Appel téléphonique suspect
Fermé
Colbertdesjardins
Messages postés
4
Date d'inscription
lundi 10 février 2014
Statut
Membre
Dernière intervention
11 février 2014
-
10 févr. 2014 à 22:47
Malekal_morte- Messages postés 180242 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 - 11 févr. 2014 à 12:00
Malekal_morte- Messages postés 180242 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 - 11 févr. 2014 à 12:00
A voir également:
- Appel téléphonique suspect
- Liste de numéro de téléphone suspect 07 ✓ - Forum Mobile
- Appel masqué - Guide
- Renvoi d'appel ooredoo ✓ - Forum Mobile
- Ysé reçoit un appel téléphonique de gautier ✓ - Forum Messagerie
- Indicatif téléphonique - Guide
5 réponses
Malekal_morte-
Messages postés
180242
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 587
Modifié par Malekal_morte- le 10/02/2014 à 22:49
Modifié par Malekal_morte- le 10/02/2014 à 22:49
Salut,
Les deux incidents n'ont rien à voir en commun.
Donne le rapport de scan Antivir.
Like the angel you are, you laugh creating a lightness in my chest,
Your eyes they penetrate me,
(Your answer's always 'maybe')
That's when I got up and left
Les deux incidents n'ont rien à voir en commun.
Donne le rapport de scan Antivir.
Like the angel you are, you laugh creating a lightness in my chest,
Your eyes they penetrate me,
(Your answer's always 'maybe')
That's when I got up and left
Colbertdesjardins
Messages postés
4
Date d'inscription
lundi 10 février 2014
Statut
Membre
Dernière intervention
11 février 2014
11 févr. 2014 à 08:17
11 févr. 2014 à 08:17
Voici le scan AVIRA
Avira Free Antivirus
Report file date: lundi 10 février 2014 12:15
The program is running as an unrestricted full version.
Online services are available.
Licensee : Avira Antivirus Free
Serial number : 0000149996-AVHOE-0000001
Platform : Windows 7 Home Premium
Windows version : (Service Pack 1) [6.1.7601]
Boot mode : Normally booted
Username : Système
Computer name : PORTABLE
Version information:
BUILD.DAT : 14.0.2.286 55547 Bytes 09/12/2013 11:37:00
AVSCAN.EXE : 14.0.2.254 1032760 Bytes 17/12/2013 13:20:59
AVSCANRC.DLL : 14.0.2.180 52280 Bytes 17/12/2013 13:21:00
LUKE.DLL : 14.0.2.234 65592 Bytes 17/12/2013 13:21:11
AVSCPLR.DLL : 14.0.2.254 124472 Bytes 17/12/2013 13:21:00
AVREG.DLL : 14.0.2.212 250424 Bytes 17/12/2013 13:20:59
avlode.dll : 14.0.2.254 540216 Bytes 17/12/2013 13:20:58
avlode.rdf : 13.0.1.70 56974 Bytes 31/01/2014 08:45:36
VBASE000.VDF : 7.11.70.0 66736640 Bytes 04/04/2013 18:14:16
VBASE001.VDF : 7.11.74.226 2201600 Bytes 30/04/2013 18:14:16
VBASE002.VDF : 7.11.80.60 2751488 Bytes 28/05/2013 18:14:16
VBASE003.VDF : 7.11.85.214 2162688 Bytes 21/06/2013 18:14:16
VBASE004.VDF : 7.11.91.176 3903488 Bytes 23/07/2013 18:14:16
VBASE005.VDF : 7.11.98.186 6822912 Bytes 29/08/2013 18:14:16
VBASE006.VDF : 7.11.103.230 2293248 Bytes 24/09/2013 18:14:16
VBASE007.VDF : 7.11.116.38 5485568 Bytes 28/11/2013 13:50:36
VBASE008.VDF : 7.11.126.50 3615744 Bytes 22/01/2014 17:23:37
VBASE009.VDF : 7.11.128.174 2030080 Bytes 03/02/2014 18:45:35
VBASE010.VDF : 7.11.128.175 2048 Bytes 03/02/2014 18:45:35
VBASE011.VDF : 7.11.128.176 2048 Bytes 03/02/2014 18:45:35
VBASE012.VDF : 7.11.128.177 2048 Bytes 03/02/2014 18:45:35
VBASE013.VDF : 7.11.128.178 2048 Bytes 03/02/2014 18:45:35
VBASE014.VDF : 7.11.129.9 211456 Bytes 04/02/2014 13:06:55
VBASE015.VDF : 7.11.129.163 215040 Bytes 06/02/2014 12:03:00
VBASE016.VDF : 7.11.130.21 220672 Bytes 08/02/2014 15:22:10
VBASE017.VDF : 7.11.130.99 230400 Bytes 10/02/2014 10:55:39
VBASE018.VDF : 7.11.130.100 2048 Bytes 10/02/2014 10:55:39
VBASE019.VDF : 7.11.130.101 2048 Bytes 10/02/2014 10:55:39
VBASE020.VDF : 7.11.130.102 2048 Bytes 10/02/2014 10:55:39
VBASE021.VDF : 7.11.130.103 2048 Bytes 10/02/2014 10:55:39
VBASE022.VDF : 7.11.130.104 2048 Bytes 10/02/2014 10:55:40
VBASE023.VDF : 7.11.130.105 2048 Bytes 10/02/2014 10:55:40
VBASE024.VDF : 7.11.130.106 2048 Bytes 10/02/2014 10:55:40
VBASE025.VDF : 7.11.130.107 2048 Bytes 10/02/2014 10:55:40
VBASE026.VDF : 7.11.130.108 2048 Bytes 10/02/2014 10:55:40
VBASE027.VDF : 7.11.130.109 2048 Bytes 10/02/2014 10:55:40
VBASE028.VDF : 7.11.130.110 2048 Bytes 10/02/2014 10:55:40
VBASE029.VDF : 7.11.130.111 2048 Bytes 10/02/2014 10:55:40
VBASE030.VDF : 7.11.130.112 2048 Bytes 10/02/2014 10:55:40
VBASE031.VDF : 7.11.130.114 70656 Bytes 10/02/2014 10:55:40
Engine version : 8.2.14.2
AEVDF.DLL : 8.1.3.4 102774 Bytes 10/10/2013 18:14:14
AESCRIPT.DLL : 8.1.4.186 520574 Bytes 07/02/2014 11:16:15
AESCN.DLL : 8.1.10.6 131447 Bytes 11/12/2013 19:22:12
AESBX.DLL : 8.2.20.6 1331575 Bytes 13/01/2014 15:14:44
AERDL.DLL : 8.2.0.138 704888 Bytes 02/12/2013 18:30:56
AEPACK.DLL : 8.3.3.12 774521 Bytes 23/01/2014 18:38:07
AEOFFICE.DLL : 8.1.2.76 205181 Bytes 10/10/2013 18:14:14
AEHEUR.DLL : 8.1.4.904 6455674 Bytes 07/02/2014 11:16:15
AEHELP.DLL : 8.1.27.10 266618 Bytes 22/11/2013 11:32:47
AEGEN.DLL : 8.1.7.22 446839 Bytes 15/01/2014 13:15:16
AEEXP.DLL : 8.4.1.202 434552 Bytes 07/02/2014 11:16:15
AEEMU.DLL : 8.1.3.2 393587 Bytes 10/10/2013 18:14:14
AECORE.DLL : 8.1.34.0 229753 Bytes 06/02/2014 06:03:04
AEBB.DLL : 8.1.1.4 53619 Bytes 10/10/2013 18:14:14
AVWINLL.DLL : 14.0.2.180 23608 Bytes 17/12/2013 13:20:54
AVPREF.DLL : 14.0.2.180 48696 Bytes 17/12/2013 13:20:59
AVREP.DLL : 14.0.2.180 175672 Bytes 17/12/2013 13:20:59
AVARKT.DLL : 14.0.2.254 256056 Bytes 17/12/2013 13:20:55
AVEVTLOG.DLL : 14.0.2.180 165944 Bytes 17/12/2013 13:20:57
SQLITE3.DLL : 3.7.0.1 394824 Bytes 10/10/2013 18:14:16
AVSMTP.DLL : 14.0.2.180 60472 Bytes 17/12/2013 13:21:00
NETNT.DLL : 14.0.2.180 13368 Bytes 17/12/2013 13:21:11
RCIMAGE.DLL : 14.0.2.180 4788792 Bytes 17/12/2013 13:20:54
RCTEXT.DLL : 14.0.2.236 72760 Bytes 17/12/2013 13:20:54
Configuration settings for the scan:
Jobname.............................: AVGuardAsyncScan
Configuration file..................: C:\ProgramData\Avira\AntiVir Desktop\TEMP\AVGUARD_52f64aa8\guard_slideup.avp
Reporting...........................: default
Primary action......................: Repair
Secondary action....................: Quarantine
Scan master boot sector.............: on
Scan boot sector....................: off
Process scan........................: on
Scan registry.......................: off
Search for rootkits.................: off
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Limit recursion depth...............: 20
Smart extensions....................: on
Macrovirus heuristic................: on
File heuristic......................: Complete
Deviating risk categories...........: +APPL,+GAME,+JOKE,+PCK,+SPR,
Start of the scan: lundi 10 février 2014 12:15
The scan of running processes will be started:
Scan process 'svchost.exe' - '52' Module(s) have been scanned
Scan process 'svchost.exe' - '42' Module(s) have been scanned
Scan process 'svchost.exe' - '85' Module(s) have been scanned
Scan process 'svchost.exe' - '100' Module(s) have been scanned
Scan process 'svchost.exe' - '63' Module(s) have been scanned
Scan process 'svchost.exe' - '173' Module(s) have been scanned
Scan process 'svchost.exe' - '80' Module(s) have been scanned
Scan process 'spoolsv.exe' - '94' Module(s) have been scanned
Scan process 'sched.exe' - '59' Module(s) have been scanned
Scan process 'svchost.exe' - '65' Module(s) have been scanned
Scan process 'ACService.exe' - '29' Module(s) have been scanned
Scan process 'PhotoshopElementsFileAgent.exe' - '32' Module(s) have been scanned
Scan process 'armsvc.exe' - '28' Module(s) have been scanned
Scan process 'svchost.exe' - '70' Module(s) have been scanned
Scan process 'avguard.exe' - '102' Module(s) have been scanned
Scan process 'mounter.exe' - '9' Module(s) have been scanned
Scan process 'svchost.exe' - '60' Module(s) have been scanned
Scan process 'svchost.exe' - '45' Module(s) have been scanned
Scan process 'updateWebConnect.exe' - '98' Module(s) have been scanned
