Impossible de supprimer cherche.us

[nosukesama]

Bonjour à tous !

 

J'ai un problème avec la page d'accueil d'IE, je me retrouve avec "cherche.us" au lieu de "google.fr". J'ai essayé de le supprimer simplement en allant dans mes paramètres mais impossible. J'ai essayé un logiciel "Malwarebytes", là encore c'est un échec. J'ai consulté plusieurs sites et tutos, mais franchement sans grand succès réel . Je me tourne vers vous today afin d'avoir une réponse et surtout une solution.

Je viens de finir une analyste Hijackthis, voici le rapport et par avance merci ^_^

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 11:11:56, on 29/03/2010

Platform: Windows Vista (WinNT 6.00.1904)

MSIE: Internet Explorer v8.00 (8.00.6001.18882)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Light Sensor Utility\Sensor.exe

C:\Windows\RtHDVCpl.exe

C:\Program Files\Power Manager\PM.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\Hotkey Utility\tray.exe

C:\Program Files\Apoint2K\Apoint.exe

C:\Program Files\Transcode360\Transcode360Tray.exe

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\HomePlayer\HomePlayer.exe

C:\Program Files\Apoint2K\ApMsgFwd.exe

C:\Program Files\Apoint2K\Apntex.exe

C:\Windows\System32\rundll32.exe

C:\Users\Takeshi Nosuke\binternet.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Panicware\Pop-Up Stopper Free Edition\PSFree.exe

C:\Windows\ehome\ehtray.exe

C:\Windows\ehome\ehmsas.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Windows Live\Toolbar\wltuser.exe

C:\Windows\system32\sdclt.exe

C:\PROGRA~1\MICROS~2\Office12\OUTLOOK.EXE

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.cherche.us/keyword/%s

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cherche.us

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cherche.us

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll

O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll

O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [silent Mode] C:\Program Files\Light Sensor Utility\Sensor.exe

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [PowerManager] C:\Program Files\Power Manager\PM.exe

O4 - HKLM\..\Run: [osCheck] "c:\Program Files\Norton Internet Security\osCheck.exe"

O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [FIC HotKey] C:\Program Files\Hotkey Utility\tray.exe

O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe

O4 - HKLM\..\Run: [Transcode360] C:\Program Files\Transcode360\Transcode360Tray.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [HomePlayer] C:\Program Files\HomePlayer\HomePlayer.exe -autostart

O4 - HKLM\..\Run: [binternet] C:\Users\Takeshi Nosuke\binternet.exe

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\Program Files\Panicware\Pop-Up Stopper Free Edition\PSFree.exe"

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')

O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html

O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O13 - Gopher Prefix:

O15 - Trusted Zone: *.chat-land.org

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: ASKService - Unknown owner - C:\Program Files\AskBarDis\bar\bin\AskService.exe

O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe

O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe

O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Validation de mot de passe Symantec IS (ISPwdSvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\isPwdSvc.exe

O23 - Service: IviRegMgr - InterVideo - c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe

O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe (file missing)

O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe

O23 - Service: Fujitsu Siemens Computers Diagnostic Testhandler (TestHandler) - Fujitsu Siemens Computers - C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe

O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

 

--

End of file - 11137 bytes

[pear]

Bonjour,

Dans hijackthis cochez et fixez;

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cherche.us

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cherche.us

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.cherche.us/keyword/%s

 

 

Si vous êtes sous Vista:Désactiver L'UAC ,avant sont utilisation.

Menu Démarrer \ Panneau de Configuration \ Comptes d'utilisateurs et protection des utilisateurs \ Comptes d'utilisateurs \ Activer ou désactiver le contrôle des comptes d'utilisateurs \ décoche la case Utiliser le contrôle ... et valider par OK ,

il sera demandé de redémarrer

 

 

Téléchargez AD-Remover( de Cyrildu17 / C_XX ) sur le bureau

Déconnectez-vous et fermez toutes les applications en cours

Cliquer sur "Ad-R.exe" pour lancer l'installation et laisser les paramètres par défaut .

Une fenêtre s'affichera Vous prévenant des risques de l'utilisation de ce logiciel

Cliquez sur "OUI"

Double cliquer sur l'icône Ad-remover sur le bureau

Au menu principal choisir l'optionScanner et Validez

 

Patientez pendant le travail de l'outil.

