nat-etc

merci beaucoup d'avoir passé tout ce temps pour m'aider je vais aller chercher du coté de hardware bye nat

bonsoir rien à signaler à l'analyse avec eset !!! pas de rapport donc qu'est ce que je desinstalle sur mon pc de tout ce que vous m'avez fait installer ? je ne sais pas trop quoi vous dire, c'est arrivé encore une fois ce matin, cet apres midi rien à signaler juste pendant les analyses le pc a beaucoup chauffé la ventillation etait forte sinon j'ai panda en antivirus est il convenable ? nat

bonjour j 'ai fait ce que vous m'avez suggeré de faire , les mises à jours , etc java n'etait pas installé ni adobe reader ? est ce possible ? sinon pendant mes manip encore cette page noire est venue impossible de lire ce qu'il y a dessus c'est trop furtif ! nat

bonjour voici le resultat MBAM Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Version de la base de données: v2013.08.30.07 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 nathalie :: NATHALIE-HP [administrateur] 30/08/2013 21:55:36 mbam-log-2013-08-30 (21-55-36).txt Type d'examen: Examen complet (C:\|D:\|E:\|Q:\|) Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM Options d'examen désactivées: P2P Elément(s) analysé(s): 416508 Temps écoulé: 1 heure(s), 54 minute(s), 50 seconde(s) Processus mémoire détecté(s): 0 (Aucun élément nuisible détecté) Module(s) mémoire détecté(s): 0 (Aucun élément nuisible détecté) Clé(s) du Registre détectée(s): 1 HKCR\AppID\{186E19A3-B909-4F48-B687-BB81EB8BC7CE} (Trojan.BHO) -> Mis en quarantaine et supprimé avec succès. Valeur(s) du Registre détectée(s): 0 (Aucun élément nuisible détecté) Elément(s) de données du Registre détecté(s): 0 (Aucun élément nuisible détecté) Dossier(s) détecté(s): 0 (Aucun élément nuisible détecté) Fichier(s) détecté(s): 7 C:\Program Files (x86)\Uninstall Information\Ib\97\3867\ib_uninstall.exe (Adware.InstallBrain) -> Mis en quarantaine et supprimé avec succès. C:\Program Files (x86)\Uninstall Information\ib_uninst_0\uninstall.exe (Adware.InstallBrain) -> Mis en quarantaine et supprimé avec succès. C:\Program Files (x86)\Uninstall Information\ib_uninst_275\uninstall.exe (Adware.InstallBrain) -> Mis en quarantaine et supprimé avec succès. C:\Users\nathalie\Downloads\77ZipSetup.exe (Adware.InstallBrain) -> Mis en quarantaine et supprimé avec succès. C:\Users\nathalie\Downloads\installer_7-zip_French.exe (PUP.Optional.Vittalia) -> Mis en quarantaine et supprimé avec succès. C:\Users\nathalie\Downloads\VLCMediaPlayerSetup-0BWsL12.exe (PUP.Optional.Somoto) -> Mis en quarantaine et supprimé avec succès. C:\Users\nathalie\Downloads\VLCMediaPlayerSetup-bHaSCvb.exe (PUP.Optional.Somoto) -> Mis en quarantaine et supprimé avec succès. (fin) merci

http://dl.free.fr/tpRLb8BCz mot de passe 2204 je vous envoie la suite plus tard ou demain ça fait + d' 1 heure que ça tourne merci

# AdwCleaner v3.001 - Rapport créé le 30/08/2013 à 20:59:33 # Mis à jour le 24/08/2013 par Xplode # Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits) # Nom d'utilisateur : nathalie - NATHALIE-HP # Exécuté depuis : C:\Users\nathalie\Desktop\adwcleaner.exe # Option : Nettoyer ***** [ Services ] ***** ***** [ Fichiers / Dossiers ] ***** Dossier Supprimé : C:\Program Files (x86)\MyScrapNook_12 Dossier Supprimé : C:\Program Files\Babylon Dossier Supprimé : C:\Users\nathalie\AppData\Local\Deal Boat Dossier Supprimé : C:\Users\nathalie\AppData\LocalLow\MyScrapNook_12 Dossier Supprimé : C:\Users\nathalie\AppData\Roaming\StatusWinks Dossier Supprimé : C:\Users\nathalie\AppData\Roaming\Mozilla\Firefox\Profiles\wr8jluxx.default\Extensions\cacaoweb@cacaoweb.org Dossier Supprimé : C:\Users\nathalie\AppData\Roaming\Mozilla\Firefox\Profiles\wr8jluxx.default\Extensions\SpecialSavings@SpecialSavings.com Fichier Supprimé : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Babylon.xml Fichier Supprimé : C:\Users\nathalie\AppData\Roaming\Mozilla\Firefox\Profiles\wr8jluxx.default\searchplugins\mngr.xml Fichier Supprimé : C:\Users\nathalie\AppData\Roaming\Mozilla\Firefox\Profiles\wr8jluxx.default\user.js Fichier Supprimé : C:\Program Files (x86)\Mozilla Firefox\user.js ***** [ Raccourcis ] ***** ***** [ Registre ] ***** Valeur Supprimée : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{336D0C35-8A85-403A-B9D2-65C292C39087}] Valeur Supprimée : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{336D0C35-8A85-403A-B9D2-65C292C39087}] Valeur Supprimée : HKCU\Software\Mozilla\Firefox\Extensions [statuswinks@StatusWinks] Valeur Supprimée : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [statuswinks@StatusWinks] Clé Supprimée : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd Clé Supprimée : HKCU\Software\5255dfdbe639ee40 Clé Supprimée : HKLM\SOFTWARE\5255dfdbe639ee40 Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{0214754E-4E7D-4589-829D-E2523E6A3085} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{65F159FB-5F5E-46F4-B45D-CCFA236D2073} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{FE6F06FB-0FC0-4499-828F-EE48088F504F} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{B00FE392-639D-4688-976E-A1BFF368CB96} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0214754E-4E7D-4589-829D-E2523E6A3085} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{65F159FB-5F5E-46F4-B45D-CCFA236D2073} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0214754E-4E7D-4589-829D-E2523E6A3085} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{65F159FB-5F5E-46F4-B45D-CCFA236D2073} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AF6B0594-6008-4327-93E5-608AD710A6FA} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FE6F06FB-0FC0-4499-828F-EE48088F504F} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0214754E-4E7D-4589-829D-E2523E6A3085} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{65F159FB-5F5E-46F4-B45D-CCFA236D2073} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FE6F06FB-0FC0-4499-828F-EE48088F504F} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3614D305-2DBB-4991-9297-750DD60FFC73} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{65BCD620-07DD-012F-819F-073CF1B8F7C6} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08} Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{FE6F06FB-0FC0-4499-828F-EE48088F504F}] Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{FE6F06FB-0FC0-4499-828F-EE48088F504F}] Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{B3B5C47E-61F7-4D81-AF06-461FC86686CE}] Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113} Valeur Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}] Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3} Clé Supprimée : HKCU\Software\cacaoweb Clé Supprimée : HKCU\Software\Tutorials Clé Supprimée : HKLM\Software\Boxore Clé Supprimée : HKLM\Software\SoftwareUpdater Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Updater Service Clé Supprimée : [x64] HKLM\SOFTWARE\Tarma Installer Clé Supprimée : [x64] HKLM\SOFTWARE\Web Assistant ***** [ Navigateurs ] ***** -\\ Internet Explorer v9.0.8112.16502 Paramètre Restauré : HKCU\Software\Microsoft\Internet Explorer\Main [start Page Restore] -\\ Mozilla Firefox v21.0 (fr) [ Fichier : C:\Users\nathalie\AppData\Roaming\Mozilla\Firefox\Profiles\wr8jluxx.default\prefs.js ] Ligne Supprimée : user_pref("browser.search.selectedEngine", "Delta Search"); Ligne Supprimée : user_pref("extensions.BabylonToolbar.admin", false); Ligne Supprimée : user_pref("extensions.BabylonToolbar.aflt", "babsst"); Ligne Supprimée : user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}"); Ligne Supprimée : user_pref("extensions.BabylonToolbar.dfltLng", "en"); Ligne Supprimée : user_pref("extensions.BabylonToolbar.excTlbr", false); Ligne Supprimée : user_pref("extensions.BabylonToolbar.id", "9c12b521000000000000e4d53d2b7d04"); Ligne Supprimée : user_pref("extensions.BabylonToolbar.instlDay", "15677"); Ligne Supprimée : user_pref("extensions.BabylonToolbar.instlRef", "sst"); Ligne Supprimée : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar"); Ligne Supprimée : user_pref("extensions.BabylonToolbar.prtnrId", "babylon"); Ligne Supprimée : user_pref("extensions.BabylonToolbar.tlbrId", "irhnew"); Ligne Supprimée : user_pref("extensions.BabylonToolbar.vrsn", "1.8.3.8"); Ligne Supprimée : user_pref("extensions.BabylonToolbar.vrsni", "1.8.3.8"); Ligne Supprimée : user_pref("extensions.BabylonToolbar_i.newTab", true); Ligne Supprimée : user_pref("extensions.BabylonToolbar_i.smplGrp", "none"); Ligne Supprimée : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.3.810:03:56"); Ligne Supprimée : user_pref("extensions.crossrider.bic", "13ce3913f2d0f6b315488ef61de701d7"); Ligne Supprimée : user_pref("extensions.helperbar.Country", "France"); Ligne Supprimée : user_pref("extensions.helperbar.DockingPositionDown", false); Ligne Supprimée : user_pref("extensions.helperbar.SmartbarDisabled", false); Ligne Supprimée : user_pref("extensions.helperbar.SmartbarStateMinimaized", false); Ligne Supprimée : user_pref("extensions.helperbar.UserID", "fa23385e-1407-4c00-a529-c2ab3be90db5"); Ligne Supprimée : user_pref("extensions.helperbar.Visibility", false); -\\ Google Chrome v29.0.1547.62 [ Fichier : C:\Users\nathalie\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [13070 octets] - [30/08/2013 20:57:11] AdwCleaner[s0].txt - [12468 octets] - [30/08/2013 20:59:33] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [12529 octets] ########## ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 5.5.5 (08.28.2013:1) OS: Windows 7 Home Premium x64 Ran by nathalie on 30/08/2013 at 20:39:35,30 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services Successfully stopped: [service] ibupdaterservice Successfully deleted: [service] ibupdaterservice ~~~ Registry Values Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\tutorials Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow\\*.crossrider.com Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\New Windows\Allow\\*.crossrider.com Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dealplylive.exe Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{98889811-442D-49dd-99D7-DC866BE87DBC} Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{ae07101b-46d4-4a98-af68-0333ea26e113} Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{6536801B-F50C-449B-9476-093DFD3789E3} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\babylonhelper.exe Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\secman.dll Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{13119113-0854-469D-807A-171568457991} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{33119133-0854-469D-807A-171568457991} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1} Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{23119123-0854-469D-807A-171568457991} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{03119103-0854-469D-807A-171568457991} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC} Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\bi Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\cr_installer Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\dealplylive Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\filescout Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\im Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\iminent Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\iminstaller Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\performersoft llc Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\smartbar Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\zugo Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\crossrider Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B} Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC} Successfully deleted: [Registry Key] "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3097202558-2277831165-3367419058-1000\Software\web assistant" Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\dealplylive Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\iminent Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\web assistant Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\babylon_rasapi32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\babylon_rasmancs Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\babylontc_rasapi32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\babylontc_rasmancs Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\babylontoolbarsrv_rasapi32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\babylontoolbarsrv_rasmancs Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\boxore_rasapi32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\boxore_rasmancs Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\i want this_rasapi32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\i want this_rasmancs Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iminent_nonsearch_rasapi32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iminent_nonsearch_rasmancs Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iminent_rasapi32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iminent_rasmancs Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\incredibartoolbar_rasapi32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\incredibartoolbar_rasmancs Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\mybabylontb_rasapi32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\mybabylontb_rasmancs Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\new_correct_incredibar_install_rasapi32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\new_correct_incredibar_install_rasmancs Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\quickshare_rasapi32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\quickshare_rasmancs Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\softwareupdater_rasapi32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\softwareupdater_rasmancs Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\webcakedesktop_rasapi32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\webcakedesktop_rasmancs Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110111271147} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\UpdateTask_RASAPI32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\UpdateTask_RASMANCS Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\Deal Boat-InternalInstaller_RASAPI32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\Deal Boat-InternalInstaller_RASMANCS Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\Deal Boat_RASAPI32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\Deal Boat_RASMANCS Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\DEALPL~1_RASAPI32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\DEALPL~1_RASMANCS Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_pour_media-player-classic_RASAPI32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_pour_media-player-classic_RASMANCS Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_pour_photo-booth-pour-windows-7_RASAPI32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_pour_photo-booth-pour-windows-7_RASMANCS Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011221158} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110111271147} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\UpdateTask_RASAPI32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\UpdateTask_RASMANCS Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\Deal Boat-InternalInstaller_RASAPI32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\Deal Boat-InternalInstaller_RASMANCS Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\Deal Boat_RASAPI32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\Deal Boat_RASMANCS Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\DEALPL~1_RASAPI32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\DEALPL~1_RASMANCS Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_pour_media-player-classic_RASAPI32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_pour_media-player-classic_RASMANCS Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_pour_photo-booth-pour-windows-7_RASAPI32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_pour_photo-booth-pour-windows-7_RASMANCS Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0388404D-6072-4CEB-B521-8F090FEAEE57} Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{35e9438f-19d4-4516-b2ac-59ba9241de4d} Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{3E4948A9-61B8-487C-B4EE-37DF606E81E4} Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A} Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{35e9438f-19d4-4516-b2ac-59ba9241de4d} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{3E4948A9-61B8-487C-B4EE-37DF606E81E4} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3} Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} ~~~ Files ~~~ Folders Successfully deleted: [Folder] "C:\ProgramData\babylon" Successfully deleted: [Folder] "C:\ProgramData\dealplylive" Successfully deleted: [Folder] "C:\ProgramData\ibupdaterservice" Successfully deleted: [Folder] "C:\ProgramData\software" Successfully deleted: [Folder] "C:\ProgramData\tarma installer" Successfully deleted: [Folder] "C:\Users\nathalie\AppData\Roaming\babylon" Successfully deleted: [Folder] "C:\Users\nathalie\AppData\Roaming\cacaoweb" Successfully deleted: [Folder] "C:\Users\nathalie\AppData\Roaming\dealply" Successfully deleted: [Folder] "C:\Users\nathalie\AppData\Roaming\file scout" Successfully deleted: [Folder] "C:\Users\nathalie\AppData\Roaming\specialsavings" Successfully deleted: [Folder] "C:\Users\nathalie\appdata\local\dealplylive" Successfully deleted: [Folder] "C:\Users\nathalie\appdata\local\software" Successfully deleted: [Folder] "C:\Program Files (x86)\dealply" Successfully deleted: [Folder] "C:\Program Files (x86)\dealplylive" Successfully deleted: [Folder] "C:\Program Files (x86)\file scout" Successfully deleted: [Folder] "C:\Program Files (x86)\oapps" Successfully deleted: [Folder] "C:\Program Files (x86)\software" ~~~ Chrome Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\kincjchfokkeneeofpeefomkikfkiedl Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\mphpbdjcljebbcnfopfngmfdackbbdgf ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 30/08/2013 at 20:50:57,03 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

bonsoir je me suis trompée j'ai tout mis en reponse à ma demande !!!! désolée

bonsoir merci ça je vais savoir faire apres ça risque d'etre plus dur !!! je n'y connais rien http://dl.free.fr/v1hnilm2H mot de passe 2204 et voici l'autre rapport RogueKiller V8.6.7 [Aug 28 2013] par Tigzy mail : tigzyRK<at>gmail<dot>com Remontees : http://www.adlice.com/forum/ Site Web : http://www.sur-la-toile.com/RogueKiller/ Blog : http://tigzyrk.blogspot.com/ Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Demarrage : Mode normal Utilisateur : nathalie [Droits d'admin] Mode : Recherche -- Date : 08/30/2013 18:18:23 | ARK || FAK || MBR | ¤¤¤ Processus malicieux : 2 ¤¤¤ [bLPATH] cacaoweb.exe -- C:\Users\nathalie\AppData\Roaming\cacaoweb\cacaoweb.exe [-] -> TUÉ [TermProc] [sERVICE] IBUpdaterService -- "C:\ProgramData\IBUpdaterService\ibsvc.exe" /SERVICE [x] -> STOPPÉ ¤¤¤ Entrees de registre : 7 ¤¤¤ [RUN][bLPATH] HKCU\[...]\Run : cacaoweb ("C:\Users\nathalie\AppData\Roaming\cacaoweb\cacaoweb.exe" -noplayer [-]) -> TROUVÉ [RUN][bLPATH] HKUS\S-1-5-21-3097202558-2277831165-3367419058-1000\[...]\Run : cacaoweb ("C:\Users\nathalie\AppData\Roaming\cacaoweb\cacaoweb.exe" -noplayer [-]) -> TROUVÉ [sERVICE][bLVALUE] HKLM\[...]\CCSet\[...]\Services : IBUpdaterService ("C:\ProgramData\IBUpdaterService\ibsvc.exe" /SERVICE [x]) -> TROUVÉ [sERVICE][bLVALUE] HKLM\[...]\CS001\[...]\Services : IBUpdaterService ("C:\ProgramData\IBUpdaterService\ibsvc.exe" /SERVICE [x]) -> TROUVÉ [sERVICE][bLVALUE] HKLM\[...]\CS002\[...]\Services : IBUpdaterService ("C:\ProgramData\IBUpdaterService\ibsvc.exe" /SERVICE [x]) -> TROUVÉ [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> TROUVÉ [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> TROUVÉ ¤¤¤ Tâches planifiées : 2 ¤¤¤ [V1][sUSP PATH] Dealply.job : C:\Users\nathalie\AppData\Roaming\Dealply\UPDATE~1\UPDATE~1.EXE - /Check [7] -> TROUVÉ [V2][sUSP PATH] Dealply : C:\Users\nathalie\AppData\Roaming\Dealply\UPDATE~1\UPDATE~1.EXE - /Check [7] -> TROUVÉ ¤¤¤ Entrées Startup : 0 ¤¤¤ ¤¤¤ Navigateurs web : 0 ¤¤¤ ¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤ ¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤ ¤¤¤ Ruches Externes: ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ Fichier HOSTS: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts 127.0.0.1 lmlicenses.wip4.adobe.com 127.0.0.1 lm.licenses.adobe.com 127.0.0.1 activate.adobe.com 127.0.0.1 lm.licenses.adobe.com 127.0.0.1 192.150.14.69 127.0.0.1 192.150.18.101 127.0.0.1 192.150.18.108 127.0.0.1 192.150.22.40 127.0.0.1 192.150.8.100 127.0.0.1 192.150.8.118 127.0.0.1 209-34-83-73.ood.opsource.net 127.0.0.1 3dns-1.adobe.com 127.0.0.1 3dns-2.adobe.com 127.0.0.1 3dns-2.adobe.com 127.0.0.1 3dns-3.adobe.com 127.0.0.1 3dns-3.adobe.com 127.0.0.1 3dns-4.adobe.com 127.0.0.1 3dns.adobe.com 127.0.0.1 activate-sea.adobe.com 127.0.0.1 activate-sea.adobe.com [...] ¤¤¤ MBR Verif: ¤¤¤ +++++ PhysicalDrive0: ST9500325AS +++++ --- User --- [MBR] 2efd5b971fab60860f6ba35835d06fc1 [bSP] f115584c234cb7cb4ce9a6f678dc9d57 : Windows 7/8 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 455955 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 934205440 | Size: 16721 Mo 3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 968450048 | Size: 4063 Mo User = LL1 ... OK! User = LL2 ... OK! Termine : << RKreport[0]_S_08302013_181823.txt >>

bonjour je suis nouvellement inscrite sur le forum j'ai depuis 3 semaines un probleme une fenetre noire "genre" dos apparait 2 seconde sur mon ecran et j'ai des probleme de connection internet , ce n'est peut etre pas lié mais ....... ? quelqu'un peut il m'aider ? j'ai telecharger ZHP diag et roggekiller j'ai fait les analyses avec rapports mais je ne sais quoi en faire ! lol merci nat-etc