PirritSuggestor : popup publicitaires sur Firefox

Résolu
chrissa42 -  
chrissagros42 Messages postés 10 Statut Membre -
Bonjour,
Depuis quelques jours, j'ai des fenêtres publicitaires qui s'ouvrent en grand nombre quand je vais sur internet (sous Firefox) et de plus sur les sites où je vais, quels qu'ils soient, j'ai des mots double-soulignés qui me renvoient encore une fois à des encarts publicitaires.
J'ai lancé Malwarebytes mais il n'a rien trouvé...
Quelqu'un pourrait-il m'aider à me débarrasser de cette saleté ?
Merci d'avance...

10 réponses

  1. Malekal_morte- Messages postés 178136 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   24 712
     
    Salut,

    Tu as installé des adwares et programmes parasites sur ton PC.
    Voici la procédure à suivre pour les supprimer :

    Un nettoyage AdwCleaner (environ 10/15min) :
    ======================================
    Suis ce tutorial https://www.malekal.com/adwcleaner-supprimer-virus-adwares-pup/?t=33839&start= AdwCleaner ( d'Xplode ) sur ton bureau.
    Vas sur le lien, télécharge AdwCleaner comme indiqué.
    Lance AdwCleaner, clique sur [Scanner].
    Le scan peux durer plusieurs minutes, patienter.
    Une fois le scan terminé, clique sur [Nettoyer]

    Une fois le nettoyage terminé, un rapport s'ouvrira. Copie/colle le contenu du rapport dans ta prochaine réponse par un copier/coller.
    Si cela ne fonctionne pas, utilise le site http://pjjoint.malekal.com pour héberger le rapport, donne le lien du rapport dans un nouveau message.

    Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt

    puis réinitialise tes navigateurs (5min):
    ==================================
    Réinitialise tes navigateurs :
    * Firefox : https://www.malekal.com/reparer-firefox/?t=36057&start=
    * Google Chrome : https://www.malekal.com/reparer-google-chrome/?t=35837&start=

    Faire un Scan OTL - Temps : Environ 40min
    =============================================
    OTL permet de diagnostiquer les programmes qui tournent et déceler des infections - Le programme va générer deux rapports OTL.txt et Extras.txt
    Fournir les deux rapports :

    Tu peux suivre les indications de cette page pour t'aider : https://www.malekal.com/tutorial-otl/

    * Télécharge http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/ sur ton bureau.
    (Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)

    Dans le cas d'Avast!, ne pas lancer le programme dans la Sandbox (voir lien d'aide ci-dessus).

    * Lance OTL
    * En haut à droite de Analyse rapide, coche "tous les utilisateurs"
    * Clique sur le bouton Analyse.

    **** Si durant le scan - OTL ne répond pas, ne touche à rien et laisse le scan se poursuivre ****

    * Quand le scan est fini, utilise le site http://pjjoint.malekal.com/ pour envoyer le rapport OTL.txt (et Extra.txt si présent).
    Donne le ou les liens pjjoint qui pointent vers ces rapports ici dans une réponse.
    Je répète : donne le lien du rapport pjjoint ici en réponse.

    NE PAS COPIER/COLLER LE RAPPORT ICI - DONNER LE LIEN PJJOINT DANS UN NOUVEAU MESSAGE

    0
    1. chrissa42
       
      Merci tout plein, je viens de lancer le scan, j'ai le rapport, j'ouvre un autre message...
      A bientôt...
      Chrissa 42
      0
    2. chrissa42
       
      Au secours ! il m'est impossible d'aller sur pjjoint : message : 403 forbidden...
      0
    3. Malekal_morte- Messages postés 178136 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   24 712
       
      retente.
      0
    4. chrissagros42 Messages postés 10 Statut Membre
       
      1 - RAPPORT ADW CLEANER :
      # AdwCleaner v3.018 - Rapport créé le 17/02/2014 à 14:20:30
      # Mis à jour le 28/01/2014 par Xplode
      # Système d'exploitation : Windows 7 Professional Service Pack 1 (32 bits)
      # Nom d'utilisateur : Windows 7 - WINDOWS7-PC
      # Exécuté depuis : C:\Users\Windows 7\Downloads\adwcleaner.exe
      # Option : Nettoyer

      ***** [ Services ] *****


      ***** [ Fichiers / Dossiers ] *****

      Dossier Supprimé : C:\Program Files\MyPC Backup
      Dossier Supprimé : C:\Users\Windows 7\AppData\Roaming\pdfforge
      Fichier Supprimé : C:\Users\Windows 7\AppData\Roaming\Mozilla\Firefox\Profiles\3p6apatm.default-1349992965901\user.js

      ***** [ Raccourcis ] *****


      ***** [ Registre ] *****

      Clé Supprimée : HKLM\SOFTWARE\Classes\speedupmypc
      Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
      Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
      Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
      Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
      Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]
      Clé Supprimée : HKCU\Software\Alexa Internet
      Clé Supprimée : HKCU\Software\distromatic
      Clé Supprimée : HKCU\Software\TutoTag
      Clé Supprimée : HKLM\Software\Tutorials
      Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
      Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
      Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC

      ***** [ Navigateurs ] *****

      -\\ Internet Explorer v11.0.9600.16518


      -\\ Mozilla Firefox v27.0.1 (fr)

      [ Fichier : C:\Users\Windows 7\AppData\Roaming\Mozilla\Firefox\Profiles\3p6apatm.default-1349992965901\prefs.js ]

      Ligne Supprimée : user_pref("extensions.crossrider.bic", "143359c0a1953759dd6f5f64c255a596");

      *************************

      AdwCleaner[R0].txt - [12849 octets] - [27/09/2013 14:19:58]
      AdwCleaner[R1].txt - [2451 octets] - [17/02/2014 14:19:30]
      AdwCleaner[S0].txt - [11671 octets] - [27/09/2013 14:20:32]
      AdwCleaner[S1].txt - [2348 octets] - [17/02/2014 14:20:30]

      ########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2408 octets] ##########
      0
  2. chrissagros42 Messages postés 10 Statut Membre
     
    2 - 1er RAPPORT OTL :

    OTL logfile created on: 17/02/2014 14:53:16 - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Windows 7\Downloads
    Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.11.9600.16518)
    Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    1,68 Gb Total Physical Memory | 0,99 Gb Available Physical Memory | 58,87% Memory free
    3,37 Gb Paging File | 2,38 Gb Available in Paging File | 70,74% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 78,03 Gb Total Space | 18,66 Gb Free Space | 23,92% Space Free | Partition Type: NTFS
    Drive D: | 154,76 Gb Total Space | 127,01 Gb Free Space | 82,07% Space Free | Partition Type: NTFS

    Computer Name: WINDOWS7-PC | User Name: Windows 7 | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    [color=#E56717]========== Processes (SafeList) ==========/color