Poster le rapport qui apparait à la fin .

Il est sauvegardé aussi sous C:\Ad-report.log

 

Ensuite

 

Relancer Ad- remover , choisir l'option Nettoyer

Modifié le 29 mars 2010 par pear

[nosukesama]

Voici le rapport Ad-Remover avant nettoyage, ceci étant, je n'arrive pas à nettoyer, à cuaque fois il me dit "Line-1 fichier corrompu"

 

.

======= RAPPORT D'AD-REMOVER 2.0.0.0,B | UNIQUEMENT XP/VISTA/7 =======

.

Mis à jour par C_XX le 28/03/10 à 21:30

Contact: AdRemover.contact@gmail.com

Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html

.

Lancé à: 20:00:39 le 29/03/2010 | Mode normal | Option: SCAN

Exécuté de: C:\Ad-Remover\ADR.exe

SE: Microsoft® Windows Vista™ HomePremium - X86

Nom du PC: NOSUKE-SAMA | Utilisateur actuel: Takeshi Nosuke (Administrateur)

.

============== ÉLÉMENT(S) TROUVÉ(S) ==============

.

Service: *ASKService*

Service: *ASKUpgrade*

.

C:\Program Files\AskBarDis

C:\Users\Takeshi Nosuke\AppData\Roaming\Mozilla\FireFox\Profiles\86bj0ftb.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}

C:\Users\Takeshi Nosuke\AppData\Roaming\Mozilla\FireFox\Profiles\86bj0ftb.default\searchplugins\cherche.xml

C:\Users\Takeshi Nosuke\binternet.exe

C:\Users\Takeshi Nosuke\scriptjava.html

.

HKCU\Software\AppDataLow\AskBarDis

HKCU\Software\AskBarDis

HKCU\Software\Grand Virtual

HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{201f27d4-3704-41d6-89c1-aa35e39143ed}

HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3041d03e-fd4b-44e0-b742-2d9b88305f98}

HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{201f27d4-3704-41d6-89c1-aa35e39143ed}

HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3041d03e-fd4b-44e0-b742-2d9b88305f98}

HKLM\Software\AppDataLow\AskBarDis

HKLM\Software\Classes\AskIBar.PopSwatterBarButton

HKLM\Software\Classes\AskIBar.PopSwatterBarButton.1

HKLM\Software\Classes\AskIBar.PopSwatterSettingsControl

HKLM\Software\Classes\AskIBar.PopSwatterSettingsControl.1

HKLM\Software\Classes\AskToolBar.SettingsPlugin

HKLM\Software\Classes\AskToolBar.SettingsPlugin.1

HKLM\Software\Classes\CLSID\{0702a2b6-13aa-4090-9e01-bcdc85dd933f}

HKLM\Software\Classes\CLSID\{08993A7C-E764-4172-9627-BFB5EA6897B2}

HKLM\Software\Classes\CLSID\{128A6C66-AC6A-4617-8268-AB7F47B7215E}

HKLM\Software\Classes\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed}

HKLM\Software\Classes\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}

HKLM\Software\Classes\CLSID\{571715D7-3395-4DF0-B43C-784836209E60}

HKLM\Software\Classes\CLSID\{622fd888-4e91-4d68-84d4-7262fd0811bf}

HKLM\Software\Classes\CLSID\{b0de3308-5d5a-470d-81b9-634fc078393b}

HKLM\Software\Classes\Interface\{4634804A-F0B0-4A74-A550-FC0EEF8A4362}

HKLM\Software\Classes\Interface\{4C07EA4F-5F52-4222-B170-4CD9ED33BAEA}

HKLM\Software\Classes\Interface\{C44FEFF4-EF0C-4CF7-83D0-92B4266A32B9}

HKLM\Software\Classes\Interface\{F131923C-381D-4E4C-A472-4A17118FD742}

HKLM\Software\Classes\TypeLib\{4B1C1E16-6B34-430E-B074-5928ECA4C150}

HKLM\Software\Classes\TypeLib\{D2E5FA06-DCC7-46F9-BEFF-BFD06F69B9B2}

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Ask Toolbar_is1

HKLM\Software\Microsoft\Internet Explorer\Toolbar|{3041D03E-FD4B-44E0-B742-2D9B88305F98}

.

