Page 1 sur 1

Pub intempestive : Gsave

Posté : mer. 1 avr. 2015 17:44
par Mouche66
Bonjour,
lorsque j'ouvre des pages sous firefox, j'ai des pub qui s'affichent dans des fenêtres et il est noté Ads Gsave.

Comment puis-je éliminer ce problème, Merci.

Re: Pub intempestive : Gsave

Posté : jeu. 2 avr. 2015 02:22
par g3n-h@ckm@n
salut
  • Désactive ton antivirus le temps du téléchargement et de l'utilisation, le mieux étant jusqu'au prochain redémarrage.
  • Télécharge AdsFix sur ton bureau.
    Note : Enregistrer votre travail avant de continuer !
  • Lance AdsFix ( clic droit "executer en tant qu'administrateur" pour Vista/7/8/8.1 )
  • Pour un pc assez infecté , il peut mettre plusieurs secondes à se charger
  • Inscrit ton pays
  • Clique sur Nettoyer , après l'avoir débloqué dans les options
    Image
    Note : Patiente le temps du scan
  • Laisse travailler l'outil même s'il te parait bloqué
  • Si l'outil détecte un proxy que tu ne connais pas clic sur : "Supprimer le proxy"
  • Héberge le rapport C:\AdsFix_date_heure.txt sur SOSUpload puis donne le lien obtenu.
Aide:

Re: Pub intempestive : Gsave

Posté : lun. 6 avr. 2015 15:59
par Mouche66
Bonjour et merci de t'occuper de mon problème.

Voici le lien :

http://upload.sosvirus.net/download/lfr ... cy38rnwt4u

A plus tard.

Re: Pub intempestive : Gsave

Posté : lun. 6 avr. 2015 16:29
par g3n-h@ckm@n
  • Télécharge MalwareBytes
  • Procède à l'installation de celui çi Décocher "Activer l'essai gratuit de Malwarebytes Anti-Malware Premium"
  • Clic sur Mettre à jour (à droite, au centre)
  • Clic sur Examen (en haut)
  • Sélectionne Examen "Menaces"
  • Clic sur Examiner maintenant

    Image
  • A la fin du scan clic sur Tout mettre en quarantaine !
  • Clic sur Copier dans le Presse-papiers
  • Un rapport va s'ouvrir. Copie/Colle son contenue dans ta prochaine réponse.

Re: Pub intempestive : Gsave

Posté : lun. 6 avr. 2015 17:12
par Mouche66
Malwarebytes Anti-Malware
http://www.malwarebytes.org

Date de l'examen: 06/04/2015
Heure de l'examen: 16:44:30
Fichier journal:
Administrateur: Oui

Version: 2.01.4.1018
Base de données Malveillants: v2015.04.06.05
Base de données Rootkits: v2015.03.31.01
Licence: Gratuit
Protection contre les malveillants: Désactivé(e)
Protection contre les sites Web malveillants: Désactivé(e)
Auto-protection: Désactivé(e)

Système d'exploitation: Windows 7 Service Pack 1
Processeur: x86
Système de fichiers: NTFS
Utilisateur: tc

Type d'examen: Examen "Menaces"
Résultat: Terminé
Objets analysés: 344643
Temps écoulé: 5 min, 58 sec

Mémoire: Activé(e)
Démarrage: Activé(e)
Système de fichiers: Activé(e)
Archives: Activé(e)
Rootkits: Désactivé(e)
Heuristique: Activé(e)
PUP: Activé(e)
PUM: Activé(e)

Processus: 0
(Aucun élément malicieux détecté)

Modules: 1
PUP.Optional.Multiplug, C:\Program Files\compfix\compfix.dll, , [3627c6a397f363d36bea73be4ab87987],

Clés du Registre: 7
PUP.Optional.Multiplug, HKU\S-1-5-21-3066945588-124460456-176938884-1000_Classes\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040}, , [4e0f9bce890177bf5ce0ef4403008977],
PUP.Optional.Multiplug, HKU\S-1-5-21-3066945588-124460456-176938884-1000_Classes\INTERFACE\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}, , [4e0f9bce890177bf5ce0ef4403008977],
PUP.Optional.Multiplug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}, , [fd60c8a1484259dd2bd66ac8ad55e51b],
PUP.Optional.Multiplug, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{B5DB572D-EA87-D3B0-08F6-4D153EA6A783}, , [78e51257f9917bbb7de9938ee81bc63a],
PUP.Optional.Multiplug, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{478472F9-9E09-492A-BDAB-42EE595EF1AD}, , [d68778f1e5a5280e76f0cf52da2934cc],
PUP.Optional.Multiplug, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{35E13884-BAC3-5F4A-799B-05F882E0BD9F}, , [332a3b2e0b7fa0963d29081937cca060],
PUP.Optional.MultiPlug, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{4820778D-AB0D-6D18-C316-52A6A0E1D507}, , [3e1fc9a0fd8dd0660432706a0ff457a9],

