Bonjour à toutes et à tous,
Infection générale
Un de mes amis a utilisé mon PC. Depuis je fais face à de nombreux dysfonctionnements, par exemple :
- Je n'ai plus la maîtrise de Firefox ; quand je le lance, le navigateur WebSearches s'impose.
- J'ai essayé de remplacer la page d’accueil.
- Ma banque n'accepte plus mes identifiants à partir de mon PC, elle les accepte à partir de mon portable
-Je reçois des messages m'incitant à installer ou à mettre à jour des logiciels.
Ce ne sont que des exemples.
Le fichier joint présente :
En haut,l'image de ma page d'accueil ;
Immédiatement en-dessous l'affichage de NoScipt qui ne mentionne pas WebSearches ;
En bas à gauche, une demande de mise à jour de StarterTV et,
En bas à droite la liste des navigateurs disponibles.
En attendant d'éliminer cette infection, j'utilise systématiquement le moteur de recherche Ixquick.
Son fonctionnement est perturbé. A l'ouverture il apparaît un site fermé précédemment.
Une recherche sur internet m'invite à utiliser trios logiciels adwcleaner, Malwarebytes et OTL.
Je tente l'utilisation de OTL dont j'ai une expérience limitée ( ).
J'ai lancé OTL et ai pratiqué une analyse simple.
http://pjjoint.malekal.com/files.php?id ... 117b11v6f5
Je ne sais pas exploiter ce rapport
Avec mes remerciements
Cordialement
Papy
Infection généralisée WebSearches
Modérateurs : Mods Windows, Helper
- Messages : 105
- Inscription : 12 août 2013 21:34
Infection généralisée WebSearches
Vous ne pouvez pas consulter les pièces jointes insérées à ce message.
- Messages : 31932
- Inscription : 28 févr. 2008 13:58
- Localisation : Breizhilienne
Re: Infection généralisée WebSearches
relançe OTL , Copies et colles le contenue de cette citation ci dessous (en commençant bien à :OTL , les : inclus devant OTL jusqu'à [emptytemp] inclus) dans la partie inférieure d'OTL sous "Personalisation" , FERME ton navigateur !!!et cette fois ci clic CORRECTION
» Un rapport texte apparrait au redemarrage du pc, poste le:OTL
SRV - (IePluginServices) -- C:\ProgramData\IePluginServices\PluginService.exe (Cherished Technololgy LIMITED)
SRV - (WindowsMangerProtect) -- C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe (Fuyu LIMITED)
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp ... SAF450073D
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com/web/?typ ... earchTerms}
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com/web/?typ ... earchTerms}
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://istart.webssearches.com/?type=hp ... SAF450073D
IE:64bit: - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://start.mysearchdial.com/results.p ... 445806&ir=
IE:64bit: - HKLM\..\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}: "URL" = http://istart.webssearches.com/web/?typ ... earchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp ... SAF450073D
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com/web/?typ ... earchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com/web/?typ ... earchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://istart.webssearches.com/?type=hp ... SAF450073D
IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://istart.webssearches.com/web/?typ ... earchTerms}
IE - HKU\S-1-5-21-1109241587-4111020064-2182409047-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp ... SAF450073D
IE - HKU\S-1-5-21-1109241587-4111020064-2182409047-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearchdial.com/?f=1&a=tu ... 445806&ir=
IE - HKU\S-1-5-21-1109241587-4111020064-2182409047-1000\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://start.mysearchdial.com/results.p ... 445806&ir=
IE - HKU\S-1-5-21-1109241587-4111020064-2182409047-1000\..\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}: "URL" = http://istart.webssearches.com/web/?typ ... earchTerms}
FF - prefs.js..browser.startup.homepage: "http://istart.webssearches.com/?type=hp ... SAF450073D"
FF - prefs.js..extensions.enabledAddons: boost%40boost.net:3.0.0.10
[2014/07/03 10:26:41 | 000,000,000 | ---D | M] ("Browser App") -- C:\Users\Utilisateur\AppData\Roaming\mozilla\Firefox\Profiles\nc6x79rx.default-1386777812474\extensions\[email protected]bb21c38dd.com
[2014/05/16 01:02:00 | 000,041,472 | ---- | M] () (No name found) -- C:\Users\Utilisateur\AppData\Roaming\mozilla\firefox\profiles\nc6x79rx.default-1386777812474\extensions\[email protected]
[2014/05/16 01:02:00 | 000,041,472 | ---- | M] () (No name found) -- C:\Users\Utilisateur\AppData\Roaming\mozilla\firefox\profiles\ygihfglg.default\extensions\[email protected]
[2014/05/02 14:24:46 | 000,000,916 | ---- | M] () -- C:\Users\Utilisateur\AppData\Roaming\mozilla\firefox\profiles\nc6x79rx.default-1386777812474\searchplugins\conduit-search.xml
[2014/05/02 14:01:46 | 000,001,368 | ---- | M] () -- C:\Users\Utilisateur\AppData\Roaming\mozilla\firefox\profiles\nc6x79rx.default-1386777812474\searchplugins\iminent.xml
[2014/07/04 08:09:51 | 000,002,795 | ---- | M] () -- C:\Users\Utilisateur\AppData\Roaming\mozilla\firefox\profiles\nc6x79rx.default-1386777812474\searchplugins\Mysearchdial.xml
O2 - BHO: (Browser App) - {11111111-1111-1111-1111-110611031146} - C:\Program Files (x86)\Browser App\Browser App-bho.dll (app)
O2 - BHO: (IETabPage Class) - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
O2 - BHO: (Boost) - {8DE6FC60-E023-4AD7-A3B7-591E1460E7F7} - C:\Program Files (x86)\Boost\Boost.dll (Jigsaw)
O4 - HKLM..\Run: [fst_fr_269] File not found
O4 - HKLM..\Run: [stv_fr_17] "C:\Program Files (x86)\stv_fr_17\stv_fr_17.exe" File not found
O4 - HKLM..\RunOnce: [upstv_fr_17.exe] C:\Users\Utilisateur\AppData\Local\stv_fr_17\upstv_fr_17.exe ()
