mots en bleu soulignés et +

Aide à la désinfection pour supprimer les virus, adwares, ransomwares, trojans.

Modérateurs : Mods Windows, Helper

bsc

mots en bleu soulignés et +

par bsc »

bonsoir, merci de votre réponse. mon pc est sous win7 et quand je me connecte sur internet à l'aide de IE qui est mon navigateur par défaut des mots surlignés en bleu apparaissent et si je me mets dessus un message de pub apparait. a chaque minute un message me dit de mettre média Player à jour ce que je ne fait pas bien sur, je ferme ces messages et j'essaie de continuer. je ne sais plus quoi faire. j'ai donc chargé OTL après avoir visité le site. je pense que vous avez la solution. merci d'avance d'un ancien de votre région.
Haut
Avatar de l’utilisateur
angelique
Messages : 31842
Inscription : 28 févr. 2008 13:58
Localisation : Breizhilienne

Re: mots en bleu soulignés et +

par angelique »

suffit de supprimer les extensions pourris dans ton navigateur web : voir > http://www.stoppublicites.fr/?page_id=2
Avec Gnu_Linux t'as un Noyau ... avec Ѡindows t'as que les pépins
https://helicium.altervista.org/
Supprimer les "virus" gratuitement http://www.supprimer-trojan.com/
Un p'tit Don à Angélique PDT_018 Merci.
Image
Haut
bsc

Re: mots en bleu soulignés et +

par bsc »

merci, mais je vois rien de particulier dans programmes et fonctionnalités. Avez vous une autre solution?
Haut
Malekal_morte
Messages : 113173
Inscription : 10 sept. 2005 13:57

Re: mots en bleu soulignés et +

par Malekal_morte »

Salut,


Un nettoyage AdwCleaner (environ 10/15min) :
======================================
Suis ce tutorial AdwCleaner ( d'Xplode ) sur ton bureau.
Vas sur le lien, télécharge AdwCleaner comme indiqué.
Lance AdwCleaner, clique sur [Scanner].
Le scan peux durer plusieurs minutes, patienter.
Une fois le scan terminé, clique sur [Nettoyer]

Une fois le nettoyage terminé, un rapport s'ouvrira. Copie/colle le contenu du rapport dans ta prochaine réponse par un copier/coller.
Si cela ne fonctionne pas, utilise le site http://pjjoint.malekal.com pour héberger le rapport, donne le lien du rapport dans un nouveau message.

Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt


puis réinitialise tes navigateurs (5min):
==================================
Réinitialise tes navigateurs :
* Firefox : http://forum.malekal.com/firefox-extens ... 36057.html
* Google Chrome : http://forum.malekal.com/google-chrome- ... 35837.html


Faire un Scan OTL - Temps : Environ 40min
=============================================
OTL permet de diagnostiquer les programmes qui tournent et déceler des infections - Le programme va générer deux rapports OTL.txt et Extras.txt
Fournir les deux rapports :

Tu peux suivre les indications de cette page pour t'aider : https://www.malekal.com/2010/11/12/tutorial-otl/

* Télécharge http://oldtimer.geekstogo.com/OTL.exe sur ton bureau.
(Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)

Dans le cas d'Avast!, ne pas lancer le programme dans la Sandbox (voir lien d'aide ci-dessus).

* Lance OTL
* En haut à droite de Analyse rapide, coche "tous les utilisateurs"
* Clique sur le bouton Analyse.

**** Si durant le scan - OTL ne répond pas, ne touche à  rien et laisse le scan se poursuivre ****

* Quand le scan est fini, utilise le site http://pjjoint.malekal.com/ pour envoyer le rapport OTL.txt (et Extra.txt si présent).
Donne le ou les liens pjjoint qui pointent vers ces rapports ici dans une réponse.
Je répète : donne le lien du rapport pjjoint ici en réponse.

<gras>NE PAS COPIER/COLLER LE RAPPORT ICI - DONNER LE LIEN PJJOINT DANS UN NOUVEAU MESSAGE</gras>
Première règle élémentaire de sécurité : on réfléchit puis on clic et pas l'inverse - Les fichiers/programmes c'est comme les bonbons, quand ça vient d'un inconnu, on n'accepte pas !
Comment protéger son PC des virus
Windows 11 : Compatibilité, Configuration minimale requise, télécharger ISO et installer Windows 11

Comment demander de l'aide sur le forum
Partagez malekal.com : n'hésitez pas à partager les articles qui vous plaisent sur la page Facebook du site.
Haut
bsc

Re: mots en bleu soulignés et +

par bsc »

merci, après chargement de adwcleaner et nettoyage trouve ci dessous le rapport:
# AdwCleaner v3.019 - Rapport créé le 21/02/2014 à 20:53:45
# Mis à jour le 17/02/2014 par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : BSC - CRYSTAIN
# Exécuté depuis : C:\Users\BSC\Downloads\adwcleaner.exe
# Option : Nettoyer

***** [ Services ] *****


***** [ Fichiers / Dossiers ] *****


***** [ Raccourcis ] *****


***** [ Registre ] *****

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}

***** [ Navigateurs ] *****

-\\ Internet Explorer v11.0.9600.16518


-\\ Mozilla Firefox v

-\\ Google Chrome v33.0.1750.117

[ Fichier : C:\Users\BSC\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [820 octets] - [20/02/2014 19:07:14]
AdwCleaner[R1].txt - [942 octets] - [20/02/2014 19:13:34]
AdwCleaner[R2].txt - [1164 octets] - [21/02/2014 20:52:29]
AdwCleaner[S0].txt - [880 octets] - [20/02/2014 19:08:33]
AdwCleaner[S1].txt - [1088 octets] - [21/02/2014 20:53:45]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1148 octets] ##########
je ne sais quoi en faire. par contre j'ai trouvé sur le disque en c: un programme nommé pirrit suggestions qui ne veut pas être supprimé: peut être cela a un rapport?
A +
Haut
Avatar de l’utilisateur
hackinginterdit
Messages : 2385
Inscription : 10 mai 2008 13:45
Localisation : NANCY

