demande d'aide pour pc infecter • page 2

[danakil]

Re,

Fais ceci :
Relance OTL
Vérifie que la case 'Rapport minimal' soit bien cochée.
Copie et colle la citation ci-dessous dans la fenêtre 'Personnalisation' :

:OTL
SRV - (SessionLauncher) -- File not found
SRV - (SBSDWSCService) -- File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = ftp=201.219.17.29:3128;http=201.219.17.29:3128;https=201.219.17.29:3128;gopher=201.219.17.29:3128;socks=201.219.17.29:3128;
FF - prefs.js..network.proxy.ftp: "201.219.17.29"
FF - prefs.js..network.proxy.ftp_port: 3128
FF - prefs.js..network.proxy.http: "201.219.17.29"
FF - prefs.js..network.proxy.http_port: 3128
FF - prefs.js..network.proxy.socks: "201.219.17.29"
FF - prefs.js..network.proxy.socks_port: 3128
FF - prefs.js..network.proxy.ssl: "201.219.17.29"
FF - prefs.js..network.proxy.ssl_port: 3128
[2011/04/30 11:39:15 | 000,716,850 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2011/04/30 11:39:15 | 000,627,482 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/04/30 11:39:15 | 000,136,288 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2011/04/30 11:39:15 | 000,111,060 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009/07/14 10:39:49 | 000,716,850 | ---- | C] () -- C:\Windows\System32\perfh00C.dat
[2009/07/14 10:39:49 | 000,344,522 | ---- | C] () -- C:\Windows\System32\perfi00C.dat
[2009/07/14 10:39:49 | 000,136,288 | ---- | C] () -- C:\Windows\System32\perfc00C.dat
[2009/07/14 10:39:49 | 000,038,160 | ---- | C] () -- C:\Windows\System32\perfd00C.dat
[2009/07/14 04:05:48 | 000,627,482 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/14 04:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/14 04:05:48 | 000,111,060 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/14 04:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/10/14 20:24:33 | 000,000,232 | ---- | M] () -- C:\sqmdata00.sqm
[2009/10/15 00:55:02 | 000,000,232 | ---- | M] () -- C:\sqmdata01.sqm
[2009/10/15 12:11:50 | 000,000,232 | ---- | M] () -- C:\sqmdata02.sqm
[2009/10/15 19:25:36 | 000,000,232 | ---- | M] () -- C:\sqmdata03.sqm
[2009/10/15 19:26:44 | 000,000,232 | ---- | M] () -- C:\sqmdata04.sqm
[2009/10/15 23:47:15 | 000,000,232 | ---- | M] () -- C:\sqmdata05.sqm
[2009/10/16 23:45:05 | 000,000,232 | ---- | M] () -- C:\sqmdata06.sqm
[2009/10/17 14:30:02 | 000,000,232 | ---- | M] () -- C:\sqmdata07.sqm
[2009/10/17 20:59:15 | 000,000,232 | ---- | M] () -- C:\sqmdata08.sqm
[2009/10/18 00:12:12 | 000,000,232 | ---- | M] () -- C:\sqmdata09.sqm
[2009/10/18 13:59:10 | 000,000,232 | ---- | M] () -- C:\sqmdata10.sqm
[2009/10/18 18:58:40 | 000,000,232 | ---- | M] () -- C:\sqmdata11.sqm
[2009/10/19 01:07:34 | 000,000,268 | ---- | M] () -- C:\sqmdata12.sqm
[2009/11/18 18:16:29 | 000,000,232 | ---- | M] () -- C:\sqmdata13.sqm
[2009/10/12 22:35:23 | 000,000,232 | ---- | M] () -- C:\sqmdata14.sqm
[2009/10/13 00:02:21 | 000,000,232 | ---- | M] () -- C:\sqmdata15.sqm
[2009/10/13 12:33:04 | 000,000,232 | ---- | M] () -- C:\sqmdata16.sqm
[2009/10/13 22:01:41 | 000,000,232 | ---- | M] () -- C:\sqmdata17.sqm
[2009/10/13 22:13:28 | 000,000,232 | ---- | M] () -- C:\sqmdata18.sqm
[2009/10/14 13:14:47 | 000,000,232 | ---- | M] () -- C:\sqmdata19.sqm
[2009/10/14 20:24:33 | 000,000,244 | ---- | M] () -- C:\sqmnoopt00.sqm
[2009/10/15 00:55:02 | 000,000,244 | ---- | M] () -- C:\sqmnoopt01.sqm
[2009/10/15 12:11:50 | 000,000,244 | ---- | M] () -- C:\sqmnoopt02.sqm
[2009/10/15 19:25:36 | 000,000,244 | ---- | M] () -- C:\sqmnoopt03.sqm
[2009/10/15 19:26:44 | 000,000,244 | ---- | M] () -- C:\sqmnoopt04.sqm
[2009/10/15 23:47:15 | 000,000,244 | ---- | M] () -- C:\sqmnoopt05.sqm
[2009/10/16 23:45:05 | 000,000,244 | ---- | M] () -- C:\sqmnoopt06.sqm
[2009/10/17 14:30:02 | 000,000,244 | ---- | M] () -- C:\sqmnoopt07.sqm
[2009/10/17 20:59:15 | 000,000,244 | ---- | M] () -- C:\sqmnoopt08.sqm
[2009/10/18 00:12:12 | 000,000,244 | ---- | M] () -- C:\sqmnoopt09.sqm
[2009/10/18 13:59:10 | 000,000,244 | ---- | M] () -- C:\sqmnoopt10.sqm
[2009/10/18 18:58:40 | 000,000,244 | ---- | M] () -- C:\sqmnoopt11.sqm
[2009/10/19 01:07:34 | 000,000,172 | ---- | M] () -- C:\sqmnoopt12.sqm
[2009/11/18 18:16:29 | 000,000,244 | ---- | M] () -- C:\sqmnoopt13.sqm
[2009/10/12 22:35:23 | 000,000,244 | ---- | M] () -- C:\sqmnoopt14.sqm
[2009/10/13 00:02:21 | 000,000,244 | ---- | M] () -- C:\sqmnoopt15.sqm
[2009/10/13 12:33:04 | 000,000,244 | ---- | M] () -- C:\sqmnoopt16.sqm
[2009/10/13 22:01:41 | 000,000,244 | ---- | M] () -- C:\sqmnoopt17.sqm
[2009/10/13 22:13:28 | 000,000,244 | ---- | M] () -- C:\sqmnoopt18.sqm
[2009/10/14 13:14:47 | 000,000,244 | ---- | M] () -- C:\sqmnoopt19.sqm
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Documents\X-Lite:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Documents\wpe5.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Documents\vlc-record-2011-04-06-18h18m11s-http___192.168.0.12_8001_1_0_19_2264_438_1_C00000_0_0_0_-.ts:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Documents\vlc-record-2011-04-06-18h11m30s-Diffusion-.ts:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Documents\vlc-record-2011-04-06-18h02m27s-http___192.168.0.12_8001_1_0_19_2264_438_1_C00000_0_0_0_-.ts:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Documents\vlc-record-2011-04-06-17h49m15s-http___192.168.0.12_8001_1_0_19_2264_438_1_C00000_0_0_0_-.ts:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Documents\UDC Output Files:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Documents\TF1 - Reportages - 25-11-2006 13h30 40m.ts:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Documents\TF1 - F1 à la Une - 08-10-2006 06h45 10m.ts:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Documents\Roxio:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Documents\Revue Technique RENAULT SCENIC 2:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Documents\photo_1296822.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Documents\pemplois:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Documents\memoire de masse n95:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Documents\MEGANE:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Documents\manuel de reparation scenic:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Documents\lcl.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Documents\injecteur.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Documents\GameCenter iOS 4.1 iPhone 3G Final:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Documents\DriverGenius:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Documents\Dreambox Air Control:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Documents\Clip audio entretien avec mr.guth.wav:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Documents\Capture.PNG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Documents\Capture trop percu caf 18112009.PNG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Documents\Capture suivi colisimo.PNG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Documents\Capture payment carte bancaire tele samsung cz ubladi 06032011.PNG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Documents\Capture lcl vir 10000 19112010.PNG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Documents\Capture lcl keuch.PNG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Documents\Capture lcl 20112010.PNG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Documents\Capture lcl 03122009.PNG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Documents\Capture kaporal .PNG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Documents\Capture FREE.PNG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Documents\Capture direct assurance.PNG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Documents\Capture caf 3.PNG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Documents\Capture caf 2.PNG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Documents\Capture caf 1.PNG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Documents\Capture caf 02.PNG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Documents\Capture caf .PNG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Documents\Capture billet abdelkrim.PNG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Documents\capture achat rue du commerce 20072008.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Documents\Capture 307.PNG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Documents\Capture 307 2 .PNG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Documents\Capture 2galli.PNG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Documents\Capture 03012010-8.PNG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Documents\Capture 03012010-7.PNG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Documents\Capture 03012010-6.PNG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Documents\Capture 03012010-5.PNG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Documents\Capture 03012010-11.PNG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Documents\Capture 03012010-10.PNG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Documents\Capture 03.PNG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Documents\Capture 02102010.PNG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Documents\Capture 02012010-4.PNG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Documents\Capture 02012010-3.PNG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Documents\Capture 02012010-2 .PNG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Documents\Capture lcl 20112010.PNG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Documents\caf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Documents\Barcelona 4-0 Henry.avi:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Documents\Barcelona 3-0 Messi.avi:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Documents\Barcelona 2-0 Eto_o.avi:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Documents\Barcelona 1-0 Messi_2.avi:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Documents\Autodata:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Documents\adsl TV 480094.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Documents\adsl TV 480025.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Documents\adsl TV 479954.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Documents\adsl TV 479900.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Documents\adsl TV 2009-06-09 03-05-05 BFM TV.mpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Documents\ABCD0007.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Documents\ABCD0007 (2).JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Documents\307 2.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Desktop\telechargement recent:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Desktop\Revue Technique - Peugeot 307(Expert Automobile):Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Desktop\Picture Collage Maker Pro 2.5.4 Build 3297 Portable:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Desktop\NDS:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Desktop\music film photo:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Desktop\Mode Dieu.{ED7BA470-8E54-465E-825C-99712043E01C}:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Desktop\Celestial.framework:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\moha\Desktop\Applications & Jeux 2009 Pour iPhone & iPod Touch:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\firefoxuser:Roxio EMC Stream

:files
C:\Program Files\Spybot - Search & Destroy
C:\Users\moha\AppData\Local\{B91E5660-9002-4E45-9BD0-52B4D450CB90}
C:\Users\moha\AppData\Local\{35056536-17BF-4E30-B11F-7DF5339B4FEA}
C:\Users\moha\AppData\Local\{92418E7A-9974-4C1C-9EFE-10798DA8873B}
C:\Users\moha\AppData\Local\{E4AF7E12-BA63-423A-8DCB-35525ACC3851}
C:\Users\moha\AppData\Local\{2CAA22F0-FFA8-4F6C-B7D2-B5B01E4D5A03}
C:\Users\moha\AppData\Local\{189F4067-C504-44B3-B9F7-FA7853445F52}
C:\Users\moha\AppData\Local\{71406F55-C5B4-4B4F-B806-FC168429D7CE}
C:\Users\moha\AppData\Local\{F7EF57A5-07E9-43FB-812F-F4A72834A100}
C:\Users\moha\AppData\Local\{9CD9ED4D-E780-43C0-99AE-58A4246FEE7C}
C:\Users\moha\AppData\Local\{93EF28B8-F280-4521-B3D3-638E5C410E46}
C:\Users\moha\AppData\Local\{0124E40B-6853-497C-8E52-5FD04C0D6A22}
C:\Users\moha\AppData\Local\{C4478F51-0286-4D6C-8C11-2213D14AFFE1}
C:\Users\moha\AppData\Local\{11312CF7-68B2-4D4F-83CC-E44739A8D1E2}
C:\Users\moha\AppData\Local\{E1F0FF82-3A2A-45E7-89AF-180C5FDEAF5E}
C:\Users\moha\AppData\Local\{AA181150-A506-48E3-870C-7A8CF6EF2277}
C:\Users\moha\AppData\Local\{0C625F94-4059-4CB9-998E-D1D1470C3539}
C:\Users\moha\AppData\Local\{473739B2-EBBC-45F2-8BCE-43487450360A}
C:\Users\moha\AppData\Local\{26F0830E-7F9F-4401-A8DB-2D2EB4E1C9A8}
C:\Users\moha\AppData\Local\{D6D7F372-97DA-4022-B576-AA4D08C757C6}
C:\Users\moha\AppData\Local\{A72AEC5C-346E-488D-93FE-B6F63B563CC4}
C:\Users\moha\AppData\Local\{F4B79EEF-1385-4601-979A-1DA6D4C5C050}
C:\Users\moha\AppData\Local\{04E42FCF-5E27-47E8-B4F4-3E63CD67100C}
C:\Users\moha\AppData\Local\{B8425AA5-9337-4B53-8D5A-7857EBED7F4C}
C:\Users\moha\AppData\Local\{8404795D-D727-41AE-ABC6-67331C39F69D}
C:\Users\moha\AppData\Local\{DAEDB7AF-EF19-4097-BFBA-BB5E05B5F3A7}
C:\Users\moha\AppData\Local\{CC7F0D79-E757-4BFC-84A5-8856AF0028BD}
C:\Users\moha\AppData\Local\{E78C2912-4EAF-4FD0-BBA8-31EF7958AA49}
C:\Users\moha\AppData\Local\{E7CD16BB-B2DB-4966-9D70-F423A6378A22}
C:\Users\moha\AppData\Local\{323E3C38-77BB-416F-BA0D-65503CD8D121}
C:\Users\moha\AppData\Local\{1FD2F223-F448-4C2D-BE49-96D3B159F153}

:Commands
[emptytemp]
[emptyflash]
[reboot]

Clique sur le bouton 'Correction'.
Laisse redémarre le PC en fin de procédure.
Au redémarrage récupère le contenu du rapport 05022011_xxxxxx.log et colle le moi ici en réponse.
Encadre ce rapport avec les balises Code qui sont disponibles en haut de ta fenêtre de réponse.

[dijital]

voila danakil :

Code: Tout sélectionner

All processes killed
========== OTL ==========
Service SessionLauncher stopped successfully!
Service SessionLauncher deleted successfully!
File  File not found not found.
Service SBSDWSCService stopped successfully!
Service SBSDWSCService deleted successfully!
File  File not found not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer| /E : value set successfully!
C:\Windows\System32\perfh00C.dat moved successfully.
C:\Windows\System32\perfh009.dat moved successfully.
C:\Windows\System32\perfc00C.dat moved successfully.
C:\Windows\System32\perfc009.dat moved successfully.
File C:\Windows\System32\perfh00C.dat not found.
C:\Windows\System32\perfi00C.dat moved successfully.
File C:\Windows\System32\perfc00C.dat not found.
C:\Windows\System32\perfd00C.dat moved successfully.
File C:\Windows\System32\perfh009.dat not found.
C:\Windows\System32\perfi009.dat moved successfully.
File C:\Windows\System32\perfc009.dat not found.
C:\Windows\System32\perfd009.dat moved successfully.
C:\sqmdata00.sqm moved successfully.
C:\sqmdata01.sqm moved successfully.
C:\sqmdata02.sqm moved successfully.
C:\sqmdata03.sqm moved successfully.
C:\sqmdata04.sqm moved successfully.
C:\sqmdata05.sqm moved successfully.
C:\sqmdata06.sqm moved successfully.
C:\sqmdata07.sqm moved successfully.
C:\sqmdata08.sqm moved successfully.
C:\sqmdata09.sqm moved successfully.
C:\sqmdata10.sqm moved successfully.
C:\sqmdata11.sqm moved successfully.
C:\sqmdata12.sqm moved successfully.
C:\sqmdata13.sqm moved successfully.
C:\sqmdata14.sqm moved successfully.
C:\sqmdata15.sqm moved successfully.
C:\sqmdata16.sqm moved successfully.
C:\sqmdata17.sqm moved successfully.
C:\sqmdata18.sqm moved successfully.
C:\sqmdata19.sqm moved successfully.
C:\sqmnoopt00.sqm moved successfully.
C:\sqmnoopt01.sqm moved successfully.
C:\sqmnoopt02.sqm moved successfully.
C:\sqmnoopt03.sqm moved successfully.
C:\sqmnoopt04.sqm moved successfully.
C:\sqmnoopt05.sqm moved successfully.
C:\sqmnoopt06.sqm moved successfully.
C:\sqmnoopt07.sqm moved successfully.
C:\sqmnoopt08.sqm moved successfully.
C:\sqmnoopt09.sqm moved successfully.
C:\sqmnoopt10.sqm moved successfully.
C:\sqmnoopt11.sqm moved successfully.
C:\sqmnoopt12.sqm moved successfully.
C:\sqmnoopt13.sqm moved successfully.
C:\sqmnoopt14.sqm moved successfully.
C:\sqmnoopt15.sqm moved successfully.
C:\sqmnoopt16.sqm moved successfully.
C:\sqmnoopt17.sqm moved successfully.
C:\sqmnoopt18.sqm moved successfully.
C:\sqmnoopt19.sqm moved successfully.
ADS C:\Users\moha\Documents\X-Lite:Roxio EMC Stream deleted successfully.
ADS C:\Users\moha\Documents\wpe5.jpg:Roxio EMC Stream deleted successfully.
ADS C:\Users\moha\Documents\vlc-record-2011-04-06-18h18m11s-http___192.168.0.12_8001_1_0_19_2264_438_1_C00000_0_0_0_-.ts:Roxio EMC Stream deleted successfully.
ADS C:\Users\moha\Documents\vlc-record-2011-04-06-18h11m30s-Diffusion-.ts:Roxio EMC Stream deleted successfully.
ADS C:\Users\moha\Documents\vlc-record-2011-04-06-18h02m27s-http___192.168.0.12_8001_1_0_19_2264_438_1_C00000_0_0_0_-.ts:Roxio EMC Stream deleted successfully.
ADS C:\Users\moha\Documents\vlc-record-2011-04-06-17h49m15s-http___192.168.0.12_8001_1_0_19_2264_438_1_C00000_0_0_0_-.ts:Roxio EMC Stream deleted successfully.
Unable to delete ADS C:\Users\moha\Documents\UDC Output Files:Roxio EMC Stream .
ADS C:\Users\moha\Documents\TF1 - Reportages - 25-11-2006 13h30 40m.ts:Roxio EMC Stream deleted successfully.
ADS C:\Users\moha\Documents\TF1 - F1 à la Une - 08-10-2006 06h45 10m.ts:Roxio EMC Stream deleted successfully.
ADS C:\Users\moha\Documents\Roxio:Roxio EMC Stream deleted successfully.
Unable to delete ADS C:\Users\moha\Documents\Revue Technique RENAULT SCENIC 2:Roxio EMC Stream .
ADS C:\Users\moha\Documents\photo_1296822.jpg:Roxio EMC Stream deleted successfully.
ADS C:\Users\moha\Documents\pemplois:Roxio EMC Stream deleted successfully.
ADS C:\Users\moha\Documents\memoire de masse n95:Roxio EMC Stream deleted successfully.
ADS C:\Users\moha\Documents\MEGANE:Roxio EMC Stream deleted successfully.
ADS C:\Users\moha\Documents\manuel de reparation scenic:Roxio EMC Stream deleted successfully.
ADS C:\Users\moha\Documents\lcl.JPG:Roxio EMC Stream deleted successfully.
ADS C:\Users\moha\Documents\injecteur.jpg:Roxio EMC Stream deleted successfully.
ADS C:\Users\moha\Documents\GameCenter iOS 4.1 iPhone 3G Final:Roxio EMC Stream deleted successfully.
ADS C:\Users\moha\Documents\DriverGenius:Roxio EMC Stream deleted successfully.
ADS C:\Users\moha\Documents\Dreambox Air Control:Roxio EMC Stream deleted successfully.
ADS C:\Users\moha\Documents\Clip audio entretien avec mr.guth.wav:Roxio EMC Stream deleted successfully.
ADS C:\Users\moha\Documents\Capture.PNG:Roxio EMC Stream deleted successfully.
ADS C:\Users\moha\Documents\Capture trop percu caf 18112009.PNG:Roxio EMC Stream deleted successfully.
ADS C:\Users\moha\Documents\Capture suivi colisimo.PNG:Roxio EMC Stream deleted successfully.
Unable to delete ADS C:\Users\moha\Documents\Capture payment carte bancaire tele samsung cz ubladi 06032011.PNG:Roxio EMC Stream .
ADS C:\Users\moha\Documents\Capture lcl vir 10000 19112010.PNG:Roxio EMC Stream deleted successfully.
ADS C:\Users\moha\Documents\Capture lcl keuch.PNG:Roxio EMC Stream deleted successfully.
ADS C:\Users\moha\Documents\Capture lcl 20112010.PNG:Roxio EMC Stream deleted successfully.
ADS C:\Users\moha\Documents\Capture lcl 03122009.PNG:Roxio EMC Stream deleted successfully.
ADS C:\Users\moha\Documents\Capture kaporal .PNG:Roxio EMC Stream deleted successfully.
ADS C:\Users\moha\Documents\Capture FREE.PNG:Roxio EMC Stream deleted successfully.
ADS C:\Users\moha\Documents\Capture direct assurance.PNG:Roxio EMC Stream deleted successfully.
ADS C:\Users\moha\Documents\Capture caf 3.PNG:Roxio EMC Stream deleted successfully.
ADS C:\Users\moha\Documents\Capture caf 2.PNG:Roxio EMC Stream deleted successfully.
ADS C:\Users\moha\Documents\Capture caf 1.PNG:Roxio EMC Stream deleted successfully.
ADS C:\Users\moha\Documents\Capture caf 02.PNG:Roxio EMC Stream deleted successfully.
ADS C:\Users\moha\Documents\Capture caf .PNG:Roxio EMC Stream deleted successfully.
ADS C:\Users\moha\Documents\Capture billet abdelkrim.PNG:Roxio EMC Stream deleted successfully.
ADS C:\Users\moha\Documents\capture achat rue du commerce 20072008.JPG:Roxio EMC Stream deleted successfully.
ADS C:\Users\moha\Documents\Capture 307.PNG:Roxio EMC Stream deleted successfully.
ADS C:\Users\moha\Documents\Capture 307 2 .PNG:Roxio EMC Stream deleted successfully.
ADS C:\Users\moha\Documents\Capture 2galli.PNG:Roxio EMC Stream deleted successfully.
ADS C:\Users\moha\Documents\Capture 03012010-8.PNG:Roxio EMC Stream deleted successfully.
ADS C:\Users\moha\Documents\Capture 03012010-7.PNG:Roxio EMC Stream deleted successfully.
ADS C:\Users\moha\Documents\Capture 03012010-6.PNG:Roxio EMC Stream deleted successfully.
ADS C:\Users\moha\Documents\Capture 03012010-5.PNG:Roxio EMC Stream deleted successfully.
ADS C:\Users\moha\Documents\Capture 03012010-11.PNG:Roxio EMC Stream deleted successfully.
ADS C:\Users\moha\Documents\Capture 03012010-10.PNG:Roxio EMC Stream deleted successfully.
ADS C:\Users\moha\Documents\Capture 03.PNG:Roxio EMC Stream deleted successfully.
ADS C:\Users\moha\Documents\Capture 02102010.PNG:Roxio EMC Stream deleted successfully.
ADS C:\Users\moha\Documents\Capture 02012010-4.PNG:Roxio EMC Stream deleted successfully.
ADS C:\Users\moha\Documents\Capture 02012010-3.PNG:Roxio EMC Stream deleted successfully.
ADS C:\Users\moha\Documents\Capture 02012010-2 .PNG:Roxio EMC Stream deleted successfully.
Unable to delete ADS C:\Users\moha\Documents\Capture lcl 20112010.PNG:Roxio EMC Stream .
ADS C:\Users\moha\Documents\caf:Roxio EMC Stream deleted successfully.
ADS C:\Users\moha\Documents\Barcelona 4-0 Henry.avi:Roxio EMC Stream deleted successfully.
ADS C:\Users\moha\Documents\Barcelona 3-0 Messi.avi:Roxio EMC Stream deleted successfully.
ADS C:\Users\moha\Documents\Barcelona 2-0 Eto_o.avi:Roxio EMC Stream deleted successfully.
ADS C:\Users\moha\Documents\Barcelona 1-0 Messi_2.avi:Roxio EMC Stream deleted successfully.
ADS C:\Users\moha\Documents\Autodata:Roxio EMC Stream deleted successfully.
ADS C:\Users\moha\Documents\adsl TV 480094.jpg:Roxio EMC Stream deleted successfully.
ADS C:\Users\moha\Documents\adsl TV 480025.jpg:Roxio EMC Stream deleted successfully.
ADS C:\Users\moha\Documents\adsl TV 479954.jpg:Roxio EMC Stream deleted successfully.
ADS C:\Users\moha\Documents\adsl TV 479900.jpg:Roxio EMC Stream deleted successfully.
ADS C:\Users\moha\Documents\adsl TV 2009-06-09 03-05-05 BFM TV.mpg:Roxio EMC Stream deleted successfully.
ADS C:\Users\moha\Documents\ABCD0007.JPG:Roxio EMC Stream deleted successfully.
ADS C:\Users\moha\Documents\ABCD0007 (2).JPG:Roxio EMC Stream deleted successfully.
ADS C:\Users\moha\Documents\307 2.JPG:Roxio EMC Stream deleted successfully.
ADS C:\Users\moha\Desktop\telechargement recent:Roxio EMC Stream deleted successfully.
ADS C:\Users\moha\Desktop\Revue Technique - Peugeot 307(Expert Automobile):Roxio EMC Stream deleted successfully.
ADS C:\Users\moha\Desktop\Picture Collage Maker Pro 2.5.4 Build 3297 Portable:Roxio EMC Stream deleted successfully.
ADS C:\Users\moha\Desktop\NDS:Roxio EMC Stream deleted successfully.
ADS C:\Users\moha\Desktop\music film photo:Roxio EMC Stream deleted successfully.
ADS C:\Users\moha\Desktop\Mode Dieu.{ED7BA470-8E54-465E-825C-99712043E01C}:Roxio EMC Stream deleted successfully.
ADS C:\Users\moha\Desktop\Celestial.framework:Roxio EMC Stream deleted successfully.
Unable to delete ADS C:\Users\moha\Desktop\Applications & Jeux 2009 Pour iPhone & iPod Touch:Roxio EMC Stream .
ADS C:\firefoxuser:Roxio EMC Stream deleted successfully.
========== FILES ==========
C:\Program Files\Spybot - Search & Destroy\Skins folder moved successfully.
C:\Program Files\Spybot - Search & Destroy\Languages folder moved successfully.
C:\Program Files\Spybot - Search & Destroy\Includes folder moved successfully.
C:\Program Files\Spybot - Search & Destroy\Help folder moved successfully.
C:\Program Files\Spybot - Search & Destroy\Dummies folder moved successfully.
C:\Program Files\Spybot - Search & Destroy folder moved successfully.
C:\Users\moha\AppData\Local\{B91E5660-9002-4E45-9BD0-52B4D450CB90} folder moved successfully.
C:\Users\moha\AppData\Local\{35056536-17BF-4E30-B11F-7DF5339B4FEA} folder moved successfully.
C:\Users\moha\AppData\Local\{92418E7A-9974-4C1C-9EFE-10798DA8873B} folder moved successfully.
C:\Users\moha\AppData\Local\{E4AF7E12-BA63-423A-8DCB-35525ACC3851} folder moved successfully.
C:\Users\moha\AppData\Local\{2CAA22F0-FFA8-4F6C-B7D2-B5B01E4D5A03} folder moved successfully.
C:\Users\moha\AppData\Local\{189F4067-C504-44B3-B9F7-FA7853445F52} folder moved successfully.
C:\Users\moha\AppData\Local\{71406F55-C5B4-4B4F-B806-FC168429D7CE} folder moved successfully.
C:\Users\moha\AppData\Local\{F7EF57A5-07E9-43FB-812F-F4A72834A100} folder moved successfully.
C:\Users\moha\AppData\Local\{9CD9ED4D-E780-43C0-99AE-58A4246FEE7C} folder moved successfully.
C:\Users\moha\AppData\Local\{93EF28B8-F280-4521-B3D3-638E5C410E46} folder moved successfully.
C:\Users\moha\AppData\Local\{0124E40B-6853-497C-8E52-5FD04C0D6A22} folder moved successfully.
C:\Users\moha\AppData\Local\{C4478F51-0286-4D6C-8C11-2213D14AFFE1} folder moved successfully.
C:\Users\moha\AppData\Local\{11312CF7-68B2-4D4F-83CC-E44739A8D1E2} folder moved successfully.
C:\Users\moha\AppData\Local\{E1F0FF82-3A2A-45E7-89AF-180C5FDEAF5E} folder moved successfully.
C:\Users\moha\AppData\Local\{AA181150-A506-48E3-870C-7A8CF6EF2277} folder moved successfully.
C:\Users\moha\AppData\Local\{0C625F94-4059-4CB9-998E-D1D1470C3539} folder moved successfully.
C:\Users\moha\AppData\Local\{473739B2-EBBC-45F2-8BCE-43487450360A} folder moved successfully.
C:\Users\moha\AppData\Local\{26F0830E-7F9F-4401-A8DB-2D2EB4E1C9A8} folder moved successfully.
C:\Users\moha\AppData\Local\{D6D7F372-97DA-4022-B576-AA4D08C757C6} folder moved successfully.
C:\Users\moha\AppData\Local\{A72AEC5C-346E-488D-93FE-B6F63B563CC4} folder moved successfully.
C:\Users\moha\AppData\Local\{F4B79EEF-1385-4601-979A-1DA6D4C5C050} folder moved successfully.
C:\Users\moha\AppData\Local\{04E42FCF-5E27-47E8-B4F4-3E63CD67100C} folder moved successfully.
C:\Users\moha\AppData\Local\{B8425AA5-9337-4B53-8D5A-7857EBED7F4C} folder moved successfully.
C:\Users\moha\AppData\Local\{8404795D-D727-41AE-ABC6-67331C39F69D} folder moved successfully.
C:\Users\moha\AppData\Local\{DAEDB7AF-EF19-4097-BFBA-BB5E05B5F3A7} folder moved successfully.
C:\Users\moha\AppData\Local\{CC7F0D79-E757-4BFC-84A5-8856AF0028BD} folder moved successfully.
C:\Users\moha\AppData\Local\{E78C2912-4EAF-4FD0-BBA8-31EF7958AA49} folder moved successfully.
C:\Users\moha\AppData\Local\{E7CD16BB-B2DB-4966-9D70-F423A6378A22} folder moved successfully.
C:\Users\moha\AppData\Local\{323E3C38-77BB-416F-BA0D-65503CD8D121} folder moved successfully.
C:\Users\moha\AppData\Local\{1FD2F223-F448-4C2D-BE49-96D3B159F153} folder moved successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: freenet
->Temp folder emptied: 12006460 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: moha
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 48887219 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 35027102 bytes
->Google Chrome cache emptied: 0 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 4823 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 68432 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 92,00 mb
 
 
[EMPTYFLASH]
 
User: All Users
 
User: Default
 
User: Default User
 
User: freenet
 
User: moha
->Flash cache emptied: 0 bytes
 
User: Public
 
Total Flash Files Cleaned = 0,00 mb
 
 
OTL by OldTimer - Version 3.2.22.3 log created on 05022011_135719

Files\Folders moved on Reboot...
File\Folder C:\Users\freenet\AppData\Local\Temp\hsperfdata_SYSTEM\3448 not found!
C:\Users\freenet\AppData\Local\Temp\bloom-3650049267213579466.tmp moved successfully.
C:\Users\freenet\AppData\Local\Temp\bloom-4733530248601479830.tmp moved successfully.
C:\Users\freenet\AppData\Local\Temp\bloom-5212547196500133051.tmp moved successfully.
C:\Users\freenet\AppData\Local\Temp\bloom-7726854329815966174.tmp moved successfully.
C:\Users\freenet\AppData\Local\Temp\bloom-8100614521212348260.tmp moved successfully.
C:\Users\freenet\AppData\Local\Temp\bloom-8135190817797434454.tmp moved successfully.
C:\Users\freenet\AppData\Local\Temp\jbigi2623073928903288687lib.tmp moved successfully.
C:\Users\freenet\AppData\Local\Temp\jcpuid1083990635093552115lib.tmp moved successfully.
C:\Users\moha\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NOXE03OV\auto-occasion-annonce-13738204[1].htm moved successfully.
C:\Users\moha\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NOXE03OV\iframescript[1].htm moved successfully.
C:\Users\moha\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NOXE03OV\ile_de_france[2].htm moved successfully.
File\Folder C:\Users\moha\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JQ00HHDZ\viewtopic-57188-0-asc-15[1].html not found!
C:\Users\moha\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IRK84EV9\ads[2].htm moved successfully.
C:\Users\moha\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I0R6U3AL\ads[1].htm moved successfully.
C:\Users\moha\AppData\Local\Microsoft\Windows\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.
File move failed. C:\Windows\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.
C:\Windows\temp\JET625A.tmp moved successfully.
C:\Windows\temp\~ROMFN_00001414 moved successfully.

Registry entries deleted on Reboot...


[danakil]

Toujours des redirections?

[dijital]

oui ,toujours .

[danakil]

OK!

On va fouiller plus profondément dans IE et FF.

Je te pose une procédure ce soir, maintenant je file au taff.

Edit :
Fais ceci en attendant :
Télécharge AD-REMOVER de Cyrildu17 / C_XX sur ton Bureau.

Déconnecte-toi et ferme toutes applications en cours.
Désactive provisoirement et seulement le temps de l'utilisation de AD-Remover, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent gêner fortement la procédure de nettoyage de l'outil.

Double-clique sur le programme d'installation, installe-le dans son emplacement par défaut (C:\Program files).
(Vista et Seven : clic droit dessus --> Exécuter en tant qu'Administrateur)

Double-clique sur l'icône AD-Remover située sur ton Bureau.
(Vista et Seven : clic droit dessus --> Exécuter en tant qu'Administrateur)

Au menu principal, choisis l'option Nettoyer.

Poste le rapport qui apparaît à la fin.
(Le rapport est sauvegardé aussi sous C:\Ad-report(clean).txt )

(CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)

Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus comme une infection, ne pas en tenir compte, il s'agit d'un faux positif, continue la procédure.

[dijital]

OK!

On va fouiller plus profondément dans IE et FF.

Je te pose une procédure ce soir, maintenant je file au taff.

ok bon courrage.taf bien.

[danakil]

J'ai édité mon message précédent!

[dijital]

ok

voila le rapport :

Code: Tout sélectionner

======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 14:28:40 le 02/05/2011, Mode normal

Microsoft Windows 7 Édition Intégrale   (X86)
moha@PC-DE-MOHA (PACKARD BELL BV IMEDIA 8638)
 
============== ACTION(S) ==============


Dossier supprimé: C:\Users\moha\AppData\LocalLow\Conduit
Dossier supprimé: C:\Program Files\Conduit
Dossier supprimé: C:\Users\moha\AppData\LocalLow\ConduitEngine
Dossier supprimé: C:\Program Files\ConduitEngine
Dossier supprimé: C:\Users\moha\AppData\LocalLow\pdfforge
Dossier supprimé: C:\Program Files\pdfforge Toolbar
Dossier supprimé: C:\Users\moha\AppData\LocalLow\PriceGong
Dossier supprimé: C:\Users\moha\AppData\LocalLow\Search Settings
Dossier supprimé: C:\Program Files\Search Settings

(!) -- Fichiers temporaires supprimés.


Clé supprimée: HKLM\Software\Classes\CLSID\{F9F4FD52-D7B0-4F92-B66D-7B94C35B657C}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F9F4FD52-D7B0-4F92-B66D-7B94C35B657C}
Clé supprimée: HKLM\Software\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Clé supprimée: HKLM\Software\Classes\Interface\{D5A1EF9A-7948-435D-8B87-D6A598317288}
Clé supprimée: HKLM\Software\Classes\Interface\{DB885111-F39F-4D88-9EE5-C88460B6DF7B}
Clé supprimée: HKLM\Software\Classes\TypeLib\{CD082CCA-086F-4FD8-8FD7-247A0DBBD1CC}
Clé supprimée: HKLM\Software\Classes\Conduit.Engine
Clé supprimée: HKLM\Software\Classes\SearchSettings.BHO
Clé supprimée: HKLM\Software\Classes\SearchSettings.BHO.1
Clé supprimée: HKLM\Software\Classes\Toolbar.CT2542115
Clé supprimée: HKLM\Software\Conduit
Clé supprimée: HKLM\Software\conduitEngine
Clé supprimée: HKLM\Software\Dealio
Clé supprimée: HKLM\Software\Search Settings
Clé supprimée: HKCU\Software\Dealio
Clé supprimée: HKCU\Software\Lanconfig
Clé supprimée: HKCU\Software\Search Settings
Clé supprimée: HKCU\Software\Toolbar4Free
Clé supprimée: HKCU\Software\AppDataLow\Toolbar
Clé supprimée: HKCU\Software\AppDataLow\Software\Conduit
Clé supprimée: HKCU\Software\AppDataLow\Software\conduitEngine
Clé supprimée: HKCU\Software\AppDataLow\Software\PriceGong
Clé supprimée: HKLM\Software\Martin Prikryl\OpenCandy
Clé supprimée: HKLM\Software\Classes\Installer\Products\81337C0DA4B761D40A4CB3380F57AE88
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\81337C0DA4B761D40A4CB3380F57AE88
Clé supprimée: HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\au
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C99890C2-BEA6-4D8F-AF71-3344BCBBE794}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D0C73318-7B4A-4D16-A0C4-3B83F075EA88}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Clé supprimée: HKCU\Software\Microsoft\SystemCertificates\TrustedPublisher\Certificates\7EE743314C844C7F445B8B1D7617612DF1FDD50F
Clé supprimée: HKCU\Software\Microsoft\SystemCertificates\TrustedPublisher\Certificates\E6A6A4A475FCE37F8B5AC2F1244DEB2BFCA5615A
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}

Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|SearchSettings
Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F}
Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{55FAF0F2-44D4-425F-B5F5-6B275B621EAB}


============== SCAN ADDITIONNEL ==============

**** Mozilla Firefox Version [4.0 (fr)] ****

Plugins\npdjvu.dll (LizardTech)
HKLM_MozillaPlugins\@nvidia.com/3DVision (x)
HKLM_MozillaPlugins\@nvidia.com/3DVisionStreaming (x)
Searchplugins\bing.xml (    hxxp://www.bing.com/search)
Components\autoconf.js
Components\browsercomps.dll (Mozilla Foundation)
Components\commandlinehandler.js
Components\common.js
Components\foxyproxy.js
Components\match.js
Components\proxy.js
Components\relativeprotocolhandler.js
HKLM_Extensions|{3112ca9c-de6d-4884-a869-9855de68056c} - C:\ProgramData\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c}
HKCU_Extensions|mozilla_cc@internetdownloadmanager.com - C:\Users\moha\AppData\Roaming\IDM\idmmzcc3

-- C:\Users\moha\AppData\Mozilla\FireFox\Profiles\67cptpgj.default --
Extensions\{3112ca9c-de6d-4884-a869-9855de68056c} (Google Toolbar for Firefox)
Prefs.js - browser.download.lastDir, C:\\Users\\moha\\Desktop
Prefs.js - browser.startup.homepage_override.buildID, 20110318052756
Prefs.js - browser.startup.homepage_override.mstone, rv:2.0

========================================

**** Google Chrome Version [11.0.696.60] ****


-- C:\Users\moha\AppData\Local\Google\Chrome\User Data\Default --
Preferences - default_search_provider: "Google" (Activé: true) (?)
Preferences - homepage: hxxp://fr.msn.com/?ocid=iehp
Preferences - homepage_is_newtabpage: false
Plugin - LizardTech DjVu (Activé: true) (C:\Program Files\Mozilla Firefox\plugins\npdjvu.dll)
Plugin - RealJukebox NS Plugin (Activé: true) (C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll)
Plugin - NVIDIA 3D Vision (Activé: true) (C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll)
Plugin - NVIDIA 3D VISION (Activé: true) (C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll)
Plugin - "LizardTech DjVu" (Activé: true)
Plugin - "NVIDIA 3D Vision" (Activé: true)
Plugin - "NVIDIA 3D VISION" (Activé: true)
Plugin - "RealJukebox NS Plugin" (Activé: true)

========================================

**** Internet Explorer Version [8.0.7600.16385] ****

HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_Toolbar\WebBrowser|{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} (x)
HKCU_Toolbar\WebBrowser|{76985346-BDA2-4B2E-A727-956D7B8B012E} (C:\Program Files\LaTransparenceDesPrix\La Transparence Des Prix\tbcore3.dll)
HKCU_Toolbar\WebBrowser|{32099AAC-C132-4136-9E9A-4E364A424E17} (C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll)
HKLM_Toolbar|{259F616C-A300-44F5-B04A-ED001A26C85C} (C:\Program Files\SolidDocuments\SolidConverterPDF\ExploreExtPDF.dll)
HKLM_Toolbar|{76985346-BDA2-4B2E-A727-956D7B8B012E} (C:\Program Files\LaTransparenceDesPrix\La Transparence Des Prix\tbcore3.dll)
HKLM_Toolbar|{95daa571-4def-4a6d-97d8-98a346672a24} (mscoree.dll) (x)
HKLM_Toolbar|{32099AAC-C132-4136-9E9A-4E364A424E17} (C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll)
HKCU_ElevationPolicy\{1902485B-CE75-42C1-BA2D-57E660793D9A} - C:\Program Files\Internet Download Manager\IEMonitor.exe (Tonec Inc.)
HKCU_ElevationPolicy\{20C53154-079D-4347-A0DA-1F28D437EDEB} - C:\Program Files\Megaupload\Mega Manager\MegaManager.exe (Megaupload Limited)
HKCU_ElevationPolicy\{4191E020-728F-4760-A6E2-03DBD12F4E25} - C:\Windows\System32\Macromed\Flash\FlashUtil9d.exe (x)
HKCU_ElevationPolicy\{E0DACC63-037F-46EE-AC02-E4C7B0FBFEB4} - C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.)
HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\system32\wpcer.exe (x)
HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\system32\winfxdocobj.exe (x)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{ac9c0f03-79be-4d91-a151-4126b6743a38} - c:\program files\systran\6\SystranTranslationProjectManager.exe (?)
HKLM_ElevationPolicy\{ae97b170-166e-4c51-92c8-5553bdc0fc84} - c:\program files\systran\6\SystranToolbar.exe (SYSTRAN)
HKLM_ElevationPolicy\{E0DACC63-037F-46EE-AC02-E4C7B0FBFEB4} - C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.)
HKCU_Extensions\SolidConverterPDF - "?" (?)
HKLM_Extensions\{57E91B47-F40A-11D1-B792-444553540011} - "Rapidown" (C:\Program Files\Rapidown\Rapidown.ico)
BHO\{0055C089-8582-441B-A0BF-17B458C2A3A8} - "IDMIEHlprObj Class" (C:\Program Files\Internet Download Manager\IDMIECC.dll)
BHO\{259F616C-A300-44F5-B04A-ED001A26C85C} - "SolidConverter PDF" (C:\Program Files\SolidDocuments\SolidConverterPDF\ExploreExtPDF.dll)
BHO\{6E3F081B-8632-486B-83FC-1A21840C0BA2} - "TBSB08867 Class" (C:\Program Files\LaTransparenceDesPrix\La Transparence Des Prix\tbcore3.dll)
BHO\{A6984C00-C6EB-11D4-B4A4-080000180323} - "?" (C:\PROGRA~1\Rapidown\rapi310.dll)
BHO\{bf00e119-21a3-4fd1-b178-3b8537e75c92} - "IeMonitorBho Class" (C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll)

========================================

C:\Program Files\Ad-Remover\Quarantine: 118 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 14 Fichier(s)

C:\Ad-Report-CLEAN[1].txt - 02/05/2011 14:29:17 (9506 Octet(s))

Fin à: 14:30:21, 02/05/2011
 
============== E.O.F ==============


[danakil]

OK!

J'étudie cela ce soir et te poste une procédure demain matin.

[dijital]

OK!

J'étudie cela ce soir et te poste une procédure demain matin.

ok meci bien ,bsr

[danakil]

Salut!

Désolé du retard.

Tes problèmes ne seraient pas apparus depuis que tu as installé Google Chrome?

[dijital]

salut danakil

non du tout car cela fait au moins 6mois qu'il est installer et mes probleme sont apparus il ya apeine 1 semaines quand j'ai executer un logiciel infecter sur mon pc (iphone backup )je crois.

donc il ya rien afaire ,est que je suis obliger de formater mon pc ?

merci

[danakil]

OK!

On va pas formater pour si peu ... D'ailleurs ce mot devrait être banni du vocabulaire informatique.

On a donc une redirection visible sur les navigateur Firefox et Google Chrome ... Et bien on va simplement chercher le point commun entre ces deux logiciels afin de déterminer le lien fautif.
Au pire on réinstalle ces navigateurs ...

Fais ceci :

Relancle OTL > Dans la fenêtre 'Personnalisation' colle cette citation :

C:\Users\moha\AppData\Local\Google\Chrome\*. /s
C:\Users\moha\AppData\Local\Google\Chrome\*.* /s
type "C:\Users\moha\AppData\Local\Google\Chrome\User Data\Default\Preferences" /c
C:\Users\moha\AppData\Roaming\Mozilla\FireFox\Profiles\u63amv0.default\*. /s
C:\Users\moha\AppData\Roaming\Mozilla\FireFox\Profiles\u63amv0.default\*.* /s
type "C:\Users\moha\AppData\Roaming\Mozilla\FireFox\Profiles\u63amv0.default\prefs.js" /c
C:\Users\moha\AppData\Mozilla\FireFox\Profiles\67cptpgj.default\*. /s
C:\Users\moha\AppData\Mozilla\FireFox\Profiles\67cptpgj.default\*.* /s
type "C:\Users\moha\AppData\Mozilla\FireFox\Profiles\67cptpgj.default\prefs.js" /c
C:\Users\moha\AppData\Mozilla\FireFox\Profiles\76qhtb5g.default\*. /s
C:\Users\moha\AppData\Mozilla\FireFox\Profiles\76qhtb5g.default\*.* /s
type "C:\Users\moha\AppData\Mozilla\FireFox\Profiles\76qhtb5g.default\prefs.js" /c
C:\Users\moha\AppData\Mozilla\FireFox\Profiles\mc46q8jk.default\*. /s
C:\Users\moha\AppData\Mozilla\FireFox\Profiles\mc46q8jk.default\*.* /s
type "C:\Users\moha\AppData\Mozilla\FireFox\Profiles\mc46q8jk.default\prefs.js" /c

Clique sur le bouton 'Aucun' puis ensuite sur le bouton 'Analyse'.
> Poste moi le rapport 'OTL.txt' qui sera crée.

[dijital]

salut danakil

juste pour t'informer que le probleme est resolu ,je sait que c'etait deconseiller mais ce probleme me prenait trop la tete surtout que je n'ete pas le seul a utiliser ce pc ,j'ai demander de l'aide sur un autre forum qui on pu m'aider a resoudre ce probleme .
je tien a te remercier quand meme pour ton aide et ta disponibilitee que tu a eu a mon egard ,bonne continuation .

merci

[danakil]

En réponse de mon dévouement, tu aurais le lien de sujet sur l'autre Forum?