FORUM D’ENTRAIDE INFORMATIQUE (FEI)
Site d’assistance et de sécurité informatique

Aide à la désinfection (pages publicitaires, moteur de recherche remplacé, redirections, virus...).
Règles du forum : Entraide concernant la désinfection et la sécurité informatique : en cas de publicités intempestives, pop-up, redirections, logiciels indésirables, ralentissements suspects, virus, etc.
Une désinfection complète vous sera assurée : désinfection, sécurisation, puis prévention.
Seuls les helpers (personnes qualifiées et formées à la désinfection) ainsi que le staff sont autorisés à apporter leur aide dans cette section.
Merci également de prendre connaissance de la charte générale du forum.
  • Avatar du membre
  • Avatar du membre
Avatar du membre
par Mouche66
#161117
Bonjour,
lorsque j'ouvre des pages sous firefox, j'ai des pub qui s'affichent dans des fenêtres et il est noté Ads Gsave.

Comment puis-je éliminer ce problème, Merci.
Avatar du membre
par g3n-h@ckm@n
#161155
salut
  • Désactive ton antivirus le temps du téléchargement et de l'utilisation, le mieux étant jusqu'au prochain redémarrage.
  • Télécharge AdsFix sur ton bureau.
    Note : Enregistrer votre travail avant de continuer !
  • Lance AdsFix ( clic droit "executer en tant qu'administrateur" pour Vista/7/8/8.1 )
  • Pour un pc assez infecté , il peut mettre plusieurs secondes à se charger
  • Inscrit ton pays
  • Clique sur Nettoyer , après l'avoir débloqué dans les options
    Image
    Note : Patiente le temps du scan
  • Laisse travailler l'outil même s'il te parait bloqué
  • Si l'outil détecte un proxy que tu ne connais pas clic sur : "Supprimer le proxy"
  • Héberge le rapport C:\AdsFix_date_heure.txt sur SOSUpload puis donne le lien obtenu.
Aide:
Avatar du membre
par g3n-h@ckm@n
#161415
  • Télécharge MalwareBytes
  • Procède à l'installation de celui çi Décocher "Activer l'essai gratuit de Malwarebytes Anti-Malware Premium"
  • Clic sur Mettre à jour (à droite, au centre)
  • Clic sur Examen (en haut)
  • Sélectionne Examen "Menaces"
  • Clic sur Examiner maintenant

    Image
  • A la fin du scan clic sur Tout mettre en quarantaine !
  • Clic sur Copier dans le Presse-papiers
  • Un rapport va s'ouvrir. Copie/Colle son contenue dans ta prochaine réponse.
Avatar du membre
par Mouche66
#161419
Malwarebytes Anti-Malware
http://www.malwarebytes.org

Date de l'examen: 06/04/2015
Heure de l'examen: 16:44:30
Fichier journal:
Administrateur: Oui

Version: 2.01.4.1018
Base de données Malveillants: v2015.04.06.05
Base de données Rootkits: v2015.03.31.01
Licence: Gratuit
Protection contre les malveillants: Désactivé(e)
Protection contre les sites Web malveillants: Désactivé(e)
Auto-protection: Désactivé(e)

Système d'exploitation: Windows 7 Service Pack 1
Processeur: x86
Système de fichiers: NTFS
Utilisateur: tc

Type d'examen: Examen "Menaces"
Résultat: Terminé
Objets analysés: 344643
Temps écoulé: 5 min, 58 sec

Mémoire: Activé(e)
Démarrage: Activé(e)
Système de fichiers: Activé(e)
Archives: Activé(e)
Rootkits: Désactivé(e)
Heuristique: Activé(e)
PUP: Activé(e)
PUM: Activé(e)

Processus: 0
(Aucun élément malicieux détecté)

Modules: 1
PUP.Optional.Multiplug, C:\Program Files\compfix\compfix.dll, , [3627c6a397f363d36bea73be4ab87987],

Clés du Registre: 7
PUP.Optional.Multiplug, HKU\S-1-5-21-3066945588-124460456-176938884-1000_Classes\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040}, , [4e0f9bce890177bf5ce0ef4403008977],
PUP.Optional.Multiplug, HKU\S-1-5-21-3066945588-124460456-176938884-1000_Classes\INTERFACE\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}, , [4e0f9bce890177bf5ce0ef4403008977],
PUP.Optional.Multiplug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}, , [fd60c8a1484259dd2bd66ac8ad55e51b],
PUP.Optional.Multiplug, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{B5DB572D-EA87-D3B0-08F6-4D153EA6A783}, , [78e51257f9917bbb7de9938ee81bc63a],
PUP.Optional.Multiplug, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{478472F9-9E09-492A-BDAB-42EE595EF1AD}, , [d68778f1e5a5280e76f0cf52da2934cc],
PUP.Optional.Multiplug, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{35E13884-BAC3-5F4A-799B-05F882E0BD9F}, , [332a3b2e0b7fa0963d29081937cca060],
PUP.Optional.MultiPlug, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{4820778D-AB0D-6D18-C316-52A6A0E1D507}, , [3e1fc9a0fd8dd0660432706a0ff457a9],

