PirritSuggestor : popup publicitaires sur FirefoxRésolu/Fermé

Question

Bonjour, 
Depuis quelques jours, j'ai des fenêtres publicitaires qui s'ouvrent en grand nombre quand je vais sur internet (sous Firefox) et de plus sur les sites où je vais, quels qu'ils soient, j'ai des mots double-soulignés qui me renvoient encore une fois à des encarts publicitaires.
J'ai lancé Malwarebytes mais il n'a rien trouvé...
Quelqu'un pourrait-il m'aider à me débarrasser de cette saleté ?
Merci d'avance...

Configuration: Windows 7 / Firefox 27.0

Malekal_morte- · Answer

Salut,

Tu as installé des adwares et programmes parasites sur ton PC.
Voici la procédure Ã  suivre pour les supprimer :


Un nettoyage AdwCleaner (environ 10/15min) : 
======================================
Suis ce tutorial https://www.malekal.com/adwcleaner-supprimer-virus-adwares-pup/?t=33839&start= AdwCleaner ( d'Xplode ) sur ton bureau. 
Vas sur le lien, télécharge AdwCleaner comme indiqué.
Lance AdwCleaner, clique sur [Scanner]. 
Le scan peux durer plusieurs minutes, patienter. 
Une fois le scan terminé, clique sur [Nettoyer] 

Une fois le nettoyage terminé, un rapport s'ouvrira. Copie/colle le contenu du rapport dans ta prochaine réponse par un copier/coller. 
Si cela ne fonctionne pas, utilise le site http://pjjoint.malekal.com pour héberger le rapport, donne le lien du rapport dans un nouveau message. 

Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt


puis réinitialise tes navigateurs (5min):
==================================
Réinitialise tes navigateurs  :
* Firefox : https://www.malekal.com/reparer-firefox/?t=36057&start=
* Google Chrome : https://www.malekal.com/reparer-google-chrome/?t=35837&start=


Faire un Scan OTL - Temps : Environ 40min
=============================================
OTL permet de diagnostiquer les programmes qui tournent et déceler des infections - Le programme va générer deux rapports OTL.txt et Extras.txt 
Fournir les deux rapports :

Tu peux suivre les indications de cette page pour t'aider : https://www.malekal.com/tutorial-otl/    

* Télécharge http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/ sur ton bureau.    
(Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)    

Dans le cas d'Avast!, ne pas lancer le programme dans la Sandbox (voir lien d'aide ci-dessus).

* Lance OTL    
* En haut Ã  droite de Analyse rapide, coche "tous les utilisateurs"
* Clique sur le bouton Analyse.

**** Si durant le scan - OTL ne répond pas, ne touche Ã  rien et laisse le scan se poursuivre ****

* Quand le scan est fini, utilise le site http://pjjoint.malekal.com/ pour envoyer le rapport OTL.txt (et Extra.txt si présent).
Donne le ou les liens pjjoint qui pointent vers ces rapports ici dans une réponse.
Je répète : donne le lien du rapport pjjoint ici en réponse.

NE PAS COPIER/COLLER LE RAPPORT ICI - DONNER LE LIEN PJJOINT DANS UN NOUVEAU MESSAGE

chrissagros42 · Answer

2 - 1er RAPPORT OTL : OTL logfile created on: 17/02/2014 14:53:16 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Windows 7\Downloads Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.16518) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 1,68 Gb Total Physical Memory | 0,99 Gb Available Physical Memory | 58,87% Memory free 3,37 Gb Paging File | 2,38 Gb Available in Paging File | 70,74% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 78,03 Gb Total Space | 18,66 Gb Free Space | 23,92% Space Free | Partition Type: NTFS Drive D: | 154,76 Gb Total Space | 127,01 Gb Free Space | 82,07% Space Free | Partition Type: NTFS Computer Name: WINDOWS7-PC | User Name: Windows 7 | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========/color PRC - [2014/02/17 14:35:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Windows 7\Downloads\OTL.exe PRC - [2014/02/14 12:12:30 | 000,052,568 | ---- | M] () -- C:\Users\Windows 7\AppData\Local\PirritSuggestor\PirritService.exe PRC - [2014/02/14 12:12:28 | 000,190,808 | ---- | M] () -- C:\Users\Windows 7\AppData\Local\PirritSuggestor\PirritDesktop.exe PRC - [2014/02/14 11:29:08 | 000,059,904 | ---- | M] () -- C:\Program Files\Pirrit\AutoUpdater.exe PRC - [2014/01/16 01:40:24 | 000,277,920 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe PRC - [2013/12/18 19:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2013/10/23 15:01:10 | 000,280,288 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\NisSrv.exe PRC - [2013/10/23 15:01:10 | 000,022,208 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe PRC - [2013/10/23 14:55:28 | 000,948,440 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe PRC - [2013/06/05 15:36:58 | 000,929,296 | ---- | M] (Research In Motion) -- C:\Program Files\Research In Motion\BlackBerry Link\BlackBerryLink.AutoUpdate.exe PRC - [2013/06/05 15:36:58 | 000,777,744 | ---- | M] (Research In Motion) -- C:\Program Files\Research In Motion\BlackBerry Link\BlackBerryLink.Helper.exe PRC - [2013/06/04 16:31:06 | 004,273,664 | ---- | M] (Research In Motion Limited) -- C:\Program Files\Common Files\Research in Motion\Tunnel Manager\PeerManager.exe PRC - [2013/06/04 16:13:48 | 000,389,632 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe PRC - [2013/06/04 16:13:40 | 001,263,616 | ---- | M] (Research In Motion Limited) -- C:\Program Files\Common Files\Research In Motion\Tunnel Manager unmgr.exe PRC - [2013/04/08 18:44:12 | 001,320,496 | ---- | M] (pdfforge GmbH) -- C:\Program Files\PDF Architect\HelperService.exe PRC - [2013/04/08 18:43:36 | 000,799,280 | ---- | M] (pdfforge GmbH) -- C:\Program Files\PDF Architect\ConversionService.exe PRC - [2013/03/06 17:25:18 | 000,442,896 | ---- | M] (Research In Motion Limited) -- C:\Program Files\Common Files\Research in Motion\USB Drivers\RIMBBLaunchAgent.exe PRC - [2013/03/06 14:24:14 | 000,585,728 | ---- | M] (Research In Motion Limited) -- C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe PRC - [2012/11/23 03:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32 askhost.exe PRC - [2012/03/06 13:41:36 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2012/03/06 13:41:34 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2012/03/06 13:40:14 | 000,163,608 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe PRC - [2012/02/09 11:22:26 | 003,824,640 | R--- | M] (VIA) -- C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe PRC - [2012/02/02 21:25:30 | 000,458,464 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe PRC - [2011/11/11 14:50:16 | 000,027,760 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\System32\ViakaraokeSrv.exe PRC - [2011/06/08 17:15:06 | 001,804,648 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe PRC - [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe [color=#E56717]========== Modules (No Company Name) ==========/color MOD - [2014/02/14 12:12:28 | 000,190,808 | ---- | M] () -- C:\Users\Windows 7\AppData\Local\PirritSuggestor\PirritDesktop.exe MOD - [2014/02/12 19:17:27 | 000,260,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsForm0b574481#\1ab52f8951c2ab97592ec25830dd5165\WindowsFormsIntegration.ni.dll MOD - [2014/02/12 19:17:02 | 001,091,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servf73e6522#\0bedc417d3c5dcb1c9a5f15dd733c556\System.ServiceModel.Web.ni.dll MOD - [2014/02/12 19:16:57 | 019,693,056 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\24bf0c88c0465485f4b842df043b3f45\System.ServiceModel.ni.dll MOD - [2014/02/12 19:16:38 | 002,997,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\1e5e19d119e04b93da3d45153abd60fd\System.IdentityModel.ni.dll MOD - [2014/02/12 19:16:05 | 000,190,976 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\75b6a68103e1b76063d9f69b8275ae61\UIAutomationTypes.ni.dll MOD - [2014/02/12 19:16:02 | 000,018,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio49d6fefe#\47e7fc401facd4a5d3f2237f16948f36\PresentationFramework-SystemXml.ni.dll MOD - [2014/02/12 19:16:01 | 000,025,088 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio84a6349c#\c6ab75afe61e2065e65a2faa795abff9\PresentationFramework-SystemCore.ni.dll MOD - [2014/02/12 18:14:38 | 000,660,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\2053b0e14f1e64a5c5d6d1c4d01485a2\System.Transactions.ni.dll MOD - [2014/02/12 18:14:37 | 001,889,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\3fe705796c6a41d4889d9001d1c56af8\System.Xaml.ni.dll MOD - [2014/02/12 18:14:34 | 018,813,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\a4b45c44490c75bc2fb22780e7ef087d\PresentationFramework.ni.dll MOD - [2014/02/12 18:14:27 | 012,894,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\f4f6ee0df2aa4189bf36e6335cb92761\System.Windows.Forms.ni.dll MOD - [2014/02/12 18:14:22 | 011,025,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\a74542efbeb46445949a39026c501132\PresentationCore.ni.dll MOD - [2014/02/12 18:14:20 | 001,644,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\5cd2aee5e7c07227c694d89219688ab3\System.Drawing.ni.dll MOD - [2014/02/12 18:14:19 | 000,806,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\34b53ecafa1d7ccc7ca961d722b5d983\System.ServiceModel.Internals.ni.dll MOD - [2014/02/12 18:14:19 | 000,122,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\78652b7fa68ee058bff6a118c657f565\SMDiagnostics.ni.dll MOD - [2014/02/12 18:14:18 | 002,825,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f6d7bb59f318c130d68816a89335d05e\System.Runtime.Serialization.ni.dll MOD - [2014/02/12 18:14:15 | 003,950,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\acf97bfe2a931d4a47253b26b7218991\WindowsBase.ni.dll