Scan process 'taskhost.exe' - '91' Module(s) have been scanned
Scan process 'Dwm.exe' - '32' Module(s) have been scanned
Scan process 'Explorer.EXE' - '219' Module(s) have been scanned
Scan process 'taskeng.exe' - '30' Module(s) have been scanned
Scan process 'OrangeInstaller.exe' - '64' Module(s) have been scanned
Scan process 'GoogleCrashHandler.exe' - '34' Module(s) have been scanned
Scan process 'GoogleCrashHandler64.exe' - '29' Module(s) have been scanned
Scan process 'utilWebConnect.exe' - '104' Module(s) have been scanned
Scan process 'WLIDSVC.EXE' - '75' Module(s) have been scanned
Scan process 'WLIDSvcM.exe' - '17' Module(s) have been scanned
Scan process 'avshadow.exe' - '20' Module(s) have been scanned
Scan process 'svchost.exe' - '37' Module(s) have been scanned
Scan process 'rundll32.exe' - '28' Module(s) have been scanned
Scan process 'NPSAgent.exe' - '45' Module(s) have been scanned
Scan process 'netsession_win.exe' - '48' Module(s) have been scanned
Scan process 'Kies.exe' - '88' Module(s) have been scanned
Scan process 'KiesPDLR.exe' - '65' Module(s) have been scanned
Scan process 'ONENOTEM.EXE' - '26' Module(s) have been scanned
Scan process 'SweetIM.exe' - '72' Module(s) have been scanned
Scan process 'FbNotificationsComServer.exe' - '53' Module(s) have been scanned
Scan process 'netsession_win.exe' - '74' Module(s) have been scanned
Scan process 'ACDaemon.exe' - '82' Module(s) have been scanned
Scan process 'KiesTrayAgent.exe' - '88' Module(s) have been scanned
Scan process 'avgnt.exe' - '99' Module(s) have been scanned
Scan process 'ArcCon.ac' - '74' Module(s) have been scanned
Scan process 'SearchIndexer.exe' - '86' Module(s) have been scanned
Scan process 'wmpnetwk.exe' - '123' Module(s) have been scanned
Scan process 'OSPPSVC.EXE' - '32' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '59' Module(s) have been scanned
Scan process 'taskhost.exe' - '47' Module(s) have been scanned
Scan process 'thunderbird.exe' - '119' Module(s) have been scanned
Scan process 'SearchProtocolHost.exe' - '44' Module(s) have been scanned
Scan process 'mspaint.exe' - '40' Module(s) have been scanned
Scan process 'SearchFilterHost.exe' - '28' Module(s) have been scanned
Scan process 'avscan.exe' - '111' Module(s) have been scanned
Scan process 'avcenter.exe' - '98' Module(s) have been scanned
Scan process 'smss.exe' - '2' Module(s) have been scanned
Scan process 'csrss.exe' - '18' Module(s) have been scanned
Scan process 'wininit.exe' - '26' Module(s) have been scanned
Scan process 'csrss.exe' - '18' Module(s) have been scanned
Scan process 'services.exe' - '33' Module(s) have been scanned
Scan process 'lsass.exe' - '70' Module(s) have been scanned
Scan process 'lsm.exe' - '16' Module(s) have been scanned
Scan process 'winlogon.exe' - '32' Module(s) have been scanned
Starting the file scan:
Begin scan in 'C:\$RECYCLE.BIN\S-1-5-21-2393253360-3023427716-1750506534-1000\$R5BFKNW.exe'
C:\$RECYCLE.BIN\S-1-5-21-2393253360-3023427716-1750506534-1000\$R5BFKNW.exe
[DETECTION] Contains virus patterns of Adware ADWARE/Adware.Gen2
[NOTE] The file was moved to the quarantine directory under the name '5a99217e.qua'!
End of the scan: lundi 10 février 2014 12:16
Used time: 00:23 Minute(s)
The scan has been done completely.
0 Scanned directories
898 Files were scanned
1 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 Files were deleted
0 Viruses and unwanted programs were repaired
1 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
897 Files not concerned
4 Archives were scanned
0 Warnings
1 Notes
Avira Free Antivirus
Report file date: lundi 10 février 2014 12:15
The program is running as an unrestricted full version.
Online services are available.
Licensee : Avira Antivirus Free
Serial number : 0000149996-AVHOE-0000001
Platform : Windows 7 Home Premium
Windows version : (Service Pack 1) [6.1.7601]
Boot mode : Normally booted
Username : Système
Computer name : PORTABLE
Version information:
BUILD.DAT : 14.0.2.286 55547 Bytes 09/12/2013 11:37:00
AVSCAN.EXE : 14.0.2.254 1032760 Bytes 17/12/2013 13:20:59
AVSCANRC.DLL : 14.0.2.180 52280 Bytes 17/12/2013 13:21:00
LUKE.DLL : 14.0.2.234 65592 Bytes 17/12/2013 13:21:11
AVSCPLR.DLL : 14.0.2.254 124472 Bytes 17/12/2013 13:21:00
AVREG.DLL : 14.0.2.212 250424 Bytes 17/12/2013 13:20:59
avlode.dll : 14.0.2.254 540216 Bytes 17/12/2013 13:20:58
avlode.rdf : 13.0.1.70 56974 Bytes 31/01/2014 08:45:36
VBASE000.VDF : 7.11.70.0 66736640 Bytes 04/04/2013 18:14:16
VBASE001.VDF : 7.11.74.226 2201600 Bytes 30/04/2013 18:14:16
VBASE002.VDF : 7.11.80.60 2751488 Bytes 28/05/2013 18:14:16
VBASE003.VDF : 7.11.85.214 2162688 Bytes 21/06/2013 18:14:16
VBASE004.VDF : 7.11.91.176 3903488 Bytes 23/07/2013 18:14:16
VBASE005.VDF : 7.11.98.186 6822912 Bytes 29/08/2013 18:14:16
VBASE006.VDF : 7.11.103.230 2293248 Bytes 24/09/2013 18:14:16
VBASE007.VDF : 7.11.116.38 5485568 Bytes 28/11/2013 13:50:36
VBASE008.VDF : 7.11.126.50 3615744 Bytes 22/01/2014 17:23:37
VBASE009.VDF : 7.11.128.174 2030080 Bytes 03/02/2014 18:45:35
VBASE010.VDF : 7.11.128.175 2048 Bytes 03/02/2014 18:45:35
VBASE011.VDF : 7.11.128.176 2048 Bytes 03/02/2014 18:45:35
VBASE012.VDF : 7.11.128.177 2048 Bytes 03/02/2014 18:45:35
VBASE013.VDF : 7.11.128.178 2048 Bytes 03/02/2014 18:45:35
VBASE014.VDF : 7.11.129.9 211456 Bytes 04/02/2014 13:06:55
VBASE015.VDF : 7.11.129.163 215040 Bytes 06/02/2014 12:03:00
VBASE016.VDF : 7.11.130.21 220672 Bytes 08/02/2014 15:22:10
VBASE017.VDF : 7.11.130.99 230400 Bytes 10/02/2014 10:55:39
VBASE018.VDF : 7.11.130.100 2048 Bytes 10/02/2014 10:55:39
VBASE019.VDF : 7.11.130.101 2048 Bytes 10/02/2014 10:55:39
VBASE020.VDF : 7.11.130.102 2048 Bytes 10/02/2014 10:55:39
VBASE021.VDF : 7.11.130.103 2048 Bytes 10/02/2014 10:55:39
VBASE022.VDF : 7.11.130.104 2048 Bytes 10/02/2014 10:55:40
VBASE023.VDF : 7.11.130.105 2048 Bytes 10/02/2014 10:55:40
VBASE024.VDF : 7.11.130.106 2048 Bytes 10/02/2014 10:55:40
VBASE025.VDF : 7.11.130.107 2048 Bytes 10/02/2014 10:55:40
VBASE026.VDF : 7.11.130.108 2048 Bytes 10/02/2014 10:55:40
VBASE027.VDF : 7.11.130.109 2048 Bytes 10/02/2014 10:55:40
VBASE028.VDF : 7.11.130.110 2048 Bytes 10/02/2014 10:55:40
VBASE029.VDF : 7.11.130.111 2048 Bytes 10/02/2014 10:55:40
VBASE030.VDF : 7.11.130.112 2048 Bytes 10/02/2014 10:55:40
VBASE031.VDF : 7.11.130.114 70656 Bytes 10/02/2014 10:55:40
Engine version : 8.2.14.2
AEVDF.DLL : 8.1.3.4 102774 Bytes 10/10/2013 18:14:14
AESCRIPT.DLL : 8.1.4.186 520574 Bytes 07/02/2014 11:16:15
AESCN.DLL : 8.1.10.6 131447 Bytes 11/12/2013 19:22:12
AESBX.DLL : 8.2.20.6 1331575 Bytes 13/01/2014 15:14:44
AERDL.DLL : 8.2.0.138 704888 Bytes 02/12/2013 18:30:56
AEPACK.DLL : 8.3.3.12 774521 Bytes 23/01/2014 18:38:07
AEOFFICE.DLL : 8.1.2.76 205181 Bytes 10/10/2013 18:14:14
AEHEUR.DLL : 8.1.4.904 6455674 Bytes 07/02/2014 11:16:15
AEHELP.DLL : 8.1.27.10 266618 Bytes 22/11/2013 11:32:47
AEGEN.DLL : 8.1.7.22 446839 Bytes 15/01/2014 13:15:16
AEEXP.DLL : 8.4.1.202 434552 Bytes 07/02/2014 11:16:15
AEEMU.DLL : 8.1.3.2 393587 Bytes 10/10/2013 18:14:14
AECORE.DLL : 8.1.34.0 229753 Bytes 06/02/2014 06:03:04
AEBB.DLL : 8.1.1.4 53619 Bytes 10/10/2013 18:14:14
AVWINLL.DLL : 14.0.2.180 23608 Bytes 17/12/2013 13:20:54
AVPREF.DLL : 14.0.2.180 48696 Bytes 17/12/2013 13:20:59
AVREP.DLL : 14.0.2.180 175672 Bytes 17/12/2013 13:20:59
AVARKT.DLL : 14.0.2.254 256056 Bytes 17/12/2013 13:20:55
AVEVTLOG.DLL : 14.0.2.180 165944 Bytes 17/12/2013 13:20:57
SQLITE3.DLL : 3.7.0.1 394824 Bytes 10/10/2013 18:14:16
AVSMTP.DLL : 14.0.2.180 60472 Bytes 17/12/2013 13:21:00
NETNT.DLL : 14.0.2.180 13368 Bytes 17/12/2013 13:21:11
RCIMAGE.DLL : 14.0.2.180 4788792 Bytes 17/12/2013 13:20:54
RCTEXT.DLL : 14.0.2.236 72760 Bytes 17/12/2013 13:20:54
Configuration settings for the scan:
Jobname.............................: AVGuardAsyncScan