Re: mots en bleu soulignés et +

par hackinginterdit »

Hello

Petite incruste
par contre j'ai trouvé sur le disque en c: un programme nommé pirrit suggestions qui ne veut pas être supprimé: peut être cela a un rapport?
Oui

Comme demandé fais un scan "OTL" Malekal te donnera la marche à suivre
Haut
bsc

Re: mots en bleu soulignés et +

par bsc »

ci dessous rapport OTL:
OTL logfile created on: 21/02/2014 21:18:56 - Run 6
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\BSC\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16518)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,99 Gb Total Physical Memory | 1,61 Gb Available Physical Memory | 53,83% Memory free
5,98 Gb Paging File | 4,29 Gb Available in Paging File | 71,82% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451,66 Gb Total Space | 398,37 Gb Free Space | 88,20% Space Free | Partition Type: NTFS

Computer Name: CRYSTAIN | User Name: BSC | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/02/21 12:21:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\BSC\Downloads\OTL (2).exe
PRC - [2014/02/14 12:12:30 | 000,052,568 | ---- | M] () -- C:\Users\BSC\AppData\Local\PirritSuggestor\PirritService.exe
PRC - [2014/02/14 12:12:28 | 000,190,808 | ---- | M] () -- C:\Users\BSC\AppData\Local\PirritSuggestor\PirritDesktop.exe
PRC - [2014/01/03 01:32:12 | 001,363,616 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
PRC - [2013/12/21 07:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/12/16 19:34:22 | 000,247,968 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.EXE
PRC - [2013/07/25 11:19:26 | 005,624,784 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
PRC - [2013/06/20 10:29:38 | 002,249,352 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe
PRC - [2013/06/20 10:29:38 | 000,349,832 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\Microsoft\BingDesktop\BDRuntimeHost.exe
PRC - [2013/06/20 10:29:38 | 000,206,984 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\Microsoft\BingDesktop\BDExtHost.exe
PRC - [2013/06/20 10:29:38 | 000,173,192 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
PRC - [2013/06/20 10:29:36 | 000,153,224 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\Microsoft\BingDesktop\BDAppHost.exe
PRC - [2012/01/18 07:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
PRC - [2011/11/11 14:08:06 | 000,205,336 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
PRC - [2011/11/11 14:07:54 | 000,265,240 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
PRC - [2011/08/12 12:19:40 | 000,680,984 | ---- | M] () -- C:\Program Files (x86)\Common Files\logishrd\LQCVFX\COCIManager.exe
PRC - [2010/10/25 18:41:50 | 000,344,064 | ---- | M] (ITSamples.com) -- C:\Program Files (x86)\NetworkIndicator\NetworkIndicator.exe
PRC - [2010/08/04 13:40:12 | 000,611,872 | ---- | M] () -- C:\Program Files (x86)\eMachines\Hotkey Utility\HotkeyUtility.exe
PRC - [2010/01/29 00:27:36 | 000,243,232 | ---- | M] (Acer Group) -- C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
PRC - [2010/01/08 14:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe


========== Modules (No Company Name) ==========

MOD - [2014/02/15 18:39:27 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\8bc548587e91ecf0552a40e47bbf99cc\System.Windows.Forms.ni.dll
MOD - [2014/02/15 18:39:21 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5c24d3b0041ebf4f48a93615b9fa3de9\System.Drawing.ni.dll
MOD - [2014/02/15 18:39:19 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\4f5069e6497e5e6a381ab6aadf05d6a5\Accessibility.ni.dll
MOD - [2014/02/15 18:39:16 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\217ece46920546d718414291d463bb1c\System.Xml.ni.dll
MOD - [2014/02/15 18:39:14 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\5b6ddf934128d538cd5cd77bf4209b93\System.Configuration.ni.dll
MOD - [2014/02/15 18:38:58 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b3a78269847005365001c33870cd121f\System.ni.dll
MOD - [2014/02/15 18:38:53 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ede2c6c842840e009f01bcc74fa4c457\mscorlib.ni.dll
MOD - [2014/02/14 12:12:28 | 000,190,808 | ---- | M] () -- C:\Users\BSC\AppData\Local\PirritSuggestor\PirritDesktop.exe
MOD - [2014/01/10 13:33:16 | 000,286,400 | ---- | M] () -- C:\Program Files (x86)\Windows Live\Writer\fr\WindowsLive.Writer.Localization.resources.dll
MOD - [2013/05/16 10:55:26 | 000,113,496 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
MOD - [2013/05/16 10:55:24 | 000,416,600 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
MOD - [2012/07/23 15:10:28 | 000,336,232 | ---- | M] () -- C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
MOD - [2011/11/11 14:07:54 | 000,265,240 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
MOD - [2011/08/12 12:19:40 | 000,680,984 | ---- | M] () -- C:\Program Files (x86)\Common Files\logishrd\LQCVFX\COCIManager.exe
MOD - [2011/08/12 12:18:56 | 000,342,552 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTXml4.dll
MOD - [2011/08/12 12:18:56 | 000,128,536 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll
MOD - [2011/08/12 12:18:56 | 000,029,208 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll
MOD - [2011/08/12 12:18:54 | 007,956,504 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTGui4.dll
MOD - [2011/08/12 12:18:54 | 002,145,304 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTCore4.dll
MOD - [2010/08/04 13:40:12 | 000,611,872 | ---- | M] () -- C:\Program Files (x86)\eMachines\Hotkey Utility\HotkeyUtility.exe
MOD - [2010/08/04 10:47:32 | 000,144,896 | ---- | M] () -- C:\Program Files (x86)\eMachines\Hotkey Utility\HotkeyHook.dll


========== Services (SafeList) ==========

SRV:64bit: - [2014/02/06 11:48:45 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/10/23 17:14:22 | 000,348,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2013/10/23 17:14:22 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2013/05/27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV:64bit: - [2010/01/29 00:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Running] -- C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe -- (Updater Service)
SRV:64bit: - [2009/03/27 11:10:16 | 000,016,896 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agr64svc.exe -- (AgereModemAudio)
SRV - [2014/02/21 09:40:23 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/02/14 12:12:30 | 000,052,568 | ---- | M] () [Auto | Start_Pending] -- C:\Users\BSC\AppData\Local\PirritSuggestor\PirritService.exe -- (PirritDesktop)
SRV - [2014/01/03 01:32:12 | 001,363,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc)
SRV - [2013/12/21 07:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/12/16 19:34:22 | 000,247,968 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.EXE -- (BBUpdate)
SRV - [2013/12/16 19:34:22 | 000,193,696 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BBSvc.EXE -- (BBSvc)
SRV - [2013/10/23 08:15:08 | 000,172,192 | ---- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/09/11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013/06/20 10:29:38 | 000,173,192 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe -- (BingDesktopUpdate)
SRV - [2012/01/18 07:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2010/04/04 00:01:24 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\eMachines Games\eMachines Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2010/01/15 22:08:38 | 000,935,208 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2010/01/08 14:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe -- (GREGService)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV:64bit: - [2013/10/25 02:32:08 | 000,167,936 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ser2pl64.sys -- (Ser2pl)
DRV:64bit: - [2013/10/02 03:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/09/27 09:53:06 | 000,134,944 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012/08/23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/07/03 10:58:00 | 000,031,744 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetadb.sys -- (andnetadb)
DRV:64bit: - [2012/07/03 10:50:00 | 000,036,352 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetmodem64.sys -- (ANDNetModem)
DRV:64bit: - [2012/07/03 10:50:00 | 000,029,184 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetdiag64.sys -- (AndNetDiag)
DRV:64bit: - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/18 07:44:36 | 004,865,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)
DRV:64bit: - [2012/01/18 07:44:28 | 000,351,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2011/09/09 13:45:30 | 001,660,480 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/09/23 05:23:02 | 006,180,832 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/09/21 01:43:52 | 000,161,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ss_mdm.sys -- (ss_mdm)
DRV:64bit: - [2009/09/21 01:43:52 | 000,127,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ss_bus.sys -- (ss_bus)
DRV:64bit: - [2009/09/21 01:43:52 | 000,018,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ss_mdfl.sys -- (ss_mdfl)
DRV:64bit: - [2009/08/13 15:20:46 | 001,209,856 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/22 15:52:30 | 000,215,040 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr-FR
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = EB 0E 78 0C 4A 2D CF 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=http://127.0.0.1:9881


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3522.0110: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\BSC\AppData\Roaming\Mozilla\Extensions\[email protected] [2014/01/16 19:47:25 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\BSC\AppData\Roaming\Mozilla\Extensions\[email protected] [2014/01/16 19:47:39 | 000,000,000 | ---D | M]

