Virus "alerte sécurité"
Dernière réponse : dans Sécurité
Bonjour.
Voila cela fait maintenant 3 semaine que le PC a été attaqué par un faux "alerte de securité". J'ai utilisé spybot pour stabiliser le PC qui faisait que s'eteindre au bout de 20 minutes.
Et j'en ai profité pour faire faire un rapport Hijackthis.
Notez que tout a disparu du PC
Voici le rapport complet :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:48:03, on 14/06/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\TEMP\jfjp\setup.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Documents and Settings\DELRIU Family\Mes documents\Téléchargements\HiJackThis(1).exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.ask.com?o=15506&l=dis
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - (no file)
O2 - BHO: SpiderMessenger_BHO - {ADE49752-DBBC-43A3-9498-379A82F574BF} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Cfiwabiveb] rundll32.exe "C:\WINDOWS\kbdfrast.dll",Startup
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - S-1-5-20 Startup: Launch WhiteSmoke.lnk = C:\Program Files\WhiteSmoke\WSEnrichment.exe (User 'SERVICE RÉSEAU')
O4 - S-1-5-18 Startup: Launch WhiteSmoke.lnk = C:\Program Files\WhiteSmoke\WSEnrichment.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: Launch WhiteSmoke.lnk = C:\Program Files\WhiteSmoke\WSEnrichment.exe (User 'Default user')
O4 - Startup: OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Startup: Yahoo! Widgets.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll/cmsidewiki.html
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: AMService - Steps Wipe - C:\WINDOWS\TEMP\jfjp\setup.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: OfferBox update service - Aedge Performance BCN SL - C:\Program Files\OfferBox\OfferBoxUpdateService.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
O24 - Desktop Component 0: (no name) - http://t2.gstatic.com/images?q=tbn:JYOeq9v3vXzcoM:http:...
O24 - Desktop Component 1: (no name) - http://t2.gstatic.com/images?q=tbn:QU8ajOGAMmiJKM:http:...
--
End of file - 8552 bytes
Voila cela fait maintenant 3 semaine que le PC a été attaqué par un faux "alerte de securité". J'ai utilisé spybot pour stabiliser le PC qui faisait que s'eteindre au bout de 20 minutes.
Et j'en ai profité pour faire faire un rapport Hijackthis.
Notez que tout a disparu du PC
Voici le rapport complet :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:48:03, on 14/06/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\TEMP\jfjp\setup.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Documents and Settings\DELRIU Family\Mes documents\Téléchargements\HiJackThis(1).exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.ask.com?o=15506&l=dis
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - (no file)
O2 - BHO: SpiderMessenger_BHO - {ADE49752-DBBC-43A3-9498-379A82F574BF} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Cfiwabiveb] rundll32.exe "C:\WINDOWS\kbdfrast.dll",Startup
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - S-1-5-20 Startup: Launch WhiteSmoke.lnk = C:\Program Files\WhiteSmoke\WSEnrichment.exe (User 'SERVICE RÉSEAU')
O4 - S-1-5-18 Startup: Launch WhiteSmoke.lnk = C:\Program Files\WhiteSmoke\WSEnrichment.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: Launch WhiteSmoke.lnk = C:\Program Files\WhiteSmoke\WSEnrichment.exe (User 'Default user')
O4 - Startup: OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Startup: Yahoo! Widgets.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll/cmsidewiki.html
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: AMService - Steps Wipe - C:\WINDOWS\TEMP\jfjp\setup.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: OfferBox update service - Aedge Performance BCN SL - C:\Program Files\OfferBox\OfferBoxUpdateService.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
O24 - Desktop Component 0: (no name) - http://t2.gstatic.com/images?q=tbn:JYOeq9v3vXzcoM:http:...
O24 - Desktop Component 1: (no name) - http://t2.gstatic.com/images?q=tbn:QU8ajOGAMmiJKM:http:...
--
End of file - 8552 bytes
Autres pages sur : virus alerte securite
Lassé par la pub ? Créez un compte
Bonsoir
Télécharge![]()
DDS et sauvegarde-le sur ton bureau.
Désactive tout script bloquant, tels qu'un antivirus, un logiciel comme ad-block, noscript etc.
Double-clique sur dds.scr pour lancer l'outil.
Une fois le scan fini, un document texte, DDS.txt, va s'ouvrir .
Clique Oui à la prochaine invite Optional Scan.
Sauvegarde les deux rapports sur ton bureau et poste-moi uniquement le DDS.txt.
<@_@>**<@_@>**<@_@>**<@_@>**<@_@>**@_@>**<@_@><@_@>**<@_@>**<@_@>**<@_@>**
Télécharge
DDS et sauvegarde-le sur ton bureau.<@_@>**<@_@>**<@_@>**<@_@>**<@_@>**@_@>**<@_@><@_@>**<@_@>**<@_@>**<@_@>**
.
DDS (Ver_2011-06-12.02) - NTFSx86
Internet Explorer: 8.0.6001.18702
Run by DELRIU Family at 13:09:25 on 2011-06-17
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.1791.1058 [GMT 2:00]
.
AV: AntiVir Desktop *Enabled/Outdated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\TEMP\jfjp\setup.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\OfferBox\OfferBoxUpdateService.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\DELRIU Family\Mes documents\Téléchargements\dds(1).scr
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://fr.ask.com?o=15506&l=dis
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://home.sweetim.com
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = about:blank
mURLSearchHooks: SweetIM ToolbarURLSearchHook Class: {eee6c35d-6118-11dc-9c72-001320c79847} - c:\program files\sweetim\toolbars\internet explorer\mgHelper.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\fichiers communs\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {474597C5-AB09-49d6-A4D5-2E8D7341384E} - No File
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Programme d'aide de l'Assistant de connexion Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\fichiers communs\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - No File
BHO: {ADE49752-DBBC-43A3-9498-379A82F574BF} - No File
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn\YTSingleInstance.dll
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
uRun: [msnmsgr] ~"c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [SpiderMessenger]
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Cfiwabiveb] rundll32.exe "c:\windows\kbdfrast.dll",Startup
uRun: [ccleaner] "c:\program files\ccleaner\CCleaner.exe" /AUTO
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRunOnce: [ ISSetupPrerequisistes] "c:\docume~1\delriu~1\locals~1\temp\nero02000168\setup.exe" /vnero.included_key=\"2m22-k0c8-01h7-hz3w-a490-tp69-ek1l-9uz3-h191-32x4-5h85-0000\" /VNERO.TOOLBAR_INCLUDED=1
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [CanonMyPrinter] c:\program files\canon\myprinter\BJMyPrt.exe /logon
mRun: [SunJavaUpdateSched] "c:\program files\fichiers communs\java\java update\jusched.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\fichiers communs\adobe\arm\1.0\AdobeARM.exe"
mRun: [SweetIM] c:\program files\sweetim\messenger\SweetIM.exe
mRun: [avast5] c:\progra~1\alwils~1\avast5\avastUI.exe /nogui
dRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
dRun: [msnmsgr] ~"c:\program files\windows live\messenger\msnmsgr.exe" /background
StartupFolder: c:\docume~1\delriu~1\menudm~1\progra~1\dmarra~1\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe
StartupFolder: c:\docume~1\delriu~1\menudm~1\progra~1\dmarra~1\yahoo!~1.lnk - c:\program files\yahoo!\widgets\YahooWidgets.exe
mPolicies-system: EnableLinkedConnections = 1 (0x1)
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll/cmsidewiki.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
TCP: DhcpNameServer = 109.0.66.10 109.0.66.20
TCP: Interfaces\{1967939F-4E28-4419-B44E-AA9E8AAD568E} : DhcpNameServer = 109.0.66.10 109.0.66.20
TCP: Interfaces\{55694731-22C1-45A1-97C3-48BB6C6A6D71} : DhcpNameServer = 192.168.1.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\fichie~1\skype\SKYPE4~1.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\delriu family\application data\mozilla\firefox\profiles\h37slo0b.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2542115&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://fr.ask.com?o=15506&l=dis
FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?babsrc=toolbar2&q=
FF - component: c:\documents and settings\delriu family\application data\mozilla\firefox\profiles\h37slo0b.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\XPATLCOM.dll
FF - component: c:\documents and settings\delriu family\application data\mozilla\firefox\profiles\h37slo0b.default\extensions\ffxtlbr@babylon.com\components\FFHst.dll
FF - component: c:\program files\mozilla firefox\extensions\{82af8dca-6de9-405d-bd5e-43525bdad38a}\components\SkypeFfComponent.dll
FF - plugin: c:\documents and settings\delriu family\application data\mozilla\plugins\np-mswmp.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npyaxmpb.dll
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
============= SERVICES / DRIVERS ===============
.