O4 - Startup: C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BoostUpdater.lnk = C:\Program Files (x86)\Boost\BoostUpdater.exe ()
[2014/07/04 08:09:24 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\AppData\Roaming\MySearchDial
[2014/07/04 08:09:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mysearchdial
[2014/07/03 20:40:15 | 000,000,000 | ---D | C] -- C:\ProgramData\374311380
[2014/07/03 10:45:28 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\AppData\Local\stv_fr_17
[2014/07/03 10:45:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\stv_fr_17
[2014/07/03 10:45:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\predm
[2014/07/03 10:44:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Boost
[2014/07/03 10:26:58 | 000,000,000 | ---D | C] -- C:\ProgramData\IePluginServices
[2014/07/03 10:26:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SupTab
[2014/07/03 10:26:51 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsMangerProtect
[2014/07/03 10:26:40 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\AppData\Roaming\webssearches
[2014/07/03 10:26:33 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\AppData\Local\globalUpdate
[2014/07/03 10:26:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\globalUpdate
[2014/07/03 10:26:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Browser App
[2014/07/03 10:26:28 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\AppData\Roaming\VOPackage
[2014/07/03 10:26:28 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
[2014/07/03 10:26:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JFileManager
[2014/07/03 10:26:27 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\AppData\Local\JFileManager
[2014/07/03 10:26:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JFileManager
[2014/07/05 11:46:28 | 000,003,812 | ---- | M] () -- C:\Windows\tasks\4c057006-e9e8-4988-a064-1e8b7291dd9c-11.job
[2014/07/05 11:46:26 | 000,001,438 | ---- | M] () -- C:\Windows\tasks\4c057006-e9e8-4988-a064-1e8b7291dd9c-5_user.job
[2014/07/05 11:46:26 | 000,001,416 | ---- | M] () -- C:\Windows\tasks\4c057006-e9e8-4988-a064-1e8b7291dd9c-5.job
[2014/07/05 11:46:23 | 000,002,442 | ---- | M] () -- C:\Windows\tasks\4c057006-e9e8-4988-a064-1e8b7291dd9c-3.job
[2014/07/05 11:46:23 | 000,002,180 | ---- | M] () -- C:\Windows\tasks\4c057006-e9e8-4988-a064-1e8b7291dd9c-4.job
[2014/07/05 11:46:21 | 000,001,344 | ---- | M] () -- C:\Windows\tasks\4c057006-e9e8-4988-a064-1e8b7291dd9c-2.job
[2014/07/05 11:46:20 | 000,001,536 | ---- | M] () -- C:\Windows\tasks\4c057006-e9e8-4988-a064-1e8b7291dd9c-1.job
[2014/07/05 11:09:00 | 000,000,310 | ---- | M] () -- C:\Windows\tasks\MySearchDial.job
[2014/07/03 10:44:32 | 000,001,042 | ---- | C] () -- C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BoostUpdater.lnk
[2014/07/03 10:26:28 | 000,001,165 | ---- | C] () -- C:\Users\Public\Desktop\JFileManager.lnk
[2014/05/02 14:01:45 | 000,000,000 | ---D | M] -- C:\Users\Utilisateur\AppData\Roaming\IminentToolbar
:files
C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\igckfjdcbkimejmjmpmebffdjjjgncfn
C:\Windows\tasks\4c057006-e9e8-4988-a064-1e8b7291dd9c-*.job
:commands
[emptytemp]
Faire Adwcleaner , onglet scan puis ensuite suppression ... un redémarrage peut être demandé. , voir > , et poste le rapport. Réinitialise NoScriptVous ne pouvez pas consulter les pièces jointes insérées à ce message.
Avec Gnu_Linux t'as un Noyau ... avec Ѡindows t'as que les pépins
https://helicium.altervista.org/
Supprimer les "virus" gratuitement http://www.supprimer-trojan.com/
Un p'tit Don à Angélique
Merci.
https://helicium.altervista.org/
Supprimer les "virus" gratuitement http://www.supprimer-trojan.com/
Un p'tit Don à Angélique
Merci.- Messages : 105
- Inscription : 12 août 2013 21:34
Re: Infection généralisée WebSearches
140705 1713 Merci angelique,
Voici les rapports.
OTL
L'upload a réussi ! - Le lien à transmettre à vos correspondant pour visualiser le fichier est : http://pjjoint.malekal.com/files.php?id ... 9z12f12x12
FixLog.txt
L'upload a réussi ! - Le lien à transmettre à vos correspondant pour visualiser le fichier est : http://pjjoint.malekal.com/files.php?id ... 15g11q13s1
AdwCleaner na pas demandé de redémarrage
# AdwCleaner v1.606 - Rapport créé le 05/07/2014 à 17:31:54
# Mis à jour le 10/05/2012 par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : Utilisateur - PCFIXE
# Exécuté depuis : C:\Users\Utilisateur\Desktop\adwcleaner-1.606-en.exe
# Option [Recherche]
***** [Services] *****
***** [Fichiers / Dossiers] *****
Dossier Présent : C:\Users\Lyon\AppData\Roaming\Mozilla\Firefox\Profiles\nsxt5g14.default\extensions\staged
***** [Registre] *****
Clé Présente : HKCU\Software\Tuto4PC
[x64] Clé Présente : HKCU\Software\Tuto4PC
***** [Registre - GUID] *****
***** [Navigateurs] *****
-\\ Internet Explorer v9.11.9600.17126
[OK] Le registre ne contient aucune entrée illégitime.
-\\ Mozilla Firefox v30.0 (fr)
Nom du profil : default-1386777812474 [Profil par défaut]
Fichier : C:\Users\Utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\nc6x79rx.default-1386777812474\prefs.js
Présente : user_pref("extensions.ab8c5ecce0eab4412bbe66dac31ebfaecd0bda10d78c84ed2a9fffe1bb21c38ddcom60346.6034[...]
Nom du profil : default
Fichier : C:\Users\Lyon\AppData\Roaming\Mozilla\Firefox\Profiles\nsxt5g14.default\prefs.js
[OK] Le fichier ne contient aucune entrée illégitime.
-\\ Google Chrome v [Impossible d'obtenir la version]
Fichier : C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Le fichier ne contient aucune entrée illégitime.