Valeurs du Registre: 11
PUP.Optional.CoolSearches.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{BB82DE59-BC4C-4172-9AC4-73315F71CFFE}|FaviconURL, http://websearch.coolsearches.info/favicon.ico, , [0954c0a90f7b2016fe05d874709531cf]
PUP.Optional.CoolSearches.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{BB82DE59-BC4C-4172-9AC4-73315F71CFFE}|FaviconURLFallback, http://websearch.coolsearches.info/favicon.ico, , [322bd8910a808caac73c71dbd5305aa6]
PUP.Optional.CoolSearches.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{BB82DE59-BC4C-4172-9AC4-73315F71CFFE}|URL, http://websearch.coolsearches.info/?l=1 ... R&unqvl=85, , [6bf255148109082e778c51fbd035b749]
PUP.Optional.Lasaoren.A, HKU\S-1-5-21-3066945588-124460456-176938884-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, http://Lasaoren.com/results.php?f=4&q={ ... 912601&ir=, , [bca1d99099f1cc6a739fa1abae5725db]
PUP.Optional.Lasaoren.A, HKU\S-1-5-21-3066945588-124460456-176938884-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|TopResultURLFallback, http://Lasaoren.com/results.php?f=4&q={ ... 912601&ir=, , [09541e4b08822e08b959ce7ecc39758b]
PUP.Optional.Lasaoren.A, HKU\S-1-5-21-3066945588-124460456-176938884-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|FaviconPath, C:\Users\tc\AppData\Local\WSE_Lasaoren\\FavIcon.ico, , [bf9e1059abdf979f2de5d676e91c02fe]
PUP.Optional.Lasaoren.A, HKU\S-1-5-21-3066945588-124460456-176938884-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}, Lasaoren, , [99c458111a7067cf7e94c38944c12fd1]
PUP.Optional.Lasaoren.A, HKU\S-1-5-21-3066945588-124460456-176938884-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|DisplayName, Lasaoren, , [afae5613fe8c280e5bb7c488e32245bb]
PUP.Optional.CoolSearches.A, HKU\S-1-5-21-3066945588-124460456-176938884-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{BB82DE59-BC4C-4172-9AC4-73315F71CFFE}|FaviconURL, http://websearch.coolsearches.info/favicon.ico, , [e37a2f3a9feb1125d42e391349bc57a9]
PUP.Optional.CoolSearches.A, HKU\S-1-5-21-3066945588-124460456-176938884-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{BB82DE59-BC4C-4172-9AC4-73315F71CFFE}|FaviconURLFallback, http://websearch.coolsearches.info/favicon.ico, , [302dcc9d197149ed7290391340c5b44c]
PUP.Optional.CoolSearches.A, HKU\S-1-5-21-3066945588-124460456-176938884-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{BB82DE59-BC4C-4172-9AC4-73315F71CFFE}|URL, http://websearch.coolsearches.info/?l=1 ... R&unqvl=85, , [421b7beed9b1c67056ac8ac257ae14ec]

Données du Registre: 0
(Aucun élément malicieux détecté)

Dossiers: 17
PUP.Optional.MultiPlug.A, C:\Users\Invité\AppData\Local\Google\Chrome\User Data\Default\Extensions\igiahejkpbnbnekdaefddmdceocmjpll\223, , [92cb30398901aa8ca625565f0cf735cb],
PUP.Optional.MultiPlug.A, C:\Users\Invité\AppData\Local\Google\Chrome\User Data\Default\Extensions\igiahejkpbnbnekdaefddmdceocmjpll, , [92cb30398901aa8ca625565f0cf735cb],
PUP.Optional.MultiPlug.A, C:\Users\tc\AppData\Local\Google\Chrome\User Data\Default\Extensions\igiahejkpbnbnekdaefddmdceocmjpll\223, , [04597fea4a40171fc704bdf82fd4eb15],
PUP.Optional.MultiPlug.A, C:\Users\tc\AppData\Local\Google\Chrome\User Data\Default\Extensions\igiahejkpbnbnekdaefddmdceocmjpll, , [04597fea4a40171fc704bdf82fd4eb15],
PUP.Optional.MultiPlug.A, C:\Users\tc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijaabbaphikljkkcbgpbaljfjpflpeoo\131, , [92cbcb9ecac0ae886b608233ad56fd03],
PUP.Optional.MultiPlug.A, C:\Users\tc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijaabbaphikljkkcbgpbaljfjpflpeoo, , [92cbcb9ecac0ae886b608233ad56fd03],
PUP.Optional.MaintainerSvc.A, C:\ProgramData\e25f457c-9287-4f2d-b5a8-8cd714c55009, , [29341f4a0f7b48eeb7e94065729130d0],
PUP.Optional.7Go.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\7go@7go.com, , [5409c2a7533760d6a57e0a9f7192e818],
PUP.Optional.7Go.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome, , [5409c2a7533760d6a57e0a9f7192e818],
PUP.Optional.7Go.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content, , [5409c2a7533760d6a57e0a9f7192e818],
PUP.Optional.7Go.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\mz, , [5409c2a7533760d6a57e0a9f7192e818],
PUP.Optional.7Go.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\skin, , [5409c2a7533760d6a57e0a9f7192e818],
PUP.Optional.SpeedAnalysis.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com, , [9cc10168e5a568ce036700af4bb8a060],
PUP.Optional.SpeedAnalysis.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome, , [9cc10168e5a568ce036700af4bb8a060],
PUP.Optional.SpeedAnalysis.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content, , [9cc10168e5a568ce036700af4bb8a060],
PUP.Optional.SpeedAnalysis.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\mz, , [9cc10168e5a568ce036700af4bb8a060],
PUP.Optional.SpeedAnalysis.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\skin, , [9cc10168e5a568ce036700af4bb8a060],

Fichiers: 90
PUP.Optional.Multiplug, C:\Program Files\compfix\compfix.dll, , [3627c6a397f363d36bea73be4ab87987],
PUP.Optional.MultiPlug, C:\ProgramData\{c4f33ab6-6026-c9c0-c4f3-33ab6602ead9}\Stevie Wonder - Happy Birthday.exe, , [4c112148afdb57dff5b7a59b956d4ab6],
PUP.Optional.MultiPlug, C:\Users\tc\Desktop\Stevie Wonder - Happy Birthday.exe, , [f8655712c0ca51e5f1bbfb4531d141bf],
PUP.Optional.Multiplug.A, C:\Program Files\Favicon Changer\Favicon Changer.exe, , [fd60c8a1484259dd2bd66ac8ad55e51b],
PUP.Optional.Multiplug, C:\Program Files\FiinidBestDeial\jBNvjzARzGJalB.exe, , [78e51257f9917bbb7de9938ee81bc63a],
PUP.Optional.Multiplug, C:\Program Files\FunnDDeals\EsvhEeBcsB5sH5.exe, , [d68778f1e5a5280e76f0cf52da2934cc],
PUP.Optional.Multiplug, C:\Program Files\W3Schools Hider\W3Schools Hider.exe, , [332a3b2e0b7fa0963d29081937cca060],
PUP.Optional.InstallCore, C:\Users\tc\Downloads\PdfCreatorSetup.exe, , [461741287515be78de095883b1546d93],
PUP.Optional.MultiPlug.A, C:\Users\Invité\AppData\Local\Google\Chrome\User Data\Default\Extensions\igiahejkpbnbnekdaefddmdceocmjpll\223\lsdb.js, , [92cb30398901aa8ca625565f0cf735cb],
PUP.Optional.MultiPlug.A, C:\Users\Invité\AppData\Local\Google\Chrome\User Data\Default\Extensions\igiahejkpbnbnekdaefddmdceocmjpll\223\background.html, , [92cb30398901aa8ca625565f0cf735cb],
PUP.Optional.MultiPlug.A, C:\Users\Invité\AppData\Local\Google\Chrome\User Data\Default\Extensions\igiahejkpbnbnekdaefddmdceocmjpll\223\content.js, , [92cb30398901aa8ca625565f0cf735cb],
PUP.Optional.MultiPlug.A, C:\Users\Invité\AppData\Local\Google\Chrome\User Data\Default\Extensions\igiahejkpbnbnekdaefddmdceocmjpll\223\manifest.json, , [92cb30398901aa8ca625565f0cf735cb],
PUP.Optional.MultiPlug.A, C:\Users\Invité\AppData\Local\Google\Chrome\User Data\Default\Extensions\igiahejkpbnbnekdaefddmdceocmjpll\223\zB0qw8Ofs.js, , [92cb30398901aa8ca625565f0cf735cb],
PUP.Optional.MultiPlug.A, C:\Users\tc\AppData\Local\Google\Chrome\User Data\Default\Extensions\igiahejkpbnbnekdaefddmdceocmjpll\223\lsdb.js, , [04597fea4a40171fc704bdf82fd4eb15],
PUP.Optional.MultiPlug.A, C:\Users\tc\AppData\Local\Google\Chrome\User Data\Default\Extensions\igiahejkpbnbnekdaefddmdceocmjpll\223\background.html, , [04597fea4a40171fc704bdf82fd4eb15],
PUP.Optional.MultiPlug.A, C:\Users\tc\AppData\Local\Google\Chrome\User Data\Default\Extensions\igiahejkpbnbnekdaefddmdceocmjpll\223\content.js, , [04597fea4a40171fc704bdf82fd4eb15],
PUP.Optional.MultiPlug.A, C:\Users\tc\AppData\Local\Google\Chrome\User Data\Default\Extensions\igiahejkpbnbnekdaefddmdceocmjpll\223\manifest.json, , [04597fea4a40171fc704bdf82fd4eb15],
PUP.Optional.MultiPlug.A, C:\Users\tc\AppData\Local\Google\Chrome\User Data\Default\Extensions\igiahejkpbnbnekdaefddmdceocmjpll\223\zB0qw8Ofs.js, , [04597fea4a40171fc704bdf82fd4eb15],
PUP.Optional.MultiPlug.A, C:\Users\tc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijaabbaphikljkkcbgpbaljfjpflpeoo\131\lsdb.js, , [92cbcb9ecac0ae886b608233ad56fd03],
PUP.Optional.MultiPlug.A, C:\Users\tc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijaabbaphikljkkcbgpbaljfjpflpeoo\131\background.html, , [92cbcb9ecac0ae886b608233ad56fd03],
PUP.Optional.MultiPlug.A, C:\Users\tc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijaabbaphikljkkcbgpbaljfjpflpeoo\131\content.js, , [92cbcb9ecac0ae886b608233ad56fd03],
PUP.Optional.MultiPlug.A, C:\Users\tc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijaabbaphikljkkcbgpbaljfjpflpeoo\131\manifest.json, , [92cbcb9ecac0ae886b608233ad56fd03],
PUP.Optional.MultiPlug.A, C:\Users\tc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijaabbaphikljkkcbgpbaljfjpflpeoo\131\SI4N9V07.js, , [92cbcb9ecac0ae886b608233ad56fd03],
PUP.Optional.Lasaoren.A, C:\Users\tc\AppData\Roaming\Mozilla\Firefox\Profiles\85p4kzce.default\searchplugins\Lasaoren.xml, , [9fbe2c3d8802b4826539f3e316ed6898],
PUP.Optional.WebSearch.A, C:\Users\tc\AppData\Roaming\Mozilla\Firefox\Profiles\85p4kzce.default\searchplugins\WebSearch.xml, , [233a8edb8604ae88a4fc5ea010f32ed2],
PUP.Optional.MaintainerSvc.A, C:\ProgramData\e25f457c-9287-4f2d-b5a8-8cd714c55009\maintainer.bak, , [29341f4a0f7b48eeb7e94065729130d0],