R?2 AMService;AMService;c:\windows\temp\jfjp\setup.exe run --> c:\windows\temp\jfjp\setup.exe run [?]
R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2011-6-5 11608]
R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\avira\antivir desktop\sched.exe [2011-6-5 136360]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2011-6-5 269480]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2011-6-5 61960]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2010-5-11 54760]
R2 OfferBox update service;OfferBox update service;c:\program files\offerbox\OfferBoxUpdateService.exe [2011-6-8 332880]
R3 RT80x86;Ralink 802.11n Wireless Driver;c:\windows\system32\drivers\rt2860.sys [2010-5-11 507264]
S3 camvid20;Philips ToUcam Camera; Video;c:\windows\system32\drivers\camdrv21.sys [2010-5-11 223232]
S3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys --> c:\windows\system32\drivers\dgderdrv.sys [?]
S3 fsssvc;Service Windows Live Contrôle parental;c:\program files\windows live\family safety\fsssvc.exe [2010-4-28 704872]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2010-12-19 36640]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\drivers\ss_bbus.sys [2010-12-19 98432]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\drivers\ss_bmdfl.sys [2010-12-19 14848]
S3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\drivers\ss_bmdm.sys [2010-12-19 123648]
S3 ss_bserd;SAMSUNG USB Mobile Logging Driver;c:\windows\system32\drivers\ss_bserd.sys [2010-12-19 100224]
.
=============== Created Last 30 ================
.
2011-06-16 15:44:27 -------- d-----w- c:\documents and settings\delriu family\local settings\application data\Nero_AG
2011-06-16 15:38:23 -------- d-----w- c:\program files\Nero
2011-06-16 15:38:23 -------- d-----w- c:\documents and settings\all users\application data\Nero
2011-06-13 18:26:42 -------- d-----w- c:\program files\Paint.NET
2011-06-13 18:26:36 -------- d-----w- c:\documents and settings\delriu family\local settings\application data\Paint.NET
2011-06-13 10:37:38 -------- d-----w- c:\documents and settings\delriu family\application data\PhotoFiltre Studio X
2011-06-13 10:37:34 -------- d-----w- c:\program files\PhotoFiltre Studio X
2011-06-13 10:23:20 -------- d-----w- c:\program files\OfferBox
2011-06-12 07:27:11 43008 ----a-w- c:\documents and settings\delriu family\0.7511003169835975.exe
2011-06-07 10:35:34 103864 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll
2011-06-07 10:35:34 103864 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll
2011-06-06 16:03:07 -------- d-----w- c:\program files\Watchtower
2011-06-05 18:55:00 -------- d-----w- c:\documents and settings\delriu family\application data\Avira
2011-06-05 18:09:33 61960 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-06-05 18:09:33 -------- d-----w- c:\program files\Avira
2011-06-05 18:09:33 -------- d-----w- c:\documents and settings\all users\application data\Avira
2011-06-05 17:11:17 -------- d-----w- c:\program files\AVAST Software
2011-06-05 17:11:17 -------- d-----w- c:\documents and settings\all users\application data\AVAST Software
2011-06-03 13:53:43 -------- d-----w- c:\program files\WhiteSmoke
2011-06-03 13:53:29 -------- d-----w- c:\program files\SweetIM
2011-06-03 13:53:29 -------- d-----w- c:\documents and settings\all users\application data\SweetIM
2011-06-03 13:52:58 -------- d-----w- c:\windows\$XNTUninstall643$
2011-05-31 09:59:51 -------- d-----w- c:\documents and settings\delriu family\application data\Malwarebytes
2011-05-31 08:40:55 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-05-31 08:40:55 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2011-05-31 08:40:52 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-05-31 08:40:51 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-05-31 08:21:22 -------- d-----w- c:\program files\GridinSoft Trojan Killer
2011-05-19 13:08:36 781272 ----a-w- c:\program files\mozilla firefox\mozsqlite3.dll
2011-05-19 13:08:35 89048 ----a-w- c:\program files\mozilla firefox\libEGL.dll
2011-05-19 13:08:35 465880 ----a-w- c:\program files\mozilla firefox\libGLESv2.dll
2011-05-19 13:08:35 1892184 ----a-w- c:\program files\mozilla firefox\d3dx9_42.dll
2011-05-19 13:08:35 1874904 ----a-w- c:\program files\mozilla firefox\mozjs.dll
2011-05-19 13:08:35 15832 ----a-w- c:\program files\mozilla firefox\mozalloc.dll
2011-05-19 13:08:35 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2011-05-19 13:08:34 1974616 ----a-w- c:\program files\mozilla firefox\D3DCompiler_42.dll
.
==================== Find3M ====================
.
2011-05-08 23:04:45 128000 ----a-w- c:\program files\updater.exe
2011-04-13 22:40:10 4284416 ----a-w- c:\windows\system32\GPhotos.scr
.
============= FINISH: 13:11:04,28 ===============
DDS (Ver_2011-06-12.02) - NTFSx86
Internet Explorer: 8.0.6001.18702
Run by DELRIU Family at 13:09:25 on 2011-06-17
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.1791.1058 [GMT 2:00]
.
AV: AntiVir Desktop *Enabled/Outdated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\TEMP\jfjp\setup.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\OfferBox\OfferBoxUpdateService.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\DELRIU Family\Mes documents\Téléchargements\dds(1).scr
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://fr.ask.com?o=15506&l=dis
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://home.sweetim.com
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = about:blank
mURLSearchHooks: SweetIM ToolbarURLSearchHook Class: {eee6c35d-6118-11dc-9c72-001320c79847} - c:\program files\sweetim\toolbars\internet explorer\mgHelper.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\fichiers communs\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {474597C5-AB09-49d6-A4D5-2E8D7341384E} - No File
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Programme d'aide de l'Assistant de connexion Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\fichiers communs\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - No File
BHO: {ADE49752-DBBC-43A3-9498-379A82F574BF} - No File
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn\YTSingleInstance.dll
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
uRun: [msnmsgr] ~"c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [SpiderMessenger]
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Cfiwabiveb] rundll32.exe "c:\windows\kbdfrast.dll",Startup
uRun: [ccleaner] "c:\program files\ccleaner\CCleaner.exe" /AUTO
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRunOnce: [ ISSetupPrerequisistes] "c:\docume~1\delriu~1\locals~1\temp\nero02000168\setup.exe" /vnero.included_key=\"2m22-k0c8-01h7-hz3w-a490-tp69-ek1l-9uz3-h191-32x4-5h85-0000\" /VNERO.TOOLBAR_INCLUDED=1
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [CanonMyPrinter] c:\program files\canon\myprinter\BJMyPrt.exe /logon
mRun: [SunJavaUpdateSched] "c:\program files\fichiers communs\java\java update\jusched.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\fichiers communs\adobe\arm\1.0\AdobeARM.exe"
mRun: [SweetIM] c:\program files\sweetim\messenger\SweetIM.exe
mRun: [avast5] c:\progra~1\alwils~1\avast5\avastUI.exe /nogui
dRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
dRun: [msnmsgr] ~"c:\program files\windows live\messenger\msnmsgr.exe" /background
StartupFolder: c:\docume~1\delriu~1\menudm~1\progra~1\dmarra~1\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe
StartupFolder: c:\docume~1\delriu~1\menudm~1\progra~1\dmarra~1\yahoo!~1.lnk - c:\program files\yahoo!\widgets\YahooWidgets.exe
mPolicies-system: EnableLinkedConnections = 1 (0x1)
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll/cmsidewiki.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
TCP: DhcpNameServer = 109.0.66.10 109.0.66.20
TCP: Interfaces\{1967939F-4E28-4419-B44E-AA9E8AAD568E} : DhcpNameServer = 109.0.66.10 109.0.66.20
TCP: Interfaces\{55694731-22C1-45A1-97C3-48BB6C6A6D71} : DhcpNameServer = 192.168.1.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\fichie~1\skype\SKYPE4~1.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\delriu family\application data\mozilla\firefox\profiles\h37slo0b.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2542115&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://fr.ask.com?o=15506&l=dis
FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?babsrc=toolbar2&q=
FF - component: c:\documents and settings\delriu family\application data\mozilla\firefox\profiles\h37slo0b.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\XPATLCOM.dll
FF - component: c:\documents and settings\delriu family\application data\mozilla\firefox\profiles\h37slo0b.default\extensions\ffxtlbr@babylon.com\components\FFHst.dll
FF - component: c:\program files\mozilla firefox\extensions\{82af8dca-6de9-405d-bd5e-43525bdad38a}\components\SkypeFfComponent.dll
FF - plugin: c:\documents and settings\delriu family\application data\mozilla\plugins\np-mswmp.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npyaxmpb.dll
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
============= SERVICES / DRIVERS ===============
.
R?2 AMService;AMService;c:\windows\temp\jfjp\setup.exe run --> c:\windows\temp\jfjp\setup.exe run [?]
R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2011-6-5 11608]
R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\avira\antivir desktop\sched.exe [2011-6-5 136360]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2011-6-5 269480]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2011-6-5 61960]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2010-5-11 54760]
R2 OfferBox update service;OfferBox update service;c:\program files\offerbox\OfferBoxUpdateService.exe [2011-6-8 332880]
R3 RT80x86;Ralink 802.11n Wireless Driver;c:\windows\system32\drivers\rt2860.sys [2010-5-11 507264]
S3 camvid20;Philips ToUcam Camera; Video;c:\windows\system32\drivers\camdrv21.sys [2010-5-11 223232]
S3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys --> c:\windows\system32\drivers\dgderdrv.sys [?]
S3 fsssvc;Service Windows Live Contrôle parental;c:\program files\windows live\family safety\fsssvc.exe [2010-4-28 704872]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2010-12-19 36640]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\drivers\ss_bbus.sys [2010-12-19 98432]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\drivers\ss_bmdfl.sys [2010-12-19 14848]
S3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\drivers\ss_bmdm.sys [2010-12-19 123648]
S3 ss_bserd;SAMSUNG USB Mobile Logging Driver;c:\windows\system32\drivers\ss_bserd.sys [2010-12-19 100224]
.
=============== Created Last 30 ================
.
2011-06-16 15:44:27 -------- d-----w- c:\documents and settings\delriu family\local settings\application data\Nero_AG
2011-06-16 15:38:23 -------- d-----w- c:\program files\Nero
2011-06-16 15:38:23 -------- d-----w- c:\documents and settings\all users\application data\Nero
2011-06-13 18:26:42 -------- d-----w- c:\program files\Paint.NET
2011-06-13 18:26:36 -------- d-----w- c:\documents and settings\delriu family\local settings\application data\Paint.NET
2011-06-13 10:37:38 -------- d-----w- c:\documents and settings\delriu family\application data\PhotoFiltre Studio X
2011-06-13 10:37:34 -------- d-----w- c:\program files\PhotoFiltre Studio X
2011-06-13 10:23:20 -------- d-----w- c:\program files\OfferBox
2011-06-12 07:27:11 43008 ----a-w- c:\documents and settings\delriu family\0.7511003169835975.exe
2011-06-07 10:35:34 103864 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll
2011-06-07 10:35:34 103864 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll
2011-06-06 16:03:07 -------- d-----w- c:\program files\Watchtower
2011-06-05 18:55:00 -------- d-----w- c:\documents and settings\delriu family\application data\Avira
2011-06-05 18:09:33 61960 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-06-05 18:09:33 -------- d-----w- c:\program files\Avira
2011-06-05 18:09:33 -------- d-----w- c:\documents and settings\all users\application data\Avira
2011-06-05 17:11:17 -------- d-----w- c:\program files\AVAST Software
2011-06-05 17:11:17 -------- d-----w- c:\documents and settings\all users\application data\AVAST Software
2011-06-03 13:53:43 -------- d-----w- c:\program files\WhiteSmoke
2011-06-03 13:53:29 -------- d-----w- c:\program files\SweetIM
2011-06-03 13:53:29 -------- d-----w- c:\documents and settings\all users\application data\SweetIM
2011-06-03 13:52:58 -------- d-----w- c:\windows\$XNTUninstall643$
2011-05-31 09:59:51 -------- d-----w- c:\documents and settings\delriu family\application data\Malwarebytes
2011-05-31 08:40:55 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-05-31 08:40:55 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2011-05-31 08:40:52 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-05-31 08:40:51 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-05-31 08:21:22 -------- d-----w- c:\program files\GridinSoft Trojan Killer
2011-05-19 13:08:36 781272 ----a-w- c:\program files\mozilla firefox\mozsqlite3.dll
2011-05-19 13:08:35 89048 ----a-w- c:\program files\mozilla firefox\libEGL.dll
2011-05-19 13:08:35 465880 ----a-w- c:\program files\mozilla firefox\libGLESv2.dll
2011-05-19 13:08:35 1892184 ----a-w- c:\program files\mozilla firefox\d3dx9_42.dll
2011-05-19 13:08:35 1874904 ----a-w- c:\program files\mozilla firefox\mozjs.dll
2011-05-19 13:08:35 15832 ----a-w- c:\program files\mozilla firefox\mozalloc.dll
2011-05-19 13:08:35 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2011-05-19 13:08:34 1974616 ----a-w- c:\program files\mozilla firefox\D3DCompiler_42.dll
.
==================== Find3M ====================
.
2011-05-08 23:04:45 128000 ----a-w- c:\program files\updater.exe
2011-04-13 22:40:10 4284416 ----a-w- c:\windows\system32\GPhotos.scr
.
============= FINISH: 13:11:04,28 ===============
Bonsoir
Télécharge ![]()
Ad-Remover (de Cyrildu17 / C_XX) sur ton Bureau.
/!\ Déconnecte-toi, désactive ton anti-virus et ferme toutes applications en cours /!\
Double-clique sur AD-R situé sur ton Bureau pour le lancer.
(Sous Vista/Seven, il faut cliquer droit sur AD-R et choisir Exécuter en tant qu'administrateur)
Choisis la langue F pour français.
Au menu principal, choisis l'option Scanner.
/!\ Laisse travailler l'outil /!\
Poste le rapport qui apparaît à la fin (C:\Ad-Report-CLEAN.log).
/!\ Pense à réactiver ton antivirus /!\
Ad-Remover (de Cyrildu17 / C_XX) sur ton Bureau./!\ Déconnecte-toi, désactive ton anti-virus et ferme toutes applications en cours /!\
(Sous Vista/Seven, il faut cliquer droit sur AD-R et choisir Exécuter en tant qu'administrateur)
/!\ Laisse travailler l'outil /!\
/!\ Pense à réactiver ton antivirus /!\
======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======
Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org
C:\Program Files\Ad-Remover\main.exe (SCAN [2]) -> Lancé à 12:11:19 le 21/06/2011, Mode normal
Microsoft Windows XP Édition familiale Service Pack 3 (X86)
DELRIU Family@DELRIU-ORDI ( )
============== RECHERCHE ==============
Fichier trouvé: C:\Program Files\Mozilla FireFox\searchplugins\iMeshWebSearch.xml
Fichier trouvé: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Navigateur OfferBox.lnk
Fichier trouvé: C:\Documents and Settings\DELRIU Family\Application Data\Mozilla\FireFox\Profiles\h37slo0b.default\searchplugins\askcom.xml
Dossier trouvé: C:\Documents and Settings\DELRIU Family\Application Data\Mozilla\FireFox\Profiles\h37slo0b.default\conduit
Fichier trouvé: C:\Documents and Settings\DELRIU Family\Application Data\Mozilla\FireFox\Profiles\h37slo0b.default\searchplugins\conduit.xml
Fichier trouvé: C:\Documents and Settings\DELRIU Family\Application Data\Mozilla\FireFox\Profiles\h37slo0b.default\searchplugins\iMeshWebSearch.xml
Dossier trouvé: C:\Program Files\Ask.com
Dossier trouvé: C:\Program Files\CrazyLoader
Dossier trouvé: C:\Program Files\SpiderMessenger
Dossier trouvé: C:\Documents and Settings\All Users\Application Data\Trymedia
Dossier trouvé: C:\Documents and Settings\DELRIU Family\Application Data\EoRezo
Dossier trouvé: C:\Documents and Settings\DELRIU Family\Local Settings\Application Data\networker
Dossier trouvé: C:\Documents and Settings\DELRIU Family\Application Data\OfferBox
Dossier trouvé: C:\Program Files\OfferBox
Dossier trouvé: C:\Documents and Settings\DELRIU Family\Local Settings\Application Data\iMesh
Dossier trouvé: C:\Program Files\iMesh Applications
Dossier trouvé: C:\WINDOWS\$XNTUninstall643$
-- Fichier ouvert: C:\Documents and Settings\DELRIU Family\Application Data\Mozilla\FireFox\Profiles\h37slo0b.default\Prefs.js --
Ligne trouvée: user_pref("browser.search.defaultengine", "Ask.com");
Ligne trouvée: user_pref("browser.search.defaultenginename", "Ask.com");
Ligne trouvée: user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2542115&Sea...
Ligne trouvée: user_pref("browser.search.order.1", "Ask.com");
Ligne trouvée: user_pref("browser.startup.homepage", "hxxp://fr.ask.com?o=15506&l=dis");
-- Fichier Fermé --
Clé trouvée: HKLM\Software\Classes\CLSID\{703740c1-0f1a-4cec-a4df-d78db0158477}
Clé trouvée: HKLM\Software\Classes\CLSID\{A7E8C343-7860-4A95-9AA8-AAF30D0F6D1E}
Clé trouvée: HKLM\Software\Classes\Interface\{6612AFDD-34AD-4B89-A236-7E6D07C3FDCD}
Clé trouvée: HKLM\Software\Classes\TypeLib\{13B1A411-66D8-49AC-BBC6-0102F0918AED}
Clé trouvée: HKLM\Software\Classes\TypeLib\{ED85AEBE-F834-4088-B5D3-97EB2478A6CD}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\$XNTUninstall643$
Clé trouvée: HKLM\Software\Classes\OfferBox.OfferBoxServer
Clé trouvée: HKLM\Software\Classes\OfferBox.OfferBoxServer.1
Clé trouvée: HKLM\Software\Classes\Toolbar.CT2542115
Clé trouvée: HKLM\Software\InstallPedia
Clé trouvée: HKLM\Software\OfferBox
Clé trouvée: HKLM\Software\Trymedia Systems
Clé trouvée: HKCU\Software\Conduit
Clé trouvée: HKCU\Software\iMesh
Clé trouvée: HKCU\Software\OfferBox
Clé trouvée: HKCU\Software\SpiderMessenger
Clé trouvée: HKCU\Software\Spointer
Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}
Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}
Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59}
Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59}
Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{da8002cf-2914-493a-b7e8-79740e2e15db}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\OfferBox Browser
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Clé trouvée: HKLM\Software\Google\Chrome\Extensions\bjeikeheijdjdfjbmknpefojickbkmom
Valeur trouvée: HKLM\Software\Mozilla\Firefox\Extensions|SpiderMessengerHelper@spidermessenger.com
Valeur trouvée: HKLM\Software\Mozilla\Firefox\Extensions|offerbox@spointer.com
Valeur trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Run|spidermessenger
Valeur trouvée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}
============== SCAN ADDITIONNEL ==============
**** Mozilla Firefox Version [4.0.1 (fr)] ****
HKLM_MozillaPlugins\@pandonetworks.com/PandoWebPlugin (x)
HKLM_MozillaPlugins\Adobe Reader (x)
HKLM_MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 (x)
Searchplugins\babylon.xml (hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=145725b6000000000000001966ba14c7&tlver=1.4.19.19&ss=1&affID=18026/)
Searchplugins\bing.xml ( hxxp://www.bing.com/search)
Searchplugins\iMeshWebSearch.xml ( hxxp://search.iMesh.com/web?src=ffb&systemid=1&q={searchTerms}/)
Components\browsercomps.dll (Mozilla Foundation)
Extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} (Skype extension )
HKLM_Extensions|SpiderMessengerHelper@spidermessenger.com (x)
HKLM_Extensions|offerbox@spointer.com - C:\Program Files\OfferBox\extensions-3.1.4085.146\offerbox@spointer.com
-- C:\Documents and Settings\DELRIU Family\Application Data\Mozilla\FireFox\Profiles\h37slo0b.default --
Searchplugins\askcom.xml (?)
Searchplugins\conduit.xml (hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2542115&SearchSource=3&q={searchTerms} /)
Searchplugins\iMeshWebSearch.xml ( hxxp://search.iMesh.com/web?src=ffb&systemid=1&q={searchTerms}/)
Prefs.js - browser.download.lastDir, C:\\Documents and Settings\\DELRIU Family\\Mes documents
Prefs.js - browser.search.defaultenginename, Ask.com
Prefs.js - browser.search.defaulturl, hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2542115&SearchSource=3&q={searchTerms}
Prefs.js - browser.search.selectedEngine, Google
Prefs.js - browser.startup.homepage, hxxp://fr.ask.com?o=15506&l=dis
Prefs.js - browser.startup.homepage_override.buildID, 20110413222027
Prefs.js - browser.startup.homepage_override.mstone, rv:2.0.1
Prefs.js - keyword.URL, hxxp://search.babylon.com/?babsrc=toolbar2&q=
========================================
**** Internet Explorer Version [8.0.6001.18702] ****
HKCU_Main|Default_Search_URL - hxxp://www.google.com/ie
HKCU_Main|Search bar - hxxp://www.google.com/ie
HKCU_Main|Search Page - hxxp://www.google.com
HKCU_Main|Start Page - hxxp://www.google.fr/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=69157
HKLM_Main|Default_Search_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Start Page - hxxp://home.sweetim.com
HKCU_SearchScopes\{0633EE93-1111-472f-A0FF-E1416B8B2EAA} - "Search" (hxxp://www.missim.org/google?q={searchTerms}&sa=Search&cx=partner-pub-3546861938...)
HKCU_SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} - "Ask Search" (hxxp://websearch.ask.com/redirect?client=ie&tb=PTF&o=&src=crm&q={searchTerms}&lo...)
HKCU_SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5} - "Search the web (Babylon)" (hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=145725b6000000000...)
HKCU_SearchScopes\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7} - "ALOT Recherche" (hxxp://search.alot.com/web?q={searchTerms}&pr=prov&client_id=A9E09A4001CBA5AF008...)
HKCU_SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59} - "Web Search" (hxxp://search.imesh.com/web?src=ieb&systemid=1&q={searchTerms})
HKCU_SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} - "Softonic_France Customized Web Search" (hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT...)
HKLM_SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59} - "Web Search" (hxxp://search.imesh.com/web?src=ieb&systemid=1&q={searchTerms})
HKLM_SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} - "SweetIM Search" (hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms})
HKCU_Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440} (x)
HKLM_ElevationPolicy\{da8002cf-2914-493a-b7e8-79740e2e15db} - C:\Program Files\OfferBox\OfferBox.exe (Aedge Performance BCN SL)
HKLM_ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe (SweetIM Technologies Ltd.)
HKLM_Extensions\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - "?" (?)
HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?)
BHO\{474597C5-AB09-49d6-A4D5-2E8D7341384E} (?)
BHO\{5C255C8A-E604-49b4-9D64-90988571CECB} (?)
BHO\{ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} (?)
BHO\{ADE49752-DBBC-43A3-9498-379A82F574BF} (?)
========================================
C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 2 Fichier(s)
C:\Ad-Report-SCAN[1].txt - 21/06/2011 12:08:21 (5022 Octet(s))
C:\Ad-Report-SCAN[2].txt - 21/06/2011 12:11:25 (7022 Octet(s))
Fin à: 12:11:45, 21/06/2011
============== E.O.F ==============
Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org
C:\Program Files\Ad-Remover\main.exe (SCAN [2]) -> Lancé à 12:11:19 le 21/06/2011, Mode normal
Microsoft Windows XP Édition familiale Service Pack 3 (X86)
DELRIU Family@DELRIU-ORDI ( )
============== RECHERCHE ==============
Fichier trouvé: C:\Program Files\Mozilla FireFox\searchplugins\iMeshWebSearch.xml
Fichier trouvé: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Navigateur OfferBox.lnk
Fichier trouvé: C:\Documents and Settings\DELRIU Family\Application Data\Mozilla\FireFox\Profiles\h37slo0b.default\searchplugins\askcom.xml
Dossier trouvé: C:\Documents and Settings\DELRIU Family\Application Data\Mozilla\FireFox\Profiles\h37slo0b.default\conduit
Fichier trouvé: C:\Documents and Settings\DELRIU Family\Application Data\Mozilla\FireFox\Profiles\h37slo0b.default\searchplugins\conduit.xml
Fichier trouvé: C:\Documents and Settings\DELRIU Family\Application Data\Mozilla\FireFox\Profiles\h37slo0b.default\searchplugins\iMeshWebSearch.xml
Dossier trouvé: C:\Program Files\Ask.com
Dossier trouvé: C:\Program Files\CrazyLoader
Dossier trouvé: C:\Program Files\SpiderMessenger
Dossier trouvé: C:\Documents and Settings\All Users\Application Data\Trymedia
Dossier trouvé: C:\Documents and Settings\DELRIU Family\Application Data\EoRezo
Dossier trouvé: C:\Documents and Settings\DELRIU Family\Local Settings\Application Data\networker
Dossier trouvé: C:\Documents and Settings\DELRIU Family\Application Data\OfferBox
Dossier trouvé: C:\Program Files\OfferBox
Dossier trouvé: C:\Documents and Settings\DELRIU Family\Local Settings\Application Data\iMesh
Dossier trouvé: C:\Program Files\iMesh Applications
Dossier trouvé: C:\WINDOWS\$XNTUninstall643$
-- Fichier ouvert: C:\Documents and Settings\DELRIU Family\Application Data\Mozilla\FireFox\Profiles\h37slo0b.default\Prefs.js --
Ligne trouvée: user_pref("browser.search.defaultengine", "Ask.com");
Ligne trouvée: user_pref("browser.search.defaultenginename", "Ask.com");
Ligne trouvée: user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2542115&Sea...
Ligne trouvée: user_pref("browser.search.order.1", "Ask.com");
Ligne trouvée: user_pref("browser.startup.homepage", "hxxp://fr.ask.com?o=15506&l=dis");
-- Fichier Fermé --
Clé trouvée: HKLM\Software\Classes\CLSID\{703740c1-0f1a-4cec-a4df-d78db0158477}
Clé trouvée: HKLM\Software\Classes\CLSID\{A7E8C343-7860-4A95-9AA8-AAF30D0F6D1E}
Clé trouvée: HKLM\Software\Classes\Interface\{6612AFDD-34AD-4B89-A236-7E6D07C3FDCD}
Clé trouvée: HKLM\Software\Classes\TypeLib\{13B1A411-66D8-49AC-BBC6-0102F0918AED}
Clé trouvée: HKLM\Software\Classes\TypeLib\{ED85AEBE-F834-4088-B5D3-97EB2478A6CD}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\$XNTUninstall643$
Clé trouvée: HKLM\Software\Classes\OfferBox.OfferBoxServer
Clé trouvée: HKLM\Software\Classes\OfferBox.OfferBoxServer.1
Clé trouvée: HKLM\Software\Classes\Toolbar.CT2542115
Clé trouvée: HKLM\Software\InstallPedia
Clé trouvée: HKLM\Software\OfferBox
Clé trouvée: HKLM\Software\Trymedia Systems
Clé trouvée: HKCU\Software\Conduit
Clé trouvée: HKCU\Software\iMesh
Clé trouvée: HKCU\Software\OfferBox
Clé trouvée: HKCU\Software\SpiderMessenger
Clé trouvée: HKCU\Software\Spointer
Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}
Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}
Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59}
Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59}
Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{da8002cf-2914-493a-b7e8-79740e2e15db}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\OfferBox Browser
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Clé trouvée: HKLM\Software\Google\Chrome\Extensions\bjeikeheijdjdfjbmknpefojickbkmom
Valeur trouvée: HKLM\Software\Mozilla\Firefox\Extensions|SpiderMessengerHelper@spidermessenger.com
Valeur trouvée: HKLM\Software\Mozilla\Firefox\Extensions|offerbox@spointer.com
Valeur trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Run|spidermessenger
Valeur trouvée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}
============== SCAN ADDITIONNEL ==============
**** Mozilla Firefox Version [4.0.1 (fr)] ****
HKLM_MozillaPlugins\@pandonetworks.com/PandoWebPlugin (x)
HKLM_MozillaPlugins\Adobe Reader (x)
HKLM_MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 (x)
Searchplugins\babylon.xml (hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=145725b6000000000000001966ba14c7&tlver=1.4.19.19&ss=1&affID=18026/)
Searchplugins\bing.xml ( hxxp://www.bing.com/search)
Searchplugins\iMeshWebSearch.xml ( hxxp://search.iMesh.com/web?src=ffb&systemid=1&q={searchTerms}/)
Components\browsercomps.dll (Mozilla Foundation)
Extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} (Skype extension )
HKLM_Extensions|SpiderMessengerHelper@spidermessenger.com (x)
HKLM_Extensions|offerbox@spointer.com - C:\Program Files\OfferBox\extensions-3.1.4085.146\offerbox@spointer.com
-- C:\Documents and Settings\DELRIU Family\Application Data\Mozilla\FireFox\Profiles\h37slo0b.default --
Searchplugins\askcom.xml (?)
Searchplugins\conduit.xml (hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2542115&SearchSource=3&q={searchTerms} /)
Searchplugins\iMeshWebSearch.xml ( hxxp://search.iMesh.com/web?src=ffb&systemid=1&q={searchTerms}/)
Prefs.js - browser.download.lastDir, C:\\Documents and Settings\\DELRIU Family\\Mes documents
Prefs.js - browser.search.defaultenginename, Ask.com
Prefs.js - browser.search.defaulturl, hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2542115&SearchSource=3&q={searchTerms}
Prefs.js - browser.search.selectedEngine, Google
Prefs.js - browser.startup.homepage, hxxp://fr.ask.com?o=15506&l=dis
Prefs.js - browser.startup.homepage_override.buildID, 20110413222027
Prefs.js - browser.startup.homepage_override.mstone, rv:2.0.1
Prefs.js - keyword.URL, hxxp://search.babylon.com/?babsrc=toolbar2&q=
========================================
**** Internet Explorer Version [8.0.6001.18702] ****
HKCU_Main|Default_Search_URL - hxxp://www.google.com/ie
HKCU_Main|Search bar - hxxp://www.google.com/ie
HKCU_Main|Search Page - hxxp://www.google.com
HKCU_Main|Start Page - hxxp://www.google.fr/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=69157
HKLM_Main|Default_Search_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Start Page - hxxp://home.sweetim.com
HKCU_SearchScopes\{0633EE93-1111-472f-A0FF-E1416B8B2EAA} - "Search" (hxxp://www.missim.org/google?q={searchTerms}&sa=Search&cx=partner-pub-3546861938...)