.

============== SCAN ADDITIONNEL ==============

.

* Mozilla FireFox Version 3.6 (fr) *

.

C:\Users\Takeshi Nosuke\..\86bj0ftb.default\prefs.js - browser.download.dir: C:\\Users\\Takeshi Nosuke\\Downloads

C:\Users\Takeshi Nosuke\..\86bj0ftb.default\prefs.js - browser.download.lastDir: C:\\Users\\Takeshi Nosuke\\Pictures\\site noro

C:\Users\Takeshi Nosuke\..\86bj0ftb.default\prefs.js - browser.search.defaultenginename: Google

C:\Users\Takeshi Nosuke\..\86bj0ftb.default\prefs.js - browser.search.defaulturl: hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=

C:\Users\Takeshi Nosuke\..\86bj0ftb.default\prefs.js - browser.search.selectedEngine: Google

C:\Users\Takeshi Nosuke\..\86bj0ftb.default\prefs.js - browser.startup.homepage: hxxp://www.cherche.us/

C:\Users\Takeshi Nosuke\..\86bj0ftb.default\prefs.js - browser.startup.homepage_override.mstone: rv:1.9.2

C:\Users\Takeshi Nosuke\..\86bj0ftb.default\prefs.js - keyword.URL: hxxp://www.cherche.us/Result.php?cx=partner-pub-0420647136319153%3A5n6ugpjrdrh&cof=GIMP%3ACCCCCC%3BT%3A000000%3BALC%3A551a8b%3BGFNT%3AB7B7B7%3BLC%3A2200cc%3BBGC%3AFFFFFF%3BVLC%3A551a8b%3BGALT%3A008B45%3BFORID%3A10%3BDIV%3A%23FFFFF0%3B&q=

.

TROUVÉ: C:\Users\Takeshi Nosuke\..\86bj0ftb.default\prefs.js - user_pref("browser.startup.homepage", "hxxp://www.cherche.us/");

TROUVÉ: C:\Users\Takeshi Nosuke\..\86bj0ftb.default\prefs.js - user_pref("keyword.URL", "hxxp://www.cherche.us/Result.php?cx=partner-pub-0420647136319153%3A5n6ugpjrdrh&cof=GIMP%3ACCCCCC%3BT%3A000000%3BALC%3A551a8b%3BGFNT%3AB7B7B7%3BLC%3A2200cc%3BBGC%3AFFFFFF%3BVLC%3A551a8b%3BGALT%3A008B45%3BFORID%3A10%3BDIV%3A%23FFFFF0%3B&q=");

.

* Internet Explorer Version 8.0.6001.18882 *

.

[HKCU\Software\Microsoft\Internet Explorer\Main]

.

AutoHide: yes

Default_Page_URL: hxxp://www.google.com

Default_Search_URL: hxxp://www.google.com

Do404Search: 0x01000000

Enable Browser Extensions: yes

Local Page: C:\Windows\system32\blank.htm

Search bar: hxxp://www.google.com

Search Page: hxxp://www.google.com

Show_ToolBar: yes

Start Page: hxxp://www.cherche.us

.

[HKLM\Software\Microsoft\Internet Explorer\Main]

.

AutoHide: yes

Default_Page_URL: hxxp://www.google.com

Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896

Delete_Temp_Files_On_Exit: yes

Local Page: C:\Windows\System32\blank.htm

Search Page: hxxp://www.google.com

Start Page: hxxp://www.cherche.us

.

[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]

.

Tabs: res://ieframe.dll/tabswelcome.htm

Blank: res://mshtml.dll/blank.htm

.

============== SUSPECT(S) ==============

.

C:\Users\Takeshi Nosuke\Desktop\Police de cara Soul eater\Stein\patchwork_letter.zip

C:\Users\Takeshi Nosuke\Favorites\Jeux Vidéos\Téléchargements - Patchs sur Team FR.url

.

========================================

.

C:\Users\TAKESH~1\AppData\Local\Temp: 35 Fichier(s), 18 Dossier(s)

C:\Windows\temp: 0 Fichier(s), 4 Dossier(s)

C:\Users\Takeshi Nosuke\AppData\Roaming\Microsoft\Windows\Cookies: 33 Fichier(s), 2 Dossier(s)

Temporary Internet Files: 519 Fichier(s), 14 Dossier(s)

.

C:\Ad-Remover\Quarantine: 0 Fichier(s)

C:\Ad-Remover\Backup: 1 Fichier(s)

.

C:\Ad-Report-SCAN[1].txt - 6164 Octet(s)

.

Fin à: 20:11:50, 29/03/2010

.

============== E.O.F - SCAN[1] ==============

[nosukesama]

Bonjour,

 

en fait désolée, je me suis trompée dans le post précédent :Ce n'est pas fichier corrompu mais "Error: Error in expression". Et j'ai ce message d'erreur à chaque fois que j'atteins les 80/90 % du nettoyage. De ce fait, j'ai toujours "cherche.us" en page d'accueil de IE.

Merci pour votre aide, bonne journée.

[pear]

Bonjour,

On va s'y prendre autrement:

 

Télécharger sur le bureauOTM by OldTimer .

Double-clic sur OTM.exe pour le lancer.

Sous Vista,Clic droit sur le fichier ->Choisir Exécuter en tant qu' Administrateur

* Copiez /Collez les lignes ci dessous) en vert:

:Processes

ASKService

ASKUpgrage

:Files

C:\Program Files\AskBarDis

C:\Program Files\AskBarDis\bar\bin\askBar.dll

C:\Users\Takeshi Nosuke\AppData\Roaming\Mozilla\FireFox\Profiles\86bj0ftb.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}

C:\Users\Takeshi Nosuke\AppData\Roaming\Mozilla\FireFox\Profiles\86bj0ftb.default\searchplugins\cherche.xml

C:\Users\Takeshi Nosuke\binternet.exe

C:\Users\Takeshi Nosuke\scriptjava.html

:Services

ASKService

ASKUpgrage

:Reg

[HKCU\Software\Microsoft\Internet Explorer\Main]

"Start Page" =-

[HKLM\Software\Microsoft\Internet Explorer\Main]

"Start Page" =-

[HKCU\Software\Microsoft\Internet Explorer]

"SearchURL" =-

[-HKCU\Software\AppDataLow\AskBarDis]

[-HKCU\Software\AskBarDis]

[-HKCU\Software\Grand Virtual]

[-HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{201f27d4-3704-41d6-89c1-aa35e39143ed}]

[-HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]

[-HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{201f27d4-3704-41d6-89c1-aa35e39143ed}]

[-HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]

[-HKLM\Software\AppDataLow\AskBarDis]

[-HKLM\Software\Classes\AskIBar.PopSwatterBarButton]

[-HKLM\Software\Classes\AskIBar.PopSwatterBarButton.1]

[-HKLM\Software\Classes\AskIBar.PopSwatterSettingsControl]

[-HKLM\Software\Classes\AskIBar.PopSwatterSettingsControl.1]

[-HKLM\Software\Classes\AskToolBar.SettingsPlugin]

[-HKLM\Software\Classes\AskToolBar.SettingsPlugin.1]

[-HKLM\Software\Classes\CLSID\{0702a2b6-13aa-4090-9e01-bcdc85dd933f}]

[-HKLM\Software\Classes\CLSID\{08993A7C-E764-4172-9627-BFB5EA6897B2}]

[-HKLM\Software\Classes\CLSID\{128A6C66-AC6A-4617-8268-AB7F47B7215E}]

[-HKLM\Software\Classes\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed}]

[-HKLM\Software\Classes\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]

[-HKLM\Software\Classes\CLSID\{571715D7-3395-4DF0-B43C-784836209E60}]

[-HKLM\Software\Classes\CLSID\{622fd888-4e91-4d68-84d4-7262fd0811bf}]

[-HKLM\Software\Classes\CLSID\{b0de3308-5d5a-470d-81b9-634fc078393b}]

[-HKLM\Software\Classes\Interface\{4634804A-F0B0-4A74-A550-FC0EEF8A4362}]

[-HKLM\Software\Classes\Interface\{4C07EA4F-5F52-4222-B170-4CD9ED33BAEA}]

[-HKLM\Software\Classes\Interface\{C44FEFF4-EF0C-4CF7-83D0-92B4266A32B9}]

[-HKLM\Software\Classes\Interface\{F131923C-381D-4E4C-A472-4A17118FD742}]

[-HKLM\Software\Classes\TypeLib\{4B1C1E16-6B34-430E-B074-5928ECA4C150}]

[-HKLM\Software\Classes\TypeLib\{D2E5FA06-DCC7-46F9-BEFF-BFD06F69B9B2}]

[-HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]

[-HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Ask Toolbar_is1]

 

[HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157]

[HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896]

[HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157]

:Commands

[purity]

[emptytemp]

[Reboot]

Revenez dans OTM,

Clic droit sur la fenêtre "Paste Instructions for Items to be Moved" sous la barre jaune et choisir Coller(Paste).

* Click le bouton rouge Moveit!

* Fermez OTM

Votre Pc va redémarrer.

Rendez vous dans le dossier C:\_OTM\MovedFiles ,

ouvrez le dernier fichier .log

Copiez/collez en le contenu dans votre prochaine réponse

Modifié le 30 mars 2010 par pear

[nosukesama]

Bonjour,

 

J'ai suivi à la lettre vos conseils, voici le .log :

 

All processes killed

========== PROCESSES ==========

No active process named ASKService was found!

No active process named ASKUpgrage was found!

========== FILES ==========

File/Folder C:\Program Files\AskBarDis not found.

File/Folder C:\Program Files\AskBarDis\bar\bin\askBar.dll not found.

File/Folder C:\Users\Takeshi Nosuke\AppData\Roaming\Mozilla\FireFox\Profiles\86bj0ftb.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D} not found.

File/Folder C:\Users\Takeshi Nosuke\AppData\Roaming\Mozilla\FireFox\Profiles\86bj0ftb.default\searchplugins\cherche.xml not found.

File/Folder C:\Users\Takeshi Nosuke\binternet.exe not found.

File/Folder C:\Users\Takeshi Nosuke\scriptjava.html not found.

========== SERVICES/DRIVERS ==========

Error: No service named ASKService was found to stop!

Service\Driver key ASKService not found.

Error: No service named ASKUpgrage was found to stop!

Service\Driver key ASKUpgrage not found.

========== REGISTRY ==========

Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page" not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page" not found.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\\SearchURL" not found.

Registry key HKEY_CURRENT_USER\Software\AppDataLow\AskBarDis\ not found.

Registry key HKEY_CURRENT_USER\Software\AskBarDis\ not found.

Registry key HKEY_CURRENT_USER\Software\Grand Virtual\ not found.

Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{201f27d4-3704-41d6-89c1-aa35e39143ed}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed}\ not found.

Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3041d03e-fd4b-44e0-b742-2d9b88305f98}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}\ not found.

Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{201f27d4-3704-41d6-89c1-aa35e39143ed}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed}\ not found.

Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3041d03e-fd4b-44e0-b742-2d9b88305f98}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}\ not found.

Registry key HKEY_LOCAL_MACHINE\Software\AppDataLow\AskBarDis\ not found.

Registry key HKEY_LOCAL_MACHINE\Software\Classes\AskIBar.PopSwatterBarButton\ not found.

Registry key HKEY_LOCAL_MACHINE\Software\Classes\AskIBar.PopSwatterBarButton.1\ not found.

Registry key HKEY_LOCAL_MACHINE\Software\Classes\AskIBar.PopSwatterSettingsControl\ not found.

Registry key HKEY_LOCAL_MACHINE\Software\Classes\AskIBar.PopSwatterSettingsControl.1\ not found.

Registry key HKEY_LOCAL_MACHINE\Software\Classes\AskToolBar.SettingsPlugin\ not found.

Registry key HKEY_LOCAL_MACHINE\Software\Classes\AskToolBar.SettingsPlugin.1\ not found.

Registry key HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{0702a2b6-13aa-4090-9e01-bcdc85dd933f}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0702a2b6-13aa-4090-9e01-bcdc85dd933f}\ not found.

Registry key HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{08993A7C-E764-4172-9627-BFB5EA6897B2}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{08993A7C-E764-4172-9627-BFB5EA6897B2}\ not found.

