Appel téléphonique suspect

Colbertdesjardins Messages postés 4 Date d'inscription   Statut Membre Dernière intervention   -  
Malekal_morte- Messages postés 180304 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   -
Bonjour,

J'ai reçu ce matin un appel en anglais de personne se prétendant de Microsoft et me signalant que mon ordinateur est en danger et me demandant de ne pas m'en servir. Je n'ai pas voulu en entendre davantage, car je pense qu'un tel message est frauduleux. Peu de temps après ce coup de fil, j'avais une alerte de mon antivirus Avira adware.gen2 qui a été mis en quarantaine. Mes questions : confirmlez-vous que cet appael est frauduleux ? Comment ces personnes ont-elles eu accès à mon numéro de téléphone ? Qu'attendaient-elles de ce coup de fil ? Quelles vérifications faire sur mon ordinateur ?
Merci pour vos conseils avisés



5 réponses

Réponse 1 / 5
Malekal_morte- Messages postés 180304 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   24 685
 
Salut,

Les deux incidents n'ont rien à voir en commun.
Donne le rapport de scan Antivir.

Like the angel you are, you laugh creating a lightness in my chest,
Your eyes they penetrate me,
(Your answer's always 'maybe')
That's when I got up and left
0
Réponse 2 / 5
Colbertdesjardins Messages postés 4 Date d'inscription   Statut Membre Dernière intervention  
 
Voici le scan AVIRA



Avira Free Antivirus
Report file date: lundi 10 février 2014 12:15


The program is running as an unrestricted full version.
Online services are available.

Licensee : Avira Antivirus Free
Serial number : 0000149996-AVHOE-0000001
Platform : Windows 7 Home Premium
Windows version : (Service Pack 1) [6.1.7601]
Boot mode : Normally booted
Username : Système
Computer name : PORTABLE

Version information:
BUILD.DAT : 14.0.2.286 55547 Bytes 09/12/2013 11:37:00
AVSCAN.EXE : 14.0.2.254 1032760 Bytes 17/12/2013 13:20:59
AVSCANRC.DLL : 14.0.2.180 52280 Bytes 17/12/2013 13:21:00
LUKE.DLL : 14.0.2.234 65592 Bytes 17/12/2013 13:21:11
AVSCPLR.DLL : 14.0.2.254 124472 Bytes 17/12/2013 13:21:00
AVREG.DLL : 14.0.2.212 250424 Bytes 17/12/2013 13:20:59
avlode.dll : 14.0.2.254 540216 Bytes 17/12/2013 13:20:58
avlode.rdf : 13.0.1.70 56974 Bytes 31/01/2014 08:45:36
VBASE000.VDF : 7.11.70.0 66736640 Bytes 04/04/2013 18:14:16
VBASE001.VDF : 7.11.74.226 2201600 Bytes 30/04/2013 18:14:16
VBASE002.VDF : 7.11.80.60 2751488 Bytes 28/05/2013 18:14:16
VBASE003.VDF : 7.11.85.214 2162688 Bytes 21/06/2013 18:14:16
VBASE004.VDF : 7.11.91.176 3903488 Bytes 23/07/2013 18:14:16
VBASE005.VDF : 7.11.98.186 6822912 Bytes 29/08/2013 18:14:16
VBASE006.VDF : 7.11.103.230 2293248 Bytes 24/09/2013 18:14:16
VBASE007.VDF : 7.11.116.38 5485568 Bytes 28/11/2013 13:50:36
VBASE008.VDF : 7.11.126.50 3615744 Bytes 22/01/2014 17:23:37