HKCU_SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} - "Ask Search" (hxxp://websearch.ask.com/redirect?client=ie&tb=PTF&o=&src=crm&q={searchTerms}&lo...)
HKCU_SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5} - "Search the web (Babylon)" (hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=145725b6000000000...)
HKCU_SearchScopes\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7} - "ALOT Recherche" (hxxp://search.alot.com/web?q={searchTerms}&pr=prov&client_id=A9E09A4001CBA5AF008...)
HKCU_SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59} - "Web Search" (hxxp://search.imesh.com/web?src=ieb&systemid=1&q={searchTerms})
HKCU_SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} - "Softonic_France Customized Web Search" (hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT...)
HKLM_SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59} - "Web Search" (hxxp://search.imesh.com/web?src=ieb&systemid=1&q={searchTerms})
HKLM_SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} - "SweetIM Search" (hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms})
HKCU_Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440} (x)
HKLM_ElevationPolicy\{da8002cf-2914-493a-b7e8-79740e2e15db} - C:\Program Files\OfferBox\OfferBox.exe (Aedge Performance BCN SL)
HKLM_ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe (SweetIM Technologies Ltd.)
HKLM_Extensions\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - "?" (?)
HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?)
BHO\{474597C5-AB09-49d6-A4D5-2E8D7341384E} (?)
BHO\{5C255C8A-E604-49b4-9D64-90988571CECB} (?)
BHO\{ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} (?)
BHO\{ADE49752-DBBC-43A3-9498-379A82F574BF} (?)
========================================
C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 2 Fichier(s)
C:\Ad-Report-SCAN[1].txt - 21/06/2011 12:08:21 (5022 Octet(s))
C:\Ad-Report-SCAN[2].txt - 21/06/2011 12:11:25 (7022 Octet(s))
Fin à: 12:11:45, 21/06/2011
============== E.O.F ==============
Bonsoir
/!\ Déconnecte-toi, désactive ton anti-virus et ferme toutes applications en cours /!\
Double-clique sur AD-R situé sur ton Bureau pour le lancer.
(Sous Vista/Seven, il faut cliquer droit sur AD-R et choisir Exécuter en tant qu'administrateur)
Choisis la langue F pour français.
Au menu principal, choisis l'option Nettoyer.
/!\ Laisse travailler l'outil /!\
Poste le rapport qui apparaît à la fin (C:\Ad-Report-CLEAN.log).
/!\ Pense à réactiver ton antivirus /!\
/!\ Déconnecte-toi, désactive ton anti-virus et ferme toutes applications en cours /!\
(Sous Vista/Seven, il faut cliquer droit sur AD-R et choisir Exécuter en tant qu'administrateur)
/!\ Laisse travailler l'outil /!\
/!\ Pense à réactiver ton antivirus /!\
======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======
Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org
C:\Program Files\Ad-Remover\main.exe (CLEAN [2]) -> Lancé à 08:38:02 le 23/06/2011, Mode normal
Microsoft Windows XP Édition familiale Service Pack 3 (X86)
DELRIU Family@DELRIU-ORDI ( )
============== ACTION(S) ==============
(!) -- Fichiers temporaires supprimés.
Clé supprimée: HKCU\Software\OfferBox
============== SCAN ADDITIONNEL ==============
**** Mozilla Firefox Version [4.0.1 (fr)] ****
HKLM_MozillaPlugins\@pandonetworks.com/PandoWebPlugin (x)
HKLM_MozillaPlugins\Adobe Reader (x)
HKLM_MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 (x)
Searchplugins\babylon.xml (hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=145725b6000000000000001966ba14c7&tlver=1.4.19.19&ss=1&affID=18026/)
Searchplugins\bing.xml ( hxxp://www.bing.com/search)
Components\browsercomps.dll (Mozilla Foundation)
Extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} (Skype extension )
-- C:\Documents and Settings\DELRIU Family\Application Data\Mozilla\FireFox\Profiles\h37slo0b.default --
Prefs.js - browser.download.lastDir, C:\\Documents and Settings\\DELRIU Family\\Mes documents
Prefs.js - browser.search.selectedEngine, Google
Prefs.js - browser.startup.homepage_override.buildID, 20110413222027
Prefs.js - browser.startup.homepage_override.mstone, rv:2.0.1
Prefs.js - keyword.URL, hxxp://search.babylon.com/?babsrc=toolbar2&q=
========================================
**** Internet Explorer Version [8.0.6001.18702] ****
HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_SearchScopes\{0633EE93-1111-472f-A0FF-E1416B8B2EAA} - "Search" (hxxp://www.missim.org/google?q={searchTerms}&sa=Search&cx=partner-pub-3546861938...)
HKLM_SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} - "SweetIM Search" (hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms})
HKLM_ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe (SweetIM Technologies Ltd.)
HKLM_Extensions\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - "?" (?)
HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?)
BHO\{474597C5-AB09-49d6-A4D5-2E8D7341384E} (?)
BHO\{5C255C8A-E604-49b4-9D64-90988571CECB} (?)
BHO\{ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} (?)
BHO\{ADE49752-DBBC-43A3-9498-379A82F574BF} (?)
========================================
C:\Program Files\Ad-Remover\Quarantine: 110 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 17 Fichier(s)
C:\Ad-Report-CLEAN[1].txt - 23/06/2011 08:08:48 (8224 Octet(s))
C:\Ad-Report-CLEAN[2].txt - 23/06/2011 08:38:06 (488 Octet(s))
C:\Ad-Report-SCAN[1].txt - 21/06/2011 12:08:21 (5022 Octet(s))
C:\Ad-Report-SCAN[2].txt - 21/06/2011 12:11:25 (9776 Octet(s))
Fin à: 08:38:28, 23/06/2011
============== E.O.F ==============
Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org
C:\Program Files\Ad-Remover\main.exe (CLEAN [2]) -> Lancé à 08:38:02 le 23/06/2011, Mode normal
Microsoft Windows XP Édition familiale Service Pack 3 (X86)
DELRIU Family@DELRIU-ORDI ( )
============== ACTION(S) ==============
(!) -- Fichiers temporaires supprimés.
Clé supprimée: HKCU\Software\OfferBox
============== SCAN ADDITIONNEL ==============
**** Mozilla Firefox Version [4.0.1 (fr)] ****
HKLM_MozillaPlugins\@pandonetworks.com/PandoWebPlugin (x)
HKLM_MozillaPlugins\Adobe Reader (x)
HKLM_MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 (x)
Searchplugins\babylon.xml (hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=145725b6000000000000001966ba14c7&tlver=1.4.19.19&ss=1&affID=18026/)
Searchplugins\bing.xml ( hxxp://www.bing.com/search)
Components\browsercomps.dll (Mozilla Foundation)
Extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} (Skype extension )
-- C:\Documents and Settings\DELRIU Family\Application Data\Mozilla\FireFox\Profiles\h37slo0b.default --
Prefs.js - browser.download.lastDir, C:\\Documents and Settings\\DELRIU Family\\Mes documents
Prefs.js - browser.search.selectedEngine, Google
Prefs.js - browser.startup.homepage_override.buildID, 20110413222027
Prefs.js - browser.startup.homepage_override.mstone, rv:2.0.1
Prefs.js - keyword.URL, hxxp://search.babylon.com/?babsrc=toolbar2&q=
========================================
**** Internet Explorer Version [8.0.6001.18702] ****
HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_SearchScopes\{0633EE93-1111-472f-A0FF-E1416B8B2EAA} - "Search" (hxxp://www.missim.org/google?q={searchTerms}&sa=Search&cx=partner-pub-3546861938...)