*************************
AdwCleaner[S8].txt - [1904 octets] - [13/08/2013 13:36:54]
AdwCleaner[R8].txt - [7379 octets] - [02/05/2014 14:06:21]
AdwCleaner[R9].txt - [2663 octets] - [24/05/2014 11:21:03]
AdwCleaner[R10].txt - [2725 octets] - [24/05/2014 11:22:19]
AdwCleaner[S9].txt - [2620 octets] - [24/05/2014 11:23:01]
AdwCleaner[R11].txt - [1937 octets] - [28/06/2014 15:47:19]
AdwCleaner[R12].txt - [1998 octets] - [28/06/2014 15:47:55]
AdwCleaner[S10].txt - [1934 octets] - [28/06/2014 15:48:49]
AdwCleaner[R13].txt - [2120 octets] - [29/06/2014 12:53:08]
AdwCleaner[S11].txt - [2056 octets] - [29/06/2014 12:54:36]
AdwCleaner[R14].txt - [2242 octets] - [01/07/2014 09:32:42]
AdwCleaner[S12].txt - [2178 octets] - [01/07/2014 09:33:59]
AdwCleaner[R15].txt - [3221 octets] - [03/07/2014 15:30:51]
AdwCleaner[S13].txt - [3104 octets] - [03/07/2014 15:31:25]
AdwCleaner[R16].txt - [2299 octets] - [03/07/2014 20:00:47]
AdwCleaner[S14].txt - [2363 octets] - [03/07/2014 20:01:31]
AdwCleaner[R17].txt - [2483 octets] - [05/07/2014 17:31:54]
########## EOF - C:\AdwCleaner[R17].txt - [2612 octets] ##########
Question
Comment réinitialiser NoScript?
Cordialement
Papy
Voici les rapports.
OTL
L'upload a réussi ! - Le lien à transmettre à vos correspondant pour visualiser le fichier est : http://pjjoint.malekal.com/files.php?id ... 9z12f12x12
FixLog.txt
L'upload a réussi ! - Le lien à transmettre à vos correspondant pour visualiser le fichier est : http://pjjoint.malekal.com/files.php?id ... 15g11q13s1
AdwCleaner na pas demandé de redémarrage
# AdwCleaner v1.606 - Rapport créé le 05/07/2014 à 17:31:54
# Mis à jour le 10/05/2012 par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : Utilisateur - PCFIXE
# Exécuté depuis : C:\Users\Utilisateur\Desktop\adwcleaner-1.606-en.exe
# Option [Recherche]
***** [Services] *****
***** [Fichiers / Dossiers] *****
Dossier Présent : C:\Users\Lyon\AppData\Roaming\Mozilla\Firefox\Profiles\nsxt5g14.default\extensions\staged
***** [Registre] *****
Clé Présente : HKCU\Software\Tuto4PC
[x64] Clé Présente : HKCU\Software\Tuto4PC
***** [Registre - GUID] *****
***** [Navigateurs] *****
-\\ Internet Explorer v9.11.9600.17126
[OK] Le registre ne contient aucune entrée illégitime.
-\\ Mozilla Firefox v30.0 (fr)
Nom du profil : default-1386777812474 [Profil par défaut]
Fichier : C:\Users\Utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\nc6x79rx.default-1386777812474\prefs.js
Présente : user_pref("extensions.ab8c5ecce0eab4412bbe66dac31ebfaecd0bda10d78c84ed2a9fffe1bb21c38ddcom60346.6034[...]
Nom du profil : default
Fichier : C:\Users\Lyon\AppData\Roaming\Mozilla\Firefox\Profiles\nsxt5g14.default\prefs.js
[OK] Le fichier ne contient aucune entrée illégitime.
-\\ Google Chrome v [Impossible d'obtenir la version]
Fichier : C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Le fichier ne contient aucune entrée illégitime.
*************************
AdwCleaner[S8].txt - [1904 octets] - [13/08/2013 13:36:54]
AdwCleaner[R8].txt - [7379 octets] - [02/05/2014 14:06:21]
AdwCleaner[R9].txt - [2663 octets] - [24/05/2014 11:21:03]
AdwCleaner[R10].txt - [2725 octets] - [24/05/2014 11:22:19]
AdwCleaner[S9].txt - [2620 octets] - [24/05/2014 11:23:01]
AdwCleaner[R11].txt - [1937 octets] - [28/06/2014 15:47:19]
AdwCleaner[R12].txt - [1998 octets] - [28/06/2014 15:47:55]
AdwCleaner[S10].txt - [1934 octets] - [28/06/2014 15:48:49]
AdwCleaner[R13].txt - [2120 octets] - [29/06/2014 12:53:08]
AdwCleaner[S11].txt - [2056 octets] - [29/06/2014 12:54:36]
AdwCleaner[R14].txt - [2242 octets] - [01/07/2014 09:32:42]
AdwCleaner[S12].txt - [2178 octets] - [01/07/2014 09:33:59]
AdwCleaner[R15].txt - [3221 octets] - [03/07/2014 15:30:51]
AdwCleaner[S13].txt - [3104 octets] - [03/07/2014 15:31:25]
AdwCleaner[R16].txt - [2299 octets] - [03/07/2014 20:00:47]
AdwCleaner[S14].txt - [2363 octets] - [03/07/2014 20:01:31]
AdwCleaner[R17].txt - [2483 octets] - [05/07/2014 17:31:54]
########## EOF - C:\AdwCleaner[R17].txt - [2612 octets] ##########
Question
Comment réinitialiser NoScript?
Cordialement
Papy
- Messages : 31932
- Inscription : 28 févr. 2008 13:58
- Localisation : Breizhilienne
Re: Infection généralisée WebSearches
Il faut cliquer CORRECTION une fois le script collé dans OTL, recommence.
Ta version adwcleaner est pas du tout à jour !! recommence > https://toolslib.net/downloads/viewdown ... dwcleaner/
La réinitialisation de noscript via ses options:
Ta version adwcleaner est pas du tout à jour !! recommence > https://toolslib.net/downloads/viewdown ... dwcleaner/
La réinitialisation de noscript via ses options:
Avec Gnu_Linux t'as un Noyau ... avec Ѡindows t'as que les pépins
https://helicium.altervista.org/
Supprimer les "virus" gratuitement http://www.supprimer-trojan.com/
Un p'tit Don à Angélique Merci.
https://helicium.altervista.org/
Supprimer les "virus" gratuitement http://www.supprimer-trojan.com/
Un p'tit Don à Angélique
Merci.- Messages : 105
- Inscription : 12 août 2013 21:34
Re: Infection généralisée WebSearches
140706 0911 Merci angélique, AdvCleaner, Noscript et OTL
AdwCleaner
j'ai mis à la poubelle l'exécutif de dossier Téléchargement et son raccourci. Cette méthode
est rustique. Peut-on mettre à jour ce logiciel ?
