Hello,
Je reviens vers vous car j'ai de nouveau choppé un virus sur msn qui envoi des mails à tout mes contacts!!!!!
HELPPPPPPPPPPPPPPPPP!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Merci d'avance
Voici comment faire: Lancez Spybot-S&D, passez en Mode avancé via le Menu Mode (en haut) ? cliquez sur Oui--> choisissez Outils dans la barre de navigation sur la gauche -->Résident et là vous pouvez décocher les cases situées devant les deux outils.
Malwarebytes' Anti-Malware 1.50.1.1100
http://www.malwarebytes.org
Version de la base de données: 6447
Windows 6.1.7600
Internet Explorer 9.0.8112.16421
26/04/2011 12:52:41
mbam-log-2011-04-26 (12-52-41).txt
Type d'examen: Examen complet (C:\|Q:\|)
Elément(s) analysé(s): 297707
Temps écoulé: 42 minute(s), 45 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 29
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 14
Fichier(s) infecté(s): 27
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{1602F07D-8BF3-4c08-BDD6-DDDB1C48AEDC} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{C55CA95C-324B-451C-B2D2-6E895AA75FEC} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{30B15818-E110-4527-9C05-46ACE5A3460D} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ClickPotatoLiteAX.info.1 (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ClickPotatoLiteAX.info (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1602F07D-8BF3-4C08-BDD6-DDDB1C48AEDC} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7A3D6D17-9DD5-4C60-8076-D1784DABAF8C} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{814BAA91-DC22-4350-87D6-0C86E93F7F08} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{419EDA30-6DFF-432C-B534-E15D899ABEE4} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MenuButtonIE.ButtonIE.1 (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MenuButtonIE.ButtonIE (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{AC6D819E-AA8F-4418-A3BB-D165C1B18BB5} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ClickPotatoLiteAX.UserProfiles.1 (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ClickPotatoLiteAX.UserProfiles (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AC6D819E-AA8F-4418-A3BB-D165C1B18BB5} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7} (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{69725738-CD68-4f36-8D02-8C43722EE5DA} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ClickPotatoLiteSA (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\MenuButtonIE.DLL (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\clickpotatolitesa (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\ClickPotatoLite (Adware.ClickPotato) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\extensions\ClickPotatoLite@ClickPotatoLite.com (Adware.ClickPotato) -> Value: ClickPotatoLite@ClickPotatoLite.com -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
c:\programdata\2aca5cc3-0f83-453d-a079-1076fe1a8b65 (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\programdata\clickpotatolitesa (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\Users\cristellechristophe\AppData\Roaming\clickpotatolite (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files (x86)\clickpotatolite (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files (x86)\clickpotatolite\bin (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files (x86)\clickpotatolite\bin\10.0.659.0 (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files (x86)\clickpotatolite\bin\10.0.659.0\firefox (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files (x86)\clickpotatolite\bin\10.0.659.0\firefox\extensions (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files (x86)\clickpotatolite\bin\10.0.659.0\firefox\extensions\plugins (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files (x86)\clickpotatolite\bin\10.0.666.0 (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files (x86)\clickpotatolite\bin\10.0.666.0\firefox (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files (x86)\clickpotatolite\bin\10.0.666.0\firefox\extensions (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files (x86)\clickpotatolite\bin\10.0.666.0\firefox\extensions\plugins (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\programdata\microsoft\Windows\start menu\Programs\clickpotato (Adware.ClickPotato) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
c:\program files (x86)\clickpotatolite\bin\10.0.666.0\clickpotatolitesaax.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files (x86)\clickpotatolite\bin\10.0.666.0\clickpotatolitesabho.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files (x86)\clickpotatolite\bin\10.0.659.0\clickpotatolitesa.exe (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files (x86)\clickpotatolite\bin\10.0.659.0\clickpotatolitesaax.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files (x86)\clickpotatolite\bin\10.0.659.0\clickpotatolitesabho.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files (x86)\clickpotatolite\bin\10.0.659.0\clickpotatoliteuninstaller.exe (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files (x86)\clickpotatolite\bin\10.0.659.0\firefox\extensions\plugins\npclntax_clickpotatolitesa.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files (x86)\clickpotatolite\bin\10.0.666.0\clickpotatolitesahook.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files (x86)\clickpotatolite\bin\10.0.666.0\clickpotatoliteuninstaller.exe (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files (x86)\clickpotatolite\bin\10.0.666.0\firefox\extensions\plugins\npclntax_clickpotatolitesa.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files (x86)\mozilla firefox\plugins\npclntax_clickpotatolitesa.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\Users\cristellechristophe\downloads\vlcsetup(2).exe (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\Users\cristellechristophe\downloads\vlcsetup(3).exe (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\Users\cristellechristophe\downloads\vlcsetup(4).exe (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\Users\cristellechristophe\downloads\VLCSetup.exe (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\programdata\clickpotatolitesa\clickpotatolitesa.dat (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\programdata\clickpotatolitesa\clickpotatolitesaabout.mht (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\programdata\clickpotatolitesa\clickpotatolitesaau.dat (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\programdata\clickpotatolitesa\clickpotatolitesaeula.mht (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\programdata\clickpotatolitesa\clickpotatolitesa_hpk.dat (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\programdata\clickpotatolitesa\clickpotatolitesa_kyf.dat (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files (x86)\clickpotatolite\bin\10.0.659.0\clickpotatolitesahook.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files (x86)\clickpotatolite\bin\10.0.659.0\firefox\extensions\install.rdf (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files (x86)\clickpotatolite\bin\10.0.666.0\firefox\extensions\install.rdf (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\programdata\microsoft\Windows\start menu\Programs\clickpotato\About Us.lnk (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\programdata\microsoft\Windows\start menu\Programs\clickpotato\clickpotato customer support.lnk (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\programdata\microsoft\Windows\start menu\Programs\clickpotato\clickpotato uninstall instructions.lnk (Adware.ClickPotato) -> Quarantined and deleted successfully.
et celui de AD-REMOVER:
======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======
Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org
C:\Program Files (x86)\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 12:58:34 le 26/04/2011, Mode normal
Microsoft Windows 7 Édition Familiale Premium (X64)
cristellechristophe@CRISTELLECHRIST (Acer Aspire 7740)
============== ACTION(S) ==============
Dossier supprimé: C:\Users\cristellechristophe\AppData\Roaming\Mozilla\FireFox\Profiles\jpjr3137.default\conduit
Dossier supprimé: C:\Users\cristellechristophe\AppData\LocalLow\Conduit
Dossier supprimé: C:\Users\cristellechristophe\AppData\LocalLow\PriceGong
Dossier supprimé: C:\Program Files (x86)\PriceGong
(!) -- Fichiers temporaires supprimés.
-- Fichier ouvert: C:\Users\cristellechristophe\AppData\Roaming\Mozilla\FireFox\Profiles\jpjr3137.default\Prefs.js --
Ligne supprimée: user_pref("CT2567681.SearchEngine", "Recherche||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_...
Ligne supprimée: user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr...
Ligne supprimée: user_pref("CommunityToolbar.ToolbarsList", "CT2567681,CT2719315");
Ligne supprimée: user_pref("CommunityToolbar.ToolbarsList2", "CT2567681,CT2719315");
Ligne supprimée: user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Ligne supprimée: user_pref("CommunityToolbar.alert.locale", "en");
Ligne supprimée: user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Ligne supprimée: user_pref("CommunityToolbar.alert.loginLastCheckTime", "Thu Dec 09 2010 20:52:48 GMT+0100");
Ligne supprimée: user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1291052234");
Ligne supprimée: user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Ligne supprimée: user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Ligne supprimée: user_pref("CommunityToolbar.alert.showTrayIcon", false);
Ligne supprimée: user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Ligne supprimée: user_pref("CommunityToolbar.alert.userId", "{a1ea41e6-2109-48a6-934c-ef35b8231d09}");
Ligne supprimée: user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Thu Dec 09 2010 20:52:49 GMT+0100");
-- Fichier Fermé --
Clé supprimée: HKLM\Software\Classes\Interface\{618AAD04-921F-44C2-BE38-C0818AF69861}
Clé supprimée: HKLM\Software\Classes\Interface\{B5D2ED96-62F9-4C2C-956D-E425B1F67337}
Clé supprimée: HKLM\Software\Classes\Interface\{D3A412E8-1E4B-47D2-9B12-F88291F5AFBB}
Clé supprimée: HKCU\Software\AppDataLow\Software\PriceGong
Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}
============== SCAN ADDITIONNEL ==============
**** Mozilla Firefox Version [3.6.16 (fr)] ****
Extensions\{4D9AE42B-F4C0-40e6-AEDB-4EC6E42B77AF} (Plugin Orange Installeur)
HKLM_Extensions|smartwebprinting@hp.com - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
HKCU_Extensions|smartwebprinting@hp.com - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
-- C:\Users\cristellechristophe\AppData\Roaming\Mozilla\FireFox\Profiles\jpjr3137.default --
Extensions\menu_contextuel_orange@orange.fr (Menu Contextuel Orange)
Searchplugins\MyStart Search.xml (?)
