System Speedup, Right backup, Advance system Protector...

Fermé
tenraconte Messages postés 40 Date d'inscription vendredi 12 octobre 2007 Statut Membre Dernière intervention 20 avril 2015 - 15 juil. 2014 à 21:31
tenraconte Messages postés 40 Date d'inscription vendredi 12 octobre 2007 Statut Membre Dernière intervention 20 avril 2015 - 17 juil. 2014 à 14:34
Bonjour à toutes et à tous. Bon alors depuis hier j'ai une multitude de logiciels qui se sont installés directement sur mon bureau. L'analyse Avira à trouver des trucs, mis en quarantaine, et j'ai essayé de désinstaller tout ce foutoir, rien y fait, je suis envahi...
Y a t-il un moyen d'euthanasier ces choses??

Merci



A voir également:

8 réponses

Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 656
15 juil. 2014 à 21:36
Salut,

Tu as installé des adwares et programmes parasites sur ton PC.
Voici la procédure à suivre pour les supprimer :

Télécharge https://www.malekal.com/adwcleaner-supprimer-virus-adwares-pup/?t=33839&start= AdwCleaner ( d'Xplode ) sur ton bureau.
Sur la page d'AdwCleaner, à droite, clic sur la disquette grise avec la flèche verte pour lancer le téléchargement.
Lance AdwCleaner, clique sur [Scanner].
Le scan peux durer plusieurs minutes, patienter.
Une fois le scan terminé, clique sur [Nettoyer]

Une fois le nettoyage terminé, un rapport s'ouvrira. Copie/colle le contenu du rapport dans ta prochaine réponse par un copier/coller.
Si cela ne fonctionne pas, utilise le site http://pjjoint.malekal.com pour héberger le rapport, donne le lien du rapport dans un nouveau message.

Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt

0
tenraconte Messages postés 40 Date d'inscription vendredi 12 octobre 2007 Statut Membre Dernière intervention 20 avril 2015
15 juil. 2014 à 22:11
Houlala c'est gigantesque...
# AdwCleaner v3.215 - Rapport créé le 15/07/2014 à 21:44:10
# Mis à jour le 09/07/2014 par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : asard - ASARD-PC
# Exécuté depuis : C:\Users\asard\Downloads\adwcleaner_3.215.exe
# Option : Nettoyer

***** [ Services ] *****

[#] Service Supprimé : globalUpdate
[#] Service Supprimé : globalUpdatem
[#] Service Supprimé : Update ToggleMark
Service Supprimé : vosr
Service Supprimé : webinstr

***** [ Fichiers / Dossiers ] *****

Dossier Supprimé : C:\ProgramData\Ask
Dossier Supprimé : C:\ProgramData\Babylon
Dossier Supprimé : C:\ProgramData\DSearchLink
Dossier Supprimé : C:\ProgramData\Systweak
Dossier Supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector
Dossier Supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AGENCE-EXCLUSIVE
Dossier Supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Speedup
Dossier Supprimé : C:\Program Files (x86)\Advanced System Protector
Dossier Supprimé : C:\Program Files (x86)\Bench
Dossier Supprimé : C:\Program Files (x86)\Conduit
Dossier Supprimé : C:\Program Files (x86)\Deeal
Dossier Supprimé : C:\Program Files (x86)\ExpressFiles
[!] Dossier Supprimé : C:\Program Files (x86)\globalUpdate
Dossier Supprimé : C:\Program Files (x86)\predm
Dossier Supprimé : C:\Program Files (x86)\Pricora 12.0
Dossier Supprimé : C:\Program Files (x86)\System Speedup
Dossier Supprimé : C:\Program Files (x86)\ToggleMark
Dossier Supprimé : C:\Program Files (x86)\stv_fr_18
Dossier Supprimé : C:\Users\asard\AppData\Local\BenchUpdater
Dossier Supprimé : C:\Users\asard\AppData\Local\Conduit
Dossier Supprimé : C:\Users\asard\AppData\Local\globalUpdate
Dossier Supprimé : C:\Users\asard\AppData\Local\stv_fr_18
Dossier Supprimé : C:\Users\asard\AppData\Local\Temp\AskSearch
Dossier Supprimé : C:\Users\asard\AppData\LocalLow\Conduit
Dossier Supprimé : C:\Users\asard\AppData\LocalLow\01NET.com
Dossier Supprimé : C:\Users\asard\AppData\Roaming\Babylon
Dossier Supprimé : C:\Users\asard\AppData\Roaming\digitalsite
Dossier Supprimé : C:\Users\asard\AppData\Roaming\ExpressFiles
Dossier Supprimé : C:\Users\asard\AppData\Roaming\System Speedup
Dossier Supprimé : C:\Users\asard\AppData\Roaming\Systweak
Dossier Supprimé : C:\Users\asard\AppData\Roaming\VOPackage
Dossier Supprimé : C:\Users\asard\AppData\Roaming\wp_update
Dossier Supprimé : C:\Users\asard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
Dossier Supprimé : C:\Users\asard\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe
Fichier Supprimé : C:\END
Fichier Supprimé : C:\Users\Public\Desktop\Advanced System Protector.lnk
Fichier Supprimé : C:\Windows\System32\roboot64.exe
Fichier Supprimé : C:\Windows\System32\sasnative64.exe
Fichier Supprimé : C:\Users\asard\Desktop\Continue VuuPC Installation.lnk
Fichier Supprimé : C:\Program Files (x86)\Mozilla Firefox\user.js
Fichier Supprimé : C:\Users\asard\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
Fichier Supprimé : C:\Users\asard\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
Fichier Supprimé : C:\Windows\System32\Tasks\Advanced System Protector_startup
Fichier Supprimé : C:\Windows\Tasks\bench-sys.job