Configuration file..................: C:\ProgramData\Avira\AntiVir Desktop\TEMP\AVGUARD_52f64aa8\guard_slideup.avp
Reporting...........................: default
Primary action......................: Repair
Secondary action....................: Quarantine
Scan master boot sector.............: on
Scan boot sector....................: off
Process scan........................: on
Scan registry.......................: off
Search for rootkits.................: off
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Limit recursion depth...............: 20
Smart extensions....................: on
Macrovirus heuristic................: on
File heuristic......................: Complete
Deviating risk categories...........: +APPL,+GAME,+JOKE,+PCK,+SPR,
Start of the scan: lundi 10 février 2014 12:15
The scan of running processes will be started:
Scan process 'svchost.exe' - '52' Module(s) have been scanned
Scan process 'svchost.exe' - '42' Module(s) have been scanned
Scan process 'svchost.exe' - '85' Module(s) have been scanned
Scan process 'svchost.exe' - '100' Module(s) have been scanned
Scan process 'svchost.exe' - '63' Module(s) have been scanned
Scan process 'svchost.exe' - '173' Module(s) have been scanned
Scan process 'svchost.exe' - '80' Module(s) have been scanned
Scan process 'spoolsv.exe' - '94' Module(s) have been scanned
Scan process 'sched.exe' - '59' Module(s) have been scanned
Scan process 'svchost.exe' - '65' Module(s) have been scanned
Scan process 'ACService.exe' - '29' Module(s) have been scanned
Scan process 'PhotoshopElementsFileAgent.exe' - '32' Module(s) have been scanned
Scan process 'armsvc.exe' - '28' Module(s) have been scanned
Scan process 'svchost.exe' - '70' Module(s) have been scanned
Scan process 'avguard.exe' - '102' Module(s) have been scanned
Scan process 'mounter.exe' - '9' Module(s) have been scanned
Scan process 'svchost.exe' - '60' Module(s) have been scanned
Scan process 'svchost.exe' - '45' Module(s) have been scanned
Scan process 'updateWebConnect.exe' - '98' Module(s) have been scanned
Scan process 'taskhost.exe' - '91' Module(s) have been scanned
Scan process 'Dwm.exe' - '32' Module(s) have been scanned
Scan process 'Explorer.EXE' - '219' Module(s) have been scanned
Scan process 'taskeng.exe' - '30' Module(s) have been scanned
Scan process 'OrangeInstaller.exe' - '64' Module(s) have been scanned
Scan process 'GoogleCrashHandler.exe' - '34' Module(s) have been scanned
Scan process 'GoogleCrashHandler64.exe' - '29' Module(s) have been scanned
Scan process 'utilWebConnect.exe' - '104' Module(s) have been scanned
Scan process 'WLIDSVC.EXE' - '75' Module(s) have been scanned
Scan process 'WLIDSvcM.exe' - '17' Module(s) have been scanned
Scan process 'avshadow.exe' - '20' Module(s) have been scanned
Scan process 'svchost.exe' - '37' Module(s) have been scanned
Scan process 'rundll32.exe' - '28' Module(s) have been scanned
Scan process 'NPSAgent.exe' - '45' Module(s) have been scanned
Scan process 'netsession_win.exe' - '48' Module(s) have been scanned
Scan process 'Kies.exe' - '88' Module(s) have been scanned
Scan process 'KiesPDLR.exe' - '65' Module(s) have been scanned
Scan process 'ONENOTEM.EXE' - '26' Module(s) have been scanned
Scan process 'SweetIM.exe' - '72' Module(s) have been scanned
Scan process 'FbNotificationsComServer.exe' - '53' Module(s) have been scanned
Scan process 'netsession_win.exe' - '74' Module(s) have been scanned
Scan process 'ACDaemon.exe' - '82' Module(s) have been scanned
Scan process 'KiesTrayAgent.exe' - '88' Module(s) have been scanned
Scan process 'avgnt.exe' - '99' Module(s) have been scanned
Scan process 'ArcCon.ac' - '74' Module(s) have been scanned
Scan process 'SearchIndexer.exe' - '86' Module(s) have been scanned
Scan process 'wmpnetwk.exe' - '123' Module(s) have been scanned
Scan process 'OSPPSVC.EXE' - '32' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '59' Module(s) have been scanned
Scan process 'taskhost.exe' - '47' Module(s) have been scanned
Scan process 'thunderbird.exe' - '119' Module(s) have been scanned
Scan process 'SearchProtocolHost.exe' - '44' Module(s) have been scanned
Scan process 'mspaint.exe' - '40' Module(s) have been scanned
Scan process 'SearchFilterHost.exe' - '28' Module(s) have been scanned
Scan process 'avscan.exe' - '111' Module(s) have been scanned
Scan process 'avcenter.exe' - '98' Module(s) have been scanned
Scan process 'smss.exe' - '2' Module(s) have been scanned
Scan process 'csrss.exe' - '18' Module(s) have been scanned
Scan process 'wininit.exe' - '26' Module(s) have been scanned
Scan process 'csrss.exe' - '18' Module(s) have been scanned
Scan process 'services.exe' - '33' Module(s) have been scanned
Scan process 'lsass.exe' - '70' Module(s) have been scanned
Scan process 'lsm.exe' - '16' Module(s) have been scanned
Scan process 'winlogon.exe' - '32' Module(s) have been scanned
Starting the file scan:
Begin scan in 'C:\$RECYCLE.BIN\S-1-5-21-2393253360-3023427716-1750506534-1000\$R5BFKNW.exe'
C:\$RECYCLE.BIN\S-1-5-21-2393253360-3023427716-1750506534-1000\$R5BFKNW.exe
[DETECTION] Contains virus patterns of Adware ADWARE/Adware.Gen2
[NOTE] The file was moved to the quarantine directory under the name '5a99217e.qua'!
End of the scan: lundi 10 février 2014 12:16
Used time: 00:23 Minute(s)
The scan has been done completely.
0 Scanned directories
898 Files were scanned
1 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 Files were deleted
0 Viruses and unwanted programs were repaired
1 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
897 Files not concerned
4 Archives were scanned
0 Warnings
1 Notes
Merci
Cordialement
Avira Free Antivirus
Report file date: lundi 10 février 2014 12:15
The program is running as an unrestricted full version.
Online services are available.
Licensee : Avira Antivirus Free
Serial number : 0000149996-AVHOE-0000001
Platform : Windows 7 Home Premium
Windows version : (Service Pack 1) [6.1.7601]
Boot mode : Normally booted
Username : Système
Computer name : PORTABLE
Version information:
BUILD.DAT : 14.0.2.286 55547 Bytes 09/12/2013 11:37:00
AVSCAN.EXE : 14.0.2.254 1032760 Bytes 17/12/2013 13:20:59
AVSCANRC.DLL : 14.0.2.180 52280 Bytes 17/12/2013 13:21:00
LUKE.DLL : 14.0.2.234 65592 Bytes 17/12/2013 13:21:11
AVSCPLR.DLL : 14.0.2.254 124472 Bytes 17/12/2013 13:21:00
AVREG.DLL : 14.0.2.212 250424 Bytes 17/12/2013 13:20:59
avlode.dll : 14.0.2.254 540216 Bytes 17/12/2013 13:20:58
avlode.rdf : 13.0.1.70 56974 Bytes 31/01/2014 08:45:36
VBASE000.VDF : 7.11.70.0 66736640 Bytes 04/04/2013 18:14:16
VBASE001.VDF : 7.11.74.226 2201600 Bytes 30/04/2013 18:14:16
VBASE002.VDF : 7.11.80.60 2751488 Bytes 28/05/2013 18:14:16
VBASE003.VDF : 7.11.85.214 2162688 Bytes 21/06/2013 18:14:16
VBASE004.VDF : 7.11.91.176 3903488 Bytes 23/07/2013 18:14:16
VBASE005.VDF : 7.11.98.186 6822912 Bytes 29/08/2013 18:14:16
VBASE006.VDF : 7.11.103.230 2293248 Bytes 24/09/2013 18:14:16
VBASE007.VDF : 7.11.116.38 5485568 Bytes 28/11/2013 13:50:36
VBASE008.VDF : 7.11.126.50 3615744 Bytes 22/01/2014 17:23:37
VBASE009.VDF : 7.11.128.174 2030080 Bytes 03/02/2014 18:45:35
VBASE010.VDF : 7.11.128.175 2048 Bytes 03/02/2014 18:45:35
VBASE011.VDF : 7.11.128.176 2048 Bytes 03/02/2014 18:45:35
VBASE012.VDF : 7.11.128.177 2048 Bytes 03/02/2014 18:45:35
VBASE013.VDF : 7.11.128.178 2048 Bytes 03/02/2014 18:45:35
VBASE014.VDF : 7.11.129.9 211456 Bytes 04/02/2014 13:06:55
VBASE015.VDF : 7.11.129.163 215040 Bytes 06/02/2014 12:03:00
VBASE016.VDF : 7.11.130.21 220672 Bytes 08/02/2014 15:22:10
VBASE017.VDF : 7.11.130.99 230400 Bytes 10/02/2014 10:55:39
VBASE018.VDF : 7.11.130.100 2048 Bytes 10/02/2014 10:55:39
VBASE019.VDF : 7.11.130.101 2048 Bytes 10/02/2014 10:55:39
VBASE020.VDF : 7.11.130.102 2048 Bytes 10/02/2014 10:55:39
VBASE021.VDF : 7.11.130.103 2048 Bytes 10/02/2014 10:55:39