    PRC - [2014/02/17 14:35:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Windows 7\Downloads\OTL.exe
    PRC - [2014/02/14 12:12:30 | 000,052,568 | ---- | M] () -- C:\Users\Windows 7\AppData\Local\PirritSuggestor\PirritService.exe
    PRC - [2014/02/14 12:12:28 | 000,190,808 | ---- | M] () -- C:\Users\Windows 7\AppData\Local\PirritSuggestor\PirritDesktop.exe
    PRC - [2014/02/14 11:29:08 | 000,059,904 | ---- | M] () -- C:\Program Files\Pirrit\AutoUpdater.exe
    PRC - [2014/01/16 01:40:24 | 000,277,920 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
    PRC - [2013/12/18 19:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    PRC - [2013/10/23 15:01:10 | 000,280,288 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\NisSrv.exe
    PRC - [2013/10/23 15:01:10 | 000,022,208 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
    PRC - [2013/10/23 14:55:28 | 000,948,440 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
    PRC - [2013/06/05 15:36:58 | 000,929,296 | ---- | M] (Research In Motion) -- C:\Program Files\Research In Motion\BlackBerry Link\BlackBerryLink.AutoUpdate.exe
    PRC - [2013/06/05 15:36:58 | 000,777,744 | ---- | M] (Research In Motion) -- C:\Program Files\Research In Motion\BlackBerry Link\BlackBerryLink.Helper.exe
    PRC - [2013/06/04 16:31:06 | 004,273,664 | ---- | M] (Research In Motion Limited) -- C:\Program Files\Common Files\Research in Motion\Tunnel Manager\PeerManager.exe
    PRC - [2013/06/04 16:13:48 | 000,389,632 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe
    PRC - [2013/06/04 16:13:40 | 001,263,616 | ---- | M] (Research In Motion Limited) -- C:\Program Files\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe
    PRC - [2013/04/08 18:44:12 | 001,320,496 | ---- | M] (pdfforge GmbH) -- C:\Program Files\PDF Architect\HelperService.exe
    PRC - [2013/04/08 18:43:36 | 000,799,280 | ---- | M] (pdfforge GmbH) -- C:\Program Files\PDF Architect\ConversionService.exe
    PRC - [2013/03/06 17:25:18 | 000,442,896 | ---- | M] (Research In Motion Limited) -- C:\Program Files\Common Files\Research in Motion\USB Drivers\RIMBBLaunchAgent.exe
    PRC - [2013/03/06 14:24:14 | 000,585,728 | ---- | M] (Research In Motion Limited) -- C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
    PRC - [2012/11/23 03:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
    PRC - [2012/03/06 13:41:36 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    PRC - [2012/03/06 13:41:34 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    PRC - [2012/03/06 13:40:14 | 000,163,608 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    PRC - [2012/02/09 11:22:26 | 003,824,640 | R--- | M] (VIA) -- C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
    PRC - [2012/02/02 21:25:30 | 000,458,464 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe
    PRC - [2011/11/11 14:50:16 | 000,027,760 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\System32\ViakaraokeSrv.exe
    PRC - [2011/06/08 17:15:06 | 001,804,648 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
    PRC - [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

    [color=#E56717]========== Modules (No Company Name) ==========/color

    MOD - [2014/02/14 12:12:28 | 000,190,808 | ---- | M] () -- C:\Users\Windows 7\AppData\Local\PirritSuggestor\PirritDesktop.exe
    MOD - [2014/02/12 19:17:27 | 000,260,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsForm0b574481#\1ab52f8951c2ab97592ec25830dd5165\WindowsFormsIntegration.ni.dll
    MOD - [2014/02/12 19:17:02 | 001,091,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servf73e6522#\0bedc417d3c5dcb1c9a5f15dd733c556\System.ServiceModel.Web.ni.dll
    MOD - [2014/02/12 19:16:57 | 019,693,056 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\24bf0c88c0465485f4b842df043b3f45\System.ServiceModel.ni.dll
    MOD - [2014/02/12 19:16:38 | 002,997,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\1e5e19d119e04b93da3d45153abd60fd\System.IdentityModel.ni.dll
    MOD - [2014/02/12 19:16:05 | 000,190,976 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\75b6a68103e1b76063d9f69b8275ae61\UIAutomationTypes.ni.dll
    MOD - [2014/02/12 19:16:02 | 000,018,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio49d6fefe#\47e7fc401facd4a5d3f2237f16948f36\PresentationFramework-SystemXml.ni.dll
    MOD - [2014/02/12 19:16:01 | 000,025,088 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio84a6349c#\c6ab75afe61e2065e65a2faa795abff9\PresentationFramework-SystemCore.ni.dll
    MOD - [2014/02/12 18:14:38 | 000,660,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\2053b0e14f1e64a5c5d6d1c4d01485a2\System.Transactions.ni.dll
    MOD - [2014/02/12 18:14:37 | 001,889,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\3fe705796c6a41d4889d9001d1c56af8\System.Xaml.ni.dll
    MOD - [2014/02/12 18:14:34 | 018,813,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\a4b45c44490c75bc2fb22780e7ef087d\PresentationFramework.ni.dll
    MOD - [2014/02/12 18:14:27 | 012,894,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\f4f6ee0df2aa4189bf36e6335cb92761\System.Windows.Forms.ni.dll
    MOD - [2014/02/12 18:14:22 | 011,025,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\a74542efbeb46445949a39026c501132\PresentationCore.ni.dll
    MOD - [2014/02/12 18:14:20 | 001,644,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\5cd2aee5e7c07227c694d89219688ab3\System.Drawing.ni.dll
    MOD - [2014/02/12 18:14:19 | 000,806,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\34b53ecafa1d7ccc7ca961d722b5d983\System.ServiceModel.Internals.ni.dll
    MOD - [2014/02/12 18:14:19 | 000,122,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\78652b7fa68ee058bff6a118c657f565\SMDiagnostics.ni.dll
    MOD - [2014/02/12 18:14:18 | 002,825,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f6d7bb59f318c130d68816a89335d05e\System.Runtime.Serialization.ni.dll
    MOD - [2014/02/12 18:14:15 | 003,950,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\acf97bfe2a931d4a47253b26b7218991\WindowsBase.ni.dll
    MOD - [2014/02/12 18:14:14 | 000,470,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\75f8bc4cf08030c4a53b6d5e0ae20046\PresentationFramework.Aero.ni.dll
    MOD - [2014/02/12 18:14:10 | 007,662,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\bada32953bb6b16a53d653eae23d78dc\System.Xml.ni.dll
    MOD - [2014/02/12 18:14:10 | 006,990,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\dce99d8de14d8a015313db98c72552ee\System.Core.ni.dll
    MOD - [2014/02/12 18:14:06 | 000,976,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\bbc48ec4245e502ae19b0601d3799c9e\System.Configuration.ni.dll
    MOD - [2014/02/12 18:14:05 | 010,060,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\ff26cc03e6d57d8abd13b990332e67c6\System.ni.dll
    MOD - [2014/02/12 18:14:00 | 016,953,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ce5f61c5754789df97be8dc991c47d07\mscorlib.ni.dll
    MOD - [2014/01/20 13:17:04 | 000,073,544 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
    MOD - [2014/01/20 13:16:38 | 001,044,808 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
    MOD - [2011/12/06 02:57:28 | 000,080,496 | R--- | M] () -- C:\Program Files\VIA\VIAudioi\VDeck\QsApoApi.dll
    MOD - [2011/12/06 02:57:26 | 000,113,264 | R--- | M] () -- C:\Program Files\VIA\VIAudioi\VDeck\Dts2ApoApi.dll
    MOD - [2011/06/26 11:16:32 | 000,094,208 | ---- | M] () -- C:\Windows\System32\IccLibDll.dll

