Ouverture de pub intensive
Dernière réponse : dans Connexions réseau et internet
Bonjour a tous, mon navigateur m'ouvre sans arret de la publicité ..
Je suis sous internet explorer .
Voici le rapport de hijack this :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 07:40:27, on 15/01/2011
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16700)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\OEM02Mon.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\PCTuto\pctuto.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\System32\StikyNot.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10i_ActiveX.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Users\Théo\Documents\HiJackThis.exe
C:\Program Files\Skype\Toolbars\Shared\SkypeNames2.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll
R3 - URLSearchHook: Tom's Guide France Toolbar - {a65e491f-a436-4952-b49a-b24ed99a0f67} - C:\Program Files\Tom's_Guide_France\tbTom'.dll
R3 - URLSearchHook: Softonic_France Toolbar - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files\Softonic_France\tbSoft.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: PCTBHO - {293A63F7-C3B6-423a-9845-901AC0A7EE6E} - C:\Program Files\PCTuto\pctutoBHO.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O2 - BHO: Softonic_France - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files\Softonic_France\tbSoft.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Tom's Guide France Toolbar - {a65e491f-a436-4952-b49a-b24ed99a0f67} - C:\Program Files\Tom's_Guide_France\tbTom'.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Tom's Guide France Toolbar - {a65e491f-a436-4952-b49a-b24ed99a0f67} - C:\Program Files\Tom's_Guide_France\tbTom'.dll
O3 - Toolbar: Softonic_France Toolbar - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files\Softonic_France\tbSoft.dll
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [rkfree] "C:\Program Files\rkfree\rkfree.exe" /b
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [BEWINTERNET-FR-DMGP-V2SessionManager] "C:\Program Files\Orange\IEWInternet\SessionManager\SessionManager.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [PCTuto] "C:\Program Files\PCTuto\pctuto.exe"
O4 - HKLM\..\RunOnce: [autoupdater] C:\Users\Théo\AppData\Roaming\PCtuto\UpdatePCTuto\autoupdater.exe -runonce
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [EPSON Stylus DX4400 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE /FU "C:\Windows\TEMP\E_S1341.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [EPSON SX510W Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFIE.EXE /FU "C:\Windows\TEMP\E_S9992.tmp" /EF "HKCU"
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
--
End of file - 10206 bytes
Merci d'avance
Je suis sous internet explorer .
Voici le rapport de hijack this :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 07:40:27, on 15/01/2011
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16700)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\OEM02Mon.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\PCTuto\pctuto.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\System32\StikyNot.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10i_ActiveX.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Users\Théo\Documents\HiJackThis.exe
C:\Program Files\Skype\Toolbars\Shared\SkypeNames2.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll
R3 - URLSearchHook: Tom's Guide France Toolbar - {a65e491f-a436-4952-b49a-b24ed99a0f67} - C:\Program Files\Tom's_Guide_France\tbTom'.dll
R3 - URLSearchHook: Softonic_France Toolbar - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files\Softonic_France\tbSoft.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: PCTBHO - {293A63F7-C3B6-423a-9845-901AC0A7EE6E} - C:\Program Files\PCTuto\pctutoBHO.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O2 - BHO: Softonic_France - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files\Softonic_France\tbSoft.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Tom's Guide France Toolbar - {a65e491f-a436-4952-b49a-b24ed99a0f67} - C:\Program Files\Tom's_Guide_France\tbTom'.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Tom's Guide France Toolbar - {a65e491f-a436-4952-b49a-b24ed99a0f67} - C:\Program Files\Tom's_Guide_France\tbTom'.dll
O3 - Toolbar: Softonic_France Toolbar - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files\Softonic_France\tbSoft.dll
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [rkfree] "C:\Program Files\rkfree\rkfree.exe" /b
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [BEWINTERNET-FR-DMGP-V2SessionManager] "C:\Program Files\Orange\IEWInternet\SessionManager\SessionManager.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [PCTuto] "C:\Program Files\PCTuto\pctuto.exe"
O4 - HKLM\..\RunOnce: [autoupdater] C:\Users\Théo\AppData\Roaming\PCtuto\UpdatePCTuto\autoupdater.exe -runonce
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [EPSON Stylus DX4400 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE /FU "C:\Windows\TEMP\E_S1341.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [EPSON SX510W Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFIE.EXE /FU "C:\Windows\TEMP\E_S9992.tmp" /EF "HKCU"
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
--
End of file - 10206 bytes
Merci d'avance
Autres pages sur : ouverture pub intensive
Lassé par la pub ? Créez un compte
Wally_D a dit :
Bonjour a tous, mon navigateur m'ouvre sans arret de la publicité ..Je suis sous internet explorer .
Merci d'avance
as-tu activer le bloqueur de fenêtres publicitaires d’Internet Explorer ?
ouvrir Internet Explorer , cliquez sur le bouton Outils, puis sur bloqueur de fenêtres publicitaires.
activer le bloqueur de fenêtres publicitaires .
si tu as toujours des problèmes et que tu penses à une infection , il faut que tu ailles faire un tour dans la section sécurité
du forum , seuls des helpers en sécurité sont à même d'interpréter un rapport hijack this
Bonjour
Relance Hijackthis (clique droit -> lancer en tant qu'adminstrateur sous Vista ET sEVEN),![]()
, coche ces lignes (si toujours présentes) :
R3 - URLSearchHook: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll
R3 - URLSearchHook: Softonic_France Toolbar - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files\Softonic_France\tbSoft.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O2 - BHO: Softonic_France - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files\Softonic_France\tbSoft.dll
O2 - BHO: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll
O3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O3 - Toolbar: Softonic_France Toolbar - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files\Softonic_France\tbSoft.dll
Ferme toutes les applications en cours (particulièrement ton navigateur Internet).
Puis ![]()
Ensuite fais ceci
Si tu le possède déjà, passe l'étape de l'installation et va directement à la mise à jour >>
Télécharge MalwareByte's Anti-Malware sur ton Bureau.
Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.
Une fois l'installation et la mise à jour effectuées :
![]()
Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen rapide".
Afin de lancer la recherche, clic sur"Rechercher".
Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
Si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
Si des infections sont présentes, clic sur "Afficher les résultats" ![]()
puis sur "Supprimer la sélection".![]()
Enregistre le rapport sur ton Bureau.
Fais redémarrer ton ordinateur normalement et poste le rapport dans ta prochaine réponse.
REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.
Relance Hijackthis (clique droit -> lancer en tant qu'adminstrateur sous Vista ET sEVEN),
, coche ces lignes (si toujours présentes) : R3 - URLSearchHook: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll
R3 - URLSearchHook: Softonic_France Toolbar - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files\Softonic_France\tbSoft.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O2 - BHO: Softonic_France - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files\Softonic_France\tbSoft.dll
O2 - BHO: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll
O3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O3 - Toolbar: Softonic_France Toolbar - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files\Softonic_France\tbSoft.dll
Ensuite fais ceci
Si tu le possède déjà, passe l'étape de l'installation et va directement à la mise à jour >>
Télécharge MalwareByte's Anti-Malware sur ton Bureau.
Une fois l'installation et la mise à jour effectuées :
puis sur "Supprimer la sélection".
Enregistre le rapport sur ton Bureau.
REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.
Bonjour ;
Voici le rendu du scan ; j'ai supprimer la selection..
![]()
OU :
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Version de la base de données: 5523
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
15/01/2011 11:35:40
mbam-log-2011-01-15 (11-35-40).txt
Type d'examen: Examen rapide
Elément(s) analysé(s): 148878
Temps écoulé: 8 minute(s), 30 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 8
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 5
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
C:\Program Files\PCTuto\pctutoBHO.dll (Trojan.Eorezo) -> No action taken.
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\pctutobho.pctbho (Trojan.Eorezo) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{0bf73e27-2734-4f7b-925a-4bbb1457f5fa} (Trojan.Eorezo) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{e2ed56b6-35fc-4484-9530-ec87fb458e78} (Trojan.Eorezo) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{293a63f7-c3b6-423a-9845-901ac0a7ee6e} (Trojan.Eorezo) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{293a63f7-c3b6-423a-9845-901ac0a7ee6e} (Trojan.Eorezo) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{293a63f7-c3b6-423a-9845-901ac0a7ee6e} (Trojan.Eorezo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{293a63f7-c3b6-423a-9845-901ac0a7ee6e} (Trojan.Eorezo) -> No action taken.
HKEY_CLASSES_ROOT\pctutobho.pctbho.1 (Trojan.Eorezo) -> No action taken.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\Program Files\PCTuto\pctutoBHO.dll (Trojan.Eorezo) -> No action taken.
C:\$Recycle.Bin\S-1-5-21-1345179053-813542716-3814585853-1000\$RGJLCZB.exe (Trojan.KeyLogger) -> No action taken.
C:\$Recycle.Bin\S-1-5-21-1345179053-813542716-3814585853-1000\$RR7RLVW.exe (Trojan.KeyLogger) -> No action taken.
C:\$Recycle.Bin\S-1-5-21-1345179053-813542716-3814585853-1000\$RIXPFLV\rkfree.exe (Keylogger.Logixoft) -> No action taken.
C:\Users\Théo\downloads\rkfree_setup.exe (Keylogger.Logixoft) -> No action taken.
Que faire? Merci de votre aide!
Voici le rendu du scan ; j'ai supprimer la selection..
OU :
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Version de la base de données: 5523
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
15/01/2011 11:35:40
mbam-log-2011-01-15 (11-35-40).txt
Type d'examen: Examen rapide
Elément(s) analysé(s): 148878
Temps écoulé: 8 minute(s), 30 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 8
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 5
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
C:\Program Files\PCTuto\pctutoBHO.dll (Trojan.Eorezo) -> No action taken.
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\pctutobho.pctbho (Trojan.Eorezo) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{0bf73e27-2734-4f7b-925a-4bbb1457f5fa} (Trojan.Eorezo) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{e2ed56b6-35fc-4484-9530-ec87fb458e78} (Trojan.Eorezo) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{293a63f7-c3b6-423a-9845-901ac0a7ee6e} (Trojan.Eorezo) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{293a63f7-c3b6-423a-9845-901ac0a7ee6e} (Trojan.Eorezo) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{293a63f7-c3b6-423a-9845-901ac0a7ee6e} (Trojan.Eorezo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{293a63f7-c3b6-423a-9845-901ac0a7ee6e} (Trojan.Eorezo) -> No action taken.
HKEY_CLASSES_ROOT\pctutobho.pctbho.1 (Trojan.Eorezo) -> No action taken.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\Program Files\PCTuto\pctutoBHO.dll (Trojan.Eorezo) -> No action taken.
C:\$Recycle.Bin\S-1-5-21-1345179053-813542716-3814585853-1000\$RGJLCZB.exe (Trojan.KeyLogger) -> No action taken.
C:\$Recycle.Bin\S-1-5-21-1345179053-813542716-3814585853-1000\$RR7RLVW.exe (Trojan.KeyLogger) -> No action taken.
C:\$Recycle.Bin\S-1-5-21-1345179053-813542716-3814585853-1000\$RIXPFLV\rkfree.exe (Keylogger.Logixoft) -> No action taken.
C:\Users\Théo\downloads\rkfree_setup.exe (Keylogger.Logixoft) -> No action taken.
Que faire? Merci de votre aide!
Tu as toujours des pubs ?
Télécharge OTL sur ton Bureau.
Double-clique sur OTL.exe pour le lancer.Sous Windows Vista/7, faire un clic droit sur OTL.exe puis choisir "Exécuter en tant qu'Administrateur" pour lancer l'outil.
Prends le soin de fermer toutes les autres fenêtres Windows afin de ne pas interrompre le scan.
L'écran principal de OTL s'affiche:
![]()
Dans la section Rapport en haut de cette fenêtre, coche Rapport minimal.
Coche également les cases à côté de Recherche Lop et Recherche purity.
Copies et colles le contenu de cette citation dans la partie inférieure d'OTL, Sous "Personnalisation"
Enfin, clique sur le bouton Analyse; Ne change aucun paramètre si je ne te l'ai pas dit. Le scan ne prendra pas beaucoup de temps.
Une fois l'analyse terminée, deux fenêtres vont s'ouvrir dans le Bloc-notes : OTL.txt et Extras.txt. Ils se trouvent au même endroit que OTL (donc par défaut sur le Bureau)
NE POSTE PAS LES RAPPORTS SUR LE FORUM MAIS
Rends toi ensuite sur ce site : http://www.cijoint.fr/
Clique sur "parcourir" et va jusqu'au rapport que tu as sauvegardé .
Clique ensuite sur "cliquer ici pour déposer le fichier" et patiente ...
Une fois l'upload finit , un lien apparait > copie/colle le dans ta prochaine réponse stp ....
AIDE en IMAGE
Télécharge OTL sur ton Bureau.
netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
ctfmon.exe
explorer.exe
userinit.exe
wininit.exe
winlogon.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
CREATERESTOREPOINT
%SYSTEMDRIVE%\*.exe
/md5start
ctfmon.exe
explorer.exe
userinit.exe
wininit.exe
winlogon.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
CREATERESTOREPOINT
NE POSTE PAS LES RAPPORTS SUR LE FORUM MAIS
Clique sur "parcourir" et va jusqu'au rapport que tu as sauvegardé .
Clique ensuite sur "cliquer ici pour déposer le fichier" et patiente ...
Une fois l'upload finit , un lien apparait > copie/colle le dans ta prochaine réponse stp ....
AIDE en IMAGE
Relance OTL.exe.
Sous l'onglet Personnalisation en bas de la fenêtre, copie-colle le contenu du cadre ci dessous depuis rien comme sur l'image:
![:o]( ":o")
TL
IE - HKLM\..\URLSearchHook: {4daac69c-cba7-45e2-9bc8-1044483d3352} - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - Reg Error: Key error. File not found
[2010/05/16 15:09:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Théo\AppData\Roaming\mozilla\Extensions
[2011/01/15 10:07:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Théo\AppData\Roaming\mozilla\Firefox\Profiles\jaesty70.default\extensions
[2010/09/01 16:12:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
File not found (No name found) -- C:\USERS\THéO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JAESTY70.DEFAULT\EXTENSIONS\{3112CA9C-DE6D-4884-A869-9855DE68056C}
File not found (No name found) -- C:\USERS\THéO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JAESTY70.DEFAULT\EXTENSIONS\ENGINE@CONDUIT.COM
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O4 - HKLM..\Run: [BEWINTERNET-FR-DMGP-V2SessionManager] File not found
O4 - HKLM..\Run: [rkfree] File not found
O4 - HKCU..\Run: [EA Core] File not found
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O33 - MountPoints2\{46b7399d-dec5-11df-a195-00219bf5806d}\Shell - "" = AutoRun
O33 - MountPoints2\{46b7399d-dec5-11df-a195-00219bf5806d}\Shell\AutoRun\command - "" = E:\AutoRunCardDetector.exe
O33 - MountPoints2\{46b739fe-dec5-11df-a195-00219bf5806d}\Shell - "" = AutoRun
O33 - MountPoints2\{46b739fe-dec5-11df-a195-00219bf5806d}\Shell\AutoRun\command - "" = E:\AutoRunCardDetector.exe
O33 - MountPoints2\{46b73a0c-dec5-11df-a195-00219bf5806d}\Shell - "" = AutoRun
O33 - MountPoints2\{46b73a0c-dec5-11df-a195-00219bf5806d}\Shell\AutoRun\command - "" = E:\AutoRunCardDetector.exe
O33 - MountPoints2\{53f71d57-89d4-11df-9a37-00219bf5806d}\Shell - "" = AutoRun
O33 - MountPoints2\{53f71d57-89d4-11df-9a37-00219bf5806d}\Shell\AutoRun\command - "" = "F:\WD SmartWare.exe" autoplay=true
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
:Files
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[EMPTYFLASH]
[CREATERESTOREPOINT]
Puis clique sur le bouton Correction en haut de la fenêtre.
Laisse le programme travailler sans te servir du PC!!!!!
Copie et colle le rapport dans ta réponse stp
Sous l'onglet Personnalisation en bas de la fenêtre, copie-colle le contenu du cadre ci dessous depuis rien comme sur l'image:
Citation :
Rien
TLIE - HKLM\..\URLSearchHook: {4daac69c-cba7-45e2-9bc8-1044483d3352} - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - Reg Error: Key error. File not found
[2010/05/16 15:09:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Théo\AppData\Roaming\mozilla\Extensions
[2011/01/15 10:07:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Théo\AppData\Roaming\mozilla\Firefox\Profiles\jaesty70.default\extensions
[2010/09/01 16:12:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
File not found (No name found) -- C:\USERS\THéO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JAESTY70.DEFAULT\EXTENSIONS\{3112CA9C-DE6D-4884-A869-9855DE68056C}
File not found (No name found) -- C:\USERS\THéO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JAESTY70.DEFAULT\EXTENSIONS\ENGINE@CONDUIT.COM
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O4 - HKLM..\Run: [BEWINTERNET-FR-DMGP-V2SessionManager] File not found
O4 - HKLM..\Run: [rkfree] File not found
O4 - HKCU..\Run: [EA Core] File not found
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O33 - MountPoints2\{46b7399d-dec5-11df-a195-00219bf5806d}\Shell - "" = AutoRun
O33 - MountPoints2\{46b7399d-dec5-11df-a195-00219bf5806d}\Shell\AutoRun\command - "" = E:\AutoRunCardDetector.exe
O33 - MountPoints2\{46b739fe-dec5-11df-a195-00219bf5806d}\Shell - "" = AutoRun
O33 - MountPoints2\{46b739fe-dec5-11df-a195-00219bf5806d}\Shell\AutoRun\command - "" = E:\AutoRunCardDetector.exe
O33 - MountPoints2\{46b73a0c-dec5-11df-a195-00219bf5806d}\Shell - "" = AutoRun
O33 - MountPoints2\{46b73a0c-dec5-11df-a195-00219bf5806d}\Shell\AutoRun\command - "" = E:\AutoRunCardDetector.exe
O33 - MountPoints2\{53f71d57-89d4-11df-9a37-00219bf5806d}\Shell - "" = AutoRun
O33 - MountPoints2\{53f71d57-89d4-11df-9a37-00219bf5806d}\Shell\AutoRun\command - "" = "F:\WD SmartWare.exe" autoplay=true
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
:Files
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[EMPTYFLASH]
[CREATERESTOREPOINT]
Voila ;
All processes killed
Error: Unable to interpret <Rien > in the current context!
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{4daac69c-cba7-45e2-9bc8-1044483d3352} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4daac69c-cba7-45e2-9bc8-1044483d3352}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{ba14329e-9550-4989-b3f2-9732e92d17cc} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ba14329e-9550-4989-b3f2-9732e92d17cc}\ not found.
C:\Users\Théo\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} folder moved successfully.
C:\Users\Théo\AppData\Roaming\mozilla\Extensions folder moved successfully.
C:\Users\Théo\AppData\Roaming\mozilla\Firefox\Profiles\jaesty70.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\META-INF folder moved successfully.
C:\Users\Théo\AppData\Roaming\mozilla\Firefox\Profiles\jaesty70.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries folder moved successfully.
C:\Users\Théo\AppData\Roaming\mozilla\Firefox\Profiles\jaesty70.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\lib folder moved successfully.
C:\Users\Théo\AppData\Roaming\mozilla\Firefox\Profiles\jaesty70.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\defaults\preferences folder moved successfully.
C:\Users\Théo\AppData\Roaming\mozilla\Firefox\Profiles\jaesty70.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\defaults\custombuttons folder moved successfully.
C:\Users\Théo\AppData\Roaming\mozilla\Firefox\Profiles\jaesty70.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\defaults\contenthandling folder moved successfully.
C:\Users\Théo\AppData\Roaming\mozilla\Firefox\Profiles\jaesty70.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\defaults\components folder moved successfully.
C:\Users\Théo\AppData\Roaming\mozilla\Firefox\Profiles\jaesty70.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\defaults folder moved successfully.
C:\Users\Théo\AppData\Roaming\mozilla\Firefox\Profiles\jaesty70.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components folder moved successfully.
C:\Users\Théo\AppData\Roaming\mozilla\Firefox\Profiles\jaesty70.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\chrome folder moved successfully.
C:\Users\Théo\AppData\Roaming\mozilla\Firefox\Profiles\jaesty70.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} folder moved successfully.
C:\Users\Théo\AppData\Roaming\mozilla\Firefox\Profiles\jaesty70.default\extensions\engine@conduit.com\searchplugin folder moved successfully.
C:\Users\Théo\AppData\Roaming\mozilla\Firefox\Profiles\jaesty70.default\extensions\engine@conduit.com\META-INF folder moved successfully.
C:\Users\Théo\AppData\Roaming\mozilla\Firefox\Profiles\jaesty70.default\extensions\engine@conduit.com\lib folder moved successfully.
C:\Users\Théo\AppData\Roaming\mozilla\Firefox\Profiles\jaesty70.default\extensions\engine@conduit.com\DualPackage folder moved successfully.
C:\Users\Théo\AppData\Roaming\mozilla\Firefox\Profiles\jaesty70.default\extensions\engine@conduit.com\defaults folder moved successfully.
C:\Users\Théo\AppData\Roaming\mozilla\Firefox\Profiles\jaesty70.default\extensions\engine@conduit.com\components folder moved successfully.
C:\Users\Théo\AppData\Roaming\mozilla\Firefox\Profiles\jaesty70.default\extensions\engine@conduit.com\chrome folder moved successfully.
C:\Users\Théo\AppData\Roaming\mozilla\Firefox\Profiles\jaesty70.default\extensions\engine@conduit.com folder moved successfully.
C:\Users\Théo\AppData\Roaming\mozilla\Firefox\Profiles\jaesty70.default\extensions folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\content folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\content folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\chrome\icons\default folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\chrome\icons folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\chrome folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} folder moved successfully.
C:\Program Files\mozilla firefox\extensions folder moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\BEWINTERNET-FR-DMGP-V2SessionManager deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\rkfree deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\EA Core deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{46b7399d-dec5-11df-a195-00219bf5806d}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{46b7399d-dec5-11df-a195-00219bf5806d}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{46b7399d-dec5-11df-a195-00219bf5806d}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{46b7399d-dec5-11df-a195-00219bf5806d}\ not found.
File E:\AutoRunCardDetector.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{46b739fe-dec5-11df-a195-00219bf5806d}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{46b739fe-dec5-11df-a195-00219bf5806d}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{46b739fe-dec5-11df-a195-00219bf5806d}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{46b739fe-dec5-11df-a195-00219bf5806d}\ not found.
File E:\AutoRunCardDetector.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{46b73a0c-dec5-11df-a195-00219bf5806d}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{46b73a0c-dec5-11df-a195-00219bf5806d}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{46b73a0c-dec5-11df-a195-00219bf5806d}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{46b73a0c-dec5-11df-a195-00219bf5806d}\ not found.
File E:\AutoRunCardDetector.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{53f71d57-89d4-11df-9a37-00219bf5806d}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{53f71d57-89d4-11df-9a37-00219bf5806d}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{53f71d57-89d4-11df-9a37-00219bf5806d}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{53f71d57-89d4-11df-9a37-00219bf5806d}\ not found.
File "F:\WD SmartWare.exe" autoplay=true not found.
C:\Windows\leavepop.tmp deleted successfully.
========== FILES ==========
< ipconfig /flushdns /c >
No captured output from command...
C:\Users\Théo\Desktop\cmd.bat deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41620 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Public
User: Théo
->Temp folder emptied: 437228241 bytes
->Temporary Internet Files folder emptied: 505016925 bytes
->Java cache emptied: 15543021 bytes
->FireFox cache emptied: 108255086 bytes
->Flash cache emptied: 88533 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1114232 bytes
RecycleBin emptied: 6457348003 bytes
Total Files Cleaned = 7 176,00 mb
[EMPTYFLASH]
User: All Users
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: Public
User: Théo
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.20.2 log created on 01152011_144205
Files\Folders moved on Reboot...
File\Folder C:\Users\Théo\AppData\Local\Temp\~DFD264FA8F2B48738F.TMP not found!
File\Folder C:\Users\Théo\AppData\Local\Temp\~DFF269CCB67BD9B8B5.TMP not found!
File\Folder C:\Users\Théo\AppData\Local\Temp\~DFF393C13E7B0563CE.TMP not found!
File\Folder C:\Users\Théo\AppData\Local\Temp\~DFF8F1C3E1A130BD94.TMP not found!
File\Folder C:\Users\Théo\AppData\Local\Temp\~DFF9FEF014D5FD80F7.TMP not found!
File\Folder C:\Users\Théo\AppData\Local\Temp\~DFFB292D7203813191.TMP not found!
C:\Users\Théo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\W8GXT7UW\ads[9].htm moved successfully.
C:\Users\Théo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\P5GPCWJU\ads[5].htm moved successfully.
C:\Users\Théo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H1Z65Z5P\ai[10].htm moved successfully.
C:\Users\Théo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H1Z65Z5P\apercu[1].htm moved successfully.
C:\Users\Théo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\GQEVHBGX\11[2].htm moved successfully.
C:\Users\Théo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\GQEVHBGX\cdntests_cedexis[1].htm moved successfully.
C:\Users\Théo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\GQEVHBGX\history_manager[1].htm moved successfully.
C:\Users\Théo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\GQEVHBGX\repondre-301498-1[1].htm moved successfully.
C:\Users\Théo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\6FNFHLGZ\facebook_com[2].htm moved successfully.
C:\Users\Théo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\6FNFHLGZ\morestories[1].htm moved successfully.
C:\Users\Théo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\3GC6JP2X\profile[1].htm moved successfully.
C:\Users\Théo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.
File move failed. C:\Windows\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.
Registry entries deleted on Reboot...
All processes killed
Error: Unable to interpret <Rien > in the current context!
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{4daac69c-cba7-45e2-9bc8-1044483d3352} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4daac69c-cba7-45e2-9bc8-1044483d3352}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{ba14329e-9550-4989-b3f2-9732e92d17cc} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ba14329e-9550-4989-b3f2-9732e92d17cc}\ not found.
C:\Users\Théo\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} folder moved successfully.
C:\Users\Théo\AppData\Roaming\mozilla\Extensions folder moved successfully.
C:\Users\Théo\AppData\Roaming\mozilla\Firefox\Profiles\jaesty70.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\META-INF folder moved successfully.
C:\Users\Théo\AppData\Roaming\mozilla\Firefox\Profiles\jaesty70.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries folder moved successfully.
C:\Users\Théo\AppData\Roaming\mozilla\Firefox\Profiles\jaesty70.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\lib folder moved successfully.
C:\Users\Théo\AppData\Roaming\mozilla\Firefox\Profiles\jaesty70.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\defaults\preferences folder moved successfully.
C:\Users\Théo\AppData\Roaming\mozilla\Firefox\Profiles\jaesty70.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\defaults\custombuttons folder moved successfully.
C:\Users\Théo\AppData\Roaming\mozilla\Firefox\Profiles\jaesty70.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\defaults\contenthandling folder moved successfully.
C:\Users\Théo\AppData\Roaming\mozilla\Firefox\Profiles\jaesty70.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\defaults\components folder moved successfully.
C:\Users\Théo\AppData\Roaming\mozilla\Firefox\Profiles\jaesty70.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\defaults folder moved successfully.
C:\Users\Théo\AppData\Roaming\mozilla\Firefox\Profiles\jaesty70.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components folder moved successfully.
C:\Users\Théo\AppData\Roaming\mozilla\Firefox\Profiles\jaesty70.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\chrome folder moved successfully.
C:\Users\Théo\AppData\Roaming\mozilla\Firefox\Profiles\jaesty70.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} folder moved successfully.
C:\Users\Théo\AppData\Roaming\mozilla\Firefox\Profiles\jaesty70.default\extensions\engine@conduit.com\searchplugin folder moved successfully.
C:\Users\Théo\AppData\Roaming\mozilla\Firefox\Profiles\jaesty70.default\extensions\engine@conduit.com\META-INF folder moved successfully.
C:\Users\Théo\AppData\Roaming\mozilla\Firefox\Profiles\jaesty70.default\extensions\engine@conduit.com\lib folder moved successfully.
C:\Users\Théo\AppData\Roaming\mozilla\Firefox\Profiles\jaesty70.default\extensions\engine@conduit.com\DualPackage folder moved successfully.
C:\Users\Théo\AppData\Roaming\mozilla\Firefox\Profiles\jaesty70.default\extensions\engine@conduit.com\defaults folder moved successfully.
C:\Users\Théo\AppData\Roaming\mozilla\Firefox\Profiles\jaesty70.default\extensions\engine@conduit.com\components folder moved successfully.
C:\Users\Théo\AppData\Roaming\mozilla\Firefox\Profiles\jaesty70.default\extensions\engine@conduit.com\chrome folder moved successfully.
C:\Users\Théo\AppData\Roaming\mozilla\Firefox\Profiles\jaesty70.default\extensions\engine@conduit.com folder moved successfully.
C:\Users\Théo\AppData\Roaming\mozilla\Firefox\Profiles\jaesty70.default\extensions folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\content folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\content folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\chrome\icons\default folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\chrome\icons folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\chrome folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} folder moved successfully.
C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} folder moved successfully.
C:\Program Files\mozilla firefox\extensions folder moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\BEWINTERNET-FR-DMGP-V2SessionManager deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\rkfree deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\EA Core deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{46b7399d-dec5-11df-a195-00219bf5806d}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{46b7399d-dec5-11df-a195-00219bf5806d}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{46b7399d-dec5-11df-a195-00219bf5806d}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{46b7399d-dec5-11df-a195-00219bf5806d}\ not found.
File E:\AutoRunCardDetector.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{46b739fe-dec5-11df-a195-00219bf5806d}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{46b739fe-dec5-11df-a195-00219bf5806d}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{46b739fe-dec5-11df-a195-00219bf5806d}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{46b739fe-dec5-11df-a195-00219bf5806d}\ not found.
File E:\AutoRunCardDetector.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{46b73a0c-dec5-11df-a195-00219bf5806d}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{46b73a0c-dec5-11df-a195-00219bf5806d}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{46b73a0c-dec5-11df-a195-00219bf5806d}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{46b73a0c-dec5-11df-a195-00219bf5806d}\ not found.
File E:\AutoRunCardDetector.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{53f71d57-89d4-11df-9a37-00219bf5806d}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{53f71d57-89d4-11df-9a37-00219bf5806d}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{53f71d57-89d4-11df-9a37-00219bf5806d}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{53f71d57-89d4-11df-9a37-00219bf5806d}\ not found.
File "F:\WD SmartWare.exe" autoplay=true not found.
C:\Windows\leavepop.tmp deleted successfully.
========== FILES ==========
< ipconfig /flushdns /c >
No captured output from command...
C:\Users\Théo\Desktop\cmd.bat deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41620 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Public
User: Théo
->Temp folder emptied: 437228241 bytes
->Temporary Internet Files folder emptied: 505016925 bytes
->Java cache emptied: 15543021 bytes
->FireFox cache emptied: 108255086 bytes
->Flash cache emptied: 88533 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1114232 bytes
RecycleBin emptied: 6457348003 bytes
Total Files Cleaned = 7 176,00 mb
[EMPTYFLASH]
User: All Users
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: Public
User: Théo
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.20.2 log created on 01152011_144205
Files\Folders moved on Reboot...
File\Folder C:\Users\Théo\AppData\Local\Temp\~DFD264FA8F2B48738F.TMP not found!
File\Folder C:\Users\Théo\AppData\Local\Temp\~DFF269CCB67BD9B8B5.TMP not found!
File\Folder C:\Users\Théo\AppData\Local\Temp\~DFF393C13E7B0563CE.TMP not found!
File\Folder C:\Users\Théo\AppData\Local\Temp\~DFF8F1C3E1A130BD94.TMP not found!
File\Folder C:\Users\Théo\AppData\Local\Temp\~DFF9FEF014D5FD80F7.TMP not found!
File\Folder C:\Users\Théo\AppData\Local\Temp\~DFFB292D7203813191.TMP not found!
C:\Users\Théo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\W8GXT7UW\ads[9].htm moved successfully.
C:\Users\Théo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\P5GPCWJU\ads[5].htm moved successfully.
C:\Users\Théo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H1Z65Z5P\ai[10].htm moved successfully.
C:\Users\Théo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H1Z65Z5P\apercu[1].htm moved successfully.
C:\Users\Théo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\GQEVHBGX\11[2].htm moved successfully.
C:\Users\Théo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\GQEVHBGX\cdntests_cedexis[1].htm moved successfully.
C:\Users\Théo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\GQEVHBGX\history_manager[1].htm moved successfully.
C:\Users\Théo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\GQEVHBGX\repondre-301498-1[1].htm moved successfully.
C:\Users\Théo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\6FNFHLGZ\facebook_com[2].htm moved successfully.
C:\Users\Théo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\6FNFHLGZ\morestories[1].htm moved successfully.
C:\Users\Théo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\3GC6JP2X\profile[1].htm moved successfully.
C:\Users\Théo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.
File move failed. C:\Windows\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.
Registry entries deleted on Reboot...
Refais un scan rapide avec Malwarebytes en n'oubliant pas de le mettre a jour
Ensuite fais ceci:
Clique ICI pour lancer une ligne de scannner ESET.
Impératif: pour ce scan utiliser Internet Explorer
Coche Yes,I accept the Terms of Use
Clique sur Start
Autorisez le contrôle ActiveX
Clique sur Start
Coche les options suivantes: Remove found threats et Scan archives
Clique sur Start
Attend la fin du scan
Utilise le Bloc-notes pour ouvrir le rapport situé dans C:\Program Files\ESET\ESET online Scanner\log.txt
Copie et colle ce rapport dans ta prochaine réponse.
AIDE
Et dis moi comment se comporte le PC maintenant
Ensuite fais ceci:
Clique ICI pour lancer une ligne de scannner ESET.
Impératif: pour ce scan utiliser Internet Explorer
Coche Yes,I accept the Terms of Use
Clique sur Start
Autorisez le contrôle ActiveX
Clique sur Start
Coche les options suivantes: Remove found threats et Scan archives
Clique sur Start
Attend la fin du scan
Utilise le Bloc-notes pour ouvrir le rapport situé dans C:\Program Files\ESET\ESET online Scanner\log.txt
Copie et colle ce rapport dans ta prochaine réponse.
AIDE
Et dis moi comment se comporte le PC maintenant
Lassé par la pub ? Créez un compte
- Contenus similaires :
- ForumOuverture intempestive fenetres de pub
- ForumNavilog et ouverture d'onglets pub
- ForumOuverture fenetre pub internet
- ForumOuverture de fenetres internet de pub
- ForumEmpecher ouverture fenetre pub
- ForumOuverture page pub intempestive
- ForumOuverture page pub
- ForumOuverture pop-up pub
- ForumOuverture fenetre pub intempestives
- Voir plus