Fichier Supprimé : C:\Windows\System32\Tasks\bench-sys
Fichier Supprimé : C:\Windows\Tasks\BlockAndSurf Update.job
Fichier Supprimé : C:\Windows\System32\Tasks\BlockAndSurf Update
Fichier Supprimé : C:\Windows\Tasks\BlockAndSurf_wd.job
Fichier Supprimé : C:\Windows\System32\Tasks\BlockAndSurf_wd
Fichier Supprimé : C:\Windows\Tasks\DigitalSite.job
Fichier Supprimé : C:\Windows\System32\Tasks\DigitalSite
Fichier Supprimé : C:\Windows\System32\Tasks\Express FilesUpdate
Fichier Supprimé : C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
Fichier Supprimé : C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
Fichier Supprimé : C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
Fichier Supprimé : C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
Fichier Supprimé : C:\Windows\Tasks\System Speedup_DEFAULT.job
Fichier Supprimé : C:\Windows\System32\Tasks\System Speedup_DEFAULT
Fichier Supprimé : C:\Windows\Tasks\System Speedup_UPDATES.job
Fichier Supprimé : C:\Windows\System32\Tasks\System Speedup_UPDATES
Fichier Supprimé : C:\Windows\Tasks\ff420bbf-48e2-4d29-a0db-bc00ced5da17-1.job
Fichier Supprimé : C:\Windows\System32\Tasks\ff420bbf-48e2-4d29-a0db-bc00ced5da17-1
Fichier Supprimé : C:\Windows\Tasks\ff420bbf-48e2-4d29-a0db-bc00ced5da17-10.job
Fichier Supprimé : C:\Windows\System32\Tasks\ff420bbf-48e2-4d29-a0db-bc00ced5da17-10
Fichier Supprimé : C:\Windows\Tasks\ff420bbf-48e2-4d29-a0db-bc00ced5da17-11.job
Fichier Supprimé : C:\Windows\System32\Tasks\ff420bbf-48e2-4d29-a0db-bc00ced5da17-11
Fichier Supprimé : C:\Windows\Tasks\ff420bbf-48e2-4d29-a0db-bc00ced5da17-2.job
Fichier Supprimé : C:\Windows\System32\Tasks\ff420bbf-48e2-4d29-a0db-bc00ced5da17-2
Fichier Supprimé : C:\Windows\Tasks\ff420bbf-48e2-4d29-a0db-bc00ced5da17-3.job
Fichier Supprimé : C:\Windows\System32\Tasks\ff420bbf-48e2-4d29-a0db-bc00ced5da17-3
Fichier Supprimé : C:\Windows\Tasks\ff420bbf-48e2-4d29-a0db-bc00ced5da17-4.job
Fichier Supprimé : C:\Windows\System32\Tasks\ff420bbf-48e2-4d29-a0db-bc00ced5da17-4
Fichier Supprimé : C:\Windows\Tasks\ff420bbf-48e2-4d29-a0db-bc00ced5da17-5.job
Fichier Supprimé : C:\Windows\System32\Tasks\ff420bbf-48e2-4d29-a0db-bc00ced5da17-5
Fichier Supprimé : C:\Windows\Tasks\ff420bbf-48e2-4d29-a0db-bc00ced5da17-5_user.job
Fichier Supprimé : C:\Windows\System32\Tasks\ff420bbf-48e2-4d29-a0db-bc00ced5da17-5_user
Fichier Supprimé : C:\Windows\Tasks\ff420bbf-48e2-4d29-a0db-bc00ced5da17-6.job
Fichier Supprimé : C:\Windows\System32\Tasks\ff420bbf-48e2-4d29-a0db-bc00ced5da17-6
Fichier Supprimé : C:\Windows\Tasks\ff420bbf-48e2-4d29-a0db-bc00ced5da17-7.job
Fichier Supprimé : C:\Windows\System32\Tasks\ff420bbf-48e2-4d29-a0db-bc00ced5da17-7