Registry key HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{128A6C66-AC6A-4617-8268-AB7F47B7215E}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{128A6C66-AC6A-4617-8268-AB7F47B7215E}\ not found.

Registry key HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed}\ not found.

Registry key HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}\ not found.

Registry key HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{571715D7-3395-4DF0-B43C-784836209E60}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{571715D7-3395-4DF0-B43C-784836209E60}\ not found.

Registry key HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{622fd888-4e91-4d68-84d4-7262fd0811bf}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{622fd888-4e91-4d68-84d4-7262fd0811bf}\ not found.

Registry key HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{b0de3308-5d5a-470d-81b9-634fc078393b}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b0de3308-5d5a-470d-81b9-634fc078393b}\ not found.

Registry key HKEY_LOCAL_MACHINE\Software\Classes\Interface\{4634804A-F0B0-4A74-A550-FC0EEF8A4362}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4634804A-F0B0-4A74-A550-FC0EEF8A4362}\ not found.

Registry key HKEY_LOCAL_MACHINE\Software\Classes\Interface\{4C07EA4F-5F52-4222-B170-4CD9ED33BAEA}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4C07EA4F-5F52-4222-B170-4CD9ED33BAEA}\ not found.

Registry key HKEY_LOCAL_MACHINE\Software\Classes\Interface\{C44FEFF4-EF0C-4CF7-83D0-92B4266A32B9}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C44FEFF4-EF0C-4CF7-83D0-92B4266A32B9}\ not found.

Registry key HKEY_LOCAL_MACHINE\Software\Classes\Interface\{F131923C-381D-4E4C-A472-4A17118FD742}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F131923C-381D-4E4C-A472-4A17118FD742}\ not found.

Registry key HKEY_LOCAL_MACHINE\Software\Classes\TypeLib\{4B1C1E16-6B34-430E-B074-5928ECA4C150}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4B1C1E16-6B34-430E-B074-5928ECA4C150}\ not found.

Registry key HKEY_LOCAL_MACHINE\Software\Classes\TypeLib\{D2E5FA06-DCC7-46F9-BEFF-BFD06F69B9B2}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D2E5FA06-DCC7-46F9-BEFF-BFD06F69B9B2}\ not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Ask Toolbar_is1\ not found.

========== COMMANDS ==========

 

[EMPTYTEMP]

 

User: All Users

 

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

 

User: Mcx1

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 760070 bytes

 

User: Public

 

User: Takeshi Nosuke

->Temp folder emptied: 394478 bytes

->Temporary Internet Files folder emptied: 21620748 bytes

->Java cache emptied: 115589626 bytes

->FireFox cache emptied: 39721641 bytes

->Flash cache emptied: 5015 bytes

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 40226 bytes

%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 27755444 bytes

%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 19688896 bytes

RecycleBin emptied: 29339089140 bytes

 

Total Files Cleaned = 28 195,00 mb

 

 

OTM by OldTimer - Version 3.1.10.1 log created on 03302010_190402

 

Files moved on Reboot...

C:\Users\Takeshi Nosuke\AppData\Local\Temp\Google Toolbar\GoogleToolbarWelcome.log moved successfully.

C:\Users\Takeshi Nosuke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YQNTIBIJ\v=4;m=3;l=6701;c=73093;b=762157;ts=20100330180042;p=ui=AVo2hKSyU3pzbD;tr=Uu

XsdP4HcgA;tm=0-0[1].htm moved successfully.

C:\Users\Takeshi Nosuke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VRYXEZFU\ads[3].htm moved successfully.

C:\Users\Takeshi Nosuke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VRYXEZFU\ban_728x90[1].htm moved successfully.

C:\Users\Takeshi Nosuke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VRYXEZFU\img[3].htm moved successfully.

C:\Users\Takeshi Nosuke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VRYXEZFU\povh[1].htm moved successfully.

C:\Users\Takeshi Nosuke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CJPJIYWC\img[7].htm moved successfully.

C:\Users\Takeshi Nosuke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CJPJIYWC\impossible-de-supprimer-chercheus-t175298[1].htm moved successfully.

C:\Users\Takeshi Nosuke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CJPJIYWC\rectangle_300x250[1].htm moved successfully.