VBASE009.VDF : 7.11.128.174 2030080 Bytes 03/02/2014 18:45:35
VBASE010.VDF : 7.11.128.175 2048 Bytes 03/02/2014 18:45:35
VBASE011.VDF : 7.11.128.176 2048 Bytes 03/02/2014 18:45:35
VBASE012.VDF : 7.11.128.177 2048 Bytes 03/02/2014 18:45:35
VBASE013.VDF : 7.11.128.178 2048 Bytes 03/02/2014 18:45:35
VBASE014.VDF : 7.11.129.9 211456 Bytes 04/02/2014 13:06:55
VBASE015.VDF : 7.11.129.163 215040 Bytes 06/02/2014 12:03:00
VBASE016.VDF : 7.11.130.21 220672 Bytes 08/02/2014 15:22:10
VBASE017.VDF : 7.11.130.99 230400 Bytes 10/02/2014 10:55:39
VBASE018.VDF : 7.11.130.100 2048 Bytes 10/02/2014 10:55:39
VBASE019.VDF : 7.11.130.101 2048 Bytes 10/02/2014 10:55:39
VBASE020.VDF : 7.11.130.102 2048 Bytes 10/02/2014 10:55:39
VBASE021.VDF : 7.11.130.103 2048 Bytes 10/02/2014 10:55:39
VBASE022.VDF : 7.11.130.104 2048 Bytes 10/02/2014 10:55:40
VBASE023.VDF : 7.11.130.105 2048 Bytes 10/02/2014 10:55:40
VBASE024.VDF : 7.11.130.106 2048 Bytes 10/02/2014 10:55:40
VBASE025.VDF : 7.11.130.107 2048 Bytes 10/02/2014 10:55:40
VBASE026.VDF : 7.11.130.108 2048 Bytes 10/02/2014 10:55:40
VBASE027.VDF : 7.11.130.109 2048 Bytes 10/02/2014 10:55:40
VBASE028.VDF : 7.11.130.110 2048 Bytes 10/02/2014 10:55:40
VBASE029.VDF : 7.11.130.111 2048 Bytes 10/02/2014 10:55:40
VBASE030.VDF : 7.11.130.112 2048 Bytes 10/02/2014 10:55:40
VBASE031.VDF : 7.11.130.114 70656 Bytes 10/02/2014 10:55:40
Engine version : 8.2.14.2
AEVDF.DLL : 8.1.3.4 102774 Bytes 10/10/2013 18:14:14
AESCRIPT.DLL : 8.1.4.186 520574 Bytes 07/02/2014 11:16:15
AESCN.DLL : 8.1.10.6 131447 Bytes 11/12/2013 19:22:12
AESBX.DLL : 8.2.20.6 1331575 Bytes 13/01/2014 15:14:44
AERDL.DLL : 8.2.0.138 704888 Bytes 02/12/2013 18:30:56
AEPACK.DLL : 8.3.3.12 774521 Bytes 23/01/2014 18:38:07
AEOFFICE.DLL : 8.1.2.76 205181 Bytes 10/10/2013 18:14:14
AEHEUR.DLL : 8.1.4.904 6455674 Bytes 07/02/2014 11:16:15
AEHELP.DLL : 8.1.27.10 266618 Bytes 22/11/2013 11:32:47
AEGEN.DLL : 8.1.7.22 446839 Bytes 15/01/2014 13:15:16
AEEXP.DLL : 8.4.1.202 434552 Bytes 07/02/2014 11:16:15
AEEMU.DLL : 8.1.3.2 393587 Bytes 10/10/2013 18:14:14
AECORE.DLL : 8.1.34.0 229753 Bytes 06/02/2014 06:03:04
AEBB.DLL : 8.1.1.4 53619 Bytes 10/10/2013 18:14:14
AVWINLL.DLL : 14.0.2.180 23608 Bytes 17/12/2013 13:20:54
AVPREF.DLL : 14.0.2.180 48696 Bytes 17/12/2013 13:20:59
AVREP.DLL : 14.0.2.180 175672 Bytes 17/12/2013 13:20:59
AVARKT.DLL : 14.0.2.254 256056 Bytes 17/12/2013 13:20:55
AVEVTLOG.DLL : 14.0.2.180 165944 Bytes 17/12/2013 13:20:57
SQLITE3.DLL : 3.7.0.1 394824 Bytes 10/10/2013 18:14:16
AVSMTP.DLL : 14.0.2.180 60472 Bytes 17/12/2013 13:21:00
NETNT.DLL : 14.0.2.180 13368 Bytes 17/12/2013 13:21:11
RCIMAGE.DLL : 14.0.2.180 4788792 Bytes 17/12/2013 13:20:54
RCTEXT.DLL : 14.0.2.236 72760 Bytes 17/12/2013 13:20:54