Valeurs du Registre: 11
PUP.Optional.CoolSearches.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{BB82DE59-BC4C-4172-9AC4-73315F71CFFE}|FaviconURL, http://websearch.coolsearches.info/favicon.ico, , [0954c0a90f7b2016fe05d874709531cf]
PUP.Optional.CoolSearches.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{BB82DE59-BC4C-4172-9AC4-73315F71CFFE}|FaviconURLFallback, http://websearch.coolsearches.info/favicon.ico, , [322bd8910a808caac73c71dbd5305aa6]
PUP.Optional.CoolSearches.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{BB82DE59-BC4C-4172-9AC4-73315F71CFFE}|URL, http://websearch.coolsearches.info/?l=1 ... R&unqvl=85, , [6bf255148109082e778c51fbd035b749]
PUP.Optional.Lasaoren.A, HKU\S-1-5-21-3066945588-124460456-176938884-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, http://Lasaoren.com/results.php?f=4&q={ ... 912601&ir=, , [bca1d99099f1cc6a739fa1abae5725db]
PUP.Optional.Lasaoren.A, HKU\S-1-5-21-3066945588-124460456-176938884-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|TopResultURLFallback, http://Lasaoren.com/results.php?f=4&q={ ... 912601&ir=, , [09541e4b08822e08b959ce7ecc39758b]
PUP.Optional.Lasaoren.A, HKU\S-1-5-21-3066945588-124460456-176938884-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|FaviconPath, C:\Users\tc\AppData\Local\WSE_Lasaoren\\FavIcon.ico, , [bf9e1059abdf979f2de5d676e91c02fe]
PUP.Optional.Lasaoren.A, HKU\S-1-5-21-3066945588-124460456-176938884-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}, Lasaoren, , [99c458111a7067cf7e94c38944c12fd1]
PUP.Optional.Lasaoren.A, HKU\S-1-5-21-3066945588-124460456-176938884-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|DisplayName, Lasaoren, , [afae5613fe8c280e5bb7c488e32245bb]
PUP.Optional.CoolSearches.A, HKU\S-1-5-21-3066945588-124460456-176938884-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{BB82DE59-BC4C-4172-9AC4-73315F71CFFE}|FaviconURL, http://websearch.coolsearches.info/favicon.ico, , [e37a2f3a9feb1125d42e391349bc57a9]
PUP.Optional.CoolSearches.A, HKU\S-1-5-21-3066945588-124460456-176938884-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{BB82DE59-BC4C-4172-9AC4-73315F71CFFE}|FaviconURLFallback, http://websearch.coolsearches.info/favicon.ico, , [302dcc9d197149ed7290391340c5b44c]
PUP.Optional.CoolSearches.A, HKU\S-1-5-21-3066945588-124460456-176938884-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{BB82DE59-BC4C-4172-9AC4-73315F71CFFE}|URL, http://websearch.coolsearches.info/?l=1 ... R&unqvl=85, , [421b7beed9b1c67056ac8ac257ae14ec]

Données du Registre: 0
(Aucun élément malicieux détecté)

Dossiers: 17
PUP.Optional.MultiPlug.A, C:\Users\Invité\AppData\Local\Google\Chrome\User Data\Default\Extensions\igiahejkpbnbnekdaefddmdceocmjpll\223, , [92cb30398901aa8ca625565f0cf735cb],
PUP.Optional.MultiPlug.A, C:\Users\Invité\AppData\Local\Google\Chrome\User Data\Default\Extensions\igiahejkpbnbnekdaefddmdceocmjpll, , [92cb30398901aa8ca625565f0cf735cb],
PUP.Optional.MultiPlug.A, C:\Users\tc\AppData\Local\Google\Chrome\User Data\Default\Extensions\igiahejkpbnbnekdaefddmdceocmjpll\223, , [04597fea4a40171fc704bdf82fd4eb15],
PUP.Optional.MultiPlug.A, C:\Users\tc\AppData\Local\Google\Chrome\User Data\Default\Extensions\igiahejkpbnbnekdaefddmdceocmjpll, , [04597fea4a40171fc704bdf82fd4eb15],
PUP.Optional.MultiPlug.A, C:\Users\tc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijaabbaphikljkkcbgpbaljfjpflpeoo\131, , [92cbcb9ecac0ae886b608233ad56fd03],
PUP.Optional.MultiPlug.A, C:\Users\tc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijaabbaphikljkkcbgpbaljfjpflpeoo, , [92cbcb9ecac0ae886b608233ad56fd03],
PUP.Optional.MaintainerSvc.A, C:\ProgramData\e25f457c-9287-4f2d-b5a8-8cd714c55009, , [29341f4a0f7b48eeb7e94065729130d0],
PUP.Optional.7Go.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\7go@7go.com, , [5409c2a7533760d6a57e0a9f7192e818],
PUP.Optional.7Go.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome, , [5409c2a7533760d6a57e0a9f7192e818],
PUP.Optional.7Go.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content, , [5409c2a7533760d6a57e0a9f7192e818],
PUP.Optional.7Go.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\mz, , [5409c2a7533760d6a57e0a9f7192e818],
PUP.Optional.7Go.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\skin, , [5409c2a7533760d6a57e0a9f7192e818],
PUP.Optional.SpeedAnalysis.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com, , [9cc10168e5a568ce036700af4bb8a060],
PUP.Optional.SpeedAnalysis.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome, , [9cc10168e5a568ce036700af4bb8a060],
PUP.Optional.SpeedAnalysis.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content, , [9cc10168e5a568ce036700af4bb8a060],
PUP.Optional.SpeedAnalysis.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\mz, , [9cc10168e5a568ce036700af4bb8a060],
PUP.Optional.SpeedAnalysis.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\skin, , [9cc10168e5a568ce036700af4bb8a060],