VBASE022.VDF : 7.11.130.104 2048 Bytes 10/02/2014 10:55:40
VBASE023.VDF : 7.11.130.105 2048 Bytes 10/02/2014 10:55:40
VBASE024.VDF : 7.11.130.106 2048 Bytes 10/02/2014 10:55:40
VBASE025.VDF : 7.11.130.107 2048 Bytes 10/02/2014 10:55:40
VBASE026.VDF : 7.11.130.108 2048 Bytes 10/02/2014 10:55:40
VBASE027.VDF : 7.11.130.109 2048 Bytes 10/02/2014 10:55:40
VBASE028.VDF : 7.11.130.110 2048 Bytes 10/02/2014 10:55:40
VBASE029.VDF : 7.11.130.111 2048 Bytes 10/02/2014 10:55:40
VBASE030.VDF : 7.11.130.112 2048 Bytes 10/02/2014 10:55:40
VBASE031.VDF : 7.11.130.114 70656 Bytes 10/02/2014 10:55:40
Engine version : 8.2.14.2
AEVDF.DLL : 8.1.3.4 102774 Bytes 10/10/2013 18:14:14
AESCRIPT.DLL : 8.1.4.186 520574 Bytes 07/02/2014 11:16:15
AESCN.DLL : 8.1.10.6 131447 Bytes 11/12/2013 19:22:12
AESBX.DLL : 8.2.20.6 1331575 Bytes 13/01/2014 15:14:44
AERDL.DLL : 8.2.0.138 704888 Bytes 02/12/2013 18:30:56
AEPACK.DLL : 8.3.3.12 774521 Bytes 23/01/2014 18:38:07
AEOFFICE.DLL : 8.1.2.76 205181 Bytes 10/10/2013 18:14:14
AEHEUR.DLL : 8.1.4.904 6455674 Bytes 07/02/2014 11:16:15
AEHELP.DLL : 8.1.27.10 266618 Bytes 22/11/2013 11:32:47
AEGEN.DLL : 8.1.7.22 446839 Bytes 15/01/2014 13:15:16
AEEXP.DLL : 8.4.1.202 434552 Bytes 07/02/2014 11:16:15
AEEMU.DLL : 8.1.3.2 393587 Bytes 10/10/2013 18:14:14
AECORE.DLL : 8.1.34.0 229753 Bytes 06/02/2014 06:03:04
AEBB.DLL : 8.1.1.4 53619 Bytes 10/10/2013 18:14:14
AVWINLL.DLL : 14.0.2.180 23608 Bytes 17/12/2013 13:20:54
AVPREF.DLL : 14.0.2.180 48696 Bytes 17/12/2013 13:20:59
AVREP.DLL : 14.0.2.180 175672 Bytes 17/12/2013 13:20:59
AVARKT.DLL : 14.0.2.254 256056 Bytes 17/12/2013 13:20:55
AVEVTLOG.DLL : 14.0.2.180 165944 Bytes 17/12/2013 13:20:57
SQLITE3.DLL : 3.7.0.1 394824 Bytes 10/10/2013 18:14:16
AVSMTP.DLL : 14.0.2.180 60472 Bytes 17/12/2013 13:21:00
NETNT.DLL : 14.0.2.180 13368 Bytes 17/12/2013 13:21:11
RCIMAGE.DLL : 14.0.2.180 4788792 Bytes 17/12/2013 13:20:54
RCTEXT.DLL : 14.0.2.236 72760 Bytes 17/12/2013 13:20:54
Configuration settings for the scan:
Jobname.............................: AVGuardAsyncScan
Configuration file..................: C:\ProgramData\Avira\AntiVir Desktop\TEMP\AVGUARD_52f64aa8\guard_slideup.avp
Reporting...........................: default
Primary action......................: Repair
Secondary action....................: Quarantine
Scan master boot sector.............: on
Scan boot sector....................: off
Process scan........................: on
Scan registry.......................: off
Search for rootkits.................: off
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Limit recursion depth...............: 20
Smart extensions....................: on
Macrovirus heuristic................: on
File heuristic......................: Complete
Deviating risk categories...........: +APPL,+GAME,+JOKE,+PCK,+SPR,
Start of the scan: lundi 10 février 2014 12:15
The scan of running processes will be started:
Scan process 'svchost.exe' - '52' Module(s) have been scanned
Scan process 'svchost.exe' - '42' Module(s) have been scanned
Scan process 'svchost.exe' - '85' Module(s) have been scanned
Scan process 'svchost.exe' - '100' Module(s) have been scanned
Scan process 'svchost.exe' - '63' Module(s) have been scanned
Scan process 'svchost.exe' - '173' Module(s) have been scanned
Scan process 'svchost.exe' - '80' Module(s) have been scanned
Scan process 'spoolsv.exe' - '94' Module(s) have been scanned
Scan process 'sched.exe' - '59' Module(s) have been scanned
Scan process 'svchost.exe' - '65' Module(s) have been scanned
Scan process 'ACService.exe' - '29' Module(s) have been scanned
Scan process 'PhotoshopElementsFileAgent.exe' - '32' Module(s) have been scanned
Scan process 'armsvc.exe' - '28' Module(s) have been scanned
Scan process 'svchost.exe' - '70' Module(s) have been scanned
Scan process 'avguard.exe' - '102' Module(s) have been scanned
Scan process 'mounter.exe' - '9' Module(s) have been scanned
Scan process 'svchost.exe' - '60' Module(s) have been scanned
Scan process 'svchost.exe' - '45' Module(s) have been scanned
Scan process 'updateWebConnect.exe' - '98' Module(s) have been scanned
Scan process 'taskhost.exe' - '91' Module(s) have been scanned
Scan process 'Dwm.exe' - '32' Module(s) have been scanned
Scan process 'Explorer.EXE' - '219' Module(s) have been scanned
Scan process 'taskeng.exe' - '30' Module(s) have been scanned
Scan process 'OrangeInstaller.exe' - '64' Module(s) have been scanned
Scan process 'GoogleCrashHandler.exe' - '34' Module(s) have been scanned
Scan process 'GoogleCrashHandler64.exe' - '29' Module(s) have been scanned
Scan process 'utilWebConnect.exe' - '104' Module(s) have been scanned
Scan process 'WLIDSVC.EXE' - '75' Module(s) have been scanned
Scan process 'WLIDSvcM.exe' - '17' Module(s) have been scanned
Scan process 'avshadow.exe' - '20' Module(s) have been scanned
Scan process 'svchost.exe' - '37' Module(s) have been scanned
Scan process 'rundll32.exe' - '28' Module(s) have been scanned
Scan process 'NPSAgent.exe' - '45' Module(s) have been scanned
Scan process 'netsession_win.exe' - '48' Module(s) have been scanned
Scan process 'Kies.exe' - '88' Module(s) have been scanned
Scan process 'KiesPDLR.exe' - '65' Module(s) have been scanned
Scan process 'ONENOTEM.EXE' - '26' Module(s) have been scanned
Scan process 'SweetIM.exe' - '72' Module(s) have been scanned
Scan process 'FbNotificationsComServer.exe' - '53' Module(s) have been scanned
Scan process 'netsession_win.exe' - '74' Module(s) have been scanned
Scan process 'ACDaemon.exe' - '82' Module(s) have been scanned
Scan process 'KiesTrayAgent.exe' - '88' Module(s) have been scanned
Scan process 'avgnt.exe' - '99' Module(s) have been scanned
Scan process 'ArcCon.ac' - '74' Module(s) have been scanned
Scan process 'SearchIndexer.exe' - '86' Module(s) have been scanned
Scan process 'wmpnetwk.exe' - '123' Module(s) have been scanned
Scan process 'OSPPSVC.EXE' - '32' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '59' Module(s) have been scanned
Scan process 'taskhost.exe' - '47' Module(s) have been scanned
Scan process 'thunderbird.exe' - '119' Module(s) have been scanned
Scan process 'SearchProtocolHost.exe' - '44' Module(s) have been scanned
Scan process 'mspaint.exe' - '40' Module(s) have been scanned
Scan process 'SearchFilterHost.exe' - '28' Module(s) have been scanned
Scan process 'avscan.exe' - '111' Module(s) have been scanned
Scan process 'avcenter.exe' - '98' Module(s) have been scanned
Scan process 'smss.exe' - '2' Module(s) have been scanned
Scan process 'csrss.exe' - '18' Module(s) have been scanned
Scan process 'wininit.exe' - '26' Module(s) have been scanned
Scan process 'csrss.exe' - '18' Module(s) have been scanned
Scan process 'services.exe' - '33' Module(s) have been scanned
Scan process 'lsass.exe' - '70' Module(s) have been scanned
Scan process 'lsm.exe' - '16' Module(s) have been scanned
Scan process 'winlogon.exe' - '32' Module(s) have been scanned
Starting the file scan:
Begin scan in 'C:\$RECYCLE.BIN\S-1-5-21-2393253360-3023427716-1750506534-1000\$R5BFKNW.exe'
C:\$RECYCLE.BIN\S-1-5-21-2393253360-3023427716-1750506534-1000\$R5BFKNW.exe
[DETECTION] Contains virus patterns of Adware ADWARE/Adware.Gen2
[NOTE] The file was moved to the quarantine directory under the name '5a99217e.qua'!
End of the scan: lundi 10 février 2014 12:16
Used time: 00:23 Minute(s)
The scan has been done completely.
0 Scanned directories
898 Files were scanned
1 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 Files were deleted
0 Viruses and unwanted programs were repaired
1 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
897 Files not concerned
4 Archives were scanned
0 Warnings
1 Notes
Avira Free Antivirus
Report file date: lundi 10 février 2014 12:15
The program is running as an unrestricted full version.
Online services are available.
