Votre question

Ouverture de pub intensive

Tags :
  • Internet Explorer
  • Internet
Dernière réponse : dans Internet
15 Janvier 2011 07:44:00

Bonjour a tous, mon navigateur m'ouvre sans arret de la publicité ..
Je suis sous internet explorer .

Voici le rapport de hijack this :


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 07:40:27, on 15/01/2011
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16700)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\OEM02Mon.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\PCTuto\pctuto.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\System32\StikyNot.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10i_ActiveX.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Users\Théo\Documents\HiJackThis.exe
C:\Program Files\Skype\Toolbars\Shared\SkypeNames2.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll
R3 - URLSearchHook: Tom's Guide France Toolbar - {a65e491f-a436-4952-b49a-b24ed99a0f67} - C:\Program Files\Tom's_Guide_France\tbTom'.dll
R3 - URLSearchHook: Softonic_France Toolbar - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files\Softonic_France\tbSoft.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: PCTBHO - {293A63F7-C3B6-423a-9845-901AC0A7EE6E} - C:\Program Files\PCTuto\pctutoBHO.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O2 - BHO: Softonic_France - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files\Softonic_France\tbSoft.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Tom's Guide France Toolbar - {a65e491f-a436-4952-b49a-b24ed99a0f67} - C:\Program Files\Tom's_Guide_France\tbTom'.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Tom's Guide France Toolbar - {a65e491f-a436-4952-b49a-b24ed99a0f67} - C:\Program Files\Tom's_Guide_France\tbTom'.dll
O3 - Toolbar: Softonic_France Toolbar - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files\Softonic_France\tbSoft.dll
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [rkfree] "C:\Program Files\rkfree\rkfree.exe" /b
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [BEWINTERNET-FR-DMGP-V2SessionManager] "C:\Program Files\Orange\IEWInternet\SessionManager\SessionManager.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [PCTuto] "C:\Program Files\PCTuto\pctuto.exe"
O4 - HKLM\..\RunOnce: [autoupdater] C:\Users\Théo\AppData\Roaming\PCtuto\UpdatePCTuto\autoupdater.exe -runonce
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [EPSON Stylus DX4400 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE /FU "C:\Windows\TEMP\E_S1341.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [EPSON SX510W Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFIE.EXE /FU "C:\Windows\TEMP\E_S9992.tmp" /EF "HKCU"
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

--
End of file - 10206 bytes





Merci d'avance

Autres pages sur : ouverture pub intensive

15 Janvier 2011 08:43:22

Wally_D a dit :
Bonjour a tous, mon navigateur m'ouvre sans arret de la publicité ..
Je suis sous internet explorer .
Merci d'avance



as-tu activer le bloqueur de fenêtres publicitaires d’Internet Explorer ?

ouvrir Internet Explorer , cliquez sur le bouton Outils, puis sur bloqueur de fenêtres publicitaires.

activer le bloqueur de fenêtres publicitaires .

si tu as toujours des problèmes et que tu penses à une infection , il faut que tu ailles faire un tour dans la section sécurité

du forum , seuls des helpers en sécurité sont à même d'interpréter un rapport hijack this
m
0
l
15 Janvier 2011 09:11:54

Merci de t'a réponse, et je pense plus a une infection... que faire? :/ 
m
0
l
Contenus similaires
15 Janvier 2011 09:13:52

Wally_D a dit :
Merci de t'a réponse, et je pense plus a une infection... que faire? :/ 


tu as fais la manip. donc ,

tu as lu mon message jusqu'à la fin donc .
m
0
l
15 Janvier 2011 09:36:38

Bonjour

Relance Hijackthis (clique droit -> lancer en tant qu'adminstrateur sous Vista ET sEVEN), , coche ces lignes (si toujours présentes) :

R3 - URLSearchHook: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll
R3 - URLSearchHook: Softonic_France Toolbar - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files\Softonic_France\tbSoft.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O2 - BHO: Softonic_France - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files\Softonic_France\tbSoft.dll
O2 - BHO: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll
O3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O3 - Toolbar: Softonic_France Toolbar - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files\Softonic_France\tbSoft.dll


  • Ferme toutes les applications en cours (particulièrement ton navigateur Internet).
  • Puis

    Ensuite fais ceci

    Si tu le possède déjà, passe l'étape de l'installation et va directement à la mise à jour >>

    Télécharge MalwareByte's Anti-Malware sur ton Bureau.

  • Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.
    Une fois l'installation et la mise à jour effectuées :



  • Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen rapide".
  • Afin de lancer la recherche, clic sur"Rechercher".
  • Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
  • Si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
  • Si des infections sont présentes, clic sur "Afficher les résultats"
    puis sur "Supprimer la sélection".

    Enregistre le rapport sur ton Bureau.
  • Fais redémarrer ton ordinateur normalement et poste le rapport dans ta prochaine réponse.

    REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.
    m
    0
    l
    15 Janvier 2011 11:34:59

    Bonjour ;

    Voici le rendu du scan ; j'ai supprimer la selection..





    OU :

    Malwarebytes' Anti-Malware 1.46
    www.malwarebytes.org

    Version de la base de données: 5523

    Windows 6.1.7600
    Internet Explorer 8.0.7600.16385

    15/01/2011 11:35:40
    mbam-log-2011-01-15 (11-35-40).txt

    Type d'examen: Examen rapide
    Elément(s) analysé(s): 148878
    Temps écoulé: 8 minute(s), 30 seconde(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 1
    Clé(s) du Registre infectée(s): 8
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 5

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    C:\Program Files\PCTuto\pctutoBHO.dll (Trojan.Eorezo) -> No action taken.

    Clé(s) du Registre infectée(s):
    HKEY_CLASSES_ROOT\pctutobho.pctbho (Trojan.Eorezo) -> No action taken.
    HKEY_CLASSES_ROOT\TypeLib\{0bf73e27-2734-4f7b-925a-4bbb1457f5fa} (Trojan.Eorezo) -> No action taken.
    HKEY_CLASSES_ROOT\Interface\{e2ed56b6-35fc-4484-9530-ec87fb458e78} (Trojan.Eorezo) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{293a63f7-c3b6-423a-9845-901ac0a7ee6e} (Trojan.Eorezo) -> No action taken.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{293a63f7-c3b6-423a-9845-901ac0a7ee6e} (Trojan.Eorezo) -> No action taken.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{293a63f7-c3b6-423a-9845-901ac0a7ee6e} (Trojan.Eorezo) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{293a63f7-c3b6-423a-9845-901ac0a7ee6e} (Trojan.Eorezo) -> No action taken.
    HKEY_CLASSES_ROOT\pctutobho.pctbho.1 (Trojan.Eorezo) -> No action taken.

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    C:\Program Files\PCTuto\pctutoBHO.dll (Trojan.Eorezo) -> No action taken.
    C:\$Recycle.Bin\S-1-5-21-1345179053-813542716-3814585853-1000\$RGJLCZB.exe (Trojan.KeyLogger) -> No action taken.
    C:\$Recycle.Bin\S-1-5-21-1345179053-813542716-3814585853-1000\$RR7RLVW.exe (Trojan.KeyLogger) -> No action taken.
    C:\$Recycle.Bin\S-1-5-21-1345179053-813542716-3814585853-1000\$RIXPFLV\rkfree.exe (Keylogger.Logixoft) -> No action taken.
    C:\Users\Théo\downloads\rkfree_setup.exe (Keylogger.Logixoft) -> No action taken.



    Que faire? Merci de votre aide!
    m
    0
    l
    15 Janvier 2011 11:41:41

    Ps : La pub s'ouvre apres chaque démarage.. et aprés le redemarage et la suppression des fichiers, la pub s'affiche encore :( 
    m
    0
    l
    15 Janvier 2011 11:43:10

    Hello

    On a posté en même temps Tu as supprimé la sélection avec MBAM ?
    m
    0
    l
    15 Janvier 2011 12:00:51

    Oui .. J'ai supprimer la séléction .
    m
    0
    l
    15 Janvier 2011 12:03:42

    Tu as toujours des pubs ?

    Télécharge OTL sur ton Bureau.

  • Double-clique sur OTL.exe pour le lancer.Sous Windows Vista/7, faire un clic droit sur OTL.exe puis choisir "Exécuter en tant qu'Administrateur" pour lancer l'outil.
  • Prends le soin de fermer toutes les autres fenêtres Windows afin de ne pas interrompre le scan.
  • L'écran principal de OTL s'affiche:

  • Dans la section Rapport en haut de cette fenêtre, coche Rapport minimal.
  • Coche également les cases à côté de Recherche Lop et Recherche purity.
  • Copies et colles le contenu de cette citation dans la partie inférieure d'OTL, Sous "Personnalisation"

    netsvcs
    %SYSTEMDRIVE%\*.exe
    /md5start
    ctfmon.exe
    explorer.exe
    userinit.exe
    wininit.exe
    winlogon.exe
    eventlog.dll
    scecli.dll
    netlogon.dll
    cngaudit.dll
    sceclt.dll
    ntelogon.dll
    logevent.dll
    iaStor.sys
    nvstor.sys
    atapi.sys
    IdeChnDr.sys
    viasraid.sys
    AGP440.sys
    vaxscsi.sys
    nvatabus.sys
    viamraid.sys
    nvata.sys
    nvgts.sys
    iastorv.sys
    ViPrt.sys
    eNetHook.dll
    ahcix86.sys
    KR10N.sys
    nvstor32.sys
    ahcix86s.sys
    nvrd32.sys
    /md5stop
    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    CREATERESTOREPOINT


  • Enfin, clique sur le bouton Analyse; Ne change aucun paramètre si je ne te l'ai pas dit. Le scan ne prendra pas beaucoup de temps.
  • Une fois l'analyse terminée, deux fenêtres vont s'ouvrir dans le Bloc-notes : OTL.txt et Extras.txt. Ils se trouvent au même endroit que OTL (donc par défaut sur le Bureau)

    NE POSTE PAS LES RAPPORTS SUR LE FORUM MAIS

  • Rends toi ensuite sur ce site : http://www.cijoint.fr/
    Clique sur "parcourir" et va jusqu'au rapport que tu as sauvegardé .
    Clique ensuite sur "cliquer ici pour déposer le fichier" et patiente ...
    Une fois l'upload finit , un lien apparait > copie/colle le dans ta prochaine réponse stp ....

    AIDE en IMAGE
    m
    0
    l
    15 Janvier 2011 14:24:50

    Relance OTL.exe.

    Sous l'onglet Personnalisation en bas de la fenêtre, copie-colle le contenu du cadre ci dessous depuis rien comme sur l'image:

    Citation :
    Rien
    :o TL
    IE - HKLM\..\URLSearchHook: {4daac69c-cba7-45e2-9bc8-1044483d3352} - Reg Error: Key error. File not found
    IE - HKLM\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - Reg Error: Key error. File not found
    [2010/05/16 15:09:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Théo\AppData\Roaming\mozilla\Extensions
    [2011/01/15 10:07:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Théo\AppData\Roaming\mozilla\Firefox\Profiles\jaesty70.default\extensions
    [2010/09/01 16:12:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
    File not found (No name found) -- C:\USERS\THéO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JAESTY70.DEFAULT\EXTENSIONS\{3112CA9C-DE6D-4884-A869-9855DE68056C}
    File not found (No name found) -- C:\USERS\THéO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JAESTY70.DEFAULT\EXTENSIONS\ENGINE@CONDUIT.COM
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
    O4 - HKLM..\Run: [BEWINTERNET-FR-DMGP-V2SessionManager] File not found
    O4 - HKLM..\Run: [rkfree] File not found
    O4 - HKCU..\Run: [EA Core] File not found
    O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
    O33 - MountPoints2\{46b7399d-dec5-11df-a195-00219bf5806d}\Shell - "" = AutoRun
    O33 - MountPoints2\{46b7399d-dec5-11df-a195-00219bf5806d}\Shell\AutoRun\command - "" = E:\AutoRunCardDetector.exe
    O33 - MountPoints2\{46b739fe-dec5-11df-a195-00219bf5806d}\Shell - "" = AutoRun
    O33 - MountPoints2\{46b739fe-dec5-11df-a195-00219bf5806d}\Shell\AutoRun\command - "" = E:\AutoRunCardDetector.exe
    O33 - MountPoints2\{46b73a0c-dec5-11df-a195-00219bf5806d}\Shell - "" = AutoRun
    O33 - MountPoints2\{46b73a0c-dec5-11df-a195-00219bf5806d}\Shell\AutoRun\command - "" = E:\AutoRunCardDetector.exe
    O33 - MountPoints2\{53f71d57-89d4-11df-9a37-00219bf5806d}\Shell - "" = AutoRun
    O33 - MountPoints2\{53f71d57-89d4-11df-9a37-00219bf5806d}\Shell\AutoRun\command - "" = "F:\WD SmartWare.exe" autoplay=true
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
    :Files
    ipconfig /flushdns /c
    :Commands
    [purity]
    [emptytemp]
    [EMPTYFLASH]
    [CREATERESTOREPOINT]


  • Puis clique sur le bouton Correction en haut de la fenêtre.
  • Laisse le programme travailler sans te servir du PC!!!!!
  • Copie et colle le rapport dans ta réponse stp

    m
    0
    l
    15 Janvier 2011 22:21:12

    Voila ;


    All processes killed
    Error: Unable to interpret <Rien > in the current context!
    ========== OTL ==========
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{4daac69c-cba7-45e2-9bc8-1044483d3352} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4daac69c-cba7-45e2-9bc8-1044483d3352}\ not found.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{ba14329e-9550-4989-b3f2-9732e92d17cc} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ba14329e-9550-4989-b3f2-9732e92d17cc}\ not found.
    C:\Users\Théo\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} folder moved successfully.
    C:\Users\Théo\AppData\Roaming\mozilla\Extensions folder moved successfully.
    C:\Users\Théo\AppData\Roaming\mozilla\Firefox\Profiles\jaesty70.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\META-INF folder moved successfully.
    C:\Users\Théo\AppData\Roaming\mozilla\Firefox\Profiles\jaesty70.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries folder moved successfully.
    C:\Users\Théo\AppData\Roaming\mozilla\Firefox\Profiles\jaesty70.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\lib folder moved successfully.
    C:\Users\Théo\AppData\Roaming\mozilla\Firefox\Profiles\jaesty70.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\defaults\preferences folder moved successfully.
    C:\Users\Théo\AppData\Roaming\mozilla\Firefox\Profiles\jaesty70.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\defaults\custombuttons folder moved successfully.
    C:\Users\Théo\AppData\Roaming\mozilla\Firefox\Profiles\jaesty70.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\defaults\contenthandling folder moved successfully.
    C:\Users\Théo\AppData\Roaming\mozilla\Firefox\Profiles\jaesty70.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\defaults\components folder moved successfully.
    C:\Users\Théo\AppData\Roaming\mozilla\Firefox\Profiles\jaesty70.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\defaults folder moved successfully.
    C:\Users\Théo\AppData\Roaming\mozilla\Firefox\Profiles\jaesty70.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components folder moved successfully.
    C:\Users\Théo\AppData\Roaming\mozilla\Firefox\Profiles\jaesty70.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\chrome folder moved successfully.
    C:\Users\Théo\AppData\Roaming\mozilla\Firefox\Profiles\jaesty70.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} folder moved successfully.
    C:\Users\Théo\AppData\Roaming\mozilla\Firefox\Profiles\jaesty70.default\extensions\engine@conduit.com\searchplugin folder moved successfully.
    C:\Users\Théo\AppData\Roaming\mozilla\Firefox\Profiles\jaesty70.default\extensions\engine@conduit.com\META-INF folder moved successfully.
    C:\Users\Théo\AppData\Roaming\mozilla\Firefox\Profiles\jaesty70.default\extensions\engine@conduit.com\lib folder moved successfully.
    C:\Users\Théo\AppData\Roaming\mozilla\Firefox\Profiles\jaesty70.default\extensions\engine@conduit.com\DualPackage folder moved successfully.
    C:\Users\Théo\AppData\Roaming\mozilla\Firefox\Profiles\jaesty70.default\extensions\engine@conduit.com\defaults folder moved successfully.
    C:\Users\Théo\AppData\Roaming\mozilla\Firefox\Profiles\jaesty70.default\extensions\engine@conduit.com\components folder moved successfully.
    C:\Users\Théo\AppData\Roaming\mozilla\Firefox\Profiles\jaesty70.default\extensions\engine@conduit.com\chrome folder moved successfully.
    C:\Users\Théo\AppData\Roaming\mozilla\Firefox\Profiles\jaesty70.default\extensions\engine@conduit.com folder moved successfully.
    C:\Users\Théo\AppData\Roaming\mozilla\Firefox\Profiles\jaesty70.default\extensions folder moved successfully.
    C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
    C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
    C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
    C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
    C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
    C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
    C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
    C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
    C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
    C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
    C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
    C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
    C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
    C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
    C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
    C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
    C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
    C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
    C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
    C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
    C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
    C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
    C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\content folder moved successfully.
    C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome folder moved successfully.
    C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} folder moved successfully.
    C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
    C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
    C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
    C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
    C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
    C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
    C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
    C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
    C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
    C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
    C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
    C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
    C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
    C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
    C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
    C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
    C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
    C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
    C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
    C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
    C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
    C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
    C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\content folder moved successfully.
    C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome folder moved successfully.
    C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} folder moved successfully.
    C:\Program Files\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components folder moved successfully.
    C:\Program Files\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\chrome\icons\default folder moved successfully.
    C:\Program Files\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\chrome\icons folder moved successfully.
    C:\Program Files\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\chrome folder moved successfully.
    C:\Program Files\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} folder moved successfully.
    C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} folder moved successfully.
    C:\Program Files\mozilla firefox\extensions folder moved successfully.
    Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\BEWINTERNET-FR-DMGP-V2SessionManager deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\rkfree deleted successfully.
    Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\EA Core deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{46b7399d-dec5-11df-a195-00219bf5806d}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{46b7399d-dec5-11df-a195-00219bf5806d}\ not found.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{46b7399d-dec5-11df-a195-00219bf5806d}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{46b7399d-dec5-11df-a195-00219bf5806d}\ not found.
    File E:\AutoRunCardDetector.exe not found.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{46b739fe-dec5-11df-a195-00219bf5806d}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{46b739fe-dec5-11df-a195-00219bf5806d}\ not found.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{46b739fe-dec5-11df-a195-00219bf5806d}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{46b739fe-dec5-11df-a195-00219bf5806d}\ not found.
    File E:\AutoRunCardDetector.exe not found.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{46b73a0c-dec5-11df-a195-00219bf5806d}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{46b73a0c-dec5-11df-a195-00219bf5806d}\ not found.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{46b73a0c-dec5-11df-a195-00219bf5806d}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{46b73a0c-dec5-11df-a195-00219bf5806d}\ not found.
    File E:\AutoRunCardDetector.exe not found.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{53f71d57-89d4-11df-9a37-00219bf5806d}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{53f71d57-89d4-11df-9a37-00219bf5806d}\ not found.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{53f71d57-89d4-11df-9a37-00219bf5806d}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{53f71d57-89d4-11df-9a37-00219bf5806d}\ not found.
    File "F:\WD SmartWare.exe" autoplay=true not found.
    C:\Windows\leavepop.tmp deleted successfully.
    ========== FILES ==========
    < ipconfig /flushdns /c >
    No captured output from command...
    C:\Users\Théo\Desktop\cmd.bat deleted successfully.
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: All Users

    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes
    ->Flash cache emptied: 41620 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: Public

    User: Théo
    ->Temp folder emptied: 437228241 bytes
    ->Temporary Internet Files folder emptied: 505016925 bytes
    ->Java cache emptied: 15543021 bytes
    ->FireFox cache emptied: 108255086 bytes
    ->Flash cache emptied: 88533 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 1114232 bytes
    RecycleBin emptied: 6457348003 bytes

    Total Files Cleaned = 7 176,00 mb


    [EMPTYFLASH]

    User: All Users

    User: Default
    ->Flash cache emptied: 0 bytes

    User: Default User
    ->Flash cache emptied: 0 bytes

    User: Public

    User: Théo
    ->Flash cache emptied: 0 bytes

    Total Flash Files Cleaned = 0,00 mb



    OTL by OldTimer - Version 3.2.20.2 log created on 01152011_144205

    Files\Folders moved on Reboot...
    File\Folder C:\Users\Théo\AppData\Local\Temp\~DFD264FA8F2B48738F.TMP not found!
    File\Folder C:\Users\Théo\AppData\Local\Temp\~DFF269CCB67BD9B8B5.TMP not found!
    File\Folder C:\Users\Théo\AppData\Local\Temp\~DFF393C13E7B0563CE.TMP not found!
    File\Folder C:\Users\Théo\AppData\Local\Temp\~DFF8F1C3E1A130BD94.TMP not found!
    File\Folder C:\Users\Théo\AppData\Local\Temp\~DFF9FEF014D5FD80F7.TMP not found!
    File\Folder C:\Users\Théo\AppData\Local\Temp\~DFFB292D7203813191.TMP not found!
    C:\Users\Théo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\W8GXT7UW\ads[9].htm moved successfully.
    C:\Users\Théo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\P5GPCWJU\ads[5].htm moved successfully.
    C:\Users\Théo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H1Z65Z5P\ai[10].htm moved successfully.
    C:\Users\Théo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H1Z65Z5P\apercu[1].htm moved successfully.
    C:\Users\Théo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\GQEVHBGX\11[2].htm moved successfully.
    C:\Users\Théo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\GQEVHBGX\cdntests_cedexis[1].htm moved successfully.
    C:\Users\Théo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\GQEVHBGX\history_manager[1].htm moved successfully.
    C:\Users\Théo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\GQEVHBGX\repondre-301498-1[1].htm moved successfully.
    C:\Users\Théo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\6FNFHLGZ\facebook_com[2].htm moved successfully.
    C:\Users\Théo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\6FNFHLGZ\morestories[1].htm moved successfully.
    C:\Users\Théo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\3GC6JP2X\profile[1].htm moved successfully.
    C:\Users\Théo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.
    File move failed. C:\Windows\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.

    Registry entries deleted on Reboot...
    m
    0
    l
    16 Janvier 2011 08:23:05

    Refais un scan rapide avec Malwarebytes en n'oubliant pas de le mettre a jour

    Ensuite fais ceci:

    Clique ICI pour lancer une ligne de scannner ESET.

    Impératif: pour ce scan utiliser Internet Explorer
    Coche Yes,I accept the Terms of Use
    Clique sur Start
    Autorisez le contrôle ActiveX
    Clique sur Start
    Coche les options suivantes: Remove found threats et Scan archives
    Clique sur Start
    Attend la fin du scan
    Utilise le Bloc-notes pour ouvrir le rapport situé dans C:\Program Files\ESET\ESET online Scanner\log.txt
    Copie et colle ce rapport dans ta prochaine réponse.
    AIDE


    Et dis moi comment se comporte le PC maintenant
    m
    0
    l
    16 Janvier 2011 12:05:35

    Il n'y a plus aucun malware/virus sur mon pc détécté .. Mais la pub s'affiche toujours :/ 
    m
    0
    l
    16 Janvier 2011 12:17:59

    Hello

    Quel genre de pubs ? Avec quel navigateur ?

    Refais moi un rapport OTL comme le premier que tu as fait !

    Je regarderai plus tard je m'absente pour une partie de l'après midi

    A suivre
    m
    0
    l
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS