Erreur SSL et Adware.Salus
Résolu/Fermé
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
-
Modifié par Malekal_morte- le 3/11/2014 à 18:29
gillesdelatisette Messages postés 8 Date d'inscription lundi 3 novembre 2014 Statut Membre Dernière intervention 3 novembre 2014 - 3 nov. 2014 à 19:32
gillesdelatisette Messages postés 8 Date d'inscription lundi 3 novembre 2014 Statut Membre Dernière intervention 3 novembre 2014 - 3 nov. 2014 à 19:32
A voir également:
- Erreur SSL et Adware.Salus
- Erreur 0x80070643 - Guide
- Code erreur f3500-32 ✓ - Forum Bbox Bouygues
- Erreur 10016 epson - Forum Imprimante
- Erreur c2002 western union ✓ - Forum Vos droits sur internet
- Erreur g030 - Forum Bbox Bouygues
3 réponses
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 628
3 nov. 2014 à 18:29
3 nov. 2014 à 18:29
Supprime les proxys : https://forum.malekal.com/viewtopic.php?t=47404&start=
Relance OTL.
o sous Personnalisation (Custom Scan), copie_colle le contenu ci dessous (bien prendre :OTL en début).
Clic Correction (Fix), un rapport apparraitra, copie/colle le contenu ici:
* poste le rapport ici
Redémarre l'ordinateur
Relance OTL.
o sous Personnalisation (Custom Scan), copie_colle le contenu ci dessous (bien prendre :OTL en début).
Clic Correction (Fix), un rapport apparraitra, copie/colle le contenu ici:
:OTL
SRV - [2014/10/30 13:48:34 | 000,646,144 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\0ca45c95134d\cf3e08d747e4.exe -- (UniversalUpdater)
DRV:[b]64bit:[/b] - [2014/10/30 14:12:20 | 000,047,408 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\b786bdb3c67d.sys -- (b786bdb3c67d)
E - HKCU\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKCU\..\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}: URL = https://www.trovi.com/?gd=&ctid=CT3326305&octid=EB_ORIGINAL_CTID&ISID=MB50BFB14-A142-4C87-8E08-E40A4B8CB521&SearchSource=58&CUI=&UM=6&UP=SP9C44AF86-A9F1-49A2-9204-9AD08FD2904C&q={searchTerms}&SSPV= <b>[Pays US - 199.101.113.79]</b>
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: URL = http://search.babylon.com/?q={searchTerms}&babsrc=SP_def&AF=18556 <b>[Pays US - 198.20.96.164]</b>
IE - HKCU\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: URL = https://www.google.com/webhp?gws_rd=ssl{searchTerms} <b>[Pays US - 174.36.247.69]</b>
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: URL = https://www.google.com/webhp?hl=en&gws_rd=ssl{searchTerms} <b>[Pays US - 173.194.40.115]</b>
IE - HKCU\..\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}: URL = https://www.bing.com/?scope=web&mkt=fr-FR&FORM=UP97DF&pc=UP97{searchTerms}&src=IE-SearchBox <b>[Pays US - 204.79.197.200]</b>
IE - HKCU\..\SearchScopes\{8143BF7D-8FFC-4527-A9B0-819CCB5051D7}: URL = http://www.search.ask.com/?l=dis{searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000 <b>[Pays US - 199.36.102.106]</b>
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492}: URL = https://fr.search.yahoo.com/yhs/search?hspart=aztec&hsimp=yhs-default&type=ds_313_492&p=&rnd=1220685562¶m1=sid%3D492%3Aaid%3D313%3Aver%3D14348%3Atm%3D519%3Asrc%3Dds%3Alng%3Den%3Aitype%3Dn%3Auip%3D1540432858%3Aup%3D{searchTerms} <b>[Pays US - 23.23.140.1]</b>
IE - HKCU\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=tele0202ch&cd=2XzuyEtN2Y1L1QzuyEzzyD0BtAzytB0DzztAyEtDtAyDtBtAtN0D0Tzu0SyBzytAtN1L2XzutBtFtCyBtFtDtFtCtN1L1CzutDzytDtCtG1TtN1L1G1B1V1N2Y1L1Qzu2SyCyByDtByCtAtDyDtGzz0F0ByDtGtDyB0C0DtG0AyDtCzytGtCzyzz0C0C0D0FtAyDtAtBtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDyEtAyCyB0E0DyCtG0D0AyD0DtG0A0F0FyDtGyByC0DzytGtCyC0D0FzzyBtAyEtB0ByBzy2Q&cr=1070142337&ir= <b>[Pays US - 174.129.203.121]</b>
IE - HKCU\..\SearchScopes\1D00D393429241A29259852F76DC0DD1: URL = https://search.sweetim.com/search.asp?src=6&crg=3.1010000&st=18&q={searchTerms}&barid={2DFD92A0-284A-11E2-86EF-485B392D8340} <b>[Pays US - 54.171.34.234]</b>
FF - prefs.js..browser.startup.homepage: h, h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,\r\nh,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,http://search.babylon.com/home?AF=18556 <b>[Pays US - 198.20.96.180]</b>
O2:[b]64bit:[/b] - BHO: (Linkey) - {4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} - C:\Users\Mr Garrouste\AppData\Local\Linkey\IEExtension\iedll64.dll File not found
O2 - BHO: (no name) - {2EECD738-5844-4a99-B4B6-146BF802613B} - No CLSID value found.