PUP.Optional.7Go.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome.manifest, , [5409c2a7533760d6a57e0a9f7192e818],
PUP.Optional.7Go.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\7go@7go.com\install.rdf, , [5409c2a7533760d6a57e0a9f7192e818],
PUP.Optional.7Go.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\background.html, , [5409c2a7533760d6a57e0a9f7192e818],
PUP.Optional.7Go.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\bg.js, , [5409c2a7533760d6a57e0a9f7192e818],
PUP.Optional.7Go.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\button.xml, , [5409c2a7533760d6a57e0a9f7192e818],
PUP.Optional.7Go.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\config.js, , [5409c2a7533760d6a57e0a9f7192e818],
PUP.Optional.7Go.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\content.js, , [5409c2a7533760d6a57e0a9f7192e818],
PUP.Optional.7Go.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\framework.js, , [5409c2a7533760d6a57e0a9f7192e818],
PUP.Optional.7Go.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\framework.png, , [5409c2a7533760d6a57e0a9f7192e818],
PUP.Optional.7Go.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\framework.xul, , [5409c2a7533760d6a57e0a9f7192e818],
PUP.Optional.7Go.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\icon128.ico, , [5409c2a7533760d6a57e0a9f7192e818],
PUP.Optional.7Go.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\icon128.png, , [5409c2a7533760d6a57e0a9f7192e818],
PUP.Optional.7Go.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\icon16.ico, , [5409c2a7533760d6a57e0a9f7192e818],
PUP.Optional.7Go.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\icon16.png, , [5409c2a7533760d6a57e0a9f7192e818],
PUP.Optional.7Go.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\icon18.ico, , [5409c2a7533760d6a57e0a9f7192e818],
PUP.Optional.7Go.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\icon18.png, , [5409c2a7533760d6a57e0a9f7192e818],
PUP.Optional.7Go.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\icon24.ico, , [5409c2a7533760d6a57e0a9f7192e818],
PUP.Optional.7Go.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\icon24.png, , [5409c2a7533760d6a57e0a9f7192e818],
PUP.Optional.7Go.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\icon32.ico, , [5409c2a7533760d6a57e0a9f7192e818],
PUP.Optional.7Go.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\icon32.png, , [5409c2a7533760d6a57e0a9f7192e818],
PUP.Optional.7Go.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\icon48.ico, , [5409c2a7533760d6a57e0a9f7192e818],
PUP.Optional.7Go.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\icon48.png, , [5409c2a7533760d6a57e0a9f7192e818],
PUP.Optional.7Go.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\icon64.ico, , [5409c2a7533760d6a57e0a9f7192e818],
PUP.Optional.7Go.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\icon64.png, , [5409c2a7533760d6a57e0a9f7192e818],
PUP.Optional.7Go.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\jquery-1.9.1.min.js, , [5409c2a7533760d6a57e0a9f7192e818],
PUP.Optional.7Go.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\options.xul, , [5409c2a7533760d6a57e0a9f7192e818],
PUP.Optional.7Go.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\settings.json, , [5409c2a7533760d6a57e0a9f7192e818],
PUP.Optional.7Go.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\mz\background.js, , [5409c2a7533760d6a57e0a9f7192e818],
PUP.Optional.7Go.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\mz\content.js, , [5409c2a7533760d6a57e0a9f7192e818],
PUP.Optional.7Go.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\skin\framework.css, , [5409c2a7533760d6a57e0a9f7192e818],
PUP.Optional.SpeedAnalysis.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome.manifest, , [9cc10168e5a568ce036700af4bb8a060],
PUP.Optional.SpeedAnalysis.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\icon.png, , [9cc10168e5a568ce036700af4bb8a060],
PUP.Optional.SpeedAnalysis.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\install.rdf, , [9cc10168e5a568ce036700af4bb8a060],
PUP.Optional.SpeedAnalysis.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\background.html, , [9cc10168e5a568ce036700af4bb8a060],
PUP.Optional.SpeedAnalysis.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\bg.js, , [9cc10168e5a568ce036700af4bb8a060],
PUP.Optional.SpeedAnalysis.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\button.xml, , [9cc10168e5a568ce036700af4bb8a060],
PUP.Optional.SpeedAnalysis.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\config.js, , [9cc10168e5a568ce036700af4bb8a060],
PUP.Optional.SpeedAnalysis.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\content.js, , [9cc10168e5a568ce036700af4bb8a060],
PUP.Optional.SpeedAnalysis.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\framework.js, , [9cc10168e5a568ce036700af4bb8a060],
PUP.Optional.SpeedAnalysis.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\framework.png, , [9cc10168e5a568ce036700af4bb8a060],
PUP.Optional.SpeedAnalysis.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\framework.xul, , [9cc10168e5a568ce036700af4bb8a060],
PUP.Optional.SpeedAnalysis.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\icon128.ico, , [9cc10168e5a568ce036700af4bb8a060],
PUP.Optional.SpeedAnalysis.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\icon128.png, , [9cc10168e5a568ce036700af4bb8a060],
PUP.Optional.SpeedAnalysis.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\icon16.ico, , [9cc10168e5a568ce036700af4bb8a060],
PUP.Optional.SpeedAnalysis.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\icon16.png, , [9cc10168e5a568ce036700af4bb8a060],
PUP.Optional.SpeedAnalysis.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\icon18.ico, , [9cc10168e5a568ce036700af4bb8a060],
PUP.Optional.SpeedAnalysis.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\icon18.png, , [9cc10168e5a568ce036700af4bb8a060],
PUP.Optional.SpeedAnalysis.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\icon24.ico, , [9cc10168e5a568ce036700af4bb8a060],
PUP.Optional.SpeedAnalysis.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\icon24.png, , [9cc10168e5a568ce036700af4bb8a060],
PUP.Optional.SpeedAnalysis.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\icon32.ico, , [9cc10168e5a568ce036700af4bb8a060],
PUP.Optional.SpeedAnalysis.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\icon32.png, , [9cc10168e5a568ce036700af4bb8a060],
PUP.Optional.SpeedAnalysis.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\icon48.ico, , [9cc10168e5a568ce036700af4bb8a060],
PUP.Optional.SpeedAnalysis.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\icon48.png, , [9cc10168e5a568ce036700af4bb8a060],
PUP.Optional.SpeedAnalysis.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\icon64.ico, , [9cc10168e5a568ce036700af4bb8a060],
PUP.Optional.SpeedAnalysis.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\icon64.png, , [9cc10168e5a568ce036700af4bb8a060],
PUP.Optional.SpeedAnalysis.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\jquery-1.9.1.min.js, , [9cc10168e5a568ce036700af4bb8a060],
PUP.Optional.SpeedAnalysis.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\options.xul, , [9cc10168e5a568ce036700af4bb8a060],
PUP.Optional.SpeedAnalysis.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\settings.json, , [9cc10168e5a568ce036700af4bb8a060],
PUP.Optional.SpeedAnalysis.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\mz\background.js, , [9cc10168e5a568ce036700af4bb8a060],
PUP.Optional.SpeedAnalysis.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\mz\content.js, , [9cc10168e5a568ce036700af4bb8a060],
PUP.Optional.SpeedAnalysis.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\skin\framework.css, , [9cc10168e5a568ce036700af4bb8a060],
PUP.Optional.CoolSearches.C, C:\Users\tc\AppData\Roaming\Mozilla\Firefox\Profiles\85p4kzce.default\prefs.js, Bon: (), Mauvais: (user_pref("browser.search.defaulturl", "http://websearch.coolsearches.info/?pid ... =85&l=1&q=");), ,[114c2049c0ca171f93fcb3805ea8ba46]
PUP.Optional.CoolSearches.A, C:\Users\tc\AppData\Roaming\Mozilla\Firefox\Profiles\85p4kzce.default\prefs.js, Bon: (), Mauvais: (user_pref("keyword.URL", "http://websearch.coolsearches.info/?pid ... =85&l=1&q=");), ,[29346cfd4a4096a00b9b6cc7798d45bb]
PUP.Optional.CoolSearches.A, C:\Users\tc\AppData\Roaming\Mozilla\Firefox\Profiles\85p4kzce.default\search.json, Bon: (), Mauvais: (coolsearches.info), ,[f5682148236785b1710500332bdb19e7]

