Bonjour,
J'ai un gros problème car j'ai regardé des séries sur le site "lafoiredustreaming.com" sans rien télécharger. Depuis mon ordinateur est très lent et se bloque de plus en plus. Mes serveurs internet Internet explorer, Google et Firefox ne fonctionne plus et j'ai de nombreux messages erreur " erreur de lancement de l'application, google chrome bloqué...
J'ai fait de nombreux nettoyages mais rien n'y fait..
Pouvez-vous m'aider?
Merci d'avance
virus sur site de streaming
Modérateurs : Mods Windows, Helper
- Messages : 113172
- Inscription : 10 sept. 2005 13:57
Re: virus sur site de streaming
Salut,
Faire un scan OTL pour diagnostiquer les programmes qui tournent et déceler des infections - Le programme va générer deux rapports OTL.txt et Extras.txt
Fournir les deux rapports :
Tu peux suivre les indications de cette page pour t'aider : https://www.malekal.com/2010/11/12/tutorial-otl/
* Télécharge http://oldtimer.geekstogo.com/OTL.exe sur ton bureau.
(Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)
Dans le cas d'Avast!, ne pas lancer le programme dans la Sandbox (voir lien d'aide ci-dessus).
* Lance OTL
* En haut à droite de Analyse rapide, coche "tous les utilisateurs"
* Sur OTL, sous Personnalisation, copie-colle le script ci-dessous :
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%temp%\*.exe /s
%SYSTEMDRIVE%\*.exe
%systemroot%\*. /mp /s
%systemroot%\system32\consrv.dll
%systemroot%\system32\*.dll /lockedfiles
%windir%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
/md5start
explorer.exe
winlogon.exe
services.exe
wininit.exe
/md5stop
HKEY_CLASSES_ROOT\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InprocServer32 /s
HKEY_LOCAL_MACHINE\SYSTEM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters /s
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems /s
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls /s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList /s
HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor /s
HKEY_CURRENT_USER\Software\Microsoft\Command Processor /s
CREATERESTOREPOINT
nslookup http://www.google.fr /c
SAVEMBR:0
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
* Clique sur le bouton Analyse.
* Quand le scan est fini, utilise le site http://pjjoint.malekal.com/ pour envoyer le rapport OTL.txt (et Extra.txt si présent).
Donne le ou les liens pjjoint qui pointent vers ces rapports ici dans une réponse.
Je répète : donne le lien du rapport pjjoint ici en réponse.
<gras>NE PAS COPIER/COLLER LE RAPPORT ICI - DONNER LE LIEN PJJOINT DANS UN NOUVEAU MESSAGE</gras>
Faire un scan OTL pour diagnostiquer les programmes qui tournent et déceler des infections - Le programme va générer deux rapports OTL.txt et Extras.txt
Fournir les deux rapports :
Tu peux suivre les indications de cette page pour t'aider : https://www.malekal.com/2010/11/12/tutorial-otl/
* Télécharge http://oldtimer.geekstogo.com/OTL.exe sur ton bureau.
(Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)
Dans le cas d'Avast!, ne pas lancer le programme dans la Sandbox (voir lien d'aide ci-dessus).
* Lance OTL
* En haut à droite de Analyse rapide, coche "tous les utilisateurs"
* Sur OTL, sous Personnalisation, copie-colle le script ci-dessous :
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%temp%\*.exe /s
%SYSTEMDRIVE%\*.exe
%systemroot%\*. /mp /s
%systemroot%\system32\consrv.dll
%systemroot%\system32\*.dll /lockedfiles
%windir%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
/md5start
explorer.exe
winlogon.exe
services.exe
wininit.exe
/md5stop
HKEY_CLASSES_ROOT\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InprocServer32 /s
HKEY_LOCAL_MACHINE\SYSTEM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters /s
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems /s
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls /s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList /s
HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor /s
HKEY_CURRENT_USER\Software\Microsoft\Command Processor /s
CREATERESTOREPOINT
nslookup http://www.google.fr /c
SAVEMBR:0
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
* Clique sur le bouton Analyse.
* Quand le scan est fini, utilise le site http://pjjoint.malekal.com/ pour envoyer le rapport OTL.txt (et Extra.txt si présent).
Donne le ou les liens pjjoint qui pointent vers ces rapports ici dans une réponse.
Je répète : donne le lien du rapport pjjoint ici en réponse.
<gras>NE PAS COPIER/COLLER LE RAPPORT ICI - DONNER LE LIEN PJJOINT DANS UN NOUVEAU MESSAGE</gras>
Première règle élémentaire de sécurité : on réfléchit puis on clic et pas l'inverse - Les fichiers/programmes c'est comme les bonbons, quand ça vient d'un inconnu, on n'accepte pas !
➔ Comment protéger son PC des virus
➔ Windows 11 : Compatibilité, Configuration minimale requise, télécharger ISO et installer Windows 11
Comment demander de l'aide sur le forum
Partagez malekal.com : n'hésitez pas à partager les articles qui vous plaisent sur la page Facebook du site.
➔ Comment protéger son PC des virus
➔ Windows 11 : Compatibilité, Configuration minimale requise, télécharger ISO et installer Windows 11
Comment demander de l'aide sur le forum
Partagez malekal.com : n'hésitez pas à partager les articles qui vous plaisent sur la page Facebook du site.
Re: virus sur site de streaming
Ok merci,
Voici le lien: http://pjjoint.malekal.com/files.php?id ... 5s6k11h7h9
Je vous envoie également le rapport de correction:
Error: Unable to interpret <%ALLUSERSPROFILE%\Application Data\*. > in the current context!
Error: Unable to interpret <%ALLUSERSPROFILE%\Application Data\*.exe /s > in the current context!
Error: Unable to interpret <%APPDATA%\*. > in the current context!
Error: Unable to interpret <%APPDATA%\*.exe /s > in the current context!
Error: Unable to interpret <%temp%\*.exe /s > in the current context!
Error: Unable to interpret <%SYSTEMDRIVE%\*.exe > in the current context!
Error: Unable to interpret <%systemroot%\*. /mp /s> in the current context!
Error: Unable to interpret <%systemroot%\system32\consrv.dll> in the current context!
Error: Unable to interpret <%systemroot%\system32\*.dll /lockedfiles > in the current context!
Error: Unable to interpret <%windir%\Tasks\*.job /lockedfiles > in the current context!
Error: Unable to interpret <%systemroot%\system32\drivers\*.sys /lockedfiles > in the current context!
Error: Unable to interpret <%systemroot%\System32\config\*.sav > in the current context!
Error: Unable to interpret </md5start > in the current context!
Error: Unable to interpret <explorer.exe > in the current context!
Error: Unable to interpret <winlogon.exe> in the current context!
Error: Unable to interpret <services.exe> in the current context!
Error: Unable to interpret <wininit.exe> in the current context!
Error: Unable to interpret </md5stop> in the current context!
Error: Unable to interpret <HKEY_CLASSES_ROOT\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InprocServer32 /s> in the current context!
Error: Unable to interpret <HKEY_LOCAL_MACHINE\SYSTEM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters /s> in the current context!
Error: Unable to interpret <HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems /s> in the current context!
Error: Unable to interpret <HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls /s> in the current context!
Error: Unable to interpret <HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList /s> in the current context!
Error: Unable to interpret <HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor /s> in the current context!
Error: Unable to interpret <HKEY_CURRENT_USER\Software\Microsoft\Command Processor /s> in the current context!
Error: Unable to interpret <nslookup http://www.google.fr /c > in the current context!
Error: Unable to interpret <hklm\software\clients\startmenuinternet|command /rs > in the current context!
Error: Unable to interpret <hklm\software\clients\startmenuinternet|command /64 /rs> in the current context!
OTL by OldTimer - Version 3.2.69.0 log created on 01112014_094253
Cdt
Voici le lien: http://pjjoint.malekal.com/files.php?id ... 5s6k11h7h9
Je vous envoie également le rapport de correction:
Error: Unable to interpret <%ALLUSERSPROFILE%\Application Data\*. > in the current context!
Error: Unable to interpret <%ALLUSERSPROFILE%\Application Data\*.exe /s > in the current context!
Error: Unable to interpret <%APPDATA%\*. > in the current context!
Error: Unable to interpret <%APPDATA%\*.exe /s > in the current context!
Error: Unable to interpret <%temp%\*.exe /s > in the current context!
Error: Unable to interpret <%SYSTEMDRIVE%\*.exe > in the current context!
Error: Unable to interpret <%systemroot%\*. /mp /s> in the current context!
Error: Unable to interpret <%systemroot%\system32\consrv.dll> in the current context!
Error: Unable to interpret <%systemroot%\system32\*.dll /lockedfiles > in the current context!
Error: Unable to interpret <%windir%\Tasks\*.job /lockedfiles > in the current context!
Error: Unable to interpret <%systemroot%\system32\drivers\*.sys /lockedfiles > in the current context!
Error: Unable to interpret <%systemroot%\System32\config\*.sav > in the current context!
Error: Unable to interpret </md5start > in the current context!
Error: Unable to interpret <explorer.exe > in the current context!
Error: Unable to interpret <winlogon.exe> in the current context!
Error: Unable to interpret <services.exe> in the current context!
Error: Unable to interpret <wininit.exe> in the current context!
Error: Unable to interpret </md5stop> in the current context!
Error: Unable to interpret <HKEY_CLASSES_ROOT\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InprocServer32 /s> in the current context!
Error: Unable to interpret <HKEY_LOCAL_MACHINE\SYSTEM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters /s> in the current context!
Error: Unable to interpret <HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems /s> in the current context!
Error: Unable to interpret <HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls /s> in the current context!
Error: Unable to interpret <HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList /s> in the current context!
Error: Unable to interpret <HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor /s> in the current context!
Error: Unable to interpret <HKEY_CURRENT_USER\Software\Microsoft\Command Processor /s> in the current context!
Error: Unable to interpret <nslookup http://www.google.fr /c > in the current context!
Error: Unable to interpret <hklm\software\clients\startmenuinternet|command /rs > in the current context!
Error: Unable to interpret <hklm\software\clients\startmenuinternet|command /64 /rs> in the current context!
OTL by OldTimer - Version 3.2.69.0 log created on 01112014_094253
Cdt
- Messages : 113172
- Inscription : 10 sept. 2005 13:57
Re: virus sur site de streaming
Désinstalle :
Advanced SystemCare 7 et IOBit AntiMalware etc.
Jump Flip
Slick Savings
Search Settings
Refais un scan OTL et donne le rapport.
Advanced SystemCare 7 et IOBit AntiMalware etc.
Jump Flip
Slick Savings
Search Settings
Refais un scan OTL et donne le rapport.
Première règle élémentaire de sécurité : on réfléchit puis on clic et pas l'inverse - Les fichiers/programmes c'est comme les bonbons, quand ça vient d'un inconnu, on n'accepte pas !
➔ Comment protéger son PC des virus
➔ Windows 11 : Compatibilité, Configuration minimale requise, télécharger ISO et installer Windows 11
Comment demander de l'aide sur le forum
Partagez malekal.com : n'hésitez pas à partager les articles qui vous plaisent sur la page Facebook du site.
➔ Comment protéger son PC des virus
➔ Windows 11 : Compatibilité, Configuration minimale requise, télécharger ISO et installer Windows 11
Comment demander de l'aide sur le forum
Partagez malekal.com : n'hésitez pas à partager les articles qui vous plaisent sur la page Facebook du site.