***** [ Raccourcis ] *****


***** [ Registre ] *****

Clé Supprimée : HKCU\Software\Google\Chrome\Extensions\ehdmaehkiiampolokajdcelladmnopgp
Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\ehdmaehkiiampolokajdcelladmnopgp
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\AddonsFramework.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\ButtonSite.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\ScriptHost.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\Deeal.ScriptHostObject
Clé Supprimée : HKLM\SOFTWARE\Classes\Deeal.ScriptHostObject.1
Clé Supprimée : HKLM\SOFTWARE\Classes\Prod.cap
Clé Supprimée : HKLM\SOFTWARE\Classes\ScriptHost.Tool
Clé Supprimée : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Bench Communicator Watcher]
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Bench Settings Cleaner]
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [BService]
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Wd]
Clé Supprimée : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Clé Supprimée : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [stv_fr_18]
Clé Supprimée : HKLM\SOFTWARE\Classes\CrossriderApp0052916.BHO
Clé Supprimée : HKLM\SOFTWARE\Classes\CrossriderApp0052916.BHO.1
Clé Supprimée : HKLM\SOFTWARE\Classes\CrossriderApp0052916.Sandbox
Clé Supprimée : HKLM\SOFTWARE\Classes\CrossriderApp0052916.Sandbox.1
Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar.CT3128284
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{19975B78-1907-4DD6-A437-4C48120F46A4}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{562B9316-C08A-444A-9482-62080DD851AE}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{562B9317-C08A-444A-9482-62080DD851AE}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{70C53538-9F82-42BC-A327-74F7A46E700C}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{861A4A3E-EC88-4BD1-B09E-C9DA95130969}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{8E5025C2-8EA3-430D-80B8-A14151068A6D}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{A74D0C30-5CE2-4E3E-9C35-99ABEC75BE51}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{F91870ED-0B2A-4044-903F-19675DCF609D}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{C29E789C-DCB6-4B82-88C0-D5046D2C8FF6}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{151867D5-7359-40AF-8764-66E58D06283C}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511291116}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522292216}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{93CF54F5-CFAA-4440-B588-8ED0DFAD5C21}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D3BC53E7-0437-4C97-90EE-2CD6FF47FB14}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{F9EB11AB-9384-4736-9B33-993940F88895}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555295516}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566296616}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{15471168-82D3-49F9-A16B-2F455C1AD4BF}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{85CD8584-3403-4489-B826-CA6FCE6E1694}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{97D91814-80A6-444F-AD27-551657E99C94}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{A719A841-028A-427B-807E-667359D91C96}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440544294416}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{70C53538-9F82-42BC-A327-74F7A46E700C}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5025C2-8EA3-430D-80B8-A14151068A6D}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C29E789C-DCB6-4B82-88C0-D5046D2C8FF6}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511291116}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8E5025C2-8EA3-430D-80B8-A14151068A6D}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8E5025C2-8EA3-430D-80B8-A14151068A6D}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{151867D5-7359-40AF-8764-66E58D06283C}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDDDDFD7-0C94-4C65-BF76-780F335842A3}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{278F4F95-C4D4-4AF4-81DE-4822B0D68000}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{8E5025C2-8EA3-430D-80B8-A14151068A6D}]
Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{8E5025C2-8EA3-430D-80B8-A14151068A6D}]
Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{8E5025C2-8EA3-430D-80B8-A14151068A6D}]
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{8E5025C2-8EA3-430D-80B8-A14151068A6D}]
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511291116}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522292216}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{93CF54F5-CFAA-4440-B588-8ED0DFAD5C21}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{D3BC53E7-0437-4C97-90EE-2CD6FF47FB14}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{F9EB11AB-9384-4736-9B33-993940F88895}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555295516}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566296616}
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511291116}
Clé Supprimée : HKCU\Software\BABSOLUTION
Clé Supprimée : HKCU\Software\Conduit
Clé Supprimée : HKCU\Software\Delta
Clé Supprimée : HKCU\Software\dsiteproducts
Clé Supprimée : HKCU\Software\ExpressFiles
Clé Supprimée : HKCU\Software\InstallCore
Clé Supprimée : HKCU\Software\installedbrowserextensions
Clé Supprimée : HKCU\Software\System Speedup
Clé Supprimée : HKCU\Software\systweak
Clé Supprimée : HKCU\Software\ToggleMark
Clé Supprimée : HKCU\Software\Tutorials
Clé Supprimée : HKCU\Software\TutoTag
Clé Supprimée : HKCU\Software\AppDataLow\Toolbar
Clé Supprimée : HKCU\Software\AppDataLow\Software\blockAndSurf
Clé Supprimée : HKCU\Software\AppDataLow\Software\Conduit
Clé Supprimée : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Clé Supprimée : HKCU\Software\AppDataLow\Software\Crossrider
Clé Supprimée : HKCU\Software\AppDataLow\Software\SmartBar
Clé Supprimée : HKCU\Software\AppDataLow\Software\01NET.com
Clé Supprimée : HKLM\Software\Agence-Exclusive
Clé Supprimée : HKLM\Software\Babylon
Clé Supprimée : HKLM\Software\Bench
Clé Supprimée : HKLM\Software\Conduit
Clé Supprimée : HKLM\Software\Deeal
Clé Supprimée : HKLM\Software\Delta
Clé Supprimée : HKLM\Software\ExpressFiles
Clé Supprimée : HKLM\Software\FreeSoftToday
Clé Supprimée : HKLM\Software\installedbrowserextensions
Clé Supprimée : HKLM\Software\System Speedup
Clé Supprimée : HKLM\Software\systweak
Clé Supprimée : HKLM\Software\ToggleMark
Clé Supprimée : HKLM\Software\Tutorials
Clé Supprimée : HKLM\Software\01NET.com
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Deeal
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\System Speedup_is1
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\stv_fr_18_is1
Clé Supprimée : [x64] HKLM\SOFTWARE\installedbrowserextensions
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ToggleMark

***** [ Navigateurs ] *****

-\\ Internet Explorer v11.0.9600.17207

Paramètre Restauré : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

-\\ Google Chrome v

[ Fichier : C:\Users\asard\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Supprimée [Search Provider] : hxxp://search.babylon.com/?q={searchTerms}&affID=112863&tt=3412_2&babsrc=SP_ss&mntrId=008edbb0000000000000e0b9a5d99100
Supprimée [Search Provider] : hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&ctid=CT3128284
Supprimée [Search Provider] : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=ORJ&o=&locale=&apn_uid=9039EEA0-5BBF-44F1-A641-DBA18C11DBA3&apn_ptnrs=U3&apn_sauid=008BD9AA-48F1-48C7-96F5-BF84D4640471&apn_dtid=OSJ000YYFR&q={searchTerms}
Supprimée [Search Provider] : hxxp://www.searchgol.com/?q={searchTerms}&babsrc=SP_ss&mntrId=008EE0B9A5D99101&affID=119357&tsp=5020
Supprimée [Startup_urls] : hxxp://www.searchgol.com/?babsrc=HP_ss&mntrId=008EE0B9A5D99101&affID=119357&tsp=5020
Supprimée [Homepage] : hxxp://www.searchgol.com/?babsrc=HP_ss&mntrId=008EE0B9A5D99101&affID=119357&tsp=5020
Supprimée [Extension] : aaipilfmheplbcghignccoiiebekkdhe
Supprimée [Extension] : ehdmaehkiiampolokajdcelladmnopgp
Supprimée [Extension] : eooncjejnppfjjklapaamhcdmjbilmde

*************************

AdwCleaner[R0].txt - [21879 octets] - [15/07/2014 21:42:11]
AdwCleaner[S0].txt - [19948 octets] - [15/07/2014 21:44:10]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [20009 octets] ##########
0
tenraconte Messages postés 40 Date d'inscription vendredi 12 octobre 2007 Statut Membre Dernière intervention 20 avril 2015
15 juil. 2014 à 22:39
je suis pas sûr que ce soit ça mais bon...
0
tenraconte Messages postés 40 Date d'inscription vendredi 12 octobre 2007 Statut Membre Dernière intervention 20 avril 2015
15 juil. 2014 à 22:54
Je vous envoie également le lien si jamais ça peut vous aider...

https://pjjoint.malekal.com/files.php?id=20140715_i8b6d7p11p7
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 656
15 juil. 2014 à 23:55
si c'est good :)



Faire un Scan OTL - Temps : Environ 40min
=====================
OTL permet de diagnostiquer les programmes qui tournent et déceler des infections - Le programme va générer deux rapports OTL.txt et Extras.txt
Fournir les deux rapports :

Tu peux suivre les indications de cette page pour t'aider : https://www.malekal.com/tutorial-otl/

* Télécharge http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/ sur ton bureau.
(Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)


* Lance OTL
* En haut à droite de Analyse rapide, coche "tous les utilisateurs"
* Sur OTL, sous Personnalisation, copie-colle le script ci-dessous :



netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%ALLUSERSPROFILE%\Application Data\*.dll /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%temp%\*.exe /s
%SYSTEMDRIVE%\*.exe
%systemroot%\*. /mp /s
%systemroot%\system32\consrv.dll
%systemroot%\system32\*.dll /lockedfiles
%windir%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
/md5start
explorer.exe
winlogon.exe
services.exe
wininit.exe
/md5stop
HKEY_CLASSES_ROOT\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InprocServer32 /s
HKEY_LOCAL_MACHINE\SYSTEM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters /s
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems /s
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls /s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList /s
HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor /s
HKEY_CURRENT_USER\Software\Microsoft\Command Processor /s
CREATERESTOREPOINT
nslookup www.google.fr /c
ipconfig /all /c
ping www.google.fr /c
SAVEMBR:0
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs



* Clique sur le bouton Analyse.

**** Si durant le scan - OTL ne répond pas, ne touche à rien et laisse le scan se poursuivre ****

* Quand le scan est fini, utilise le site http://pjjoint.malekal.com/ pour envoyer le rapport OTL.txt (et Extra.txt si présent).
Donne le ou les liens pjjoint qui pointent vers ces rapports ici dans une réponse.
Je répète : donne le lien du rapport pjjoint ici en réponse.