Licensee : Avira Antivirus Free
Serial number : 0000149996-AVHOE-0000001
Platform : Windows 7 Home Premium
Windows version : (Service Pack 1) [6.1.7601]
Boot mode : Normally booted
Username : Système
Computer name : PORTABLE
Version information:
BUILD.DAT : 14.0.2.286 55547 Bytes 09/12/2013 11:37:00
AVSCAN.EXE : 14.0.2.254 1032760 Bytes 17/12/2013 13:20:59
AVSCANRC.DLL : 14.0.2.180 52280 Bytes 17/12/2013 13:21:00
LUKE.DLL : 14.0.2.234 65592 Bytes 17/12/2013 13:21:11
AVSCPLR.DLL : 14.0.2.254 124472 Bytes 17/12/2013 13:21:00
AVREG.DLL : 14.0.2.212 250424 Bytes 17/12/2013 13:20:59
avlode.dll : 14.0.2.254 540216 Bytes 17/12/2013 13:20:58
avlode.rdf : 13.0.1.70 56974 Bytes 31/01/2014 08:45:36
VBASE000.VDF : 7.11.70.0 66736640 Bytes 04/04/2013 18:14:16
VBASE001.VDF : 7.11.74.226 2201600 Bytes 30/04/2013 18:14:16
VBASE002.VDF : 7.11.80.60 2751488 Bytes 28/05/2013 18:14:16
VBASE003.VDF : 7.11.85.214 2162688 Bytes 21/06/2013 18:14:16
VBASE004.VDF : 7.11.91.176 3903488 Bytes 23/07/2013 18:14:16
VBASE005.VDF : 7.11.98.186 6822912 Bytes 29/08/2013 18:14:16
VBASE006.VDF : 7.11.103.230 2293248 Bytes 24/09/2013 18:14:16
VBASE007.VDF : 7.11.116.38 5485568 Bytes 28/11/2013 13:50:36
VBASE008.VDF : 7.11.126.50 3615744 Bytes 22/01/2014 17:23:37
VBASE009.VDF : 7.11.128.174 2030080 Bytes 03/02/2014 18:45:35
VBASE010.VDF : 7.11.128.175 2048 Bytes 03/02/2014 18:45:35
VBASE011.VDF : 7.11.128.176 2048 Bytes 03/02/2014 18:45:35
VBASE012.VDF : 7.11.128.177 2048 Bytes 03/02/2014 18:45:35
VBASE013.VDF : 7.11.128.178 2048 Bytes 03/02/2014 18:45:35
VBASE014.VDF : 7.11.129.9 211456 Bytes 04/02/2014 13:06:55
VBASE015.VDF : 7.11.129.163 215040 Bytes 06/02/2014 12:03:00
VBASE016.VDF : 7.11.130.21 220672 Bytes 08/02/2014 15:22:10
VBASE017.VDF : 7.11.130.99 230400 Bytes 10/02/2014 10:55:39
VBASE018.VDF : 7.11.130.100 2048 Bytes 10/02/2014 10:55:39
VBASE019.VDF : 7.11.130.101 2048 Bytes 10/02/2014 10:55:39
VBASE020.VDF : 7.11.130.102 2048 Bytes 10/02/2014 10:55:39
VBASE021.VDF : 7.11.130.103 2048 Bytes 10/02/2014 10:55:39
VBASE022.VDF : 7.11.130.104 2048 Bytes 10/02/2014 10:55:40
VBASE023.VDF : 7.11.130.105 2048 Bytes 10/02/2014 10:55:40
VBASE024.VDF : 7.11.130.106 2048 Bytes 10/02/2014 10:55:40
VBASE025.VDF : 7.11.130.107 2048 Bytes 10/02/2014 10:55:40
VBASE026.VDF : 7.11.130.108 2048 Bytes 10/02/2014 10:55:40
VBASE027.VDF : 7.11.130.109 2048 Bytes 10/02/2014 10:55:40
VBASE028.VDF : 7.11.130.110 2048 Bytes 10/02/2014 10:55:40
VBASE029.VDF : 7.11.130.111 2048 Bytes 10/02/2014 10:55:40
VBASE030.VDF : 7.11.130.112 2048 Bytes 10/02/2014 10:55:40
VBASE031.VDF : 7.11.130.114 70656 Bytes 10/02/2014 10:55:40
Engine version : 8.2.14.2
AEVDF.DLL : 8.1.3.4 102774 Bytes 10/10/2013 18:14:14
AESCRIPT.DLL : 8.1.4.186 520574 Bytes 07/02/2014 11:16:15
AESCN.DLL : 8.1.10.6 131447 Bytes 11/12/2013 19:22:12
AESBX.DLL : 8.2.20.6 1331575 Bytes 13/01/2014 15:14:44
AERDL.DLL : 8.2.0.138 704888 Bytes 02/12/2013 18:30:56
AEPACK.DLL : 8.3.3.12 774521 Bytes 23/01/2014 18:38:07
AEOFFICE.DLL : 8.1.2.76 205181 Bytes 10/10/2013 18:14:14
AEHEUR.DLL : 8.1.4.904 6455674 Bytes 07/02/2014 11:16:15
AEHELP.DLL : 8.1.27.10 266618 Bytes 22/11/2013 11:32:47
AEGEN.DLL : 8.1.7.22 446839 Bytes 15/01/2014 13:15:16
AEEXP.DLL : 8.4.1.202 434552 Bytes 07/02/2014 11:16:15
AEEMU.DLL : 8.1.3.2 393587 Bytes 10/10/2013 18:14:14
AECORE.DLL : 8.1.34.0 229753 Bytes 06/02/2014 06:03:04
AEBB.DLL : 8.1.1.4 53619 Bytes 10/10/2013 18:14:14
AVWINLL.DLL : 14.0.2.180 23608 Bytes 17/12/2013 13:20:54
AVPREF.DLL : 14.0.2.180 48696 Bytes 17/12/2013 13:20:59
AVREP.DLL : 14.0.2.180 175672 Bytes 17/12/2013 13:20:59
AVARKT.DLL : 14.0.2.254 256056 Bytes 17/12/2013 13:20:55
AVEVTLOG.DLL : 14.0.2.180 165944 Bytes 17/12/2013 13:20:57
SQLITE3.DLL : 3.7.0.1 394824 Bytes 10/10/2013 18:14:16
AVSMTP.DLL : 14.0.2.180 60472 Bytes 17/12/2013 13:21:00
NETNT.DLL : 14.0.2.180 13368 Bytes 17/12/2013 13:21:11
RCIMAGE.DLL : 14.0.2.180 4788792 Bytes 17/12/2013 13:20:54
RCTEXT.DLL : 14.0.2.236 72760 Bytes 17/12/2013 13:20:54
Configuration settings for the scan:
Jobname.............................: AVGuardAsyncScan
Configuration file..................: C:\ProgramData\Avira\AntiVir Desktop\TEMP\AVGUARD_52f64aa8\guard_slideup.avp
Reporting...........................: default
Primary action......................: Repair
Secondary action....................: Quarantine
Scan master boot sector.............: on
Scan boot sector....................: off
Process scan........................: on
Scan registry.......................: off
Search for rootkits.................: off
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Limit recursion depth...............: 20
Smart extensions....................: on
Macrovirus heuristic................: on
File heuristic......................: Complete
Deviating risk categories...........: +APPL,+GAME,+JOKE,+PCK,+SPR,
Start of the scan: lundi 10 février 2014 12:15
The scan of running processes will be started:
Scan process 'svchost.exe' - '52' Module(s) have been scanned
Scan process 'svchost.exe' - '42' Module(s) have been scanned
Scan process 'svchost.exe' - '85' Module(s) have been scanned
Scan process 'svchost.exe' - '100' Module(s) have been scanned
Scan process 'svchost.exe' - '63' Module(s) have been scanned
Scan process 'svchost.exe' - '173' Module(s) have been scanned
Scan process 'svchost.exe' - '80' Module(s) have been scanned
Scan process 'spoolsv.exe' - '94' Module(s) have been scanned
Scan process 'sched.exe' - '59' Module(s) have been scanned
Scan process 'svchost.exe' - '65' Module(s) have been scanned
Scan process 'ACService.exe' - '29' Module(s) have been scanned
Scan process 'PhotoshopElementsFileAgent.exe' - '32' Module(s) have been scanned
Scan process 'armsvc.exe' - '28' Module(s) have been scanned
Scan process 'svchost.exe' - '70' Module(s) have been scanned
Scan process 'avguard.exe' - '102' Module(s) have been scanned
Scan process 'mounter.exe' - '9' Module(s) have been scanned
Scan process 'svchost.exe' - '60' Module(s) have been scanned
Scan process 'svchost.exe' - '45' Module(s) have been scanned
Scan process 'updateWebConnect.exe' - '98' Module(s) have been scanned
Scan process 'taskhost.exe' - '91' Module(s) have been scanned
Scan process 'Dwm.exe' - '32' Module(s) have been scanned
Scan process 'Explorer.EXE' - '219' Module(s) have been scanned
Scan process 'taskeng.exe' - '30' Module(s) have been scanned
Scan process 'OrangeInstaller.exe' - '64' Module(s) have been scanned
Scan process 'GoogleCrashHandler.exe' - '34' Module(s) have been scanned
Scan process 'GoogleCrashHandler64.exe' - '29' Module(s) have been scanned
Scan process 'utilWebConnect.exe' - '104' Module(s) have been scanned
Scan process 'WLIDSVC.EXE' - '75' Module(s) have been scanned
Scan process 'WLIDSvcM.exe' - '17' Module(s) have been scanned
Scan process 'avshadow.exe' - '20' Module(s) have been scanned
Scan process 'svchost.exe' - '37' Module(s) have been scanned
Scan process 'rundll32.exe' - '28' Module(s) have been scanned
Scan process 'NPSAgent.exe' - '45' Module(s) have been scanned
Scan process 'netsession_win.exe' - '48' Module(s) have been scanned
Scan process 'Kies.exe' - '88' Module(s) have been scanned
Scan process 'KiesPDLR.exe' - '65' Module(s) have been scanned
Scan process 'ONENOTEM.EXE' - '26' Module(s) have been scanned
Scan process 'SweetIM.exe' - '72' Module(s) have been scanned
Scan process 'FbNotificationsComServer.exe' - '53' Module(s) have been scanned
Scan process 'netsession_win.exe' - '74' Module(s) have been scanned
Scan process 'ACDaemon.exe' - '82' Module(s) have been scanned
Scan process 'KiesTrayAgent.exe' - '88' Module(s) have been scanned
Scan process 'avgnt.exe' - '99' Module(s) have been scanned
Scan process 'ArcCon.ac' - '74' Module(s) have been scanned
Scan process 'SearchIndexer.exe' - '86' Module(s) have been scanned
Scan process 'wmpnetwk.exe' - '123' Module(s) have been scanned
Scan process 'OSPPSVC.EXE' - '32' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '59' Module(s) have been scanned
Scan process 'taskhost.exe' - '47' Module(s) have been scanned
Scan process 'thunderbird.exe' - '119' Module(s) have been scanned
Scan process 'SearchProtocolHost.exe' - '44' Module(s) have been scanned
Scan process 'mspaint.exe' - '40' Module(s) have been scanned
Scan process 'SearchFilterHost.exe' - '28' Module(s) have been scanned
Scan process 'avscan.exe' - '111' Module(s) have been scanned
Scan process 'avcenter.exe' - '98' Module(s) have been scanned
Scan process 'smss.exe' - '2' Module(s) have been scanned
Scan process 'csrss.exe' - '18' Module(s) have been scanned
Scan process 'wininit.exe' - '26' Module(s) have been scanned
Scan process 'csrss.exe' - '18' Module(s) have been scanned
Scan process 'services.exe' - '33' Module(s) have been scanned
Scan process 'lsass.exe' - '70' Module(s) have been scanned
Scan process 'lsm.exe' - '16' Module(s) have been scanned
Scan process 'winlogon.exe' - '32' Module(s) have been scanned
Starting the file scan:
Begin scan in 'C:\$RECYCLE.BIN\S-1-5-21-2393253360-3023427716-1750506534-1000\$R5BFKNW.exe'
C:\$RECYCLE.BIN\S-1-5-21-2393253360-3023427716-1750506534-1000\$R5BFKNW.exe
[DETECTION] Contains virus patterns of Adware ADWARE/Adware.Gen2
[NOTE] The file was moved to the quarantine directory under the name '5a99217e.qua'!