C:\Users\Takeshi Nosuke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6EVILD1J\hp[1].htm moved successfully.

C:\Users\Takeshi Nosuke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6EVILD1J\iframe[1].htm moved successfully.

C:\Users\Takeshi Nosuke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6EVILD1J\v=4;m=3;l=6699;c=73093;b=762156;ts=20100330180041;p=ui=AVo2hKSyU3pzbD;tr=4X

F2TBdsB1G;tm=0-0[1].htm moved successfully.

 

Registry entries deleted on Reboot...

[pear]

décidémment!!!

 

 

Télécharger Toolbar-S&D (Team IDN).ou Toolbar-S&D sur le Bureau

 

[*]Lancer l'installation du programme en exécutant le fichier téléchargé.

 

[*]Double-cliquer sur le raccourci de Toolbar-S&D.

[*]Sélectionner la langue en tapant la lettre de votre choix puis en validant par Entrée.

[*]Choisir maintenant l'option 1 (Recherche).

Patienter jusqu'à la fin de la recherche.

[*]Poster le rapport généré. (C:\TB.txt)

 

Relancer Toolbar-S&D en double-cliquant sur le raccourci.

Taper sur "2" puis valider par"Entrée".

! Ne fermez pas la fenêtre lors de la suppression !

Un rapport sera généré, postez son contenu ici.

 

NOTE :Si le Bureau ne réapparait pas, appuyer simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches .

Sur l'onglet "Processus". Cliquer en haut à gauche sur Fichier et choisir "Exécuter..."

Taper explorer puis valider.

[nosukesama]

Bonjour,

Je comprends bien, c'est infernal vraiment ! A croire que c'est impossible de s'en débarrasser si ce n'est le formatage

 

Voici le rapport et comme convenu, je relance le fichier :

 

 

-----------\\ ToolBar S&D 1.2.9 XP/Vista

 

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6000 )

X86-based PC ( Multiprocessor Free : AMD Athlon 64 X2 Dual-Core Processor TK-53 )

BIOS : Version 1.0

USER : Takeshi Nosuke ( Administrator )

BOOT : Normal boot

Antivirus : Norton Internet Security 2007 (Not Activated)

Firewall : Norton Internet Security 2007 (Not Activated)

C:\ (Local Disk) - NTFS - Total:92 Go (Free:20 Go)

D:\ (Local Disk) - NTFS - Total:45 Go (Free:37 Go)

E:\ (CD or DVD)

G:\ (CD or DVD)

 

"C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )

Option : [1] ( 31/03/2010|13:50 )

 

[ UAC => 0 ]

 

-----------\\ Recherche de Fichiers / Dossiers ...

 

C:\Program Files\P2P_Energy

 

-----------\\ [..\Internet Explorer\Main]

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Local Page"="C:\\Windows\\system32\\blank.htm"

"Start Page Redirect Cache"="http://fr.msn.com/?ocid=iehp"

"Default_Secondary_Page_URL"="http://www.cherche.us"'>http://www.cherche.us"'>http://www.cherche.us"

"SearchMigratedDefaultURL"="http://www.cherche.us/Result.php?cx=partner-pub-0420647136319153%3A5n6ugpjrdrh&cof=GIMP%3ACCCCCC%3BT%3A000000%3BALC%3A551a8b%3BGFNT%3AB7B7B7%3BLC%3A2200cc%3BBGC%3AFFFFFF%3BVLC%3A551a8b%3BGALT%3A008B45%3BFORID%3A10%3BDIV%3A%23FFFFF0%3B&q={searchTerms}"

"Default_Page_URL"="http://www.google.com"'>http://www.google.com"'>http://www.google.com"'>http://www.google.com"'>http://www.google.com"'>http://www.google.com"'>http://www.google.com"

"Start Page_bak"="http://www.google.com"

"Default_Search_URL"="http://www.google.com"

"Search Bar"="http://www.google.com"

"Search Page"="http://www.google.com"

"Start Page"="http://www.cherche.us"

"Url"="http://go.microsoft.com/fwlink/?LinkId=75720"

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Local Page"="C:\\Windows\\System32\\blank.htm"

"Default_Page_URL"="http://www.google.com"

"Search Page"="http://www.google.com"

"Start Page"="http://www.cherche.us"

 

 

--------------------\\ Recherche d'autres infections

 

--------------------\\ Cracks & Keygens ..

 

C:\Users\TAKESH~1\Documents\Mes fichiers re‡us\Jouer … Call of Duty 4 en ligne\Liste Serveurs Crack‚ CoD4.txt

 

 

[ UAC => 1 ]

 

 

1 - "C:\ToolBar SD\TB_1.txt" - 31/03/2010|13:51 - Option : [1]

 

-----------\\ Fin du rapport a 13:51:33,82

[nosukesama]

Voici le rapport après suppression. (Malheureusement j'ai lancé IE et ma page d'accueil était encore ce fichu cherche.us grrr)

 

 

-----------\\ ToolBar S&D 1.2.9 XP/Vista

 

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6000 )

X86-based PC ( Multiprocessor Free : AMD Athlon 64 X2 Dual-Core Processor TK-53 )

BIOS : Version 1.0

USER : Takeshi Nosuke ( Administrator )

BOOT : Normal boot

Antivirus : Norton Internet Security 2007 (Not Activated)

Firewall : Norton Internet Security 2007 (Not Activated)

C:\ (Local Disk) - NTFS - Total:92 Go (Free:20 Go)

D:\ (Local Disk) - NTFS - Total:45 Go (Free:37 Go)

E:\ (CD or DVD)

G:\ (CD or DVD)

 

"C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )

Option : [2] ( 31/03/2010|13:56 )

 

[ UAC => 1 ]

 

-----------\\ SUPPRESSION

 

Supprime! - C:\Program Files\P2P_Energy

 

-----------\\ Recherche de Fichiers / Dossiers ...

 

 

-----------\\ [..\Internet Explorer\Main]

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Local Page"="C:\\Windows\\system32\\blank.htm"

"Start Page Redirect Cache"="http://fr.msn.com/?ocid=iehp"

"Default_Secondary_Page_URL"="http://www.cherche.us"'>http://www.cherche.us"

"SearchMigratedDefaultURL"="http://www.cherche.us/Result.php?cx=partner-pub-0420647136319153%3A5n6ugpjrdrh&cof=GIMP%3ACCCCCC%3BT%3A000000%3BALC%3A551a8b%3BGFNT%3AB7B7B7%3BLC%3A2200cc%3BBGC%3AFFFFFF%3BVLC%3A551a8b%3BGALT%3A008B45%3BFORID%3A10%3BDIV%3A%23FFFFF0%3B&q={searchTerms}"

"Default_Page_URL"="http://www.google.com"'>http://www.google.com"'>http://www.google.com"'>http://www.google.com"'>http://www.google.com"'>http://www.google.com"'>http://www.google.com"

"Start Page_bak"="http://www.google.com"

"Default_Search_URL"="http://www.google.com"

"Search Bar"="http://www.google.com"

"Search Page"="http://www.google.com"

"Start Page"="http://www.cherche.us"

"Url"="http://go.microsoft.com/fwlink/?LinkId=75720"

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Local Page"="C:\\Windows\\System32\\blank.htm"

"Default_Page_URL"="http://www.google.com"

"Search Page"="http://www.google.com"

"Start Page"="http://www.msn.com/"

 

 

--------------------\\ Recherche d'autres infections

 

--------------------\\ Cracks & Keygens ..

 

C:\Users\TAKESH~1\Documents\Mes fichiers re‡us\Jouer … Call of Duty 4 en ligne\Liste Serveurs Crack‚ CoD4.txt

 

 

[ UAC => 1 ]

 

 

1 - "C:\ToolBar SD\TB_1.txt" - 31/03/2010|13:51 - Option : [1]

2 - "C:\ToolBar SD\TB_2.txt" - 31/03/2010|13:58 - Option : [2]

 

-----------\\ Fin du rapport a 13:58:06,23

[nosukesama]

Je viens de réinstaller la barre d'outils google sur IE (car je ne l'avais plus après nettoyage), et apparemment ce fichu cherche.us a disparu.. J''espère m'en être débarrassée pour de bon. Merci pour votre aide précieuse. Bonne journée ^^