NE PAS COPIER/COLLER LE RAPPORT ICI - DONNER LE LIEN PJJOINT DANS UN NOUVEAU MESSAGE


0
tenraconte Messages postés 40 Date d'inscription vendredi 12 octobre 2007 Statut Membre Dernière intervention 20 avril 2015
16 juil. 2014 à 20:35
Désolé, la journée de boulot et tout ça quoi... Alors j'ai fais l'analyse, je vous balance le lien.

https://pjjoint.malekal.com/files.php?id=OTL_20140716_w11j11d13d5g7
0
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 656
Modifié par Malekal_morte- le 17/07/2014 à 08:27
Relance OTL.
o sous Personnalisation (Custom Scan), copie_colle le contenu ci dessous (bien prendre :OTL en début).
Clic Correction (Fix), un rapport apparraitra, copie/colle le contenu ici:



:OTL
SRV - [2014/07/11 17:36:30 | 000,048,240 | ---- | M] (Systweak) [Auto | Running] -- C:\Program Files (x86)\Right Backup\RBClientService.exe -- (RBClientService)
[2012/08/21 14:00:06 | 000,000,000 | ---D | M] (01NET.com) -- C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}
CHR - Extension: Whilokii = C:\Users\asard\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlmdlmoekcipeicfbnohedgkglmbhcla\1.0.0_0\
O2:[b]64bit:[/b] - BHO: (Browse Safe BHO) - {8E56A02B-46FE-4490-B169-F16E5231533B} - C:\Program Files (x86)\Browse Safe\FrameworkBHO64.dll ()
O2 - BHO: (Browse Safe BHO) - {8E56A02B-46FE-4490-B169-F16E5231533B} - C:\Program Files (x86)\Browse Safe\FrameworkBHO.dll ()
O2 - BHO: (ToggleMark) - {dc59a866-959c-4638-a191-c13177d0bd68} - C:\Program Files (x86)\ToggleMark\ToggleMarkbho.dll File not found
O4 - HKU\S-1-5-21-650101214-3002858759-2482372620-1001..\Run: [BlockAndSurf] C:\Program Files (x86)\di8BlockAndSurf\BlockAndSurf.exe ()
[2014/07/15 21:23:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Right Backup
[2014/07/15 21:18:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\V-9.1HD
[2014/07/15 21:18:22 | 000,000,000 | ---D | C] -- C:\Users\asard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browse Safe
[2014/07/15 21:17:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Browse Safe
[2014/07/15 21:17:57 | 000,000,000 | ---D | C] -- C:\Users\asard\AppData\Local\Browse Safe
[2014/07/15 20:31:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\di8BlockAndSurf
[2014/07/14 18:11:21 | 000,000,000 | ---D | C] -- C:\rbtemp
[2014/07/14 18:09:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Right Backup
[2014/07/14 18:08:29 | 000,000,000 | ---D | C] -- C:\Users\asard\AppData\Roaming\betadeeal
[2014/07/14 18:09:59 | 000,001,052 | ---- | C] () -- C:\Users\Public\Desktop\Right Backup.lnk
[2014/07/14 18:08:23 | 000,667,648 | ---- | C] () -- C:\Users\asard\AppData\Roaming\~yyioqtu.exe
[2014/07/14 18:07:46 | 000,001,076 | ---- | C] () -- C:\Users\Public\Desktop\System Speedup.lnk
[2014/06/12 18:09:32 | 000,431,104 | ---- | C] () -- C:\ProgramData\uninstall_Deeal.exe
[2014/03/20 11:00:12 | 000,492,208 | ---- | C] () -- C:\Users\asard\AppData\Roaming\~xxoxofz.exe
:files
C:\Users\asard\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlmdlmoekcipeicfbnohedgkglmbhcla\



* poste le rapport ici



Redémarre l'ordinateur


puis :


Scan Malwarebytes (temps : environ 40min de scan):
==================================================
Télécharge et installe Malwarebyte : https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
Mets le à jour puis lance un examen.