Configuration settings for the scan:
Jobname.............................: AVGuardAsyncScan
Configuration file..................: C:\ProgramData\Avira\AntiVir Desktop\TEMP\AVGUARD_52f64aa8\guard_slideup.avp
Reporting...........................: default
Primary action......................: Repair
Secondary action....................: Quarantine
Scan master boot sector.............: on
Scan boot sector....................: off
Process scan........................: on
Scan registry.......................: off
Search for rootkits.................: off
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Limit recursion depth...............: 20
Smart extensions....................: on
Macrovirus heuristic................: on
File heuristic......................: Complete
Deviating risk categories...........: +APPL,+GAME,+JOKE,+PCK,+SPR,

Start of the scan: lundi 10 février 2014 12:15

The scan of running processes will be started:
Scan process 'svchost.exe' - '52' Module(s) have been scanned
Scan process 'svchost.exe' - '42' Module(s) have been scanned
Scan process 'svchost.exe' - '85' Module(s) have been scanned
Scan process 'svchost.exe' - '100' Module(s) have been scanned
Scan process 'svchost.exe' - '63' Module(s) have been scanned
Scan process 'svchost.exe' - '173' Module(s) have been scanned
Scan process 'svchost.exe' - '80' Module(s) have been scanned
Scan process 'spoolsv.exe' - '94' Module(s) have been scanned
Scan process 'sched.exe' - '59' Module(s) have been scanned
Scan process 'svchost.exe' - '65' Module(s) have been scanned
Scan process 'ACService.exe' - '29' Module(s) have been scanned
Scan process 'PhotoshopElementsFileAgent.exe' - '32' Module(s) have been scanned
Scan process 'armsvc.exe' - '28' Module(s) have been scanned
Scan process 'svchost.exe' - '70' Module(s) have been scanned
Scan process 'avguard.exe' - '102' Module(s) have been scanned
Scan process 'mounter.exe' - '9' Module(s) have been scanned
Scan process 'svchost.exe' - '60' Module(s) have been scanned
Scan process 'svchost.exe' - '45' Module(s) have been scanned
Scan process 'updateWebConnect.exe' - '98' Module(s) have been scanned
Scan process 'taskhost.exe' - '91' Module(s) have been scanned
Scan process 'Dwm.exe' - '32' Module(s) have been scanned
Scan process 'Explorer.EXE' - '219' Module(s) have been scanned
Scan process 'taskeng.exe' - '30' Module(s) have been scanned
Scan process 'OrangeInstaller.exe' - '64' Module(s) have been scanned
Scan process 'GoogleCrashHandler.exe' - '34' Module(s) have been scanned
Scan process 'GoogleCrashHandler64.exe' - '29' Module(s) have been scanned
Scan process 'utilWebConnect.exe' - '104' Module(s) have been scanned
Scan process 'WLIDSVC.EXE' - '75' Module(s) have been scanned
Scan process 'WLIDSvcM.exe' - '17' Module(s) have been scanned
Scan process 'avshadow.exe' - '20' Module(s) have been scanned
Scan process 'svchost.exe' - '37' Module(s) have been scanned
Scan process 'rundll32.exe' - '28' Module(s) have been scanned
Scan process 'NPSAgent.exe' - '45' Module(s) have been scanned
Scan process 'netsession_win.exe' - '48' Module(s) have been scanned
Scan process 'Kies.exe' - '88' Module(s) have been scanned
Scan process 'KiesPDLR.exe' - '65' Module(s) have been scanned
Scan process 'ONENOTEM.EXE' - '26' Module(s) have been scanned
Scan process 'SweetIM.exe' - '72' Module(s) have been scanned
Scan process 'FbNotificationsComServer.exe' - '53' Module(s) have been scanned
Scan process 'netsession_win.exe' - '74' Module(s) have been scanned
Scan process 'ACDaemon.exe' - '82' Module(s) have been scanned
Scan process 'KiesTrayAgent.exe' - '88' Module(s) have been scanned
Scan process 'avgnt.exe' - '99' Module(s) have been scanned
Scan process 'ArcCon.ac' - '74' Module(s) have been scanned
Scan process 'SearchIndexer.exe' - '86' Module(s) have been scanned
Scan process 'wmpnetwk.exe' - '123' Module(s) have been scanned
Scan process 'OSPPSVC.EXE' - '32' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '59' Module(s) have been scanned
Scan process 'taskhost.exe' - '47' Module(s) have been scanned
Scan process 'thunderbird.exe' - '119' Module(s) have been scanned
Scan process 'SearchProtocolHost.exe' - '44' Module(s) have been scanned
Scan process 'mspaint.exe' - '40' Module(s) have been scanned
Scan process 'SearchFilterHost.exe' - '28' Module(s) have been scanned
Scan process 'avscan.exe' - '111' Module(s) have been scanned
Scan process 'avcenter.exe' - '98' Module(s) have been scanned
Scan process 'smss.exe' - '2' Module(s) have been scanned
Scan process 'csrss.exe' - '18' Module(s) have been scanned
Scan process 'wininit.exe' - '26' Module(s) have been scanned
Scan process 'csrss.exe' - '18' Module(s) have been scanned
Scan process 'services.exe' - '33' Module(s) have been scanned
Scan process 'lsass.exe' - '70' Module(s) have been scanned
Scan process 'lsm.exe' - '16' Module(s) have been scanned
Scan process 'winlogon.exe' - '32' Module(s) have been scanned

Starting the file scan:

Begin scan in 'C:\$RECYCLE.BIN\S-1-5-21-2393253360-3023427716-1750506534-1000\$R5BFKNW.exe'
C:\$RECYCLE.BIN\S-1-5-21-2393253360-3023427716-1750506534-1000\$R5BFKNW.exe
[DETECTION] Contains virus patterns of Adware ADWARE/Adware.Gen2
[NOTE] The file was moved to the quarantine directory under the name '5a99217e.qua'!


End of the scan: lundi 10 février 2014 12:16
Used time: 00:23 Minute(s)

The scan has been done completely.

0 Scanned directories
898 Files were scanned
1 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 Files were deleted
0 Viruses and unwanted programs were repaired
1 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
897 Files not concerned
4 Archives were scanned
0 Warnings
1 Notes



Avira Free Antivirus
Report file date: lundi 10 février 2014 12:15


The program is running as an unrestricted full version.
Online services are available.

Licensee : Avira Antivirus Free
Serial number : 0000149996-AVHOE-0000001
Platform : Windows 7 Home Premium
Windows version : (Service Pack 1) [6.1.7601]
Boot mode : Normally booted
Username : Système
Computer name : PORTABLE