MOD - [2014/02/12 18:14:14 | 000,470,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\75f8bc4cf08030c4a53b6d5e0ae20046\PresentationFramework.Aero.ni.dll MOD - [2014/02/12 18:14:10 | 007,662,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\bada32953bb6b16a53d653eae23d78dc\System.Xml.ni.dll MOD - [2014/02/12 18:14:10 | 006,990,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\dce99d8de14d8a015313db98c72552ee\System.Core.ni.dll MOD - [2014/02/12 18:14:06 | 000,976,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\bbc48ec4245e502ae19b0601d3799c9e\System.Configuration.ni.dll MOD - [2014/02/12 18:14:05 | 010,060,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\ff26cc03e6d57d8abd13b990332e67c6\System.ni.dll MOD - [2014/02/12 18:14:00 | 016,953,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ce5f61c5754789df97be8dc991c47d07\mscorlib.ni.dll MOD - [2014/01/20 13:17:04 | 000,073,544 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2014/01/20 13:16:38 | 001,044,808 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2011/12/06 02:57:28 | 000,080,496 | R--- | M] () -- C:\Program Files\VIA\VIAudioi\VDeck\QsApoApi.dll MOD - [2011/12/06 02:57:26 | 000,113,264 | R--- | M] () -- C:\Program Files\VIA\VIAudioi\VDeck\Dts2ApoApi.dll MOD - [2011/06/26 11:16:32 | 000,094,208 | ---- | M] () -- C:\Windows\System32\IccLibDll.dll [color=#E56717]========== Services (SafeList) ==========/color SRV - [2014/02/15 11:22:47 | 000,118,896 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2014/02/14 12:12:30 | 000,052,568 | ---- | M] () [Auto | Start_Pending] -- C:\Users\Windows 7\AppData\Local\PirritSuggestor\PirritService.exe -- (PirritDesktop) SRV - [2014/02/14 11:29:08 | 000,059,904 | ---- | M] () [Auto | Running] -- C:\Program Files\Pirrit\AutoUpdater.exe -- (PirritUpdater) SRV - [2014/02/07 22:16:10 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2014/02/06 10:47:18 | 000,108,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService) SRV - [2014/01/16 01:39:44 | 000,235,696 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe -- (McComponentHostService) SRV - [2013/12/18 19:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2013/10/23 15:01:10 | 000,280,288 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv) SRV - [2013/10/23 15:01:10 | 000,022,208 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc) SRV - [2013/06/04 16:13:48 | 000,389,632 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe -- (RIM MDNS) SRV - [2013/06/04 16:13:40 | 001,263,616 | ---- | M] (Research In Motion Limited) [Auto | Running] -- C:\Program Files\Common Files\Research In Motion\Tunnel Manager unmgr.exe -- (RIM Tunnel Service) SRV - [2013/04/08 18:44:12 | 001,320,496 | ---- | M] (pdfforge GmbH) [Auto | Running] -- C:\Program Files\PDF Architect\HelperService.exe -- (PDF Architect Helper Service) SRV - [2013/04/08 18:43:36 | 000,799,280 | ---- | M] (pdfforge GmbH) [Auto | Running] -- C:\Program Files\PDF Architect\ConversionService.exe -- (PDF Architect Service) SRV - [2013/03/06 14:24:14 | 000,585,728 | ---- | M] (Research In Motion Limited) [On_Demand | Running] -- C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe -- (BlackBerry Device Manager) SRV - [2012/10/10 21:36:34 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) SRV - [2012/03/19 22:44:18 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IntelCpHeciSvc.exe -- (cphs) SRV - [2012/03/06 13:41:36 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2012/03/06 13:41:34 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2012/03/06 13:40:14 | 000,163,608 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service) SRV - [2012/02/02 21:25:30 | 000,458,464 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R) SRV - [2011/11/11 14:50:16 | 000,027,760 | ---- | M] (VIA Technologies, Inc.) [Auto | Running] -- C:\Windows\System32\ViakaraokeSrv.exe -- (VIAKaraokeService) SRV - [2009/07/14 02:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc) SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009/07/14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) [color=#E56717]========== Driver Services (SafeList) ==========/color DRV - [2013/09/27 09:53:06 | 000,104,768 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv) DRV - [2013/06/04 16:12:32 | 000,014,336 | ---- | M] (Research in Motion Limited) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers imvndis6.sys -- (rimvndis) DRV - [2013/02/12 04:32:45 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usb80236.sys -- (usbrndis6) DRV - [2011/11/11 14:50:00 | 001,823,344 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\viahduaa.sys -- (VIAHdAudAddService) DRV - [2011/11/09 23:52:02 | 000,046,080 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (MEI) DRV - [2010/11/20 13:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus) DRV - [2010/11/20 13:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt) DRV - [2010/11/20 13:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc) DRV - [2010/11/20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2010/11/20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2010/11/20 10:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID) DRV - [2010/11/20 10:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap) [color=#E56717]========== Standard Registry (SafeList) ==========/color [color=#E56717]========== Internet Explorer ==========/color IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.com/?gws_rd=ssl IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.google.com/?gws_rd=ssl IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.com/?gws_rd=ssl IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page Before = https://www.google.com/?gws_rd=ssl IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Before = https://www.google.com/?gws_rd=ssl IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = https://www.msn.com/fr-fr?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 4C 2B F1 E5 0F A7 CD 01 [binary data] IE - HKCU\..\SearchScopes,DefaultScope = IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&src=IE-SearchBox&FORM=IE11SR IE - HKCU\..\SearchScopes\{E9C0E57C-41EA-4214-8AAF-525946D23A08}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3128284 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=http://127.0.0.1:9880 [color=#E56717]========== FireFox ==========/color FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:27.0.1 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins pitunes.dll () FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files\Intel\Intel(R) Management Engine Components\IPT pIntelWebAPIIPT.