Re: virus sur site de streaming
Ok merci, voici le nouveau lien: http://pjjoint.malekal.com/files.php?id ... 4p13o13t11
Ainsi que le rapport de correction:
Error: Unable to interpret <%ALLUSERSPROFILE%\Application Data\*. > in the current context!
Error: Unable to interpret <%ALLUSERSPROFILE%\Application Data\*.exe /s > in the current context!
Error: Unable to interpret <%APPDATA%\*. > in the current context!
Error: Unable to interpret <%APPDATA%\*.exe /s > in the current context!
Error: Unable to interpret <%temp%\*.exe /s > in the current context!
Error: Unable to interpret <%SYSTEMDRIVE%\*.exe > in the current context!
Error: Unable to interpret <%systemroot%\*. /mp /s> in the current context!
Error: Unable to interpret <%systemroot%\system32\consrv.dll> in the current context!
Error: Unable to interpret <%systemroot%\system32\*.dll /lockedfiles > in the current context!
Error: Unable to interpret <%windir%\Tasks\*.job /lockedfiles > in the current context!
Error: Unable to interpret <%systemroot%\system32\drivers\*.sys /lockedfiles > in the current context!
Error: Unable to interpret <%systemroot%\System32\config\*.sav > in the current context!
Error: Unable to interpret </md5start > in the current context!
Error: Unable to interpret <explorer.exe > in the current context!
Error: Unable to interpret <winlogon.exe> in the current context!
Error: Unable to interpret <services.exe> in the current context!
Error: Unable to interpret <wininit.exe> in the current context!
Error: Unable to interpret </md5stop> in the current context!
Error: Unable to interpret <HKEY_CLASSES_ROOT\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InprocServer32 /s> in the current context!
Error: Unable to interpret <HKEY_LOCAL_MACHINE\SYSTEM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters /s> in the current context!
Error: Unable to interpret <HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems /s> in the current context!
Error: Unable to interpret <HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls /s> in the current context!
Error: Unable to interpret <HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList /s> in the current context!
Error: Unable to interpret <HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor /s> in the current context!
Error: Unable to interpret <HKEY_CURRENT_USER\Software\Microsoft\Command Processor /s> in the current context!
Error: Unable to interpret <nslookup http://www.google.fr /c > in the current context!
Error: Unable to interpret <hklm\software\clients\startmenuinternet|command /rs > in the current context!
Error: Unable to interpret <hklm\software\clients\startmenuinternet|command /64 /rs> in the current context!
OTL by OldTimer - Version 3.2.69.0 log created on 01112014_173621
Cdt
Ainsi que le rapport de correction:
Error: Unable to interpret <%ALLUSERSPROFILE%\Application Data\*. > in the current context!
Error: Unable to interpret <%ALLUSERSPROFILE%\Application Data\*.exe /s > in the current context!
Error: Unable to interpret <%APPDATA%\*. > in the current context!
Error: Unable to interpret <%APPDATA%\*.exe /s > in the current context!
Error: Unable to interpret <%temp%\*.exe /s > in the current context!
Error: Unable to interpret <%SYSTEMDRIVE%\*.exe > in the current context!
Error: Unable to interpret <%systemroot%\*. /mp /s> in the current context!
Error: Unable to interpret <%systemroot%\system32\consrv.dll> in the current context!
Error: Unable to interpret <%systemroot%\system32\*.dll /lockedfiles > in the current context!
Error: Unable to interpret <%windir%\Tasks\*.job /lockedfiles > in the current context!
Error: Unable to interpret <%systemroot%\system32\drivers\*.sys /lockedfiles > in the current context!
Error: Unable to interpret <%systemroot%\System32\config\*.sav > in the current context!
Error: Unable to interpret </md5start > in the current context!
Error: Unable to interpret <explorer.exe > in the current context!
Error: Unable to interpret <winlogon.exe> in the current context!
Error: Unable to interpret <services.exe> in the current context!
Error: Unable to interpret <wininit.exe> in the current context!
Error: Unable to interpret </md5stop> in the current context!
Error: Unable to interpret <HKEY_CLASSES_ROOT\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InprocServer32 /s> in the current context!
Error: Unable to interpret <HKEY_LOCAL_MACHINE\SYSTEM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters /s> in the current context!
Error: Unable to interpret <HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems /s> in the current context!
Error: Unable to interpret <HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls /s> in the current context!
Error: Unable to interpret <HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList /s> in the current context!
Error: Unable to interpret <HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor /s> in the current context!
Error: Unable to interpret <HKEY_CURRENT_USER\Software\Microsoft\Command Processor /s> in the current context!
Error: Unable to interpret <nslookup http://www.google.fr /c > in the current context!
Error: Unable to interpret <hklm\software\clients\startmenuinternet|command /rs > in the current context!
Error: Unable to interpret <hklm\software\clients\startmenuinternet|command /64 /rs> in the current context!
OTL by OldTimer - Version 3.2.69.0 log created on 01112014_173621
Cdt
- Messages : 31840
- Inscription : 28 févr. 2008 13:58
- Localisation : Breizhilienne
Re: virus sur site de streaming
t'as pas à faire de Correction sans script approprié !!!
