperReports (idem)
    - SoftwareUpdate 1.0 (idem)
    - Fast Browser Search (My Tattoons) (idem)

    (Je te laisse admirer la liste de trucs qui pompait ton pc, et surement tes données de navigation pour bien d'inonder de pubs ...)

    2) Relance OTL.exe

  • Ferme toutes tes fenêtres, puis double clique sur OTL.exe pour le lancer.
    (Utilisateur de Vista/Windows 7 faites un clic droit -> "Exécuter en tant qu'administrateur")

    /!\ Attention, utilisateur d'Avast! ou d'autres antivirus, ne lancez pas OTL en mode sandbox /!\

  • Copie-colle l'ensemble du texte ci-dessous dans le cadre Personnalisation d'OTL en bas à gauche.



    :OTL
    SRV - [2009/08/14 02:15:20 | 000,069,120 | ---- | M] (BOONTY) [On_Demand | Stopped] -- C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe -- (Boonty Games)
    IE - HKLM\..\URLSearchHook: {f78e6501-b9de-48b9-b86c-6da8542ccc4e} - SOFTWARE\Classes\CLSID\{f78e6501-b9de-48b9-b86c-6da8542ccc4e}\InprocServer32 File not found
    IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
    IE - HKLM\..\SearchScopes\{0F4A55B7-29FC-4958-8833-A8EB26E92155}: "URL" = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1156&query={searchTerms}&invocationType=tb50hpcnnbie7-fr-fr
    IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2545112
    IE - HKLM\..\SearchScopes\{CAD2FC4D-F1F3-48B9-B1B6-496E23CD3AB7}: "URL" = http://fr.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913932
    IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms}
    IE - HKU\S-1-5-21-3293731675-180482292-126310539-1000\..\URLSearchHook: {91C18ED5-5E1C-4AE5-A148-A861DE8C8E16} - C:\Program Files\SGPSA\mtwb3sh.dll (TODO: <Company name>)
    IE - HKU\S-1-5-21-3293731675-180482292-126310539-1000\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
    IE - HKU\S-1-5-21-3293731675-180482292-126310539-1000\..\URLSearchHook: {f78e6501-b9de-48b9-b86c-6da8542ccc4e} - SOFTWARE\Classes\CLSID\{f78e6501-b9de-48b9-b86c-6da8542ccc4e}\InprocServer32 File not found
    IE - HKU\S-1-5-21-3293731675-180482292-126310539-1000\..\SearchScopes,DefaultScope = {5ED54103-8357-4087-9512-12C688E1DF7F}
    IE - HKU\S-1-5-21-3293731675-180482292-126310539-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=111020&tt=060612_7_&babsrc=SP_ss&mntrId=b2ea912a00000000000000242c1db8de
    IE - HKU\S-1-5-21-3293731675-180482292-126310539-1000\..\SearchScopes\{0F4A55B7-29FC-4958-8833-A8EB26E92155}: "URL" = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1156&query={searchTerms}&invocationType=tb50hpcnnbie7-fr-fr
    IE - HKU\S-1-5-21-3293731675-180482292-126310539-1000\..\SearchScopes\{5ED54103-8357-4087-9512-12C688E1DF7F}: "URL" = http://www.fastbrowsersearch.com/results/results.aspx?q={searchTerms}&c=web&s=DSP&v=18&tid={4BCF3939-1671-4862-94DA-5B369A8B975E}
    IE - HKU\S-1-5-21-3293731675-180482292-126310539-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2545112
    IE - HKU\S-1-5-21-3293731675-180482292-126310539-1000\..\SearchScopes\{CAD2FC4D-F1F3-48B9-B1B6-496E23CD3AB7}: "URL" = http://fr.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913932
    IE - HKU\S-1-5-21-3293731675-180482292-126310539-1000\..\SearchScopes\{E08A9998-D98F-476f-8F5C-37C80FE0A4DA}: "URL" = http://search.conduit.com/?SearchSource=10&ctid=CT2456781
    IE - HKU\S-1-5-21-3293731675-180482292-126310539-1000\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms}
    FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
    FF - prefs.js..browser.search.selectedEngine: "Search the web (Babylon)"
    FF - prefs.js..browser.startup.homepage: "http://search.babylon.com/?affID=111020&tt=060612_7_&babsrc=HP_ss&mntrId=b2ea912a00000000000000242c1db8de"
    FF - prefs.js..extensions.enabledItems: ClickPotatoLite@ClickPotatoLite.com:10.0.621.0
    FF - prefs.js..extensions.enabledItems: offerboxffx@offerbox.com:1.0.1.4
    FF - prefs.js..extensions.enabledItems: {34EFA911-B536-4C08-BECE-CD5E55C875B0}:1.0
    FF - prefs.js..extensions.enabledItems: ShopperReports@ShopperReports.com:3.0.517.0
    FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.0.0.10
    FF - prefs.js..keyword.URL: "http://search.babylon.com/?affID=111020&tt=060612_7_&babsrc=KW_ss&mntrId=b2ea912a00000000000000242c1db8de&q="
    FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "chrome://browser-region/locale/region.properties"
    FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "Jeux.fr"
    FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "chrome://browser-region/locale/region.properties"
    FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ShopperReports@ShopperReports.com: C:\Program Files\ShopperReports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions [2010/11/12 16:20:47 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ClickPotatoLite@ClickPotatoLite.com: C:\Program Files\ClickPotatoLite\bin\10.0.621.0\firefox\extensions
    FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\offerboxffx@offerbox.com: C:\Users\Mymy\AppData\Roaming\OfferBox\offerboxffx@offerbox.com [2010/03/29 16:09:53 | 000,000,000 | ---D | M]
    [2012/06/17 17:14:52 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\Mymy\AppData\Roaming\Mozilla\Firefox\Profiles\njk8mg4g.default\extensions\ffxtlbr@babylon.com
    [2010/11/12 16:23:23 | 000,000,000 | ---D | M] (ResultBar) -- C:\Program Files\Mozilla Firefox\extensions\{34EFA911-B536-4C08-BECE-CD5E55C875B0}
    File not found (No name found) -- C:\PROGRAM FILES\CLICKPOTATOLITE\BIN\10.0.621.0\FIREFOX\EXTENSIONS
    [2010/11/10 21:15:14 | 000,087,344 | ---- | M] (Pinball Corporation.) -- C:\Program Files\mozilla firefox\plugins\npclntax_ClickPotatoLiteSA.dll
    [2012/06/17 17:14:37 | 000,002,352 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
    [2010/06/29 01:52:33 | 000,000,227 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Jeux.frober13458721.src
    CHR - plugin: ClickPotatoLite Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npclntax_ClickPotatoLiteSA.dll
    O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO)
    O2 - BHO: (EoBHO Class) - {C7B76B90-3455-4AE6-A752-EAC4D19689E5} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll File not found
    O2 - BHO: (Interest recogniser for Moovida (powered by Spointer)) - {E2A7BD67-0EAF-497f-B05B-748D7BF3C421} - C:\Program Files\Fluendo\Moovida\spointer\extensions\moovida_air_ie.dll File not found
    O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
    O2 - BHO: (jeuxob.fr Toolbar) - {f78e6501-b9de-48b9-b86c-6da8542ccc4e} - C:\Program Files\jeuxob.fr\tbjeu0.dll File not found
    O2 - BHO: (Fast Browser Search Toolbar Helper) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\Fast Browser Search\IE\FBStoolbar.dll File not found
    O3 - HKLM\..\Toolbar: (Fast Browser Search Toolbar) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - C:\Program Files\Fast Browser Search\IE\FBStoolbar.dll File not found
    O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.)
    O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
    O3 - HKLM\..\Toolbar: (jeuxob.fr Toolbar) - {f78e6501-b9de-48b9-b86c-6da8542ccc4e} - C:\Program Files\jeuxob.fr\tbjeu0.dll File not found
    O3 - HKU\S-1-5-21-3293731675-180482292-126310539-1000\..\Toolbar\WebBrowser: (Fast Browser Search Toolbar) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - C:\Program Files\Fast Browser Search\IE\FBStoolbar.dll File not found