HKLM_SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} - "SweetIM Search" (hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms})
HKLM_ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe (SweetIM Technologies Ltd.)
HKLM_Extensions\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - "?" (?)
HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?)
BHO\{474597C5-AB09-49d6-A4D5-2E8D7341384E} (?)
BHO\{5C255C8A-E604-49b4-9D64-90988571CECB} (?)
BHO\{ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} (?)
BHO\{ADE49752-DBBC-43A3-9498-379A82F574BF} (?)
========================================
C:\Program Files\Ad-Remover\Quarantine: 110 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 17 Fichier(s)
C:\Ad-Report-CLEAN[1].txt - 23/06/2011 08:08:48 (8224 Octet(s))
C:\Ad-Report-CLEAN[2].txt - 23/06/2011 08:38:06 (488 Octet(s))
C:\Ad-Report-SCAN[1].txt - 21/06/2011 12:08:21 (5022 Octet(s))
C:\Ad-Report-SCAN[2].txt - 21/06/2011 12:11:25 (9776 Octet(s))
Fin à: 08:38:28, 23/06/2011
============== E.O.F ==============
bonsoir
++++++++++++
Démarre Spybot, clique sur Mode, coche Mode avancé.
A gauche, clique sur Outils, puis sur Résident.
Décoche la case devant Résident "TeaTimer" :
![]()
Quitte Spybot.
+++++++++++
Télécharge MalwareByte's Anti-Malware sur ton Bureau.
Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.
Une fois l'installation et la mise à jour effectuées :
Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
Afin de lancer la recherche, clic sur"Rechercher".
Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
~ Si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
~~ Si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau.
Poste ce rapport.
REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]
Note : Si tu ne parviens à télécharger MBAM à partir de MajorGeeks, tu peux le télécharger ici!
[#FF0000]Aide : Comment utiliser MBAM.
+++
++++++++++++
+++++++++++
Télécharge MalwareByte's Anti-Malware sur ton Bureau.
Une fois l'installation et la mise à jour effectuées :
~ Si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
~~ Si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau.
REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]
Note : Si tu ne parviens à télécharger MBAM à partir de MajorGeeks, tu peux le télécharger ici!
[#FF0000]Aide :
+++
Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org
Version de la base de données: 6936
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
24/06/2011 09:53:44
mbam-log-2011-06-24 (09-53-44).txt
Type d'examen: Examen complet (A:\|C:\|D:\|)
Elément(s) analysé(s): 234521
Temps écoulé: 59 minute(s), 2 seconde(s)
Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 2
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 5
Processus mémoire infecté(s):
c:\WINDOWS\Temp\jfjp\setup.exe (Spyware.Passwords.XGen) -> 1508 -> Unloaded process successfully.
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AMService (Spyware.Passwords.XGen) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SETUP.EXE (Spyware.Passwords.XGen) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
c:\WINDOWS\Temp\jfjp\setup.exe (Spyware.Passwords.XGen) -> Quarantined and deleted successfully.
c:\documents and settings\delriu family\0.7511003169835975.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\documents and settings\delriu family\application data\Adobe\shed\thr1.chm (Malware.Trace) -> Quarantined and deleted successfully.
c:\documents and settings\delriu family\application data\Adobe\plugs\mmc13.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
c:\documents and settings\delriu family\application data\Adobe\plugs\mmc176.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
www.malwarebytes.org
Version de la base de données: 6936
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
24/06/2011 09:53:44
mbam-log-2011-06-24 (09-53-44).txt
Type d'examen: Examen complet (A:\|C:\|D:\|)
Elément(s) analysé(s): 234521
Temps écoulé: 59 minute(s), 2 seconde(s)
Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 2
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 5
Processus mémoire infecté(s):
c:\WINDOWS\Temp\jfjp\setup.exe (Spyware.Passwords.XGen) -> 1508 -> Unloaded process successfully.
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AMService (Spyware.Passwords.XGen) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SETUP.EXE (Spyware.Passwords.XGen) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
c:\WINDOWS\Temp\jfjp\setup.exe (Spyware.Passwords.XGen) -> Quarantined and deleted successfully.
c:\documents and settings\delriu family\0.7511003169835975.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\documents and settings\delriu family\application data\Adobe\shed\thr1.chm (Malware.Trace) -> Quarantined and deleted successfully.
c:\documents and settings\delriu family\application data\Adobe\plugs\mmc13.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
c:\documents and settings\delriu family\application data\Adobe\plugs\mmc176.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
Bonjour?
Désactive ton antivirus et tout autre type de protection.
Télécharge ComboFix de sUBs :![]()
Combofix
Sauvegarde-le sur ton bureau et pas ailleurs!
Double-clic sur ComboFix, Il va te poser une question, suis les invites puis attends que combofix ait terminé, il est possible que ton PC reboot, c’est normal, un rapport sera créé.Poste le rapport:C:\Combofix.txt
clique dessus pour l'ouvrir, puis édition "sélectionner tout", édition "copier"
viens sur le forum et édition "coller"
AIDE : Un guide et un tutoriel sur l'utilisation de ComboFix
* le nom de la partition peut changer
<@_@>
+++++++++++++++++++++
Désactive ton antivirus et tout autre type de protection.
Télécharge ComboFix de sUBs :
Combofix Sauvegarde-le sur ton bureau et pas ailleurs!
Double-clic sur ComboFix, Il va te poser une question, suis les invites puis attends que combofix ait terminé, il est possible que ton PC reboot, c’est normal, un rapport sera créé.Poste le rapport:C:\Combofix.txt
clique dessus pour l'ouvrir, puis édition "sélectionner tout", édition "copier"
viens sur le forum et édition "coller"
AIDE : Un guide et un tutoriel sur l'utilisation de ComboFix
* le nom de la partition peut changer
<@_@>
+++++++++++++++++++++
Bonjour et merci pour l'aide apporté, excuse moi pour l'autre message j'etais un peu en speed.
voici le rapport :
ComboFix 11-07-03.01 - DELRIU Family 04/07/2011 10:33:49.1.2 - x86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.1791.536 [GMT 2:00]
Lancé depuis: c:\documents and settings\DELRIU Family\Mes documents\TÚlÚchargements\ComboFix.exe
AV: AntiVir Desktop *Enabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\DELRIU Family\Application Data\Adobe\plugs
c:\documents and settings\DELRIU Family\Application Data\Adobe\shed
c:\documents and settings\DELRIU Family\Application Data\EurekaLog
c:\documents and settings\DELRIU Family\Bureau\Windows XP Recovery.lnk
c:\documents and settings\DELRIU Family\Menu Démarrer\Programmes\Windows XP Recovery
c:\documents and settings\DELRIU Family\Menu Démarrer\Programmes\Windows XP Recovery\Uninstall Windows XP Recovery.lnk
c:\documents and settings\DELRIU Family\Menu Démarrer\Programmes\Windows XP Recovery\Windows XP Recovery.lnk
.
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_SSHNAS
-------\Legacy_OfferBox_update_service
-------\Service_OfferBox update service
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2011-06-04 au 2011-07-04 ))))))))))))))))))))))))))))))))))))
.
.