Searchplugins\orange.xml (?)
Searchplugins\sweetim.xml (?)
User.js - keyword.URL, hxxp://rws.search.ke.voila.fr/RW/S/opensearch_orange?rdata=
User.js - browser.startup.homepage, hxxp://r.orange.fr/r/Ohome_portail?ref=O_OI_defaultPage
User.js - browser.search.selectedEngine, Orange
Prefs.js - browser.download.lastDir, C:\\Users\\cristellechristophe\\Desktop\\boulot
Prefs.js - browser.search.defaultenginename, SweetIM Search
Prefs.js - browser.search.defaulturl,
Prefs.js - browser.search.selectedEngine, Orange
Prefs.js - browser.startup.homepage, hxxp://r.orange.fr/r/Ohome_portail?ref=O_OI_defaultPage
Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.16
Prefs.js - keyword.URL, hxxp://rws.search.ke.voila.fr/RW/S/opensearch_orange?rdata=
========================================
**** Internet Explorer Version [9.0.8112.16421] ****
HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_SearchScopes\{814C76CB-2623-43F4-AAD0-58A0E5190A20} - "Orange" (hxxp://www.orange.fr/bin/frame1px.cgi?u=hxxp%3A//r.voila.fr/se%3Frdata%3D{search...)
HKCU_SearchScopes\{8B63A8D6-BBED-4341-8867-790E5F524C96} - "MyStart Search" (hxxp://mystart.hiyo.com/?search={searchTerms}&loc=ie_search)
HKCU_SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} - "SweetIM Search" (hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms})
HKLM_SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} - "?" (hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms})
HKCU_Toolbar\WebBrowser|{B9E20919-FA55-471F-989B-B107BF8DE785} (x)
HKLM_Toolbar|{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} (C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll)
HKCU_ElevationPolicy\{D3DE705E-0BB6-47E6-AB61-6FF78BE040A0} - C:\Program Files (x86)\Internet Explorer\minftnet.exe (Synersoft)
HKLM_ElevationPolicy\0b7f757e-3757-47b4-b732-6c3cfb0df735 - C:\Program Files (x86)\Messenger_Plus_Live_France\Messenger_Plus_Live_FranceToolbarHelper.exe (x)
HKLM_ElevationPolicy\169bbf02-56fe-491d-b98b-5f432b11af7c - C:\Program Files (x86)\MessengerPlusLive_France_TB\MessengerPlusLive_France_TBToolbarHelper.exe (x)
HKLM_ElevationPolicy\2521a629-03b3-4cbd-b376-20a152d7144a - C:\Program Files (x86)\Messenger_Plus_Live_France\Messenger_Plus_Live_FranceToolbarHelper.exe (x)
HKLM_ElevationPolicy\2e2c5b28-86d5-4f8b-820f-8853dd37082a - C:\Program Files (x86)\MessengerPlusLive_France_TB\MessengerPlusLive_France_TBToolbarHelper.exe (x)
HKLM_ElevationPolicy\45e5b919-f9a9-4a5e-9204-2d8dcc0d9a86 - C:\Program Files (x86)\ecouter-la-radio\ecouter-la-radioToolbarHelper.exe (x)
HKLM_ElevationPolicy\536db9fc-905a-4a30-973a-ebab2f72f26a - C:\Program Files (x86)\MessengerPlusLive_France_TB\MessengerPlusLive_France_TBToolbarHelper.exe (x)
HKLM_ElevationPolicy\730cb895-6156-40fd-9fa6-1257db9e79bd - C:\Program Files (x86)\Messenger_Plus_Live_France\Messenger_Plus_Live_FranceToolbarHelper.exe (x)
HKLM_ElevationPolicy\a470d60c-ef08-4746-8cbe-1e8bcee758cd - C:\Program Files (x86)\MessengerPlusLive_France_TB\MessengerPlusLive_France_TBToolbarHelper.exe (x)
HKLM_ElevationPolicy\d2fd7447-0613-4aac-b6f8-e9022fac1910 - C:\Program Files (x86)\MessengerPlusLive_France_TB\MessengerPlusLive_France_TBToolbarHelper.exe (x)
HKLM_ElevationPolicy\e9b86207-87b3-4738-9042-3ca3eea525cb - C:\Program Files (x86)\Messenger_Plus_Live_France\Messenger_Plus_Live_FranceToolbarHelper.exe (x)
HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\SysWOW64\wpcer.exe (x)
HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\SysWOW64\winfxdocobj.exe (x)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{A6E2003F-95C5-4591-BA9A-0093080FDB5C} - C:\Program Files (x86)\Common Files\Oberon Media\OberonBroker\1.0.0.63\OberonBroker.exe (?)
HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x)
BHO\{02478D38-C3F9-4efb-9B51-7695ECA05670} (?)
BHO\{0EEDB912-C5FA-486F-8334-57288578C627} - "Shareaza Web Download Hook" (C:\Program Files (x86)\Shareaza\RazaWebHook32.dll)
BHO\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - "avast! WebRep" (C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll)
========================================
C:\Program Files (x86)\Ad-Remover\Quarantine: 38 Fichier(s)
C:\Program Files (x86)\Ad-Remover\Backup: 16 Fichier(s)
C:\Ad-Report-CLEAN[1].txt - 26/04/2011 12:59:17 (8487 Octet(s))
Fin à: 13:00:16, 26/04/2011
============== E.O.F ==============
O87 - FAEL: "TCP Query User{8649D5D1-6AAB-44E5-8B55-521CC751E2E8}C:\program files (x86)\freetvradio\freetvradio.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files (x86)\freetvradio\freetvradio.exe (.not file.)
O87 - FAEL: "UDP Query User{3A1473A7-75B5-439C-97CE-E949B38CBA5C}C:\program files (x86)\freetvradio\freetvradio.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files (x86)\freetvradio\freetvradio.exe (.not file.)
[HKLM\Software\Classes\AppID\{d2083641-e57f-4eab-bb85-0582424f4a29}]
[HKCU\Software\AppDataLow\LastScanTime]
O43 - CFD: 17/06/2010 - 20:20:44 - [1311] ----D- C:\ProgramData\Partner
O44 - LFC:[MD5.DE3F29C1540F746098745EE91875BCC3] - 26/04/2011 - 12:00:17 ---A- . (...) -- C:\Ad-Report-CLEAN[1].txt [8626]
O87 - FAEL: "{D43D241E-8FF5-4D75-9A9A-281E5FB8B175}" |In - None - P17 - TRUE | .(...) -- D:\setup\hpznui40.exe (.not file.)
O87 - FAEL: "{446B1190-B3AD-443E-90BF-2985BBE02AA5}" |In - Private - P6 - TRUE | .(...) -- C:\Users\cristellechristophe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4GPWTJS0\SweetImSetup.exe (.not file.)
O87 - FAEL: "{349AB549-74F1-4AA8-8F0D-FF3E614491A0}" |In - Private - P17 - TRUE | .(...) -- C:\Users\cristellechristophe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4GPWTJS0\SweetImSetup.exe (.not file.)
[HKCU\Software\SweetIM]
[HKLM\Software\SweetIM]
O43 - CFD: 23/11/2010 - 14:27:00 - [0] ----D- C:\Users\cristellechristophe\AppData\Roaming\facemoods.com
O43 - CFD: 21/11/2010 - 15:41:36 - [2348550] ----D- C:\Users\cristellechristophe\Appdata\Local\MessengerPlusLive_France_TB
O43 - CFD: 23/11/2010 - 14:26:46 - [47725] ----D- C:\Program Files (x86)\facemoods.com => facemoods.com
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{eee6c360-6118-11dc-9c72-001320c79847}]
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{eee6c360-6118-11dc-9c72-001320c79847}]
EmptyFlash
Emptytemp
Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 6 invités
.: Nous contacter :: Flux RSS :: Données personnelles :. |