End of the scan: lundi 10 février 2014 12:16
Used time: 00:23 Minute(s)
The scan has been done completely.
0 Scanned directories
898 Files were scanned
1 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 Files were deleted
0 Viruses and unwanted programs were repaired
1 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
897 Files not concerned
4 Archives were scanned
0 Warnings
1 Notes
Merci
Cordialement
Malekal_morte-
Messages postés
180242
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 587
11 févr. 2014 à 09:05
11 févr. 2014 à 09:05
C'est dans la corbeille donc faut mettre en quarantaine.
Par contre, tu as installé SweetIM qui est un programme parasite.
Désinstalle le puis :
Un nettoyage AdwCleaner (environ 10/15min) :
======================================
Suis ce tutorial https://www.malekal.com/adwcleaner-supprimer-virus-adwares-pup/?t=33839&start= AdwCleaner ( d'Xplode ) sur ton bureau.
Vas sur le lien, télécharge AdwCleaner comme indiqué.
Lance AdwCleaner, clique sur [Scanner].
Le scan peux durer plusieurs minutes, patienter.
Une fois le scan terminé, clique sur [Nettoyer]
Une fois le nettoyage terminé, un rapport s'ouvrira. Copie/colle le contenu du rapport dans ta prochaine réponse par un copier/coller.
Si cela ne fonctionne pas, utilise le site http://pjjoint.malekal.com pour héberger le rapport, donne le lien du rapport dans un nouveau message.
Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt
Par contre, tu as installé SweetIM qui est un programme parasite.
Désinstalle le puis :
Un nettoyage AdwCleaner (environ 10/15min) :
======================================
Suis ce tutorial https://www.malekal.com/adwcleaner-supprimer-virus-adwares-pup/?t=33839&start= AdwCleaner ( d'Xplode ) sur ton bureau.
Vas sur le lien, télécharge AdwCleaner comme indiqué.
Lance AdwCleaner, clique sur [Scanner].
Le scan peux durer plusieurs minutes, patienter.
Une fois le scan terminé, clique sur [Nettoyer]
Une fois le nettoyage terminé, un rapport s'ouvrira. Copie/colle le contenu du rapport dans ta prochaine réponse par un copier/coller.
Si cela ne fonctionne pas, utilise le site http://pjjoint.malekal.com pour héberger le rapport, donne le lien du rapport dans un nouveau message.
Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt
Colbertdesjardins
Messages postés
4
Date d'inscription
lundi 10 février 2014
Statut
Membre
Dernière intervention
11 février 2014
11 févr. 2014 à 11:04
11 févr. 2014 à 11:04
Merci pour votre aide.
Ci-joint comme demandé le rapport de AdwCleaner
# AdwCleaner v3.018 - Rapport créé le 11/02/2014 à 10:45:13
# Mis à jour le 28/01/2014 par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : Michel - PORTABLE
# Exécuté depuis : C:\Users\Michel\Downloads\adwcleaner.exe
# Option : Nettoyer
***** [ Services ] *****
[#] Service Supprimé : bonanzadealslive
[#] Service Supprimé : bonanzadealslivem
[#] Service Supprimé : Update WebConnect
***** [ Fichiers / Dossiers ] *****
Dossier Supprimé : C:\ProgramData\Ask
Dossier Supprimé : C:\ProgramData\Babylon
Dossier Supprimé : C:\ProgramData\BonanzaDealsLive
Dossier Supprimé : C:\ProgramData\eSafe
Dossier Supprimé : C:\ProgramData\Partner
Dossier Supprimé : C:\ProgramData\SweetIM
Dossier Supprimé : C:\Program Files (x86)\BonanzaDeals
Dossier Supprimé : C:\Program Files (x86)\BonanzaDealsLive
Dossier Supprimé : C:\Program Files (x86)\ConduitEngine
Dossier Supprimé : C:\Program Files (x86)\Free Offers from Freeze.com
Dossier Supprimé : C:\Program Files (x86)\Nosibay
Dossier Supprimé : C:\Program Files (x86)\PC Speed Maximizer
Dossier Supprimé : C:\Program Files (x86)\SweetIM
Dossier Supprimé : C:\Program Files (x86)\WebConnect
Dossier Supprimé : C:\Program Files (x86)\Common Files\337
Dossier Supprimé : C:\Users\Michel\AppData\Local\BonanzaDealsLive
Dossier Supprimé : C:\Users\Michel\AppData\Local\Conduit
Dossier Supprimé : C:\Users\Michel\AppData\Local\EoRezo
Dossier Supprimé : C:\Users\Michel\AppData\Local\SwvUpdater
Dossier Supprimé : C:\Users\Michel\AppData\LocalLow\Conduit
Dossier Supprimé : C:\Users\Michel\AppData\LocalLow\ConduitEngine
Dossier Supprimé : C:\Users\Michel\AppData\LocalLow\myfreezetoolbar
Dossier Supprimé : C:\Users\Michel\AppData\Roaming\Babylon
Dossier Supprimé : C:\Users\Michel\AppData\Roaming\eIntaller
Dossier Supprimé : C:\Users\Michel\AppData\Roaming\Nosibay
Dossier Supprimé : C:\Users\Michel\AppData\Roaming\OfferBox
Dossier Supprimé : C:\Users\Michel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BonanzaDeals
Dossier Supprimé : C:\Users\Michel\Documents\PC Speed Maximizer
Dossier Supprimé : C:\Users\ALICE.PORTABLE\AppData\LocalLow\AskToolbar
Dossier Supprimé : C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Dossier Supprimé : C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\Extensions\knkakpihealnpggeceajhaonlmgdkaip
Fichier Supprimé : C:\END
Fichier Supprimé : C:\Windows\SysWOW64\conduitEngine.tmp
Fichier Supprimé : C:\Users\Michel\AppData\Local\mysearchdial.crx
Fichier Supprimé : C:\Users\ALICE.PORTABLE\AppData\Roaming\Mozilla\Firefox\Profiles\736jb2nb.default\searchplugins\ask-search.xml
Fichier Supprimé : C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage
Fichier Supprimé : C:\Windows\Tasks\AmiUpdXp.job
Fichier Supprimé : C:\Windows\System32\Tasks\AmiUpdXp
Fichier Supprimé : C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job
Fichier Supprimé : C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineCore
Fichier Supprimé : C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job
Fichier Supprimé : C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineUA
Fichier Supprimé : C:\Windows\System32\Tasks\BonanzaDealsUpdate
Fichier Supprimé : C:\Windows\System32\Tasks\Desk 365 RunAsStdUser
Fichier Supprimé : C:\Windows\System32\Tasks\Plus-HD-2.3-chromeinstaller
Fichier Supprimé : C:\Windows\System32\Tasks\QtraxPlayer
***** [ Raccourcis ] *****
Raccourci Désinfecté : C:\Users\Michel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Raccourci Désinfecté : C:\Users\Michel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Raccourci Désinfecté : C:\Users\Michel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
***** [ Registre ] *****
Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\hidjnkeodmholilgafgdlgmgggbhnigl
Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\ieadcoanfjloocmfafkebdnfefmohngj
Clé Supprimée : HKCU\Software\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Clé Supprimée : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\knkakpihealnpggeceajhaonlmgdkaip
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\BonanzaDealsLive.exe
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLive.OneClickCtrl.9
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLive.OneClickProcessLauncherMachine
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLive.OneClickProcessLauncherMachine.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLive.Update3WebControl.3
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoCreateAsync
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoCreateAsync.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoreClass
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoreClass.1
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoreMachineClass
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoreMachineClass.1
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CredentialDialogMachine
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CredentialDialogMachine.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassMachine
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassMachine.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassMachineFallback
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassMachineFallback.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassSvc
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassSvc.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.ProcessLauncher
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.ProcessLauncher.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3COMClassService
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3COMClassService.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebMachine
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebMachine.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebMachineFallback
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebMachineFallback.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebSvc
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebSvc.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\esrv.mysearchdialESrvc
Clé Supprimée : HKLM\SOFTWARE\Classes\esrv.mysearchdialESrvc.1
Clé Supprimée : HKLM\SOFTWARE\Classes\Prod.cap
Clé Supprimée : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Clé Supprimée : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\App24x7Help_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\App24x7Help_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\offerbox_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\offerbox_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\OfferBoxhxxpProxy_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\OfferBoxhxxpProxy_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\OfferBoxUpdateService_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\OfferBoxUpdateService_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasapi32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasmancs
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\sweetimsetup_rasapi32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\sweetimsetup_rasmancs
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\sweetpacksupdatemanager_rasapi32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasapi32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BonanzaDealsLive.exe
Clé Supprimée : HKLM\SOFTWARE\MozillaPlugins\@tools.bdupdater.com/BonanzaDealsLive Update;version=3
Clé Supprimée : HKLM\SOFTWARE\MozillaPlugins\@tools.bdupdater.com/BonanzaDealsLive Update;version=9