Fichiers: 90
PUP.Optional.Multiplug, C:\Program Files\compfix\compfix.dll, , [3627c6a397f363d36bea73be4ab87987],
PUP.Optional.MultiPlug, C:\ProgramData\{c4f33ab6-6026-c9c0-c4f3-33ab6602ead9}\Stevie Wonder - Happy Birthday.exe, , [4c112148afdb57dff5b7a59b956d4ab6],
PUP.Optional.MultiPlug, C:\Users\tc\Desktop\Stevie Wonder - Happy Birthday.exe, , [f8655712c0ca51e5f1bbfb4531d141bf],
PUP.Optional.Multiplug.A, C:\Program Files\Favicon Changer\Favicon Changer.exe, , [fd60c8a1484259dd2bd66ac8ad55e51b],
PUP.Optional.Multiplug, C:\Program Files\FiinidBestDeial\jBNvjzARzGJalB.exe, , [78e51257f9917bbb7de9938ee81bc63a],
PUP.Optional.Multiplug, C:\Program Files\FunnDDeals\EsvhEeBcsB5sH5.exe, , [d68778f1e5a5280e76f0cf52da2934cc],
PUP.Optional.Multiplug, C:\Program Files\W3Schools Hider\W3Schools Hider.exe, , [332a3b2e0b7fa0963d29081937cca060],
PUP.Optional.InstallCore, C:\Users\tc\Downloads\PdfCreatorSetup.exe, , [461741287515be78de095883b1546d93],
PUP.Optional.MultiPlug.A, C:\Users\Invité\AppData\Local\Google\Chrome\User Data\Default\Extensions\igiahejkpbnbnekdaefddmdceocmjpll\223\lsdb.js, , [92cb30398901aa8ca625565f0cf735cb],
PUP.Optional.MultiPlug.A, C:\Users\Invité\AppData\Local\Google\Chrome\User Data\Default\Extensions\igiahejkpbnbnekdaefddmdceocmjpll\223\background.html, , [92cb30398901aa8ca625565f0cf735cb],
PUP.Optional.MultiPlug.A, C:\Users\Invité\AppData\Local\Google\Chrome\User Data\Default\Extensions\igiahejkpbnbnekdaefddmdceocmjpll\223\content.js, , [92cb30398901aa8ca625565f0cf735cb],
PUP.Optional.MultiPlug.A, C:\Users\Invité\AppData\Local\Google\Chrome\User Data\Default\Extensions\igiahejkpbnbnekdaefddmdceocmjpll\223\manifest.json, , [92cb30398901aa8ca625565f0cf735cb],
PUP.Optional.MultiPlug.A, C:\Users\Invité\AppData\Local\Google\Chrome\User Data\Default\Extensions\igiahejkpbnbnekdaefddmdceocmjpll\223\zB0qw8Ofs.js, , [92cb30398901aa8ca625565f0cf735cb],
PUP.Optional.MultiPlug.A, C:\Users\tc\AppData\Local\Google\Chrome\User Data\Default\Extensions\igiahejkpbnbnekdaefddmdceocmjpll\223\lsdb.js, , [04597fea4a40171fc704bdf82fd4eb15],
PUP.Optional.MultiPlug.A, C:\Users\tc\AppData\Local\Google\Chrome\User Data\Default\Extensions\igiahejkpbnbnekdaefddmdceocmjpll\223\background.html, , [04597fea4a40171fc704bdf82fd4eb15],
PUP.Optional.MultiPlug.A, C:\Users\tc\AppData\Local\Google\Chrome\User Data\Default\Extensions\igiahejkpbnbnekdaefddmdceocmjpll\223\content.js, , [04597fea4a40171fc704bdf82fd4eb15],
PUP.Optional.MultiPlug.A, C:\Users\tc\AppData\Local\Google\Chrome\User Data\Default\Extensions\igiahejkpbnbnekdaefddmdceocmjpll\223\manifest.json, , [04597fea4a40171fc704bdf82fd4eb15],
PUP.Optional.MultiPlug.A, C:\Users\tc\AppData\Local\Google\Chrome\User Data\Default\Extensions\igiahejkpbnbnekdaefddmdceocmjpll\223\zB0qw8Ofs.js, , [04597fea4a40171fc704bdf82fd4eb15],
PUP.Optional.MultiPlug.A, C:\Users\tc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijaabbaphikljkkcbgpbaljfjpflpeoo\131\lsdb.js, , [92cbcb9ecac0ae886b608233ad56fd03],
PUP.Optional.MultiPlug.A, C:\Users\tc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijaabbaphikljkkcbgpbaljfjpflpeoo\131\background.html, , [92cbcb9ecac0ae886b608233ad56fd03],
PUP.Optional.MultiPlug.A, C:\Users\tc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijaabbaphikljkkcbgpbaljfjpflpeoo\131\content.js, , [92cbcb9ecac0ae886b608233ad56fd03],
PUP.Optional.MultiPlug.A, C:\Users\tc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijaabbaphikljkkcbgpbaljfjpflpeoo\131\manifest.json, , [92cbcb9ecac0ae886b608233ad56fd03],
PUP.Optional.MultiPlug.A, C:\Users\tc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijaabbaphikljkkcbgpbaljfjpflpeoo\131\SI4N9V07.js, , [92cbcb9ecac0ae886b608233ad56fd03],
PUP.Optional.Lasaoren.A, C:\Users\tc\AppData\Roaming\Mozilla\Firefox\Profiles\85p4kzce.default\searchplugins\Lasaoren.xml, , [9fbe2c3d8802b4826539f3e316ed6898],
PUP.Optional.WebSearch.A, C:\Users\tc\AppData\Roaming\Mozilla\Firefox\Profiles\85p4kzce.default\searchplugins\WebSearch.xml, , [233a8edb8604ae88a4fc5ea010f32ed2],
PUP.Optional.MaintainerSvc.A, C:\ProgramData\e25f457c-9287-4f2d-b5a8-8cd714c55009\maintainer.bak, , [29341f4a0f7b48eeb7e94065729130d0],
PUP.Optional.7Go.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome.manifest, , [5409c2a7533760d6a57e0a9f7192e818],
PUP.Optional.7Go.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\7go@7go.com\install.rdf, , [5409c2a7533760d6a57e0a9f7192e818],
PUP.Optional.7Go.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\background.html, , [5409c2a7533760d6a57e0a9f7192e818],
PUP.Optional.7Go.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\bg.js, , [5409c2a7533760d6a57e0a9f7192e818],
PUP.Optional.7Go.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\button.xml, , [5409c2a7533760d6a57e0a9f7192e818],
PUP.Optional.7Go.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\config.js, , [5409c2a7533760d6a57e0a9f7192e818],
PUP.Optional.7Go.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\content.js, , [5409c2a7533760d6a57e0a9f7192e818],
PUP.Optional.7Go.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\framework.js, , [5409c2a7533760d6a57e0a9f7192e818],
PUP.Optional.7Go.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\framework.png, , [5409c2a7533760d6a57e0a9f7192e818],
PUP.Optional.7Go.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\framework.xul, , [5409c2a7533760d6a57e0a9f7192e818],
PUP.Optional.7Go.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\icon128.ico, , [5409c2a7533760d6a57e0a9f7192e818],
PUP.Optional.7Go.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\icon128.png, , [5409c2a7533760d6a57e0a9f7192e818],
PUP.Optional.7Go.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\icon16.ico, , [5409c2a7533760d6a57e0a9f7192e818],
PUP.Optional.7Go.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\icon16.png, , [5409c2a7533760d6a57e0a9f7192e818],
PUP.Optional.7Go.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\icon18.ico, , [5409c2a7533760d6a57e0a9f7192e818],
PUP.Optional.7Go.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\icon18.png, , [5409c2a7533760d6a57e0a9f7192e818],
PUP.Optional.7Go.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\icon24.ico, , [5409c2a7533760d6a57e0a9f7192e818],
PUP.Optional.7Go.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\icon24.png, , [5409c2a7533760d6a57e0a9f7192e818],
PUP.Optional.7Go.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\icon32.ico, , [5409c2a7533760d6a57e0a9f7192e818],
PUP.Optional.7Go.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\icon32.png, , [5409c2a7533760d6a57e0a9f7192e818],
PUP.Optional.7Go.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\icon48.ico, , [5409c2a7533760d6a57e0a9f7192e818],
PUP.Optional.7Go.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\icon48.png, , [5409c2a7533760d6a57e0a9f7192e818],
PUP.Optional.7Go.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\icon64.ico, , [5409c2a7533760d6a57e0a9f7192e818],
PUP.Optional.7Go.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\icon64.png, , [5409c2a7533760d6a57e0a9f7192e818],
PUP.Optional.7Go.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\jquery-1.9.1.min.js, , [5409c2a7533760d6a57e0a9f7192e818],
PUP.Optional.7Go.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\options.xul, , [5409c2a7533760d6a57e0a9f7192e818],
PUP.Optional.7Go.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\settings.json, , [5409c2a7533760d6a57e0a9f7192e818],
PUP.Optional.7Go.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\mz\background.js, , [5409c2a7533760d6a57e0a9f7192e818],
PUP.Optional.7Go.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\mz\content.js, , [5409c2a7533760d6a57e0a9f7192e818],
PUP.Optional.7Go.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\skin\framework.css, , [5409c2a7533760d6a57e0a9f7192e818],
PUP.Optional.SpeedAnalysis.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome.manifest, , [9cc10168e5a568ce036700af4bb8a060],
PUP.Optional.SpeedAnalysis.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\icon.png, , [9cc10168e5a568ce036700af4bb8a060],
PUP.Optional.SpeedAnalysis.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\install.rdf, , [9cc10168e5a568ce036700af4bb8a060],
PUP.Optional.SpeedAnalysis.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\background.html, , [9cc10168e5a568ce036700af4bb8a060],
PUP.Optional.SpeedAnalysis.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\bg.js, , [9cc10168e5a568ce036700af4bb8a060],
PUP.Optional.SpeedAnalysis.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\button.xml, , [9cc10168e5a568ce036700af4bb8a060],
PUP.Optional.SpeedAnalysis.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\config.js, , [9cc10168e5a568ce036700af4bb8a060],
PUP.Optional.SpeedAnalysis.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\content.js, , [9cc10168e5a568ce036700af4bb8a060],
PUP.Optional.SpeedAnalysis.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\framework.js, , [9cc10168e5a568ce036700af4bb8a060],
PUP.Optional.SpeedAnalysis.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\framework.png, , [9cc10168e5a568ce036700af4bb8a060],
PUP.Optional.SpeedAnalysis.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\framework.xul, , [9cc10168e5a568ce036700af4bb8a060],
PUP.Optional.SpeedAnalysis.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\icon128.ico, , [9cc10168e5a568ce036700af4bb8a060],
PUP.Optional.SpeedAnalysis.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\icon128.png, , [9cc10168e5a568ce036700af4bb8a060],
PUP.Optional.SpeedAnalysis.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\icon16.ico, , [9cc10168e5a568ce036700af4bb8a060],
PUP.Optional.SpeedAnalysis.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\icon16.png, , [9cc10168e5a568ce036700af4bb8a060],
PUP.Optional.SpeedAnalysis.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\icon18.ico, , [9cc10168e5a568ce036700af4bb8a060],
PUP.Optional.SpeedAnalysis.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\icon18.png, , [9cc10168e5a568ce036700af4bb8a060],
PUP.Optional.SpeedAnalysis.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\icon24.ico, , [9cc10168e5a568ce036700af4bb8a060],
PUP.Optional.SpeedAnalysis.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\icon24.png, , [9cc10168e5a568ce036700af4bb8a060],
PUP.Optional.SpeedAnalysis.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\icon32.ico, , [9cc10168e5a568ce036700af4bb8a060],
PUP.Optional.SpeedAnalysis.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\icon32.png, , [9cc10168e5a568ce036700af4bb8a060],
PUP.Optional.SpeedAnalysis.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\icon48.ico, , [9cc10168e5a568ce036700af4bb8a060],
PUP.Optional.SpeedAnalysis.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\icon48.png, , [9cc10168e5a568ce036700af4bb8a060],
PUP.Optional.SpeedAnalysis.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\icon64.ico, , [9cc10168e5a568ce036700af4bb8a060],
PUP.Optional.SpeedAnalysis.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\icon64.png, , [9cc10168e5a568ce036700af4bb8a060],
PUP.Optional.SpeedAnalysis.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\jquery-1.9.1.min.js, , [9cc10168e5a568ce036700af4bb8a060],
PUP.Optional.SpeedAnalysis.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\options.xul, , [9cc10168e5a568ce036700af4bb8a060],
PUP.Optional.SpeedAnalysis.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\settings.json, , [9cc10168e5a568ce036700af4bb8a060],
PUP.Optional.SpeedAnalysis.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\mz\background.js, , [9cc10168e5a568ce036700af4bb8a060],
PUP.Optional.SpeedAnalysis.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\mz\content.js, , [9cc10168e5a568ce036700af4bb8a060],
PUP.Optional.SpeedAnalysis.A, C:\Users\tc\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\skin\framework.css, , [9cc10168e5a568ce036700af4bb8a060],
PUP.Optional.CoolSearches.C, C:\Users\tc\AppData\Roaming\Mozilla\Firefox\Profiles\85p4kzce.default\prefs.js, Bon: (), Mauvais: (user_pref("browser.search.defaulturl", "http://websearch.coolsearches.info/?pid ... =85&l=1&q=");), ,[114c2049c0ca171f93fcb3805ea8ba46]
PUP.Optional.CoolSearches.A, C:\Users\tc\AppData\Roaming\Mozilla\Firefox\Profiles\85p4kzce.default\prefs.js, Bon: (), Mauvais: (user_pref("keyword.URL", "http://websearch.coolsearches.info/?pid ... =85&l=1&q=");), ,[29346cfd4a4096a00b9b6cc7798d45bb]
PUP.Optional.CoolSearches.A, C:\Users\tc\AppData\Roaming\Mozilla\Firefox\Profiles\85p4kzce.default\search.json, Bon: (), Mauvais: (coolsearches.info), ,[f5682148236785b1710500332bdb19e7]

Secteurs physiques: 0
(Aucun élément malicieux détecté)


(end)

Re: Pub intempestive : Gsave

Posté : mer. 8 avr. 2015 11:09
par g3n-h@ckm@n
re
note : le rapport sera sur le bureau au nom de QuickDiag_date_heure.txt, et une copie du même nom sera disponible dans ton disque système ( logiquement C: )

Re: Pub intempestive : Gsave

Posté : mer. 8 avr. 2015 11:43
par Mouche66
Bonjour,

voici le lien pour le rapport QuickDiag :

http://upload.sosvirus.net/download/qwa ... jezi55rgmg

A+, JM

Re: Pub intempestive : Gsave

Posté : ven. 10 avr. 2015 11:08
par g3n-h@ckm@n
hello

rends-toi sur https://www.virustotal.com puis fais analyser ce fichier :

C:\Windows\system32\drivers\rlgdsxzo.sys

une fois l'analyse des antivirus terminée , récupère le lien de la page en haut puis colle-le ici que je puisse m'y rendre pour consulter

Re: Pub intempestive : Gsave

Posté : ven. 10 avr. 2015 16:43
par Mouche66
Bonjour,

le fichier rlgdsxzo.sys n'apparait pas dans ce répertoire. J'ai fait une recherche, il ne semble pas être sur le DD. Je ne l'ai trouvé que dans le rapport QuickDiag.

A+

Re: Pub intempestive : Gsave

Posté : dim. 12 avr. 2015 19:59
par g3n-h@ckm@n
hello bizarre , tu peux refaire quickdiag mais en cliquant sur "Extended" Stp ?

Re: Pub intempestive : Gsave

Posté : lun. 13 avr. 2015 11:53
par Mouche66
Bonjour,

voici le rapport QuickDiag Extended :

http://upload.sosvirus.net/download/ief ... n43190fjyd

Merci et à plus tard.

Re: Pub intempestive : Gsave

Posté : mar. 14 avr. 2015 17:44
par g3n-h@ckm@n
hello reinitialise firefox, et désinstalle tout ce qui est google toolbar et compagnie

==

suite à cela , :

Désactive ton antivirus le temps de la manipulation car OTM est détecté comme une infection à tort.
Télécharge http://www.telecharger.sosvirus.net/download/otm/ OTM (OldTimer) sur ton Bureau :
Double-clique sur OTM.exe afin de le lancer. (clic droit "executer en tant qu'administrateur" pour Vista/7/8 )

Copie (Ctrl+C) le texte suivant ci-dessous :
Code : Tout sélectionner
:reg
[-HKU\S-1-5-21-3066945588-124460456-176938884-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] 
[-HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{054aae20-4bea-4347-8a35-64a533254a9d}]
[-HKU\S-1-5-21-3066945588-124460456-176938884-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{534E45C2-042B-40AE-B93B-5FD12F439A09}]
[-HKU\S-1-5-21-3066945588-124460456-176938884-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{9CF93325-6905-473E-9278-CBD9EF40F688}]
[-HKU\S-1-5-21-3066945588-124460456-176938884-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{A2D1D748-6ADA-4EF5-B104-DD4363D48919}]
[-HKU\S-1-5-21-3066945588-124460456-176938884-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{A8B2075A-116B-4E32-B955-B512207F77F0}] 
[-HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22d2aaa1-9e47-4683-b178-b872d181c4b1}] 
[-HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{534e45c2-042b-40ae-b93b-5fd12f439a09}] 
[-HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9cf93325-6905-473e-9278-cbd9ef40f688}]
[-HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a2d1d748-6ada-4ef5-b104-dd4363d48919}]
[-HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a8b2075a-116b-4e32-b955-b512207f77f0}] 
[-HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d624f149-7631-4244-b007-048baf5c50e6}] 
[-HKLM\Software\BrowserChoice]     
[-HKLM\Software\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}]     
[-HKLM\Software\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}]     
[-HKCR\CLSID\{534e45c2-042b-40ae-b93b-5fd12f439a09}] 
[-HKCR\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}] 
[-HKCR\CLSID\{9cf93325-6905-473e-9278-cbd9ef40f688}]
[-HKCR\CLSID\{a2d1d748-6ada-4ef5-b104-dd4363d48919}] 
[-HKCR\CLSID\{a8b2075a-116b-4e32-b955-b512207f77f0}]
[-HKCR\CLSID\{d624f149-7631-4244-b007-048baf5c50e6}] 

:files
C:\Users\Invité\AppData\Local\Google\Chrome\User Data\Default\extensions\igiahejkpbnbnekdaefddmdceocmjpll 
C:\Users\tc\AppData\Local\Google\Chrome\User Data\Default\extensions\igiahejkpbnbnekdaefddmdceocmjpll
C:\Program Files\FiinidBestDeial 
C:\Program Files\FunnDDeals 
C:\Program Files\W3Schools Hider 
C:\6f58a001324d9472971b62ae031e7db4 
C:\Users\All Users\e25f457c-9287-4f2d-b5a8-8cd714c55009 
C:\Users\All Users\{c4f33ab6-6026-c9c0-c4f3-33ab6602ead9} 
C:\Windows\System32\Tasks\CreateChoiceProcessTask

:commands
[emptytemp]
Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
Clique maintenant sur le bouton MoveIt!
Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.

Poste le rapport situé dans ce dossier : C:\_OTM\MovedFiles\

*Le nom du rapport correspond au moment de sa création : date_heure.log

Re: Pub intempestive : Gsave

Posté : mer. 15 avr. 2015 11:53
par Mouche66
Bonjour,

voici le rapport OTM :

All processes killed
========== REGISTRY ==========
Registry key HKEY_USERS\S-1-5-21-3066945588-124460456-176938884-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{054aae20-4bea-4347-8a35-64a533254a9d}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{054aae20-4bea-4347-8a35-64a533254a9d}\ not found.
Registry key HKEY_USERS\S-1-5-21-3066945588-124460456-176938884-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{534E45C2-042B-40AE-B93B-5FD12F439A09}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{534E45C2-042B-40AE-B93B-5FD12F439A09}\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-3066945588-124460456-176938884-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{9CF93325-6905-473E-9278-CBD9EF40F688}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9CF93325-6905-473E-9278-CBD9EF40F688}\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-3066945588-124460456-176938884-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{A2D1D748-6ADA-4EF5-B104-DD4363D48919}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A2D1D748-6ADA-4EF5-B104-DD4363D48919}\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-3066945588-124460456-176938884-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{A8B2075A-116B-4E32-B955-B512207F77F0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A8B2075A-116B-4E32-B955-B512207F77F0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22d2aaa1-9e47-4683-b178-b872d181c4b1}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{22d2aaa1-9e47-4683-b178-b872d181c4b1}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{534e45c2-042b-40ae-b93b-5fd12f439a09}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{534e45c2-042b-40ae-b93b-5fd12f439a09}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9cf93325-6905-473e-9278-cbd9ef40f688}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9cf93325-6905-473e-9278-cbd9ef40f688}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a2d1d748-6ada-4ef5-b104-dd4363d48919}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a2d1d748-6ada-4ef5-b104-dd4363d48919}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a8b2075a-116b-4e32-b955-b512207f77f0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a8b2075a-116b-4e32-b955-b512207f77f0}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d624f149-7631-4244-b007-048baf5c50e6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d624f149-7631-4244-b007-048baf5c50e6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\BrowserChoice\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}\ not found.
Registry key HKEY_CLASSES_ROOT\CLSID\{534e45c2-042b-40ae-b93b-5fd12f439a09}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{534e45c2-042b-40ae-b93b-5fd12f439a09}\ not found.
Registry key HKEY_CLASSES_ROOT\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}\ not found.
Registry key HKEY_CLASSES_ROOT\CLSID\{9cf93325-6905-473e-9278-cbd9ef40f688}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9cf93325-6905-473e-9278-cbd9ef40f688}\ not found.
Registry key HKEY_CLASSES_ROOT\CLSID\{a2d1d748-6ada-4ef5-b104-dd4363d48919}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a2d1d748-6ada-4ef5-b104-dd4363d48919}\ not found.
Registry key HKEY_CLASSES_ROOT\CLSID\{a8b2075a-116b-4e32-b955-b512207f77f0}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a8b2075a-116b-4e32-b955-b512207f77f0}\ not found.
Registry key HKEY_CLASSES_ROOT\CLSID\{d624f149-7631-4244-b007-048baf5c50e6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d624f149-7631-4244-b007-048baf5c50e6}\ not found.
========== FILES ==========
C:\Users\Invité\AppData\Local\Google\Chrome\User Data\Default\extensions\igiahejkpbnbnekdaefddmdceocmjpll\223 folder moved successfully.
C:\Users\Invité\AppData\Local\Google\Chrome\User Data\Default\extensions\igiahejkpbnbnekdaefddmdceocmjpll folder moved successfully.
C:\Users\tc\AppData\Local\Google\Chrome\User Data\Default\extensions\igiahejkpbnbnekdaefddmdceocmjpll\223 folder moved successfully.
C:\Users\tc\AppData\Local\Google\Chrome\User Data\Default\extensions\igiahejkpbnbnekdaefddmdceocmjpll folder moved successfully.
C:\Program Files\FiinidBestDeial folder moved successfully.
C:\Program Files\FunnDDeals folder moved successfully.
C:\Program Files\W3Schools Hider folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\ZH-TW folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\ZH-CN folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\x86 folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\VI-VN folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\UK-UA folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\TR-TR folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\TH-TH folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\SV-SE folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\sr-Latn-CS folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\SK-SK folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\SCEP folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\RU-RU folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\RO-RO folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\qps-plocm folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\qps-ploc folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\PT-PT folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\PT-BR folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\PL-PL folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\NL-NL folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\NB-NO folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\MSEPrerelease folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\MSE folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\LV-LV folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\LT-LT folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\KO-KR folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\JA-JP folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\IT-IT folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\INTUNE folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\HU-HU folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\HR-HR folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\FR-FR folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\FI-FI folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\FEP folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\ET-EE folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\ES-ES folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\EPP folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\EN-US folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\EL-GR folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\DE-DE folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\DA-DK folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\CS-CZ folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4\BG-BG folder moved successfully.
C:\6f58a001324d9472971b62ae031e7db4 folder moved successfully.
C:\Users\All Users\e25f457c-9287-4f2d-b5a8-8cd714c55009 folder moved successfully.
C:\Users\All Users\{c4f33ab6-6026-c9c0-c4f3-33ab6602ead9} folder moved successfully.
C:\Windows\System32\Tasks\CreateChoiceProcessTask moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Invité
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 544421 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 342518567 bytes
->Flash cache emptied: 4537 bytes

User: Public

User: tc
->Temp folder emptied: 14752032 bytes
->Temporary Internet Files folder emptied: 85505621 bytes
->Java cache emptied: 196503 bytes
->FireFox cache emptied: 13317423 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 8545 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 71958 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 21078865 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 743 bytes
RecycleBin emptied: 1303825 bytes

Total Files Cleaned = 457,00 mb


OTM by OldTimer - Version 3.1.21.0 log created on 04152015_114753

Re: Pub intempestive : Gsave

Posté : mer. 15 avr. 2015 17:48
par g3n-h@ckm@n
bonjour quels soucis persistent ?

Re: Pub intempestive : Gsave

Posté : mer. 15 avr. 2015 18:24
par Mouche66
Bonjour,

je viens de visiter quelques sites, les fenêtres de pub n'apparaissent plus. Le problème semble résolu.

Re: Pub intempestive : Gsave

Posté : jeu. 16 avr. 2015 21:32
par g3n-h@ckm@n
hello alors tu peux finir avec ce ménage pour parfaire tout ca ;) )> http://www.forum-entraide-informatique. ... infection/

Re: Pub intempestive : Gsave

Posté : ven. 17 avr. 2015 11:59
par Mouche66
Bonjour,

comme spécifié dans la procédure de désinfection, voici le rapport Delfix :

# DelFix v10.9 - Rapport créé le 17/04/2015 à 11:56:57
# Mis à jour le 27/02/2015 par Xplode
# Nom d'utilisateur : tc - TCPB2012
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (32 bits)

~ Activation de l'UAC ... OK

~ Suppression des outils de désinfection ...

Supprimé : C:\_OTM
Supprimé : C:\AdwCleaner
Supprimé : C:\AdsFix
Supprimé : C:\QuickDiag
Supprimé : C:\AdsFix_06_04_2015_13_18_57.txt
Supprimé : C:\JavaRa.log
Supprimé : C:\QuickDiag_08_04_2015_11_38_23.txt
Supprimé : C:\QuickDiag_13_04_2015_11_46_34.txt
Supprimé : C:\Users\tc\Desktop\AdsFix.exe
Supprimé : C:\Users\tc\Desktop\AdsFix_06_04_2015_13_18_57.txt
Supprimé : C:\Users\tc\Desktop\AdsFix_Donate.lnk
Supprimé : C:\Users\tc\Desktop\OTM.exe
Supprimé : C:\Users\tc\Desktop\QuickDiag_08_04_2015_11_38_23.txt
Supprimé : C:\Users\tc\Desktop\QuickDiag_13_04_2015_11_46_34.txt
Supprimé : C:\Users\tc\Downloads\QuickDiag.exe
Supprimée : HKCU\Software\g3n-h@ckm@n
Supprimée : HKCU\Software\AdsFix
Supprimée : HKLM\SOFTWARE\OldTimer Tools
Supprimée : HKLM\SOFTWARE\AdsFix
Supprimée : HKLM\SOFTWARE\AdwCleaner
Supprimée : HKLM\SOFTWARE\g3n-h@ckm@n

~ Sauvegarde de la base de registre ... OK

~ Purge de la restauration système ...

Supprimé : RP #298 [Windows Update | 03/24/2015 08:53:03]
Supprimé : RP #299 [Windows Update | 03/25/2015 20:31:19]
Supprimé : RP #300 [Windows Update | 03/30/2015 08:18:37]
Supprimé : RP #301 [Windows Update | 04/02/2015 14:32:50]
Supprimé : RP #302 [Windows Update | 04/04/2015 16:38:01]
Supprimé : RP #303 [Windows Update | 04/08/2015 08:17:52]
Supprimé : RP #304 [Windows Update | 04/13/2015 08:02:02]
Supprimé : RP #305 [Windows Update | 04/15/2015 16:53:25]
Supprimé : RP #306 [Removed Adobe Reader XI (11.0.10) - Français. | 04/17/2015 09:24:20]
Supprimé : RP #307 [Removed Java 8 Update 45 | 04/17/2015 09:39:56]

Nouveau point de restauration créé !

~ Réinitialisation des paramètres système ... OK

########## - EOF - ##########

Re: Pub intempestive : Gsave

Posté : sam. 18 avr. 2015 11:07
par g3n-h@ckm@n
hello nickel :)

Re: Pub intempestive : Gsave

Posté : lun. 20 avr. 2015 10:22
par Mouche66
Bonjour,

merci g3n-h@ckm@n pour ton aide.

Bonne journée.

Re: Pub intempestive : Gsave

Posté : lun. 20 avr. 2015 21:58
par g3n-h@ckm@n
au plaisir , je ferme :)