SOSVirus : Dépannage PC Gratuit Forums Aide à la désinfection – Forum Virus Sécurité PROBLEMES ISTART.WEBSEARCHES ET BARRE DE RECHERCHE

15 sujets de 1 à 15 (sur un total de 26)
  • Auteur
    Messages
  • deadkeeny
    Participant
    Nombre d'articles : 13

    Bonsoir,

    J’ai actuellement deux problèmes sur mon navigateur Firefox et j’aurais besoin d’un peu d’aide. Je suis nouveau sur le forum et j’espère que je procède correctement.

    1. istart.websearches.com en page d’accueil

    Comme indiqué ci dessus, ce moteur de recherche parasite ne veut pas disparaitre. J’ai donc fait quelques recherches et ai trouvé un tuto pour la suppression de celle ci dans le forum. en suivant les indications, j’ai compris qu’il fallait transmettre deux rapports :

    – shortcut module :
    Lien de téléchargement: https://antimalware.top/www/?a=d&i=eMwoJqNvvh” onclick=”window.open(this.href);return false;

    -adwcleaner :
    Lien de téléchargement: https://antimalware.top/www/?a=d&i=JJnfniAmEQ” onclick=”window.open(this.href);return false;

    Par contre je ne sais pas quoi faire ensuite.

    2. Problème avec une barre de recherche.

    Au lancement de mon navigateur, lorsque je fait une recherche sur Google, le curseur passe automatiquement dans une barre en bas de l’écran avec une zone orange pour l’écriture de la recherche.
    Puis le fait de cliquer ailleurs fait que le curseur passe d’un menu à l’autre seul et très rapidement (comme ci je restait appuyé sur TAB).
    Ne connaissant pas le nom de ce problème, J’ai fait quelques recherches mais n’ai rien trouvé à ce jour malheureusement.

    Je vous remercie par avance de votre aide.

    Ps: j’avoue que je n’ai pas compris le fonctionnement du (spoiler) pour les rapports !
    Cordialement
    Deadkeeny

    deadkeeny
    Participant
    Nombre d'articles : 13

    re-bonsoir

    petites précisions supplémentaires: Istart semble être annihilée de mon navigateur mais l’autre problème non et cette fois ci j’ai une fenêtre windows search qui s’affiche et clignote en non stop au lieu du curseur qui se déplace cette fois ci.

    Screenshot:
    Lien de téléchargement: https://antimalware.top/www/?a=d&i=w0s1DiAO5d” onclick=”window.open(this.href);return false;

    Bonne soirée (ou bonne nuit!!)
    Et merci pour votre aide.
    Deadkeeny

    guugues
    Participant
    Nombre d'articles : 573

    Hello et :welcome:

    Je vais te prendre en charge pour la désinfection, mais d’abord, je vais te demander de prendre connaissance de ces quelques règles :

    La désinfection ne sera terminée que lorsque je le dirai. Merci de continuer jusqu’au bout, même si les symptômes apparents ont disparu.

    Les outils que je te demanderai de télécharger devront être enregistrés sur ton bureau : aide en images
    (merci à H.A.W.X).

    Ne suis pas plusieurs procédures de désinfection sur différents forums, au risque d’endommager ton système d’exploitation.

    Ne fais rien de ta propre initiative.

    Je suis bénévole : je ne pourrai donc pas toujours te répondre de suite.

    Ton PC est infecté par des PUP / Adwares, qui ont les caractéristiques d’afficher des pubs intempestives, de collecter tes habitudes de navigation et d’installer des toolbars , car tu n’es pas assez vigilant(e) lors de l’installation de logiciels gratuits, qui proposent souvent ces PUP / Adwares pré-cochés pour l’installation.

    Afin d’éviter ce genre d’infections, quelques recommandations :

    En cas de téléchargements de logiciels, les effectuer uniquement via les sites officiels des éditeurs.

    Ne télécharge donc pas tes logiciels sur des sites comme Softonic ou 01.net.

    Prends connaissance de ce qui est indiqué lors de l’installation de logiciels : assure-toi de décocher les éventuelles cases pré-sélectionnées.

    A lire impérativement : Stop les publicités intempestives

    Nous allons réaliser un diagnostic de ton PC :

    OTL – Analyse :

    • Télécharge OTL sur ton bureau.
    • Ferme toutes les applications en cours, puis lance OTL.

    Sous Windows Vista/Seven/8, clique droit sur OTL puis Exécuter en tant qu’administrateur

    • Coche les cases Tous les utilisateurs, Recherche Lop et Recherche Purity.
    • Si ton Windows est en 64 bit, la case Avec analyses 64 bit doit être cochée par défaut :

    • Copie le contenu du cadre ci-dessous en cliquant sur Tout sélectionner, clique-droit sur la zone sélectionnée puis choisis Copier :
    netsvcs
    msconfig
    safebootminimal
    safebootnetwork
    drivers32
    activex
    /md5start
    afd.sys
    atapi.sys
    cdfs.sys
    cdrom.sys
    dfsc.sys
    hdaudbus.sys
    i8042prt.sys
    ipnat.sys
    ipsec.sys
    mrxsmb.sys
    netbt.sys
    ntfs.sys
    parport.sys
    rasl2tp.sys
    rdpdr.sys
    smb.sys
    tcpip.sys
    tdx.sys
    volsnap.sys
    explorer.exe
    services.exe
    svchost.exe
    userinit.exe
    wininit.exe
    winlogon.exe
    kernel32.dll
    rpcss.dll
    user32.dll
    /md5stop
    %temp%.exe /s
    %SYSTEMDRIVE%*.exe
    %ALLUSERSPROFILE%Application Data*.
    %ALLUSERSPROFILE%Application Data*.exe /s
    %APPDATA%*.
    %APPDATA%*.*
    %APPDATA%*.exe /s
    %systemroot%*. /mp /s
    %systemroot%system32consrv.dll
    %SystemDrive%$RECYCLE.BIN* /s
    %SystemDrive%RECYCLER* /s
    %SystemRoot%assemblyGAC*.*
    %SystemRoot%assemblyGAC_32*.*
    %SystemRoot%assemblyGAC_64*.*
    %SystemRoot%Installer* /s
    %LOCALAPPDATA%*.
    %LOCALAPPDATA%*.*
    %LOCALAPPDATA%GoogleDesktop* /s
    %ProgramFiles%GoogleDesktop* /s
    HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun
    %systemroot%System32config*.sav
    %systemroot%system32*.dll /lockedfiles
    %systemroot%syswow64*.dll /lockedfiles
    %systemroot%Tasks*.job /lockedfiles
    %systemroot%system32drivers*.sys /lockedfiles
    %systemroot%syswow64drivers*.sys /lockedfiles
    hklmsoftware
    hkcusoftware
    hklmsoftwareclientsstartmenuinternet|command /rs
    hklmsoftwareclientsstartmenuinternet|command /64 /rs
    HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSession ManagerSubSystems /s
    HKLMSOFTWAREMicrosoftInternet ExplorerMAINFeatureControl|FEATURE_BROWSER_EMULATION /rs
    HKEY_USERS.DEFAULTSoftwareMicrosoftInternet ExplorerMainFeatureControl|feature_enable_ie_compression /rs
    HKEY_USERSS-1-5-18SoftwareMicrosoftInternet ExplorerMainFeatureControl|feature_enable_ie_compression /rs
    nslookup www.google.fr /c
    SAVEMBR:0
    CREATERESTOREPOINT
    • Puis colle-le sous la catégorie Personnalisation d’OTL.
    • Clique sur le bouton Analyse en haut à gauche puis patiente quelques instants.
    • A la fin du scan, deux rapports s’ouvriront : OTL.txt et Extras.txt. Ceux-ci sont présents sur ton bureau.
    • Héberge chacun de ces rapports sur cjoint.com puis poste moi les liens dans ta prochaine réponse.



    Sont donc attendus les 2 rapports de OTL.

    deadkeeny
    Participant
    Nombre d'articles : 13

    Bonjour guugues,

    J’ai bien pris connaissances des recommandations citées dans ton post.

    Rapports OTL :
    http://cjoint.com/?DDziBT3TVMY” onclick=”window.open(this.href);return false;
    http://cjoint.com/?DDziCwEFGjf” onclick=”window.open(this.href);return false;

    Merci.
    Deadkeeny.

    Anonyme
    Nombre d'articles : 0

    :hello: ,

    Désinstalle le programme : WahOO

    • Relance OTL.
    • Sous Persfonnalisation (Custom Scan), copie-colle le contenu du cadre ci dessous (bien prendre :OTL en début).

      :OTL
      SRV – [2010/12/14 23:47:22 | 000,501,336 | —- | M] (PacketVideo) [Auto | Running] — C:Program FilesServeur Mediatwonkymediaserverwatchdog.exe — (Serveur Média)
      IE – HKUS-1-5-21-1177238915-261478967-725345543-1004..SearchScopes{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: “URL” = http://search.live.com/results.aspx?q=” onclick=”window.open(this.href);return false;{searchTerms}&src=IE-SearchBox&Form=IE8SRC
      IE – HKLM..SearchScopes{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: “URL” = http://www.bing.com/search?q=” onclick=”window.open(this.href);return false;{searchTerms}&FORM=IE8SRC
      IE – HKUS-1-5-21-1177238915-261478967-725345543-1004..SearchScopes{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: “URL” = http://search.live.com/results.aspx?q=” onclick=”window.open(this.href);return false;{searchTerms}&src=IE-SearchBox&Form=IE8SRC
      IE – HKUS-1-5-21-1177238915-261478967-725345543-1004..SearchScopes{814C76CB-2623-43F4-AAD0-58A0E5190A20}: “URL” = http://r.orange.fr/r?ref=O_OI_hook_openSearchIE&url=http%3A//rws.search.ke.voila.fr/RW/S/opensearch_orange?rdata=” onclick=”window.open(this.href);return false;{searchTerms}
      O2 – BHO: (no name) – {DBC80044-A445-435b-BC74-9C25C1C588A9} – No CLSID value found.
      O3 – HKLM..Toolbar: (no name) – 10 – No CLSID value found.
      O2 – BHO: (no name) – {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} – No CLSID value found.
      O4 – HKLM..Run: [Monitor] C:monitor.exe ()
      O4 – HKLM..Run: [SW20] C:WINDOWSsystem32sw20.exe ()
      O4 – HKLM..Run: [SW24] C:WINDOWSsystem32sw24.exe ()
      MsConfig – StartUpFolder: C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Agent Serveur Média.lnk – C:Program FilesServeur Mediatwonkymediaserverconfig.exe – (PacketVideo)
      MsConfig – StartUpFolder: C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Windows Search.lnk – C:Program FilesWindows Desktop SearchWindowsSearch.exe – (Microsoft Corporation)
      MsConfig – StartUpFolder: C:^Documents and Settings^fabien^Menu Démarrer^Programmes^Démarrage^OpenOffice.org 3.3.lnk – – File not found
      MsConfig – StartUpReg: BluetoothAuthenticationAgent – hkey= – key= – File not found
      MsConfig – StartUpReg: NvMediaCenter – hkey= – key= – File not found
      MsConfig – StartUpReg: Wahoo – hkey= – key= – C:Documents and SettingsfabienLocal SettingsApplication DataWahOOWahoo.exe ()
      FF – HKLMSoftwareMozillaPlugins@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:Program FilesTracker SoftwarePDF ViewernpPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
      FF – HKCUSoftwareMozillaPlugins@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:Program FilesTracker SoftwarePDF ViewernpPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
      FF – HKLMSoftwareMozillaPlugins@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:Program FilesTracker SoftwarePDF ViewernpPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)

      :files
      C:UsersgigiAppDataLocalTemp*.*
      C:monitor.exe
      C:Program FilesServeur Media
      C:Documents and SettingsfabienLocal SettingsApplication DataWahOO
      C:file.exe
      C:Documents and SettingsAll UsersApplication DataServeur Média
      C:wget.exe
      C:Program FilesMozilla Firefoxbrowserextensions{972ce4c6-7e08-4474-a285-3208198ce6fd}
      C:Program FilesTracker Software

      :reg
      [-HKEY_LOCAL_MACHINEsoftwareTaronja]
      [-HKEY_LOCAL_MACHINEsoftwareTracker Software]
      [-HKEY_CURRENT_USERsoftwareSoftware]
      [-HKEY_CURRENT_USERsoftwareTeleCharger]
      [-HKEY_CURRENT_USERsoftwareTeleCharger_v2]
      [-HKEY_CURRENT_USERsoftwareWahOO]

      :Commands
      [emptytemp]
      [emptyflash]
      [resethosts]
      [reboot]

    • Clic Correction (Fix), un rapport apparraitra, copie/colle le contenu ici:
    • Redemarre le pc et poste le rapport dans ta prochaine réponse.
    • Le rapport est sauvegardé sous C:_OTLMovedFilesdate_heure.log
    deadkeeny
    Participant
    Nombre d'articles : 13

    Bonjour El Desaparecido,

    voici le rapport d’OTL après suppression de Wahoo.

    [spoiler:2ktrbd2b]All processes killed
    ========== OTL ==========
    Service Serveur Média stopped successfully!
    Service Serveur Média deleted successfully!
    C:Program FilesServeur Mediatwonkymediaserverwatchdog.exe moved successfully.
    Registry key HKEY_USERSS-1-5-21-1177238915-261478967-725345543-1004SoftwareMicrosoftInternet ExplorerSearchScopes{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully.
    Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{0633EE93-D776-472f-A0FF-E1416B8B2E3A} not found.
    Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerSearchScopes{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully.
    Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{0633EE93-D776-472f-A0FF-E1416B8B2E3A} not found.
    Registry key HKEY_USERSS-1-5-21-1177238915-261478967-725345543-1004SoftwareMicrosoftInternet ExplorerSearchScopes{0633EE93-D776-472f-A0FF-E1416B8B2E3A} not found.
    Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{0633EE93-D776-472f-A0FF-E1416B8B2E3A} not found.
    Registry key HKEY_USERSS-1-5-21-1177238915-261478967-725345543-1004SoftwareMicrosoftInternet ExplorerSearchScopes{814C76CB-2623-43F4-AAD0-58A0E5190A20} deleted successfully.
    Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{814C76CB-2623-43F4-AAD0-58A0E5190A20} not found.
    Registry key HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{DBC80044-A445-435b-BC74-9C25C1C588A9} deleted successfully.
    Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{DBC80044-A445-435b-BC74-9C25C1C588A9} not found.
    Registry value HKEY_LOCAL_MACHINESoftwareMicrosoftInternet ExplorerToolbar\10 deleted successfully.
    Registry key HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully.
    Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} not found.
    Registry value HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun\Monitor deleted successfully.
    C:monitor.exe moved successfully.
    Registry value HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun\SW20 deleted successfully.
    C:WINDOWSsystem32sw20.exe moved successfully.
    Registry value HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun\SW24 deleted successfully.
    C:WINDOWSsystem32sw24.exe moved successfully.
    Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftShared ToolsMSConfigStartUpFolderC:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Agent Serveur Média.lnk deleted successfully.
    C:WINDOWSpssAgent Serveur Média.lnkCommon Startup moved successfully.
    Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftShared ToolsMSConfigStartUpFolderC:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Windows Search.lnk deleted successfully.
    C:WINDOWSpssWindows Search.lnkCommon Startup moved successfully.
    Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftShared ToolsMSConfigStartUpFolderC:^Documents and Settings^fabien^Menu Démarrer^Programmes^Démarrage^OpenOffice.org 3.3.lnk deleted successfully.
    C:WINDOWSpssOpenOffice.org 3.3.lnkStartup moved successfully.
    Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftShared ToolsMSConfigStartUpRegBluetoothAuthenticationAgent deleted successfully.
    Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftShared ToolsMSConfigStartUpRegNvMediaCenter deleted successfully.
    Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftShared ToolsMSConfigStartUpRegWahoo deleted successfully.
    Registry key HKEY_LOCAL_MACHINESoftwareMozillaPlugins@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf deleted successfully.
    File C:Program FilesTracker SoftwarePDF ViewernpPDFXCviewNPPlugin.dll (Tracker Software Products not found.
    Registry key HKEY_CURRENT_USERSoftwareMozillaPlugins@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf deleted successfully.
    File C:Program FilesTracker SoftwarePDF ViewernpPDFXCviewNPPlugin.dll (Tracker Software Products not found.
    Registry key HKEY_LOCAL_MACHINESoftwareMozillaPlugins@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf deleted successfully.
    File C:Program FilesTracker SoftwarePDF ViewernpPDFXCviewNPPlugin.dll (Tracker Software Products not found.
    ========== FILES ==========
    FileFolder C:UsersgigiAppDataLocalTemp*.* not found.
    FileFolder C:monitor.exe not found.
    C:Program FilesServeur Mediaresourcesviews folder moved successfully.
    C:Program FilesServeur Mediaresourcesstyles folder moved successfully.
    C:Program FilesServeur Mediaresourcesremotethemes folder moved successfully.
    C:Program FilesServeur Mediaresourcesremote folder moved successfully.
    C:Program FilesServeur Mediaresourcesodmsnlsfr folder moved successfully.
    C:Program FilesServeur Mediaresourcesodmsnls folder moved successfully.
    C:Program FilesServeur Mediaresourcesodms folder moved successfully.
    C:Program FilesServeur Mediaresourcesoafxnls folder moved successfully.
    C:Program FilesServeur Mediaresourcesoafx folder moved successfully.
    C:Program FilesServeur Mediaresourcesoafnls folder moved successfully.
    C:Program FilesServeur Mediaresourcesoaf folder moved successfully.
    C:Program FilesServeur Mediaresourcesdojoxnls folder moved successfully.
    C:Program FilesServeur Mediaresourcesdojox folder moved successfully.
    C:Program FilesServeur Mediaresourcesdojonlszh-tw folder moved successfully.
    C:Program FilesServeur Mediaresourcesdojonlszh folder moved successfully.
    C:Program FilesServeur Mediaresourcesdojonlstr folder moved successfully.
    C:Program FilesServeur Mediaresourcesdojonlsth folder moved successfully.
    C:Program FilesServeur Mediaresourcesdojonlssv folder moved successfully.
    C:Program FilesServeur Mediaresourcesdojonlssl folder moved successfully.
    C:Program FilesServeur Mediaresourcesdojonlssk folder moved successfully.
    C:Program FilesServeur Mediaresourcesdojonlsru folder moved successfully.
    C:Program FilesServeur Mediaresourcesdojonlspt-pt folder moved successfully.
    C:Program FilesServeur Mediaresourcesdojonlspt folder moved successfully.
    C:Program FilesServeur Mediaresourcesdojonlspl folder moved successfully.
    C:Program FilesServeur Mediaresourcesdojonlsnl folder moved successfully.
    C:Program FilesServeur Mediaresourcesdojonlsnb folder moved successfully.
    C:Program FilesServeur Mediaresourcesdojonlsko folder moved successfully.
    C:Program FilesServeur Mediaresourcesdojonlsja folder moved successfully.
    C:Program FilesServeur Mediaresourcesdojonlsit folder moved successfully.
    C:Program FilesServeur Mediaresourcesdojonlshu folder moved successfully.
    C:Program FilesServeur Mediaresourcesdojonlshe folder moved successfully.
    C:Program FilesServeur Mediaresourcesdojonlsfr folder moved successfully.
    C:Program FilesServeur Mediaresourcesdojonlsfi folder moved successfully.
    C:Program FilesServeur Mediaresourcesdojonlses folder moved successfully.
    C:Program FilesServeur Mediaresourcesdojonlsel folder moved successfully.
    C:Program FilesServeur Mediaresourcesdojonlsde folder moved successfully.
    C:Program FilesServeur Mediaresourcesdojonlsda folder moved successfully.
    C:Program FilesServeur Mediaresourcesdojonlscs folder moved successfully.
    C:Program FilesServeur Mediaresourcesdojonlsca folder moved successfully.
    C:Program FilesServeur Mediaresourcesdojonlsar folder moved successfully.
    C:Program FilesServeur Mediaresourcesdojonls folder moved successfully.
    C:Program FilesServeur Mediaresourcesdojo folder moved successfully.
    C:Program FilesServeur Mediaresourcesdijitnlszh-tw folder moved successfully.
    C:Program FilesServeur Mediaresourcesdijitnlszh folder moved successfully.
    C:Program FilesServeur Mediaresourcesdijitnlstr folder moved successfully.
    C:Program FilesServeur Mediaresourcesdijitnlsth folder moved successfully.
    C:Program FilesServeur Mediaresourcesdijitnlssv folder moved successfully.
    C:Program FilesServeur Mediaresourcesdijitnlssl folder moved successfully.
    C:Program FilesServeur Mediaresourcesdijitnlssk folder moved successfully.
    C:Program FilesServeur Mediaresourcesdijitnlsru folder moved successfully.
    C:Program FilesServeur Mediaresourcesdijitnlspt-pt folder moved successfully.
    C:Program FilesServeur Mediaresourcesdijitnlspt folder moved successfully.
    C:Program FilesServeur Mediaresourcesdijitnlspl folder moved successfully.
    C:Program FilesServeur Mediaresourcesdijitnlsnl folder moved successfully.
    C:Program FilesServeur Mediaresourcesdijitnlsnb folder moved successfully.
    C:Program FilesServeur Mediaresourcesdijitnlsko folder moved successfully.
    C:Program FilesServeur Mediaresourcesdijitnlsja folder moved successfully.
    C:Program FilesServeur Mediaresourcesdijitnlsit folder moved successfully.
    C:Program FilesServeur Mediaresourcesdijitnlshu folder moved successfully.
    C:Program FilesServeur Mediaresourcesdijitnlshe folder moved successfully.
    C:Program FilesServeur Mediaresourcesdijitnlsfr folder moved successfully.
    C:Program FilesServeur Mediaresourcesdijitnlsfi folder moved successfully.
    C:Program FilesServeur Mediaresourcesdijitnlses folder moved successfully.
    C:Program FilesServeur Mediaresourcesdijitnlsel folder moved successfully.
    C:Program FilesServeur Mediaresourcesdijitnlsde folder moved successfully.
    C:Program FilesServeur Mediaresourcesdijitnlsda folder moved successfully.
    C:Program FilesServeur Mediaresourcesdijitnlscs folder moved successfully.
    C:Program FilesServeur Mediaresourcesdijitnlsca folder moved successfully.
    C:Program FilesServeur Mediaresourcesdijitnlsar folder moved successfully.
    C:Program FilesServeur Mediaresourcesdijitnls folder moved successfully.
    C:Program FilesServeur Mediaresourcesdijit folder moved successfully.
    C:Program FilesServeur Mediaresources folder moved successfully.
    C:Program FilesServeur Mediaplugins folder moved successfully.
    C:Program FilesServeur MediaDocs folder moved successfully.
    C:Program FilesServeur Mediacgi-bin folder moved successfully.
    C:Program FilesServeur Media folder moved successfully.
    FileFolder C:Documents and SettingsfabienLocal SettingsApplication DataWahOO not found.
    C:file.exe moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiamedia-statistics folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbtemp folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcacheimagesb2557cf57b9a480034ade585096004fb1920x1080 folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcacheimagesb2557cf57b9a480034ade585096004fb160x160 folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcacheimagesb2557cf57b9a480034ade585096004fb folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcacheimages73b2a650cbddb3898c252c25e552a622640x425 folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcacheimages73b2a650cbddb3898c252c25e552a622160x106 folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcacheimages73b2a650cbddb3898c252c25e552a622 folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcacheimages folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcachef472da6603f0a0a6d95151da880b1215 folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcachef41ff463128c42c3c22b578a570127db folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcachef1304f844648e67f784d355748036285 folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcachee7b1db61b1dc848130658da42f32cb5a folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcachee1e6ca0e40bfffdca192ca8fae665937 folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcached4b766252954bf73c3b288d33de07aef folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcached498a61c8379f06a7185265588186231 folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcachecf2ec3801aa8da0a09fe5ff16d3300a9 folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcachecc70d82cf1ad27624bbae75e8ff2caa4 folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcachecb595a5c1d4f8396bf38b02a1619b899 folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcachec905662ed0431d2be3538da064afa4b9 folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcachec6397f3b2b700e2d8cd11066a30abc52 folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcachec51ff6d3063f202a6aeaa8ad8af092dd folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcachec4102d6e7cfefc7065fbed8cb3c069c9 folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcachec1a172ef2ec8746a7963c039b3e73120 folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcachebd84edad94930e2db18427ebafeb8d43 folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcacheb83109aabad68e96ba260a7965f4e2bf folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcacheb669d4fb78b13a91b4515e5864f371f5 folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcacheb5927fb94ecc98ae2215ef05a604185b folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcacheb512c26312f11cce0c9ad81b57df22d2 folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcacheb20454d8351ec01929a309dadc92f442 folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcachead6440615f907efeaab44f1d89070e4b folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcachea1f48644ff09fcdafff37e3fc244da17 folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcache9dfdec119fe499429c37bc77272ca1de folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcache93df94ecd14157deacf4ca7f48d7b53c folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcache925845fc0e8da783fbca3b24e3c9eb6b folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcache8e8045db13fb116a102a139b635c5a9a folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcache8115f29c16b8e19883fd35671cedfb16 folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcache79fde4abe597b28d0fe40b07e1e4da5e folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcache7582dcd6b28287aca2fb3f475deae5e3 folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcache744c5a8b345456e4c3130fc86b8e714a folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcache721a1ed975446732b466050514e7ed63 folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcache70997061a15a45010ce643aa4488455a folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcache6bced27738ff8f256c47e23bdb028800 folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcache6acc0db079ca057de569245840e9ea70 folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcache683b3a7a8c6ab165a36ce5f5f54f67dd folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcache6619ce539153b1a1d158c9d0de5f793f folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcache660ac3eb32e6a734dc68faa6dd74668c folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcache65e77630cfa10f453bc4b936939051e6 folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcache57aa70224c63cfa9468adaa2054b0fd8 folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcache53a8c0d78e7c5011c9d08a2992bc1c73 folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcache532cdc55e276158dd5a4c4fe4fc94401 folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcache4d89c218fe727e7c5bcddf0aed914509 folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcache4d7ad0605a6197a5c0bbb8d55b2cb45a folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcache4b734618dbf9c70051146651a15b753c folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcache4a0fe0318185a8927a352437d0789c46 folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcache49a8ada682853d5130ac3c1e25a18248 folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcache47a7f42851718d72b3824a35bec3edf9 folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcache3d56da013ecb89b08191ea1e0f1635b8 folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcache3b8f46ca7bcfd204712135a2a8738994 folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcache399310774dbe1e9485934082b6e5a2f4 folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcache388e28156d43057b509706279809e9d1 folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcache31ef80b1b2392e69c58a3ac8fcfd5b50 folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcache2f40a8bc35565a86ef579132b7daaf13 folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcache2e57450d6e7f8001f86d041a608fcad8 folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcache2c769a5d1d8f9c2071c7b2f6f4324693 folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcache2c29c662d367b645674f09d66a05ca97 folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcache2b99abe515240063ae0a0dec5a0351ee folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcache23e7f9e5543bf6596a07fa7a53ba7cf6 folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcache22df720f2c34d4fbaeffa4e813af1ca0 folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcache22068cc4515b994c0f603e643c4fd0ed folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcache20012f1002c2672d7237af7cedc97f1c folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcache1ec1cd0762bb87191eecbfd729d8bafb folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcache19c6222f0e58c4ccbda8d6b0e88a6042 folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcache1756b75269b270fd025132af0520907a folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcachef496c74f216d3e2fa219a3e2f11feb6 folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcachec0ab5b49dcafe31b5ba9f036a43b603 folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcache99c9f97144beabe823216a4b4cebde1 folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcache832270bf7e9022eb38ec4012ab18bec folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcache799eb5a8c91040da30b44a4cf538c49 folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcache25f4ba3adcc2a8048846fa6291f1908 folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadbcache folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Médiadb folder moved successfully.
    C:Documents and SettingsAll UsersApplication DataServeur Média folder moved successfully.
    C:wget.exe moved successfully.
    C:Program FilesMozilla Firefoxbrowserextensions{972ce4c6-7e08-4474-a285-3208198ce6fd} folder moved successfully.
    C:Program FilesTracker SoftwareShell Extensions folder moved successfully.
    C:Program FilesTracker SoftwarePDF ViewerSearchProviders folder moved successfully.
    C:Program FilesTracker SoftwarePDF Viewerocrdats folder moved successfully.
    C:Program FilesTracker SoftwarePDF ViewerLanguages folder moved successfully.
    C:Program FilesTracker SoftwarePDF ViewerHelp folder moved successfully.
    C:Program FilesTracker SoftwarePDF Viewer folder moved successfully.
    C:Program FilesTracker SoftwareLive Update folder moved successfully.
    C:Program FilesTracker Software folder moved successfully.
    ========== REGISTRY ==========
    Registry key HKEY_LOCAL_MACHINEsoftwareTaronja deleted successfully.
    Registry key HKEY_LOCAL_MACHINEsoftwareTracker Software deleted successfully.
    Registry key HKEY_CURRENT_USERsoftwareSoftware deleted successfully.
    Registry key HKEY_CURRENT_USERsoftwareTeleCharger deleted successfully.
    Registry key HKEY_CURRENT_USERsoftwareTeleCharger_v2 deleted successfully.
    Registry key HKEY_CURRENT_USERsoftwareWahOO deleted successfully.
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: Administrateur
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes

    User: All Users

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes
    ->Flash cache emptied: 57472 bytes

    User: fabien
    ->Temp folder emptied: 2678255 bytes
    ->Temporary Internet Files folder emptied: 717130 bytes
    ->FireFox cache emptied: 92661775 bytes
    ->Flash cache emptied: 58428 bytes

    User: Hudson

    User: LocalService
    ->Temp folder emptied: 66016 bytes
    ->Temporary Internet Files folder emptied: 34854 bytes

    User: NetworkService
    ->Temp folder emptied: 84640 bytes
    ->Temporary Internet Files folder emptied: 67524 bytes

    User: UpdatusUser
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes
    ->Flash cache emptied: 57856 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%System32 .tmp files removed: 0 bytes
    %systemroot%System32dllcache .tmp files removed: 0 bytes
    %systemroot%System32drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 16384 bytes
    %systemroot%system32configsystemprofileLocal SettingsTemp folder emptied: 376869728 bytes
    %systemroot%system32configsystemprofileLocal SettingsTemporary Internet Files folder emptied: 48776 bytes
    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 452,00 mb

    [EMPTYFLASH]

    User: Administrateur

    User: All Users

    User: Default User
    ->Flash cache emptied: 0 bytes

    User: fabien
    ->Flash cache emptied: 0 bytes

    User: Hudson

    User: LocalService

    User: NetworkService

    User: UpdatusUser
    ->Flash cache emptied: 0 bytes

    Total Flash Files Cleaned = 0,00 mb

    C:WINDOWSSystem32driversetcHosts moved successfully.
    HOSTS file reset successfully

    OTL by OldTimer – Version 3.2.69.0 log created on 04252014_122309

    FilesFolders moved on Reboot…

    PendingFileRenameOperations files…

    Registry entries deleted on Reboot…[/spoiler:2ktrbd2b]

    Bien à toi
    Deadkeeny

    Anonyme
    Nombre d'articles : 0

    • Pour supprimer les fichiers temporaires :
    • Télécharge SFTGC.exe (de Pierre13) sur ton Bureau et pas ailleurs !.
    • Lance SFTGC, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista
    • Clique sur GO

      Note : A la fin un rapport va s’ouvrir

    • Une fois le scan terminé rends toi sur le bureau, le fichier SFTGC.txt à été créé.
    • Héberge le rapport SFTGC.txt sur SosUpload, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum

    Redémarre ensuite le PC et dis moi ce que ça donne stp :)

    deadkeeny
    Participant
    Nombre d'articles : 13

    Alors manip faite, ci dessous rapport de SFTGC

    Lien de téléchargement: https://antimalware.top/www/?a=d&i=Ms5H9857Dk” onclick=”window.open(this.href);return false;

    Pas de changement au niveau du navigateur par contre

    Anonyme
    Nombre d'articles : 0

    • Télécharge ZHPDiag (de Nicolas Coolman) sur ton bureau.
    • Installe le logiciel.
    • Lance ZHPDiag, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista
    • Clic sur Complet

      Note : Ne pas fermer le programme même si il est indiqué qu’il ne répond plus.

    • Une fois le scan terminé rends toi sur le bureau, le fichier ZHPDiag.txt à été créé.
    • Héberge le rapport ZHPDiag.txt sur SosUpload, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum
    deadkeeny
    Participant
    Nombre d'articles : 13

    Bonjour,

    Voici le lien :
    https://antimalware.top/www/?a=d&i=eNiM3AcW5H” onclick=”window.open(this.href);return false;

    Deadkeeny.

    Anonyme
    Nombre d'articles : 0

    • Télécharge MalwareBytes
    • Procède à l’installation de celui çi Décocher “Activer l’essai gratuit de Malwarebytes Anti-Malware Premium”
    • Clic sur Mettre à jour (à droite, au centre)
    • Clic sur Examen (en haut)
    • Sélectionne Examen “Menaces”
    • Clic sur Examiner maintenant

    • A la fin du scan clic sur Tout mettre en quarantaine !
    • Clic sur Copier dans le Presse-papiers
    • Un rapport va s’ouvrir. Copie/Colle son contenue dans ta prochaine réponse.
    deadkeeny
    Participant
    Nombre d'articles : 13

    Bonjour,

    Scan effectué avec Malwarebyte. aucune menace détéctée.

    [spoiler:2hmwu6hz]Malwarebytes Anti-Malware
    http://www.malwarebytes.org

    Date de l'examen: 27/04/2014
    Heure de l'examen: 08:48:07
    Fichier journal:
    Administrateur: Oui

    Version: 2.00.1.1004
    Base de données Malveillants: v2014.04.27.01
    Base de données Rootkits: v2014.03.27.01
    Licence: Gratuite
    Protection contre les malveillants: Désactivé(e)
    Protection contre les sites Web malveillants: Désactivé(e)
    Chameleon: Désactivé(e)

    Système d'exploitation: Windows XP Service Pack 3
    Processeur: x86
    Système de fichiers: NTFS
    Utilisateur: fabien

    Type d'examen: Examen “Menaces”
    Résultat: Terminé
    Objets analysés: 287339
    Temps écoulé: 6 min, 20 sec

    Mémoire: Activé(e)
    Démarrage: Activé(e)
    Système de fichiers: Activé(e)
    Archives: Activé(e)
    Rootkits: Désactivé(e)
    Shuriken: Activé(e)
    PUP: Activé(e)
    PUM: Activé(e)

    Processus: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Clés du Registre: 0
    (No malicious items detected)

    Valeurs du Registre: 0
    (No malicious items detected)

    Données du Registre: 0
    (No malicious items detected)

    Dossiers: 0
    (No malicious items detected)

    Fichiers: 0
    (No malicious items detected)

    Secteurs physiques: 0
    (No malicious items detected)

    (end)[/spoiler:2hmwu6hz]

    Bon dimanche
    Deadkeeny

    deadkeeny
    Participant
    Nombre d'articles : 13

    Je joint également le rapport de Malware byte fait juste avant de vous contacter si cela peux t’être utile !!

    https://antimalware.top/www/?a=d&i=i3r3tlMWap” onclick=”window.open(this.href);return false;

    Anonyme
    Nombre d'articles : 0

    Je joint également le rapport de Malware byte fait juste avant de vous contacter si cela peux t’être utile !!

    Tu fais bien, il me montre tout plein d’info :)

    On va refaire un nettoyage avec adwcleaner car il a été optimisé pour certaines détection ::

    • Télécharge Adwcleaner (de Xplode) sur ton Bureau !
    • Fais clic droit dessus, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista,sinon double-clique pour XP.
      1. Choisis l’option Scanner
      2. Choisis l’option Nettoyer
    • Accepte l’avertissement en cliquant sur OK

    • Accepte les avertissements/informations en cliquant sur OK
    • Copie et Colle le contenu du rapport qui apparaît au redémarrage du PC.
    deadkeeny
    Participant
    Nombre d'articles : 13

    et voici :

    [spoiler:39c02zyv]# AdwCleaner v3.204 – Rapport créé le 27/04/2014 à 13:32:03
    # Mis à jour le 26/04/2014 par Xplode
    # Système d'exploitation : Microsoft Windows XP Service Pack 3 (32 bits)
    # Nom d'utilisateur : fabien – M-RJVLV17S2H3LN
    # Exécuté depuis : C:Documents and SettingsfabienBureauadwcleaner(1).exe
    # Option : Nettoyer

    ***** [ Services ] *****

    ***** [ Fichiers / Dossiers ] *****

    ***** [ Raccourcis ] *****

    ***** [ Registre ] *****

    ***** [ Navigateurs ] *****

    -\ Internet Explorer v8.0.6001.18702

    -\ Mozilla Firefox v28.0 (fr)

    [ Fichier : C:Documents and SettingsfabienApplication DataMozillaFirefoxProfilesef3z9nj3.default-1384882131359prefs.js ]

    *************************

    AdwCleaner[R0].txt – [8512 octets] – [24/04/2014 22:40:48]
    AdwCleaner[R1].txt – [984 octets] – [27/04/2014 13:31:24]
    AdwCleaner[S0].txt – [8696 octets] – [24/04/2014 22:42:18]
    AdwCleaner[S1].txt – [906 octets] – [27/04/2014 13:32:03]

    ########## EOF – C:AdwCleanerAdwCleaner[S1].txt – [965 octets] ##########[/spoiler:39c02zyv]

15 sujets de 1 à 15 (sur un total de 26)
  • Vous devez être connecté pour répondre à ce sujet.