Version information:
BUILD.DAT : 14.0.2.286 55547 Bytes 09/12/2013 11:37:00
AVSCAN.EXE : 14.0.2.254 1032760 Bytes 17/12/2013 13:20:59
AVSCANRC.DLL : 14.0.2.180 52280 Bytes 17/12/2013 13:21:00
LUKE.DLL : 14.0.2.234 65592 Bytes 17/12/2013 13:21:11
AVSCPLR.DLL : 14.0.2.254 124472 Bytes 17/12/2013 13:21:00
AVREG.DLL : 14.0.2.212 250424 Bytes 17/12/2013 13:20:59
avlode.dll : 14.0.2.254 540216 Bytes 17/12/2013 13:20:58
avlode.rdf : 13.0.1.70 56974 Bytes 31/01/2014 08:45:36
VBASE000.VDF : 7.11.70.0 66736640 Bytes 04/04/2013 18:14:16
VBASE001.VDF : 7.11.74.226 2201600 Bytes 30/04/2013 18:14:16
VBASE002.VDF : 7.11.80.60 2751488 Bytes 28/05/2013 18:14:16
VBASE003.VDF : 7.11.85.214 2162688 Bytes 21/06/2013 18:14:16
VBASE004.VDF : 7.11.91.176 3903488 Bytes 23/07/2013 18:14:16
VBASE005.VDF : 7.11.98.186 6822912 Bytes 29/08/2013 18:14:16
VBASE006.VDF : 7.11.103.230 2293248 Bytes 24/09/2013 18:14:16
VBASE007.VDF : 7.11.116.38 5485568 Bytes 28/11/2013 13:50:36
VBASE008.VDF : 7.11.126.50 3615744 Bytes 22/01/2014 17:23:37
VBASE009.VDF : 7.11.128.174 2030080 Bytes 03/02/2014 18:45:35
VBASE010.VDF : 7.11.128.175 2048 Bytes 03/02/2014 18:45:35
VBASE011.VDF : 7.11.128.176 2048 Bytes 03/02/2014 18:45:35
VBASE012.VDF : 7.11.128.177 2048 Bytes 03/02/2014 18:45:35
VBASE013.VDF : 7.11.128.178 2048 Bytes 03/02/2014 18:45:35
VBASE014.VDF : 7.11.129.9 211456 Bytes 04/02/2014 13:06:55
VBASE015.VDF : 7.11.129.163 215040 Bytes 06/02/2014 12:03:00
VBASE016.VDF : 7.11.130.21 220672 Bytes 08/02/2014 15:22:10
VBASE017.VDF : 7.11.130.99 230400 Bytes 10/02/2014 10:55:39
VBASE018.VDF : 7.11.130.100 2048 Bytes 10/02/2014 10:55:39
VBASE019.VDF : 7.11.130.101 2048 Bytes 10/02/2014 10:55:39
VBASE020.VDF : 7.11.130.102 2048 Bytes 10/02/2014 10:55:39
VBASE021.VDF : 7.11.130.103 2048 Bytes 10/02/2014 10:55:39
VBASE022.VDF : 7.11.130.104 2048 Bytes 10/02/2014 10:55:40
VBASE023.VDF : 7.11.130.105 2048 Bytes 10/02/2014 10:55:40
VBASE024.VDF : 7.11.130.106 2048 Bytes 10/02/2014 10:55:40
VBASE025.VDF : 7.11.130.107 2048 Bytes 10/02/2014 10:55:40
VBASE026.VDF : 7.11.130.108 2048 Bytes 10/02/2014 10:55:40
VBASE027.VDF : 7.11.130.109 2048 Bytes 10/02/2014 10:55:40
VBASE028.VDF : 7.11.130.110 2048 Bytes 10/02/2014 10:55:40
VBASE029.VDF : 7.11.130.111 2048 Bytes 10/02/2014 10:55:40
VBASE030.VDF : 7.11.130.112 2048 Bytes 10/02/2014 10:55:40
VBASE031.VDF : 7.11.130.114 70656 Bytes 10/02/2014 10:55:40
Engine version : 8.2.14.2
AEVDF.DLL : 8.1.3.4 102774 Bytes 10/10/2013 18:14:14
AESCRIPT.DLL : 8.1.4.186 520574 Bytes 07/02/2014 11:16:15
AESCN.DLL : 8.1.10.6 131447 Bytes 11/12/2013 19:22:12
AESBX.DLL : 8.2.20.6 1331575 Bytes 13/01/2014 15:14:44
AERDL.DLL : 8.2.0.138 704888 Bytes 02/12/2013 18:30:56
AEPACK.DLL : 8.3.3.12 774521 Bytes 23/01/2014 18:38:07
AEOFFICE.DLL : 8.1.2.76 205181 Bytes 10/10/2013 18:14:14
AEHEUR.DLL : 8.1.4.904 6455674 Bytes 07/02/2014 11:16:15
AEHELP.DLL : 8.1.27.10 266618 Bytes 22/11/2013 11:32:47
AEGEN.DLL : 8.1.7.22 446839 Bytes 15/01/2014 13:15:16
AEEXP.DLL : 8.4.1.202 434552 Bytes 07/02/2014 11:16:15
AEEMU.DLL : 8.1.3.2 393587 Bytes 10/10/2013 18:14:14
AECORE.DLL : 8.1.34.0 229753 Bytes 06/02/2014 06:03:04
AEBB.DLL : 8.1.1.4 53619 Bytes 10/10/2013 18:14:14
AVWINLL.DLL : 14.0.2.180 23608 Bytes 17/12/2013 13:20:54
AVPREF.DLL : 14.0.2.180 48696 Bytes 17/12/2013 13:20:59
AVREP.DLL : 14.0.2.180 175672 Bytes 17/12/2013 13:20:59
AVARKT.DLL : 14.0.2.254 256056 Bytes 17/12/2013 13:20:55
AVEVTLOG.DLL : 14.0.2.180 165944 Bytes 17/12/2013 13:20:57
SQLITE3.DLL : 3.7.0.1 394824 Bytes 10/10/2013 18:14:16
AVSMTP.DLL : 14.0.2.180 60472 Bytes 17/12/2013 13:21:00
NETNT.DLL : 14.0.2.180 13368 Bytes 17/12/2013 13:21:11
RCIMAGE.DLL : 14.0.2.180 4788792 Bytes 17/12/2013 13:20:54
RCTEXT.DLL : 14.0.2.236 72760 Bytes 17/12/2013 13:20:54

Configuration settings for the scan:
Jobname.............................: AVGuardAsyncScan
Configuration file..................: C:\ProgramData\Avira\AntiVir Desktop\TEMP\AVGUARD_52f64aa8\guard_slideup.avp
Reporting...........................: default
Primary action......................: Repair
Secondary action....................: Quarantine
Scan master boot sector.............: on
Scan boot sector....................: off
Process scan........................: on
Scan registry.......................: off
Search for rootkits.................: off
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Limit recursion depth...............: 20
Smart extensions....................: on
Macrovirus heuristic................: on
File heuristic......................: Complete
Deviating risk categories...........: +APPL,+GAME,+JOKE,+PCK,+SPR,