2011-06-21 10:07 . 2011-06-21 10:07 -------- d-----w- c:\program files\Ad-Remover
2011-06-19 18:54 . 2011-06-19 18:54 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Deployment
2011-06-19 16:00 . 2011-06-19 16:00 -------- d-----w- c:\program files\Watchtower
2011-06-16 15:44 . 2011-06-16 15:44 -------- d-----w- c:\documents and settings\DELRIU Family\Local Settings\Application Data\Nero_AG
2011-06-16 15:43 . 2011-06-16 15:44 -------- d-----w- c:\documents and settings\DELRIU Family\Application Data\Nero
2011-06-16 15:38 . 2011-06-16 15:38 -------- d-----w- c:\program files\Fichiers communs\Nero
2011-06-16 15:38 . 2011-06-16 15:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Nero
2011-06-16 15:38 . 2011-06-16 15:38 -------- d-----w- c:\program files\Nero
2011-06-16 15:31 . 2011-06-16 15:31 -------- d-----w- c:\program files\Microsoft.NET
2011-06-14 11:55 . 2011-06-14 11:55 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Adobe
2011-06-13 18:26 . 2011-06-13 18:26 -------- d-----w- c:\program files\Paint.NET
2011-06-13 18:26 . 2011-06-13 18:27 -------- d-----w- c:\documents and settings\DELRIU Family\Local Settings\Application Data\Paint.NET
2011-06-13 10:37 . 2011-06-13 10:47 -------- d-----w- c:\documents and settings\DELRIU Family\Application Data\PhotoFiltre Studio X
2011-06-13 10:37 . 2011-06-13 10:37 -------- d-----w- c:\program files\PhotoFiltre Studio X
2011-06-07 10:35 . 2011-06-07 10:35 103864 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2011-06-07 10:35 . 2011-06-07 10:35 103864 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll
2011-06-06 11:17 . 2011-06-06 11:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo! Companion
2011-06-05 18:55 . 2011-06-05 18:55 -------- d-----w- c:\documents and settings\DELRIU Family\Application Data\Avira
2011-06-05 18:09 . 2011-04-18 09:19 137656 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-06-05 18:09 . 2011-06-05 18:09 -------- d-----w- c:\program files\Avira
2011-06-05 18:09 . 2011-06-05 18:09 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
2011-06-05 18:09 . 2011-04-18 09:19 61960 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-06-05 18:09 . 2010-06-17 13:28 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2011-06-05 18:09 . 2010-06-17 13:28 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2011-06-05 17:11 . 2011-06-05 17:35 -------- d-----w- c:\documents and settings\All Users\Application Data\AVAST Software
2011-06-05 17:11 . 2011-06-05 17:11 -------- d-----w- c:\program files\AVAST Software
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-29 07:11 . 2011-05-31 08:40 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-05-29 07:11 . 2011-05-31 08:40 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-05-08 23:04 . 2011-05-10 14:40 128000 ----a-w- c:\program files\updater.exe
2011-04-13 22:40 . 2011-04-13 22:40 4284416 ----a-w- c:\windows\system32\GPhotos.scr
2011-04-14 16:47 . 2011-06-19 13:24 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ccleaner"="c:\program files\CCleaner\CCleaner.exe" [2010-10-27 1861944]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-01-21 13680640]
"nwiz"="nwiz.exe" [2009-01-21 1657376]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-01-21 86016]
"RTHDCPL"="RTHDCPL.EXE" [2008-10-28 17331200]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2008-03-17 1848648]
"SunJavaUpdateSched"="c:\program files\Fichiers communs\Java\Java Update\jusched.exe" [2010-01-11 246504]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
"Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
voici le rapport :
ComboFix 11-07-03.01 - DELRIU Family 04/07/2011 10:33:49.1.2 - x86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.1791.536 [GMT 2:00]
Lancé depuis: c:\documents and settings\DELRIU Family\Mes documents\TÚlÚchargements\ComboFix.exe
AV: AntiVir Desktop *Enabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\DELRIU Family\Application Data\Adobe\plugs
c:\documents and settings\DELRIU Family\Application Data\Adobe\shed
c:\documents and settings\DELRIU Family\Application Data\EurekaLog
c:\documents and settings\DELRIU Family\Bureau\Windows XP Recovery.lnk
c:\documents and settings\DELRIU Family\Menu Démarrer\Programmes\Windows XP Recovery
c:\documents and settings\DELRIU Family\Menu Démarrer\Programmes\Windows XP Recovery\Uninstall Windows XP Recovery.lnk
c:\documents and settings\DELRIU Family\Menu Démarrer\Programmes\Windows XP Recovery\Windows XP Recovery.lnk
.
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_SSHNAS
-------\Legacy_OfferBox_update_service
-------\Service_OfferBox update service
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2011-06-04 au 2011-07-04 ))))))))))))))))))))))))))))))))))))
.
.
2011-06-21 10:07 . 2011-06-21 10:07 -------- d-----w- c:\program files\Ad-Remover
2011-06-19 18:54 . 2011-06-19 18:54 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Deployment
2011-06-19 16:00 . 2011-06-19 16:00 -------- d-----w- c:\program files\Watchtower
2011-06-16 15:44 . 2011-06-16 15:44 -------- d-----w- c:\documents and settings\DELRIU Family\Local Settings\Application Data\Nero_AG
2011-06-16 15:43 . 2011-06-16 15:44 -------- d-----w- c:\documents and settings\DELRIU Family\Application Data\Nero
2011-06-16 15:38 . 2011-06-16 15:38 -------- d-----w- c:\program files\Fichiers communs\Nero
2011-06-16 15:38 . 2011-06-16 15:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Nero
2011-06-16 15:38 . 2011-06-16 15:38 -------- d-----w- c:\program files\Nero
2011-06-16 15:31 . 2011-06-16 15:31 -------- d-----w- c:\program files\Microsoft.NET
2011-06-14 11:55 . 2011-06-14 11:55 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Adobe
2011-06-13 18:26 . 2011-06-13 18:26 -------- d-----w- c:\program files\Paint.NET
2011-06-13 18:26 . 2011-06-13 18:27 -------- d-----w- c:\documents and settings\DELRIU Family\Local Settings\Application Data\Paint.NET
2011-06-13 10:37 . 2011-06-13 10:47 -------- d-----w- c:\documents and settings\DELRIU Family\Application Data\PhotoFiltre Studio X
2011-06-13 10:37 . 2011-06-13 10:37 -------- d-----w- c:\program files\PhotoFiltre Studio X
2011-06-07 10:35 . 2011-06-07 10:35 103864 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2011-06-07 10:35 . 2011-06-07 10:35 103864 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll
2011-06-06 11:17 . 2011-06-06 11:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo! Companion
2011-06-05 18:55 . 2011-06-05 18:55 -------- d-----w- c:\documents and settings\DELRIU Family\Application Data\Avira
2011-06-05 18:09 . 2011-04-18 09:19 137656 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-06-05 18:09 . 2011-06-05 18:09 -------- d-----w- c:\program files\Avira
2011-06-05 18:09 . 2011-06-05 18:09 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
2011-06-05 18:09 . 2011-04-18 09:19 61960 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-06-05 18:09 . 2010-06-17 13:28 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2011-06-05 18:09 . 2010-06-17 13:28 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2011-06-05 17:11 . 2011-06-05 17:35 -------- d-----w- c:\documents and settings\All Users\Application Data\AVAST Software
2011-06-05 17:11 . 2011-06-05 17:11 -------- d-----w- c:\program files\AVAST Software
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-29 07:11 . 2011-05-31 08:40 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-05-29 07:11 . 2011-05-31 08:40 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-05-08 23:04 . 2011-05-10 14:40 128000 ----a-w- c:\program files\updater.exe
2011-04-13 22:40 . 2011-04-13 22:40 4284416 ----a-w- c:\windows\system32\GPhotos.scr
2011-04-14 16:47 . 2011-06-19 13:24 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ccleaner"="c:\program files\CCleaner\CCleaner.exe" [2010-10-27 1861944]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-01-21 13680640]
"nwiz"="nwiz.exe" [2009-01-21 1657376]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-01-21 86016]
"RTHDCPL"="RTHDCPL.EXE" [2008-10-28 17331200]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2008-03-17 1848648]
"SunJavaUpdateSched"="c:\program files\Fichiers communs\Java\Java Update\jusched.exe" [2010-01-11 246504]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
"Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
Lassé par la pub ? Créez un compte
- Contenus similaires :
- ForumVirus alerte vers horloge
- ForumVirus alerte centre de securité
- ForumVirus alerte
- ForumVirus alerte plus de visu surc
- ForumVirus alerte de securite wwindow
- ForumVirus virus virus alerte
- ForumIcone alerte de sécurité
- articlesSkype alerte de sécurité
- ForumVirus alerte de trojan horse
- articlesAlerte sécurité windows
- Voir plus