O2 - BHO: (Linkey) - {4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} - C:\Users\Mr Garrouste\AppData\Local\Linkey\IEExtension\iedll.dll File not found
O2 - BHO: (no name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No CLSID value found.
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - No CLSID value found.
O4 - HKLM..\Run: [CrashMon] C:\Program Files (x86)\0ca45c95134d\5596b4e010aa.exe ()
O4 - HKLM..\Run: [Salus] C:\Program Files (x86)\f552dd4c52e3\b786bdb3c67d.exe ()
O4 - HKLM..\Run: [Salus CrashMon] C:\Program Files (x86)\f552dd4c52e3\a7d12b5975b4.exe ()
O4 - Startup: C:\Users\Mr Garrouste\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tbhcn.lnk = C:\Users\Mr Garrouste\AppData\Roaming\GinyasBrowserCompanion\tbhcn.exe ()
[2014/11/02 10:05:52 | 000,000,000 | ---D | C] -- C:\ProgramData\374311380
[2014/11/02 09:58:55 | 000,000,000 | ---D | C] -- C:\Users\Mr Garrouste\AppData\Roaming\FirefoxToolbar
[2014/11/02 09:56:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\predm
[2014/11/02 09:56:17 | 000,000,000 | ---D | C] -- C:\Users\Mr Garrouste\AppData\Roaming\systweak
[2014/11/02 09:39:15 | 000,000,000 | ---D | C] -- C:\Users\Mr Garrouste\Documents\Optimizer Pro
[2014/11/02 09:36:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\0ca45c95134d
[2014/11/02 09:35:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\f552dd4c52e3
[2014/11/02 09:34:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SupTab
[2014/10/31 08:17:17 | 000,000,000 | ---D | C] -- C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
[2014/10/30 14:12:20 | 000,047,408 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysNative\drivers\b786bdb3c67d.sys
[2014/11/02 15:04:01 | 000,000,312 | ---- | M] () -- C:\Windows\tasks\MySearchDial.job
* poste le rapport ici
Redémarre l'ordinateur
gillesdelatisette
Messages postés
8
Date d'inscription
lundi 3 novembre 2014
Statut
Membre
Dernière intervention
3 novembre 2014
3 nov. 2014 à 18:37
3 nov. 2014 à 18:37
Voila le rapport :
:OTL
SRV - [2014/10/30 13:48:34 | 000,646,144 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\0ca45c95134d\cf3e08d747e4.exe -- (UniversalUpdater)
DRV:[b]64bit:/b - [2014/10/30 14:12:20 | 000,047,408 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\b786bdb3c67d.sys -- (b786bdb3c67d)
E - HKCU\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKCU\..\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}: URL = https://www.trovi.com/?gd=&ctid=CT3326305&octid=EB_ORIGINAL_CTID&ISID=MB50BFB14-A142-4C87-8E08-E40A4B8CB521&SearchSource=58&CUI=&UM=6&UP=SP9C44AF86-A9F1-49A2-9204-9AD08FD2904C&q={searchTerms}&SSPV= <b>[Pays US - 199.101.113.79]</b>
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: URL = http://search.babylon.com/?q={searchTerms}&babsrc=SP_def&AF=18556 <b>[Pays US - 198.20.96.164]</b>
IE - HKCU\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: URL = https://www.google.com/webhp?gws_rd=ssl{searchTerms} <b>[Pays US - 174.36.247.69]</b>
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: URL = https://www.google.com/webhp?hl=en&gws_rd=ssl{searchTerms} <b>[Pays US - 173.194.40.115]</b>
IE - HKCU\..\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}: URL = https://www.bing.com/?scope=web&mkt=fr-FR&FORM=UP97DF&pc=UP97{searchTerms}&src=IE-SearchBox <b>[Pays US - 204.79.197.200]</b>
IE - HKCU\..\SearchScopes\{8143BF7D-8FFC-4527-A9B0-819CCB5051D7}: URL = http://www.search.ask.com/?l=dis{searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000 <b>[Pays US - 199.36.102.106]</b>
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492}: URL = https://fr.search.yahoo.com/yhs/search?hspart=aztec&hsimp=yhs-default&type=ds_313_492&p=&rnd=1220685562¶m1=sid%3D492%3Aaid%3D313%3Aver%3D14348%3Atm%3D519%3Asrc%3Dds%3Alng%3Den%3Aitype%3Dn%3Auip%3D1540432858%3Aup%3D{searchTerms} <b>[Pays US - 23.23.140.1]</b>
IE - HKCU\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=tele0202ch&cd=2XzuyEtN2Y1L1QzuyEzzyD0BtAzytB0DzztAyEtDtAyDtBtAtN0D0Tzu0SyBzytAtN1L2XzutBtFtCyBtFtDtFtCtN1L1CzutDzytDtCtG1TtN1L1G1B1V1N2Y1L1Qzu2SyCyByDtByCtAtDyDtGzz0F0ByDtGtDyB0C0DtG0AyDtCzytGtCzyzz0C0C0D0FtAyDtAtBtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDyEtAyCyB0E0DyCtG0D0AyD0DtG0A0F0FyDtGyByC0DzytGtCyC0D0FzzyBtAyEtB0ByBzy2Q&cr=1070142337&ir= <b>[Pays US - 174.129.203.121]</b>
IE - HKCU\..\SearchScopes\1D00D393429241A29259852F76DC0DD1: URL = https://search.sweetim.com/search.asp?src=6&crg=3.1010000&st=18&q={searchTerms}&barid={2DFD92A0-284A-11E2-86EF-485B392D8340} <b>[Pays US - 54.171.34.234]</b>
FF - prefs.js..browser.startup.homepage: h, h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,\r\nh,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,http://search.babylon.com/home?AF=18556 <b>[Pays US - 198.20.96.180]</b>
O2:[b]64bit:/b - BHO: (Linkey) - {4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} - C:\Users\Mr Garrouste\AppData\Local\Linkey\IEExtension\iedll64.dll File not found
O2 - BHO: (no name) - {2EECD738-5844-4a99-B4B6-146BF802613B} - No CLSID value found.
O2 - BHO: (Linkey) - {4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} - C:\Users\Mr Garrouste\AppData\Local\Linkey\IEExtension\iedll.dll File not found
O2 - BHO: (no name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No CLSID value found.
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O3:[b]64bit:/b - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:[b]64bit:/b - HKLM\..\Toolbar: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
O3:[b]64bit:/b - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3:[b]64bit:/b - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - No CLSID value found.
O4 - HKLM..\Run: [CrashMon] C:\Program Files (x86)\0ca45c95134d\5596b4e010aa.exe ()
O4 - HKLM..\Run: [Salus] C:\Program Files (x86)\f552dd4c52e3\b786bdb3c67d.exe ()
O4 - HKLM..\Run: [Salus CrashMon] C:\Program Files (x86)\f552dd4c52e3\a7d12b5975b4.exe ()
O4 - Startup: C:\Users\Mr Garrouste\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tbhcn.lnk = C:\Users\Mr Garrouste\AppData\Roaming\GinyasBrowserCompanion\tbhcn.exe ()
[2014/11/02 10:05:52 | 000,000,000 | ---D | C] -- C:\ProgramData\374311380
[2014/11/02 09:58:55 | 000,000,000 | ---D | C] -- C:\Users\Mr Garrouste\AppData\Roaming\FirefoxToolbar
[2014/11/02 09:56:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\predm
[2014/11/02 09:56:17 | 000,000,000 | ---D | C] -- C:\Users\Mr Garrouste\AppData\Roaming\systweak
[2014/11/02 09:39:15 | 000,000,000 | ---D | C] -- C:\Users\Mr Garrouste\Documents\Optimizer Pro
[2014/11/02 09:36:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\0ca45c95134d
[2014/11/02 09:35:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\f552dd4c52e3
[2014/11/02 09:34:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SupTab
[2014/10/31 08:17:17 | 000,000,000 | ---D | C] -- C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
[2014/10/30 14:12:20 | 000,047,408 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysNative\drivers\b786bdb3c67d.sys
[2014/11/02 15:04:01 | 000,000,312 | ---- | M] () -- C:\Windows\tasks\MySearchDial.job
:OTL
SRV - [2014/10/30 13:48:34 | 000,646,144 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\0ca45c95134d\cf3e08d747e4.exe -- (UniversalUpdater)
DRV:[b]64bit:/b - [2014/10/30 14:12:20 | 000,047,408 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\b786bdb3c67d.sys -- (b786bdb3c67d)
E - HKCU\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKCU\..\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}: URL = https://www.trovi.com/?gd=&ctid=CT3326305&octid=EB_ORIGINAL_CTID&ISID=MB50BFB14-A142-4C87-8E08-E40A4B8CB521&SearchSource=58&CUI=&UM=6&UP=SP9C44AF86-A9F1-49A2-9204-9AD08FD2904C&q={searchTerms}&SSPV= <b>[Pays US - 199.101.113.79]</b>
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: URL = http://search.babylon.com/?q={searchTerms}&babsrc=SP_def&AF=18556 <b>[Pays US - 198.20.96.164]</b>
IE - HKCU\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: URL = https://www.google.com/webhp?gws_rd=ssl{searchTerms} <b>[Pays US - 174.36.247.69]</b>
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: URL = https://www.google.com/webhp?hl=en&gws_rd=ssl{searchTerms} <b>[Pays US - 173.194.40.115]</b>
IE - HKCU\..\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}: URL = https://www.bing.com/?scope=web&mkt=fr-FR&FORM=UP97DF&pc=UP97{searchTerms}&src=IE-SearchBox <b>[Pays US - 204.79.197.200]</b>
IE - HKCU\..\SearchScopes\{8143BF7D-8FFC-4527-A9B0-819CCB5051D7}: URL = http://www.search.ask.com/?l=dis{searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000 <b>[Pays US - 199.36.102.106]</b>
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492}: URL = https://fr.search.yahoo.com/yhs/search?hspart=aztec&hsimp=yhs-default&type=ds_313_492&p=&rnd=1220685562¶m1=sid%3D492%3Aaid%3D313%3Aver%3D14348%3Atm%3D519%3Asrc%3Dds%3Alng%3Den%3Aitype%3Dn%3Auip%3D1540432858%3Aup%3D{searchTerms} <b>[Pays US - 23.23.140.1]</b>
IE - HKCU\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=tele0202ch&cd=2XzuyEtN2Y1L1QzuyEzzyD0BtAzytB0DzztAyEtDtAyDtBtAtN0D0Tzu0SyBzytAtN1L2XzutBtFtCyBtFtDtFtCtN1L1CzutDzytDtCtG1TtN1L1G1B1V1N2Y1L1Qzu2SyCyByDtByCtAtDyDtGzz0F0ByDtGtDyB0C0DtG0AyDtCzytGtCzyzz0C0C0D0FtAyDtAtBtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDyEtAyCyB0E0DyCtG0D0AyD0DtG0A0F0FyDtGyByC0DzytGtCyC0D0FzzyBtAyEtB0ByBzy2Q&cr=1070142337&ir= <b>[Pays US - 174.129.203.121]</b>
IE - HKCU\..\SearchScopes\1D00D393429241A29259852F76DC0DD1: URL = https://search.sweetim.com/search.asp?src=6&crg=3.1010000&st=18&q={searchTerms}&barid={2DFD92A0-284A-11E2-86EF-485B392D8340} <b>[Pays US - 54.171.34.234]</b>
FF - prefs.js..browser.startup.homepage: h, h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,\r\nh,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,http://search.babylon.com/home?AF=18556 <b>[Pays US - 198.20.96.180]</b>
O2:[b]64bit:/b - BHO: (Linkey) - {4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} - C:\Users\Mr Garrouste\AppData\Local\Linkey\IEExtension\iedll64.dll File not found
O2 - BHO: (no name) - {2EECD738-5844-4a99-B4B6-146BF802613B} - No CLSID value found.
O2 - BHO: (Linkey) - {4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} - C:\Users\Mr Garrouste\AppData\Local\Linkey\IEExtension\iedll.dll File not found
O2 - BHO: (no name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No CLSID value found.
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O3:[b]64bit:/b - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:[b]64bit:/b - HKLM\..\Toolbar: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
O3:[b]64bit:/b - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3:[b]64bit:/b - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - No CLSID value found.
O4 - HKLM..\Run: [CrashMon] C:\Program Files (x86)\0ca45c95134d\5596b4e010aa.exe ()
O4 - HKLM..\Run: [Salus] C:\Program Files (x86)\f552dd4c52e3\b786bdb3c67d.exe ()
O4 - HKLM..\Run: [Salus CrashMon] C:\Program Files (x86)\f552dd4c52e3\a7d12b5975b4.exe ()
O4 - Startup: C:\Users\Mr Garrouste\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tbhcn.lnk = C:\Users\Mr Garrouste\AppData\Roaming\GinyasBrowserCompanion\tbhcn.exe ()
[2014/11/02 10:05:52 | 000,000,000 | ---D | C] -- C:\ProgramData\374311380
[2014/11/02 09:58:55 | 000,000,000 | ---D | C] -- C:\Users\Mr Garrouste\AppData\Roaming\FirefoxToolbar
[2014/11/02 09:56:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\predm
[2014/11/02 09:56:17 | 000,000,000 | ---D | C] -- C:\Users\Mr Garrouste\AppData\Roaming\systweak
[2014/11/02 09:39:15 | 000,000,000 | ---D | C] -- C:\Users\Mr Garrouste\Documents\Optimizer Pro
[2014/11/02 09:36:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\0ca45c95134d
[2014/11/02 09:35:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\f552dd4c52e3
[2014/11/02 09:34:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SupTab
[2014/10/31 08:17:17 | 000,000,000 | ---D | C] -- C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
[2014/10/30 14:12:20 | 000,047,408 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysNative\drivers\b786bdb3c67d.sys
[2014/11/02 15:04:01 | 000,000,312 | ---- | M] () -- C:\Windows\tasks\MySearchDial.job
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 628
3 nov. 2014 à 18:40
3 nov. 2014 à 18:40
ce n'est pas un rapport de correction, relis les instructions.
gillesdelatisette
Messages postés
8
Date d'inscription
lundi 3 novembre 2014
Statut
Membre
Dernière intervention
3 novembre 2014
3 nov. 2014 à 18:43
3 nov. 2014 à 18:43
Comment ça ?
En tout cas ça marche, merci beaucoup !! !!
En tout cas ça marche, merci beaucoup !! !!
gillesdelatisette
Messages postés
8
Date d'inscription
lundi 3 novembre 2014
Statut
Membre
Dernière intervention
3 novembre 2014
3 nov. 2014 à 18:47
3 nov. 2014 à 18:47
Merde j'avais pas fait gaffe j'ai du loupé mon copier/coller avant de redémarrer... désolé
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 628
3 nov. 2014 à 18:47
3 nov. 2014 à 18:47
plus de pubs erreur SSL ?
Tu peux refaire un scan OTL via pjjoint pour vérifier ?
Tu peux refaire un scan OTL via pjjoint pour vérifier ?
gillesdelatisette
Messages postés
8
Date d'inscription
lundi 3 novembre 2014
Statut
Membre
Dernière intervention
3 novembre 2014
3 nov. 2014 à 18:50
3 nov. 2014 à 18:50
Oui je relance le scan simple ou en y intégrant le contenu ?
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 628
3 nov. 2014 à 19:22
3 nov. 2014 à 19:22
yep c'est good,
Quelques conseils :
Installe Malwarebyte's Anti-Malware : https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
Fais des scans réguliers avec, il est efficace.
Pour prévenir les sites malicieux, tu peux installer Blockulicious : https://forum.malekal.com/viewtopic.php?t=46656&start=
Pour ne plus te faire avoir.
A lire - Programmes parasites / PUPs : https://www.malekal.com/adwares-pup-protection/
Quelques conseils :
Installe Malwarebyte's Anti-Malware : https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
Fais des scans réguliers avec, il est efficace.
Pour prévenir les sites malicieux, tu peux installer Blockulicious : https://forum.malekal.com/viewtopic.php?t=46656&start=
Pour ne plus te faire avoir.
A lire - Programmes parasites / PUPs : https://www.malekal.com/adwares-pup-protection/
gillesdelatisette
Messages postés
8
Date d'inscription
lundi 3 novembre 2014
Statut
Membre
Dernière intervention
3 novembre 2014
3 nov. 2014 à 19:32
3 nov. 2014 à 19:32
Ok super merci beaucoup! :)