Start of the scan: lundi 10 février 2014 12:15

The scan of running processes will be started:
Scan process 'svchost.exe' - '52' Module(s) have been scanned
Scan process 'svchost.exe' - '42' Module(s) have been scanned
Scan process 'svchost.exe' - '85' Module(s) have been scanned
Scan process 'svchost.exe' - '100' Module(s) have been scanned
Scan process 'svchost.exe' - '63' Module(s) have been scanned
Scan process 'svchost.exe' - '173' Module(s) have been scanned
Scan process 'svchost.exe' - '80' Module(s) have been scanned
Scan process 'spoolsv.exe' - '94' Module(s) have been scanned
Scan process 'sched.exe' - '59' Module(s) have been scanned
Scan process 'svchost.exe' - '65' Module(s) have been scanned
Scan process 'ACService.exe' - '29' Module(s) have been scanned
Scan process 'PhotoshopElementsFileAgent.exe' - '32' Module(s) have been scanned
Scan process 'armsvc.exe' - '28' Module(s) have been scanned
Scan process 'svchost.exe' - '70' Module(s) have been scanned
Scan process 'avguard.exe' - '102' Module(s) have been scanned
Scan process 'mounter.exe' - '9' Module(s) have been scanned
Scan process 'svchost.exe' - '60' Module(s) have been scanned
Scan process 'svchost.exe' - '45' Module(s) have been scanned
Scan process 'updateWebConnect.exe' - '98' Module(s) have been scanned
Scan process 'taskhost.exe' - '91' Module(s) have been scanned
Scan process 'Dwm.exe' - '32' Module(s) have been scanned
Scan process 'Explorer.EXE' - '219' Module(s) have been scanned
Scan process 'taskeng.exe' - '30' Module(s) have been scanned
Scan process 'OrangeInstaller.exe' - '64' Module(s) have been scanned
Scan process 'GoogleCrashHandler.exe' - '34' Module(s) have been scanned
Scan process 'GoogleCrashHandler64.exe' - '29' Module(s) have been scanned
Scan process 'utilWebConnect.exe' - '104' Module(s) have been scanned
Scan process 'WLIDSVC.EXE' - '75' Module(s) have been scanned
Scan process 'WLIDSvcM.exe' - '17' Module(s) have been scanned
Scan process 'avshadow.exe' - '20' Module(s) have been scanned
Scan process 'svchost.exe' - '37' Module(s) have been scanned
Scan process 'rundll32.exe' - '28' Module(s) have been scanned
Scan process 'NPSAgent.exe' - '45' Module(s) have been scanned
Scan process 'netsession_win.exe' - '48' Module(s) have been scanned
Scan process 'Kies.exe' - '88' Module(s) have been scanned
Scan process 'KiesPDLR.exe' - '65' Module(s) have been scanned
Scan process 'ONENOTEM.EXE' - '26' Module(s) have been scanned
Scan process 'SweetIM.exe' - '72' Module(s) have been scanned
Scan process 'FbNotificationsComServer.exe' - '53' Module(s) have been scanned
Scan process 'netsession_win.exe' - '74' Module(s) have been scanned
Scan process 'ACDaemon.exe' - '82' Module(s) have been scanned
Scan process 'KiesTrayAgent.exe' - '88' Module(s) have been scanned
Scan process 'avgnt.exe' - '99' Module(s) have been scanned
Scan process 'ArcCon.ac' - '74' Module(s) have been scanned
Scan process 'SearchIndexer.exe' - '86' Module(s) have been scanned
Scan process 'wmpnetwk.exe' - '123' Module(s) have been scanned
Scan process 'OSPPSVC.EXE' - '32' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '59' Module(s) have been scanned
Scan process 'taskhost.exe' - '47' Module(s) have been scanned
Scan process 'thunderbird.exe' - '119' Module(s) have been scanned
Scan process 'SearchProtocolHost.exe' - '44' Module(s) have been scanned
Scan process 'mspaint.exe' - '40' Module(s) have been scanned
Scan process 'SearchFilterHost.exe' - '28' Module(s) have been scanned
Scan process 'avscan.exe' - '111' Module(s) have been scanned
Scan process 'avcenter.exe' - '98' Module(s) have been scanned
Scan process 'smss.exe' - '2' Module(s) have been scanned
Scan process 'csrss.exe' - '18' Module(s) have been scanned
Scan process 'wininit.exe' - '26' Module(s) have been scanned
Scan process 'csrss.exe' - '18' Module(s) have been scanned
Scan process 'services.exe' - '33' Module(s) have been scanned
Scan process 'lsass.exe' - '70' Module(s) have been scanned
Scan process 'lsm.exe' - '16' Module(s) have been scanned
Scan process 'winlogon.exe' - '32' Module(s) have been scanned

Starting the file scan:

Begin scan in 'C:\$RECYCLE.BIN\S-1-5-21-2393253360-3023427716-1750506534-1000\$R5BFKNW.exe'
C:\$RECYCLE.BIN\S-1-5-21-2393253360-3023427716-1750506534-1000\$R5BFKNW.exe
[DETECTION] Contains virus patterns of Adware ADWARE/Adware.Gen2
[NOTE] The file was moved to the quarantine directory under the name '5a99217e.qua'!


End of the scan: lundi 10 février 2014 12:16
Used time: 00:23 Minute(s)

The scan has been done completely.

0 Scanned directories
898 Files were scanned
1 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 Files were deleted
0 Viruses and unwanted programs were repaired
1 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
897 Files not concerned
4 Archives were scanned
0 Warnings
1 Notes

Merci
Cordialement
0
Réponse 3 / 5
Malekal_morte- Messages postés 180304 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   24 685
 
C'est dans la corbeille donc faut mettre en quarantaine.

Par contre, tu as installé SweetIM qui est un programme parasite.
Désinstalle le puis :


Un nettoyage AdwCleaner (environ 10/15min) :
======================================
Suis ce tutorial https://www.malekal.com/adwcleaner-supprimer-virus-adwares-pup/?t=33839&start= AdwCleaner ( d'Xplode ) sur ton bureau.
Vas sur le lien, télécharge AdwCleaner comme indiqué.
Lance AdwCleaner, clique sur [Scanner].
Le scan peux durer plusieurs minutes, patienter.
Une fois le scan terminé, clique sur [Nettoyer]

Une fois le nettoyage terminé, un rapport s'ouvrira. Copie/colle le contenu du rapport dans ta prochaine réponse par un copier/coller.
Si cela ne fonctionne pas, utilise le site http://pjjoint.malekal.com pour héberger le rapport, donne le lien du rapport dans un nouveau message.

Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt
0
Réponse 4 / 5
Colbertdesjardins Messages postés 4 Date d'inscription   Statut Membre Dernière intervention  
 
Merci pour votre aide.
Ci-joint comme demandé le rapport de AdwCleaner
# AdwCleaner v3.018 - Rapport créé le 11/02/2014 à 10:45:13
# Mis à jour le 28/01/2014 par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : Michel - PORTABLE
# Exécuté depuis : C:\Users\Michel\Downloads\adwcleaner.exe
# Option : Nettoyer

***** [ Services ] *****

[#] Service Supprimé : bonanzadealslive
[#] Service Supprimé : bonanzadealslivem
[#] Service Supprimé : Update WebConnect

***** [ Fichiers / Dossiers ] *****

Dossier Supprimé : C:\ProgramData\Ask
Dossier Supprimé : C:\ProgramData\Babylon
Dossier Supprimé : C:\ProgramData\BonanzaDealsLive
Dossier Supprimé : C:\ProgramData\eSafe
Dossier Supprimé : C:\ProgramData\Partner
Dossier Supprimé : C:\ProgramData\SweetIM
Dossier Supprimé : C:\Program Files (x86)\BonanzaDeals
Dossier Supprimé : C:\Program Files (x86)\BonanzaDealsLive
Dossier Supprimé : C:\Program Files (x86)\ConduitEngine
Dossier Supprimé : C:\Program Files (x86)\Free Offers from Freeze.com
Dossier Supprimé : C:\Program Files (x86)\Nosibay
Dossier Supprimé : C:\Program Files (x86)\PC Speed Maximizer
Dossier Supprimé : C:\Program Files (x86)\SweetIM
Dossier Supprimé : C:\Program Files (x86)\WebConnect
Dossier Supprimé : C:\Program Files (x86)\Common Files\337
Dossier Supprimé : C:\Users\Michel\AppData\Local\BonanzaDealsLive
Dossier Supprimé : C:\Users\Michel\AppData\Local\Conduit
Dossier Supprimé : C:\Users\Michel\AppData\Local\EoRezo
Dossier Supprimé : C:\Users\Michel\AppData\Local\SwvUpdater
Dossier Supprimé : C:\Users\Michel\AppData\LocalLow\Conduit
Dossier Supprimé : C:\Users\Michel\AppData\LocalLow\ConduitEngine
Dossier Supprimé : C:\Users\Michel\AppData\LocalLow\myfreezetoolbar
Dossier Supprimé : C:\Users\Michel\AppData\Roaming\Babylon
Dossier Supprimé : C:\Users\Michel\AppData\Roaming\eIntaller
Dossier Supprimé : C:\Users\Michel\AppData\Roaming\Nosibay
Dossier Supprimé : C:\Users\Michel\AppData\Roaming\OfferBox
Dossier Supprimé : C:\Users\Michel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BonanzaDeals
Dossier Supprimé : C:\Users\Michel\Documents\PC Speed Maximizer
Dossier Supprimé : C:\Users\ALICE.PORTABLE\AppData\LocalLow\AskToolbar
Dossier Supprimé : C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Dossier Supprimé : C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\Extensions\knkakpihealnpggeceajhaonlmgdkaip
Fichier Supprimé : C:\END
Fichier Supprimé : C:\Windows\SysWOW64\conduitEngine.tmp
Fichier Supprimé : C:\Users\Michel\AppData\Local\mysearchdial.crx
Fichier Supprimé : C:\Users\ALICE.PORTABLE\AppData\Roaming\Mozilla\Firefox\Profiles\736jb2nb.default\searchplugins\ask-search.xml
Fichier Supprimé : C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage
Fichier Supprimé : C:\Windows\Tasks\AmiUpdXp.job
Fichier Supprimé : C:\Windows\System32\Tasks\AmiUpdXp
Fichier Supprimé : C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job
Fichier Supprimé : C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineCore
Fichier Supprimé : C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job
Fichier Supprimé : C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineUA
Fichier Supprimé : C:\Windows\System32\Tasks\BonanzaDealsUpdate
Fichier Supprimé : C:\Windows\System32\Tasks\Desk 365 RunAsStdUser
Fichier Supprimé : C:\Windows\System32\Tasks\Plus-HD-2.3-chromeinstaller
Fichier Supprimé : C:\Windows\System32\Tasks\QtraxPlayer

