Vous pensez être infecté, des pubs s'affichent quand vous naviguez sur internet ?
Perte de données, ralentissement système, virus USB ?
Désinfectez votre ordinateur gratuitement !
  • Avatar du membre
#213861
All processes killed
========== FILES ==========
C:\Users\Joseph\AppData\Local\Apps\2.0\ACN24T17.54T\7Q286DBH.RM3\zlib.net_47d7877cb3620160_0001.0000_none_755f576146efa063 folder moved successfully.
C:\Users\Joseph\AppData\Local\Apps\2.0\ACN24T17.54T\7Q286DBH.RM3\xcee..rols_ba83ff368b7563c6_0003.0005_none_844b5f88f02013c1 folder moved successfully.
C:\Users\Joseph\AppData\Local\Apps\2.0\ACN24T17.54T\7Q286DBH.RM3\xcee..grid_ba83ff368b7563c6_0003.0005_none_594a4965080405af folder moved successfully.
C:\Users\Joseph\AppData\Local\Apps\2.0\ACN24T17.54T\7Q286DBH.RM3\wpf.themes_8a76f3ebbd64ea05_0001.0000_none_7cf45c5deb30ea73 folder moved successfully.
C:\Users\Joseph\AppData\Local\Apps\2.0\ACN24T17.54T\7Q286DBH.RM3\win3..erop_aa54df1bbb4d668d_0001.0000_none_9163d1616e6f5c6f folder moved successfully.
C:\Users\Joseph\AppData\Local\Apps\2.0\ACN24T17.54T\7Q286DBH.RM3\newt..json_d18e5a6583bb4e44_0003.0005_none_aade1418efc10ba0 folder moved successfully.
C:\Users\Joseph\AppData\Local\Apps\2.0\ACN24T17.54T\7Q286DBH.RM3\name..ytag_aec1ec818b39587d_0001.0000_none_7fc5c2ad527da446 folder moved successfully.
C:\Users\Joseph\AppData\Local\Apps\2.0\ACN24T17.54T\7Q286DBH.RM3\micr..hell_31bf3856ad364e35_0003.0000_none_c495b3ffab1bf08e folder moved successfully.
C:\Users\Joseph\AppData\Local\Apps\2.0\ACN24T17.54T\7Q286DBH.RM3\manifests folder moved successfully.
C:\Users\Joseph\AppData\Local\Apps\2.0\ACN24T17.54T\7Q286DBH.RM3\jint_425fb90798e3b4f8_0000.0009_none_eb88f15435d170d4 folder moved successfully.
C:\Users\Joseph\AppData\Local\Apps\2.0\ACN24T17.54T\7Q286DBH.RM3\inte..elib_c85bb4cad3a5dfb5_0001.0000_none_2de83b338c8598e1 folder moved successfully.
C:\Users\Joseph\AppData\Local\Apps\2.0\ACN24T17.54T\7Q286DBH.RM3\icsh..plib_08a258a57e9138b3_0000.0055_none_392f0ecbd2490bc8 folder moved successfully.
C:\Users\Joseph\AppData\Local\Apps\2.0\ACN24T17.54T\7Q286DBH.RM3\gamm..glcd_7904f4aa6fca30ba_0001.0001_none_1567cfb883b21611 folder moved successfully.
C:\Users\Joseph\AppData\Local\Apps\2.0\ACN24T17.54T\7Q286DBH.RM3\gamm...wpf_f3239ab6a2f8f304_0001.0001_none_4082f3cc1e3c6874 folder moved successfully.
C:\Users\Joseph\AppData\Local\Apps\2.0\ACN24T17.54T\7Q286DBH.RM3\curse_a9ab3e4b97c6f141_0001.0000_none_2639d79cd6d239af folder moved successfully.
C:\Users\Joseph\AppData\Local\Apps\2.0\ACN24T17.54T\7Q286DBH.RM3\curs..zers_c85bb4cad3a5dfb5_0001.0000_none_311750f664a5eb21 folder moved successfully.
C:\Users\Joseph\AppData\Local\Apps\2.0\ACN24T17.54T\7Q286DBH.RM3\curs..vers_3002534cd7a5b40d_0001.0000_none_94b72a2a4f0e3f12 folder moved successfully.
C:\Users\Joseph\AppData\Local\Apps\2.0\ACN24T17.54T\7Q286DBH.RM3\curs..tion_b0514d04fccbdb72_0001.0000_none_31aa88590a5e716c folder moved successfully.
C:\Users\Joseph\AppData\Local\Apps\2.0\ACN24T17.54T\7Q286DBH.RM3\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b6290e21932c\fr-FR folder moved successfully.
C:\Users\Joseph\AppData\Local\Apps\2.0\ACN24T17.54T\7Q286DBH.RM3\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b6290e21932c\ESMODInstaller folder moved successfully.
C:\Users\Joseph\AppData\Local\Apps\2.0\ACN24T17.54T\7Q286DBH.RM3\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b6290e21932c\ClientIcons folder moved successfully.
C:\Users\Joseph\AppData\Local\Apps\2.0\ACN24T17.54T\7Q286DBH.RM3\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b6290e21932c folder moved successfully.
C:\Users\Joseph\AppData\Local\Apps\2.0\ACN24T17.54T\7Q286DBH.RM3\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b6280da2836c\fr-FR folder moved successfully.
C:\Users\Joseph\AppData\Local\Apps\2.0\ACN24T17.54T\7Q286DBH.RM3\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b6280da2836c\ESMODInstaller folder moved successfully.
C:\Users\Joseph\AppData\Local\Apps\2.0\ACN24T17.54T\7Q286DBH.RM3\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b6280da2836c\ClientIcons folder moved successfully.
C:\Users\Joseph\AppData\Local\Apps\2.0\ACN24T17.54T\7Q286DBH.RM3\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b6280da2836c folder moved successfully.
C:\Users\Joseph\AppData\Local\Apps\2.0\ACN24T17.54T\7Q286DBH.RM3\curs..tech_aa8c8c3656845a34_0001.0000_none_9f528297112c886a folder moved successfully.
C:\Users\Joseph\AppData\Local\Apps\2.0\ACN24T17.54T\7Q286DBH.RM3\curs..sing_8b22a279a8255e8c_0001.0000_none_5d017552c0fe5145 folder moved successfully.
C:\Users\Joseph\AppData\Local\Apps\2.0\ACN24T17.54T\7Q286DBH.RM3\curs..rols_00072c358aa93735_0001.0000_none_b9453a0fa2a31513 folder moved successfully.
C:\Users\Joseph\AppData\Local\Apps\2.0\ACN24T17.54T\7Q286DBH.RM3\curs..rces_b0514d04fccbdb72_0001.0000_fr-fr_dd2c1cd776e13c74 folder moved successfully.
C:\Users\Joseph\AppData\Local\Apps\2.0\ACN24T17.54T\7Q286DBH.RM3\curs..owdb_8ebd267f012f10ed_0001.0000_none_6bb00a3d4af73198 folder moved successfully.
C:\Users\Joseph\AppData\Local\Apps\2.0\ACN24T17.54T\7Q286DBH.RM3\curs..mod2_fc62fbabd540fa4a_0001.0000_none_1f9b4d3847d44094 folder moved successfully.
C:\Users\Joseph\AppData\Local\Apps\2.0\ACN24T17.54T\7Q286DBH.RM3\curs..mmon_c85bb4cad3a5dfb5_0001.0000_none_590134cd92e07a01 folder moved successfully.
C:\Users\Joseph\AppData\Local\Apps\2.0\ACN24T17.54T\7Q286DBH.RM3\curs..kens_447bcc00e712a048_0001.0000_none_5b0b9063dd0b7ca4 folder moved successfully.
C:\Users\Joseph\AppData\Local\Apps\2.0\ACN24T17.54T\7Q286DBH.RM3\curs..ions_7e7f879797d04a51_0001.0000_none_a248efbfe62cb319 folder moved successfully.
C:\Users\Joseph\AppData\Local\Apps\2.0\ACN24T17.54T\7Q286DBH.RM3\curs..ient_9e9e83ddf3ed3ead_0004.0000_none_96bf5013b3b33ec2 folder moved successfully.
C:\Users\Joseph\AppData\Local\Apps\2.0\ACN24T17.54T\7Q286DBH.RM3\curs..hash_8432f15c15e06b4f_0001.0000_none_54bc766006c2d238 folder moved successfully.
C:\Users\Joseph\AppData\Local\Apps\2.0\ACN24T17.54T\7Q286DBH.RM3\curs..dons_a7ce87cfdd4ba154_0001.0000_none_88033998b61b4817 folder moved successfully.
C:\Users\Joseph\AppData\Local\Apps\2.0\ACN24T17.54T\7Q286DBH.RM3\curs..dels_823b3ca1d8c473c0_0001.0000_none_828d8225eff00f16 folder moved successfully.
C:\Users\Joseph\AppData\Local\Apps\2.0\ACN24T17.54T\7Q286DBH.RM3\curs...exe_9e9e83ddf3ed3ead_0005.0001_none_ee691605167f2968\ESMODInstaller folder moved successfully.
C:\Users\Joseph\AppData\Local\Apps\2.0\ACN24T17.54T\7Q286DBH.RM3\curs...exe_9e9e83ddf3ed3ead_0005.0001_none_ee691605167f2968\ClientIcons folder moved successfully.
C:\Users\Joseph\AppData\Local\Apps\2.0\ACN24T17.54T\7Q286DBH.RM3\curs...exe_9e9e83ddf3ed3ead_0005.0001_none_ee691605167f2968 folder moved successfully.
C:\Users\Joseph\AppData\Local\Apps\2.0\ACN24T17.54T\7Q286DBH.RM3\antl..time_eb42632606e9261f_0003.0003_none_d2ba023fdcd3c4c1 folder moved successfully.
C:\Users\Joseph\AppData\Local\Apps\2.0\ACN24T17.54T\7Q286DBH.RM3\acti..t351_36ff2196ab5654b9_000b.0001_none_38b6c354d09ea504 folder moved successfully.
C:\Users\Joseph\AppData\Local\Apps\2.0\ACN24T17.54T\7Q286DBH.RM3\acti..f351_36ff2196ab5654b9_000b.0001_none_f33c271ee429ab4d folder moved successfully.
C:\Users\Joseph\AppData\Local\Apps\2.0\ACN24T17.54T\7Q286DBH.RM3\acti..f351_36ff2196ab5654b9_000b.0001_none_a5cbd7aee20937b6 folder moved successfully.
C:\Users\Joseph\AppData\Local\Apps\2.0\ACN24T17.54T\7Q286DBH.RM3 folder moved successfully.
C:\Users\Joseph\AppData\Local\Apps\2.0\ACN24T17.54T folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 57311 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Joseph
->Temp folder emptied: 646573 bytes
->Temporary Internet Files folder emptied: 179641335 bytes
->Java cache emptied: 1496202 bytes
->FireFox cache emptied: 36264311 bytes
->Google Chrome cache emptied: 33547289 bytes
->Flash cache emptied: 58891 bytes

User: Public

User: UpdatusUser

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 251643397 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 46439971 bytes
RecycleBin emptied: 1044480 bytes

Total Files Cleaned = 525,00 mb


OTM by OldTimer - Version 3.1.21.0 log created on 02072015_155919
#213864
Nous allons éffectuer un diagnostic de ton ordinateur :
  • Télécharge OTL de Old_Timer et enregistre le sur le Bureau
  • Ferme toutes les autres fenêtres et double-clique sur OTL.pif
  • Sous Vista et Windows 7, il faut lancer le fichier par clic-droit -> Exécuter en tant qu'adminsitrateur.
  • Vérifie que les cases Tous les utilisateurs, Recherche Lop et Recherche Purity soient cochées.
  • Dans le cadre Personnalisation, copie-colle l'intégralité de ce qui suit :
Code : Tout sélectionner
netsvcs 
msconfig 
safebootminimal 
safebootnetwork 
activex 
drivers32 
%ALLUSERSPROFILE%\Application Data\*. 
%ALLUSERSPROFILE%\Application Data\*.exe /s 
%APPDATA%\*. 
%APPDATA%\*.exe /s 
%temp%\*.exe /s 
%SYSTEMDRIVE%\*.exe 
%systemroot%\*. /mp /s 
%systemroot%\system32\consrv.dll 
%systemroot%\system32\*.dll /lockedfiles 
%windir%\Tasks\*.job /lockedfiles 
%systemroot%\system32\drivers\*.sys /lockedfiles 
%systemroot%\System32\config\*.sav 
/md5start 
explorer.exe 
winlogon.exe 
services.exe 
wininit.exe 
/md5stop 
HKEY_CLASSES_ROOT\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InprocServer32 /s 
HKEY_LOCAL_MACHINE\SYSTEM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters /s 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems /s 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls /s 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList /s 
HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor /s 
HKEY_CURRENT_USER\Software\Microsoft\Command Processor /s 
CREATERESTOREPOINT 
nslookup http://www.google.fr /c 
hklm\software\clients\startmenuinternet|command /rs 
hklm\software\clients\startmenuinternet|command /64 /rs 
CREATERESTOREPOINT
SAVEMBR:0 
  • Clique sur Analyse

    Image
  • Une fois le scan terminé 1 ou 2 rapports vont s'ouvrir OTL.txt et Extras.txt.
  • Copie le contenu des rapports OTL.txt et Extras.txt sur Paste And Furious puis copie/colle le lien généré dans ta prochaine réponse.
    -> Tuto Paste And Furious : http://www.sosvirus.net/tutoriel-paste- ... 04985.html" onclick="window.open(this.href);return false;
Note : Au cas oà¹, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés[/list]
#213877
  • Relance OTL.
  • Sous Persfonnalisation (Custom Scan), copie-colle le contenu du cadre ci dessous (bien prendre :OTL en début).
    :OTL
    IE - HKU\S-1-5-21-179325757-119756719-573883959-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?type=hp&ts= ... XX9RXHYPE3" onclick="window.open(this.href);return false;
    IE - HKU\S-1-5-21-179325757-119756719-573883959-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.delta-homes.com/web/?type ... RXHYPE3&q=" onclick="window.open(this.href);return false;{searchTerms}
    IE - HKU\S-1-5-21-179325757-119756719-573883959-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.delta-homes.com/web/?type ... RXHYPE3&q=" onclick="window.open(this.href);return false;{searchTerms}
    IE - HKU\S-1-5-21-179325757-119756719-573883959-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.default-search.net?sid=476&a ... 01&src=hmp" onclick="window.open(this.href);return false;
    IE - HKU\S-1-5-21-179325757-119756719-573883959-1000\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://search.delta-homes.com/web/?type ... RXHYPE3&q=" onclick="window.open(this.href);return false;{searchTerms}
    IE - HKU\S-1-5-21-179325757-119756719-573883959-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}: "URL" = http://www.default-search.net/search?si ... &src=ds&p=" onclick="window.open(this.href);return false;{searchTerms}
    FF - prefs.js..keyword.URL: "http://www.default-search.net/search?si ... &src=ds&p="
    FF - prefs.js..browser.startup.homepage: "http://www.default-search.net?sid=476&a ... 01&src=hmp"
    FF - prefs.js..browser.search.defaultenginename: "default-search.net"
    FF - prefs.js..browser.search.order.1: "default-search.net"
    FF - prefs.js..browser.search.selectedEngine: "default-search.net"
    O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
    O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
    O4 - HKLM..\Run: [AnyProtect Scanner] "C:\Program Files\AnyProtectEx\AnyProtect.exe" File not found
    O4 - HKLM..\Run: [fst_fr_375] File not found
    O4 - HKLM..\Run: [Lightshot] C:\Program Files\Skillbrains\lightshot\Lightshot.exe File not found
    O4 - HKLM..\Run: [NCUpdateHelper] C:\Program Files\NCWest\NCLauncher\NCUpdateHelper.exe File not found
    O4 - HKU\S-1-5-21-179325757-119756719-573883959-1000..\Run: [cacaoweb] "C:\Users\Joseph\AppData\Roaming\cacaoweb\cacaoweb.exe" -noplayer File not found
    O4 - HKU\S-1-5-21-179325757-119756719-573883959-1000..\Run: [LightShot] C:\Users\Joseph\AppData\Local\Skillbrains\lightshot\Lightshot.exe File not found
    O4 - HKU\S-1-5-21-179325757-119756719-573883959-1000..\Run: [MK LOL] C:\Program Files\MKJogo\MK IM\Bin\MKIM.exe ()
    O4 - HKU\S-1-5-21-179325757-119756719-573883959-1000..\Run: [MKLOL] C:\Program Files\MKJogo\MKLOL\MK.exe (MK)
    O4 - Startup: C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
    O4 - Startup: C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk = C:\Program Files\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
    O4 - HKU\S-1-5-21-179325757-119756719-573883959-1000..\Run: [WinAuth] C:\Users\Joseph\AppData\Local\Temp\Rar$EXa0.203\WinAuth.exe -min File not found
    O36 - AppCertDlls: x64 - (c:\program files\settings manager\smdmf\x64\sysapcrt.dll) - File not found
    O36 - AppCertDlls: x86 - (C:\Program Files\Settings Manager\smdmf\sysapcrt.dll) - C:\Program Files\Settings Manager\smdmf\sysapcrt.dll ()

    :files
    %Temp%\*.*
    C:\Program Files\AnyProtectEx
    C:\Program Files\Skillbrains
    C:\Program Files\NCWest
    C:\Program Files\MKJogo
    C:\Users\Joseph\AppData\Roaming\cacaoweb
    C:\Users\Joseph\AppData\Local\Skillbrains
    C:\Program Files\MyPC Backup
    C:\Users\Joseph\AppData\Local\Temp\Rar$EXa0.203
    c:\program files\settings manager
    C:\Users\Joseph\AppData\Roaming\Curse
    C:\Users\Joseph\AppData\Local\Glyph
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glyph
    C:\ProgramData\Glyph
    C:\Program Files\Glyph
    C:\Users\Joseph\AppData\Local\ProjectGorgon
    C:\Users\Joseph\Documents\MKGame
    C:\Users\Joseph\Documents\MKJogo
    C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MKJogo
    C:\Users\Joseph\AppData\Roaming\0V1L2Z2Z1T1I1L1T
    C:\Windows\JQHApp.dat
    C:\Users\Joseph\Desktop\MK LOL.lnk
    C:\Users\Joseph\Desktop\Glyph.lnk

    :Commands
    [emptytemp]
    [emptyflash]
    [resethosts]
    [reboot]
  • Clic Correction (Fix), un rapport apparraitra, copie/colle le contenu ici:
  • Image
  • Redemarre le pc et poste le rapport dans ta prochaine réponse.
  • Le rapport est sauvegardé sous C:\_OTL\MovedFiles\date_heure.log
#213894
  • Télécharge Adwcleaner (de Xplode) sur ton Bureau !
  • Fais clic droit dessus, exécuter en tant qu'administrateur sous Windows : 7/8 et Vista,sinon double-clique pour XP.
    1. Choisis l'option Scanner
    2. Choisis l'option Nettoyer
  • Accepte l'avertissement en cliquant sur OK

    Image
  • Accepte les avertissements/informations en cliquant sur OK
  • Copie et Colle le contenu du rapport qui apparaît au redémarrage du PC.
#213897
Quand je veux exécuter le programme il m'ouvre une fenêtre pour choisir avec quel programme je veux l'ouvrir le problème est que dans la liste des "programmes recommandés" comme dans la liste "autres programmes" il n'y a rien.

bonsoir oki pour la fermeture je m'en charge car[…]

how to clean junk files

Hello don't use this program , it's a bullshit :)

Bonjour https://www.aht.li/3213847/AdsFix.exe b[…]

De rien Bon WE :)