A la fin du scan, clic sur "Mettre tout en quarantaine" en bas à gauche.
Redémarre l'ordinateur si besoin.
Après redémarrage, relance Malwarebytes.
Vas chercher le rapport dans l'onglet Historique.
A gauche Journal des examens.
Doube-clic sur l'examen dans la liste.
Puis en bas Copier dans le presse papier
Vas sur http://pjjoint.malekal.com et en bas, clic droit / coller pour coller le rapport du scan Malwarebytes.
Clic sur envoyer.
Dans un nouveau message ici en réponse, donne le lien pjjoint afin de pouvoir consulter le rapport.



Like the angel you are, you laugh creating a lightness in my chest,
Your eyes they penetrate me,
(Your answer's always 'maybe')
That's when I got up and left
0
tenraconte Messages postés 40 Date d'inscription vendredi 12 octobre 2007 Statut Membre Dernière intervention 20 avril 2015
17 juil. 2014 à 14:34
Le rapport OTL
========== OTL ==========
Service RBClientService stopped successfully!
Service RBClientService deleted successfully!
C:\Program Files (x86)\Right Backup\RBClientService.exe moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\Plugins folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\modules folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\META-INF folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\lib folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\defaults\preferences folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\defaults folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\skin folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\sl folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\lib folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\core folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\WEATHER\js folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\WEATHER\css folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\WEATHER folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\TWITTER\resources folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\TWITTER\js folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\TWITTER\img folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\TWITTER folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\TESTER_POPUP\js folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\TESTER_POPUP folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\TESTER_EMBEDDED\js folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\TESTER_EMBEDDED folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\TESTER_BCAPI\js folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\TESTER_BCAPI\autoTest\spec folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\TESTER_BCAPI\autoTest\lib\jasmine-1.1.0 folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\TESTER_BCAPI\autoTest\lib folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\TESTER_BCAPI\autoTest folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\TESTER_BCAPI folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\SEARCH_IN_NEW_TAB folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\SEARCH\view\style\rsx folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\SEARCH\view\style folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\SEARCH\view\script folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\SEARCH\view folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\SEARCH\resources folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\SEARCH\js folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\SEARCH\Css folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\SEARCH\buildSettings folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\SEARCH folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\RADIO_PLAYER\js\resources folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\RADIO_PLAYER\js folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\RADIO_PLAYER\css\custom-theme folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\RADIO_PLAYER\css folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\RADIO_PLAYER folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\PRICE_GONG\menu_dlg folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\PRICE_GONG\images folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\PRICE_GONG\css\custom-theme folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\PRICE_GONG\css folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\PRICE_GONG\agreement folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\PRICE_GONG folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\Optimizer\js folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\Optimizer folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\NOTIFICATION\js folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\NOTIFICATION\images\light folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\NOTIFICATION\images\dark folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\NOTIFICATION\images folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\NOTIFICATION\css folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\NOTIFICATION folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\MULTI_RSS\js\resources folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\MULTI_RSS\js folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\MULTI_RSS\img folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\MULTI_RSS\css folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\MULTI_RSS folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\HIGHLIGHTER\js folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\HIGHLIGHTER\css folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\HIGHLIGHTER folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\EMAIL_NOTIFIER\js\plugins folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\EMAIL_NOTIFIER\js folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\EMAIL_NOTIFIER\css folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\EMAIL_NOTIFIER folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\APPLICATION_BUTTON\resources folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\APPLICATION_BUTTON\Js folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\APPLICATION_BUTTON folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa\404 folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\wa folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\ui\menu\js folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\ui\menu\img folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\ui\menu\css folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\ui\menu folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\ui\gf\img folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\ui\gf\css folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\ui\gf folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\ui\gadgetFrame folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\ui\dlg\ftd\images folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\ui\dlg\ftd folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\ui\dlg folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\ui folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\searchProtector\searchProtectorSettingsDialog\images folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\searchProtector\searchProtectorSettingsDialog folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\searchProtector\SearchProtectorBubbleDialog\images folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\searchProtector\SearchProtectorBubbleDialog folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\searchProtector\js folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\searchProtector folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\options\js\resources folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\options\js folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\options\images folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\options\css folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\options folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\myStuffDialogs folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\features\js\resources folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\features\js folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\features folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\api folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\ac\res folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\ac\img folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\ac\css folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\ac folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\aboutBox\js folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\aboutBox\images folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al\aboutBox folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb\al folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content\tb folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284\content folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome\CT3128284 folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\chrome folder moved successfully.
C:\Users\asard\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d} folder moved successfully.
C:\Users\asard\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlmdlmoekcipeicfbnohedgkglmbhcla\1.0.0_0 folder moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E56A02B-46FE-4490-B169-F16E5231533B}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8E56A02B-46FE-4490-B169-F16E5231533B}\ deleted successfully.
C:\Program Files (x86)\Browse Safe\FrameworkBHO.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{dc59a866-959c-4638-a191-c13177d0bd68}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{dc59a866-959c-4638-a191-c13177d0bd68}\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-650101214-3002858759-2482372620-1001\Software\Microsoft\Windows\CurrentVersion\Run\\BlockAndSurf deleted successfully.
C:\Program Files (x86)\di8BlockAndSurf\BlockAndSurf.exe moved successfully.
Folder move failed. C:\Program Files (x86)\Right Backup scheduled to be moved on reboot.
C:\Program Files (x86)\V-9.1HD folder moved successfully.
C:\Users\asard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browse Safe folder moved successfully.
C:\Program Files (x86)\Browse Safe\icons folder moved successfully.
C:\Program Files (x86)\Browse Safe\framework-ui\theme\bubble folder moved successfully.
C:\Program Files (x86)\Browse Safe\framework-ui\theme folder moved successfully.
C:\Program Files (x86)\Browse Safe\framework-ui folder moved successfully.
C:\Program Files (x86)\Browse Safe\framework folder moved successfully.
C:\Program Files (x86)\Browse Safe\CanvasFramework folder moved successfully.
C:\Program Files (x86)\Browse Safe\AppFramework folder moved successfully.
C:\Program Files (x86)\Browse Safe folder moved successfully.
C:\Users\asard\AppData\Local\Browse Safe\firefox\icons folder moved successfully.
C:\Users\asard\AppData\Local\Browse Safe\firefox\framework-ui folder moved successfully.
C:\Users\asard\AppData\Local\Browse Safe\firefox\framework folder moved successfully.
C:\Users\asard\AppData\Local\Browse Safe\firefox\CanvasFramework folder moved successfully.
C:\Users\asard\AppData\Local\Browse Safe\firefox\AppFramework folder moved successfully.
C:\Users\asard\AppData\Local\Browse Safe\firefox folder moved successfully.
C:\Users\asard\AppData\Local\Browse Safe folder moved successfully.
C:\Program Files (x86)\di8BlockAndSurf\x86 folder moved successfully.
C:\Program Files (x86)\di8BlockAndSurf\x64 folder moved successfully.
C:\Program Files (x86)\di8BlockAndSurf folder moved successfully.
C:\rbtemp\-1 folder moved successfully.
C:\rbtemp folder moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Right Backup folder moved successfully.
C:\Users\asard\AppData\Roaming\betadeeal folder moved successfully.
C:\Users\Public\Desktop\Right Backup.lnk moved successfully.
C:\Users\asard\AppData\Roaming\~yyioqtu.exe moved successfully.
C:\Users\Public\Desktop\System Speedup.lnk moved successfully.
C:\ProgramData\uninstall_Deeal.exe moved successfully.
C:\Users\asard\AppData\Roaming\~xxoxofz.exe moved successfully.
========== FILES ==========
C:\Users\asard\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlmdlmoekcipeicfbnohedgkglmbhcla folder moved successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 07172014_142800

Files\Folders moved on Reboot...
Folder move failed. C:\Program Files (x86)\Right Backup scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
0