[2014/01/15 19:59:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\BSC\AppData\Roaming\mozilla\Extensions
[2014/01/16 19:47:25 | 000,000,000 | ---D | M] (Free Games 111) -- C:\Users\BSC\AppData\Roaming\mozilla\Extensions\[email protected]
[2013/07/18 10:55:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\BSC\AppData\Roaming\mozilla\Extensions\[email protected]
[2014/01/16 19:47:39 | 000,000,000 | ---D | M] (Speed Test 127) -- C:\Users\BSC\AppData\Roaming\mozilla\Extensions\[email protected]
[2012/11/19 18:41:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions
[2012/11/19 18:41:34 | 000,000,000 | ---D | M] (01NET.com) -- C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}
[2013/09/21 17:51:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\BSC\AppData\Roaming\mozilla\Firefox\Profiles\extensions
[2014/02/18 08:58:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\BSC\AppData\Roaming\mozilla\Firefox\Profiles\extensions\extensions
[2013/09/21 17:47:56 | 000,010,300 | R--- | M] () (No name found) -- C:\Users\BSC\AppData\Roaming\mozilla\firefox\profiles\extensions\[email protected]
[2013/09/21 17:51:44 | 000,010,300 | R--- | M] () (No name found) -- C:\Users\BSC\AppData\Roaming\mozilla\firefox\profiles\extensions\extensions\[email protected]
[2013/04/01 18:27:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - Extension: Documents Google = C:\Users\BSC\AppData\Local\Google\Chrome\User Data\default\extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google\u00A0Drive = C:\Users\BSC\AppData\Local\Google\Chrome\User Data\default\extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\BSC\AppData\Local\Google\Chrome\User Data\default\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Recherche Google = C:\Users\BSC\AppData\Local\Google\Chrome\User Data\default\extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google\u00A0Wallet = C:\Users\BSC\AppData\Local\Google\Chrome\User Data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\BSC\AppData\Local\Google\Chrome\User Data\default\extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2014/02/15 17:57:26 | 000,008,909 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 216.239.32.20 google.com
O1 - Hosts: 216.239.32.20 google.com www.google.ad
O1 - Hosts: 216.239.32.20 google.com www.google.ae
O1 - Hosts: 216.239.32.20 google.com www.google.com.af
O1 - Hosts: 216.239.32.20 google.com www.google.com.ag
O1 - Hosts: 216.239.32.20 google.com www.google.com.ai
O1 - Hosts: 216.239.32.20 google.com www.google.al
O1 - Hosts: 216.239.32.20 google.com www.google.am
O1 - Hosts: 216.239.32.20 google.com www.google.co.ao
O1 - Hosts: 216.239.32.20 google.com www.google.com.ar
O1 - Hosts: 216.239.32.20 google.com www.google.as
O1 - Hosts: 216.239.32.20 google.com www.google.at
O1 - Hosts: 216.239.32.20 google.com www.google.com.au
O1 - Hosts: 216.239.32.20 google.com www.google.az
O1 - Hosts: 216.239.32.20 google.com www.google.ba
O1 - Hosts: 216.239.32.20 google.com www.google.com.bd
O1 - Hosts: 216.239.32.20 google.com www.google.be
O1 - Hosts: 216.239.32.20 google.com www.google.bf
O1 - Hosts: 216.239.32.20 google.com www.google.bg
O1 - Hosts: 216.239.32.20 google.com www.google.com.bh
O1 - Hosts: 216.239.32.20 google.com www.google.bi
O1 - Hosts: 216.239.32.20 google.com www.google.bj
O1 - Hosts: 216.239.32.20 google.com www.google.com.bn
O1 - Hosts: 216.239.32.20 google.com www.google.com.bo
O1 - Hosts: 216.239.32.20 google.com www.google.com.br
O1 - Hosts: 168 more lines...
O2:64bit: - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [BingDesktop] C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe (Microsoft Corp.)
O4 - HKLM..\Run: [Hotkey Utility] C:\Program Files (x86)\eMachines\Hotkey Utility\HotkeyUtility.exe ()
O4 - HKLM..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [NetworkIndicator] C:\Program Files (x86)\NetworkIndicator\NetworkIndicator.exe (ITSamples.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7730E6B6-372D-4DD8-A239-08658CBCF8BF}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2014/02/17 18:57:27 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/02/21 12:50:15 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/02/21 08:16:45 | 000,000,000 | ---D | C] -- C:\Windows\fr
[2014/02/21 08:16:19 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
[2014/02/21 08:14:00 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2014/02/20 19:25:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2014/02/20 19:25:23 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/02/20 19:25:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2014/02/20 19:06:32 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/02/19 19:57:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014/02/18 19:22:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
[2014/02/18 19:22:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ZHPDiag
[2014/02/18 19:22:43 | 000,000,000 | ---D | C] -- C:\Users\BSC\AppData\Roaming\ZHP
[2014/02/17 19:46:37 | 000,017,272 | ---- | C] (Safer Networking Limited) -- C:\Windows\SysNative\sdnclean64.exe
[2014/02/17 19:46:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2014/02/17 18:55:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2014/02/16 20:42:47 | 000,000,000 | ---D | C] -- C:\Users\BSC\AppData\Roaming\Malwarebytes
[2014/02/16 20:42:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/02/16 08:49:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Borland Shared
[2014/02/16 08:49:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ZebHelpProcess
[2014/02/15 20:31:05 | 000,000,000 | ---D | C] -- C:\Users\BSC\AppData\Roaming\LavasoftStatistics
[2014/02/15 19:44:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2014/02/15 18:13:22 | 000,548,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014/02/15 18:12:15 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/02/15 18:12:14 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/02/15 18:12:14 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/02/15 18:12:14 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/02/15 18:12:12 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/02/15 18:12:12 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/02/15 18:12:12 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014/02/15 18:12:10 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/02/15 18:12:10 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/02/15 18:12:09 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/02/15 18:12:09 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014/02/15 18:12:09 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/02/15 18:12:09 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/02/15 18:12:09 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014/02/15 18:12:09 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014/02/15 18:12:09 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/02/15 18:12:08 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/02/15 18:12:08 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/02/15 18:12:08 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014/02/15 18:12:07 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/02/15 18:12:06 | 001,964,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/02/15 18:12:05 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/02/15 18:12:03 | 005,768,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/02/15 18:04:36 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2014/02/15 18:04:36 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2014/02/15 18:04:14 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe
[2014/02/15 18:04:14 | 000,626,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe
[2014/02/15 18:04:14 | 000,594,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
[2014/02/15 18:04:14 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2014/02/15 18:04:13 | 000,553,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe
[2014/02/15 18:04:13 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
[2014/02/15 18:04:13 | 000,510,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
[2014/02/15 18:04:12 | 000,528,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdrm.dll
[2014/02/15 18:04:12 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll
[2014/02/15 18:04:12 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll
[2014/02/15 18:04:12 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
[2014/02/15 18:04:12 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