Secteurs physiques: 0
(Aucun élément malicieux détecté)


(end)
Avatar du membre
par g3n-h@ckm@n
#161467
re
note : le rapport sera sur le bureau au nom de QuickDiag_date_heure.txt, et une copie du même nom sera disponible dans ton disque système ( logiquement C: )
Avatar du membre
par g3n-h@ckm@n
#161567
hello

rends-toi sur https://www.virustotal.com puis fais analyser ce fichier :

C:\Windows\system32\drivers\rlgdsxzo.sys

une fois l'analyse des antivirus terminée , récupère le lien de la page en haut puis colle-le ici que je puisse m'y rendre pour consulter
Avatar du membre
par Mouche66
#161606
Bonjour,

le fichier rlgdsxzo.sys n'apparait pas dans ce répertoire. J'ai fait une recherche, il ne semble pas être sur le DD. Je ne l'ai trouvé que dans le rapport QuickDiag.

A+
Avatar du membre
par g3n-h@ckm@n
#161791
hello reinitialise firefox, et désinstalle tout ce qui est google toolbar et compagnie

==

suite à cela , :

Désactive ton antivirus le temps de la manipulation car OTM est détecté comme une infection à tort.
Télécharge http://www.telecharger.sosvirus.net/download/otm/ OTM (OldTimer) sur ton Bureau :
Double-clique sur OTM.exe afin de le lancer. (clic droit "executer en tant qu'administrateur" pour Vista/7/8 )

Copie (Ctrl+C) le texte suivant ci-dessous :
Code : Tout sélectionner
:reg
[-HKU\S-1-5-21-3066945588-124460456-176938884-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] 
[-HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{054aae20-4bea-4347-8a35-64a533254a9d}]
[-HKU\S-1-5-21-3066945588-124460456-176938884-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{534E45C2-042B-40AE-B93B-5FD12F439A09}]
[-HKU\S-1-5-21-3066945588-124460456-176938884-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{9CF93325-6905-473E-9278-CBD9EF40F688}]
[-HKU\S-1-5-21-3066945588-124460456-176938884-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{A2D1D748-6ADA-4EF5-B104-DD4363D48919}]
[-HKU\S-1-5-21-3066945588-124460456-176938884-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{A8B2075A-116B-4E32-B955-B512207F77F0}] 
[-HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22d2aaa1-9e47-4683-b178-b872d181c4b1}] 
[-HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{534e45c2-042b-40ae-b93b-5fd12f439a09}] 
[-HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9cf93325-6905-473e-9278-cbd9ef40f688}]
[-HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a2d1d748-6ada-4ef5-b104-dd4363d48919}]
[-HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a8b2075a-116b-4e32-b955-b512207f77f0}] 
[-HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d624f149-7631-4244-b007-048baf5c50e6}] 
[-HKLM\Software\BrowserChoice]     
[-HKLM\Software\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}]     
[-HKLM\Software\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}]     
[-HKCR\CLSID\{534e45c2-042b-40ae-b93b-5fd12f439a09}] 
[-HKCR\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}] 
[-HKCR\CLSID\{9cf93325-6905-473e-9278-cbd9ef40f688}]
[-HKCR\CLSID\{a2d1d748-6ada-4ef5-b104-dd4363d48919}] 
[-HKCR\CLSID\{a8b2075a-116b-4e32-b955-b512207f77f0}]
[-HKCR\CLSID\{d624f149-7631-4244-b007-048baf5c50e6}] 

:files
C:\Users\Invité\AppData\Local\Google\Chrome\User Data\Default\extensions\igiahejkpbnbnekdaefddmdceocmjpll 
C:\Users\tc\AppData\Local\Google\Chrome\User Data\Default\extensions\igiahejkpbnbnekdaefddmdceocmjpll
C:\Program Files\FiinidBestDeial 
C:\Program Files\FunnDDeals 
C:\Program Files\W3Schools Hider 
C:\6f58a001324d9472971b62ae031e7db4 
C:\Users\All Users\e25f457c-9287-4f2d-b5a8-8cd714c55009 
C:\Users\All Users\{c4f33ab6-6026-c9c0-c4f3-33ab6602ead9} 
C:\Windows\System32\Tasks\CreateChoiceProcessTask

:commands
[emptytemp]
Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
Clique maintenant sur le bouton MoveIt!
Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.