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files\Intel\Intel(R) Management Engine Components\IPT pIntelWebAPIUpdater.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.8.141 pMcAfeeMss.dll (McAfee, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll () FF - HKLM\Software\MozillaPlugins\@rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5: C:\ProgramData\Visan\plugins pRLSecurePluginLayer.dll (RocketLife, LLP) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR ppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\FFPDFArchitectConverter@pdfarchitect.com: C:\Program Files\PDF Architect\FFPDFArchitectExt [2013/12/10 23:31:53 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\Components: C:\Program Files\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/10/11 23:27:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Windows 7\AppData\Roaming\mozilla\Extensions [2014/02/15 11:22:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\browser\extensions [2014/02/15 11:22:48 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} O1 HOSTS File: ([2014/02/15 11:01:02 | 000,008,909 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 216.239.32.20 google.com O1 - Hosts: 216.239.32.20 google.com www.google.ad O1 - Hosts: 216.239.32.20 google.com www.google.ae O1 - Hosts: 216.239.32.20 google.com www.google.com.af O1 - Hosts: 216.239.32.20 google.com www.google.com.ag O1 - Hosts: 216.239.32.20 google.com www.google.com.ai O1 - Hosts: 216.239.32.20 google.com www.google.al O1 - Hosts: 216.239.32.20 google.com www.google.am O1 - Hosts: 216.239.32.20 google.com www.google.co.ao O1 - Hosts: 216.239.32.20 google.com www.google.com.ar O1 - Hosts: 216.239.32.20 google.com www.google.as O1 - Hosts: 216.239.32.20 google.com www.google.at O1 - Hosts: 216.239.32.20 google.com www.google.com.au O1 - Hosts: 216.239.32.20 google.com www.google.az O1 - Hosts: 216.239.32.20 google.com www.google.ba O1 - Hosts: 216.239.32.20 google.com www.google.com.bd O1 - Hosts: 216.239.32.20 google.com www.google.be O1 - Hosts: 216.239.32.20 google.com www.google.bf O1 - Hosts: 216.239.32.20 google.com www.google.bg O1 - Hosts: 216.239.32.20 google.com www.google.com.bh O1 - Hosts: 216.239.32.20 google.com www.google.bi O1 - Hosts: 216.239.32.20 google.com www.google.bj O1 - Hosts: 216.239.32.20 google.com www.google.com.bn O1 - Hosts: 216.239.32.20 google.com www.google.com.bo O1 - Hosts: 216.239.32.20 google.com www.google.com.br O1 - Hosts: 168 more lines... O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.) O2 - BHO: (PDF Architect Helper) - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll (pdfforge GmbH) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [fst_fr_35] File not found O4 - HKLM..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe (VIA) O4 - HKLM..\Run: [mobilegeni daemon] C:\Program Files\Mobogenie\DaemonProcess.exe File not found O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4 - HKLM..\Run: [RIM PeerManager] C:\Program Files\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe (Research In Motion Limited) O4 - HKLM..\Run: [RIMBBLaunchAgent.exe] C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited) O4 - HKCU..\Run: [BlackBerryLink.exe] C:\Program Files\Research In Motion\BlackBerry Link\BlackBerryLink.exe (Research In Motion) O4 - HKCU..\Run: [HP Deskjet 3050A J611 series (NET)] C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000 File not found O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F4C83F15-4C79-4604-82E8-754796D23956}: DhcpNameServer = 192.168.1.1 192.168.1.1 O18 - Protocol\Filter ext/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{71ecf943-d6c1-11e2-9407-3085a9433504}\Shell - "" = AutoRun O33 - MountPoints2\{71ecf943-d6c1-11e2-9407-3085a9433504}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\start.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========/color [2014/02/15 11:22:27 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2014/02/15 11:01:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus [2014/02/15 11:01:25 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan [2014/02/15 11:01:00 | 000,000,000 | ---D | C] -- C:\Users\Windows 7\AppData\Local\PirritSuggestor [2014/02/12 18:16:47 | 002,724,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2014/02/12 18:16:47 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2014/02/12 18:16:47 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2014/02/12 18:16:46 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll [2014/02/12 18:16:46 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2014/02/12 18:16:46 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2014/02/12 18:16:46 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll [2014/02/12 18:16:46 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2014/02/12 18:16:46 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2014/02/12 18:16:46 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll [2014/02/12 18:16:45 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll [2014/02/12 18:16:45 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll [2014/02/12 18:16:45 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2014/02/12 18:16:45 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe [2014/02/12 18:16:43 | 001,964,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2014/02/12 18:16:41 | 004,244,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2014/02/12 11:56:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll [2014/02/12 11:56:29 | 003,419,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll [2014/02/12 11:56:29 | 001,987,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll [2014/02/12 11:56:27 | 000,594,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe [2014/02/12 11:56:27 | 000,572,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe [2014/02/12 11:56:27 | 000,510,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe [2014/02/12 11:56:27 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe [2014/02/12 11:56:27 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll [2014/02/12 11:56:26 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll [2014/02/12 11:56:26 | 000,390,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll [2014/02/12 11:56:26 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll [2014/02/12 11:56:26 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll [2014/01/29 23:00:20 | 000,000,000 | ---D | C] -- C:\Windows\Migration [2014/01/23 09:48:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2014/01/23 09:47:25 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2014/01/23 09:47:25 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2014/01/23 