***** [ Raccourcis ] *****

Raccourci Désinfecté : C:\Users\Michel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Raccourci Désinfecté : C:\Users\Michel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Raccourci Désinfecté : C:\Users\Michel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

***** [ Registre ] *****

Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\hidjnkeodmholilgafgdlgmgggbhnigl
Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\ieadcoanfjloocmfafkebdnfefmohngj
Clé Supprimée : HKCU\Software\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Clé Supprimée : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\knkakpihealnpggeceajhaonlmgdkaip
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\BonanzaDealsLive.exe
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLive.OneClickCtrl.9
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLive.OneClickProcessLauncherMachine
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLive.OneClickProcessLauncherMachine.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLive.Update3WebControl.3
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoCreateAsync
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoCreateAsync.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoreClass
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoreClass.1
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoreMachineClass
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoreMachineClass.1
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CredentialDialogMachine
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CredentialDialogMachine.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassMachine
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassMachine.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassMachineFallback
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassMachineFallback.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassSvc
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassSvc.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.ProcessLauncher
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.ProcessLauncher.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3COMClassService
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3COMClassService.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebMachine
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebMachine.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebMachineFallback
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebMachineFallback.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebSvc
Clé Supprimée : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebSvc.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\esrv.mysearchdialESrvc
Clé Supprimée : HKLM\SOFTWARE\Classes\esrv.mysearchdialESrvc.1
Clé Supprimée : HKLM\SOFTWARE\Classes\Prod.cap
Clé Supprimée : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Clé Supprimée : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\App24x7Help_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\App24x7Help_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\offerbox_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\offerbox_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\OfferBoxhxxpProxy_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\OfferBoxhxxpProxy_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\OfferBoxUpdateService_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\OfferBoxUpdateService_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasapi32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasmancs
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\sweetimsetup_rasapi32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\sweetimsetup_rasmancs
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\sweetpacksupdatemanager_rasapi32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasapi32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BonanzaDealsLive.exe
Clé Supprimée : HKLM\SOFTWARE\MozillaPlugins\@tools.bdupdater.com/BonanzaDealsLive Update;version=3
Clé Supprimée : HKLM\SOFTWARE\MozillaPlugins\@tools.bdupdater.com/BonanzaDealsLive Update;version=9
Clé Supprimée : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_logmein-free_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_logmein-free_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_zortam-mp3-media-studio_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_zortam-mp3-media-studio_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{9EA8702C-EEDB-4731-BE68-E9A167DD3597}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{D34F391D-4CB7-467F-A543-F583857C63B0}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{118E1BF6-6279-432F-A285-373A77B90C7A}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{14CEEA2F-3D21-46ED-A7D2-89056C520E5E}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{1CC8D970-F626-4F19-815F-890032BB6606}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{2316C625-B487-4410-A1A5-FF040B65245F}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{29494049-211F-4F5C-8545-7DA8BF7A6CF8}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{33BAF587-9647-4281-A34F-F4830CDC1B9F}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{5B5E5D0E-7C83-4A32-ADD2-E5F488DD6783}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{6802463D-636F-41FE-9924-4CAD56906590}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{806785D0-375F-4C2C-92E3-B8EE65D28E83}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{944661E7-67B9-4DF7-BFF2-05388C166D34}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{9EA8702C-EEDB-4731-BE68-E9A167DD3597}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{A7CF66EF-4F0D-46B1-AF71-A500378D6C34}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{B71934E5-6B93-448D-9D32-CBAA5150C5D8}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{C4BEF720-313C-420A-ACF6-77DD95D8F553}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{D34F391D-4CB7-467F-A543-F583857C63B0}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{E970727E-0508-4BEB-8B72-BBA9D0D047C7}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{EBF1F869-D2F0-4D31-A877-386C853A9C3D}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{F3CF4912-CF0A-451B-AF3B-C4F216C715E4}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{F904AC50-215C-42AB-A532-77E9FDBA9B19}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{FE063412-BEA4-4D76-8ED3-183BE6220D17}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{7C28CEF1-A4A6-4B6A-8B97-C44F1267753C}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{A36BCB13-778D-4A40-99C1-D686086D268F}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{CCA8F2AB-BE4E-41F0-A289-4D960CEA58EA}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2316C625-B487-4410-A1A5-FF040B65245F}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C26CD490-5F01-41E3-B150-EB29F19DA056}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FE063412-BEA4-4D76-8ED3-183BE6220D17}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2316C625-B487-4410-A1A5-FF040B65245F}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FE063412-BEA4-4D76-8ED3-183BE6220D17}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2316C625-B487-4410-A1A5-FF040B65245F}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FE063412-BEA4-4D76-8ED3-183BE6220D17}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{29494049-211F-4F5C-8545-7DA8BF7A6CF8}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C4BEF720-313C-420A-ACF6-77DD95D8F553}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{FE69C007-C452-4D3E-86D2-1730DF8BC871}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B6}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{29494049-211F-4F5C-8545-7DA8BF7A6CF8}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{33BAF587-9647-4281-A34F-F4830CDC1B9F}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C4BEF720-313C-420A-ACF6-77DD95D8F553}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{322522D9-84A7-4595-9BFD-DF35C67890DB}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{FE69C007-C452-4D3E-86D2-1730DF8BC871}]
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{7C28CEF1-A4A6-4B6A-8B97-C44F1267753C}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{A36BCB13-778D-4A40-99C1-D686086D268F}
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Valeur Supprimée : HKLM\SOFTWARE\Policies\Google\Chrome\ExtensionInstallForcelist [1]
Clé Supprimée : HKCU\Software\BabSolution
Clé Supprimée : HKCU\Software\BonanzaDealsLive
Clé Supprimée : HKCU\Software\Conduit
Clé Supprimée : HKCU\Software\DataMngr
Clé Supprimée : HKCU\Software\InstallCore
Clé Supprimée : HKCU\Software\mysearchdial
Clé Supprimée : HKCU\Software\mysearchdial.com
Clé Supprimée : HKCU\Software\Nosibay
Clé Supprimée : HKCU\Software\Offerbox
Clé Supprimée : HKCU\Software\Softonic
Clé Supprimée : HKCU\Software\Tutorials
Clé Supprimée : HKCU\Software\TutoTag
Clé Supprimée : HKCU\Software\WebConnect
Clé Supprimée : HKCU\Software\YahooPartnerToolbar
Clé Supprimée : HKCU\Software\AppDataLow\Software\conduitEngine
Clé Supprimée : HKCU\Software\AppDataLow\Software\Crossrider
Clé Supprimée : HKCU\Software\AppDataLow\Software\Toolbar
Clé Supprimée : HKLM\Software\Babylon
Clé Supprimée : HKLM\Software\BonanzaDealsLive
Clé Supprimée : HKLM\Software\Conduit
Clé Supprimée : HKLM\Software\conduitEngine
Clé Supprimée : HKLM\Software\DataMngr
Clé Supprimée : HKLM\Software\Desksvc
Clé Supprimée : HKLM\Software\Freeze.com
Clé Supprimée : HKLM\Software\InstallCore
Clé Supprimée : HKLM\Software\Offerbox
Clé Supprimée : HKLM\Software\qvo6Software
Clé Supprimée : HKLM\Software\SimilarSites
Clé Supprimée : HKLM\Software\Tuto4PC
Clé Supprimée : HKLM\Software\Tutorials
Clé Supprimée : HKLM\Software\WebConnect
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{FB697452-8CA4-46B4-98B1-165C922A2EF3}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Bonanza Deals
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Conduit Engine
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WebConnect
Clé Supprimée : HKLM\Software\Classes\Installer\Features\254796BF4AC84B64891B61C529A2E23F
Clé Supprimée : HKLM\Software\Classes\Installer\Products\254796BF4AC84B64891B61C529A2E23F

***** [ Navigateurs ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v27.0 (fr)

[ Fichier : C:\Users\Michel\AppData\Roaming\Mozilla\Firefox\Profiles\82y5qerf.default-1387446251301\prefs.js ]


[ Fichier : C:\Users\ALICE.PORTABLE\AppData\Roaming\Mozilla\Firefox\Profiles\736jb2nb.default\prefs.js ]

Ligne Supprimée : user_pref("extensions.asktb.ff-original-keyword-url", "");

-\\ Google Chrome v

[ Fichier : C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Supprimée : search_url
Supprimée : urls_to_restore_on_startup
Supprimée : homepage

*************************

AdwCleaner[R0].txt - [21813 octets] - [11/02/2014 10:43:46]
AdwCleaner[S0].txt - [20337 octets] - [11/02/2014 10:45:13]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [20398 octets] ##########
0
Colbertdesjardins Messages postés 4 Date d'inscription   Statut Membre Dernière intervention  
 
Mon antivirus AVIRA a réagi lorsque j'ai téléchargé Adwcleaner

Virus or unwanted program 'ADWARE/Adware.Gen2 [adware]'
detected in file 'C:\AdwCleaner\Quarantine\C\Users\Michel\AppData\Roaming\eIntaller\03907A738D7948a9959E752002AE9CAC\eXQ.exe.vir.
Action performed: Transfer to Scanner

Qu'est-ce que cela signifie ?
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 5
Malekal_morte- Messages postés 180304 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   24 685
 
il se réveille un peu tard Antivir.


Faire un Scan OTL - Temps : Environ 40min
=============================================
OTL permet de diagnostiquer les programmes qui tournent et déceler des infections - Le programme va générer deux rapports OTL.txt et Extras.txt
Fournir les deux rapports :

Tu peux suivre les indications de cette page pour t'aider : https://www.malekal.com/tutorial-otl/

* Télécharge http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/ sur ton bureau.
(Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)

Dans le cas d'Avast!, ne pas lancer le programme dans la Sandbox (voir lien d'aide ci-dessus).

* Lance OTL
* En haut à droite de Analyse rapide, coche "tous les utilisateurs"
* Clique sur le bouton Analyse.

**** Si durant le scan - OTL ne répond pas, ne touche à rien et laisse le scan se poursuivre ****

* Quand le scan est fini, utilise le site http://pjjoint.malekal.com/ pour envoyer le rapport OTL.txt (et Extra.txt si présent).
Donne le ou les liens pjjoint qui pointent vers ces rapports ici dans une réponse.
Je répète : donne le lien du rapport pjjoint ici en réponse.

NE PAS COPIER/COLLER LE RAPPORT ICI - DONNER LE LIEN PJJOINT DANS UN NOUVEAU MESSAGE

0

Discussions similaires

Prix d'un appel locale = gratuit ?
madmax09 -
Pseudo -

5 réponses
Code de renvoi d'appel : Ooredo, Mobilis...
midoou07 -
Camille -

13 réponses
Comment réécouter un appel téléphonique ?
MaxBMX17 -
MaximeGaspart -

2 réponses
Prix d'un appel local
Vesper-and-i -
Manon38 -

3 réponses
Prix d'un appel local
maxaren -
kaumune -

1 réponse