    [color=#E56717]========== Services (SafeList) ==========/color

    SRV - [2014/02/15 11:22:47 | 000,118,896 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
    SRV - [2014/02/14 12:12:30 | 000,052,568 | ---- | M] () [Auto | Start_Pending] -- C:\Users\Windows 7\AppData\Local\PirritSuggestor\PirritService.exe -- (PirritDesktop)
    SRV - [2014/02/14 11:29:08 | 000,059,904 | ---- | M] () [Auto | Running] -- C:\Program Files\Pirrit\AutoUpdater.exe -- (PirritUpdater)
    SRV - [2014/02/07 22:16:10 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
    SRV - [2014/02/06 10:47:18 | 000,108,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
    SRV - [2014/01/16 01:39:44 | 000,235,696 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe -- (McComponentHostService)
    SRV - [2013/12/18 19:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
    SRV - [2013/10/23 15:01:10 | 000,280,288 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
    SRV - [2013/10/23 15:01:10 | 000,022,208 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
    SRV - [2013/06/04 16:13:48 | 000,389,632 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe -- (RIM MDNS)
    SRV - [2013/06/04 16:13:40 | 001,263,616 | ---- | M] (Research In Motion Limited) [Auto | Running] -- C:\Program Files\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe -- (RIM Tunnel Service)
    SRV - [2013/04/08 18:44:12 | 001,320,496 | ---- | M] (pdfforge GmbH) [Auto | Running] -- C:\Program Files\PDF Architect\HelperService.exe -- (PDF Architect Helper Service)
    SRV - [2013/04/08 18:43:36 | 000,799,280 | ---- | M] (pdfforge GmbH) [Auto | Running] -- C:\Program Files\PDF Architect\ConversionService.exe -- (PDF Architect Service)
    SRV - [2013/03/06 14:24:14 | 000,585,728 | ---- | M] (Research In Motion Limited) [On_Demand | Running] -- C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe -- (BlackBerry Device Manager)
    SRV - [2012/10/10 21:36:34 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
    SRV - [2012/03/19 22:44:18 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IntelCpHeciSvc.exe -- (cphs)
    SRV - [2012/03/06 13:41:36 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
    SRV - [2012/03/06 13:41:34 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
    SRV - [2012/03/06 13:40:14 | 000,163,608 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
    SRV - [2012/02/02 21:25:30 | 000,458,464 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
    SRV - [2011/11/11 14:50:16 | 000,027,760 | ---- | M] (VIA Technologies, Inc.) [Auto | Running] -- C:\Windows\System32\ViakaraokeSrv.exe -- (VIAKaraokeService)
    SRV - [2009/07/14 02:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
    SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
    SRV - [2009/07/14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)

    [color=#E56717]========== Driver Services (SafeList) ==========/color

    DRV - [2013/09/27 09:53:06 | 000,104,768 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
    DRV - [2013/06/04 16:12:32 | 000,014,336 | ---- | M] (Research in Motion Limited) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rimvndis6.sys -- (rimvndis)
    DRV - [2013/02/12 04:32:45 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usb80236.sys -- (usbrndis6)
    DRV - [2011/11/11 14:50:00 | 001,823,344 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\viahduaa.sys -- (VIAHdAudAddService)
    DRV - [2011/11/09 23:52:02 | 000,046,080 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (MEI)
    DRV - [2010/11/20 13:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
    DRV - [2010/11/20 13:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
    DRV - [2010/11/20 13:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
    DRV - [2010/11/20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
    DRV - [2010/11/20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
    DRV - [2010/11/20 10:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
    DRV - [2010/11/20 10:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)

    [color=#E56717]========== Standard Registry (SafeList) ==========/color

    [color=#E56717]========== Internet Explorer ==========/color

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.com/?gws_rd=ssl
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.google.com/?gws_rd=ssl
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl
    IE - HKLM\..\SearchScopes,DefaultScope =
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&FORM=IE8SRC

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.com/?gws_rd=ssl
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page Before = https://www.google.com/?gws_rd=ssl
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Before = https://www.google.com/?gws_rd=ssl
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = https://www.msn.com/fr-fr?ocid=iehp
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 4C 2B F1 E5 0F A7 CD 01 [binary data]
    IE - HKCU\..\SearchScopes,DefaultScope =
    IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&src=IE-SearchBox&FORM=IE11SR
    IE - HKCU\..\SearchScopes\{E9C0E57C-41EA-4214-8AAF-525946D23A08}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3128284
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=http://127.0.0.1:9880

    [color=#E56717]========== FireFox ==========/color

    FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:27.0.1
    FF - user.js - File not found

    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
    FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
    FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
    FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
    FF - HKLM\Software\MozillaPlugins\@rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5: C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\FFPDFArchitectConverter@pdfarchitect.com: C:\Program Files\PDF Architect\FFPDFArchitectExt [2013/12/10 23:31:53 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

    [2012/10/11 23:27:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Windows 7\AppData\Roaming\mozilla\Extensions
    [2014/02/15 11:22:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\browser\extensions
    [2014/02/15 11:22:48 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

    O1 HOSTS File: ([2014/02/15 11:01:02 | 000,008,909 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
    O1 - Hosts: 216.239.32.20 google.com
    O1 - Hosts: 216.239.32.20 google.com www.google.ad
    O1 - Hosts: 216.239.32.20 google.com www.google.ae
    O1 - Hosts: 216.239.32.20 google.com www.google.com.af
    O1 - Hosts: 216.239.32.20 google.com www.google.com.ag
    O1 - Hosts: 216.239.32.20 google.com www.google.com.ai
    O1 - Hosts: 216.239.32.20 google.com www.google.al
    O1 - Hosts: 216.239.32.20 google.com www.google.am
    O1 - Hosts: 216.239.32.20 google.com www.google.co.ao
    O1 - Hosts: 216.239.32.20 google.com www.google.com.ar
    O1 - Hosts: 216.239.32.20 google.com www.google.as
    O1 - Hosts: 216.239.32.20 google.com www.google.at
    O1 - Hosts: 216.239.32.20 google.com www.google.com.au
    O1 - Hosts: 216.239.32.20 google.com www.google.az
    O1 - Hosts: 216.239.32.20 google.com www.google.ba
    O1 - Hosts: 216.239.32.20 google.com www.google.com.bd
    O1 - Hosts: 216.239.32.20 google.com www.google.be
    O1 - Hosts: 216.239.32.20 google.com www.google.bf
    O1 - Hosts: 216.239.32.20 google.com www.google.bg
    O1 - Hosts: 216.239.32.20 google.com www.google.com.bh
    O1 - Hosts: 216.239.32.20 google.com www.google.bi
    O1 - Hosts: 216.239.32.20 google.com www.google.bj
    O1 - Hosts: 216.239.32.20 google.com www.google.com.bn
    O1 - Hosts: 216.239.32.20 google.com www.google.com.bo
    O1 - Hosts: 216.239.32.20 google.com www.google.com.br
    O1 - Hosts: 168 more lines...
    O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
    O2 - BHO: (PDF Architect Helper) - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
    O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
    O4 - HKLM..\Run: [fst_fr_35] File not found
    O4 - HKLM..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
    O4 - HKLM..\Run: [mobilegeni daemon] C:\Program Files\Mobogenie\DaemonProcess.exe File not found
    O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
    O4 - HKLM..\Run: [RIM PeerManager] C:\Program Files\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe (Research In Motion Limited)
    O4 - HKLM..\Run: [RIMBBLaunchAgent.exe] C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
    O4 - HKCU..\Run: [BlackBerryLink.exe] C:\Program Files\Research In Motion\BlackBerry Link\BlackBerryLink.exe (Research In Motion)
    O4 - HKCU..\Run: [HP Deskjet 3050A J611 series (NET)] C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000 File not found
    O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O13 - gopher Prefix: missing
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F4C83F15-4C79-4604-82E8-754796D23956}: DhcpNameServer = 192.168.1.1 192.168.1.1
    O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
    O33 - MountPoints2\{71ecf943-d6c1-11e2-9407-3085a9433504}\Shell - "" = AutoRun
    O33 - MountPoints2\{71ecf943-d6c1-11e2-9407-3085a9433504}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\start.exe
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
    O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

    [color=#E56717]========== Files/Folders - Created Within 30 Days ==========/color

    [2014/02/15 11:22:27 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
    [2014/02/15 11:01:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
    [2014/02/15 11:01:25 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan
    [2014/02/15 11:01:00 | 000,000,000 | ---D | C] -- C:\Users\Windows 7\AppData\Local\PirritSuggestor
    [2014/02/12 18:16:47 | 002,724,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
    [2014/02/12 18:16:47 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
    [2014/02/12 18:16:47 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
    [2014/02/12 18:16:46 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
    [2014/02/12 18:16:46 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
    [2014/02/12 18:16:46 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
    [2014/02/12 18:16:46 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
    [2014/02/12 18:16:46 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
    [2014/02/12 18:16:46 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
    [2014/02/12 18:16:46 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
    [2014/02/12 18:16:45 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
    [2014/02/12 18:16:45 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
    [2014/02/12 18:16:45 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
    [2014/02/12 18:16:45 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
    [2014/02/12 18:16:43 | 001,964,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
    [2014/02/12 18:16:41 | 004,244,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
    [2014/02/12 11:56:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll
    [2014/02/12 11:56:29 | 003,419,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
    [2014/02/12 11:56:29 | 001,987,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
    [2014/02/12 11:56:27 | 000,594,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
    [2014/02/12 11:56:27 | 000,572,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
    [2014/02/12 11:56:27 | 000,510,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
    [2014/02/12 11:56:27 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
    [2014/02/12 11:56:27 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
    [2014/02/12 11:56:26 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
    [2014/02/12 11:56:26 | 000,390,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
    [2014/02/12 11:56:26 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
    [2014/02/12 11:56:26 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
    [2014/01/29 23:00:20 | 000,000,000 | ---D | C] -- C:\Windows\Migration
    [2014/01/23 09:48:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
    [2014/01/23 09:47:25 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
    [2014/01/23 09:47:25 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
    [2014/01/23 09:47:25 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1

    [color=#E56717]========== Files - Modified Within 30 Days ==========/color

    [2014/02/17 14:30:44 | 000,013,984 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2014/02/17 14:30:44 | 000,013,984 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2014/02/17 14:22:43 | 000,073,731 | ---- | M] () -- C:\ads_err.adt
    [2014/02/17 14:22:43 | 000,004,096 | ---- | M] () -- C:\ads_err.adi
    [2014/02/17 14:21:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2014/02/17 14:21:49 | 1355,784,192 | -HS- | M] () -- C:\hiberfil.sys
    [2014/02/17 14:20:00 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\HP Photo Creations Communicator.job
    [2014/02/17 14:16:02 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
    [2014/02/17 14:13:16 | 000,000,206 | ---- | M] () -- C:\Users\Windows 7\Desktop\AIDE COMMENT CA MARCHE.url
    [2014/02/16 22:03:23 | 000,000,164 | ---- | M] () -- C:\Users\Windows 7\Desktop\russe 68.url
    [2014/02/16 21:58:41 | 000,000,152 | ---- | M] () -- C:\Users\Windows 7\Desktop\la montagne et les alpages.url
    [2014/02/16 21:57:17 | 000,000,152 | ---- | M] () -- C:\Users\Windows 7\Desktop\alphabet au point de croix.url
    [2014/02/16 21:37:55 | 000,000,152 | ---- | M] () -- C:\Users\Windows 7\Desktop\si la mer m'était contée.url
    [2014/02/15 11:01:28 | 000,002,012 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
    [2014/02/15 11:01:28 | 000,002,012 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
    [2014/02/15 11:01:02 | 000,008,909 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
    [2014/02/14 07:19:45 | 000,750,174 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
    [2014/02/14 07:19:45 | 000,656,932 | ---- | M] () -- C:\Windows\System32\perfh009.dat
    [2014/02/14 07:19:45 | 000,150,820 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
    [2014/02/14 07:19:45 | 000,122,744 | ---- | M] () -- C:\Windows\System32\perfc009.dat
    [2014/02/10 09:49:27 | 000,000,118 | ---- | M] () -- C:\Users\Windows 7\Desktop\fleur 55555 gallery ru.url
    [2014/02/07 22:16:09 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
    [2014/02/07 22:16:09 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
    [2014/02/06 11:20:26 | 002,724,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
    [2014/02/06 11:19:55 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
    [2014/02/06 11:01:36 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
    [2014/02/06 11:00:46 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
    [2014/02/06 10:52:56 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
    [2014/02/06 10:52:21 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
    [2014/02/06 10:49:22 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
    [2014/02/06 10:47:22 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
    [2014/02/06 10:47:18 | 000,108,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
    [2014/02/06 10:46:27 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
    [2014/02/06 10:34:32 | 000,208,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
    [2014/02/06 10:25:43 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
    [2014/02/06 10:25:36 | 004,244,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
    [2014/02/06 10:13:13 | 000,524,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
    [2014/02/06 10:09:30 | 001,964,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
    [2014/02/06 09:34:31 | 000,703,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
    [2014/02/02 22:43:59 | 000,000,133 | ---- | M] () -- C:\Users\Windows 7\Desktop\nouveau site à voir.url
    [2014/01/23 23:59:36 | 000,293,192 | ---- | M] () -- C:\Users\Windows 7\Documents\bon-reduction-2014b-1.pdf
    [2014/01/23 11:51:22 | 000,000,116 | ---- | M] () -- C:\Users\Windows 7\Desktop\blog du fil.url
    [2014/01/23 09:48:05 | 000,001,753 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
    [2014/01/20 00:00:19 | 000,000,150 | ---- | M] () -- C:\Users\Windows 7\Desktop\free a voir.url
    [2014/01/19 08:32:23 | 000,231,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe

    [color=#E56717]========== Files Created - No Company Name ==========/color

    [2014/02/17 14:12:56 | 000,000,206 | ---- | C] () -- C:\Users\Windows 7\Desktop\AIDE COMMENT CA MARCHE.url
    [2014/02/16 22:03:12 | 000,000,164 | ---- | C] () -- C:\Users\Windows 7\Desktop\russe 68.url
    [2014/02/16 21:58:28 | 000,000,152 | ---- | C] () -- C:\Users\Windows 7\Desktop\la montagne et les alpages.url
    [2014/02/16 21:56:52 | 000,000,152 | ---- | C] () -- C:\Users\Windows 7\Desktop\alphabet au point de croix.url
    [2014/02/16 21:37:39 | 000,000,152 | ---- | C] () -- C:\Users\Windows 7\Desktop\si la mer m'était contée.url
    [2014/02/10 09:49:10 | 000,000,118 | ---- | C] () -- C:\Users\Windows 7\Desktop\fleur 55555 gallery ru.url
    [2014/02/02 22:43:46 | 000,000,133 | ---- | C] () -- C:\Users\Windows 7\Desktop\nouveau site à voir.url
    [2014/01/23 23:59:36 | 000,293,192 | ---- | C] () -- C:\Users\Windows 7\Documents\bon-reduction-2014b-1.pdf
    [2014/01/23 11:51:11 | 000,000,116 | ---- | C] () -- C:\Users\Windows 7\Desktop\blog du fil.url
    [2014/01/23 09:48:05 | 000,001,753 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
    [2014/01/20 00:00:05 | 000,000,150 | ---- | C] () -- C:\Users\Windows 7\Desktop\free a voir.url
    [2013/02/08 09:37:02 | 000,140,584 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
    [2012/10/23 16:45:59 | 000,000,064 | ---- | C] () -- C:\Windows\GPlrLanc.dat
    [2012/10/15 20:31:15 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
    [2012/10/11 21:43:57 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
    [2012/10/10 18:56:11 | 000,015,128 | ---- | C] () -- C:\Windows\System32\drivers\IntelMEFWVer.dll
    [2012/10/10 18:44:09 | 000,094,208 | ---- | C] () -- C:\Windows\System32\IccLibDll.dll
    [2012/10/10 18:44:08 | 000,145,804 | ---- | C] () -- C:\Windows\System32\igcompkrng600.bin
    [2012/10/10 18:41:02 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
    [2012/10/10 18:40:57 | 000,033,999 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
    [2012/03/19 22:26:06 | 000,963,912 | ---- | C] () -- C:\Windows\System32\igkrng600.bin
    [2012/03/19 22:26:06 | 000,261,208 | ---- | C] () -- C:\Windows\System32\igfcg600m.bin
    [2012/03/19 22:25:58 | 000,058,880 | ---- | C] () -- C:\Windows\System32\igdde32.dll
    [2012/03/19 21:21:14 | 013,212,672 | ---- | C] () -- C:\Windows\System32\ig4icd32.dll
    [2012/03/19 21:11:22 | 000,009,216 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
    [2012/03/19 21:09:28 | 000,000,264 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config

    [color=#E56717]========== ZeroAccess Check ==========/color

    [2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shell32.dll -- [2013/07/26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
    "" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Both

    < End of report >
    0
  3. chrissagros42 Messages postés 10 Statut Membre
     
    3 - 2nd rapport OTL :

    OTL Extras logfile created on: 17/02/2014 14:53:16 - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Windows 7\Downloads
    Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.11.9600.16518)
    Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    1,68 Gb Total Physical Memory | 0,99 Gb Available Physical Memory | 58,87% Memory free
    3,37 Gb Paging File | 2,38 Gb Available in Paging File | 70,74% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 78,03 Gb Total Space | 18,66 Gb Free Space | 23,92% Space Free | Partition Type: NTFS
    Drive D: | 154,76 Gb Total Space | 127,01 Gb Free Space | 82,07% Space Free | Partition Type: NTFS

    Computer Name: WINDOWS7-PC | User Name: Windows 7 | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    [color=#E56717]========== Extra Registry (SafeList) ==========[/color]

    [color=#E56717]========== File Associations ==========[/color]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
    .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

    [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
    .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

    [color=#E56717]========== Shell Spawning ==========[/color]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~1\Office12\ONENOTE.EXE "%L"
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    [color=#E56717]========== Security Center Settings ==========[/color]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "VistaSp1" = Reg Error: Unknown registry data type -- File not found
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0

    [color=#E56717]========== Firewall Settings ==========[/color]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    [color=#E56717]========== Authorized Applications List ==========[/color]

    [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{16A3BAEB-22C9-499B-A47F-BB4CDD910BC9}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{1DE20B35-47C7-4AD6-8F6B-A453DF0AFE30}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{2AA734CB-0173-4A76-8A77-0D1B54ADEE51}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{315D8BEE-0644-48EE-9BE0-CF5906FE1B2E}" = lport=138 | protocol=17 | dir=in | app=system |
    "{3F06555C-7C42-449B-9FBF-585486F0FF6B}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{43BB001B-4464-47AD-B1DD-E783680B3E7E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{505F872C-6538-4ECF-A142-4B8382637791}" = lport=10243 | protocol=6 | dir=in | app=system |
    "{736D7F07-1ED5-4A64-A033-F30E4B2110EC}" = rport=10243 | protocol=6 | dir=out | app=system |
    "{7A3E4546-4713-47A6-968B-22F65BAA9535}" = rport=137 | protocol=17 | dir=out | app=system |
    "{7C8F96CD-C0D7-4DC0-94A1-E114EDD9255A}" = lport=445 | protocol=6 | dir=in | app=system |
    "{7D7D576B-2A2C-4D84-9D9D-D27C4ED9E51B}" = rport=138 | protocol=17 | dir=out | app=system |
    "{8361B93B-85CE-4042-9FA6-A7234E51B52E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{846C3303-09A7-412D-8A47-950051DFC521}" = rport=445 | protocol=6 | dir=out | app=system |
    "{9976E4ED-774E-4C2C-8DCD-D62D0A3F7F3C}" = rport=139 | protocol=6 | dir=out | app=system |
    "{A82C871C-2301-4C48-AE54-06753F8CE34E}" = lport=137 | protocol=17 | dir=in | app=system |
    "{AA2CC957-22C2-4F63-865A-EEEAC99B946D}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{C042B1C3-E184-4AEF-BF97-173C2DB82AEA}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
    "{C7397457-8988-4DF7-BEFA-0E38C7F55A81}" = lport=8080 | protocol=6 | dir=in | app=c:\program files\common files\research in motion\nginx\nginx.exe |
    "{CD25CEA0-8056-44F4-8D15-3EB019853798}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
    "{CFFFFC99-5A02-45CA-9713-92F49DBC5A7E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{D7DC704F-147C-4A74-AF07-16B625B3CC85}" = lport=139 | protocol=6 | dir=in | app=system |
    "{DAC55874-2CF7-43B4-AF12-C5A5CD9C071A}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{E29BA24D-723C-47B1-BADB-394FC804C947}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
    "{EF7703D8-66B0-4131-A8C3-70D0F37A4038}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{F62BBDFE-554E-4AC1-9145-8C94CC7172B2}" = lport=2869 | protocol=6 | dir=in | app=system |

    [color=#E56717]========== Vista Active Application Exception List ==========[/color]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{060BE6FF-4167-4160-B29C-4FCEF73EE295}" = protocol=6 | dir=in | svc=* | app=c:\program files\common files\research in motion\tunnel manager\mdnsresponder.exe |
    "{07BBCD5D-6C95-4187-A506-371C2A42CE52}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{125A98C3-FC41-4EFB-B995-D0E425AC6E46}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{157D0F30-181E-4FC3-86B7-3FAB63B81B93}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{1DEC8A86-85E3-4611-A95A-B36F7C18F42D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{1F173298-ADB7-48F9-B563-62FA733CE2D5}" = dir=in | app=c:\program files\hp\hp deskjet 3050a j611 series\bin\hpnetworkcommunicator.exe |
    "{1FC8580D-67D4-4BB6-8035-C5AC859C88FD}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
    "{3092DE4A-4722-4B19-B76E-B98D08A5046F}" = protocol=6 | dir=in | app=c:\program files\common files\research in motion\tunnel manager\peermanager.exe |
    "{34D1D762-B403-4337-9FE7-75DF8BA02DF7}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{367A9E38-1177-4238-8EEB-9A3227A8B767}" = protocol=17 | dir=in | svc=* | app=c:\program files\common files\research in motion\tunnel manager\mdnsresponder.exe |
    "{4C944628-6788-4E7F-8A21-5795B99DED02}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{50914B51-3B5E-4636-A6B0-ED0670B1EF33}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
    "{547819A0-335A-4654-A6A3-343FBD9795E4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{5728A951-87E2-48BE-AD77-87A95AD1039A}" = protocol=6 | dir=out | app=system |
    "{5ECB4F77-4FFD-4588-8930-1099B7395B17}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{61ABE15F-C14F-4715-A28F-B54EA8D75109}" = protocol=17 | dir=in | svc=* | app=c:\program files\common files\research in motion\tunnel manager\tunmgr.exe |
    "{6C712DF7-9ACC-4B0F-8681-19FF24FABF87}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{6EC89DF8-377B-4AB5-99F8-C3DBBF7A90BC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
    "{6FC62029-F038-4C52-B5AC-5BC9E20E86FD}" = protocol=6 | dir=in | app=c:\programdata\esafe\egdpsvc.exe |
    "{7B54DB49-9D5E-4AC1-8F08-52BD2125406B}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
    "{7B9C6DC5-EE23-4655-AFA8-CA98D60BB707}" = protocol=6 | dir=in | svc=* | app=c:\program files\common files\research in motion\tunnel manager\tunmgr.exe |
    "{88F8CB36-0DCD-4E31-A4DD-DDD432727CD0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{89771440-F3DA-4A7F-851D-96042CFF3F3E}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
    "{8AA2ECCD-5448-4774-AEEA-91E8DCE19B9A}" = protocol=6 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe |
    "{944FD12B-79C4-4C9D-86D3-D7BEC918B055}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
    "{974445EE-B3F3-43DA-BAD0-A8ABF9913A54}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{9A5F2B42-C1F8-4AFB-8537-6092B231F6B3}" = protocol=17 | dir=in | app=c:\windows\system32\msiexec.exe |
    "{B781F6ED-69C3-481F-BB3C-34B48C839368}" = protocol=6 | dir=in | app=c:\windows\system32\msiexec.exe |
    "{C3E3E3FE-F473-418C-885F-732B8D57D95E}" = dir=in | app=c:\program files\itunes\itunes.exe |
    "{C81D16CE-05F1-4372-8254-9D847C99029C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
    "{CEA9331E-6F80-4E39-95C4-B10040EAD1CA}" = protocol=17 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe |
    "{D241DF07-87BE-4547-854E-1BB6FD80F260}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{DDD85715-A1B5-4251-9E47-1A074780A1B5}" = dir=in | app=c:\program files\hp\hp deskjet 3050a j611 series\bin\devicesetup.exe |
    "{E52E524D-2960-4397-A91D-885078EF918B}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
    "{FC4545A7-A7B8-4CB2-89DE-584F1DCC09F6}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |

    [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
    "{064A929A-4DE8-40CF-A901-BD40C14E4D25}" = PDF Architect
    "{0CD47142-BA4F-46B0-AA92-2675864928B8}" = Microsoft Security Client
    "{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack
    "{10E3A6DD-84D8-4D8A-BB11-5E5314BCA7FD}" = Apple Mobile Device Support
    "{13F7304A-EF3D-4433-9B3A-85538E158768}" = HP Deskjet 3050A J611 series - Enquête sur l'amélioration du produit
    "{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
    "{43D6C32E-59C4-4E28-89E9-7CB44E8F3C24}" = BlackBerry Link
    "{4903D172-DCCB-392F-93A3-34CA9D47FE3D}" = Microsoft .NET Framework 4.5.1
    "{51A66ED3-200E-4147-8D1E-E8D30936FD26}" = Intel® Trusted Connect Service Client
    "{58CAD08F-CE8A-4397-81A6-8C4FFC871B2A}" = Logiciel de base du périphérique HP Deskjet 3050A J611 series
    "{616445AF-BBCF-41C1-A4D6-8CFF171C182D}" = iTunes
    "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
    "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
    "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
    "{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
    "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
    "{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
    "{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007
    "{90120000-0015-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
    "{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
    "{90120000-0016-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0017-040C-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (French) 2007
    "{90120000-0017-040C-0000-0000000FF1CE}_OMUI.fr-fr_{879D8136-C3A7-4A13-A8F4-309467087372}" = Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)
    "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
    "{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
    "{90120000-0018-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
    "{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007
    "{90120000-0019-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
    "{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007
    "{90120000-001A-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
    "{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
    "{90120000-001B-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
    "{90120000-001F-0401-0000-0000000FF1CE}_OMUI.fr-fr_{3E8EA473-ECCE-405F-A9CA-59446AEADD3A}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
    "{90120000-001F-0407-0000-0000000FF1CE}_OMUI.fr-fr_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
    "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-0409-0000-0000000FF1CE}_OMUI.fr-fr_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
    "{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-040C-0000-0000000FF1CE}_OMUI.fr-fr_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
    "{90120000-001F-0413-0000-0000000FF1CE}_OMUI.fr-fr_{2C95E7EE-FEA7-4B3A-A6E5-DF90A88B816A}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
    "{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-0C0A-0000-0000000FF1CE}_OMUI.fr-fr_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
    "{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
    "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
    "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
    "{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2007
    "{90120000-0044-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
    "{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
    "{90120000-006E-040C-0000-0000000FF1CE}_OMUI.fr-fr_{8283FD64-6A3B-4104-9E12-7CA25EF29A1A}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
    "{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007
    "{90120000-00A1-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
    "{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-00BA-040C-0000-0000000FF1CE}" = Microsoft Office Groove MUI (French) 2007
    "{90120000-00BA-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0100-040C-0000-0000000FF1CE}" = Microsoft Office O MUI (French) 2007
    "{90120000-0100-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0101-040C-0000-0000000FF1CE}" = Microsoft Office X MUI (French) 2007
    "{90120000-0101-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
    "{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
    "{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
    "{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
    "{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
    "{97DDCAB8-B770-4089-A10F-67568069D78A}" = HP Deskjet 3050A J611 series Aide
    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    "{A922C4B7-50E0-4787-A94C-59DBF3C65DBE}" = Apple Application Support
    "{AC76BA86-7AD7-1036-7B44-AA1000000001}" = Adobe Reader X (10.1.9) - Français
    "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
    "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
    "123 Free Solitaire for Children" = 123 Free Solitaire for Children
    "7AFADC17CE5D176C218EB94F26AE53271142A857" = Windows Driver Package - Bose Corporation (usbser) Ports (08/03/2012 1.2.0.0)
    "Adobe Flash Player ActiveX" = Adobe Flash Player 12 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin
    "BlackBerry_10_Desktop" = BlackBerry Link
    "ENTERPRISE" = Microsoft Office Enterprise 2007
    "HP Photo Creations" = HP Photo Creations
    "InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Gestionnaire de périphériques de plate-forme
    "LAME_is1" = LAME v3.99.3 (for Windows)
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
    "McAfee Security Scan" = McAfee Security Scan Plus
    "Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA
    "Microsoft Security Client" = Microsoft Security Essentials
    "Mozilla Firefox 27.0.1 (x86 fr)" = Mozilla Firefox 27.0.1 (x86 fr)
    "MozillaMaintenanceService" = Mozilla Maintenance Service
    "OMUI.fr-fr" = Microsoft Office Language Pack 2007 - French/Français
    "PirritSuggestor_is1" = PirritSuggestor version 1.5
    "ST6UNST #1" = Freecell Collection 7.0
    "ST6UNST #2" = Freecell Collection 7.0 (C:\Program Files\Freecell Collection 7.0\)

    [color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "PhotoFiltre 7" = PhotoFiltre 7

    [color=#E56717]========== Last 20 Event Log Errors ==========[/color]

    [ Application Events ]
    Error - 15/02/2014 07:24:16 | Computer Name = Windows7-PC | Source = SideBySide | ID = 16842785
    Description = La création du contexte d'activation a échoué pour « C:\Program Files\Common
    Files\Research In Motion\AppLoader\MailServerMAPIProxy64.exe ». Assembly dépendant
    Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"
    introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé.

    Error - 16/02/2014 08:05:15 | Computer Name = Windows7-PC | Source = SideBySide | ID = 16842785
    Description = La création du contexte d'activation a échoué pour « C:\Program Files\Common
    Files\Research In Motion\AppLoader\MailServerMAPIProxy64.exe ». Assembly dépendant
    Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"
    introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé.

    Error - 16/02/2014 14:42:00 | Computer Name = Windows7-PC | Source = Application Error | ID = 1000
    Description = Nom de l'application défaillante PirritDesktop.exe, version : 0.0.0.0,
    horodatage : 0x52fdfa1b Nom du module défaillant : QtCore4.dll, version : 4.8.4.0,
    horodatage : 0x50b31871 Code d'exception : 0xc0000005 Décalage d'erreur : 0x0000286f
    ID
    du processus défaillant : 0xb6c Heure de début de l'application défaillante : 0x01cf2af404357855
    Chemin
    d'accès de l'application défaillante : C:\Users\Windows 7\AppData\Local\PirritSuggestor\PirritDesktop.exe
    Chemin
    d'accès du module défaillant: C:\Users\Windows 7\AppData\Local\PirritSuggestor\QtCore4.dll
    ID
    de rapport : 048a0c7c-973a-11e3-bd44-02c028e48501

    Error - 16/02/2014 16:01:37 | Computer Name = Windows7-PC | Source = RIM MDNS | ID = 100
    Description = Task Scheduling Error: Continuously busy for more than a second

    Error - 16/02/2014 16:01:37 | Computer Name = Windows7-PC | Source = RIM MDNS | ID = 100
    Description = Task Scheduling Error: m->NextScheduledEvent 9859

    Error - 16/02/2014 16:01:37 | Computer Name = Windows7-PC | Source = RIM MDNS | ID = 100
    Description = Task Scheduling Error: m->NextScheduledSPRetry 9859

    Error - 16/02/2014 16:01:39 | Computer Name = Windows7-PC | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: Continuously busy for more than a second

    Error - 16/02/2014 16:01:39 | Computer Name = Windows7-PC | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledEvent 9969

    Error - 16/02/2014 16:01:39 | Computer Name = Windows7-PC | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledSPRetry 9969

    Error - 16/02/2014 17:05:51 | Computer Name = Windows7-PC | Source = Application Error | ID = 1000
    Description = Nom de l'application défaillante firefox.exe, version : 27.0.1.5156,
    horodatage : 0x52fc0faa Nom du module défaillant : xul.dll, version : 27.0.1.5156,
    horodatage : 0x52fc0f79 Code d'exception : 0xc0000005 Décalage d'erreur : 0x001560c7
    ID
    du processus défaillant : 0x19d4 Heure de début de l'application défaillante : 0x01cf2b4704101954
    Chemin
    d'accès de l'application défaillante : C:\Program Files\Mozilla Firefox\firefox.exe
    Chemin
    d'accès du module défaillant: C:\Program Files\Mozilla Firefox\xul.dll ID de rapport
    : 1d1899cf-974e-11e3-bd44-02c028e48501

    [ OSession Events ]
    Error - 16/01/2014 07:06:04 | Computer Name = Windows7-PC | Source = Microsoft Office 12 Sessions | ID = 7001
    Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
    12.0.6690.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 5786
    seconds with 0 seconds of active time. This session ended with a crash.

    [ System Events ]
    Error - 15/02/2014 06:00:55 | Computer Name = Windows7-PC | Source = Service Control Manager | ID = 7034
    Description = Le service PirritUpdater s'est terminé de façon inattendue pour la
    1ème fois.

    Error - 15/02/2014 06:00:56 | Computer Name = Windows7-PC | Source = Service Control Manager | ID = 7030
    Description = Le service PirritUpdater est marqué comme étant interactif. Cependant,
    le système est configuré pour ne pas autoriser les services interactifs. Ce service
    peut ne pas fonctionner correctement.

    Error - 15/02/2014 06:01:02 | Computer Name = Windows7-PC | Source = Service Control Manager | ID = 7030
    Description = Le service PirritDesktop est marqué comme étant interactif. Cependant,
    le système est configuré pour ne pas autoriser les services interactifs. Ce service
    peut ne pas fonctionner correctement.

    Error - 15/02/2014 09:26:37 | Computer Name = Windows7-PC | Source = Server | ID = 2505
    Description = Le serveur n'a pas pu se lier au transport \Device\NetBT_Tcpip_{F4C83F15-4C79-4604-82E8-754796D23956}
    car un autre ordinateur du réseau porte le même nom. Le serveur n'a pas pu démarrer.

    Error - 16/02/2014 04:49:33 | Computer Name = Windows7-PC | Source = Service Control Manager | ID = 7022
    Description = Le service PirritDesktop est en attente de démarrage.

    Error - 16/02/2014 04:49:33 | Computer Name = Windows7-PC | Source = Service Control Manager | ID = 7022
    Description = Le service PirritUpdater est en attente de démarrage.

    Error - 17/02/2014 03:02:39 | Computer Name = Windows7-PC | Source = Service Control Manager | ID = 7022
    Description = Le service PirritDesktop est en attente de démarrage.

    Error - 17/02/2014 03:02:40 | Computer Name = Windows7-PC | Source = Service Control Manager | ID = 7022
    Description = Le service PirritUpdater est en attente de démarrage.

    Error - 17/02/2014 09:23:39 | Computer Name = Windows7-PC | Source = Service Control Manager | ID = 7022
    Description = Le service PirritDesktop est en attente de démarrage.

    Error - 17/02/2014 09:23:39 | Computer Name = Windows7-PC | Source = Service Control Manager | ID = 7022
    Description = Le service PirritUpdater est en attente de démarrage.

    < End of report >
    0
  4. chrissagros42 Messages postés 10 Statut Membre
     
    Merci de tout ce que tu peux faire pour moi, car il me semble que cela empire ! Je ne peux plus ouvrir un site sans être infestée de nouvelles fenêtres...
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. Malekal_morte- Messages postés 178136 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   24 712
     
    par pjjoint le rapport OTL.
    0
  7. Malekal_morte- Messages postés 178136 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   24 712
     
    Désinstalle McAfee Security Scan, sert à rien.

    Relance OTL.
    o sous Personnalisation (Custom Scan), copie_colle le contenu du cadre ci dessous (bien prendre :OTL en début).
    Clic Correction (Fix), un rapport apparraitra, copie/colle le contenu ici:

    :OTL
    SRV - [2014/02/14 12:12:30 | 000,052,568 | ---- | M] () [Auto | Start_Pending] -- C:\Users\Windows 7\AppData\Local\PirritSuggestor\PirritService.exe -- (PirritDesktop)
    SRV - [2014/02/14 11:29:08 | 000,059,904 | ---- | M] () [Auto | Running] -- C:\Program Files\Pirrit\AutoUpdater.exe -- (PirritUpdater)
    [2014/02/15 11:01:00 | 000,000,000 | ---D | C] -- C:\Users\Windows 7\AppData\Local\PirritSuggestor
    :Commands
    [resethosts]
    [reboot]

    * poste le rapport ici

    Like the angel you are, you laugh creating a lightness in my chest,
    Your eyes they penetrate me,
    (Your answer's always 'maybe')
    That's when I got up and left
    0
    1. chrissagros42 Messages postés 10 Statut Membre
       
      J'ai relancé OTL en copiant le texte que tu m'as indiqué. On m'a demande de fermer mes appli et tout s'est fermé et rallumé : pas de rapport pour autant (même pas dans téléchargement ) et je ne peux plus ouvrir notre discussion sur comment ça marche (là je suis sur mon iPhone. Message quand j'ouvre Firefox : la connexion à été refusée par le serveur proxy...
      Que dois-je faire ?
      Merci pour la suite !
      0
    2. chrissagros42 Messages postés 10 Statut Membre
       
      ok ! Merci... je suis à nouveau sur le PC

      dois-je relancer OTL ?
      0
  8. Malekal_morte- Messages postés 178136 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   24 712
     
    non regarde si les pubs s'arretent :)
    0
  9. chrissagros42 Messages postés 10 Statut Membre
     
    A priori les publicités n'apparaissent plus, ni les mots double soulignés dans les textes que je visite ou que je reçois...

    Merci infiniment de ton aide !

    Une dernière question : que dois-je mettre comme protection ? anti virus, et autres ?
    0
  10. Malekal_morte- Messages postés 178136 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   24 712
     
    :)

    Installe Malwarebyte's Anti-Malware : https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
    Fais des scans réguliers avec, il est efficace.

    Pour ne plus te faire avoir.
    A lire - Programmes parasites / PUPs : https://www.malekal.com/adwares-pup-protection/

    0
    1. chrissagros42 Messages postés 10 Statut Membre
       
      Merci beaucoup pour ton aide et pour ces indications! C'est effarant ce qu'on peut être vite infesté.
      Votre forum est vraiment formidable.
      À bientôt !0
      0