    O3 - HKU\S-1-5-21-3293731675-180482292-126310539-1000\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
    O3 - HKU\S-1-5-21-3293731675-180482292-126310539-1000\..\Toolbar\WebBrowser: (jeuxob.fr Toolbar) - {F78E6501-B9DE-48B9-B86C-6DA8542CCC4E} - C:\Program Files\jeuxob.fr\tbjeu0.dll File not found
    O4 - HKLM..\Run: [eorezo] File not found
    O4 - HKLM..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
    O4 - HKU\S-1-5-21-3293731675-180482292-126310539-1000..\Run: [beuuhog] C:\Users\Mymy\beuuhog.exe File not found
    O4 - HKU\S-1-5-21-3293731675-180482292-126310539-1000..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent File not found
    O4 - HKU\S-1-5-21-3293731675-180482292-126310539-1000..\Run: [Facebook Update] "C:\Users\Mymy\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver File not found
    O4 - HKU\S-1-5-21-3293731675-180482292-126310539-1000..\Run: [OfferBox] C:\Program Files\OfferBox\OfferBox.exe (Secure Digital Services)
    O9 - Extra Button: ClickPotato - {B58926D6-CFB0-45d2-9C28-4B5A0F0368AE} - C:\Program Files\ClickPotatoLite\bin\10.0.621.0\ClickPotatoLiteSABHO.dll File not found
    O15 - HKU\.DEFAULT\..Trusted Ranges: Range1 ([http] in Local intranet)
    O15 - HKU\S-1-5-18\..Trusted Ranges: Range1 ([http] in Local intranet)
    O15 - HKU\S-1-5-21-3293731675-180482292-126310539-1000\..Trusted Ranges: Range1 ([http] in Local intranet)
    MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan.lnk - - File not found
    MsConfig - StartUpReg: 05858935 - hkey= - key= - File not found
    MsConfig - StartUpReg: Babylon Client - hkey= - key= - File not found
    [1 C:\Users\Mymy\Documents\*.tmp files -> C:\Users\Mymy\Documents\*.tmp -> ]
    [2010/04/29 22:27:36 | 000,000,016 | ---- | C] () -- C:\Users\Mymy\AppData\Roaming\wzmjhy.dat
    [2010/03/21 14:34:09 | 000,000,824 | ---- | C] () -- C:\Users\Mymy\AppData\Roaming\wklnhst.dat
    [2010/03/14 22:48:27 | 000,000,016 | ---- | C] () -- C:\Users\Mymy\AppData\Roaming\rbuwzv.dat
    [2009/12/22 18:29:44 | 000,000,090 | ---- | C] () -- C:\Users\Mymy\AppData\Local\wnfof.bat
    [2009/09/06 14:42:54 | 000,000,087 | ---- | C] () -- C:\Users\Mymy\AppData\Local\nvelt.bat
    [2009/07/19 16:46:05 | 000,028,160 | ---- | C] () -- C:\Users\Mymy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2012/06/17 17:14:02 | 000,000,000 | ---D | M] -- C:\Users\Mymy\AppData\Roaming\Babylon
    [2010/11/12 16:20:56 | 000,000,000 | ---D | M] -- C:\Users\Mymy\AppData\Roaming\ClickPotatoLite
    [2010/03/15 19:31:05 | 000,000,000 | ---D | M] -- C:\Users\Mymy\AppData\Roaming\EoRezo
    [2010/07/19 23:15:14 | 000,000,000 | ---D | M] -- C:\Users\Mymy\AppData\Roaming\FissaSearch
    [2012/06/07 15:16:00 | 000,000,000 | ---D | M] -- C:\Users\Mymy\AppData\Roaming\OfferBox
    [2010/11/12 16:20:44 | 000,000,000 | ---D | M] -- C:\Users\Mymy\AppData\Roaming\ShopperReports3
    @Alternate Data Stream - 99 bytes -> C:\ProgramData\Temp:E32966C0
    @Alternate Data Stream - 95 bytes -> C:\ProgramData\Temp:453190EC
    @Alternate Data Stream - 227 bytes -> C:\ProgramData\Temp:EA701346
    @Alternate Data Stream - 227 bytes -> C:\ProgramData\Temp:94B46CA2
    @Alternate Data Stream - 223 bytes -> C:\ProgramData\Temp:C43C957E
    @Alternate Data Stream - 220 bytes -> C:\ProgramData\Temp:ED9B661E
    @Alternate Data Stream - 216 bytes -> C:\ProgramData\Temp:B6D84F71
    @Alternate Data Stream - 201 bytes -> C:\ProgramData\Temp:E11EAB84
    @Alternate Data Stream - 185 bytes -> C:\ProgramData\Temp:FA8B212D
    @Alternate Data Stream - 147 bytes -> C:\ProgramData\Temp:D26DD363
    @Alternate Data Stream - 146 bytes -> C:\ProgramData\Temp:A00BCDEF
    @Alternate Data Stream - 146 bytes -> C:\ProgramData\Temp:68B61847
    @Alternate Data Stream - 145 bytes -> C:\ProgramData\Temp:D8F9D810
    @Alternate Data Stream - 145 bytes -> C:\ProgramData\Temp:B722BCE5
    @Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:2E0A3B1D
    @Alternate Data Stream - 140 bytes -> C:\ProgramData\Temp:22741C1F
    @Alternate Data Stream - 138 bytes -> C:\ProgramData\Temp:526B3022
    @Alternate Data Stream - 136 bytes -> C:\ProgramData\Temp:C0A2E219
    @Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp:4E79C4F8
    @Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:A774141A
    @Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:00811B66
    @Alternate Data Stream - 131 bytes -> C:\ProgramData\Temp:CFFC9DD0
    @Alternate Data Stream - 131 bytes -> C:\ProgramData\Temp:A2C4E5BC
    @Alternate Data Stream - 131 bytes -> C:\ProgramData\Temp:91DEEE71
    @Alternate Data Stream - 131 bytes -> C:\ProgramData\Temp:0860D6D6
    @Alternate Data Stream - 131 bytes -> C:\ProgramData\Temp:03D08225
    @Alternate Data Stream - 130 bytes -> C:\ProgramData\Temp:FDCAE7B5
    @Alternate Data Stream - 130 bytes -> C:\ProgramData\Temp:762408BA
    @Alternate Data Stream - 130 bytes -> C:\ProgramData\Temp:2EC5D66C
    @Alternate Data Stream - 130 bytes -> C:\ProgramData\Temp:0D713C0D
    @Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:9D5BB34A
    @Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:561B1D2B
    @Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:25005EFA
    @Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:014BC3B4
    @Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:413E2927
    @Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:56C17A93
    @Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:4A448DB2
    @Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:9857FAE3
    @Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:896E1EFF
    @Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:4B244549
    @Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:0EC7A545
    @Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:439E3411
    @Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:EC7C9796
    @Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:93226FE3
    @Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:BBF60A29
    @Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:5EF1AD34
    @Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:A26AFC00
    @Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:D2A5A561
    @Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:80B291A7
    @Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:5E73E1C2
    @Alternate Data Stream - 117 bytes -> C:\ProgramData\Temp:C928F3BE
    @Alternate Data Stream - 113 bytes -> C:\ProgramData\Temp:CEE4A457
    @Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:FB647F34
    @Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:F0762150
    @Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:E4FCDFD9
    @Alternate Data Stream - 110 bytes -> C:\ProgramData\Temp:6BD304B9
    @Alternate Data Stream - 110 bytes -> C:\ProgramData\Temp:55F44B88
    @Alternate Data Stream - 110 bytes -> C:\ProgramData\Temp:538B96B5
    @Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:4C49306C
    @Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:385E2CFD
    @Alternate Data Stream - 107 bytes -> C:\ProgramData\Temp:91486201
    @Alternate Data Stream - 105 bytes -> C:\ProgramData\Temp:3A6BC948
    @Alternate Data Stream - 104 bytes -> C:\ProgramData\Temp:6FDE1666
    @Alternate Data Stream - 100 bytes -> C:\ProgramData\Temp:554C6431
    @Alternate Data Stream - 100 bytes -> C:\ProgramData\Temp:4EF94CF3