Créer un point de restauration , voir > http://www.chantal11.com/2010/07/raccou ... s-7-vista/
relançe OTL , Copies et colles le contenue de cette citation ci dessous (en commençant bien à :OTL , les : inclus devant OTL jusqu'à [emptytemp] inclus) dans la partie inférieure d'OTL sous "Personalisation"
et cette fois ci clic CORRECTION
Créer un point de restauration , voir > http://www.chantal11.com/2010/07/raccou ... s-7-vista/ relançe OTL , Copies et colles le contenue de cette citation ci dessous (en commençant bien à :OTL , les : inclus devant OTL jusqu'à [emptytemp] inclus) dans la partie inférieure d'OTL sous "Personalisation" et cette fois ci clic CORRECTION
» Un rapport texte apparrait au redemarrage du pc .:OTL
O3:64bit: - HKLM\..\Toolbar: (no name) - !{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - !{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - !{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - !{99079a25-328f-4bd4-be04-00955acaa0a7} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - !{ba14329e-9550-4989-b3f2-9732e92d17cc} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - !{D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{99079a25-328f-4bd4-be04-00955acaa0a7} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{ba14329e-9550-4989-b3f2-9732e92d17cc} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {3004627E-F8E9-4E8B-909D-316753CBA923} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O20 - AppInit_DLLs: (c:\progra~3\browse~1\25986~1.67\{c16c1~1\browse~1.dll) - File not found
[2014/01/05 11:36:37 | 000,000,000 | ---D | C] -- C:\ProgramData\ProductData
[2014/01/05 11:36:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Spigot
[2014/01/11 17:08:00 | 000,000,298 | ---- | M] () -- C:\Windows\tasks\UpdaterEX.job
[2014/01/06 17:21:01 | 000,000,000 | -H-- | M] () -- C:\ProgramData\DP45977C.lfl
[2010/05/21 13:12:46 | 003,098,112 | ---- | C] () -- C:\Users\Solène\openofficeorg32.msi
[2010/05/21 13:11:16 | 000,460,088 | ---- | C] () -- C:\Users\Solène\setup.exe
[2010/05/21 13:08:54 | 129,598,377 | ---- | C] () -- C:\Users\Solène\openofficeorg1.cab
[2012/04/01 17:10:53 | 000,000,000 | ---- | C] () -- C:\ProgramData\Gf6H4129.exe
[2012/04/01 17:10:50 | 000,000,000 | ---- | C] () -- C:\ProgramData\l49a6frl.exe
[2013/11/26 09:17:54 | 000,000,000 | ---D | M] -- C:\Users\Solène\AppData\Roaming\0V1L2Z2Z1T1I1L1T
[25 C:\Users\SOLNE~1\AppData\Local\Temp\*.tmp files -> C:\Users\SOLNE~1\AppData\Local\Temp\*.tmp -> ]
:commands
[emptytemp]
Avec Gnu_Linux t'as un Noyau ... avec Ѡindows t'as que les pépins
https://helicium.altervista.org/
Supprimer les "virus" gratuitement http://www.supprimer-trojan.com/
Un p'tit Don à Angélique
Merci.
https://helicium.altervista.org/
Supprimer les "virus" gratuitement http://www.supprimer-trojan.com/
Un p'tit Don à Angélique
Merci.Re: virus sur site de streaming
OK merci beaucoup, voici le rapport:
All processes killed
========== OTL ==========
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\!{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\!{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\!{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\!{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\!{ba14329e-9550-4989-b3f2-9732e92d17cc} deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\!{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\!{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\!{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\!{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\!{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\!{ba14329e-9550-4989-b3f2-9732e92d17cc} deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\!{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{3004627E-F8E9-4E8B-909D-316753CBA923} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3004627E-F8E9-4E8B-909D-316753CBA923}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:c:\progra~3\browse~1\25986~1.67\{c16c1~1\browse~1.dll deleted successfully.
C:\ProgramData\ProductData folder moved successfully.
C:\Program Files (x86)\Common Files\Spigot\GC folder moved successfully.
C:\Program Files (x86)\Common Files\Spigot folder moved successfully.
C:\Windows\Tasks\UpdaterEX.job moved successfully.
C:\ProgramData\DP45977C.lfl moved successfully.
C:\Users\Solène\openofficeorg32.msi moved successfully.
C:\Users\Solène\setup.exe moved successfully.
C:\Users\Solène\openofficeorg1.cab moved successfully.
C:\ProgramData\Gf6H4129.exe moved successfully.
C:\ProgramData\l49a6frl.exe moved successfully.
C:\Users\Solène\AppData\Roaming\0V1L2Z2Z1T1I1L1T\Avast Packages folder moved successfully.
C:\Users\Solène\AppData\Roaming\0V1L2Z2Z1T1I1L1T folder moved successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\BITE91F.tmp deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdate.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_am.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_ar.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_bg.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_bn.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_ca.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_cs.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_da.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_de.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_el.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_en-GB.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_en.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_es-419.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_es.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_et.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_fa.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_fi.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_fil.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_fr.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_gu.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_hi.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_hr.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_hu.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_id.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_is.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_it.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_iw.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_ja.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_kn.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_ko.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_lt.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_lv.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_ml.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_mr.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_ms.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_nl.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_no.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_pl.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_pt-BR.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_pt-PT.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_ro.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_ru.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_sk.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_sl.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_sr.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_sv.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_sw.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_ta.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_te.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_th.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_tr.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_uk.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_ur.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_vi.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_zh-CN.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_zh-TW.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\npSoftwareUpdate3.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\psmachine.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\psuser.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\SoftwareCrashHandler.exe deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\SoftwareUpdate.exe deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\SoftwareUpdateBroker.exe deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\SoftwareUpdateHelper.msi deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\SoftwareUpdateOnDemand.exe deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp folder deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUT4D0E.tmp deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\is-D7JSS.tmp\_isetup\_setup64.tmp deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\is-D7JSS.tmp\_isetup\_shfoldr.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\is-D7JSS.tmp\_isetup folder deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\is-D7JSS.tmp\UninstallPromote.exe deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\is-D7JSS.tmp folder deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\is-EVQD9.tmp\_isetup\_setup64.tmp deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\is-EVQD9.tmp\_isetup\_shfoldr.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\is-EVQD9.tmp\_isetup folder deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\is-EVQD9.tmp\UninstallPromote.exe deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\is-EVQD9.tmp folder deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\is-TIB89.tmp\_isetup\_setup64.tmp deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\is-TIB89.tmp\_isetup\_shfoldr.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\is-TIB89.tmp\_isetup folder deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\is-TIB89.tmp\UninstallPromote.exe deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\is-TIB89.tmp folder deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\msf9BF1.tmp deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\msf9F4B.tmp deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\nsa4985.tmp\Registry.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\nsa4985.tmp folder deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\svfa1.tmp folder deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\TCD2A50.tmp\CleanGradient.thmx deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\TCD2A50.tmp folder deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\tmp2BC8.tmp deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\~DF007505BADFB0D438.TMP deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\~DF0B70B569D69BC99B.TMP deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\~DF0E8C45B857530BE1.TMP deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\~DF38413A6F56B96B26.TMP deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\~DF45A19BD00E42BFD8.TMP deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\~DF4E9B3883A46A7D07.TMP deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\~DF5ABFE496ED224EB2.TMP deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\~DF715B38AA232AF27C.TMP deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\~DF734C4258E9782B60.TMP deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\~DFA2DBE38B6F14A72B.TMP deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\~DFA78AA8B4CD1EE801.TMP deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56504 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: HyO
->Temp folder emptied: 204999418 bytes
->Temporary Internet Files folder emptied: 249064129 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 128496480 bytes
->Google Chrome cache emptied: 9465004 bytes
->Flash cache emptied: 57155 bytes
User: Invité
->Temp folder emptied: 30425420 bytes
->Temporary Internet Files folder emptied: 9432472 bytes
->Java cache emptied: 8809337 bytes
->FireFox cache emptied: 80317338 bytes
->Google Chrome cache emptied: 9942556 bytes
->Flash cache emptied: 58599 bytes
User: Public
User: Solène
->Temp folder emptied: 24318268 bytes
->Temporary Internet Files folder emptied: 191988253 bytes
->Java cache emptied: 53206 bytes
->FireFox cache emptied: 965178 bytes
->Google Chrome cache emptied: 31501274 bytes
->Flash cache emptied: 60721 bytes
User: wangzhisong
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 1715915 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 13691756 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 53526 bytes
RecycleBin emptied: 94137513 bytes
Total Files Cleaned = 1 039,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 01122014_211245
Files\Folders moved on Reboot...
C:\Users\Solène\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Solène\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
Cdt
All processes killed
========== OTL ==========
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\!{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\!{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\!{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\!{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\!{ba14329e-9550-4989-b3f2-9732e92d17cc} deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\!{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\!{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\!{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\!{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\!{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\!{ba14329e-9550-4989-b3f2-9732e92d17cc} deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\!{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{3004627E-F8E9-4E8B-909D-316753CBA923} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3004627E-F8E9-4E8B-909D-316753CBA923}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:c:\progra~3\browse~1\25986~1.67\{c16c1~1\browse~1.dll deleted successfully.
C:\ProgramData\ProductData folder moved successfully.
C:\Program Files (x86)\Common Files\Spigot\GC folder moved successfully.
C:\Program Files (x86)\Common Files\Spigot folder moved successfully.
C:\Windows\Tasks\UpdaterEX.job moved successfully.
C:\ProgramData\DP45977C.lfl moved successfully.
C:\Users\Solène\openofficeorg32.msi moved successfully.
C:\Users\Solène\setup.exe moved successfully.
C:\Users\Solène\openofficeorg1.cab moved successfully.
C:\ProgramData\Gf6H4129.exe moved successfully.
C:\ProgramData\l49a6frl.exe moved successfully.
C:\Users\Solène\AppData\Roaming\0V1L2Z2Z1T1I1L1T\Avast Packages folder moved successfully.
C:\Users\Solène\AppData\Roaming\0V1L2Z2Z1T1I1L1T folder moved successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\BITE91F.tmp deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdate.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_am.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_ar.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_bg.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_bn.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_ca.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_cs.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_da.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_de.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_el.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_en-GB.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_en.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_es-419.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_es.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_et.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_fa.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_fi.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_fil.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_fr.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_gu.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_hi.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_hr.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_hu.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_id.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_is.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_it.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_iw.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_ja.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_kn.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_ko.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_lt.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_lv.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_ml.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_mr.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_ms.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_nl.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_no.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_pl.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_pt-BR.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_pt-PT.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_ro.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_ru.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_sk.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_sl.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_sr.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_sv.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_sw.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_ta.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_te.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_th.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_tr.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_uk.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_ur.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_vi.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_zh-CN.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\goopdateres_zh-TW.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\npSoftwareUpdate3.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\psmachine.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\psuser.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\SoftwareCrashHandler.exe deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\SoftwareUpdate.exe deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\SoftwareUpdateBroker.exe deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\SoftwareUpdateHelper.msi deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp\SoftwareUpdateOnDemand.exe deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUM4CFD.tmp folder deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\GUT4D0E.tmp deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\is-D7JSS.tmp\_isetup\_setup64.tmp deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\is-D7JSS.tmp\_isetup\_shfoldr.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\is-D7JSS.tmp\_isetup folder deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\is-D7JSS.tmp\UninstallPromote.exe deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\is-D7JSS.tmp folder deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\is-EVQD9.tmp\_isetup\_setup64.tmp deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\is-EVQD9.tmp\_isetup\_shfoldr.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\is-EVQD9.tmp\_isetup folder deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\is-EVQD9.tmp\UninstallPromote.exe deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\is-EVQD9.tmp folder deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\is-TIB89.tmp\_isetup\_setup64.tmp deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\is-TIB89.tmp\_isetup\_shfoldr.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\is-TIB89.tmp\_isetup folder deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\is-TIB89.tmp\UninstallPromote.exe deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\is-TIB89.tmp folder deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\msf9BF1.tmp deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\msf9F4B.tmp deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\nsa4985.tmp\Registry.dll deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\nsa4985.tmp folder deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\svfa1.tmp folder deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\TCD2A50.tmp\CleanGradient.thmx deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\TCD2A50.tmp folder deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\tmp2BC8.tmp deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\~DF007505BADFB0D438.TMP deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\~DF0B70B569D69BC99B.TMP deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\~DF0E8C45B857530BE1.TMP deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\~DF38413A6F56B96B26.TMP deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\~DF45A19BD00E42BFD8.TMP deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\~DF4E9B3883A46A7D07.TMP deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\~DF5ABFE496ED224EB2.TMP deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\~DF715B38AA232AF27C.TMP deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\~DF734C4258E9782B60.TMP deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\~DFA2DBE38B6F14A72B.TMP deleted successfully.
C:\Users\SOLNE~1\AppData\Local\Temp\~DFA78AA8B4CD1EE801.TMP deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56504 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: HyO
->Temp folder emptied: 204999418 bytes
->Temporary Internet Files folder emptied: 249064129 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 128496480 bytes
->Google Chrome cache emptied: 9465004 bytes
->Flash cache emptied: 57155 bytes
User: Invité
->Temp folder emptied: 30425420 bytes
->Temporary Internet Files folder emptied: 9432472 bytes
->Java cache emptied: 8809337 bytes
->FireFox cache emptied: 80317338 bytes
->Google Chrome cache emptied: 9942556 bytes
->Flash cache emptied: 58599 bytes
User: Public
User: Solène
->Temp folder emptied: 24318268 bytes
->Temporary Internet Files folder emptied: 191988253 bytes
->Java cache emptied: 53206 bytes
->FireFox cache emptied: 965178 bytes
->Google Chrome cache emptied: 31501274 bytes
->Flash cache emptied: 60721 bytes
User: wangzhisong
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 1715915 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 13691756 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 53526 bytes
RecycleBin emptied: 94137513 bytes
Total Files Cleaned = 1 039,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 01122014_211245
Files\Folders moved on Reboot...
C:\Users\Solène\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Solène\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
Cdt
- Messages : 113172
- Inscription : 10 sept. 2005 13:57
Re: virus sur site de streaming
Ca doit être bon.
Un petit scan Malwarebytes, histoire de : https://www.malekal.com/malwarebyte-ant ... les-virus/
Un petit scan Malwarebytes, histoire de : https://www.malekal.com/malwarebyte-ant ... les-virus/
Première règle élémentaire de sécurité : on réfléchit puis on clic et pas l'inverse - Les fichiers/programmes c'est comme les bonbons, quand ça vient d'un inconnu, on n'accepte pas !
➔ Comment protéger son PC des virus
➔ Windows 11 : Compatibilité, Configuration minimale requise, télécharger ISO et installer Windows 11
Comment demander de l'aide sur le forum
Partagez malekal.com : n'hésitez pas à partager les articles qui vous plaisent sur la page Facebook du site.
➔ Comment protéger son PC des virus
➔ Windows 11 : Compatibilité, Configuration minimale requise, télécharger ISO et installer Windows 11
Comment demander de l'aide sur le forum
Partagez malekal.com : n'hésitez pas à partager les articles qui vous plaisent sur la page Facebook du site.
Re: virus sur site de streaming
OK merci, voici le rapport:
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Version de la base de données: v2014.01.13.03
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Solène :: SOLÈNE-TOSH [administrateur]
13/01/2014 09:44:32
mbam-log-2014-01-13 (09-44-32).txt
Type d'examen: Examen rapide
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 270259
Temps écoulé: 6 minute(s), 33 seconde(s)
Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Module(s) mémoire détecté(s): 1
C:\Users\Solène\AppData\Roaming\newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> Aucune action effectuée.
Clé(s) du Registre détectée(s): 2
HKCR\AppID\{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8} (PUP.Optional.MySearchDial.A) -> Aucune action effectuée.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8} (PUP.Optional.MySearchDial.A) -> Aucune action effectuée.
Valeur(s) du Registre détectée(s): 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|NextLive (PUP.Optional.NextLive.A) -> Données: C:\Windows\SysWOW64\rundll32.exe "C:\Users\Solène\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l -> Aucune action effectuée.
Elément(s) de données du Registre détecté(s): 1
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.MySearchDial.A) -> Mauvais: (http://start.mysearchdial.com/?f=1&a=dn ... 343853&ir=) Bon: (http://www.google.com) -> Aucune action effectuée.
Dossier(s) détecté(s): 5
C:\Users\Invité\AppData\Local\Slick Savings (PUP.Optional.Spigot.A) -> Aucune action effectuée.
C:\Users\Invité\AppData\Roaming\newnext.me (PUP.Optional.NextLive.A) -> Aucune action effectuée.
C:\Users\Invité\AppData\Roaming\newnext.me\cache (PUP.Optional.NextLive.A) -> Aucune action effectuée.
C:\Users\Solène\AppData\Roaming\newnext.me (PUP.Optional.NextLive.A) -> Aucune action effectuée.
C:\Users\Solène\AppData\Roaming\newnext.me\cache (PUP.Optional.NextLive.A) -> Aucune action effectuée.
Fichier(s) détecté(s): 8
C:\Users\Invité\AppData\Local\Slick Savings\coupons.crx (PUP.Optional.Spigot.A) -> Aucune action effectuée.
C:\Users\Invité\Desktop\MySearchDial.url (PUP.Optional.MySearchDial.A) -> Aucune action effectuée.
C:\Users\Solène\AppData\Roaming\newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> Aucune action effectuée.
C:\Users\Invité\AppData\Roaming\newnext.me\nengine.cookie (PUP.Optional.NextLive.A) -> Aucune action effectuée.
C:\Users\Invité\AppData\Roaming\newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> Aucune action effectuée.
C:\Users\Invité\AppData\Roaming\newnext.me\cache\spark.bin (PUP.Optional.NextLive.A) -> Aucune action effectuée.