[2014/02/15 18:04:12 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll
[2014/02/15 18:04:12 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll
[2014/02/15 18:04:12 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
[2014/02/15 18:04:12 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
[2014/02/15 18:03:50 | 006,573,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2014/02/15 18:03:50 | 005,693,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2014/02/15 18:03:33 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2014/02/15 18:03:33 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2014/02/15 13:54:56 | 000,572,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
[2014/02/14 20:00:15 | 000,000,000 | ---D | C] -- C:\Users\BSC\AppData\Local\PirritSuggestor
[2014/02/05 18:59:02 | 000,000,000 | ---D | C] -- C:\Users\BSC\AppData\Local\Skype
[2014/02/05 18:58:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2014/02/05 18:58:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2014/01/25 17:23:54 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014/01/25 17:23:49 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014/01/25 17:23:49 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014/01/25 17:23:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/01/25 17:23:48 | 000,174,504 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014/02/21 21:04:03 | 000,018,736 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/02/21 21:04:03 | 000,018,736 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/02/21 20:55:37 | 000,001,058 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/02/21 20:55:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/02/21 20:55:19 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\lvuvc.hs
[2014/02/21 20:55:17 | 2408,243,200 | -HS- | M] () -- C:\hiberfil.sys
[2014/02/21 20:49:00 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/02/21 20:40:06 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/02/21 18:53:28 | 000,002,190 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/02/21 17:50:07 | 000,000,685 | ---- | M] () -- C:\Users\BSC\Desktop\Boursorama.website
[2014/02/21 12:40:06 | 000,001,122 | ---- | M] () -- C:\Users\BSC\Desktop\OTL (2) - Raccourci.lnk
[2014/02/21 09:40:22 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/02/21 09:40:22 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/02/20 19:25:26 | 000,001,122 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/02/20 19:04:01 | 000,000,499 | ---- | M] () -- C:\Users\BSC\Desktop\Windows - Microsoft Community.website
[2014/02/20 18:41:33 | 001,390,348 | ---- | M] () -- C:\Users\BSC\Documents\ProjetAntiMalware.pdf
[2014/02/20 08:06:29 | 000,003,854 | ---- | M] () -- C:\Users\BSC\Documents\cc_20140220_080622.reg
[2014/02/20 07:45:34 | 000,002,290 | ---- | M] () -- C:\Users\BSC\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/02/18 20:44:23 | 001,677,498 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/02/18 20:44:23 | 000,750,446 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2014/02/18 20:44:23 | 000,657,204 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/02/18 20:44:23 | 000,151,092 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2014/02/18 20:44:23 | 000,123,016 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/02/17 18:57:27 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[2014/02/17 08:46:13 | 000,014,724 | ---- | M] () -- C:\Users\BSC\Documents\cc_20140217_084607.reg
[2014/02/16 20:33:05 | 000,000,085 | ---- | M] () -- C:\Windows\wininit.ini
[2014/02/16 08:55:29 | 000,013,030 | ---- | M] () -- C:\PDOXUSRS.NET
[2014/02/15 18:15:21 | 001,651,630 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/02/15 17:57:26 | 000,008,909 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2014/02/09 19:15:46 | 000,003,684 | ---- | M] () -- C:\Users\BSC\Documents\20161B55-708FF4C6.eml
[2014/02/06 12:30:12 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014/02/06 12:07:39 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/02/06 12:06:47 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014/02/06 11:56:03 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/02/06 11:52:11 | 000,574,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/02/06 11:49:03 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/02/06 11:48:45 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014/02/06 11:48:11 | 000,708,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/02/06 11:32:49 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/02/06 11:17:15 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/02/06 11:11:37 | 005,768,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/02/06 11:01:36 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/02/06 11:00:46 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014/02/06 10:57:13 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/02/06 10:52:21 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/02/06 10:50:32 | 002,041,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/02/06 10:49:22 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/02/06 10:47:22 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/02/06 10:46:27 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014/02/06 10:25:43 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/02/06 10:09:30 | 001,964,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/02/06 09:40:06 | 000,817,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/02/06 09:34:31 | 000,703,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/02/05 18:52:47 | 000,000,831 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014/02/01 10:49:51 | 000,016,610 | ---- | M] () -- C:\Users\BSC\Documents\leroy merlin.xml
[2014/01/28 18:13:57 | 000,013,368 | ---- | M] () -- C:\Users\BSC\Desktop\MRT - Raccourci.lnk
[2014/01/25 15:16:49 | 000,002,763 | ---- | M] () -- C:\ProgramData\connector.swf
[2014/01/24 17:56:02 | 001,536,787 | ---- | M] () -- C:\Users\BSC\Documents\cancers-sein-institut-curie_0.pdf
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/02/21 12:40:06 | 000,001,122 | ---- | C] () -- C:\Users\BSC\Desktop\OTL (2) - Raccourci.lnk
[2014/02/21 08:16:09 | 000,001,314 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
[2014/02/21 08:15:08 | 000,002,495 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
[2014/02/21 08:10:50 | 000,002,187 | ---- | C] () -- C:\Users\BSC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
[2014/02/20 19:25:26 | 000,001,122 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/02/20 18:41:33 | 001,390,348 | ---- | C] () -- C:\Users\BSC\Documents\ProjetAntiMalware.pdf
[2014/02/20 09:01:08 | 000,000,499 | ---- | C] () -- C:\Users\BSC\Desktop\Windows - Microsoft Community.website
[2014/02/20 08:06:25 | 000,003,854 | ---- | C] () -- C:\Users\BSC\Documents\cc_20140220_080622.reg
[2014/02/19 19:57:09 | 000,002,290 | ---- | C] () -- C:\Users\BSC\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/02/19 19:57:09 | 000,002,190 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/02/17 18:57:27 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
[2014/02/17 08:46:09 | 000,014,724 | ---- | C] () -- C:\Users\BSC\Documents\cc_20140217_084607.reg
[2014/02/16 08:50:11 | 000,013,030 | ---- | C] () -- C:\PDOXUSRS.NET
[2014/02/16 08:49:55 | 000,210,032 | ---- | C] () -- C:\Windows\SysWow64\DBCLIENT.DLL
[2014/02/16 08:49:55 | 000,183,808 | ---- | C] () -- C:\Windows\SysWow64\BDEADMIN.CPL
[2014/02/15 19:30:42 | 000,000,085 | ---- | C] () -- C:\Windows\wininit.ini
[2014/02/10 19:57:02 | 000,003,684 | ---- | C] () -- C:\Users\BSC\Documents\20161B55-708FF4C6.eml
[2014/01/31 19:45:11 | 000,016,610 | ---- | C] () -- C:\Users\BSC\Documents\leroy merlin.xml
[2014/01/28 18:13:57 | 000,013,368 | ---- | C] () -- C:\Users\BSC\Desktop\MRT - Raccourci.lnk
[2014/01/25 09:42:22 | 000,002,763 | ---- | C] () -- C:\ProgramData\connector.swf
[2014/01/24 17:56:02 | 001,536,787 | ---- | C] () -- C:\Users\BSC\Documents\cancers-sein-institut-curie_0.pdf
[2012/12/01 18:07:31 | 000,003,584 | ---- | C] () -- C:\Users\BSC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/11/20 12:16:19 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\CommonDL.dll
[2012/11/20 12:16:19 | 000,002,413 | ---- | C] () -- C:\Windows\SysWow64\lgAxconfig.ini
[2012/11/19 19:28:27 | 001,651,630 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/11/19 11:02:45 | 000,007,625 | ---- | C] () -- C:\Users\BSC\AppData\Local\Resmon.ResmonCfg
[2012/11/19 10:54:50 | 000,000,382 | ---- | C] () -- C:\Windows\ODBC.INI

========== ZeroAccess Check ==========

[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Files - Unicode (All) ==========
[2014/02/21 21:06:17 | 000,000,644 | ---- | M] ()(C:\Users\BSC\Desktop\Audrey? ask.fm-dedeiys.website) -- C:\Users\BSC\Desktop\Audrey♥ ask.fm-dedeiys.website
[2013/10/09 19:42:45 | 000,000,218 | ---- | M] ()(C:\Users\BSC\Desktop\Céliaaa? ask.fm-Crispiflakes.url) -- C:\Users\BSC\Desktop\Céliaaa♥ ask.fm-Crispiflakes.url
[2013/10/09 19:42:45 | 000,000,218 | ---- | C] ()(C:\Users\BSC\Desktop\Céliaaa? ask.fm-Crispiflakes.url) -- C:\Users\BSC\Desktop\Céliaaa♥ ask.fm-Crispiflakes.url
[2013/08/17 17:07:55 | 000,000,644 | ---- | C] ()(C:\Users\BSC\Desktop\Audrey? ask.fm-dedeiys.website) -- C:\Users\BSC\Desktop\Audrey♥ ask.fm-dedeiys.website

========== Alternate Data Streams ==========

@Alternate Data Stream - 745 bytes -> C:\Users\BSC\Documents\20161B55-708FF4C6.eml:OECustomProperty
@Alternate Data Stream - 1490 bytes -> C:\Users\BSC\Documents\20161B55-708FF4C6.eml:OEStandardProperty
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:373E1720
@Alternate Data Stream - 1086 bytes -> C:\Users\BSC\Desktop\Boursorama.website:TASKICON_4pinned-login-1048704090
@Alternate Data Stream - 1086 bytes -> C:\Users\BSC\Desktop\Boursorama.website:TASKICON_3pinned-forums1769190306
@Alternate Data Stream - 1086 bytes -> C:\Users\BSC\Desktop\Boursorama.website:TASKICON_2pinned-moneycenter-41153577
@Alternate Data Stream - 1086 bytes -> C:\Users\BSC\Desktop\Boursorama.website:TASKICON_1pinned-news2132547447

< End of report >

Un grand merci d'avance BSC
Haut
bsc

Re: mots en bleu soulignés et +

par bsc »

voici le lien:
http://pjjoint.malekal.com/files.php?id ... 11l12n6l11
merci
Haut
Avatar de l’utilisateur
angelique
Messages : 31842
Inscription : 28 févr. 2008 13:58
Localisation : Breizhilienne

Re: mots en bleu soulignés et +

par angelique »

SpyHunter et Spyware Doctor sont proposés via de faux blogs de sécurité... Ces faux blogs sont créés par des sociétés affiliées qui multiplient les sites WEB et tentent d'être dans les premiers résultats de Google concernant une des infections présentes sur ton PC.
Ces faux blogs proposent des versions payantes pour soit disant désinfecter son PC, ces sociétés affiliés touchent un % sur la ventes

Ce sont des pratiques douteuses et très limites, et non des méthodes dignes d'antispywares sérieux.
Je te conseille donc de désinstaller SpyHunter et/ou Spyware Doctor présent sur ton PC.

Pour plus d'informations, voir : http://forum.malekal.com/viewtopic.php?f=56&t=12847



===> désactiver TeaTimer de spybot::

Pour désactiver TeaTimer :

Afficher d'abord le Mode Avancé dans SpyBot

Options Avancées :
- menu Mode, Mode Avancé.

Une colonne de menus apparaît dans la partie gauche :

- cliquer sur Outils,
- cliquer sur Résident,
Dans Résident :
- décocher Résident "TeaTimer" pour le désactiver, et désinstalle spybot ça sert à rien !


Image relançe OTL , Copies et colles le contenue de cette citation ci dessous (en commençant bien à :OTL , les : inclus devant OTL jusqu'à [emptytemp] inclus) dans la partie inférieure d'OTL sous "Personalisation"
et cette fois ci clic CORRECTION

Code : Tout sélectionner

:OTL
SRV - [2014/02/14 12:12:30 | 000,052,568 | ---- | M] () [Auto | Start_Pending] -- C:\Users\BSC\AppData\Local\PirritSuggestor\PirritService.exe -- (PirritDesktop)
[2014/01/16 19:47:25 | 000,000,000 | ---D | M] (Free Games 111) -- C:\Users\BSC\AppData\Roaming\mozilla\Extensions\[email protected]
[2014/01/16 19:47:39 | 000,000,000 | ---D | M] (Speed Test 127) -- C:\Users\BSC\AppData\Roaming\mozilla\Extension
[2012/11/19 18:41:34 | 000,000,000 | ---D | M] (01NET.com) -- C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}
[2013/09/21 17:47:56 | 000,010,300 | R--- | M] () (No name found) -- C:\Users\BSC\AppData\Roaming\mozilla\firefox\profiles\extensions\[email protected]
[2013/09/21 17:51:44 | 000,010,300 | R--- | M] () (No name found) -- C:\Users\BSC\AppData\Roaming\mozilla\firefox\profiles\extensions\extensions\[email protected]
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
:files
C:\Users\BSC\AppData\Local\PirritSuggestor /D
:commands
[resethosts]
[emptytemp]
» Un rapport texte apparrait au redemarrage du pc ,poste le
Avec Gnu_Linux t'as un Noyau ... avec Ѡindows t'as que les pépins
https://helicium.altervista.org/
Supprimer les "virus" gratuitement http://www.supprimer-trojan.com/
Un p'tit Don à Angélique PDT_018 Merci.
Image
Haut
bsc

Re: mots en bleu soulignés et +

par bsc »

bonjour, merci pour ta réponse. concernant SpyHunter et/ou Spyware je les ai désinstallés et je ne les trouvent plus dans les programmes et pour SpyBot de même. j'ai donc fait la correction avec OTL et je te joins le rapport:


All processes killed
========== OTL ==========
Error: Unable to stop service PirritDesktop!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PirritDesktop deleted successfully.
C:\Users\BSC\AppData\Local\PirritSuggestor\PirritService.exe moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Extensions\[email protected]\chrome\skin folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Extensions\[email protected]\chrome\content folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Extensions\[email protected]\chrome folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Extensions\[email protected] folder moved successfully.
Folder C:\Users\BSC\AppData\Roaming\mozilla\Extension\ not found.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\Plugins folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\modules folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\META-INF folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\lib folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\defaults\preferences folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\defaults folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\sl folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\lib\jquery.alerts\images folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\lib\jquery.alerts folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\lib folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\core folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\WEATHER\js folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\WEATHER\css folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\WEATHER folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\TWITTER\resources folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\TWITTER\js folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\TWITTER\img folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\TWITTER folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\SEARCH_IN_NEW_TAB folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\SEARCH\view\style\rsx folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\SEARCH\view\style folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\SEARCH\view\script folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\SEARCH\view folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\SEARCH\resources folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\SEARCH\js folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\SEARCH\Css folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\SEARCH\buildSettings folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\SEARCH folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\RADIO_PLAYER\js\resources folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\RADIO_PLAYER\js folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\RADIO_PLAYER\css\custom-theme folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\RADIO_PLAYER\css folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\RADIO_PLAYER folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\PRICE_GONG\menu_dlg folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\PRICE_GONG\images folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\PRICE_GONG\css\custom-theme folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\PRICE_GONG\css folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\PRICE_GONG\agreement folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\PRICE_GONG folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\Optimizer\js folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\Optimizer folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\NOTIFICATION\js folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\NOTIFICATION\images\light folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\NOTIFICATION\images\dark folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\NOTIFICATION\images folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\NOTIFICATION\css folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\NOTIFICATION folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\MULTI_RSS\js\resources folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\MULTI_RSS\js folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\MULTI_RSS\img folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\MULTI_RSS\css folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\MULTI_RSS folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\HIGHLIGHTER\js folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\HIGHLIGHTER\css folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\HIGHLIGHTER folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\EMAIL_NOTIFIER\js\plugins folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\EMAIL_NOTIFIER\js folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\EMAIL_NOTIFIER\css folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\EMAIL_NOTIFIER folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\APPLICATION_BUTTON\resources folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\APPLICATION_BUTTON\Js folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\APPLICATION_BUTTON folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\404 folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\ui\menu\js folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\ui\menu\img folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\ui\menu\css folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\ui\menu folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\ui\gf\img folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\ui\gf\css folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\ui\gf folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\ui\gadgetFrame folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\ui\dlg\ftd\images folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\ui\dlg\ftd folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\ui\dlg folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\ui folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\sp\spsd\images folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\sp\spsd folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\sp\spbd\images folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\sp\spbd folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\sp\js folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\sp folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\options\js\resources folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\options\js folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\options\images folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\options\css folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\options folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\msd folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\features\js\resources folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\features\js folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\features folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\api folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\ac\res folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\ac\img folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\ac\css folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\ac folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\aboutBox\js folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\aboutBox\images folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\aboutBox folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284 folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d} folder moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\firefox\profiles\extensions\[email protected] moved successfully.
C:\Users\BSC\AppData\Roaming\mozilla\firefox\profiles\extensions\extensions\[email protected] moved successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
========== FILES ==========
C:\Users\BSC\AppData\Local\PirritSuggestor\gd.txt deleted successfully.
File delete failed. C:\Users\BSC\AppData\Local\PirritSuggestor\msvcp100.dll scheduled to be deleted on reboot.
File delete failed. C:\Users\BSC\AppData\Local\PirritSuggestor\msvcr100.dll scheduled to be deleted on reboot.
File delete failed. C:\Users\BSC\AppData\Local\PirritSuggestor\PirritDesktop.exe scheduled to be deleted on reboot.
File delete failed. C:\Users\BSC\AppData\Local\PirritSuggestor\QtCore4.dll scheduled to be deleted on reboot.
File delete failed. C:\Users\BSC\AppData\Local\PirritSuggestor\QtNetwork4.dll scheduled to be deleted on reboot.
Folder delete failed. C:\Users\BSC\AppData\Local\PirritSuggestor scheduled to be deleted on reboot.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: BSC
->Temp folder emptied: 154767654 bytes
->Temporary Internet Files folder emptied: 210346028 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 4351 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 1901322 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 258013 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 78246 bytes
RecycleBin emptied: 241203529 bytes

Total Files Cleaned = 580,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 02222014_132736

Files\Folders moved on Reboot...
C:\Users\BSC\AppData\Local\PirritSuggestor\msvcp100.dll moved successfully.
C:\Users\BSC\AppData\Local\PirritSuggestor\msvcr100.dll moved successfully.
C:\Users\BSC\AppData\Local\PirritSuggestor\PirritDesktop.exe moved successfully.
C:\Users\BSC\AppData\Local\PirritSuggestor\QtCore4.dll moved successfully.
C:\Users\BSC\AppData\Local\PirritSuggestor\QtNetwork4.dll moved successfully.
C:\Users\BSC\AppData\Local\PirritSuggestor folder moved successfully.
C:\Users\BSC\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File\Folder C:\Users\BSC\AppData\Local\Temp\~DF42DFB8058481F909.TMP not found!
File\Folder C:\Users\BSC\AppData\Local\Temp\~DF7739F704A4723D07.TMP not found!
File\Folder C:\Users\BSC\AppData\Local\Temp\~DF861980E59ABAE439.TMP not found!
File\Folder C:\Users\BSC\AppData\Local\Temp\~DF90AF71156B6D0CD7.TMP not found!
C:\Users\BSC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\U2GKKFMP\3qPfgRJhy_o6IWGjH-pPcw[1].eot moved successfully.
C:\Users\BSC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\U2GKKFMP\fastbutton[1].htm moved successfully.
C:\Users\BSC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\SMY14DEK\mots-bleu-soulignes-t46834[1].htm moved successfully.
C:\Users\BSC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FM8ESC77\728x90[1].htm moved successfully.
C:\Users\BSC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FM8ESC77\rosetta-icons-Regular[1].eot moved successfully.
C:\Users\BSC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FM8ESC77\stats[1].htm moved successfully.
C:\Users\BSC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FM8ESC77\twitter-icons[1].eot moved successfully.
C:\Users\BSC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\A0KHF6E7\postmessageRelay[1].htm moved successfully.
C:\Users\BSC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\8JWMHZDY\topics[1].htm moved successfully.
C:\Users\BSC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4CXZAPRB\TPCWNYWY.htm moved successfully.
C:\Users\BSC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully.
C:\Users\BSC\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\temp\Low\SkypeClickToCall\Logs\AutoUpdateSvc.log scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

dis moi stp si il faut faire autre chose. bonne journée. A+
Haut
Avatar de l’utilisateur
angelique
Messages : 31842
Inscription : 28 févr. 2008 13:58
Localisation : Breizhilienne

Re: mots en bleu soulignés et +

par angelique »

ç'est mieux ?
Avec Gnu_Linux t'as un Noyau ... avec Ѡindows t'as que les pépins
https://helicium.altervista.org/
Supprimer les "virus" gratuitement http://www.supprimer-trojan.com/
Un p'tit Don à Angélique PDT_018 Merci.
Image
Haut
bsc

Re: mots en bleu soulignés et +

par bsc »

merci pour ta réponse, mais elle laisse supposer qu'il peut rester quelque chose, est ce que je me trompe. dis moi.
Haut
Avatar de l’utilisateur
angelique
Messages : 31842
Inscription : 28 févr. 2008 13:58
Localisation : Breizhilienne

Re: mots en bleu soulignés et +

par angelique »

non ! je veux juste que tu constates que ton probleme originel n'existe plus .
Avec Gnu_Linux t'as un Noyau ... avec Ѡindows t'as que les pépins
https://helicium.altervista.org/
Supprimer les "virus" gratuitement http://www.supprimer-trojan.com/
Un p'tit Don à Angélique PDT_018 Merci.
Image
Haut
bsc

Re: mots en bleu soulignés et +

par bsc »

il semble que ce soit solutionné mais je viens de recevoir une demande de maj de java: cela a t il un rapport avec cette infection car cela coupe le message que je suis en train de t'écrire.
Haut
Avatar de l’utilisateur
angelique
Messages : 31842
Inscription : 28 févr. 2008 13:58
Localisation : Breizhilienne

Re: mots en bleu soulignés et +

par angelique »

ça peut etre un faux java via une pub de chez media clic, fait une capture d'ecran.
Avec Gnu_Linux t'as un Noyau ... avec Ѡindows t'as que les pépins
https://helicium.altervista.org/
Supprimer les "virus" gratuitement http://www.supprimer-trojan.com/
Un p'tit Don à Angélique PDT_018 Merci.
Image
Haut
  • Sujets similaires
    Réponses
    Vues
    Dernier message

Revenir à « Supprimer/Desinfecter les virus (Trojan, Adwares, Ransomwares, Backdoor, Spywares) »