    :Reg
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "TCP Query User{261C4F00-F126-40B6-A295-DD81E4339ABB}F:\juvobx.exe"=-
    "TCP Query User{41B27209-F1EA-4B43-9F55-0D62E228482B}C:\users\mymy\appdata\local\temp\bxliga.exe"=-
    "TCP Query User{4FC306AE-4ABA-4729-A3A6-5F9B63AED8E9}C:\users\mymy\appdata\local\temp\obmcnf.exe"=-
    "TCP Query User{5E12ECED-F0FA-4D37-9118-85B4EDBE0C67}C:\users\mymy\beuuhog.exe"=-
    "TCP Query User{7C1BFD64-5381-4F72-825C-FF6538B91318}C:\users\mymy\appdata\local\temp\wincsxkem.exe"=-
    "TCP Query User{AB9B442E-22D3-49B3-86BD-45C7822E80A3}C:\program files\sweetim\messenger\sweetim.exe"=-
    "TCP Query User{D4A67F06-331B-4B2C-A824-B541B19C0E57}C:\users\mymy\appdata\local\temp\winihfjn.exe"=-
    "TCP Query User{E8E2F4AD-2A32-4E69-8167-1ECDA8234D5C}C:\users\mymy\appdata\local\temp\jiid.exe"=-
    "TCP Query User{ED811F8D-9662-4B23-B1F1-7022AAD15EC5}C:\users\mymy\appdata\local\temp\winovbbt.exe"=-
    "UDP Query User{008BF23C-9FDF-4E02-A206-4A916E31DDBF}C:\program files\sweetim\messenger\sweetim.exe"=-
    "UDP Query User{093F637C-E90F-4BC4-BE67-F93D3D953A50}F:\juvobx.exe"=-
    "UDP Query User{117E9C87-7FAA-4C4B-A1A9-EAEE59732684}C:\users\mymy\appdata\local\temp\winihfjn.exe"=-
    "UDP Query User{7D3A73EA-2421-4277-9166-ECABAB54A805}C:\users\mymy\beuuhog.exe"=-
    "UDP Query User{A50DB588-63F5-4ADA-B41A-2B1B46A0876A}C:\users\mymy\appdata\local\temp\jiid.exe"=-
    "UDP Query User{B9B1876A-D0FF-41FA-93B4-9B47B02AF76E}C:\users\mymy\appdata\local\temp\winovbbt.exe"=-
    "UDP Query User{D5EFDFA0-9201-4AD0-BF07-E9BCD77E2E77}C:\users\mymy\appdata\local\temp\obmcnf.exe"=-
    "UDP Query User{DC9E43B5-CF82-4D67-90F2-00E306402358}C:\users\mymy\appdata\local\temp\wincsxkem.exe"=-
    "UDP Query User{F894A2A3-8A91-4095-AEA8-91F5E53B8299}C:\users\mymy\appdata\local\temp\bxliga.exe"=-


    :Files
    F:\juvobx.exe
    C:\users\mymy\beuuhog.exe
    C:\program files\sweetim
    C:\Program Files\Common Files\BOONTY Shared
    C:\Program Files\ShopperReports3
    C:\Program Files\ClickPotatoLite
    C:\Users\Mymy\AppData\Roaming\OfferBox
    C:\Program Files\BabylonToolbar
    C:\Program Files\jeuxob.fr
    C:\Program Files\Fast Browser Search

    :Commands
    [emptytemp]



  • Puis clique sur le bouton Correction en haut à gauche
  • Le pc va redémarrer. (si ce n'est pas le cas, fais-le manuellement)
  • Poste le rapport de suppression s'il apparait.

    Note : le rapport est enregistré sous format ".log", il convient de changer cette extension en ".txt" si tu veux le déposer sur des sites en ligne. S'il n'apparait pas, il se trouve ici : C:\_OTL, sous la forme xxxxxxxx_xxxx.log où x sont la date et l'heure

    /!\ Ce script est exclusivement réservé à l'utilisateur actuel du sujet, vous ne devez en aucun cas l'utiliser de votre propre chef sur un autre pc, sous risque d'endommager le système /!\


    3) Télécharge AdwCleaner (de Xplode) sur ton Bureau.

    /!\ Désactive tes protections résidentes : antivirus, antispyware ... Déconnecte-toi et ferme toutes les applications en cours (notamment ton navigateur)/!\

  • Double-clique sur adwcleaner0.exe pour lancer le programme.
    (Utilisateur de Vista/Windows 7, clique-droit sur le fichier adwcleaner0.exe -> Exécuter en tant qu'administrateur)

  • Dans la fenêtre principal, choisis l'option Suppression.
  • Valide l'avertissement.
  • Si le pc demande à redémarrer, accepte.
  • Un rapport apparaitra (sinon, il est situé ici C:\AdwCleaner[Sx].txt). Poste-le dans ta prochaine réponse.
    m
    0
    l
    21 Juillet 2012 00:00:34

    Je vais faire sa tout de suite. Oui je suis consciente que mon pc est une véritable poubelle lol .... :pt1cable:  il faut sérieusement que j'arrete de télécharger des conneries. Merci. Je vais faire la procédure =) Merciiiiii
    m
    0
    l
    21 Juillet 2012 01:49:04

    Voici pour OTL:

    All processes killed
    ========== OTL ==========
    Service Boonty Games stopped successfully!
    Service Boonty Games deleted successfully!
    C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe moved successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{f78e6501-b9de-48b9-b86c-6da8542ccc4e} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f78e6501-b9de-48b9-b86c-6da8542ccc4e}\ deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0F4A55B7-29FC-4958-8833-A8EB26E92155}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0F4A55B7-29FC-4958-8833-A8EB26E92155}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CAD2FC4D-F1F3-48B9-B1B6-496E23CD3AB7}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAD2FC4D-F1F3-48B9-B1B6-496E23CD3AB7}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C360-6118-11DC-9C72-001320C79847}\ not found.
    Registry value HKEY_USERS\S-1-5-21-3293731675-180482292-126310539-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{91C18ED5-5E1C-4AE5-A148-A861DE8C8E16} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{91C18ED5-5E1C-4AE5-A148-A861DE8C8E16}\ deleted successfully.
    C:\Program Files\SGPSA\mtwb3sh.dll moved successfully.
    Registry value HKEY_USERS\S-1-5-21-3293731675-180482292-126310539-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{EEE6C35D-6118-11DC-9C72-001320C79847} not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}\ not found.
    File C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll not found.
    Registry value HKEY_USERS\S-1-5-21-3293731675-180482292-126310539-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{f78e6501-b9de-48b9-b86c-6da8542ccc4e} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f78e6501-b9de-48b9-b86c-6da8542ccc4e}\ not found.
    HKEY_USERS\S-1-5-21-3293731675-180482292-126310539-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
    Registry key HKEY_USERS\S-1-5-21-3293731675-180482292-126310539-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
    Registry key HKEY_USERS\S-1-5-21-3293731675-180482292-126310539-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0F4A55B7-29FC-4958-8833-A8EB26E92155}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0F4A55B7-29FC-4958-8833-A8EB26E92155}\ not found.
    Registry key HKEY_USERS\S-1-5-21-3293731675-180482292-126310539-1000\Software\Microsoft\Internet Explorer\SearchScopes\{5ED54103-8357-4087-9512-12C688E1DF7F}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5ED54103-8357-4087-9512-12C688E1DF7F}\ not found.
    Registry key HKEY_USERS\S-1-5-21-3293731675-180482292-126310539-1000\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
    Registry key HKEY_USERS\S-1-5-21-3293731675-180482292-126310539-1000\Software\Microsoft\Internet Explorer\SearchScopes\{CAD2FC4D-F1F3-48B9-B1B6-496E23CD3AB7}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAD2FC4D-F1F3-48B9-B1B6-496E23CD3AB7}\ not found.
    Registry key HKEY_USERS\S-1-5-21-3293731675-180482292-126310539-1000\Software\Microsoft\Internet Explorer\SearchScopes\{E08A9998-D98F-476f-8F5C-37C80FE0A4DA}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E08A9998-D98F-476f-8F5C-37C80FE0A4DA}\ not found.
    Registry key HKEY_USERS\S-1-5-21-3293731675-180482292-126310539-1000\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C360-6118-11DC-9C72-001320C79847}\ not found.
    Prefs.js: "Search the web (Babylon)" removed from browser.search.defaultenginename
    Prefs.js: "Search the web (Babylon)" removed from browser.search.selectedEngine
    Prefs.js: "http://search.babylon.com/?affID=111020&tt=060612_7_&ba..." removed from browser.startup.homepage
    Prefs.js: ClickPotatoLite@ClickPotatoLite.com:10.0.621.0 removed from extensions.enabledItems
    Prefs.js: offerboxffx@offerbox.com:1.0.1.4 removed from extensions.enabledItems
    Prefs.js: {34EFA911-B536-4C08-BECE-CD5E55C875B0}:1.0 removed from extensions.enabledItems
    Prefs.js: ShopperReports@ShopperReports.com:3.0.517.0 removed from extensions.enabledItems
    Prefs.js: {EEE6C361-6118-11DC-9C72-001320C79847}:1.0.0.10 removed from extensions.enabledItems
    Prefs.js: "http://search.babylon.com/?affID=111020&tt=060612_7_&ba..." removed from keyword.URL
    Prefs.js: "chrome://browser-region/locale/region.properties" removed from sweetim.toolbar.previous.browser.search.defaultenginename
    Prefs.js: "Jeux.fr" removed from sweetim.toolbar.previous.browser.search.selectedEngine
    Prefs.js: "chrome://browser-region/locale/region.properties" removed from sweetim.toolbar.previous.keyword.URL
    Prefs.js: "Search the web (Babylon)" removed from browser.search.order.1
    File HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ShopperReports@ShopperReports.com: C:\Program Files\ShopperReports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions not found.
    File HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ClickPotatoLite@ClickPotatoLite.com: C:\Program Files\ClickPotatoLite\bin\10.0.621.0\firefox\extensions not found.
    File HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\offerboxffx@offerbox.com: C:\Users\Mymy\AppData\Roaming\OfferBox\offerboxffx@offerbox.com not found.
    C:\Users\Mymy\AppData\Roaming\Mozilla\Firefox\Profiles\njk8mg4g.default\extensions\ffxtlbr@babylon.com\defaults\preferences folder moved successfully.
    C:\Users\Mymy\AppData\Roaming\Mozilla\Firefox\Profiles\njk8mg4g.default\extensions\ffxtlbr@babylon.com\defaults folder moved successfully.
    C:\Users\Mymy\AppData\Roaming\Mozilla\Firefox\Profiles\njk8mg4g.default\extensions\ffxtlbr@babylon.com\content\imgs\flgs folder moved successfully.
    C:\Users\Mymy\AppData\Roaming\Mozilla\Firefox\Profiles\njk8mg4g.default\extensions\ffxtlbr@babylon.com\content\imgs folder moved successfully.
    C:\Users\Mymy\AppData\Roaming\Mozilla\Firefox\Profiles\njk8mg4g.default\extensions\ffxtlbr@babylon.com\content folder moved successfully.
    C:\Users\Mymy\AppData\Roaming\Mozilla\Firefox\Profiles\njk8mg4g.default\extensions\ffxtlbr@babylon.com\components folder moved successfully.
    C:\Users\Mymy\AppData\Roaming\Mozilla\Firefox\Profiles\njk8mg4g.default\extensions\ffxtlbr@babylon.com folder moved successfully.
    C:\Program Files\Mozilla Firefox\extensions\{34EFA911-B536-4C08-BECE-CD5E55C875B0}\defaults\preferences folder moved successfully.
    C:\Program Files\Mozilla Firefox\extensions\{34EFA911-B536-4C08-BECE-CD5E55C875B0}\defaults folder moved successfully.
    C:\Program Files\Mozilla Firefox\extensions\{34EFA911-B536-4C08-BECE-CD5E55C875B0}\chrome folder moved successfully.
    C:\Program Files\Mozilla Firefox\extensions\{34EFA911-B536-4C08-BECE-CD5E55C875B0} folder moved successfully.
    C:\Program Files\Mozilla Firefox\plugins\npclntax_ClickPotatoLiteSA.dll moved successfully.
    C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml moved successfully.
    C:\Program Files\Mozilla Firefox\searchplugins\Jeux.frober13458721.src moved successfully.
    File C:\Program Files\Mozilla Firefox\plugins\npclntax_ClickPotatoLiteSA.dll not found.
    Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}\ deleted successfully.
    File C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll not found.
    Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E2A7BD67-0EAF-497f-B05B-748D7BF3C421}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2A7BD67-0EAF-497f-B05B-748D7BF3C421}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}\ not found.
    File C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll not found.
    Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f78e6501-b9de-48b9-b86c-6da8542ccc4e}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f78e6501-b9de-48b9-b86c-6da8542ccc4e}\ not found.
    Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}\ deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{1BB22D38-A411-4B13-A746-C2A4F4EC7344} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}\ deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{98889811-442D-49dd-99D7-DC866BE87DBC} not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{98889811-442D-49dd-99D7-DC866BE87DBC}\ not found.
    File C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll not found.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{EEE6C35B-6118-11DC-9C72-001320C79847} not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}\ not found.
    File C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll not found.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{f78e6501-b9de-48b9-b86c-6da8542ccc4e} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f78e6501-b9de-48b9-b86c-6da8542ccc4e}\ not found.
    Registry value HKEY_USERS\S-1-5-21-3293731675-180482292-126310539-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{1BB22D38-A411-4B13-A746-C2A4F4EC7344} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}\ not found.
    Registry value HKEY_USERS\S-1-5-21-3293731675-180482292-126310539-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}\ not found.
    File C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll not found.
    Registry value HKEY_USERS\S-1-5-21-3293731675-180482292-126310539-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{F78E6501-B9DE-48B9-B86C-6DA8542CCC4E} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F78E6501-B9DE-48B9-B86C-6DA8542CCC4E}\ not found.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\eorezo deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SweetIM not found.
    File C:\Program Files\SweetIM\Messenger\SweetIM.exe not found.
    Registry value HKEY_USERS\S-1-5-21-3293731675-180482292-126310539-1000\Software\Microsoft\Windows\CurrentVersion\Run\\beuuhog deleted successfully.
    Registry value HKEY_USERS\S-1-5-21-3293731675-180482292-126310539-1000\Software\Microsoft\Windows\CurrentVersion\Run\\EA Core deleted successfully.
    Registry value HKEY_USERS\S-1-5-21-3293731675-180482292-126310539-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Facebook Update deleted successfully.
    Registry value HKEY_USERS\S-1-5-21-3293731675-180482292-126310539-1000\Software\Microsoft\Windows\CurrentVersion\Run\\OfferBox not found.
    File C:\Program Files\OfferBox\OfferBox.exe not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B58926D6-CFB0-45d2-9C28-4B5A0F0368AE}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B58926D6-CFB0-45d2-9C28-4B5A0F0368AE}\ not found.
    Registry value HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\Range1\\http deleted successfully.
    Registry value HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\Range1\\http not found.
    Registry value HKEY_USERS\S-1-5-21-3293731675-180482292-126310539-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\Range1\\http deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpFolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan.lnk\ deleted successfully.
    C:\Windows\pss\McAfee Security Scan.lnk.CommonStartup moved successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\05858935\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\Babylon Client\ deleted successfully.
    C:\Users\Mymy\Documents\~WRL0406.tmp deleted successfully.
    C:\Users\Mymy\AppData\Roaming\wzmjhy.dat moved successfully.
    C:\Users\Mymy\AppData\Roaming\wklnhst.dat moved successfully.
    C:\Users\Mymy\AppData\Roaming\rbuwzv.dat moved successfully.
    C:\Users\Mymy\AppData\Local\wnfof.bat moved successfully.
    C:\Users\Mymy\AppData\Local\nvelt.bat moved successfully.
    C:\Users\Mymy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
    C:\Users\Mymy\AppData\Roaming\Babylon folder moved successfully.
    C:\Users\Mymy\AppData\Roaming\ClickPotatoLite folder moved successfully.
    C:\Users\Mymy\AppData\Roaming\EoRezo\eoStats folder moved successfully.
    C:\Users\Mymy\AppData\Roaming\EoRezo\eoDesktop folder moved successfully.
    C:\Users\Mymy\AppData\Roaming\EoRezo\db folder moved successfully.
    C:\Users\Mymy\AppData\Roaming\EoRezo folder moved successfully.
    C:\Users\Mymy\AppData\Roaming\FissaSearch\@FissaPlugin\content folder moved successfully.
    C:\Users\Mymy\AppData\Roaming\FissaSearch\@FissaPlugin folder moved successfully.
    C:\Users\Mymy\AppData\Roaming\FissaSearch folder moved successfully.
    C:\Users\Mymy\AppData\Roaming\OfferBox folder moved successfully.
    Folder C:\Users\Mymy\AppData\Roaming\ShopperReports3\ not found.
    ADS C:\ProgramData\Temp:E32966C0 deleted successfully.
    ADS C:\ProgramData\Temp:453190EC deleted successfully.
    ADS C:\ProgramData\Temp:EA701346 deleted successfully.
    ADS C:\ProgramData\Temp:94B46CA2 deleted successfully.
    ADS C:\ProgramData\Temp:C43C957E deleted successfully.
    ADS C:\ProgramData\Temp:ED9B661E deleted successfully.
    ADS C:\ProgramData\Temp:B6D84F71 deleted successfully.
    ADS C:\ProgramData\Temp:E11EAB84 deleted successfully.
    ADS C:\ProgramData\Temp:FA8B212D deleted successfully.
    ADS C:\ProgramData\Temp:D 26DD363 deleted successfully.
    ADS C:\ProgramData\Temp:A00BCDEF deleted successfully.
    ADS C:\ProgramData\Temp:68B61847 deleted successfully.
    ADS C:\ProgramData\Temp:D 8F9D810 deleted successfully.
    ADS C:\ProgramData\Temp:B722BCE5 deleted successfully.
    ADS C:\ProgramData\Temp:2E0A3B1D deleted successfully.
    ADS C:\ProgramData\Temp:22741C1F deleted successfully.
    ADS C:\ProgramData\Temp:526B3022 deleted successfully.
    ADS C:\ProgramData\Temp:C0A2E219 deleted successfully.
    ADS C:\ProgramData\Temp:4E79C4F8 deleted successfully.
    ADS C:\ProgramData\Temp:A774141A deleted successfully.
    ADS C:\ProgramData\Temp:00811B66 deleted successfully.
    ADS C:\ProgramData\Temp:CFFC9DD0 deleted successfully.
    ADS C:\ProgramData\Temp:A2C4E5BC deleted successfully.
    ADS C:\ProgramData\Temp:91DEEE71 deleted successfully.
    ADS C:\ProgramData\Temp:0860D6D6 deleted successfully.
    ADS C:\ProgramData\Temp:03D08225 deleted successfully.
    ADS C:\ProgramData\Temp:FDCAE7B5 deleted successfully.
    ADS C:\ProgramData\Temp:762408BA deleted successfully.
    ADS C:\ProgramData\Temp:2EC5D66C deleted successfully.
    ADS C:\ProgramData\Temp:0D713C0D deleted successfully.
    ADS C:\ProgramData\Temp:9D5BB34A deleted successfully.
    ADS C:\ProgramData\Temp:561B1D2B deleted successfully.
    ADS C:\ProgramData\Temp:25005EFA deleted successfully.
    ADS C:\ProgramData\Temp:014BC3B4 deleted successfully.
    ADS C:\ProgramData\Temp:413E2927 deleted successfully.
    ADS C:\ProgramData\Temp:56C17A93 deleted successfully.
    ADS C:\ProgramData\Temp:4A448DB2 deleted successfully.
    ADS C:\ProgramData\Temp:9857FAE3 deleted successfully.
    ADS C:\ProgramData\Temp:896E1EFF deleted successfully.
    ADS C:\ProgramData\Temp:4B244549 deleted successfully.
    ADS C:\ProgramData\Temp:0EC7A545 deleted successfully.
    ADS C:\ProgramData\Temp:439E3411 deleted successfully.
    ADS C:\ProgramData\Temp:EC7C9796 deleted successfully.
    ADS C:\ProgramData\Temp:93226FE3 deleted successfully.
    ADS C:\ProgramData\Temp:BBF60A29 deleted successfully.
    ADS C:\ProgramData\Temp:5EF1AD34 deleted successfully.
    ADS C:\ProgramData\Temp:A26AFC00 deleted successfully.
    ADS C:\ProgramData\Temp:D 2A5A561 deleted successfully.
    ADS C:\ProgramData\Temp:80B291A7 deleted successfully.
    ADS C:\ProgramData\Temp:5E73E1C2 deleted successfully.
    ADS C:\ProgramData\Temp:C928F3BE deleted successfully.
    ADS C:\ProgramData\Temp:CEE4A457 deleted successfully.
    ADS C:\ProgramData\Temp:FB647F34 deleted successfully.
    ADS C:\ProgramData\Temp:F0762150 deleted successfully.
    ADS C:\ProgramData\Temp:E4FCDFD9 deleted successfully.
    ADS C:\ProgramData\Temp:6BD304B9 deleted successfully.
    ADS C:\ProgramData\Temp:55F44B88 deleted successfully.
    ADS C:\ProgramData\Temp:538B96B5 deleted successfully.
    ADS C:\ProgramData\Temp:4C49306C deleted successfully.
    ADS C:\ProgramData\Temp:385E2CFD deleted successfully.
    ADS C:\ProgramData\Temp:91486201 deleted successfully.
    ADS C:\ProgramData\Temp:3A6BC948 deleted successfully.
    ADS C:\ProgramData\Temp:6FDE1666 deleted successfully.
    ADS C:\ProgramData\Temp:554C6431 deleted successfully.
    ADS C:\ProgramData\Temp:4EF94CF3 deleted successfully.
    ========== REGISTRY ==========
    Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{261C4F00-F126-40B6-A295-DD81E4339ABB}F:\juvobx.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{41B27209-F1EA-4B43-9F55-0D62E228482B}C:\users\mymy\appdata\local\temp\bxliga.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{4FC306AE-4ABA-4729-A3A6-5F9B63AED8E9}C:\users\mymy\appdata\local\temp\obmcnf.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{5E12ECED-F0FA-4D37-9118-85B4EDBE0C67}C:\users\mymy\beuuhog.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{7C1BFD64-5381-4F72-825C-FF6538B91318}C:\users\mymy\appdata\local\temp\wincsxkem.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{AB9B442E-22D3-49B3-86BD-45C7822E80A3}C:\program files\sweetim\messenger\sweetim.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{D4A67F06-331B-4B2C-A824-B541B19C0E57}C:\users\mymy\appdata\local\temp\winihfjn.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{E8E2F4AD-2A32-4E69-8167-1ECDA8234D5C}C:\users\mymy\appdata\local\temp\jiid.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{ED811F8D-9662-4B23-B1F1-7022AAD15EC5}C:\users\mymy\appdata\local\temp\winovbbt.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{008BF23C-9FDF-4E02-A206-4A916E31DDBF}C:\program files\sweetim\messenger\sweetim.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{093F637C-E90F-4BC4-BE67-F93D3D953A50}F:\juvobx.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{117E9C87-7FAA-4C4B-A1A9-EAEE59732684}C:\users\mymy\appdata\local\temp\winihfjn.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{7D3A73EA-2421-4277-9166-ECABAB54A805}C:\users\mymy\beuuhog.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A50DB588-63F5-4ADA-B41A-2B1B46A0876A}C:\users\mymy\appdata\local\temp\jiid.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B9B1876A-D0FF-41FA-93B4-9B47B02AF76E}C:\users\mymy\appdata\local\temp\winovbbt.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D5EFDFA0-9201-4AD0-BF07-E9BCD77E2E77}C:\users\mymy\appdata\local\temp\obmcnf.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{DC9E43B5-CF82-4D67-90F2-00E306402358}C:\users\mymy\appdata\local\temp\wincsxkem.exe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{F894A2A3-8A91-4095-AEA8-91F5E53B8299}C:\users\mymy\appdata\local\temp\bxliga.exe deleted successfully.
    ========== FILES ==========
    File\Folder F:\juvobx.exe not found.
    File\Folder C:\users\mymy\beuuhog.exe not found.
    File\Folder C:\program files\sweetim not found.
    C:\Program Files\Common Files\BOONTY Shared\Service folder moved successfully.
    C:\Program Files\Common Files\BOONTY Shared folder moved successfully.
    File\Folder C:\Program Files\ShopperReports3 not found.
    File\Folder C:\Program Files\ClickPotatoLite not found.
    File\Folder C:\Users\Mymy\AppData\Roaming\OfferBox not found.
    File\Folder C:\Program Files\BabylonToolbar not found.
    File\Folder C:\Program Files\jeuxob.fr not found.
    File\Folder C:\Program Files\Fast Browser Search not found.
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: Administrator

    User: All Users

    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: Mymy
    ->Temp folder emptied: 535500413 bytes
    ->Temporary Internet Files folder emptied: 2375760581 bytes
    ->Java cache emptied: 54637689 bytes
    ->FireFox cache emptied: 58543899 bytes
    ->Google Chrome cache emptied: 32361513 bytes
    ->Flash cache emptied: 3227115 bytes

    User: Public

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 292707267 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 3 197.00 mb


    OTL by OldTimer - Version 3.2.54.0 log created on 07212012_002703

    Files\Folders moved on Reboot...

    PendingFileRenameOperations files...

    Registry entries deleted on Reboot...




    ET POUR ADWCLEANER:


    # Système d'exploitation : Windows Vista (TM) Home Basic Service Pack 2 (32 bits)
    # Nom d'utilisateur : Mymy - PC-DE-MYMY
    # Exécuté depuis : C:\Users\Mymy\Downloads\adwcleaner.exe
    # Option [Suppression]


    ***** [Services] *****


    ***** [Fichiers / Dossiers] *****

    Dossier Supprimé : C:\Users\Mymy\AppData\Local\moovida air
    Dossier Supprimé : C:\Users\Mymy\AppData\LocalLow\Conduit
    Dossier Supprimé : C:\Users\Mymy\AppData\Roaming\moovida-1
    Dossier Supprimé : C:\Users\Mymy\AppData\Roaming\widestream
    Dossier Supprimé : C:\Users\Mymy\AppData\Roaming\Mozilla\Firefox\Profiles\njk8mg4g.default\SweetIMToolbarData
    Dossier Supprimé : C:\ProgramData\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
    Dossier Supprimé : C:\ProgramData\Babylon
    Dossier Supprimé : C:\ProgramData\clickpotatolitesa
    Dossier Supprimé : C:\ProgramData\ResultBar
    Dossier Supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\clickpotato
    Dossier Supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeCompressor
    Dossier Supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Widestream6
    Dossier Supprimé : C:\Program Files\Conduit
    Dossier Supprimé : C:\Program Files\ResultBar
    Dossier Supprimé : C:\Program Files\SGPSA
    Dossier Supprimé : C:\Program Files\Widestream6
    Fichier Supprimé : C:\Users\Mymy\AppData\Roaming\Mozilla\Firefox\Profiles\njk8mg4g.default\searchplugins\SweetIm.xml
    Fichier Supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk

    ***** [Registre] *****

  • Clé Supprimée : HKLM\SOFTWARE\Classes\TBSB07183.IEToolbar
  • Clé Supprimée : HKLM\SOFTWARE\Classes\TBSB07183.IEToolbar.1
  • Clé Supprimée : HKLM\SOFTWARE\Classes\TBSB07183.TBSB07183
  • Clé Supprimée : HKLM\SOFTWARE\Classes\TBSB07183.TBSB07183.3
  • Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar.CT2545112
  • Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar3.XBTBPos00
  • Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar3.XBTBPos00.1
  • Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\TBSB07183.TBSB07183Toolbar
    Clé Supprimée : HKCU\Software\AppDataLow\Software\Conduit
    Clé Supprimée : HKCU\Software\AppDataLow\Toolbar
    Clé Supprimée : HKCU\Software\clickpotatolitesa
    Clé Supprimée : HKCU\Software\EoRezo
    Clé Supprimée : HKCU\Software\Headlight
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{6084C211-01A1-464E-97A0-09772E122B50}
    Clé Supprimée : HKCU\Software\Offerbox
    Clé Supprimée : HKCU\Software\Spointer
    Clé Supprimée : HKCU\Software\SweetIm
    Clé Supprimée : HKCU\Software\WideStream
    Clé Supprimée : HKLM\SOFTWARE\Babylon
    Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\BHO.DLL
    Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\escort.DLL
    Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\MenuButtonIE.DLL
    Clé Supprimée : HKLM\SOFTWARE\Classes\BHO.PSHelper
    Clé Supprimée : HKLM\SOFTWARE\Classes\BHO.PSHelper.1
    Clé Supprimée : HKLM\SOFTWARE\Classes\ClickPotatoLiteAx.Info
    Clé Supprimée : HKLM\SOFTWARE\Classes\ClickPotatoLiteAx.Info.1
    Clé Supprimée : HKLM\SOFTWARE\Classes\ClickPotatoLiteAX.UserProfiles
    Clé Supprimée : HKLM\SOFTWARE\Classes\ClickPotatoLiteAX.UserProfiles.1
    Clé Supprimée : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
    Clé Supprimée : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
    Clé Supprimée : HKLM\SOFTWARE\Classes\EoRezoBHO.EoBho
    Clé Supprimée : HKLM\SOFTWARE\Classes\EoRezoBHO.EoBho.1
    Clé Supprimée : HKLM\SOFTWARE\Classes\Installer\Features\EB525538DB364CE4495200ECDA84942C
    Clé Supprimée : HKLM\SOFTWARE\Classes\Installer\Products\EB525538DB364CE4495200ECDA84942C
    Clé Supprimée : HKLM\SOFTWARE\Classes\MenuButtonIE.ButtonIE
    Clé Supprimée : HKLM\SOFTWARE\Classes\MenuButtonIE.ButtonIE.1
    Clé Supprimée : HKLM\SOFTWARE\Classes\ShopperReports.Reporter
    Clé Supprimée : HKLM\SOFTWARE\Classes\ShopperReports.Reporter.1
    Clé Supprimée : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook
    Clé Supprimée : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1
    Clé Supprimée : HKLM\SOFTWARE\ClickPotatoLite
    Clé Supprimée : HKLM\SOFTWARE\Conduit
    Clé Supprimée : HKLM\SOFTWARE\EoRezo
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\ForceRenive
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6084C211-01A1-464E-97A0-09772E122B50}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{835525BE-63BD-4EC4-9425-00CEAD4849C2}
    Clé Supprimée : HKLM\SOFTWARE\Moovida
    Clé Supprimée : HKLM\SOFTWARE\SweetIM
    Clé Supprimée : HKLM\SOFTWARE\widestream
    Valeur Supprimée : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [ClickPotatoLite@ClickPotatoLite.com]