Clé Supprimée : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_logmein-free_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_logmein-free_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_zortam-mp3-media-studio_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_zortam-mp3-media-studio_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{9EA8702C-EEDB-4731-BE68-E9A167DD3597}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{D34F391D-4CB7-467F-A543-F583857C63B0}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{118E1BF6-6279-432F-A285-373A77B90C7A}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{14CEEA2F-3D21-46ED-A7D2-89056C520E5E}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{1CC8D970-F626-4F19-815F-890032BB6606}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{2316C625-B487-4410-A1A5-FF040B65245F}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{29494049-211F-4F5C-8545-7DA8BF7A6CF8}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{33BAF587-9647-4281-A34F-F4830CDC1B9F}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{5B5E5D0E-7C83-4A32-ADD2-E5F488DD6783}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{6802463D-636F-41FE-9924-4CAD56906590}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{806785D0-375F-4C2C-92E3-B8EE65D28E83}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{944661E7-67B9-4DF7-BFF2-05388C166D34}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{9EA8702C-EEDB-4731-BE68-E9A167DD3597}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{A7CF66EF-4F0D-46B1-AF71-A500378D6C34}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{B71934E5-6B93-448D-9D32-CBAA5150C5D8}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{C4BEF720-313C-420A-ACF6-77DD95D8F553}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{D34F391D-4CB7-467F-A543-F583857C63B0}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{E970727E-0508-4BEB-8B72-BBA9D0D047C7}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{EBF1F869-D2F0-4D31-A877-386C853A9C3D}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{F3CF4912-CF0A-451B-AF3B-C4F216C715E4}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{F904AC50-215C-42AB-A532-77E9FDBA9B19}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{FE063412-BEA4-4D76-8ED3-183BE6220D17}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{7C28CEF1-A4A6-4B6A-8B97-C44F1267753C}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{A36BCB13-778D-4A40-99C1-D686086D268F}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{CCA8F2AB-BE4E-41F0-A289-4D960CEA58EA}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2316C625-B487-4410-A1A5-FF040B65245F}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C26CD490-5F01-41E3-B150-EB29F19DA056}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FE063412-BEA4-4D76-8ED3-183BE6220D17}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2316C625-B487-4410-A1A5-FF040B65245F}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FE063412-BEA4-4D76-8ED3-183BE6220D17}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2316C625-B487-4410-A1A5-FF040B65245F}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FE063412-BEA4-4D76-8ED3-183BE6220D17}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{29494049-211F-4F5C-8545-7DA8BF7A6CF8}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C4BEF720-313C-420A-ACF6-77DD95D8F553}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{FE69C007-C452-4D3E-86D2-1730DF8BC871}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B6}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{29494049-211F-4F5C-8545-7DA8BF7A6CF8}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{33BAF587-9647-4281-A34F-F4830CDC1B9F}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C4BEF720-313C-420A-ACF6-77DD95D8F553}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{322522D9-84A7-4595-9BFD-DF35C67890DB}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{FE69C007-C452-4D3E-86D2-1730DF8BC871}]
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{7C28CEF1-A4A6-4B6A-8B97-C44F1267753C}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{A36BCB13-778D-4A40-99C1-D686086D268F}
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Valeur Supprimée : HKLM\SOFTWARE\Policies\Google\Chrome\ExtensionInstallForcelist [1]
Clé Supprimée : HKCU\Software\BabSolution
Clé Supprimée : HKCU\Software\BonanzaDealsLive
Clé Supprimée : HKCU\Software\Conduit
Clé Supprimée : HKCU\Software\DataMngr
Clé Supprimée : HKCU\Software\InstallCore
Clé Supprimée : HKCU\Software\mysearchdial
Clé Supprimée : HKCU\Software\mysearchdial.com
Clé Supprimée : HKCU\Software\Nosibay
Clé Supprimée : HKCU\Software\Offerbox
Clé Supprimée : HKCU\Software\Softonic
Clé Supprimée : HKCU\Software\Tutorials
Clé Supprimée : HKCU\Software\TutoTag
Clé Supprimée : HKCU\Software\WebConnect
Clé Supprimée : HKCU\Software\YahooPartnerToolbar
Clé Supprimée : HKCU\Software\AppDataLow\Software\conduitEngine
Clé Supprimée : HKCU\Software\AppDataLow\Software\Crossrider
Clé Supprimée : HKCU\Software\AppDataLow\Software\Toolbar
Clé Supprimée : HKLM\Software\Babylon
Clé Supprimée : HKLM\Software\BonanzaDealsLive
Clé Supprimée : HKLM\Software\Conduit
Clé Supprimée : HKLM\Software\conduitEngine
Clé Supprimée : HKLM\Software\DataMngr
Clé Supprimée : HKLM\Software\Desksvc
Clé Supprimée : HKLM\Software\Freeze.com
Clé Supprimée : HKLM\Software\InstallCore
Clé Supprimée : HKLM\Software\Offerbox
Clé Supprimée : HKLM\Software\qvo6Software
Clé Supprimée : HKLM\Software\SimilarSites
Clé Supprimée : HKLM\Software\Tuto4PC
Clé Supprimée : HKLM\Software\Tutorials
Clé Supprimée : HKLM\Software\WebConnect
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{FB697452-8CA4-46B4-98B1-165C922A2EF3}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Bonanza Deals
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Conduit Engine
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WebConnect
Clé Supprimée : HKLM\Software\Classes\Installer\Features\254796BF4AC84B64891B61C529A2E23F
Clé Supprimée : HKLM\Software\Classes\Installer\Products\254796BF4AC84B64891B61C529A2E23F
***** [ Navigateurs ] *****
-\\ Internet Explorer v11.0.9600.16428
-\\ Mozilla Firefox v27.0 (fr)
[ Fichier : C:\Users\Michel\AppData\Roaming\Mozilla\Firefox\Profiles\82y5qerf.default-1387446251301\prefs.js ]
[ Fichier : C:\Users\ALICE.PORTABLE\AppData\Roaming\Mozilla\Firefox\Profiles\736jb2nb.default\prefs.js ]
Ligne Supprimée : user_pref("extensions.asktb.ff-original-keyword-url", "");
-\\ Google Chrome v
[ Fichier : C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Supprimée : search_url
Supprimée : urls_to_restore_on_startup
Supprimée : homepage
*************************
AdwCleaner[R0].txt - [21813 octets] - [11/02/2014 10:43:46]
AdwCleaner[S0].txt - [20337 octets] - [11/02/2014 10:45:13]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [20398 octets] ##########
Ci-joint comme demandé le rapport de AdwCleaner
# AdwCleaner v3.018 - Rapport créé le 11/02/2014 à 10:45:13
# Mis à jour le 28/01/2014 par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : Michel - PORTABLE
# Exécuté depuis : C:\Users\Michel\Downloads\adwcleaner.exe
# Option : Nettoyer
***** [ Services ] *****
[#] Service Supprimé : bonanzadealslive
[#] Service Supprimé : bonanzadealslivem
[#] Service Supprimé : Update WebConnect
***** [ Fichiers / Dossiers ] *****
Dossier Supprimé : C:\ProgramData\Ask
Dossier Supprimé : C:\ProgramData\Babylon
Dossier Supprimé : C:\ProgramData\BonanzaDealsLive
Dossier Supprimé : C:\ProgramData\eSafe
Dossier Supprimé : C:\ProgramData\Partner
Dossier Supprimé : C:\ProgramData\SweetIM
Dossier Supprimé : C:\Program Files (x86)\BonanzaDeals
Dossier Supprimé : C:\Program Files (x86)\BonanzaDealsLive
Dossier Supprimé : C:\Program Files (x86)\ConduitEngine
Dossier Supprimé : C:\Program Files (x86)\Free Offers from Freeze.com
Dossier Supprimé : C:\Program Files (x86)\Nosibay
Dossier Supprimé : C:\Program Files (x86)\PC Speed Maximizer
Dossier Supprimé : C:\Program Files (x86)\SweetIM
Dossier Supprimé : C:\Program Files (x86)\WebConnect
Dossier Supprimé : C:\Program Files (x86)\Common Files\337
Dossier Supprimé : C:\Users\Michel\AppData\Local\BonanzaDealsLive
Dossier Supprimé : C:\Users\Michel\AppData\Local\Conduit
Dossier Supprimé : C:\Users\Michel\AppData\Local\EoRezo
Dossier Supprimé : C:\Users\Michel\AppData\Local\SwvUpdater
Dossier Supprimé : C:\Users\Michel\AppData\LocalLow\Conduit
Dossier Supprimé : C:\Users\Michel\AppData\LocalLow\ConduitEngine
Dossier Supprimé : C:\Users\Michel\AppData\LocalLow\myfreezetoolbar
Dossier Supprimé : C:\Users\Michel\AppData\Roaming\Babylon
Dossier Supprimé : C:\Users\Michel\AppData\Roaming\eIntaller
Dossier Supprimé : C:\Users\Michel\AppData\Roaming\Nosibay
Dossier Supprimé : C:\Users\Michel\AppData\Roaming\OfferBox
Dossier Supprimé : C:\Users\Michel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BonanzaDeals
Dossier Supprimé : C:\Users\Michel\Documents\PC Speed Maximizer
Dossier Supprimé : C:\Users\ALICE.PORTABLE\AppData\LocalLow\AskToolbar
Dossier Supprimé : C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Dossier Supprimé : C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\Extensions\knkakpihealnpggeceajhaonlmgdkaip
Fichier Supprimé : C:\END
Fichier Supprimé : C:\Windows\SysWOW64\conduitEngine.tmp
Fichier Supprimé : C:\Users\Michel\AppData\Local\mysearchdial.crx
Fichier Supprimé : C:\Users\ALICE.PORTABLE\AppData\Roaming\Mozilla\Firefox\Profiles\736jb2nb.default\searchplugins\ask-search.xml
Fichier Supprimé : C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage
Fichier Supprimé : C:\Windows\Tasks\AmiUpdXp.job
Fichier Supprimé : C:\Windows\System32\Tasks\AmiUpdXp
Fichier Supprimé : C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job
Fichier Supprimé : C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineCore
Fichier Supprimé : C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job
Fichier Supprimé : C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineUA
Fichier Supprimé : C:\Windows\System32\Tasks\BonanzaDealsUpdate
Fichier Supprimé : C:\Windows\System32\Tasks\Desk 365 RunAsStdUser
Fichier Supprimé : C:\Windows\System32\Tasks\Plus-HD-2.3-chromeinstaller
Fichier Supprimé : C:\Windows\System32\Tasks\QtraxPlayer
***** [ Raccourcis ] *****
Raccourci Désinfecté : C:\Users\Michel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Raccourci Désinfecté : C:\Users\Michel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Raccourci Désinfecté : C:\Users\Michel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
***** [ Registre ] *****
Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\hidjnkeodmholilgafgdlgmgggbhnigl
Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\ieadcoanfjloocmfafkebdnfefmohngj
Clé Supprimée : HKCU\Software\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Clé Supprimée : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\knkakpihealnpggeceajhaonlmgdkaip
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\BonanzaDealsLive.exe
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLive.OneClickCtrl.9
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLive.OneClickProcessLauncherMachine
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLive.OneClickProcessLauncherMachine.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLive.Update3WebControl.3
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoCreateAsync
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoCreateAsync.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoreClass
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoreClass.1
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoreMachineClass
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoreMachineClass.1
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CredentialDialogMachine
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CredentialDialogMachine.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassMachine
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassMachine.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassMachineFallback
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassMachineFallback.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassSvc
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassSvc.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.ProcessLauncher
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.ProcessLauncher.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3COMClassService
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3COMClassService.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebMachine
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebMachine.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebMachineFallback
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebMachineFallback.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebSvc
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebSvc.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\esrv.mysearchdialESrvc
Clé Supprimée : HKLM\SOFTWARE\Classes\esrv.mysearchdialESrvc.1