09:47:25 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1 [color=#E56717]========== Files - Modified Within 30 Days ==========/color [2014/02/17 14:30:44 | 000,013,984 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2014/02/17 14:30:44 | 000,013,984 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2014/02/17 14:22:43 | 000,073,731 | ---- | M] () -- C:\ads_err.adt [2014/02/17 14:22:43 | 000,004,096 | ---- | M] () -- C:\ads_err.adi [2014/02/17 14:21:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2014/02/17 14:21:49 | 1355,784,192 | -HS- | M] () -- C:\hiberfil.sys [2014/02/17 14:20:00 | 000,000,346 | ---- | M] () -- C:\Windows asks\HP Photo Creations Communicator.job [2014/02/17 14:16:02 | 000,001,002 | ---- | M] () -- C:\Windows asks\Adobe Flash Player Updater.job [2014/02/17 14:13:16 | 000,000,206 | ---- | M] () -- C:\Users\Windows 7\Desktop\AIDE COMMENT CA MARCHE.url [2014/02/16 22:03:23 | 000,000,164 | ---- | M] () -- C:\Users\Windows 7\Desktop usse 68.url [2014/02/16 21:58:41 | 000,000,152 | ---- | M] () -- C:\Users\Windows 7\Desktop\la montagne et les alpages.url [2014/02/16 21:57:17 | 000,000,152 | ---- | M] () -- C:\Users\Windows 7\Desktop\alphabet au point de croix.url [2014/02/16 21:37:55 | 000,000,152 | ---- | M] () -- C:\Users\Windows 7\Desktop\si la mer m'était contée.url [2014/02/15 11:01:28 | 000,002,012 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk [2014/02/15 11:01:28 | 000,002,012 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2014/02/15 11:01:02 | 000,008,909 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts [2014/02/14 07:19:45 | 000,750,174 | ---- | M] () -- C:\Windows\System32\perfh00C.dat [2014/02/14 07:19:45 | 000,656,932 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2014/02/14 07:19:45 | 000,150,820 | ---- | M] () -- C:\Windows\System32\perfc00C.dat [2014/02/14 07:19:45 | 000,122,744 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2014/02/10 09:49:27 | 000,000,118 | ---- | M] () -- C:\Users\Windows 7\Desktop\fleur 55555 gallery ru.url [2014/02/07 22:16:09 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2014/02/07 22:16:09 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2014/02/06 11:20:26 | 002,724,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2014/02/06 11:19:55 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll [2014/02/06 11:01:36 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2014/02/06 11:00:46 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll [2014/02/06 10:52:56 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2014/02/06 10:52:21 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2014/02/06 10:49:22 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2014/02/06 10:47:22 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2014/02/06 10:47:18 | 000,108,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe [2014/02/06 10:46:27 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll [2014/02/06 10:34:32 | 000,208,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2014/02/06 10:25:43 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll [2014/02/06 10:25:36 | 004,244,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2014/02/06 10:13:13 | 000,524,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2014/02/06 10:09:30 | 001,964,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2014/02/06 09:34:31 | 000,703,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll [2014/02/02 22:43:59 | 000,000,133 | ---- | M] () -- C:\Users\Windows 7\Desktop ouveau site à voir.url [2014/01/23 23:59:36 | 000,293,192 | ---- | M] () -- C:\Users\Windows 7\Documents\bon-reduction-2014b-1.pdf [2014/01/23 11:51:22 | 000,000,116 | ---- | M] () -- C:\Users\Windows 7\Desktop\blog du fil.url [2014/01/23 09:48:05 | 000,001,753 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2014/01/20 00:00:19 | 000,000,150 | ---- | M] () -- C:\Users\Windows 7\Desktop\free a voir.url [2014/01/19 08:32:23 | 000,231,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe [color=#E56717]========== Files Created - No Company Name ==========/color [2014/02/17 14:12:56 | 000,000,206 | ---- | C] () -- C:\Users\Windows 7\Desktop\AIDE COMMENT CA MARCHE.url [2014/02/16 22:03:12 | 000,000,164 | ---- | C] () -- C:\Users\Windows 7\Desktop usse 68.url [2014/02/16 21:58:28 | 000,000,152 | ---- | C] () -- C:\Users\Windows 7\Desktop\la montagne et les alpages.url [2014/02/16 21:56:52 | 000,000,152 | ---- | C] () -- C:\Users\Windows 7\Desktop\alphabet au point de croix.url [2014/02/16 21:37:39 | 000,000,152 | ---- | C] () -- C:\Users\Windows 7\Desktop\si la mer m'était contée.url [2014/02/10 09:49:10 | 000,000,118 | ---- | C] () -- C:\Users\Windows 7\Desktop\fleur 55555 gallery ru.url [2014/02/02 22:43:46 | 000,000,133 | ---- | C] () -- C:\Users\Windows 7\Desktop ouveau site à voir.url [2014/01/23 23:59:36 | 000,293,192 | ---- | C] () -- C:\Users\Windows 7\Documents\bon-reduction-2014b-1.pdf [2014/01/23 11:51:11 | 000,000,116 | ---- | C] () -- C:\Users\Windows 7\Desktop\blog du fil.url [2014/01/23 09:48:05 | 000,001,753 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2014/01/20 00:00:05 | 000,000,150 | ---- | C] () -- C:\Users\Windows 7\Desktop\free a voir.url [2013/02/08 09:37:02 | 000,140,584 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat [2012/10/23 16:45:59 | 000,000,064 | ---- | C] () -- C:\Windows\GPlrLanc.dat [2012/10/15 20:31:15 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe [2012/10/11 21:43:57 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini [2012/10/10 18:56:11 | 000,015,128 | ---- | C] () -- C:\Windows\System32\drivers\IntelMEFWVer.dll [2012/10/10 18:44:09 | 000,094,208 | ---- | C] () -- C:\Windows\System32\IccLibDll.dll [2012/10/10 18:44:08 | 000,145,804 | ---- | C] () -- C:\Windows\System32\igcompkrng600.bin [2012/10/10 18:41:02 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini [2012/10/10 18:40:57 | 000,033,999 | ---- | C] () -- C:\Windows\Ascd_tmp.ini [2012/03/19 22:26:06 | 000,963,912 | ---- | C] () -- C:\Windows\System32\igkrng600.bin [2012/03/19 22:26:06 | 000,261,208 | ---- | C] () -- C:\Windows\System32\igfcg600m.bin [2012/03/19 22:25:58 | 000,058,880 | ---- | C] () -- C:\Windows\System32\igdde32.dll [2012/03/19 21:21:14 | 013,212,672 | ---- | C] () -- C:\Windows\System32\ig4icd32.dll [2012/03/19 21:11:22 | 000,009,216 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll [2012/03/19 21:09:28 | 000,000,264 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config [color=#E56717]========== ZeroAccess Check ==========/color [2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013/07/26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both < End of report >

chrissagros42 · Answer

3 - 2nd rapport OTL : OTL Extras logfile created on: 17/02/2014 14:53:16 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Windows 7\Downloads Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.16518) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 1,68 Gb Total Physical Memory | 0,99 Gb Available Physical Memory | 58,87% Memory free 3,37 Gb Paging File | 2,38 Gb Available in Paging File | 70,74% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 78,03 Gb Total Space | 18,66 Gb Free Space | 23,92% Space Free | Partition Type: NTFS Drive D: | 154,76 Gb Total Space | 127,01 Gb Free Space | 82,07% Space Free | Partition Type: NTFS Computer Name: WINDOWS7-PC | User Name: Windows 7 | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~1\Office12\ONENOTE.EXE "%L" Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{16A3BAEB-22C9-499B-A47F-BB4CDD910BC9}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{1DE20B35-47C7-4AD6-8F6B-A453DF0AFE30}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{2AA734CB-0173-4A76-8A77-0D1B54ADEE51}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{315D8BEE-0644-48EE-9BE0-CF5906FE1B2E}" = lport=138 | protocol=17 | dir=in | app=system | "{3F06555C-7C42-449B-9FBF-585486F0FF6B}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{43BB001B-4464-47AD-B1DD-E783680B3E7E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{505F872C-6538-4ECF-A142-4B8382637791}" = lport=10243 | protocol=6 | dir=in | app=system | "{736D7F07-1ED5-4A64-A033-F30E4B2110EC}" = rport=10243 | protocol=6 | dir=out | app=system | "{7A3E4546-4713-47A6-968B-22F65BAA9535}" = rport=137 | protocol=17 | dir=out | app=system | "{7C8F96CD-C0D7-4DC0-94A1-E114EDD9255A}" = lport=445 | protocol=6 | dir=in | app=system | "{7D7D576B-2A2C-4D84-9D9D-D27C4ED9E51B}" = rport=138 | protocol=17 | dir=out | app=system | "{8361B93B-85CE-4042-9FA6-A7234E51B52E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{846C3303-09A7-412D-8A47-950051DFC521}" = rport=445 | protocol=6 | dir=out | app=system | "{9976E4ED-774E-4C2C-8DCD-D62D0A3F7F3C}" = rport=139 | protocol=6 | dir=out | app=system | "{A82C871C-2301-4C48-AE54-06753F8CE34E}" = lport=137 | protocol=17 | dir=in | app=system | "{AA2CC957-22C2-4F63-865A-EEEAC99B946D}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{C042B1C3-E184-4AEF-BF97-173C2DB82AEA}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{C7397457-8988-4DF7-BEFA-0E38C7F55A81}" = lport=8080 | protocol=6 | dir=in | app=c:\program files\common files\research in motion\nginx\nginx.exe | "{CD25CEA0-8056-44F4-8D15-3EB019853798}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | "{CFFFFC99-5A02-45CA-9713-92F49DBC5A7E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{D7DC704F-147C-4A74-AF07-16B625B3CC85}" = lport=139 | protocol=6 | dir=in | app=system | "{DAC55874-2CF7-43B4-AF12-C5A5CD9C071A}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{E29BA24D-723C-47B1-BADB-394FC804C947}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{EF7703D8-66B0-4131-A8C3-70D0F37A4038}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{F62BBDFE-554E-4AC1-9145-8C94CC7172B2}" = lport=2869 | protocol=6 | dir=in | app=system | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{060BE6FF-4167-4160-B29C-4FCEF73EE295}" = protocol=6 | dir=in | svc=* | app=c:\program files\common files\research in motion\tunnel manager\mdnsresponder.exe | "{07BBCD5D-6C95-4187-A506-371C2A42CE52}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{125A98C3-FC41-4EFB-B995-D0E425AC6E46}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{157D0F30-181E-4FC3-86B7-3FAB63B81B93}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{1DEC8A86-85E3-4611-A95A-B36F7C18F42D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{1F173298-ADB7-48F9-B563-62FA733CE2D5}" = dir=in | app=c:\program files\hp\hp deskjet 3050a j611 series\bin\hpnetworkcommunicator.exe | "{1FC8580D-67D4-4BB6-8035-C5AC859C88FD}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{3092DE4A-4722-4B19-B76E-B98D08A5046F}" = protocol=6 | dir=in | app=c:\program files\common files\research in motion\tunnel manager\peermanager.exe | "{34D1D762-B403-4337-9FE7-75DF8BA02DF7}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{367A9E38-1177-4238-8EEB-9A3227A8B767}" = protocol=17 | dir=in | svc=* | app=c:\program files\common files\research in motion\tunnel manager\mdnsresponder.exe | "{4C944628-6788-4E7F-8A21-5795B99DED02}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{50914B51-3B5E-4636-A6B0-ED0670B1EF33}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | "{547819A0-335A-4654-A6A3-343FBD9795E4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{5728A951-87E2-48BE-AD77-87A95AD1039A}" = protocol=6 | dir=out | app=system | "{5ECB4F77-4FFD-4588-8930-1099B7395B17}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{61ABE15F-C14F-4715-A28F-B54EA8D75109}" = protocol=17 | dir=in | svc=* | app=c:\program files\common files\research in motion\tunnel manager\tunmgr.exe | "{6C712DF7-9ACC-4B0F-8681-19FF24FABF87}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{6EC89DF8-377B-4AB5-99F8-C3DBBF7A90BC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{6FC62029-F038-4C52-B5AC-5BC9E20E86FD}" = protocol=6 | dir=in | app=c:\programdata\esafe\egdpsvc.exe | "{7B54DB49-9D5E-4AC1-8F08-52BD2125406B}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{7B9C6DC5-EE23-4655-AFA8-CA98D60BB707}" = protocol=6 | dir=in | svc=* | app=c:\program files\common files\research in motion\tunnel manager\tunmgr.exe | "{88F8CB36-0DCD-4E31-A4DD-DDD432727CD0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{89771440-F3DA-4A7F-851D-96042CFF3F3E}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{8AA2ECCD-5448-4774-AEEA-91E8DCE19B9A}" = protocol=6 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe | "{944FD12B-79C4-4C9D-86D3-D7BEC918B055}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{974445EE-B3F3-43DA-BAD0-A8ABF9913A54}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{9A5F2B42-C1F8-4AFB-8537-6092B231F6B3}" = protocol=17 | dir=in | app=c:\windows\system32\msiexec.exe | "{B781F6ED-69C3-481F-BB3C-34B48C839368}" = protocol=6 | dir=in | app=c:\windows\system32\msiexec.exe | "{C3E3E3FE-F473-418C-885F-732B8D57D95E}" = dir=in | app=c:\program files\itunes\itunes.exe | "{C81D16CE-05F1-4372-8254-9D847C99029C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{CEA9331E-6F80-4E39-95C4-B10040EAD1CA}" = protocol=17 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe | "{D241DF07-87BE-4547-854E-1BB6FD80F260}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{DDD85715-A1B5-4251-9E47-1A074780A1B5}" = dir=in | app=c:\program files\hp\hp deskjet 3050a j611 series\bin\devicesetup.exe | "{E52E524D-2960-4397-A91D-885078EF918B}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{FC4545A7-A7B8-4CB2-89DE-584F1DCC09F6}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator "{064A929A-4DE8-40CF-A901-BD40C14E4D25}" = PDF Architect "{0CD47142-BA4F-46B0-AA92-2675864928B8}" = Microsoft Security Client "{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack "{10E3A6DD-84D8-4D8A-BB11-5E5314BCA7FD}" = Apple Mobile Device Support "{13F7304A-EF3D-4433-9B3A-85538E158768}" = HP Deskjet 3050A J611 series - Enquête sur l'amélioration du produit "{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform "{43D6C32E-59C4-4E28-89E9-7CB44E8F3C24}" = BlackBerry Link "{4903D172-DCCB-392F-93A3-34CA9D47FE3D}" = Microsoft .NET Framework 4.5.1 "{51A66ED3-200E-4147-8D1E-E8D30936FD26}" = Intel® Trusted Connect Service Client "{58CAD08F-CE8A-4397-81A6-8C4FFC871B2A}" = Logiciel de base du périphérique HP Deskjet 3050A J611 series "{616445AF-BBCF-41C1-A4D6-8CFF171C182D}" = iTunes "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver "{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007 "{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007 "{90120000-0015-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007 "{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007 "{90120000-0016-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0017-040C-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (French) 2007 "{90120000-0017-040C-0000-0000000FF1CE}_OMUI.fr-fr_{879D8136-C3A7-4A13-A8F4-309467087372}" = Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3) "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007 "{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007 "{90120000-0018-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007 "{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007 "{90120000-0019-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007 "{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007 "{90120000-001A-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007 "{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007 "{90120000-001B-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007 "{90120000-001F-0401-0000-0000000FF1CE}_OMUI.fr-fr_{3E8EA473-ECCE-405F-A9CA-59446AEADD3A}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_OMUI.fr-fr_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0409-0000-0000000FF1CE}_OMUI.fr-fr_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-040C-0000-0000000FF1CE}_OMUI.fr-fr_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007 "{90120000-001F-0413-0000-0000000FF1CE}_OMUI.fr-fr_{2C95E7EE-FEA7-4B3A-A6E5-DF90A88B816A}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0C0A-0000-0000000FF1CE}_OMUI.fr-fr_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007 "{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007 "{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2007 "{90120000-0044-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007 "{90120000-006E-040C-0000-0000000FF1CE}_OMUI.fr-fr_{8283FD64-6A3B-4104-9E12-7CA25EF29A1A}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007 "{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007 "{90120000-00A1-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007 "{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00BA-040C-0000-0000000FF1CE}" = Microsoft Office Groove MUI (French) 2007 "{90120000-00BA-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0100-040C-0000-0000000FF1CE}" = Microsoft Office O MUI (French) 2007 "{90120000-0100-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0101-040C-0000-0000000FF1CE}" = Microsoft Office X MUI (French) 2007 "{90120000-0101-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007 "{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 "{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007 "{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1 "{97DDCAB8-B770-4089-A10F-67568069D78A}" = HP Deskjet 3050A J611 series Aide "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{A922C4B7-50E0-4787-A94C-59DBF3C65DBE}" = Apple Application Support "{AC76BA86-7AD7-1036-7B44-AA1000000001}" = Adobe Reader X (10.1.9) - Français "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics "123 Free Solitaire for Children" = 123 Free Solitaire for Children "7AFADC17CE5D176C218EB94F26AE53271142A857" = Windows Driver Package - Bose Corporation (usbser) Ports (08/03/2012 1.2.0.0) "Adobe Flash Player ActiveX" = Adobe Flash Player 12 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin "BlackBerry_10_Desktop" = BlackBerry Link "ENTERPRISE" = Microsoft Office Enterprise 2007 "HP Photo Creations" = HP Photo Creations "InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Gestionnaire de périphériques de plate-forme "LAME_is1" = LAME v3.99.3 (for Windows) "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300 "McAfee Security Scan" = McAfee Security Scan Plus "Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA "Microsoft Security Client" = Microsoft Security Essentials "Mozilla Firefox 27.0.1 (x86 fr)" = Mozilla Firefox 27.0.1 (x86 fr) "MozillaMaintenanceService" = Mozilla Maintenance Service "OMUI.fr-fr" = Microsoft Office Language Pack 2007 - French/Français "PirritSuggestor_is1" = PirritSuggestor version 1.5 "ST6UNST #1" = Freecell Collection 7.0 "ST6UNST #2" = Freecell Collection 7.0 (C:\Program Files\Freecell Collection 7.0\) [color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "PhotoFiltre 7" = PhotoFiltre 7 [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 15/02/2014 07:24:16 | Computer Name = Windows7-PC | Source = SideBySide | ID = 16842785 Description = La création du contexte d'activation a échoué pour « C:\Program Files\Common Files\Research In Motion\AppLoader\MailServerMAPIProxy64.exe ». Assembly dépendant Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé. Error - 16/02/2014 08:05:15 | Computer Name = Windows7-PC | Source = SideBySide | ID = 16842785 Description = La création du contexte d'activation a échoué pour « C:\Program Files\Common Files\Research In Motion\AppLoader\MailServerMAPIProxy64.exe ». Assembly dépendant Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé. Error - 16/02/2014 14:42:00 | Computer Name = Windows7-PC | Source = Application Error | ID = 1000 Description = Nom de l'application défaillante PirritDesktop.exe, version : 0.0.0.0, horodatage : 0x52fdfa1b Nom du module défaillant : QtCore4.dll, version : 4.8.4.0, horodatage : 0x50b31871 Code d'exception : 0xc0000005 Décalage d'erreur : 0x0000286f ID du processus défaillant : 0xb6c Heure de début de l'application défaillante : 0x01cf2af404357855 Chemin d'accès de l'application défaillante : C:\Users\Windows 7\AppData\Local\PirritSuggestor\PirritDesktop.exe Chemin d'accès du module défaillant: C:\Users\Windows 7\AppData\Local\PirritSuggestor\QtCore4.dll ID de rapport : 048a0c7c-973a-11e3-bd44-02c028e48501 Error - 16/02/2014 16:01:37 | Computer Name = Windows7-PC | Source = RIM MDNS | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 16/02/2014 16:01:37 | Computer Name = Windows7-PC | Source = RIM MDNS | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 9859 Error - 16/02/2014 16:01:37 | Computer Name = Windows7-PC | Source = RIM MDNS | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 9859 Error - 16/02/2014 16:01:39 | Computer Name = Windows7-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 16/02/2014 16:01:39 | Computer Name = Windows7-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 9969 Error - 16/02/2014 16:01:39 | Computer Name = Windows7-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 9969 Error - 16/02/2014 17:05:51 | Computer Name = Windows7-PC | Source = Application Error | ID = 1000 Description = Nom de l'application défaillante firefox.exe, version : 27.0.1.5156, horodatage : 0x52fc0faa Nom du module défaillant : xul.dll, version : 27.0.1.5156, horodatage : 0x52fc0f79 Code d'exception : 0xc0000005 Décalage d'erreur : 0x001560c7 ID du processus défaillant : 0x19d4 Heure de début de l'application défaillante : 0x01cf2b4704101954 Chemin d'accès de l'application défaillante : C:\Program Files\Mozilla Firefox\firefox.exe Chemin d'accès du module défaillant: C:\Program Files\Mozilla Firefox\xul.dll ID de rapport : 1d1899cf-974e-11e3-bd44-02c028e48501 [ OSession Events ] Error - 16/01/2014 07:06:04 | Computer Name = Windows7-PC | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6690.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 5786 seconds with 0 seconds of active time. This session ended with a crash. [ System Events ] Error - 15/02/2014 06:00:55 | Computer Name = Windows7-PC | Source = Service Control Manager | ID = 7034 Description = Le service PirritUpdater s'est terminé de façon inattendue pour la 1ème fois. Error - 15/02/2014 06:00:56 | Computer Name = Windows7-PC | Source = Service Control Manager | ID = 7030 Description = Le service PirritUpdater est marqué comme étant interactif. Cependant, le système est configuré pour ne pas autoriser les services interactifs. Ce service peut ne pas fonctionner correctement. Error - 15/02/2014 06:01:02 | Computer Name = Windows7-PC | Source = Service Control Manager | ID = 7030 Description = Le service PirritDesktop est marqué comme étant interactif. Cependant, le système est configuré pour ne pas autoriser les services interactifs. Ce service peut ne pas fonctionner correctement. Error - 15/02/2014 09:26:37 | Computer Name = Windows7-PC | Source = Server | ID = 2505 Description = Le serveur n'a pas pu se lier au transport \Device\NetBT_Tcpip_{F4C83F15-4C79-4604-82E8-754796D23956} car un autre ordinateur du réseau porte le même nom. Le serveur n'a pas pu démarrer. Error - 16/02/2014 04:49:33 | Computer Name = Windows7-PC | Source = Service Control Manager | ID = 7022 Description = Le service PirritDesktop est en attente de démarrage. Error - 16/02/2014 04:49:33 | Computer Name = Windows7-PC | Source = Service Control Manager | ID = 7022 Description = Le service PirritUpdater est en attente de démarrage. Error - 17/02/2014 03:02:39 | Computer Name = Windows7-PC | Source = Service Control Manager | ID = 7022 Description = Le service PirritDesktop est en attente de démarrage. Error - 17/02/2014 03:02:40 | Computer Name = Windows7-PC | Source = Service Control Manager | ID = 7022 Description = Le service PirritUpdater est en attente de démarrage. Error - 17/02/2014 09:23:39 | Computer Name = Windows7-PC | Source = Service Control Manager | ID = 7022 Description = Le service PirritDesktop est en attente de démarrage. Error - 17/02/2014 09:23:39 | Computer Name = Windows7-PC | Source = Service Control Manager | ID = 7022 Description = Le service PirritUpdater est en attente de démarrage. < End of report >

chrissagros42 · Answer

Merci de tout ce que tu peux faire pour moi, car il me semble que cela empire ! Je ne peux plus ouvrir un site sans être infestée de nouvelles fenêtres...

Malekal_morte- · Answer

par pjjoint le rapport OTL.

chrissagros42 · Answer

Adresse  1er rapport OTL sur PJJOINT.
https://pjjoint.malekal.com/files.php?id=OTL_20140217_p12w9i7f12q9
2ème rapport OTL sur PJJOINT
https://pjjoint.malekal.com/files.php?id=OTL_Extras_20140217_t6b11i11e6o12

Malekal_morte- · Answer

Désinstalle McAfee Security Scan, sert à rien.

Relance OTL. 
o sous Personnalisation (Custom Scan), copie_colle le contenu du cadre ci dessous (bien prendre :OTL en début).
Clic Correction (Fix), un rapport apparraitra, copie/colle le contenu ici:  


:OTL
SRV - [2014/02/14 12:12:30 | 000,052,568 | ---- | M] () [Auto | Start_Pending] -- C:\Users\Windows 7\AppData\Local\PirritSuggestor\PirritService.exe -- (PirritDesktop) 
SRV - [2014/02/14 11:29:08 | 000,059,904 | ---- | M] () [Auto | Running] -- C:\Program Files\Pirrit\AutoUpdater.exe -- (PirritUpdater)  
[2014/02/15 11:01:00 | 000,000,000 | ---D | C] -- C:\Users\Windows 7\AppData\Local\PirritSuggestor 
:Commands
[resethosts]
[reboot]

 
* poste le rapport ici  
 
Like the angel you are, you laugh creating a lightness in my chest,
Your eyes they penetrate me,
(Your answer's always 'maybe')
That's when I got up and left

Malekal_morte- · Answer

non regarde si les pubs s'arretent :)

chrissagros42 · Answer

A priori les publicités n'apparaissent plus, ni les mots double soulignés dans les textes que je visite ou que je reçois...

Merci infiniment de ton aide !

Une dernière question : que dois-je mettre comme protection ? anti virus, et autres ?

Malekal_morte- · Answer

:)


Installe Malwarebyte's Anti-Malware : https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
Fais des scans réguliers avec, il est efficace.



Pour ne plus te faire avoir.
A lire - Programmes parasites / PUPs : https://www.malekal.com/adwares-pup-protection/

PirritSuggestor : popup publicitaires sur Firefox

10 réponses

Newsletters