J'ai téléchargé la dernière version à l'adresse que tu m'as indiquée.
NoScript
Je ne sais pas retirer un site de la liste blanche.
OTL
J'ai recommencé en cliquant sur CORRECTION.
Voici le rapport obtenu après le redémarrage de Windows.
All processes killed
========== OTL ==========
Service IePluginServices stopped successfully!
Service IePluginServices deleted successfully!
C:\ProgramData\IePluginServices\PluginService.exe moved successfully.
Service WindowsMangerProtect stopped successfully!
Service WindowsMangerProtect deleted successfully!
C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe moved successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ not found.
HKU\S-1-5-21-1109241587-4111020064-2182409047-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKU\S-1-5-21-1109241587-4111020064-2182409047-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-1109241587-4111020064-2182409047-1000\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ not found.
Registry key HKEY_USERS\S-1-5-21-1109241587-4111020064-2182409047-1000\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}\ not found.
Prefs.js: "http://istart.webssearches.com/?type=hp ... SAF450073D" removed from browser.startup.homepage
Prefs.js: boost%40boost.net:3.0.0.10 removed from extensions.enabledAddons
C:\Users\Utilisateur\AppData\Roaming\mozilla\Firefox\Profiles\nc6x79rx.default-1386777812474\extensions\[email protected]bb21c38dd.com\skin folder moved successfully.
C:\Users\Utilisateur\AppData\Roaming\mozilla\Firefox\Profiles\nc6x79rx.default-1386777812474\extensions\[email protected]bb21c38dd.com\locale\en-US folder moved successfully.
C:\Users\Utilisateur\AppData\Roaming\mozilla\Firefox\Profiles\nc6x79rx.default-1386777812474\extensions\[email protected]bb21c38dd.com\locale folder moved successfully.
C:\Users\Utilisateur\AppData\Roaming\mozilla\Firefox\Profiles\nc6x79rx.default-1386777812474\extensions\[email protected]bb21c38dd.com\extensionData\userCode folder moved successfully.
C:\Users\Utilisateur\AppData\Roaming\mozilla\Firefox\Profiles\nc6x79rx.default-1386777812474\extensions\[email protected]bb21c38dd.com\extensionData\plugins folder moved successfully.
C:\Users\Utilisateur\AppData\Roaming\mozilla\Firefox\Profiles\nc6x79rx.default-1386777812474\extensions\[email protected]bb21c38dd.com\extensionData folder moved successfully.
C:\Users\Utilisateur\AppData\Roaming\mozilla\Firefox\Profiles\nc6x79rx.default-1386777812474\extensions\[email protected]bb21c38dd.com\defaults\preferences folder moved successfully.
C:\Users\Utilisateur\AppData\Roaming\mozilla\Firefox\Profiles\nc6x79rx.default-1386777812474\extensions\[email protected]bb21c38dd.com\defaults folder moved successfully.
C:\Users\Utilisateur\AppData\Roaming\mozilla\Firefox\Profiles\nc6x79rx.default-1386777812474\extensions\[email protected]bb21c38dd.com\chrome\content\core folder moved successfully.
C:\Users\Utilisateur\AppData\Roaming\mozilla\Firefox\Profiles\nc6x79rx.default-1386777812474\extensions\[email protected]bb21c38dd.com\chrome\content\api folder moved successfully.
Folder move failed. C:\Users\Utilisateur\AppData\Roaming\mozilla\Firefox\Profiles\nc6x79rx.default-1386777812474\extensions\[email protected]bb21c38dd.com\chrome\content scheduled to be moved on reboot.
Folder move failed. C:\Users\Utilisateur\AppData\Roaming\mozilla\Firefox\Profiles\nc6x79rx.default-1386777812474\extensions\[email protected]bb21c38dd.com\chrome scheduled to be moved on reboot.
Folder move failed. C:\Users\Utilisateur\AppData\Roaming\mozilla\Firefox\Profiles\nc6x79rx.default-1386777812474\extensions\[email protected]bb21c38dd.com scheduled to be moved on reboot.
C:\Users\Utilisateur\AppData\Roaming\mozilla\firefox\profiles\nc6x79rx.default-1386777812474\extensions\[email protected] moved successfully.
C:\Users\Utilisateur\AppData\Roaming\mozilla\firefox\profiles\ygihfglg.default\extensions\[email protected] moved successfully.
C:\Users\Utilisateur\AppData\Roaming\mozilla\firefox\profiles\nc6x79rx.default-1386777812474\searchplugins\conduit-search.xml moved successfully.
C:\Users\Utilisateur\AppData\Roaming\mozilla\firefox\profiles\nc6x79rx.default-1386777812474\searchplugins\iminent.xml moved successfully.
C:\Users\Utilisateur\AppData\Roaming\mozilla\firefox\profiles\nc6x79rx.default-1386777812474\searchplugins\Mysearchdial.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611031146}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611031146}\ deleted successfully.
C:\Program Files (x86)\Browser App\Browser App-bho.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}\ deleted successfully.
C:\Program Files (x86)\SupTab\SupTab.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8DE6FC60-E023-4AD7-A3B7-591E1460E7F7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8DE6FC60-E023-4AD7-A3B7-591E1460E7F7}\ deleted successfully.
C:\Program Files (x86)\Boost\Boost.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\fst_fr_269 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\stv_fr_17 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\upstv_fr_17.exe deleted successfully.
C:\Users\Utilisateur\AppData\Local\stv_fr_17\upstv_fr_17.exe moved successfully.
C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BoostUpdater.lnk moved successfully.
C:\Program Files (x86)\Boost\BoostUpdater.exe moved successfully.
C:\Users\Utilisateur\AppData\Roaming\MySearchDial\UpdateProc folder moved successfully.
C:\Users\Utilisateur\AppData\Roaming\MySearchDial folder moved successfully.
C:\Program Files (x86)\Mysearchdial\1.8.29.0\bh folder moved successfully.
C:\Program Files (x86)\Mysearchdial\1.8.29.0 folder moved successfully.
C:\Program Files (x86)\Mysearchdial folder moved successfully.
C:\ProgramData\374311380 folder moved successfully.
C:\Users\Utilisateur\AppData\Local\stv_fr_17\Download folder moved successfully.
C:\Users\Utilisateur\AppData\Local\stv_fr_17 folder moved successfully.
C:\Program Files (x86)\stv_fr_17 folder moved successfully.
C:\Program Files (x86)\predm folder moved successfully.
C:\Program Files (x86)\Boost folder moved successfully.
C:\ProgramData\IePluginServices\update folder moved successfully.
C:\ProgramData\IePluginServices folder moved successfully.
C:\Program Files (x86)\SupTab\web\_locales\zh-TW folder moved successfully.
C:\Program Files (x86)\SupTab\web\_locales\zh-CN folder moved successfully.
C:\Program Files (x86)\SupTab\web\_locales\vi-VI folder moved successfully.
C:\Program Files (x86)\SupTab\web\_locales\tr-TR folder moved successfully.
C:\Program Files (x86)\SupTab\web\_locales\ru-MO folder moved successfully.
C:\Program Files (x86)\SupTab\web\_locales\ru folder moved successfully.
C:\Program Files (x86)\SupTab\web\_locales\pt-BR folder moved successfully.
C:\Program Files (x86)\SupTab\web\_locales\pt folder moved successfully.
C:\Program Files (x86)\SupTab\web\_locales\pl folder moved successfully.
C:\Program Files (x86)\SupTab\web\_locales\it-IT folder moved successfully.
C:\Program Files (x86)\SupTab\web\_locales\it-CH folder moved successfully.
C:\Program Files (x86)\SupTab\web\_locales\fr-LU folder moved successfully.
C:\Program Files (x86)\SupTab\web\_locales\fr-FR folder moved successfully.
C:\Program Files (x86)\SupTab\web\_locales\fr-CH folder moved successfully.
C:\Program Files (x86)\SupTab\web\_locales\fr-CA folder moved successfully.
C:\Program Files (x86)\SupTab\web\_locales\fr-BE folder moved successfully.
C:\Program Files (x86)\SupTab\web\_locales\es-ES folder moved successfully.
C:\Program Files (x86)\SupTab\web\_locales\es-419 folder moved successfully.
C:\Program Files (x86)\SupTab\web\_locales\en-US folder moved successfully.
C:\Program Files (x86)\SupTab\web\_locales folder moved successfully.
C:\Program Files (x86)\SupTab\web\js folder moved successfully.
C:\Program Files (x86)\SupTab\web\img\weather folder moved successfully.
C:\Program Files (x86)\SupTab\web\img folder moved successfully.
C:\Program Files (x86)\SupTab\web folder moved successfully.
C:\Program Files (x86)\SupTab folder moved successfully.
C:\ProgramData\WindowsMangerProtect\update folder moved successfully.
C:\ProgramData\WindowsMangerProtect\log folder moved successfully.
C:\ProgramData\WindowsMangerProtect folder moved successfully.
C:\Users\Utilisateur\AppData\Roaming\webssearches\log folder moved successfully.
C:\Users\Utilisateur\AppData\Roaming\webssearches\images\code folder moved successfully.
C:\Users\Utilisateur\AppData\Roaming\webssearches\images folder moved successfully.
C:\Users\Utilisateur\AppData\Roaming\webssearches folder moved successfully.
C:\Users\Utilisateur\AppData\Local\globalUpdate\CrashReports folder moved successfully.
C:\Users\Utilisateur\AppData\Local\globalUpdate folder moved successfully.
C:\Program Files (x86)\globalUpdate\Update\Offline\{416D5299-5B1D-4318-A819-4EF51EA5CDAA} folder moved successfully.
C:\Program Files (x86)\globalUpdate\Update\Offline folder moved successfully.
C:\Program Files (x86)\globalUpdate\Update\Install folder moved successfully.
C:\Program Files (x86)\globalUpdate\Update\Download folder moved successfully.
C:\Program Files (x86)\globalUpdate\Update\1.3.25.0 folder moved successfully.
C:\Program Files (x86)\globalUpdate\Update folder moved successfully.
C:\Program Files (x86)\globalUpdate\CrashReports folder moved successfully.
C:\Program Files (x86)\globalUpdate folder moved successfully.
C:\Program Files (x86)\Browser App folder moved successfully.
C:\Users\Utilisateur\AppData\Roaming\VOPackage folder moved successfully.
C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage folder moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JFileManager folder moved successfully.
C:\Users\Utilisateur\AppData\Local\JFileManager\Downloads\Torrents folder moved successfully.
C:\Users\Utilisateur\AppData\Local\JFileManager\Downloads folder moved successfully.
C:\Users\Utilisateur\AppData\Local\JFileManager folder moved successfully.
C:\Program Files (x86)\JFileManager\Languages folder moved successfully.
C:\Program Files (x86)\JFileManager folder moved successfully.
C:\Windows\Tasks\4c057006-e9e8-4988-a064-1e8b7291dd9c-11.job moved successfully.
C:\Windows\Tasks\4c057006-e9e8-4988-a064-1e8b7291dd9c-5_user.job moved successfully.
C:\Windows\Tasks\4c057006-e9e8-4988-a064-1e8b7291dd9c-5.job moved successfully.
C:\Windows\Tasks\4c057006-e9e8-4988-a064-1e8b7291dd9c-3.job moved successfully.
C:\Windows\Tasks\4c057006-e9e8-4988-a064-1e8b7291dd9c-4.job moved successfully.
C:\Windows\Tasks\4c057006-e9e8-4988-a064-1e8b7291dd9c-2.job moved successfully.
C:\Windows\Tasks\4c057006-e9e8-4988-a064-1e8b7291dd9c-1.job moved successfully.
C:\Windows\Tasks\MySearchDial.job moved successfully.
File C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BoostUpdater.lnk not found.
C:\Users\Public\Desktop\JFileManager.lnk moved successfully.
C:\Users\Utilisateur\AppData\Roaming\IminentToolbar folder moved successfully.
File ptytemp] not found.
OTL by OldTimer - Version 3.2.69.0 log created on 07062014_091919
Files\Folders moved on Reboot...
Folder move failed. C:\Users\Utilisateur\AppData\Roaming\mozilla\Firefox\Profiles\nc6x79rx.default-1386777812474\extensions\[email protected]bb21c38dd.com\chrome\content scheduled to be moved on reboot.
Folder move failed. C:\Users\Utilisateur\AppData\Roaming\mozilla\Firefox\Profiles\nc6x79rx.default-1386777812474\extensions\[email protected]bb21c38dd.com\chrome\content scheduled to be moved on reboot.
Folder move failed. C:\Users\Utilisateur\AppData\Roaming\mozilla\Firefox\Profiles\nc6x79rx.default-1386777812474\extensions\[email protected]bb21c38dd.com\chrome scheduled to be moved on reboot.
Folder move failed. C:\Users\Utilisateur\AppData\Roaming\mozilla\Firefox\Profiles\nc6x79rx.default-1386777812474\extensions\[email protected]bb21c38dd.com\chrome\content scheduled to be moved on reboot.
Folder move failed. C:\Users\Utilisateur\AppData\Roaming\mozilla\Firefox\Profiles\nc6x79rx.default-1386777812474\extensions\[email protected]bb21c38dd.com\chrome scheduled to be moved on reboot.
Folder move failed. C:\Users\Utilisateur\AppData\Roaming\mozilla\Firefox\Profiles\nc6x79rx.default-1386777812474\extensions\[email protected]bb21c38dd.com scheduled to be moved on reboot.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
Je constate lorsque je lance FireFox que le navigateur WebSearches s'impose encore(Fichier joint). Cordialement
Bon Dimanche
Papy
AdwCleaner
j'ai mis à la poubelle l'exécutif de dossier Téléchargement et son raccourci. Cette méthode
est rustique. Peut-on mettre à jour ce logiciel ?
J'ai téléchargé la dernière version à l'adresse que tu m'as indiquée.
NoScript
Je ne sais pas retirer un site de la liste blanche.
OTL
J'ai recommencé en cliquant sur CORRECTION.
Voici le rapport obtenu après le redémarrage de Windows.
All processes killed
========== OTL ==========
Service IePluginServices stopped successfully!
Service IePluginServices deleted successfully!
C:\ProgramData\IePluginServices\PluginService.exe moved successfully.
Service WindowsMangerProtect stopped successfully!
Service WindowsMangerProtect deleted successfully!
C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe moved successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ not found.
HKU\S-1-5-21-1109241587-4111020064-2182409047-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKU\S-1-5-21-1109241587-4111020064-2182409047-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-1109241587-4111020064-2182409047-1000\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ not found.
Registry key HKEY_USERS\S-1-5-21-1109241587-4111020064-2182409047-1000\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}\ not found.
Prefs.js: "http://istart.webssearches.com/?type=hp ... SAF450073D" removed from browser.startup.homepage
Prefs.js: boost%40boost.net:3.0.0.10 removed from extensions.enabledAddons
C:\Users\Utilisateur\AppData\Roaming\mozilla\Firefox\Profiles\nc6x79rx.default-1386777812474\extensions\[email protected]bb21c38dd.com\skin folder moved successfully.
C:\Users\Utilisateur\AppData\Roaming\mozilla\Firefox\Profiles\nc6x79rx.default-1386777812474\extensions\[email protected]bb21c38dd.com\locale\en-US folder moved successfully.
C:\Users\Utilisateur\AppData\Roaming\mozilla\Firefox\Profiles\nc6x79rx.default-1386777812474\extensions\[email protected]bb21c38dd.com\locale folder moved successfully.
C:\Users\Utilisateur\AppData\Roaming\mozilla\Firefox\Profiles\nc6x79rx.default-1386777812474\extensions\[email protected]bb21c38dd.com\extensionData\userCode folder moved successfully.
C:\Users\Utilisateur\AppData\Roaming\mozilla\Firefox\Profiles\nc6x79rx.default-1386777812474\extensions\[email protected]bb21c38dd.com\extensionData\plugins folder moved successfully.
C:\Users\Utilisateur\AppData\Roaming\mozilla\Firefox\Profiles\nc6x79rx.default-1386777812474\extensions\[email protected]bb21c38dd.com\extensionData folder moved successfully.
C:\Users\Utilisateur\AppData\Roaming\mozilla\Firefox\Profiles\nc6x79rx.default-1386777812474\extensions\[email protected]bb21c38dd.com\defaults\preferences folder moved successfully.
C:\Users\Utilisateur\AppData\Roaming\mozilla\Firefox\Profiles\nc6x79rx.default-1386777812474\extensions\[email protected]bb21c38dd.com\defaults folder moved successfully.
C:\Users\Utilisateur\AppData\Roaming\mozilla\Firefox\Profiles\nc6x79rx.default-1386777812474\extensions\[email protected]bb21c38dd.com\chrome\content\core folder moved successfully.
C:\Users\Utilisateur\AppData\Roaming\mozilla\Firefox\Profiles\nc6x79rx.default-1386777812474\extensions\[email protected]bb21c38dd.com\chrome\content\api folder moved successfully.
Folder move failed. C:\Users\Utilisateur\AppData\Roaming\mozilla\Firefox\Profiles\nc6x79rx.default-1386777812474\extensions\[email protected]bb21c38dd.com\chrome\content scheduled to be moved on reboot.
Folder move failed. C:\Users\Utilisateur\AppData\Roaming\mozilla\Firefox\Profiles\nc6x79rx.default-1386777812474\extensions\[email protected]bb21c38dd.com\chrome scheduled to be moved on reboot.
Folder move failed. C:\Users\Utilisateur\AppData\Roaming\mozilla\Firefox\Profiles\nc6x79rx.default-1386777812474\extensions\[email protected]bb21c38dd.com scheduled to be moved on reboot.
C:\Users\Utilisateur\AppData\Roaming\mozilla\firefox\profiles\nc6x79rx.default-1386777812474\extensions\[email protected] moved successfully.
C:\Users\Utilisateur\AppData\Roaming\mozilla\firefox\profiles\ygihfglg.default\extensions\[email protected] moved successfully.
C:\Users\Utilisateur\AppData\Roaming\mozilla\firefox\profiles\nc6x79rx.default-1386777812474\searchplugins\conduit-search.xml moved successfully.
C:\Users\Utilisateur\AppData\Roaming\mozilla\firefox\profiles\nc6x79rx.default-1386777812474\searchplugins\iminent.xml moved successfully.
C:\Users\Utilisateur\AppData\Roaming\mozilla\firefox\profiles\nc6x79rx.default-1386777812474\searchplugins\Mysearchdial.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611031146}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611031146}\ deleted successfully.
C:\Program Files (x86)\Browser App\Browser App-bho.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}\ deleted successfully.
C:\Program Files (x86)\SupTab\SupTab.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8DE6FC60-E023-4AD7-A3B7-591E1460E7F7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8DE6FC60-E023-4AD7-A3B7-591E1460E7F7}\ deleted successfully.
C:\Program Files (x86)\Boost\Boost.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\fst_fr_269 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\stv_fr_17 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\upstv_fr_17.exe deleted successfully.
C:\Users\Utilisateur\AppData\Local\stv_fr_17\upstv_fr_17.exe moved successfully.
C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BoostUpdater.lnk moved successfully.
C:\Program Files (x86)\Boost\BoostUpdater.exe moved successfully.
C:\Users\Utilisateur\AppData\Roaming\MySearchDial\UpdateProc folder moved successfully.
C:\Users\Utilisateur\AppData\Roaming\MySearchDial folder moved successfully.
C:\Program Files (x86)\Mysearchdial\1.8.29.0\bh folder moved successfully.
C:\Program Files (x86)\Mysearchdial\1.8.29.0 folder moved successfully.
C:\Program Files (x86)\Mysearchdial folder moved successfully.
C:\ProgramData\374311380 folder moved successfully.
C:\Users\Utilisateur\AppData\Local\stv_fr_17\Download folder moved successfully.
C:\Users\Utilisateur\AppData\Local\stv_fr_17 folder moved successfully.
C:\Program Files (x86)\stv_fr_17 folder moved successfully.
C:\Program Files (x86)\predm folder moved successfully.
C:\Program Files (x86)\Boost folder moved successfully.
C:\ProgramData\IePluginServices\update folder moved successfully.
C:\ProgramData\IePluginServices folder moved successfully.
C:\Program Files (x86)\SupTab\web\_locales\zh-TW folder moved successfully.
C:\Program Files (x86)\SupTab\web\_locales\zh-CN folder moved successfully.
C:\Program Files (x86)\SupTab\web\_locales\vi-VI folder moved successfully.
C:\Program Files (x86)\SupTab\web\_locales\tr-TR folder moved successfully.
C:\Program Files (x86)\SupTab\web\_locales\ru-MO folder moved successfully.
C:\Program Files (x86)\SupTab\web\_locales\ru folder moved successfully.
C:\Program Files (x86)\SupTab\web\_locales\pt-BR folder moved successfully.
C:\Program Files (x86)\SupTab\web\_locales\pt folder moved successfully.
C:\Program Files (x86)\SupTab\web\_locales\pl folder moved successfully.
C:\Program Files (x86)\SupTab\web\_locales\it-IT folder moved successfully.
C:\Program Files (x86)\SupTab\web\_locales\it-CH folder moved successfully.
C:\Program Files (x86)\SupTab\web\_locales\fr-LU folder moved successfully.
C:\Program Files (x86)\SupTab\web\_locales\fr-FR folder moved successfully.
C:\Program Files (x86)\SupTab\web\_locales\fr-CH folder moved successfully.
C:\Program Files (x86)\SupTab\web\_locales\fr-CA folder moved successfully.
C:\Program Files (x86)\SupTab\web\_locales\fr-BE folder moved successfully.
C:\Program Files (x86)\SupTab\web\_locales\es-ES folder moved successfully.
C:\Program Files (x86)\SupTab\web\_locales\es-419 folder moved successfully.
C:\Program Files (x86)\SupTab\web\_locales\en-US folder moved successfully.
C:\Program Files (x86)\SupTab\web\_locales folder moved successfully.
C:\Program Files (x86)\SupTab\web\js folder moved successfully.
C:\Program Files (x86)\SupTab\web\img\weather folder moved successfully.
C:\Program Files (x86)\SupTab\web\img folder moved successfully.
C:\Program Files (x86)\SupTab\web folder moved successfully.
C:\Program Files (x86)\SupTab folder moved successfully.
C:\ProgramData\WindowsMangerProtect\update folder moved successfully.
C:\ProgramData\WindowsMangerProtect\log folder moved successfully.
C:\ProgramData\WindowsMangerProtect folder moved successfully.
C:\Users\Utilisateur\AppData\Roaming\webssearches\log folder moved successfully.
C:\Users\Utilisateur\AppData\Roaming\webssearches\images\code folder moved successfully.
C:\Users\Utilisateur\AppData\Roaming\webssearches\images folder moved successfully.
C:\Users\Utilisateur\AppData\Roaming\webssearches folder moved successfully.
C:\Users\Utilisateur\AppData\Local\globalUpdate\CrashReports folder moved successfully.
C:\Users\Utilisateur\AppData\Local\globalUpdate folder moved successfully.
C:\Program Files (x86)\globalUpdate\Update\Offline\{416D5299-5B1D-4318-A819-4EF51EA5CDAA} folder moved successfully.
C:\Program Files (x86)\globalUpdate\Update\Offline folder moved successfully.
C:\Program Files (x86)\globalUpdate\Update\Install folder moved successfully.
C:\Program Files (x86)\globalUpdate\Update\Download folder moved successfully.
C:\Program Files (x86)\globalUpdate\Update\1.3.25.0 folder moved successfully.
C:\Program Files (x86)\globalUpdate\Update folder moved successfully.
C:\Program Files (x86)\globalUpdate\CrashReports folder moved successfully.
C:\Program Files (x86)\globalUpdate folder moved successfully.
C:\Program Files (x86)\Browser App folder moved successfully.
C:\Users\Utilisateur\AppData\Roaming\VOPackage folder moved successfully.
C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage folder moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JFileManager folder moved successfully.