Clé Supprimée : HKLM\SOFTWARE\Classes\Prod.cap
Clé Supprimée : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Clé Supprimée : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\App24x7Help_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\App24x7Help_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\offerbox_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\offerbox_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\OfferBoxhxxpProxy_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\OfferBoxhxxpProxy_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\OfferBoxUpdateService_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\OfferBoxUpdateService_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasapi32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasmancs
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\sweetimsetup_rasapi32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\sweetimsetup_rasmancs
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\sweetpacksupdatemanager_rasapi32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasapi32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BonanzaDealsLive.exe
Clé Supprimée : HKLM\SOFTWARE\MozillaPlugins\@tools.bdupdater.com/BonanzaDealsLive Update;version=3
Clé Supprimée : HKLM\SOFTWARE\MozillaPlugins\@tools.bdupdater.com/BonanzaDealsLive Update;version=9
Clé Supprimée : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_logmein-free_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_logmein-free_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_zortam-mp3-media-studio_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_zortam-mp3-media-studio_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{9EA8702C-EEDB-4731-BE68-E9A167DD3597}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{D34F391D-4CB7-467F-A543-F583857C63B0}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{118E1BF6-6279-432F-A285-373A77B90C7A}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{14CEEA2F-3D21-46ED-A7D2-89056C520E5E}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{1CC8D970-F626-4F19-815F-890032BB6606}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{2316C625-B487-4410-A1A5-FF040B65245F}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{29494049-211F-4F5C-8545-7DA8BF7A6CF8}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{33BAF587-9647-4281-A34F-F4830CDC1B9F}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{5B5E5D0E-7C83-4A32-ADD2-E5F488DD6783}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{6802463D-636F-41FE-9924-4CAD56906590}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{806785D0-375F-4C2C-92E3-B8EE65D28E83}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{944661E7-67B9-4DF7-BFF2-05388C166D34}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{9EA8702C-EEDB-4731-BE68-E9A167DD3597}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{A7CF66EF-4F0D-46B1-AF71-A500378D6C34}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{B71934E5-6B93-448D-9D32-CBAA5150C5D8}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{C4BEF720-313C-420A-ACF6-77DD95D8F553}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{D34F391D-4CB7-467F-A543-F583857C63B0}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{E970727E-0508-4BEB-8B72-BBA9D0D047C7}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{EBF1F869-D2F0-4D31-A877-386C853A9C3D}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{F3CF4912-CF0A-451B-AF3B-C4F216C715E4}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{F904AC50-215C-42AB-A532-77E9FDBA9B19}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{FE063412-BEA4-4D76-8ED3-183BE6220D17}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{7C28CEF1-A4A6-4B6A-8B97-C44F1267753C}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{A36BCB13-778D-4A40-99C1-D686086D268F}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{CCA8F2AB-BE4E-41F0-A289-4D960CEA58EA}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2316C625-B487-4410-A1A5-FF040B65245F}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C26CD490-5F01-41E3-B150-EB29F19DA056}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FE063412-BEA4-4D76-8ED3-183BE6220D17}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2316C625-B487-4410-A1A5-FF040B65245F}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FE063412-BEA4-4D76-8ED3-183BE6220D17}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2316C625-B487-4410-A1A5-FF040B65245F}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FE063412-BEA4-4D76-8ED3-183BE6220D17}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{29494049-211F-4F5C-8545-7DA8BF7A6CF8}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C4BEF720-313C-420A-ACF6-77DD95D8F553}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{FE69C007-C452-4D3E-86D2-1730DF8BC871}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B6}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{29494049-211F-4F5C-8545-7DA8BF7A6CF8}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{33BAF587-9647-4281-A34F-F4830CDC1B9F}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C4BEF720-313C-420A-ACF6-77DD95D8F553}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{322522D9-84A7-4595-9BFD-DF35C67890DB}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{FE69C007-C452-4D3E-86D2-1730DF8BC871}]
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{7C28CEF1-A4A6-4B6A-8B97-C44F1267753C}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{A36BCB13-778D-4A40-99C1-D686086D268F}
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Valeur Supprimée : HKLM\SOFTWARE\Policies\Google\Chrome\ExtensionInstallForcelist [1]
Clé Supprimée : HKCU\Software\BabSolution
Clé Supprimée : HKCU\Software\BonanzaDealsLive
Clé Supprimée : HKCU\Software\Conduit
Clé Supprimée : HKCU\Software\DataMngr
Clé Supprimée : HKCU\Software\InstallCore
Clé Supprimée : HKCU\Software\mysearchdial
Clé Supprimée : HKCU\Software\mysearchdial.com
Clé Supprimée : HKCU\Software\Nosibay
Clé Supprimée : HKCU\Software\Offerbox
Clé Supprimée : HKCU\Software\Softonic
Clé Supprimée : HKCU\Software\Tutorials
Clé Supprimée : HKCU\Software\TutoTag
Clé Supprimée : HKCU\Software\WebConnect
Clé Supprimée : HKCU\Software\YahooPartnerToolbar
Clé Supprimée : HKCU\Software\AppDataLow\Software\conduitEngine
Clé Supprimée : HKCU\Software\AppDataLow\Software\Crossrider
Clé Supprimée : HKCU\Software\AppDataLow\Software\Toolbar
Clé Supprimée : HKLM\Software\Babylon
Clé Supprimée : HKLM\Software\BonanzaDealsLive
Clé Supprimée : HKLM\Software\Conduit
Clé Supprimée : HKLM\Software\conduitEngine
Clé Supprimée : HKLM\Software\DataMngr
Clé Supprimée : HKLM\Software\Desksvc
Clé Supprimée : HKLM\Software\Freeze.com
Clé Supprimée : HKLM\Software\InstallCore
Clé Supprimée : HKLM\Software\Offerbox
Clé Supprimée : HKLM\Software\qvo6Software
Clé Supprimée : HKLM\Software\SimilarSites
Clé Supprimée : HKLM\Software\Tuto4PC
Clé Supprimée : HKLM\Software\Tutorials
Clé Supprimée : HKLM\Software\WebConnect
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{FB697452-8CA4-46B4-98B1-165C922A2EF3}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Bonanza Deals
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Conduit Engine
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WebConnect
Clé Supprimée : HKLM\Software\Classes\Installer\Features\254796BF4AC84B64891B61C529A2E23F
Clé Supprimée : HKLM\Software\Classes\Installer\Products\254796BF4AC84B64891B61C529A2E23F
***** [ Navigateurs ] *****
-\\ Internet Explorer v11.0.9600.16428
-\\ Mozilla Firefox v27.0 (fr)
[ Fichier : C:\Users\Michel\AppData\Roaming\Mozilla\Firefox\Profiles\82y5qerf.default-1387446251301\prefs.js ]
[ Fichier : C:\Users\ALICE.PORTABLE\AppData\Roaming\Mozilla\Firefox\Profiles\736jb2nb.default\prefs.js ]
Ligne Supprimée : user_pref("extensions.asktb.ff-original-keyword-url", "");
-\\ Google Chrome v
[ Fichier : C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Supprimée : search_url
Supprimée : urls_to_restore_on_startup
Supprimée : homepage
*************************
AdwCleaner[R0].txt - [21813 octets] - [11/02/2014 10:43:46]
AdwCleaner[S0].txt - [20337 octets] - [11/02/2014 10:45:13]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [20398 octets] ##########
Colbertdesjardins
Messages postés
4
Date d'inscription
lundi 10 février 2014
Statut
Membre
Dernière intervention
11 février 2014
11 févr. 2014 à 11:11
11 févr. 2014 à 11:11
Mon antivirus AVIRA a réagi lorsque j'ai téléchargé Adwcleaner
Virus or unwanted program 'ADWARE/Adware.Gen2 [adware]'
detected in file 'C:\AdwCleaner\Quarantine\C\Users\Michel\AppData\Roaming\eIntaller\03907A738D7948a9959E752002AE9CAC\eXQ.exe.vir.
Action performed: Transfer to Scanner
Qu'est-ce que cela signifie ?
Virus or unwanted program 'ADWARE/Adware.Gen2 [adware]'
detected in file 'C:\AdwCleaner\Quarantine\C\Users\Michel\AppData\Roaming\eIntaller\03907A738D7948a9959E752002AE9CAC\eXQ.exe.vir.
Action performed: Transfer to Scanner
Qu'est-ce que cela signifie ?
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Malekal_morte-
Messages postés
180242
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 587
11 févr. 2014 à 12:00
11 févr. 2014 à 12:00
il se réveille un peu tard Antivir.
Faire un Scan OTL - Temps : Environ 40min
=============================================
OTL permet de diagnostiquer les programmes qui tournent et déceler des infections - Le programme va générer deux rapports OTL.txt et Extras.txt
Fournir les deux rapports :
Tu peux suivre les indications de cette page pour t'aider : https://www.malekal.com/tutorial-otl/
* Télécharge http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/ sur ton bureau.
(Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)
Dans le cas d'Avast!, ne pas lancer le programme dans la Sandbox (voir lien d'aide ci-dessus).
* Lance OTL
* En haut à droite de Analyse rapide, coche "tous les utilisateurs"
* Clique sur le bouton Analyse.
**** Si durant le scan - OTL ne répond pas, ne touche à rien et laisse le scan se poursuivre ****
* Quand le scan est fini, utilise le site http://pjjoint.malekal.com/ pour envoyer le rapport OTL.txt (et Extra.txt si présent).
Donne le ou les liens pjjoint qui pointent vers ces rapports ici dans une réponse.
Je répète : donne le lien du rapport pjjoint ici en réponse.
NE PAS COPIER/COLLER LE RAPPORT ICI - DONNER LE LIEN PJJOINT DANS UN NOUVEAU MESSAGE
Faire un Scan OTL - Temps : Environ 40min
=============================================
OTL permet de diagnostiquer les programmes qui tournent et déceler des infections - Le programme va générer deux rapports OTL.txt et Extras.txt
Fournir les deux rapports :
Tu peux suivre les indications de cette page pour t'aider : https://www.malekal.com/tutorial-otl/
* Télécharge http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/ sur ton bureau.
(Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)
Dans le cas d'Avast!, ne pas lancer le programme dans la Sandbox (voir lien d'aide ci-dessus).
* Lance OTL
* En haut à droite de Analyse rapide, coche "tous les utilisateurs"
* Clique sur le bouton Analyse.
**** Si durant le scan - OTL ne répond pas, ne touche à rien et laisse le scan se poursuivre ****
* Quand le scan est fini, utilise le site http://pjjoint.malekal.com/ pour envoyer le rapport OTL.txt (et Extra.txt si présent).
Donne le ou les liens pjjoint qui pointent vers ces rapports ici dans une réponse.
Je répète : donne le lien du rapport pjjoint ici en réponse.
NE PAS COPIER/COLLER LE RAPPORT ICI - DONNER LE LIEN PJJOINT DANS UN NOUVEAU MESSAGE