    ***** [Registre - GUID] *****

    Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{055069F3-F78B-4BD1-A277-FE66648D3300}
    Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
    Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{0D82ACD6-A652-4496-A298-2BDE705F4227}
    Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{11C27351-716B-4052-9361-E3B0A3F8221C}
    Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{7025E484-D4B0-441A-9F0B-69063BD679CE}
    Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{8258B35C-05B8-4C0E-9525-9BCCC70F8F2D}
    Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{A89256AD-EC17-4A83-BEF5-4B8BC4F39306}
    Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{1602F07D-8BF3-4C08-BDD6-DDDB1C48AEDC}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{7A3D6D17-9DD5-4C60-8076-D1784DABAF8C}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{AC6D819E-AA8F-4418-A3BB-D165C1B18BB5}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{F0626A63-410B-45E2-99A1-3F2475B2D695}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{30B15818-E110-4527-9C05-46ACE5A3460D}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{419EDA30-6DFF-432C-B534-E15D899ABEE4}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{45D59156-647B-4B06-B20E-0E297A1077BD}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{618AAD04-921F-44C2-BE38-C0818AF69861}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{9EBB289A-2D7B-465B-825F-1530B813E95A}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B5D2ED96-62F9-4C2C-956D-E425B1F67337}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{BE990A32-C2EC-4654-8FD0-26FECEA81998}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{CD5C92AE-97B0-4BC3-BA65-BA0308D543BF}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D3A412E8-1E4B-47D2-9B12-F88291F5AFBB}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
    Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{3088C799-9630-4719-A471-4544D7CABC2D}
    Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
    Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{77AA25E8-6083-4949-A831-9CB11861DC10}
    Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{814BAA91-DC22-4350-87D6-0C86E93F7F08}
    Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{C55CA95C-324B-451C-B2D2-6E895AA75FEC}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1602F07D-8BF3-4C08-BDD6-DDDB1C48AEDC}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{69725738-CD68-4F36-8D02-8C43722EE5DA}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AC6D819E-AA8F-4418-A3BB-D165C1B18BB5}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE}
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{100EB1FD-D03E-47FD-81F3-EE91287F9465}
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F0626A63-410B-45E2-99A1-3F2475B2D695}
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1602F07D-8BF3-4C08-BDD6-DDDB1C48AEDC}
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{91C18ED5-5E1C-4AE5-A148-A861DE8C8E16}
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE}
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F0626A63-410B-45E2-99A1-3F2475B2D695}

    ***** [Navigateurs] *****

    -\\ Internet Explorer v9.0.8112.16421

    [OK] Le registre ne contient aucune entrée illégitime.

    -\\ Mozilla Firefox v4.0.1 (fr)

    Nom du profil : default
    Fichier : C:\Users\Mymy\AppData\Roaming\Mozilla\Firefox\Profiles\njk8mg4g.default\prefs.js

    C:\Users\Mymy\AppData\Roaming\Mozilla\Firefox\Profiles\njk8mg4g.default\user.js ... Supprimé !

    Supprimée : user_pref("browser.startup.homepage", "hxxp://search.babylon.com/?affID=111020&tt=060612_7_&babsrc=H[...]
    Supprimée : user_pref("keyword.URL", "hxxp://search.babylon.com/?affID=111020&tt=060612_7_&babsrc=KW_ss&mntrId=b[...]
    Supprimée : user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
    Supprimée : user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
    Supprimée : user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
    Supprimée : user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
    Supprimée : user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
    Supprimée : user_pref("sweetim.toolbar.mode.debug", "false");
    Supprimée : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
    Supprimée : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
    Supprimée : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://start.jeux.fr");
    Supprimée : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engin[...]
    Supprimée : user_pref("sweetim.toolbar.search.history", "miramagia,google.fr,metro%202,metro%20anvers,HetM,go%20[...]
    Supprimée : user_pref("sweetim.toolbar.search.history.capacity", "10");
    Supprimée : user_pref("sweetim.toolbar.searchguard.enable", "true");
    Supprimée : user_pref("sweetim.toolbar.simapp_id", "{816FB880-937A-11DF-B86E-001F167A2967}");
    Supprimée : user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com");
    Supprimée : user_pref("sweetim.toolbar.version", "1.2.0.2");
    Supprimée : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");

    -\\ Google Chrome v20.0.1132.57

    Fichier : C:\Users\Mymy\AppData\Local\Google\Chrome\User Data\Default\Preferences

    [OK] Le fichier ne contient aucune entrée illégitime.

    *************************

    AdwCleaner[S1].txt - [11333 octets] - [21/07/2012 01:41:02]

    ########## EOF - C:\AdwCleaner[S1].txt - [11462 octets] ##########
    m
    0
    l
    a c 548 8 Sécurité
    21 Juillet 2012 15:36:22

    Re,

    OK.

    Comment se comporte le pc maintenant ?
    Est-ce que les clé usb et carte SD génèrent encore des plantages et ralentissements ?
    m
    0
    l
    22 Juillet 2012 15:55:42

    Non elle génére rien du tout j'ai récupérér mes photoooos et le pc semble etre un peu plus rapide .
    m
    0
    l
    a c 548 8 Sécurité
    22 Juillet 2012 23:30:01

    Re,

    Ok, on finira avec une dernière vérification, laisse les média amovibles branchés puis :

    ]Télécharge MalwareByte's Anti-Malware :
  • Installe le programme (aide ici)
  • Lance-le et met à jour la base de définition.

  • Choisi ensuite "Exécuter un examen complet" puis "Rechercher"
  • Sélectionne les disques dur et clique sur "Lancer l'examen"
  • Laisse l'analyse se faire (cela peut durer longtemps).
  • A la fin, vérifie que les éléments trouvés soient coché (dans "Résultat de l'examen).
  • Puis clique sur "Supprimer la sélection" en bas.
  • Un redémarrage peut être nécessaire.

  • Un rapport va s'afficher, enregistre-le sur ton bureau.
  • ou sinon, après le démarrage, il se trouvera dans "Rapports/logs"
    m
    0
    l
    23 Juillet 2012 01:18:08

    Ok je vais le faire merci =) je vous poste le rapport ensuite
    m
    0
    l
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS