Deal Keeper Ads et Rocket

[N31M4D]

Bonjour,

Ma compagne a voulu installer un logiciel, mais elle l'a téléchargé depuis un site qui n'était très certainement pas l'original.
Résultat évident, le logiciel n'est pas venu seul et a emporter avec lui quelques petits copains dont le fameux Deal Keeper et également le petit Rocket.

J'ai parcouru le forum et j'ai vu qu'il fallait utiliser adwcleaner et OTL.
J'ai téléchargé ces 2 logiciel depuis les liens que vous avez indiqué sur votre forum.

J'ai vraiment besoin de votre aide afin de m'éviter de remplacer le laptop de ma compagne qui risque sans tarder d'essayer d'apprendre à voler depuis le bureau jusque dans le jardin.

Par avance, un grand merci à tous ceux qui prennent le temps d'aider les autres qui comme ma compagne et moi sont un peu dans la m-----.

Bien cordialement.
Damien

[angelique]

• Faire Adwcleaner , onglet scan puis ensuite suppression ... un redémarrage peut être demandé. , voir > , et poste le rapport.
  
  
  • Téléchargez OTL sur votre Bureau.
    
    ou:
    
    OTL com
    
    OTL scr
    
    
    ou:
    
    OTL com
    
    OTL scr
  • Faites un double clic sur l'icône pour le lancer (clic droit executer en tant qu'administrateur sous vista|seven). Vérifiez que toutes les autres fenêtres sont fermées afin qu'il s'exécute sans interruption.
  • Quand la fenêtre apparaît, sous Rapport en haut, cochez Rapport minimal, ainsi que all users
  • Sous Registre: standard cochez Tous.
  • Cochez les cases à coté de Recherche Lop et Recherche Purity.
  • Copies et colles le contenue de cette citation dans la partie inférieure d'OTL sous "Personalisation":
    

    netsvcs
    msconfig
    safebootminimal
    safebootnetwork
    activex
    drivers32
    %SYSTEMDRIVE%\*.exe
    /md5start
    services.exe
    explorer.exe
    userinit.exe
    winlogon.exe
    wininit.exe
    atapi.sys
    afd.sys
    ipsec.sys
    netbt.sys
    tcpip.sys
    /md5stop
    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    C:\Windows\System32\Tasks\
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\System32\config\*.sav
    CREATERESTOREPOINT
    nslookup www.google.fr /c
    ipconfig /all /c
    ping www.google.fr /c

  • Cliquez sur le bouton Analyse. Ne modifiez aucun paramètre sans qu'on vous ait dit de le faire. L'analyse ne va pas durer longtemps.
    • Quand l'analyse est terminée, deux fenêtres du Bloc-notes vont s'ouvrir. OTL.Txt et Extras.Txt. Ces fichiers sont sauvegardés au même endroit que OTL.
    • Veuillez copier (Edition->Sélectionner tout, Edition->Copier) le contenu de ces fichiers, l'un après l'autre, et envoyez-les dans votre prochaine réponse.
    • Si ton rapport est trop long, utilise le site http://pjjoint.malekal.com/ pour envoyer ton rapport, et poste le lien dans ta prochaine réponse pour analyse
      
      
      
      
      tuto : https://www.malekal.com/tutorial_OTL.php

[N31M4D]

Voici déjà le rapport adwcleaner :

# AdwCleaner v3.216 - Rapport créé le 26/07/2014 à 19:42:02
# Mis à jour le 17/07/2014 par Xplode
# Système d'exploitation : Windows 8.1 (64 bits)
# Nom d'utilisateur : carine - MOUSE
# Exécuté depuis : C:\Users\carine\Desktop\adwcleaner_3.216.exe
# Option : Nettoyer

***** [ Services ] *****


***** [ Fichiers / Dossiers ] *****

Fichier Supprimé : C:\Users\carine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
Fichier Supprimé : C:\Users\carine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal

***** [ Raccourcis ] *****


***** [ Registre ] *****

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}

***** [ Navigateurs ] *****

-\\ Internet Explorer v11.0.9600.17126


-\\ Mozilla Firefox v28.0 (fr)

[ Fichier : C:\Users\carine\AppData\Roaming\Mozilla\Firefox\Profiles\lbo2h2mm.default\prefs.js ]


-\\ Google Chrome v36.0.1985.125

[ Fichier : C:\Users\carine\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [8672 octets] - [26/07/2014 17:28:08]
AdwCleaner[R1].txt - [2095 octets] - [26/07/2014 17:34:36]
AdwCleaner[R2].txt - [2215 octets] - [26/07/2014 19:39:00]
AdwCleaner[S0].txt - [7643 octets] - [26/07/2014 17:29:13]
AdwCleaner[S1].txt - [2167 octets] - [26/07/2014 17:35:08]
AdwCleaner[S2].txt - [2135 octets] - [26/07/2014 19:42:02]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [2195 octets] ##########

[N31M4D]

Le rapport OTL.txt :
http://pjjoint.malekal.com/files.php?id ... y9w15t7n11

[N31M4D]

Le rapport Extras.txt MAIS QUI DATE D'UN SCAN FAIT JUSTE AVANT :
En fait, je n'ai plus de nouvelle fenêtre du bloc-note qui s'ouvre pour ce rapport depuis.

OTL Extras logfile created on: 26/07/2014 17:48:06 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\carine\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17207)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,88 Gb Total Physical Memory | 1,92 Gb Available Physical Memory | 49,46% Memory free
5,13 Gb Paging File | 2,73 Gb Available in Paging File | 53,15% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 372,60 Gb Total Space | 201,56 Gb Free Space | 54,09% Space Free | Partition Type: NTFS
Drive D: | 537,89 Gb Total Space | 537,74 Gb Free Space | 99,97% Space Free | Partition Type: NTFS

Computer Name: MOUSE | User Name: carine | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1228159635-2758325271-3064999044-1002\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- C:\Program Files (x86)\ASP\filetypehelper.exe -scanunknown "%1" (Systweak)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS6\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- C:\Program Files (x86)\ASP\filetypehelper.exe -scanunknown "%1" (Systweak)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS6\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = AC 1C AE C5 46 9F CE 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{881D34F1-D1C4-48BB-A12F-E1489EDF893A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8CEA56B7-15F1-40F9-B779-EFE732D04315}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CA3FCEA8-AAF4-48B3-8AC6-D8C526ABC3AA}" = lport=7935 | protocol=6 | dir=in | name=adobe flash builder 4.6 |
"{D27B9DDC-221B-4FFB-9CD3-9A1DFA344649}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02F9C70E-2618-44E7-979C-E95458D68BBB}" = dir=out | name=adera |
"{0919CD84-40A4-4083-8B57-738C6A208170}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{0A3BBE3D-62AC-486D-8364-5D68C2AD45D4}" = dir=out | [email protected]{microsoft.windowsreadinglist_6.3.9654.20540_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{0DBB8C65-D547-4EB3-BB84-33BCFC7ACE2B}" = protocol=17 | dir=in | app=c:\program files (x86)\adobe\adobe flash builder 4.6\flashbuilder.exe |
"{11AEF598-A0C8-43C8-84E9-9304D238C2BA}" = dir=in | app=c:\users\carine\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{12FD967F-B9BE-4EB3-87D0-A4B2FF3A02E7}" = dir=out | [email protected]{microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{1A61CE6E-87FE-458C-AB83-38B32A1AA200}" = dir=in | [email protected]{microsoft.skypeapp_1.5.0.109_x86__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/manifest_display_name} |
"{26374645-4BAD-450D-B3E4-C64018D32254}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe |
"{2C4BD45F-59A7-4C29-A46B-FB489CE7E446}" = dir=in | [email protected]{microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{363C464C-4511-46E9-81B0-607E45F971AA}" = dir=out | [email protected]{microsoft.skypeapp_1.5.0.109_x86__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/manifest_display_name} |
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn |
"{42BAE429-FC55-4C8B-9507-F53FFA3B7327}" = dir=in | name=skype |
"{4B794B46-B6FF-4DC8-AC09-7A644A718122}" = dir=out | [email protected]{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{4C342C03-36C0-4DC1-9426-E71C0D4EBB49}" = dir=out | [email protected]{microsoft.bingfinance_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/brandedapptitle} |
"{4FCEE6F3-C220-4CD6-BBB3-AC2F3DE336CC}" = dir=out | [email protected]{microsoft.zunemusic_1.1.144.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{50E58F26-5E7B-4F2E-A9E1-382B2BADA036}" = dir=out | name=windows_ie_ac_001 |
"{51CDFA25-3FE7-4CA6-AD47-FFCB950210ED}" = dir=in | [email protected]{microsoft.reader_6.2.9200.20623_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | [email protected]{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect |
"{59219271-CF6D-4E94-9FF1-FDC33995D4FC}" = dir=in | name=microsoft solitaire collection |
"{5C2B1DF0-1D26-4E2A-970C-80397DD25658}" = dir=in | [email protected]{aufeminin.com.marmiton_1.1.0.49_neutral__mkpeb3b5nmday?ms-resource://aufeminin.com.marmiton/resources/displayname} |
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect |
"{6F231251-632C-4DD6-A01C-46DA0343ADEE}" = dir=in | name=check point vpn |
"{72094D93-B28B-4FD3-B389-4F9B221C2E21}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{7368EAEC-DA63-4B80-A667-5CC54F89100B}" = dir=out | [email protected]{microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{737C9E7C-24C3-4F5B-9B41-149C46968DD5}" = dir=out | name=skype wifi |
"{7856266F-447F-4A77-B60E-903E8F70D618}" = dir=out | [email protected]{microsoft.bingfoodanddrink_3.0.2.313_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{7908B2AF-3A8F-42E0-9BAA-B888646AEFAF}" = dir=out | name=windows_ie_ac_001 |
"{794C3B8D-43C2-4AED-AC7E-ACE34D82DBCD}" = dir=out | [email protected]{microsoft.binghealthandfitness_3.0.2.315_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{7998F885-4E8C-45E6-8175-F8122EC4BFBA}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd cinema\powerdvdcinema10.exe |
"{7A36605A-E852-4DA5-88DC-38D176471A60}" = dir=out | name=skype |
"{7F847AB5-C66F-4C41-84C8-4D840968640F}" = dir=out | [email protected]{microsoft.bingnews_3.0.2.309_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/brandedapptitle} |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | [email protected]{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{817192EF-5E6E-480D-89D2-6F62C9AABB7E}" = dir=out | [email protected]{aufeminin.com.marmiton_1.1.0.49_neutral__mkpeb3b5nmday?ms-resource://aufeminin.com.marmiton/resources/displayname} |
"{8C02FB82-97A8-4B30-A124-E44C6547348E}" = dir=in | name=f5 vpn |
"{8E83302E-B511-4CDE-A9B2-F21BE0B26E7E}" = dir=in | name=sonicwall mobile connect |
"{9625F35D-94FB-4D7E-B9E7-D750EFE28035}" = protocol=6 | dir=in | app=c:\program files (x86)\adobe\adobe flash builder 4.6\flashbuilder.exe |
"{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | [email protected]{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{A0BEB4B6-6138-4E07-BE57-BFE0E95B8169}" = dir=out | name=windows_ie_ac_001 |
"{A21358B7-659D-4854-A749-12FD311D7006}" = dir=in | [email protected]{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{A58BF843-F8FF-4028-AF4B-CDA2CAAD45FA}" = dir=out | [email protected]{microsoft.xboxlivegames_1.1.134.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{A60C517B-B392-4EBC-ABF4-3BCFAB10AACD}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{A79067FE-6B10-47F5-BE62-C89560F8145A}" = dir=out | [email protected]{microsoft.bingtravel_3.0.2.309_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} |
"{A97F078E-E126-4A4E-AFFA-725CFF4F34FB}" = dir=out | [email protected]{microsoft.bingweather_1.7.0.26_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{AD954756-1334-446A-845E-771CBDA91866}" = dir=out | name=fresh paint |
"{AE5869DC-7A49-4361-825C-DC8CBD8A22CC}" = dir=in | [email protected]{microsoft.windowsreadinglist_6.3.9654.20540_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{B1C00C96-7949-4E75-B28D-0081AE90398D}" = dir=out | [email protected]{microsoft.bingweather_3.0.2.309_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/brandedapptitle} |
"{B240C818-5994-460E-83DF-8F7AA3E54171}" = dir=in | name=juniper networks junos pulse |
"{B4B437EA-7112-4802-B9BE-D4448310CD23}" = dir=out | name=sonicwall mobile connect |
"{B7631AD2-E364-4157-916F-B08DC1484EBA}" = dir=out | name=so cookbook |
"{BBD41BF9-57C0-44BD-8CB1-17767364FE84}" = dir=out | [email protected]{microsoft.bingmaps_1.5.1.240_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{BBFAA339-FCD6-48F6-A1BE-D58D30F668ED}" = dir=out | [email protected]{microsoft.bingsports_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/brandedapptitle} |
"{C3DE7B2F-B0C9-474C-8D10-F032F2B6C02B}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{C59A0BF4-E57E-486D-9F87-1F5A49D7AC33}" = dir=out | name=juniper networks junos pulse |
"{C6D9A522-6A3C-4B96-891E-49D601102977}" = dir=out | [email protected]{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{CAECBEF4-6607-4929-805A-6FB7CC5987C3}" = dir=out | [email protected]{microsoft.zunevideo_2.2.902.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn |
"{D6D24FBD-667E-45A8-92F5-72C246B83DF2}" = dir=out | [email protected]{microsoft.zunemusic_2.2.903.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{D74B1773-3050-4913-BC92-6423A10D4C3C}" = dir=in | [email protected]{microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{D7BFD863-C936-4A0C-B572-59BA4F66073D}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D7E89D3A-4AAD-4931-B64D-66A149FE6386}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn |
"{DE5B935D-BE08-47F8-B0B3-8F0E8CC616AA}" = dir=out | [email protected]{aufeminin.com.cuisineaufeminin_1.0.0.13_neutral__mkpeb3b5nmday?ms-resource://aufeminin.com.cuisineaufeminin/resources/displayname} |
"{DEE6861B-C534-493D-8B65-8677C8F80570}" = dir=out | [email protected]{microsoft.reader_6.2.9200.20623_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{E3AF442F-733B-4BA1-955A-11906C21F9BE}" = dir=out | [email protected]{microsoft.bingnews_1.7.0.38_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{E54FA08F-18BA-4EBF-8267-00D848287D79}" = dir=out | [email protected]{microsoft.zunevideo_1.1.134.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | [email protected]{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{EA06D8E3-837D-46FD-82F3-FEF1F35A7A59}" = dir=out | name=wordament |
"{EAE51B04-7D71-43FB-8981-97C925D23B41}" = dir=out | name=f5 vpn |
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn |
"{EEF7F1AC-AC06-464D-AC2D-5A32669632B4}" = dir=out | name=check point vpn |
"{EF35EBF6-E133-46C2-BDC6-057B2F566C15}" = dir=out | name=microsoft solitaire collection |
"{F0F94F47-C79E-408B-9AC6-9BD5E1FB95AA}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{F531D5D0-A340-4866-83D9-E3F7CDF3D05D}" = dir=in | [email protected]{aufeminin.com.cuisineaufeminin_1.0.0.13_neutral__mkpeb3b5nmday?ms-resource://aufeminin.com.cuisineaufeminin/resources/displayname} |
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client |
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client |
"{FE47E3AC-A82D-488B-A06E-FB92751A6E3B}" = dir=out | [email protected]{microsoft.bingmaps_2.1.2922.2139_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}" = Apple Mobile Device Support
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid
"{ac225167-00fc-452d-94c5-bb93600e7d9a}" = Buzzdock
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panneau de configuration NVIDIA 327.02
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Pilote graphique 327.02
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.12.0613
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}" = Nokia Connectivity Cable Driver
"{E101D9B4-CD90-4966-B0D9-A6ECA7AC939D}" = DxO Optics Pro 8
"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
"{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}" = Intel® Trusted Connect Service Client
"0B624A43DD66DBF5CF3EDFA9741A364E688062A4" = Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices (03/07/2012 )
"C01F56FBD9B141017E63E2A1A141E59934D4DC67" = Package de pilotes Windows - ASUS (ATP) Mouse (10/29/2012 1.0.0.148)
"Deal Keeper" = Deal Keeper

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{185F9795-9663-4F13-9EF9-307A282ADB5A}" = ph
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{23170F69-40C1-2701-0920-000001000000}" = 7-Zip 9.20
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Qualcomm Atheros Client Installation Program
"{2A075BB4-E976-4278-BF3F-E5C6945D84C0}" = bl
"{32D39568-3B77-11E3-88CE-00163E98E7D0}" = Evernote v. 5.0.3
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{4D3286A6-F6AB-498A-82A4-E4F040529F3D}" = ASUS Smart Gesture
"{58172D66-2F69-4215-9AEC-ED8196023736}" = ASUS Tutor
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}" = NVIDIA PhysX
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{749F674B-2674-47E8-879C-5626A06B2A91}" = ASUS InstantOn
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7DA1C06F-C913-46C7-8A0F-DA2CBA17EA1D}" = OpenOffice.org 3.4.1
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}" = ASUS Instant Connect
"{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}" = Facebook Video Calling 2.0.0.447
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}" = ASUS USB Charger Plus
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{AC76BA86-1033-F400-7760-000000000005}" = Adobe Acrobat X Pro - English, Français, Deutsch
"{AF37176A-78CA-545B-34EF-8B6A21514DD1}" = Adobe Help Manager
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{BFA04EE0-8240-4667-8D53-45496A901C33}" = Camtasia Studio 8
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{DC06C90B-C5BE-42F6-B74D-A9503170998C}" = ASUS Product Demo Movie
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = ASUSDVD
"{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}" = Adobe Creative Suite 6 Master Collection
"{EFBE6DD5-B224-96E5-72B9-68D328CB12A6}" = Adobe Widget Browser
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}" = ASUS Live Update
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) SDK for OpenCL - CPU Only Runtime Package
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"7-Zip" = 7-Zip 9.20
"Adobe AIR" = Adobe AIR
"ASUS WebStorage" = ASUS WebStorage Sync Agent
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Help Manager
"com.adobe.WidgetBrowser" = Adobe Widget Browser
"Google Chrome" = Google Chrome
"GoPro CineForm Studio" = GoPro CineForm Studio 1.3.2
"Image Converter Image Converter" = Image Converter
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = ASUSDVD
"Mozilla Firefox 28.0 (x86 fr)" = Mozilla Firefox 28.0 (x86 fr)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"VLC media player" = VLC media player 2.0.8
"WinRAR archiver" = WinRAR 5.01 (32-bit)

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1228159635-2758325271-3064999044-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Image Editor Packages" = Image Editor Packages
"Rocket" = Rocket

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 21/07/2014 17:06:45 | Computer Name = mouse | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1547

Error - 21/07/2014 17:06:46 | Computer Name = mouse | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 21/07/2014 17:06:46 | Computer Name = mouse | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 2672

Error - 21/07/2014 17:06:46 | Computer Name = mouse | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2672

Error - 22/07/2014 00:50:08 | Computer Name = mouse | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 22/07/2014 00:50:08 | Computer Name = mouse | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 27804860

Error - 22/07/2014 00:50:08 | Computer Name = mouse | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 27804860

Error - 22/07/2014 00:50:09 | Computer Name = mouse | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 22/07/2014 00:50:09 | Computer Name = mouse | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 27805891

Error - 22/07/2014 00:50:09 | Computer Name = mouse | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 27805891

[ System Events ]
Error - 03/01/2014 13:57:56 | Computer Name = mouse | Source = DCOM | ID = 10010
Description =

Error - 03/01/2014 13:57:56 | Computer Name = mouse | Source = Service Control Manager | ID = 7023
Description = Le service Service Liste des réseaux s’est arrêté avec l’erreur :
%%21

Error - 03/01/2014 13:59:56 | Computer Name = mouse | Source = DCOM | ID = 10010
Description =

Error - 03/01/2014 13:59:56 | Computer Name = mouse | Source = Service Control Manager | ID = 7023
Description = Le service Service Liste des réseaux s’est arrêté avec l’erreur :
%%21

Error - 03/01/2014 14:01:26 | Computer Name = mouse | Source = DCOM | ID = 10010
Description =

Error - 03/01/2014 14:06:24 | Computer Name = mouse | Source = Service Control Manager | ID = 7038
Description = Le service nvUpdatusService n’a pas pu ouvrir de session en tant que
.\UpdatusUser avec le mot de passe actuellement configuré en raison de l’erreur
suivante : %%1326 Pour vous assurer que le service est configuré correctement, utilisez
le composant logiciel enfichable Services dans Microsoft Management Console (MMC).

Error - 03/01/2014 14:06:24 | Computer Name = mouse | Source = Service Control Manager | ID = 7000
Description = Le service NVIDIA Update Service Daemon n’a pas pu démarrer en raison
de l’erreur : %%1069

Error - 03/01/2014 14:07:47 | Computer Name = mouse | Source = DCOM | ID = 10010
Description =

Error - 03/01/2014 14:09:49 | Computer Name = mouse | Source = DCOM | ID = 10010
Description =

Error - 12/01/2014 16:08:23 | Computer Name = mouse | Source = Microsoft-Windows-Ntfs | ID = 98
Description =


< End of report >

[angelique]

==> relance adwcleaner et clic desinstaller



relançe OTL , Copies et colles le contenue de cette citation ci dessous (en commençant bien à :OTL , les : inclus devant OTL jusqu'à [emptytemp] inclus) dans la partie inférieure d'OTL sous "Personalisation"
et cette fois ci clic CORRECTION

:OTL
SRV - (Util Deal Keeper) -- C:\Program Files (x86)\Deal Keeper\bin\utilDealKeeper.exe ()
SRV - (Update Deal Keeper) -- C:\Program Files (x86)\Deal Keeper\updateDealKeeper.exe ()
DRV:64bit: - ({55dce8ba-9dec-4013-937e-adbf9317d990}Gw64) -- C:\Windows\SysNative\drivers\{55dce8ba-9dec-4013-937e-adbf9317d990}Gw64.sys (StdLib)
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://rocket-find.com/results.php?f=4& ... 244061&ir=
IE - HKU\S-1-5-21-1228159635-2758325271-3064999044-1002\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://rocket-find.com/results.php?f=4& ... 244061&ir=
O2 - BHO: (Deal Keeper) - {1ec8187a-6435-44e3-bbe4-6ce6d3c69254} - C:\Program Files (x86)\Deal Keeper\DealKeeperBHO.dll (Deal Keeper)
[2014/07/20 11:22:44 | 000,002,287 | ---- | C] () -- C:\Users\carine\Application Data\Microsoft\Internet Explorer\Quick Launch\Rocket.lnk
[2014/07/20 11:22:44 | 000,002,285 | ---- | C] () -- C:\Users\carine\Desktop\Rocket.lnk
:files
C:\Program Files (x86)\Deal Keeper
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Deal Keeper]
[-HKEY_USERS\S-1-5-21-1228159635-2758325271-3064999044-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Rocket]
:commands
[emptytemp]

» Un rapport texte apparrait au redemarrage du pc, poste le

[N31M4D]

All processes killed
========== OTL ==========
Error: Unable to stop service Util Deal Keeper!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Util Deal Keeper deleted successfully.
C:\Program Files (x86)\Deal Keeper\bin\utilDealKeeper.exe moved successfully.
Error: Unable to stop service Update Deal Keeper!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Update Deal Keeper deleted successfully.
C:\Program Files (x86)\Deal Keeper\updateDealKeeper.exe moved successfully.
Service {55dce8ba-9dec-4013-937e-adbf9317d990}Gw64 stopped successfully!
Service {55dce8ba-9dec-4013-937e-adbf9317d990}Gw64 deleted successfully!
C:\Windows\SysNative\drivers\{55dce8ba-9dec-4013-937e-adbf9317d990}Gw64.sys moved successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-1228159635-2758325271-3064999044-1002\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1ec8187a-6435-44e3-bbe4-6ce6d3c69254}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1ec8187a-6435-44e3-bbe4-6ce6d3c69254}\ deleted successfully.
C:\Program Files (x86)\Deal Keeper\DealKeeperBHO.dll moved successfully.
C:\Users\carine\Application Data\Microsoft\Internet Explorer\Quick Launch\Rocket.lnk moved successfully.
C:\Users\carine\Desktop\Rocket.lnk moved successfully.
========== FILES ==========
C:\Program Files (x86)\Deal Keeper\bin\TEMP folder moved successfully.
C:\Program Files (x86)\Deal Keeper\bin\plugins folder moved successfully.
C:\Program Files (x86)\Deal Keeper\bin folder moved successfully.
C:\Program Files (x86)\Deal Keeper folder moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Deal Keeper\ not found.
Registry key HKEY_USERS\S-1-5-21-1228159635-2758325271-3064999044-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Rocket\ deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: carine
->Temp folder emptied: 608403677 bytes
->Temporary Internet Files folder emptied: 7963318 bytes
->FireFox cache emptied: 16361205 bytes
->Google Chrome cache emptied: 358292852 bytes
->Flash cache emptied: 1065 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56475 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default.migrated

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 14410418 bytes
RecycleBin emptied: 1529237703 bytes

Total Files Cleaned = 2 417,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 07272014_141754

Files\Folders moved on Reboot...
C:\Users\carine\AppData\Local\Microsoft\Windows\INetCache\counters.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

[angelique]

ça doit être OK

===> relance OTL et clic purge outils





Il est important de surfer avec un navigateur non propriétaire, pour encore une fois des questions de fiabilité, de sécurité et pour que celui ci ne transmette pas directement un ensemble de données que vous utilisez/visualisez (comme c’est le cas de Chrome avec Google). Il est fortement recommandé d’utiliser Firefox, pour ces raisons et pour son aspect modulable, fonctionnant avec des modules comme Ad-block ( comme son nom l’indique, bloquer les publicités ), NoScript pour gérer flash ( voir 3 - Le format SWF (Flash) et les risques liés à son utilisation - http://www.cert.ssi.gouv.fr/site/CERTFR ... index.html - ), JavaScript, et\ou Iframe pourries sur sites compromis potentiellement générateur d'infections ( - http://forum.malekal.com/les-exploits-s ... t3563.html - )!!


Pour ne plus te faire avoir.
A lire - Programmes parasites / PUPs : https://www.malekal.com/adwares-pup-protection/


Pour ne plus te faire avoir.
A lire - Programmes parasites / PUPs : https://www.malekal.com/adwares-pup-protection/

Donc FireFox + Adblock + Noscript

• Firefox: http://www.mozilla.org/fr/firefox/new/ < https://download.mozilla.org/?product=f ... in&lang=fr > ou setup d'installation hors ligne > http://www.mozilla.org/en-US/firefox/all/

• Adblock: https://addons.mozilla.org/en-US/firefo ... lock-plus/

Mettre "actif" d'un clic les modules ci dessous qui apparraissent apres installation de ADBlock : chrome://adblockplus/content/ui/firstRun.html



List FR + EasyList << à mettre à jour regulièrement ainsi que les autres





NOTE POUR Adblock :
Certains sites abusent des publicités, dont leurs pages peuvent en être inondées (cela ralentit la navigation etc). Mais notez que les publicités sont parfois le seul revenus des sites WEB.
Filtrer toutes les publicités peuvent, par exemple, pénaliser ces sites, c’est notamment le cas de malekal.com
Si vous pensez que certains sites le méritent, vous pouvez les ajouter en liste blanche.



• Noscript: https://addons.mozilla.org/en-US/firefo ... /noscript/ : http://www.commentcamarche.net/faq/1567 ... -obeissant

Lire sécuriser FireFox:: https://www.malekal.com/securiser-le-na ... firefox-2/

[N31M4D]

Ma copine utilisait Chrome (contre mon avis).
Je viens de lancer Firefox afin de le paramétrer comme tu me le conseille.
Et là, surprise, mon amis Deal Keeper est présent.
Est-ce normal ?

[angelique]

Sur Firefox : Menu Outils / Modules complémentaires
Onglet Extension, supprime le , il est dedans :

C:\Users\carine\AppData\Roaming\mozilla\firefox\profiles\lbo2h2mm.default\extensions\{55dce8ba-9dec-4013-937e-adbf9317d990}.xpi

http://www.herdprotect.com/55dce8ba-9de ... 20bb2.aspx


et reconfigure ta page d'accueil de firefox

[N31M4D]

Sur Firefox : Menu Outils / Modules complémentaires
Onglet Extension, supprime le

Je l'ai supprimé depuis le menu de Firefox.

Par contre, je ne suis pas certain d'avoir compris cela :

il est dedans :

C:\Users\carine\AppData\Roaming\mozilla\firefox\profiles\lbo2h2mm.default\extensions\{55dce8ba-9dec-4013-937e-adbf9317d990}.xpi

http://www.herdprotect.com/55dce8ba-9de ... 20bb2.aspx

C'est la même chose ?

Et ça non plus :

et reconfigure ta page d'accueil de firefox

[angelique]

oui c'est pareil via extension ou le .xpi

Tu configures firefox , outils -- preférences etc... tu mets la page d'accueil que tu veux , etc...

[N31M4D]

Merci beaucoup.

Tout semble être rentré dans l'ordre.

C'est génial.

[angelique]