C:\Users\Utilisateur\AppData\Local\JFileManager\Downloads\Torrents folder moved successfully.
C:\Users\Utilisateur\AppData\Local\JFileManager\Downloads folder moved successfully.
C:\Users\Utilisateur\AppData\Local\JFileManager folder moved successfully.
C:\Program Files (x86)\JFileManager\Languages folder moved successfully.
C:\Program Files (x86)\JFileManager folder moved successfully.
C:\Windows\Tasks\4c057006-e9e8-4988-a064-1e8b7291dd9c-11.job moved successfully.
C:\Windows\Tasks\4c057006-e9e8-4988-a064-1e8b7291dd9c-5_user.job moved successfully.
C:\Windows\Tasks\4c057006-e9e8-4988-a064-1e8b7291dd9c-5.job moved successfully.
C:\Windows\Tasks\4c057006-e9e8-4988-a064-1e8b7291dd9c-3.job moved successfully.
C:\Windows\Tasks\4c057006-e9e8-4988-a064-1e8b7291dd9c-4.job moved successfully.
C:\Windows\Tasks\4c057006-e9e8-4988-a064-1e8b7291dd9c-2.job moved successfully.
C:\Windows\Tasks\4c057006-e9e8-4988-a064-1e8b7291dd9c-1.job moved successfully.
C:\Windows\Tasks\MySearchDial.job moved successfully.
File C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BoostUpdater.lnk not found.
C:\Users\Public\Desktop\JFileManager.lnk moved successfully.
C:\Users\Utilisateur\AppData\Roaming\IminentToolbar folder moved successfully.
File ptytemp] not found.
OTL by OldTimer - Version 3.2.69.0 log created on 07062014_091919
Files\Folders moved on Reboot...
Folder move failed. C:\Users\Utilisateur\AppData\Roaming\mozilla\Firefox\Profiles\nc6x79rx.default-1386777812474\extensions\[email protected]bb21c38dd.com\chrome\content scheduled to be moved on reboot.
Folder move failed. C:\Users\Utilisateur\AppData\Roaming\mozilla\Firefox\Profiles\nc6x79rx.default-1386777812474\extensions\[email protected]bb21c38dd.com\chrome\content scheduled to be moved on reboot.
Folder move failed. C:\Users\Utilisateur\AppData\Roaming\mozilla\Firefox\Profiles\nc6x79rx.default-1386777812474\extensions\[email protected]bb21c38dd.com\chrome scheduled to be moved on reboot.
Folder move failed. C:\Users\Utilisateur\AppData\Roaming\mozilla\Firefox\Profiles\nc6x79rx.default-1386777812474\extensions\[email protected]bb21c38dd.com\chrome\content scheduled to be moved on reboot.
Folder move failed. C:\Users\Utilisateur\AppData\Roaming\mozilla\Firefox\Profiles\nc6x79rx.default-1386777812474\extensions\[email protected]bb21c38dd.com\chrome scheduled to be moved on reboot.
Folder move failed. C:\Users\Utilisateur\AppData\Roaming\mozilla\Firefox\Profiles\nc6x79rx.default-1386777812474\extensions\[email protected]bb21c38dd.com scheduled to be moved on reboot.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
Je constate lorsque je lance FireFox que le navigateur WebSearches s'impose encore(Fichier joint). Cordialement
Bon Dimanche
Papy
Vous ne pouvez pas consulter les pièces jointes insérées à ce message.
- Messages : 31932
- Inscription : 28 févr. 2008 13:58
- Localisation : Breizhilienne
Re: Infection généralisée WebSearches
poste le rapport adwcleaner (l'executable doit etre mis sur le bureau directement à chaque nouvelle utilisation) , clic juste sur réinitialiser dans les options de Noscript.
Avec Gnu_Linux t'as un Noyau ... avec Ѡindows t'as que les pépins
https://helicium.altervista.org/
Supprimer les "virus" gratuitement http://www.supprimer-trojan.com/
Un p'tit Don à Angélique Merci.
https://helicium.altervista.org/
Supprimer les "virus" gratuitement http://www.supprimer-trojan.com/
Un p'tit Don à Angélique
Merci.- Messages : 105
- Inscription : 12 août 2013 21:34
Re: Infection généralisée WebSearches
Merci angélique,
J'ai lancé AdwCleaner. Malheureusement, à la suite d'une fausse manœuvre, le rapportl a disparu.
J'ai eu le temps de constater de nombreuses corrections.
Si le rapport a été enregistré, je devrais pouvoir le retrouver.
Des résultats : - La liste des navigateurs est épurée; WebSearches a disparu.
- Mes identifiants sont acceptés à Labanquepostale.
Cordialement
Papy
J'ai lancé AdwCleaner. Malheureusement, à la suite d'une fausse manœuvre, le rapportl a disparu.
J'ai eu le temps de constater de nombreuses corrections.
Si le rapport a été enregistré, je devrais pouvoir le retrouver.
Des résultats : - La liste des navigateurs est épurée; WebSearches a disparu.
- Mes identifiants sont acceptés à Labanquepostale.
Cordialement
Papy
Vous ne pouvez pas consulter les pièces jointes insérées à ce message.
- Messages : 31932
- Inscription : 28 févr. 2008 13:58
- Localisation : Breizhilienne
Re: Infection généralisée WebSearches
tu relances OTL et tu clics Purge Outils , et ça sera OK.
Avec Gnu_Linux t'as un Noyau ... avec Ѡindows t'as que les pépins
https://helicium.altervista.org/
Supprimer les "virus" gratuitement http://www.supprimer-trojan.com/
Un p'tit Don à Angélique Merci.
https://helicium.altervista.org/
Supprimer les "virus" gratuitement http://www.supprimer-trojan.com/
Un p'tit Don à Angélique
Merci.-
- Sujets similaires
- Réponses
- Vues
- Dernier message
-
- 7 Réponses
- 210 Vues
-
Dernier message par Asphebe
-
- 6 Réponses
- 159 Vues
-
Dernier message par kein
-
- 4 Réponses
- 100 Vues
-
Dernier message par restezengege
-
- 20 Réponses
- 333 Vues
-
Dernier message par Malekal_morte
-
- 3 Réponses
- 196 Vues
-
Dernier message par Malekal_morte