Sujet Précédent Sujet Suivant

PirritSuggestor : popup publicitaires sur Firefox

Résolu/Fermé
chrissa42 - 17 févr. 2014 à 08:17
chrissagros42 Messages postés 9 Date d'inscription lundi 17 février 2014 Statut Membre Dernière intervention 17 février 2014 - 17 févr. 2014 à 22:57
Bonjour,
Depuis quelques jours, j'ai des fenêtres publicitaires qui s'ouvrent en grand nombre quand je vais sur internet (sous Firefox) et de plus sur les sites où je vais, quels qu'ils soient, j'ai des mots double-soulignés qui me renvoient encore une fois à des encarts publicitaires.
J'ai lancé Malwarebytes mais il n'a rien trouvé...
Quelqu'un pourrait-il m'aider à me débarrasser de cette saleté ?
Merci d'avance...

10 réponses

Réponse 1 / 10
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 662
17 févr. 2014 à 08:19
Salut,

Tu as installé des adwares et programmes parasites sur ton PC.
Voici la procédure à suivre pour les supprimer :


Un nettoyage AdwCleaner (environ 10/15min) :
======================================
Suis ce tutorial https://www.malekal.com/adwcleaner-supprimer-virus-adwares-pup/?t=33839&start= AdwCleaner ( d'Xplode ) sur ton bureau.
Vas sur le lien, télécharge AdwCleaner comme indiqué.
Lance AdwCleaner, clique sur [Scanner].
Le scan peux durer plusieurs minutes, patienter.
Une fois le scan terminé, clique sur [Nettoyer]

Une fois le nettoyage terminé, un rapport s'ouvrira. Copie/colle le contenu du rapport dans ta prochaine réponse par un copier/coller.
Si cela ne fonctionne pas, utilise le site http://pjjoint.malekal.com pour héberger le rapport, donne le lien du rapport dans un nouveau message.

Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt


puis réinitialise tes navigateurs (5min):
==================================
Réinitialise tes navigateurs :
* Firefox : https://www.malekal.com/reparer-firefox/?t=36057&start=
* Google Chrome : https://www.malekal.com/reparer-google-chrome/?t=35837&start=


Faire un Scan OTL - Temps : Environ 40min
=============================================
OTL permet de diagnostiquer les programmes qui tournent et déceler des infections - Le programme va générer deux rapports OTL.txt et Extras.txt
Fournir les deux rapports :

Tu peux suivre les indications de cette page pour t'aider : https://www.malekal.com/tutorial-otl/

* Télécharge http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/ sur ton bureau.
(Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)

Dans le cas d'Avast!, ne pas lancer le programme dans la Sandbox (voir lien d'aide ci-dessus).

* Lance OTL
* En haut à droite de Analyse rapide, coche "tous les utilisateurs"
* Clique sur le bouton Analyse.

**** Si durant le scan - OTL ne répond pas, ne touche à rien et laisse le scan se poursuivre ****

* Quand le scan est fini, utilise le site http://pjjoint.malekal.com/ pour envoyer le rapport OTL.txt (et Extra.txt si présent).
Donne le ou les liens pjjoint qui pointent vers ces rapports ici dans une réponse.
Je répète : donne le lien du rapport pjjoint ici en réponse.

NE PAS COPIER/COLLER LE RAPPORT ICI - DONNER LE LIEN PJJOINT DANS UN NOUVEAU MESSAGE


0
chrissa42
17 févr. 2014 à 14:25
Merci tout plein, je viens de lancer le scan, j'ai le rapport, j'ouvre un autre message...
A bientôt...
Chrissa 42
0
chrissa42
17 févr. 2014 à 15:27
Au secours ! il m'est impossible d'aller sur pjjoint : message : 403 forbidden...
0
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 662
17 févr. 2014 à 16:33
retente.
0
chrissagros42 Messages postés 9 Date d'inscription lundi 17 février 2014 Statut Membre Dernière intervention 17 février 2014
17 févr. 2014 à 17:03
1 - RAPPORT ADW CLEANER :
# AdwCleaner v3.018 - Rapport créé le 17/02/2014 à 14:20:30
# Mis à jour le 28/01/2014 par Xplode
# Système d'exploitation : Windows 7 Professional Service Pack 1 (32 bits)
# Nom d'utilisateur : Windows 7 - WINDOWS7-PC
# Exécuté depuis : C:\Users\Windows 7\Downloads\adwcleaner.exe
# Option : Nettoyer

***** [ Services ] *****


***** [ Fichiers / Dossiers ] *****

Dossier Supprimé : C:\Program Files\MyPC Backup
Dossier Supprimé : C:\Users\Windows 7\AppData\Roaming\pdfforge
Fichier Supprimé : C:\Users\Windows 7\AppData\Roaming\Mozilla\Firefox\Profiles\3p6apatm.default-1349992965901\user.js

***** [ Raccourcis ] *****


***** [ Registre ] *****

Clé Supprimée : HKLM\SOFTWARE\Classes\speedupmypc
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]
Clé Supprimée : HKCU\Software\Alexa Internet
Clé Supprimée : HKCU\Software\distromatic
Clé Supprimée : HKCU\Software\TutoTag
Clé Supprimée : HKLM\Software\Tutorials
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC

***** [ Navigateurs ] *****

-\\ Internet Explorer v11.0.9600.16518


-\\ Mozilla Firefox v27.0.1 (fr)

[ Fichier : C:\Users\Windows 7\AppData\Roaming\Mozilla\Firefox\Profiles\3p6apatm.default-1349992965901\prefs.js ]

Ligne Supprimée : user_pref("extensions.crossrider.bic", "143359c0a1953759dd6f5f64c255a596");

*************************

AdwCleaner[R0].txt - [12849 octets] - [27/09/2013 14:19:58]
AdwCleaner[R1].txt - [2451 octets] - [17/02/2014 14:19:30]
AdwCleaner[S0].txt - [11671 octets] - [27/09/2013 14:20:32]
AdwCleaner[S1].txt - [2348 octets] - [17/02/2014 14:20:30]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2408 octets] ##########
0
Réponse 2 / 10
chrissagros42 Messages postés 9 Date d'inscription lundi 17 février 2014 Statut Membre Dernière intervention 17 février 2014
17 févr. 2014 à 17:04
2 - 1er RAPPORT OTL :

OTL logfile created on: 17/02/2014 14:53:16 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Windows 7\Downloads
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16518)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1,68 Gb Total Physical Memory | 0,99 Gb Available Physical Memory | 58,87% Memory free
3,37 Gb Paging File | 2,38 Gb Available in Paging File | 70,74% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 78,03 Gb Total Space | 18,66 Gb Free Space | 23,92% Space Free | Partition Type: NTFS
Drive D: | 154,76 Gb Total Space | 127,01 Gb Free Space | 82,07% Space Free | Partition Type: NTFS

Computer Name: WINDOWS7-PC | User Name: Windows 7 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========/color

PRC - [2014/02/17 14:35:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Windows 7\Downloads\OTL.exe
PRC - [2014/02/14 12:12:30 | 000,052,568 | ---- | M] () -- C:\Users\Windows 7\AppData\Local\PirritSuggestor\PirritService.exe
PRC - [2014/02/14 12:12:28 | 000,190,808 | ---- | M] () -- C:\Users\Windows 7\AppData\Local\PirritSuggestor\PirritDesktop.exe
PRC - [2014/02/14 11:29:08 | 000,059,904 | ---- | M] () -- C:\Program Files\Pirrit\AutoUpdater.exe
PRC - [2014/01/16 01:40:24 | 000,277,920 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
PRC - [2013/12/18 19:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/10/23 15:01:10 | 000,280,288 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\NisSrv.exe
PRC - [2013/10/23 15:01:10 | 000,022,208 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2013/10/23 14:55:28 | 000,948,440 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2013/06/05 15:36:58 | 000,929,296 | ---- | M] (Research In Motion) -- C:\Program Files\Research In Motion\BlackBerry Link\BlackBerryLink.AutoUpdate.exe
PRC - [2013/06/05 15:36:58 | 000,777,744 | ---- | M] (Research In Motion) -- C:\Program Files\Research In Motion\BlackBerry Link\BlackBerryLink.Helper.exe
PRC - [2013/06/04 16:31:06 | 004,273,664 | ---- | M] (Research In Motion Limited) -- C:\Program Files\Common Files\Research in Motion\Tunnel Manager\PeerManager.exe
PRC - [2013/06/04 16:13:48 | 000,389,632 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe
PRC - [2013/06/04 16:13:40 | 001,263,616 | ---- | M] (Research In Motion Limited) -- C:\Program Files\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe
PRC - [2013/04/08 18:44:12 | 001,320,496 | ---- | M] (pdfforge GmbH) -- C:\Program Files\PDF Architect\HelperService.exe
PRC - [2013/04/08 18:43:36 | 000,799,280 | ---- | M] (pdfforge GmbH) -- C:\Program Files\PDF Architect\ConversionService.exe
PRC - [2013/03/06 17:25:18 | 000,442,896 | ---- | M] (Research In Motion Limited) -- C:\Program Files\Common Files\Research in Motion\USB Drivers\RIMBBLaunchAgent.exe
PRC - [2013/03/06 14:24:14 | 000,585,728 | ---- | M] (Research In Motion Limited) -- C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
PRC - [2012/11/23 03:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012/03/06 13:41:36 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012/03/06 13:41:34 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012/03/06 13:40:14 | 000,163,608 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
PRC - [2012/02/09 11:22:26 | 003,824,640 | R--- | M] (VIA) -- C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
PRC - [2012/02/02 21:25:30 | 000,458,464 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe
PRC - [2011/11/11 14:50:16 | 000,027,760 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\System32\ViakaraokeSrv.exe
PRC - [2011/06/08 17:15:06 | 001,804,648 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
PRC - [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe


[color=#E56717]========== Modules (No Company Name) ==========/color

MOD - [2014/02/14 12:12:28 | 000,190,808 | ---- | M] () -- C:\Users\Windows 7\AppData\Local\PirritSuggestor\PirritDesktop.exe
MOD - [2014/02/12 19:17:27 | 000,260,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsForm0b574481#\1ab52f8951c2ab97592ec25830dd5165\WindowsFormsIntegration.ni.dll
MOD - [2014/02/12 19:17:02 | 001,091,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servf73e6522#\0bedc417d3c5dcb1c9a5f15dd733c556\System.ServiceModel.Web.ni.dll
MOD - [2014/02/12 19:16:57 | 019,693,056 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\24bf0c88c0465485f4b842df043b3f45\System.ServiceModel.ni.dll
MOD - [2014/02/12 19:16:38 | 002,997,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\1e5e19d119e04b93da3d45153abd60fd\System.IdentityModel.ni.dll
MOD - [2014/02/12 19:16:05 | 000,190,976 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\75b6a68103e1b76063d9f69b8275ae61\UIAutomationTypes.ni.dll
MOD - [2014/02/12 19:16:02 | 000,018,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio49d6fefe#\47e7fc401facd4a5d3f2237f16948f36\PresentationFramework-SystemXml.ni.dll
MOD - [2014/02/12 19:16:01 | 000,025,088 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio84a6349c#\c6ab75afe61e2065e65a2faa795abff9\PresentationFramework-SystemCore.ni.dll
MOD - [2014/02/12 18:14:38 | 000,660,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\2053b0e14f1e64a5c5d6d1c4d01485a2\System.Transactions.ni.dll
MOD - [2014/02/12 18:14:37 | 001,889,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\3fe705796c6a41d4889d9001d1c56af8\System.Xaml.ni.dll
MOD - [2014/02/12 18:14:34 | 018,813,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\a4b45c44490c75bc2fb22780e7ef087d\PresentationFramework.ni.dll
MOD - [2014/02/12 18:14:27 | 012,894,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\f4f6ee0df2aa4189bf36e6335cb92761\System.Windows.Forms.ni.dll
MOD - [2014/02/12 18:14:22 | 011,025,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\a74542efbeb46445949a39026c501132\PresentationCore.ni.dll
MOD - [2014/02/12 18:14:20 | 001,644,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\5cd2aee5e7c07227c694d89219688ab3\System.Drawing.ni.dll
MOD - [2014/02/12 18:14:19 | 000,806,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\34b53ecafa1d7ccc7ca961d722b5d983\System.ServiceModel.Internals.ni.dll
MOD - [2014/02/12 18:14:19 | 000,122,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\78652b7fa68ee058bff6a118c657f565\SMDiagnostics.ni.dll
MOD - [2014/02/12 18:14:18 | 002,825,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f6d7bb59f318c130d68816a89335d05e\System.Runtime.Serialization.ni.dll
MOD - [2014/02/12 18:14:15 | 003,950,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\acf97bfe2a931d4a47253b26b7218991\WindowsBase.ni.dll
MOD - [2014/02/12 18:14:14 | 000,470,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\75f8bc4cf08030c4a53b6d5e0ae20046\PresentationFramework.Aero.ni.dll
MOD - [2014/02/12 18:14:10 | 007,662,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\bada32953bb6b16a53d653eae23d78dc\System.Xml.ni.dll
MOD - [2014/02/12 18:14:10 | 006,990,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\dce99d8de14d8a015313db98c72552ee\System.Core.ni.dll
MOD - [2014/02/12 18:14:06 | 000,976,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\bbc48ec4245e502ae19b0601d3799c9e\System.Configuration.ni.dll
MOD - [2014/02/12 18:14:05 | 010,060,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\ff26cc03e6d57d8abd13b990332e67c6\System.ni.dll
MOD - [2014/02/12 18:14:00 | 016,953,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ce5f61c5754789df97be8dc991c47d07\mscorlib.ni.dll
MOD - [2014/01/20 13:17:04 | 000,073,544 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014/01/20 13:16:38 | 001,044,808 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/12/06 02:57:28 | 000,080,496 | R--- | M] () -- C:\Program Files\VIA\VIAudioi\VDeck\QsApoApi.dll
MOD - [2011/12/06 02:57:26 | 000,113,264 | R--- | M] () -- C:\Program Files\VIA\VIAudioi\VDeck\Dts2ApoApi.dll
MOD - [2011/06/26 11:16:32 | 000,094,208 | ---- | M] () -- C:\Windows\System32\IccLibDll.dll


[color=#E56717]========== Services (SafeList) ==========/color

SRV - [2014/02/15 11:22:47 | 000,118,896 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/02/14 12:12:30 | 000,052,568 | ---- | M] () [Auto | Start_Pending] -- C:\Users\Windows 7\AppData\Local\PirritSuggestor\PirritService.exe -- (PirritDesktop)
SRV - [2014/02/14 11:29:08 | 000,059,904 | ---- | M] () [Auto | Running] -- C:\Program Files\Pirrit\AutoUpdater.exe -- (PirritUpdater)
SRV - [2014/02/07 22:16:10 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/02/06 10:47:18 | 000,108,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2014/01/16 01:39:44 | 000,235,696 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe -- (McComponentHostService)
SRV - [2013/12/18 19:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/10/23 15:01:10 | 000,280,288 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2013/10/23 15:01:10 | 000,022,208 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2013/06/04 16:13:48 | 000,389,632 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe -- (RIM MDNS)
SRV - [2013/06/04 16:13:40 | 001,263,616 | ---- | M] (Research In Motion Limited) [Auto | Running] -- C:\Program Files\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe -- (RIM Tunnel Service)
SRV - [2013/04/08 18:44:12 | 001,320,496 | ---- | M] (pdfforge GmbH) [Auto | Running] -- C:\Program Files\PDF Architect\HelperService.exe -- (PDF Architect Helper Service)
SRV - [2013/04/08 18:43:36 | 000,799,280 | ---- | M] (pdfforge GmbH) [Auto | Running] -- C:\Program Files\PDF Architect\ConversionService.exe -- (PDF Architect Service)
SRV - [2013/03/06 14:24:14 | 000,585,728 | ---- | M] (Research In Motion Limited) [On_Demand | Running] -- C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe -- (BlackBerry Device Manager)
SRV - [2012/10/10 21:36:34 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2012/03/19 22:44:18 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012/03/06 13:41:36 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/03/06 13:41:34 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/03/06 13:40:14 | 000,163,608 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2012/02/02 21:25:30 | 000,458,464 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV - [2011/11/11 14:50:16 | 000,027,760 | ---- | M] (VIA Technologies, Inc.) [Auto | Running] -- C:\Windows\System32\ViakaraokeSrv.exe -- (VIAKaraokeService)
SRV - [2009/07/14 02:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)


[color=#E56717]========== Driver Services (SafeList) ==========/color

DRV - [2013/09/27 09:53:06 | 000,104,768 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2013/06/04 16:12:32 | 000,014,336 | ---- | M] (Research in Motion Limited) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rimvndis6.sys -- (rimvndis)
DRV - [2013/02/12 04:32:45 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usb80236.sys -- (usbrndis6)
DRV - [2011/11/11 14:50:00 | 001,823,344 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV - [2011/11/09 23:52:02 | 000,046,080 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (MEI)
DRV - [2010/11/20 13:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 13:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 13:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 10:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 10:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)


[color=#E56717]========== Standard Registry (SafeList) ==========/color


[color=#E56717]========== Internet Explorer ==========/color

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.com/?gws_rd=ssl
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.google.com/?gws_rd=ssl
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.com/?gws_rd=ssl
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page Before = https://www.google.com/?gws_rd=ssl
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Before = https://www.google.com/?gws_rd=ssl
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = https://www.msn.com/fr-fr?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 4C 2B F1 E5 0F A7 CD 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKCU\..\SearchScopes\{E9C0E57C-41EA-4214-8AAF-525946D23A08}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3128284
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=http://127.0.0.1:9880

[color=#E56717]========== FireFox ==========/color

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:27.0.1
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\@rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5: C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\FFPDFArchitectConverter@pdfarchitect.com: C:\Program Files\PDF Architect\FFPDFArchitectExt [2013/12/10 23:31:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2012/10/11 23:27:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Windows 7\AppData\Roaming\mozilla\Extensions
[2014/02/15 11:22:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\browser\extensions
[2014/02/15 11:22:48 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

O1 HOSTS File: ([2014/02/15 11:01:02 | 000,008,909 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 216.239.32.20 google.com
O1 - Hosts: 216.239.32.20 google.com www.google.ad
O1 - Hosts: 216.239.32.20 google.com www.google.ae
O1 - Hosts: 216.239.32.20 google.com www.google.com.af
O1 - Hosts: 216.239.32.20 google.com www.google.com.ag
O1 - Hosts: 216.239.32.20 google.com www.google.com.ai
O1 - Hosts: 216.239.32.20 google.com www.google.al
O1 - Hosts: 216.239.32.20 google.com www.google.am
O1 - Hosts: 216.239.32.20 google.com www.google.co.ao
O1 - Hosts: 216.239.32.20 google.com www.google.com.ar
O1 - Hosts: 216.239.32.20 google.com www.google.as
O1 - Hosts: 216.239.32.20 google.com www.google.at
O1 - Hosts: 216.239.32.20 google.com www.google.com.au
O1 - Hosts: 216.239.32.20 google.com www.google.az
O1 - Hosts: 216.239.32.20 google.com www.google.ba
O1 - Hosts: 216.239.32.20 google.com www.google.com.bd
O1 - Hosts: 216.239.32.20 google.com www.google.be
O1 - Hosts: 216.239.32.20 google.com www.google.bf
O1 - Hosts: 216.239.32.20 google.com www.google.bg
O1 - Hosts: 216.239.32.20 google.com www.google.com.bh
O1 - Hosts: 216.239.32.20 google.com www.google.bi
O1 - Hosts: 216.239.32.20 google.com www.google.bj
O1 - Hosts: 216.239.32.20 google.com www.google.com.bn
O1 - Hosts: 216.239.32.20 google.com www.google.com.bo
O1 - Hosts: 216.239.32.20 google.com www.google.com.br
O1 - Hosts: 168 more lines...
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (PDF Architect Helper) - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [fst_fr_35] File not found
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [mobilegeni daemon] C:\Program Files\Mobogenie\DaemonProcess.exe File not found
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [RIM PeerManager] C:\Program Files\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe (Research In Motion Limited)
O4 - HKLM..\Run: [RIMBBLaunchAgent.exe] C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
O4 - HKCU..\Run: [BlackBerryLink.exe] C:\Program Files\Research In Motion\BlackBerry Link\BlackBerryLink.exe (Research In Motion)
O4 - HKCU..\Run: [HP Deskjet 3050A J611 series (NET)] C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F4C83F15-4C79-4604-82E8-754796D23956}: DhcpNameServer = 192.168.1.1 192.168.1.1
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{71ecf943-d6c1-11e2-9407-3085a9433504}\Shell - "" = AutoRun
O33 - MountPoints2\{71ecf943-d6c1-11e2-9407-3085a9433504}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\start.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========/color

[2014/02/15 11:22:27 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2014/02/15 11:01:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2014/02/15 11:01:25 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan
[2014/02/15 11:01:00 | 000,000,000 | ---D | C] -- C:\Users\Windows 7\AppData\Local\PirritSuggestor
[2014/02/12 18:16:47 | 002,724,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2014/02/12 18:16:47 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2014/02/12 18:16:47 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2014/02/12 18:16:46 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2014/02/12 18:16:46 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2014/02/12 18:16:46 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2014/02/12 18:16:46 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
[2014/02/12 18:16:46 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2014/02/12 18:16:46 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2014/02/12 18:16:46 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
[2014/02/12 18:16:45 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2014/02/12 18:16:45 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
[2014/02/12 18:16:45 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2014/02/12 18:16:45 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
[2014/02/12 18:16:43 | 001,964,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2014/02/12 18:16:41 | 004,244,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2014/02/12 11:56:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll
[2014/02/12 11:56:29 | 003,419,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2014/02/12 11:56:29 | 001,987,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2014/02/12 11:56:27 | 000,594,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2014/02/12 11:56:27 | 000,572,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2014/02/12 11:56:27 | 000,510,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2014/02/12 11:56:27 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2014/02/12 11:56:27 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2014/02/12 11:56:26 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2014/02/12 11:56:26 | 000,390,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2014/02/12 11:56:26 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2014/02/12 11:56:26 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2014/01/29 23:00:20 | 000,000,000 | ---D | C] -- C:\Windows\Migration
[2014/01/23 09:48:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2014/01/23 09:47:25 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2014/01/23 09:47:25 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2014/01/23 09:47:25 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1

[color=#E56717]========== Files - Modified Within 30 Days ==========/color

[2014/02/17 14:30:44 | 000,013,984 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/02/17 14:30:44 | 000,013,984 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/02/17 14:22:43 | 000,073,731 | ---- | M] () -- C:\ads_err.adt
[2014/02/17 14:22:43 | 000,004,096 | ---- | M] () -- C:\ads_err.adi
[2014/02/17 14:21:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/02/17 14:21:49 | 1355,784,192 | -HS- | M] () -- C:\hiberfil.sys
[2014/02/17 14:20:00 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\HP Photo Creations Communicator.job
[2014/02/17 14:16:02 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/02/17 14:13:16 | 000,000,206 | ---- | M] () -- C:\Users\Windows 7\Desktop\AIDE COMMENT CA MARCHE.url
[2014/02/16 22:03:23 | 000,000,164 | ---- | M] () -- C:\Users\Windows 7\Desktop\russe 68.url
[2014/02/16 21:58:41 | 000,000,152 | ---- | M] () -- C:\Users\Windows 7\Desktop\la montagne et les alpages.url
[2014/02/16 21:57:17 | 000,000,152 | ---- | M] () -- C:\Users\Windows 7\Desktop\alphabet au point de croix.url
[2014/02/16 21:37:55 | 000,000,152 | ---- | M] () -- C:\Users\Windows 7\Desktop\si la mer m'était contée.url
[2014/02/15 11:01:28 | 000,002,012 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2014/02/15 11:01:28 | 000,002,012 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2014/02/15 11:01:02 | 000,008,909 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2014/02/14 07:19:45 | 000,750,174 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2014/02/14 07:19:45 | 000,656,932 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/02/14 07:19:45 | 000,150,820 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2014/02/14 07:19:45 | 000,122,744 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014/02/10 09:49:27 | 000,000,118 | ---- | M] () -- C:\Users\Windows 7\Desktop\fleur 55555 gallery ru.url
[2014/02/07 22:16:09 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2014/02/07 22:16:09 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2014/02/06 11:20:26 | 002,724,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2014/02/06 11:19:55 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
[2014/02/06 11:01:36 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2014/02/06 11:00:46 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
[2014/02/06 10:52:56 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2014/02/06 10:52:21 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2014/02/06 10:49:22 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2014/02/06 10:47:22 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2014/02/06 10:47:18 | 000,108,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
[2014/02/06 10:46:27 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
[2014/02/06 10:34:32 | 000,208,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2014/02/06 10:25:43 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2014/02/06 10:25:36 | 004,244,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2014/02/06 10:13:13 | 000,524,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2014/02/06 10:09:30 | 001,964,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2014/02/06 09:34:31 | 000,703,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2014/02/02 22:43:59 | 000,000,133 | ---- | M] () -- C:\Users\Windows 7\Desktop\nouveau site à voir.url
[2014/01/23 23:59:36 | 000,293,192 | ---- | M] () -- C:\Users\Windows 7\Documents\bon-reduction-2014b-1.pdf
[2014/01/23 11:51:22 | 000,000,116 | ---- | M] () -- C:\Users\Windows 7\Desktop\blog du fil.url
[2014/01/23 09:48:05 | 000,001,753 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014/01/20 00:00:19 | 000,000,150 | ---- | M] () -- C:\Users\Windows 7\Desktop\free a voir.url
[2014/01/19 08:32:23 | 000,231,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe

[color=#E56717]========== Files Created - No Company Name ==========/color

[2014/02/17 14:12:56 | 000,000,206 | ---- | C] () -- C:\Users\Windows 7\Desktop\AIDE COMMENT CA MARCHE.url
[2014/02/16 22:03:12 | 000,000,164 | ---- | C] () -- C:\Users\Windows 7\Desktop\russe 68.url
[2014/02/16 21:58:28 | 000,000,152 | ---- | C] () -- C:\Users\Windows 7\Desktop\la montagne et les alpages.url
[2014/02/16 21:56:52 | 000,000,152 | ---- | C] () -- C:\Users\Windows 7\Desktop\alphabet au point de croix.url
[2014/02/16 21:37:39 | 000,000,152 | ---- | C] () -- C:\Users\Windows 7\Desktop\si la mer m'était contée.url
[2014/02/10 09:49:10 | 000,000,118 | ---- | C] () -- C:\Users\Windows 7\Desktop\fleur 55555 gallery ru.url
[2014/02/02 22:43:46 | 000,000,133 | ---- | C] () -- C:\Users\Windows 7\Desktop\nouveau site à voir.url
[2014/01/23 23:59:36 | 000,293,192 | ---- | C] () -- C:\Users\Windows 7\Documents\bon-reduction-2014b-1.pdf
[2014/01/23 11:51:11 | 000,000,116 | ---- | C] () -- C:\Users\Windows 7\Desktop\blog du fil.url
[2014/01/23 09:48:05 | 000,001,753 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014/01/20 00:00:05 | 000,000,150 | ---- | C] () -- C:\Users\Windows 7\Desktop\free a voir.url
[2013/02/08 09:37:02 | 000,140,584 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2012/10/23 16:45:59 | 000,000,064 | ---- | C] () -- C:\Windows\GPlrLanc.dat
[2012/10/15 20:31:15 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2012/10/11 21:43:57 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2012/10/10 18:56:11 | 000,015,128 | ---- | C] () -- C:\Windows\System32\drivers\IntelMEFWVer.dll
[2012/10/10 18:44:09 | 000,094,208 | ---- | C] () -- C:\Windows\System32\IccLibDll.dll
[2012/10/10 18:44:08 | 000,145,804 | ---- | C] () -- C:\Windows\System32\igcompkrng600.bin
[2012/10/10 18:41:02 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2012/10/10 18:40:57 | 000,033,999 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2012/03/19 22:26:06 | 000,963,912 | ---- | C] () -- C:\Windows\System32\igkrng600.bin
[2012/03/19 22:26:06 | 000,261,208 | ---- | C] () -- C:\Windows\System32\igfcg600m.bin
[2012/03/19 22:25:58 | 000,058,880 | ---- | C] () -- C:\Windows\System32\igdde32.dll
[2012/03/19 21:21:14 | 013,212,672 | ---- | C] () -- C:\Windows\System32\ig4icd32.dll
[2012/03/19 21:11:22 | 000,009,216 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
[2012/03/19 21:09:28 | 000,000,264 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config

[color=#E56717]========== ZeroAccess Check ==========/color

[2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >
0
Réponse 3 / 10
chrissagros42 Messages postés 9 Date d'inscription lundi 17 février 2014 Statut Membre Dernière intervention 17 février 2014
17 févr. 2014 à 17:06
3 - 2nd rapport OTL :

OTL Extras logfile created on: 17/02/2014 14:53:16 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Windows 7\Downloads
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16518)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1,68 Gb Total Physical Memory | 0,99 Gb Available Physical Memory | 58,87% Memory free
3,37 Gb Paging File | 2,38 Gb Available in Paging File | 70,74% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 78,03 Gb Total Space | 18,66 Gb Free Space | 23,92% Space Free | Partition Type: NTFS
Drive D: | 154,76 Gb Total Space | 127,01 Gb Free Space | 82,07% Space Free | Partition Type: NTFS

Computer Name: WINDOWS7-PC | User Name: Windows 7 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~1\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{16A3BAEB-22C9-499B-A47F-BB4CDD910BC9}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1DE20B35-47C7-4AD6-8F6B-A453DF0AFE30}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2AA734CB-0173-4A76-8A77-0D1B54ADEE51}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{315D8BEE-0644-48EE-9BE0-CF5906FE1B2E}" = lport=138 | protocol=17 | dir=in | app=system |
"{3F06555C-7C42-449B-9FBF-585486F0FF6B}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{43BB001B-4464-47AD-B1DD-E783680B3E7E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{505F872C-6538-4ECF-A142-4B8382637791}" = lport=10243 | protocol=6 | dir=in | app=system |
"{736D7F07-1ED5-4A64-A033-F30E4B2110EC}" = rport=10243 | protocol=6 | dir=out | app=system |
"{7A3E4546-4713-47A6-968B-22F65BAA9535}" = rport=137 | protocol=17 | dir=out | app=system |
"{7C8F96CD-C0D7-4DC0-94A1-E114EDD9255A}" = lport=445 | protocol=6 | dir=in | app=system |
"{7D7D576B-2A2C-4D84-9D9D-D27C4ED9E51B}" = rport=138 | protocol=17 | dir=out | app=system |
"{8361B93B-85CE-4042-9FA6-A7234E51B52E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{846C3303-09A7-412D-8A47-950051DFC521}" = rport=445 | protocol=6 | dir=out | app=system |
"{9976E4ED-774E-4C2C-8DCD-D62D0A3F7F3C}" = rport=139 | protocol=6 | dir=out | app=system |
"{A82C871C-2301-4C48-AE54-06753F8CE34E}" = lport=137 | protocol=17 | dir=in | app=system |
"{AA2CC957-22C2-4F63-865A-EEEAC99B946D}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C042B1C3-E184-4AEF-BF97-173C2DB82AEA}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{C7397457-8988-4DF7-BEFA-0E38C7F55A81}" = lport=8080 | protocol=6 | dir=in | app=c:\program files\common files\research in motion\nginx\nginx.exe |
"{CD25CEA0-8056-44F4-8D15-3EB019853798}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{CFFFFC99-5A02-45CA-9713-92F49DBC5A7E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D7DC704F-147C-4A74-AF07-16B625B3CC85}" = lport=139 | protocol=6 | dir=in | app=system |
"{DAC55874-2CF7-43B4-AF12-C5A5CD9C071A}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E29BA24D-723C-47B1-BADB-394FC804C947}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{EF7703D8-66B0-4131-A8C3-70D0F37A4038}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F62BBDFE-554E-4AC1-9145-8C94CC7172B2}" = lport=2869 | protocol=6 | dir=in | app=system |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{060BE6FF-4167-4160-B29C-4FCEF73EE295}" = protocol=6 | dir=in | svc=* | app=c:\program files\common files\research in motion\tunnel manager\mdnsresponder.exe |
"{07BBCD5D-6C95-4187-A506-371C2A42CE52}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{125A98C3-FC41-4EFB-B995-D0E425AC6E46}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{157D0F30-181E-4FC3-86B7-3FAB63B81B93}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1DEC8A86-85E3-4611-A95A-B36F7C18F42D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{1F173298-ADB7-48F9-B563-62FA733CE2D5}" = dir=in | app=c:\program files\hp\hp deskjet 3050a j611 series\bin\hpnetworkcommunicator.exe |
"{1FC8580D-67D4-4BB6-8035-C5AC859C88FD}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{3092DE4A-4722-4B19-B76E-B98D08A5046F}" = protocol=6 | dir=in | app=c:\program files\common files\research in motion\tunnel manager\peermanager.exe |
"{34D1D762-B403-4337-9FE7-75DF8BA02DF7}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{367A9E38-1177-4238-8EEB-9A3227A8B767}" = protocol=17 | dir=in | svc=* | app=c:\program files\common files\research in motion\tunnel manager\mdnsresponder.exe |
"{4C944628-6788-4E7F-8A21-5795B99DED02}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{50914B51-3B5E-4636-A6B0-ED0670B1EF33}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{547819A0-335A-4654-A6A3-343FBD9795E4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5728A951-87E2-48BE-AD77-87A95AD1039A}" = protocol=6 | dir=out | app=system |
"{5ECB4F77-4FFD-4588-8930-1099B7395B17}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{61ABE15F-C14F-4715-A28F-B54EA8D75109}" = protocol=17 | dir=in | svc=* | app=c:\program files\common files\research in motion\tunnel manager\tunmgr.exe |
"{6C712DF7-9ACC-4B0F-8681-19FF24FABF87}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6EC89DF8-377B-4AB5-99F8-C3DBBF7A90BC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{6FC62029-F038-4C52-B5AC-5BC9E20E86FD}" = protocol=6 | dir=in | app=c:\programdata\esafe\egdpsvc.exe |
"{7B54DB49-9D5E-4AC1-8F08-52BD2125406B}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{7B9C6DC5-EE23-4655-AFA8-CA98D60BB707}" = protocol=6 | dir=in | svc=* | app=c:\program files\common files\research in motion\tunnel manager\tunmgr.exe |
"{88F8CB36-0DCD-4E31-A4DD-DDD432727CD0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{89771440-F3DA-4A7F-851D-96042CFF3F3E}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{8AA2ECCD-5448-4774-AEEA-91E8DCE19B9A}" = protocol=6 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe |
"{944FD12B-79C4-4C9D-86D3-D7BEC918B055}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{974445EE-B3F3-43DA-BAD0-A8ABF9913A54}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{9A5F2B42-C1F8-4AFB-8537-6092B231F6B3}" = protocol=17 | dir=in | app=c:\windows\system32\msiexec.exe |
"{B781F6ED-69C3-481F-BB3C-34B48C839368}" = protocol=6 | dir=in | app=c:\windows\system32\msiexec.exe |
"{C3E3E3FE-F473-418C-885F-732B8D57D95E}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{C81D16CE-05F1-4372-8254-9D847C99029C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{CEA9331E-6F80-4E39-95C4-B10040EAD1CA}" = protocol=17 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe |
"{D241DF07-87BE-4547-854E-1BB6FD80F260}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DDD85715-A1B5-4251-9E47-1A074780A1B5}" = dir=in | app=c:\program files\hp\hp deskjet 3050a j611 series\bin\devicesetup.exe |
"{E52E524D-2960-4397-A91D-885078EF918B}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{FC4545A7-A7B8-4CB2-89DE-584F1DCC09F6}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{064A929A-4DE8-40CF-A901-BD40C14E4D25}" = PDF Architect
"{0CD47142-BA4F-46B0-AA92-2675864928B8}" = Microsoft Security Client
"{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack
"{10E3A6DD-84D8-4D8A-BB11-5E5314BCA7FD}" = Apple Mobile Device Support
"{13F7304A-EF3D-4433-9B3A-85538E158768}" = HP Deskjet 3050A J611 series - Enquête sur l'amélioration du produit
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{43D6C32E-59C4-4E28-89E9-7CB44E8F3C24}" = BlackBerry Link
"{4903D172-DCCB-392F-93A3-34CA9D47FE3D}" = Microsoft .NET Framework 4.5.1
"{51A66ED3-200E-4147-8D1E-E8D30936FD26}" = Intel® Trusted Connect Service Client
"{58CAD08F-CE8A-4397-81A6-8C4FFC871B2A}" = Logiciel de base du périphérique HP Deskjet 3050A J611 series
"{616445AF-BBCF-41C1-A4D6-8CFF171C182D}" = iTunes
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007
"{90120000-0015-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0017-040C-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (French) 2007
"{90120000-0017-040C-0000-0000000FF1CE}_OMUI.fr-fr_{879D8136-C3A7-4A13-A8F4-309467087372}" = Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007
"{90120000-0019-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007
"{90120000-001A-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_OMUI.fr-fr_{3E8EA473-ECCE-405F-A9CA-59446AEADD3A}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_OMUI.fr-fr_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_OMUI.fr-fr_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}_OMUI.fr-fr_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_OMUI.fr-fr_{2C95E7EE-FEA7-4B3A-A6E5-DF90A88B816A}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}_OMUI.fr-fr_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2007
"{90120000-0044-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}_OMUI.fr-fr_{8283FD64-6A3B-4104-9E12-7CA25EF29A1A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007
"{90120000-00A1-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-040C-0000-0000000FF1CE}" = Microsoft Office Groove MUI (French) 2007
"{90120000-00BA-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0100-040C-0000-0000000FF1CE}" = Microsoft Office O MUI (French) 2007
"{90120000-0100-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0101-040C-0000-0000000FF1CE}" = Microsoft Office X MUI (French) 2007
"{90120000-0101-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{97DDCAB8-B770-4089-A10F-67568069D78A}" = HP Deskjet 3050A J611 series Aide
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A922C4B7-50E0-4787-A94C-59DBF3C65DBE}" = Apple Application Support
"{AC76BA86-7AD7-1036-7B44-AA1000000001}" = Adobe Reader X (10.1.9) - Français
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"123 Free Solitaire for Children" = 123 Free Solitaire for Children
"7AFADC17CE5D176C218EB94F26AE53271142A857" = Windows Driver Package - Bose Corporation (usbser) Ports (08/03/2012 1.2.0.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 12 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin
"BlackBerry_10_Desktop" = BlackBerry Link
"ENTERPRISE" = Microsoft Office Enterprise 2007
"HP Photo Creations" = HP Photo Creations
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Gestionnaire de périphériques de plate-forme
"LAME_is1" = LAME v3.99.3 (for Windows)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox 27.0.1 (x86 fr)" = Mozilla Firefox 27.0.1 (x86 fr)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"OMUI.fr-fr" = Microsoft Office Language Pack 2007 - French/Français
"PirritSuggestor_is1" = PirritSuggestor version 1.5
"ST6UNST #1" = Freecell Collection 7.0
"ST6UNST #2" = Freecell Collection 7.0 (C:\Program Files\Freecell Collection 7.0\)

[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"PhotoFiltre 7" = PhotoFiltre 7

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 15/02/2014 07:24:16 | Computer Name = Windows7-PC | Source = SideBySide | ID = 16842785
Description = La création du contexte d'activation a échoué pour « C:\Program Files\Common
Files\Research In Motion\AppLoader\MailServerMAPIProxy64.exe ». Assembly dépendant
Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"
introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé.

Error - 16/02/2014 08:05:15 | Computer Name = Windows7-PC | Source = SideBySide | ID = 16842785
Description = La création du contexte d'activation a échoué pour « C:\Program Files\Common
Files\Research In Motion\AppLoader\MailServerMAPIProxy64.exe ». Assembly dépendant
Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"
introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé.

Error - 16/02/2014 14:42:00 | Computer Name = Windows7-PC | Source = Application Error | ID = 1000
Description = Nom de l'application défaillante PirritDesktop.exe, version : 0.0.0.0,
horodatage : 0x52fdfa1b Nom du module défaillant : QtCore4.dll, version : 4.8.4.0,
horodatage : 0x50b31871 Code d'exception : 0xc0000005 Décalage d'erreur : 0x0000286f
ID
du processus défaillant : 0xb6c Heure de début de l'application défaillante : 0x01cf2af404357855
Chemin
d'accès de l'application défaillante : C:\Users\Windows 7\AppData\Local\PirritSuggestor\PirritDesktop.exe
Chemin
d'accès du module défaillant: C:\Users\Windows 7\AppData\Local\PirritSuggestor\QtCore4.dll
ID
de rapport : 048a0c7c-973a-11e3-bd44-02c028e48501

Error - 16/02/2014 16:01:37 | Computer Name = Windows7-PC | Source = RIM MDNS | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 16/02/2014 16:01:37 | Computer Name = Windows7-PC | Source = RIM MDNS | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 9859

Error - 16/02/2014 16:01:37 | Computer Name = Windows7-PC | Source = RIM MDNS | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 9859

Error - 16/02/2014 16:01:39 | Computer Name = Windows7-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 16/02/2014 16:01:39 | Computer Name = Windows7-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 9969

Error - 16/02/2014 16:01:39 | Computer Name = Windows7-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 9969

Error - 16/02/2014 17:05:51 | Computer Name = Windows7-PC | Source = Application Error | ID = 1000
Description = Nom de l'application défaillante firefox.exe, version : 27.0.1.5156,
horodatage : 0x52fc0faa Nom du module défaillant : xul.dll, version : 27.0.1.5156,
horodatage : 0x52fc0f79 Code d'exception : 0xc0000005 Décalage d'erreur : 0x001560c7
ID
du processus défaillant : 0x19d4 Heure de début de l'application défaillante : 0x01cf2b4704101954
Chemin
d'accès de l'application défaillante : C:\Program Files\Mozilla Firefox\firefox.exe
Chemin
d'accès du module défaillant: C:\Program Files\Mozilla Firefox\xul.dll ID de rapport
: 1d1899cf-974e-11e3-bd44-02c028e48501

[ OSession Events ]
Error - 16/01/2014 07:06:04 | Computer Name = Windows7-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6690.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 5786
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 15/02/2014 06:00:55 | Computer Name = Windows7-PC | Source = Service Control Manager | ID = 7034
Description = Le service PirritUpdater s'est terminé de façon inattendue pour la
1ème fois.

Error - 15/02/2014 06:00:56 | Computer Name = Windows7-PC | Source = Service Control Manager | ID = 7030
Description = Le service PirritUpdater est marqué comme étant interactif. Cependant,
le système est configuré pour ne pas autoriser les services interactifs. Ce service
peut ne pas fonctionner correctement.

Error - 15/02/2014 06:01:02 | Computer Name = Windows7-PC | Source = Service Control Manager | ID = 7030
Description = Le service PirritDesktop est marqué comme étant interactif. Cependant,
le système est configuré pour ne pas autoriser les services interactifs. Ce service
peut ne pas fonctionner correctement.

Error - 15/02/2014 09:26:37 | Computer Name = Windows7-PC | Source = Server | ID = 2505
Description = Le serveur n'a pas pu se lier au transport \Device\NetBT_Tcpip_{F4C83F15-4C79-4604-82E8-754796D23956}
car un autre ordinateur du réseau porte le même nom. Le serveur n'a pas pu démarrer.

Error - 16/02/2014 04:49:33 | Computer Name = Windows7-PC | Source = Service Control Manager | ID = 7022
Description = Le service PirritDesktop est en attente de démarrage.

Error - 16/02/2014 04:49:33 | Computer Name = Windows7-PC | Source = Service Control Manager | ID = 7022
Description = Le service PirritUpdater est en attente de démarrage.

Error - 17/02/2014 03:02:39 | Computer Name = Windows7-PC | Source = Service Control Manager | ID = 7022
Description = Le service PirritDesktop est en attente de démarrage.

Error - 17/02/2014 03:02:40 | Computer Name = Windows7-PC | Source = Service Control Manager | ID = 7022
Description = Le service PirritUpdater est en attente de démarrage.

Error - 17/02/2014 09:23:39 | Computer Name = Windows7-PC | Source = Service Control Manager | ID = 7022
Description = Le service PirritDesktop est en attente de démarrage.

Error - 17/02/2014 09:23:39 | Computer Name = Windows7-PC | Source = Service Control Manager | ID = 7022
Description = Le service PirritUpdater est en attente de démarrage.


< End of report >
0
Réponse 4 / 10
chrissagros42 Messages postés 9 Date d'inscription lundi 17 février 2014 Statut Membre Dernière intervention 17 février 2014
17 févr. 2014 à 17:07
Merci de tout ce que tu peux faire pour moi, car il me semble que cela empire ! Je ne peux plus ouvrir un site sans être infestée de nouvelles fenêtres...
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 10
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 662
17 févr. 2014 à 17:29
par pjjoint le rapport OTL.
0
Réponse 6 / 10
chrissagros42 Messages postés 9 Date d'inscription lundi 17 février 2014 Statut Membre Dernière intervention 17 février 2014
17 févr. 2014 à 19:45
Adresse 1er rapport OTL sur PJJOINT.
https://pjjoint.malekal.com/files.php?id=OTL_20140217_p12w9i7f12q9
2ème rapport OTL sur PJJOINT
https://pjjoint.malekal.com/files.php?id=OTL_Extras_20140217_t6b11i11e6o12
0
Réponse 7 / 10
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 662
Modifié par Malekal_morte- le 17/02/2014 à 21:00
Désinstalle McAfee Security Scan, sert à rien.

Relance OTL.
o sous Personnalisation (Custom Scan), copie_colle le contenu du cadre ci dessous (bien prendre :OTL en début).
Clic Correction (Fix), un rapport apparraitra, copie/colle le contenu ici:


:OTL
SRV - [2014/02/14 12:12:30 | 000,052,568 | ---- | M] () [Auto | Start_Pending] -- C:\Users\Windows 7\AppData\Local\PirritSuggestor\PirritService.exe -- (PirritDesktop)
SRV - [2014/02/14 11:29:08 | 000,059,904 | ---- | M] () [Auto | Running] -- C:\Program Files\Pirrit\AutoUpdater.exe -- (PirritUpdater)
[2014/02/15 11:01:00 | 000,000,000 | ---D | C] -- C:\Users\Windows 7\AppData\Local\PirritSuggestor
:Commands
[resethosts]
[reboot]


* poste le rapport ici

Like the angel you are, you laugh creating a lightness in my chest,
Your eyes they penetrate me,
(Your answer's always 'maybe')
That's when I got up and left
0
chrissagros42 Messages postés 9 Date d'inscription lundi 17 février 2014 Statut Membre Dernière intervention 17 février 2014
17 févr. 2014 à 22:02
J'ai relancé OTL en copiant le texte que tu m'as indiqué. On m'a demande de fermer mes appli et tout s'est fermé et rallumé : pas de rapport pour autant (même pas dans téléchargement ) et je ne peux plus ouvrir notre discussion sur comment ça marche (là je suis sur mon iPhone. Message quand j'ouvre Firefox : la connexion à été refusée par le serveur proxy...
Que dois-je faire ?
Merci pour la suite !
0
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 662
17 févr. 2014 à 22:09
fais ça : https://forums.commentcamarche.net/forum/affich-37640573-desactiver-son-proxy
0
chrissagros42 Messages postés 9 Date d'inscription lundi 17 février 2014 Statut Membre Dernière intervention 17 février 2014
17 févr. 2014 à 22:17
ok ! Merci... je suis à nouveau sur le PC

dois-je relancer OTL ?
0
Réponse 8 / 10
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 662
17 févr. 2014 à 22:18
non regarde si les pubs s'arretent :)
0
Réponse 9 / 10
chrissagros42 Messages postés 9 Date d'inscription lundi 17 février 2014 Statut Membre Dernière intervention 17 février 2014
17 févr. 2014 à 22:26
A priori les publicités n'apparaissent plus, ni les mots double soulignés dans les textes que je visite ou que je reçois...

Merci infiniment de ton aide !

Une dernière question : que dois-je mettre comme protection ? anti virus, et autres ?
0
Réponse 10 / 10
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 662
17 févr. 2014 à 22:29
:)


Installe Malwarebyte's Anti-Malware : https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
Fais des scans réguliers avec, il est efficace.



Pour ne plus te faire avoir.
A lire - Programmes parasites / PUPs : https://www.malekal.com/adwares-pup-protection/

0
chrissagros42 Messages postés 9 Date d'inscription lundi 17 février 2014 Statut Membre Dernière intervention 17 février 2014
17 févr. 2014 à 22:57
Merci beaucoup pour ton aide et pour ces indications! C'est effarant ce qu'on peut être vite infesté.
Votre forum est vraiment formidable.
À bientôt !0
0