Poste le rapport situé dans ce dossier : C:\_OTM\MovedFiles\

*Le nom du rapport correspond au moment de sa création : date_heure.log
Avatar du membre
par Mouche66
#161824
Bonjour,

voici le rapport OTM :

All processes killed
========== REGISTRY ==========
Registry key HKEY_USERS\S-1-5-21-3066945588-124460456-176938884-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{054aae20-4bea-4347-8a35-64a533254a9d}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{054aae20-4bea-4347-8a35-64a533254a9d}\ not found.
Registry key HKEY_USERS\S-1-5-21-3066945588-124460456-176938884-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{534E45C2-042B-40AE-B93B-5FD12F439A09}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{534E45C2-042B-40AE-B93B-5FD12F439A09}\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-3066945588-124460456-176938884-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{9CF93325-6905-473E-9278-CBD9EF40F688}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9CF93325-6905-473E-9278-CBD9EF40F688}\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-3066945588-124460456-176938884-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{A2D1D748-6ADA-4EF5-B104-DD4363D48919}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A2D1D748-6ADA-4EF5-B104-DD4363D48919}\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-3066945588-124460456-176938884-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{A8B2075A-116B-4E32-B955-B512207F77F0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A8B2075A-116B-4E32-B955-B512207F77F0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22d2aaa1-9e47-4683-b178-b872d181c4b1}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{22d2aaa1-9e47-4683-b178-b872d181c4b1}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{534e45c2-042b-40ae-b93b-5fd12f439a09}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{534e45c2-042b-40ae-b93b-5fd12f439a09}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9cf93325-6905-473e-9278-cbd9ef40f688}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9cf93325-6905-473e-9278-cbd9ef40f688}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a2d1d748-6ada-4ef5-b104-dd4363d48919}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a2d1d748-6ada-4ef5-b104-dd4363d48919}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a8b2075a-116b-4e32-b955-b512207f77f0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a8b2075a-116b-4e32-b955-b512207f77f0}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d624f149-7631-4244-b007-048baf5c50e6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d624f149-7631-4244-b007-048baf5c50e6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\BrowserChoice\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}\ not found.
Registry key HKEY_CLASSES_ROOT\CLSID\{534e45c2-042b-40ae-b93b-5fd12f439a09}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{534e45c2-042b-40ae-b93b-5fd12f439a09}\ not found.
Registry key HKEY_CLASSES_ROOT\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}\ not found.
Registry key HKEY_CLASSES_ROOT\CLSID\{9cf93325-6905-473e-9278-cbd9ef40f688}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9cf93325-6905-473e-9278-cbd9ef40f688}\ not found.
Registry key HKEY_CLASSES_ROOT\CLSID\{a2d1d748-6ada-4ef5-b104-dd4363d48919}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a2d1d748-6ada-4ef5-b104-dd4363d48919}\ not found.
Registry key HKEY_CLASSES_ROOT\CLSID\{a8b2075a-116b-4e32-b955-b512207f77f0}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a8b2075a-116b-4e32-b955-b512207f77f0}\ not found.
Registry key HKEY_CLASSES_ROOT\CLSID\{d624f149-7631-4244-b007-048baf5c50e6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d624f149-7631-4244-b007-048baf5c50e6}\ not found.
========== FILES ==========
C:\Users\Invité\AppData\Local\Google\Chrome\User Data\Default\extensions\igiahejkpbnbnekdaefddmdceocmjpll\223 folder moved successfully.
C:\Users\Invité\AppData\Local\Google\Chrome\User Data\Default\extensions\igiahejkpbnbnekdaefddmdceocmjpll folder moved successfully.
C:\Users\tc\AppData\Local\Google\Chrome\User Data\Default\extensions\igiahejkpbnbnekdaefddmdceocmjpll\223 folder moved successfully.
C:\Users\tc\AppData\Local\Google\Chrome\User Data\Default\extensions\igiahejkpbnbnekdaefddmdceocmjpll folder moved successfully.
C:\Program Files\FiinidBestDeial folder moved successfully.
C:\Program Files\FunnDDeals folder moved successfully.
C:\Program Files\W3Schools Hider folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\ZH-TW folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\ZH-CN folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\x86 folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\VI-VN folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\UK-UA folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\TR-TR folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\TH-TH folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\SV-SE folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\sr-Latn-CS folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\SK-SK folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\SCEP folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\RU-RU folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\RO-RO folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\qps-plocm folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\qps-ploc folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\PT-PT folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\PT-BR folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\PL-PL folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\NL-NL folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\NB-NO folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\MSEPrerelease folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\MSE folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\LV-LV folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\LT-LT folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\KO-KR folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\JA-JP folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\IT-IT folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\INTUNE folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\HU-HU folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\HR-HR folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\FR-FR folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\FI-FI folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\FEP folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\ET-EE folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\ES-ES folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\EPP folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\EN-US folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\EL-GR folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\DE-DE folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\DA-DK folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\CS-CZ folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\BG-BG folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4 folder moved successfully.
C:\Users\All Users\e25f457c-9287-4f2d-b5a8-8cd714c55009 folder moved successfully.
C:\Users\All Users\{c4f33ab6-6026-c9c0-c4f3-33ab6602ead9} folder moved successfully.
C:\Windows\System32\Tasks\CreateChoiceProcessTask moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Invité
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 544421 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 342518567 bytes
->Flash cache emptied: 4537 bytes

User: Public

User: tc
->Temp folder emptied: 14752032 bytes
->Temporary Internet Files folder emptied: 85505621 bytes
->Java cache emptied: 196503 bytes
->FireFox cache emptied: 13317423 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 8545 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 71958 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 21078865 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 743 bytes
RecycleBin emptied: 1303825 bytes

Total Files Cleaned = 457,00 mb


OTM by OldTimer - Version 3.1.21.0 log created on 04152015_114753
Avatar du membre
par Mouche66
#161908
Bonjour,

comme spécifié dans la procédure de désinfection, voici le rapport Delfix :

# DelFix v10.9 - Rapport créé le 17/04/2015 à 11:56:57
# Mis à jour le 27/02/2015 par Xplode
# Nom d'utilisateur : tc - TCPB2012
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (32 bits)

~ Activation de l'UAC ... OK

~ Suppression des outils de désinfection ...

Supprimé : C:\_OTM
Supprimé : C:\AdwCleaner
Supprimé : C:\AdsFix
Supprimé : C:\QuickDiag
Supprimé : C:\AdsFix_06_04_2015_13_18_57.txt
Supprimé : C:\JavaRa.log
Supprimé : C:\QuickDiag_08_04_2015_11_38_23.txt
Supprimé : C:\QuickDiag_13_04_2015_11_46_34.txt
Supprimé : C:\Users\tc\Desktop\AdsFix.exe
Supprimé : C:\Users\tc\Desktop\AdsFix_06_04_2015_13_18_57.txt
Supprimé : C:\Users\tc\Desktop\AdsFix_Donate.lnk
Supprimé : C:\Users\tc\Desktop\OTM.exe
Supprimé : C:\Users\tc\Desktop\QuickDiag_08_04_2015_11_38_23.txt
Supprimé : C:\Users\tc\Desktop\QuickDiag_13_04_2015_11_46_34.txt
Supprimé : C:\Users\tc\Downloads\QuickDiag.exe
Supprimée : HKCU\Software\g3n-h@ckm@n
Supprimée : HKCU\Software\AdsFix
Supprimée : HKLM\SOFTWARE\OldTimer Tools
Supprimée : HKLM\SOFTWARE\AdsFix
Supprimée : HKLM\SOFTWARE\AdwCleaner
Supprimée : HKLM\SOFTWARE\g3n-h@ckm@n

~ Sauvegarde de la base de registre ... OK

~ Purge de la restauration système ...

Supprimé : RP #298 [Windows Update | 03/24/2015 08:53:03]
Supprimé : RP #299 [Windows Update | 03/25/2015 20:31:19]
Supprimé : RP #300 [Windows Update | 03/30/2015 08:18:37]
Supprimé : RP #301 [Windows Update | 04/02/2015 14:32:50]
Supprimé : RP #302 [Windows Update | 04/04/2015 16:38:01]
Supprimé : RP #303 [Windows Update | 04/08/2015 08:17:52]
Supprimé : RP #304 [Windows Update | 04/13/2015 08:02:02]
Supprimé : RP #305 [Windows Update | 04/15/2015 16:53:25]
Supprimé : RP #306 [Removed Adobe Reader XI (11.0.10) - Français. | 04/17/2015 09:24:20]
Supprimé : RP #307 [Removed Java 8 Update 45 | 04/17/2015 09:39:56]

Nouveau point de restauration créé !

~ Réinitialisation des paramètres système ... OK

########## - EOF - ##########

Le site a un historique ou c'est un NDD neuf ?

Re Merci du retour, mais pourquoi ne pas avoir ac[…]

Hi everyone

Baseball, often referred to as America's pastime, […]