C:\Users\Solène\AppData\Roaming\newnext.me\nengine.cookie (PUP.Optional.NextLive.A) -> Aucune action effectuée.
C:\Users\Solène\AppData\Roaming\newnext.me\cache\spark.bin (PUP.Optional.NextLive.A) -> Aucune action effectuée.
(fin)
Cdt
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Version de la base de données: v2014.01.13.03
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Solène :: SOLÈNE-TOSH [administrateur]
13/01/2014 09:44:32
mbam-log-2014-01-13 (09-44-32).txt
Type d'examen: Examen rapide
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 270259
Temps écoulé: 6 minute(s), 33 seconde(s)
Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Module(s) mémoire détecté(s): 1
C:\Users\Solène\AppData\Roaming\newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> Aucune action effectuée.
Clé(s) du Registre détectée(s): 2
HKCR\AppID\{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8} (PUP.Optional.MySearchDial.A) -> Aucune action effectuée.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8} (PUP.Optional.MySearchDial.A) -> Aucune action effectuée.
Valeur(s) du Registre détectée(s): 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|NextLive (PUP.Optional.NextLive.A) -> Données: C:\Windows\SysWOW64\rundll32.exe "C:\Users\Solène\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l -> Aucune action effectuée.
Elément(s) de données du Registre détecté(s): 1
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.MySearchDial.A) -> Mauvais: (http://start.mysearchdial.com/?f=1&a=dn ... 343853&ir=) Bon: (http://www.google.com) -> Aucune action effectuée.
Dossier(s) détecté(s): 5
C:\Users\Invité\AppData\Local\Slick Savings (PUP.Optional.Spigot.A) -> Aucune action effectuée.
C:\Users\Invité\AppData\Roaming\newnext.me (PUP.Optional.NextLive.A) -> Aucune action effectuée.
C:\Users\Invité\AppData\Roaming\newnext.me\cache (PUP.Optional.NextLive.A) -> Aucune action effectuée.
C:\Users\Solène\AppData\Roaming\newnext.me (PUP.Optional.NextLive.A) -> Aucune action effectuée.
C:\Users\Solène\AppData\Roaming\newnext.me\cache (PUP.Optional.NextLive.A) -> Aucune action effectuée.
Fichier(s) détecté(s): 8
C:\Users\Invité\AppData\Local\Slick Savings\coupons.crx (PUP.Optional.Spigot.A) -> Aucune action effectuée.
C:\Users\Invité\Desktop\MySearchDial.url (PUP.Optional.MySearchDial.A) -> Aucune action effectuée.
C:\Users\Solène\AppData\Roaming\newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> Aucune action effectuée.
C:\Users\Invité\AppData\Roaming\newnext.me\nengine.cookie (PUP.Optional.NextLive.A) -> Aucune action effectuée.
C:\Users\Invité\AppData\Roaming\newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> Aucune action effectuée.
C:\Users\Invité\AppData\Roaming\newnext.me\cache\spark.bin (PUP.Optional.NextLive.A) -> Aucune action effectuée.
C:\Users\Solène\AppData\Roaming\newnext.me\nengine.cookie (PUP.Optional.NextLive.A) -> Aucune action effectuée.
C:\Users\Solène\AppData\Roaming\newnext.me\cache\spark.bin (PUP.Optional.NextLive.A) -> Aucune action effectuée.
(fin)
Cdt
- Messages : 113172
- Inscription : 10 sept. 2005 13:57
Re: virus sur site de streaming
Sur les détections Malwarebytes après le scan, clic droit / cocher tout
puis bouton supprimer selection.
puis bouton supprimer selection.
Première règle élémentaire de sécurité : on réfléchit puis on clic et pas l'inverse - Les fichiers/programmes c'est comme les bonbons, quand ça vient d'un inconnu, on n'accepte pas !
➔ Comment protéger son PC des virus
➔ Windows 11 : Compatibilité, Configuration minimale requise, télécharger ISO et installer Windows 11
Comment demander de l'aide sur le forum
Partagez malekal.com : n'hésitez pas à partager les articles qui vous plaisent sur la page Facebook du site.
➔ Comment protéger son PC des virus
➔ Windows 11 : Compatibilité, Configuration minimale requise, télécharger ISO et installer Windows 11
Comment demander de l'aide sur le forum
Partagez malekal.com : n'hésitez pas à partager les articles qui vous plaisent sur la page Facebook du site.
Re: virus sur site de streaming
Merci beaucoup, voici le rapport:
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Version de la base de données: v2014.01.13.03
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Solène :: SOLÈNE-TOSH [administrateur]
13/01/2014 11:00:11
mbam-log-2014-01-13 (11-00-11).txt
Type d'examen: Examen rapide
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 270282
Temps écoulé: 6 minute(s), 28 seconde(s)
Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Module(s) mémoire détecté(s): 1
C:\Users\Solène\AppData\Roaming\newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> Suppression au redémarrage.
Clé(s) du Registre détectée(s): 2
HKCR\AppID\{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8} (PUP.Optional.MySearchDial.A) -> Mis en quarantaine et supprimé avec succès.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8} (PUP.Optional.MySearchDial.A) -> Mis en quarantaine et supprimé avec succès.
Valeur(s) du Registre détectée(s): 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|NextLive (PUP.Optional.NextLive.A) -> Données: C:\Windows\SysWOW64\rundll32.exe "C:\Users\Solène\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l -> Mis en quarantaine et supprimé avec succès.
Elément(s) de données du Registre détecté(s): 1
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.MySearchDial.A) -> Mauvais: (http://start.mysearchdial.com/?f=1&a=dn ... 343853&ir=) Bon: (http://www.google.com) -> Mis en quarantaine et réparé avec succès
Dossier(s) détecté(s): 5
C:\Users\Invité\AppData\Local\Slick Savings (PUP.Optional.Spigot.A) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Invité\AppData\Roaming\newnext.me (PUP.Optional.NextLive.A) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Invité\AppData\Roaming\newnext.me\cache (PUP.Optional.NextLive.A) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Solène\AppData\Roaming\newnext.me (PUP.Optional.NextLive.A) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Solène\AppData\Roaming\newnext.me\cache (PUP.Optional.NextLive.A) -> Mis en quarantaine et supprimé avec succès.
Fichier(s) détecté(s): 8
C:\Users\Invité\AppData\Local\Slick Savings\coupons.crx (PUP.Optional.Spigot.A) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Invité\Desktop\MySearchDial.url (PUP.Optional.MySearchDial.A) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Solène\AppData\Roaming\newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> Suppression au redémarrage.
C:\Users\Invité\AppData\Roaming\newnext.me\nengine.cookie (PUP.Optional.NextLive.A) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Invité\AppData\Roaming\newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Invité\AppData\Roaming\newnext.me\cache\spark.bin (PUP.Optional.NextLive.A) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Solène\AppData\Roaming\newnext.me\nengine.cookie (PUP.Optional.NextLive.A) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Solène\AppData\Roaming\newnext.me\cache\spark.bin (PUP.Optional.NextLive.A) -> Mis en quarantaine et supprimé avec succès.
(fin)
Cdt
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Version de la base de données: v2014.01.13.03
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Solène :: SOLÈNE-TOSH [administrateur]
13/01/2014 11:00:11
mbam-log-2014-01-13 (11-00-11).txt
Type d'examen: Examen rapide
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 270282
Temps écoulé: 6 minute(s), 28 seconde(s)
Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Module(s) mémoire détecté(s): 1
C:\Users\Solène\AppData\Roaming\newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> Suppression au redémarrage.
Clé(s) du Registre détectée(s): 2
HKCR\AppID\{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8} (PUP.Optional.MySearchDial.A) -> Mis en quarantaine et supprimé avec succès.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8} (PUP.Optional.MySearchDial.A) -> Mis en quarantaine et supprimé avec succès.
Valeur(s) du Registre détectée(s): 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|NextLive (PUP.Optional.NextLive.A) -> Données: C:\Windows\SysWOW64\rundll32.exe "C:\Users\Solène\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l -> Mis en quarantaine et supprimé avec succès.
Elément(s) de données du Registre détecté(s): 1
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.MySearchDial.A) -> Mauvais: (http://start.mysearchdial.com/?f=1&a=dn ... 343853&ir=) Bon: (http://www.google.com) -> Mis en quarantaine et réparé avec succès
Dossier(s) détecté(s): 5
C:\Users\Invité\AppData\Local\Slick Savings (PUP.Optional.Spigot.A) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Invité\AppData\Roaming\newnext.me (PUP.Optional.NextLive.A) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Invité\AppData\Roaming\newnext.me\cache (PUP.Optional.NextLive.A) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Solène\AppData\Roaming\newnext.me (PUP.Optional.NextLive.A) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Solène\AppData\Roaming\newnext.me\cache (PUP.Optional.NextLive.A) -> Mis en quarantaine et supprimé avec succès.
Fichier(s) détecté(s): 8
C:\Users\Invité\AppData\Local\Slick Savings\coupons.crx (PUP.Optional.Spigot.A) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Invité\Desktop\MySearchDial.url (PUP.Optional.MySearchDial.A) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Solène\AppData\Roaming\newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> Suppression au redémarrage.
C:\Users\Invité\AppData\Roaming\newnext.me\nengine.cookie (PUP.Optional.NextLive.A) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Invité\AppData\Roaming\newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Invité\AppData\Roaming\newnext.me\cache\spark.bin (PUP.Optional.NextLive.A) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Solène\AppData\Roaming\newnext.me\nengine.cookie (PUP.Optional.NextLive.A) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Solène\AppData\Roaming\newnext.me\cache\spark.bin (PUP.Optional.NextLive.A) -> Mis en quarantaine et supprimé avec succès.
(fin)
Cdt
- Messages : 113172
- Inscription : 10 sept. 2005 13:57
Re: virus sur site de streaming
ca roule !
Pour ne plus te faire avoir.
A lire - Programmes parasites / PUPs : https://www.malekal.com/adwares-pup-protection/
Pour ne plus te faire avoir.
A lire - Programmes parasites / PUPs : https://www.malekal.com/adwares-pup-protection/
Première règle élémentaire de sécurité : on réfléchit puis on clic et pas l'inverse - Les fichiers/programmes c'est comme les bonbons, quand ça vient d'un inconnu, on n'accepte pas !
➔ Comment protéger son PC des virus
➔ Windows 11 : Compatibilité, Configuration minimale requise, télécharger ISO et installer Windows 11
Comment demander de l'aide sur le forum
Partagez malekal.com : n'hésitez pas à partager les articles qui vous plaisent sur la page Facebook du site.
➔ Comment protéger son PC des virus
➔ Windows 11 : Compatibilité, Configuration minimale requise, télécharger ISO et installer Windows 11
Comment demander de l'aide sur le forum
Partagez malekal.com : n'hésitez pas à partager les articles qui vous plaisent sur la page Facebook du site.
-
- Sujets similaires
- Réponses
- Vues
- Dernier message
-
- 2 Réponses
- 137 Vues
-
Dernier message par hermes333
-
-
Coupe du Monde au Qatar : Voir les matchs en streaming gratuit
par Parisien_entraide » » dans Sites et liens utiles - 0 Réponses
- 347 Vues
-
Dernier message par Parisien_entraide
-
-
- 10 Réponses
- 552 Vues
-
Dernier message par Malekal_morte
-
- 8 Réponses
- 311 Vues
-
Dernier message par ZdChokS
-
- 9 Réponses
- 266 Vues
-
Dernier message par Malekal_morte