[Résolu] Multiple Adware

[Lannah13]

Re,

 

voici le nouveau rapport OTL :

 

"All processes killed

========== OTL ==========

HKU\S-1-5-21-304647949-217948545-1107224765-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\SearchDefaultBranded| /E : value set successfully!

Prefs.js: "Search The Web" removed from browser.search.selectedEngine

Prefs.js: {40a1f5d7-afc2-498f-b264-02668d616ff6}:1.1 removed from extensions.enabledItems

File HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\BitDefender\BitDefender 2010\bdaphffext not found.

Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.

Registry value HKEY_USERS\S-1-5-21-304647949-217948545-1107224765-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3}\ not found.

Registry value HKEY_USERS\S-1-5-21-304647949-217948545-1107224765-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}\ deleted successfully.

Registry value HKEY_USERS\S-1-5-21-304647949-217948545-1107224765-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{977AE9CC-AF83-45E8-9E03-E2798216E2D5} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c816073a-97f6-11df-8763-002170734424}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c816073a-97f6-11df-8763-002170734424}\ not found.

C:\ProgramData\.zreglib moved successfully.

C:\found.000\dir0001.chk folder moved successfully.

C:\found.000\dir0000.chk\scanlogs folder moved successfully.

C:\found.000\dir0000.chk folder moved successfully.

C:\found.000 folder moved successfully.

C:\Windows\System32\rezumatenoi.dat moved successfully.

C:\Users\Gaul\Desktop\avg_remover_stf_x86_2012_1796.exe moved successfully.

File/Folder C:\WINDOWS\System32\*.tmp not found.

File/Folder C:\WINDOWS\*.tmp not found.

File C:\Documents and Settings\Propriétaire not found.

========== FILES ==========

< ipconfig /flushdns /c >

Configuration IP de Windows

Cache de r‚solution DNS vid‚.

C:\Users\Gaul\Desktop\cmd.bat deleted successfully.

C:\Users\Gaul\Desktop\cmd.txt deleted successfully.

File\Folder C:\WINDOWS\tasks\*.job not found.

File\Folder C:\*.sqm not found.

File\Folder C:\WINDOWS\System32\*.tmp not found.

File\Folder C:\WINDOWS\*.tmp not found.

ADS C:\Windows:E603B654CCD7F9E1 deleted successfully.

ADS C:\ProgramData\TEMP:13019F4B deleted successfully.

ADS C:\ProgramData\TEMP:C78DADEA deleted successfully.

ADS C:\ProgramData\TEMP:99B20AD0 deleted successfully.

ADS C:\ProgramData\TEMP:4EC7F009 deleted successfully.

ADS C:\ProgramData\TEMP:D999FFD5 deleted successfully.

ADS C:\ProgramData\TEMP:021496FB deleted successfully.

ADS C:\ProgramData\TEMP:F5B51004 deleted successfully.

ADS C:\ProgramData\TEMP:A4E7D25F deleted successfully.

ADS C:\ProgramData\TEMP:ECF3C50F deleted successfully.

ADS C:\ProgramData\TEMP:CAE3AE67 deleted successfully.

ADS C:\ProgramData\TEMP:852F2262 deleted successfully.

ADS C:\ProgramData\TEMP:E2CFA9CD deleted successfully.

ADS C:\ProgramData\TEMP:C2F24DB5 deleted successfully.

ADS C:\ProgramData\TEMP:8E5EA40F deleted successfully.

ADS C:\ProgramData\TEMP:EE198B1F deleted successfully.

ADS C:\ProgramData\TEMP:4A8EB1C4 deleted successfully.

ADS C:\ProgramData\TEMP:87A3A233 deleted successfully.

ADS C:\ProgramData\TEMP:58E38390 deleted successfully.

ADS C:\ProgramData\TEMP:B6D84F71 deleted successfully.

ADS C:\ProgramData\TEMP:26499772 deleted successfully.

ADS C:\ProgramData\TEMP:0FE0A03C deleted successfully.

ADS C:\ProgramData\TEMP:9D06FB9C deleted successfully.

ADS C:\ProgramData\TEMP:2C86E2AD deleted successfully.

ADS C:\ProgramData\TEMP:02F30776 deleted successfully.

ADS C:\ProgramData\TEMP:961B84C5 deleted successfully.

ADS C:\ProgramData\TEMP:59465B40 deleted successfully.

ADS C:\ProgramData\TEMP:52C24010 deleted successfully.

ADS C:\ProgramData\TEMP:33E12B7A deleted successfully.

ADS C:\ProgramData\TEMP:3B75B877 deleted successfully.

ADS C:\ProgramData\TEMP:E21433CE deleted successfully.

ADS C:\ProgramData\TEMP:67CF910D deleted successfully.

ADS C:\ProgramData\TEMP:D9F34335 deleted successfully.

ADS C:\ProgramData\TEMP:8855A119 deleted successfully.

ADS C:\ProgramData\TEMP:4FA837B4 deleted successfully.

ADS C:\ProgramData\TEMP:397D67BA deleted successfully.

ADS C:\ProgramData\TEMP:3969ACF7 deleted successfully.

ADS C:\ProgramData\TEMP:2652902F deleted successfully.

ADS C:\ProgramData\TEMP:E5B07840 deleted successfully.

ADS C:\ProgramData\TEMP:8029E75F deleted successfully.

ADS C:\ProgramData\TEMP:5E8C18F1 deleted successfully.

ADS C:\ProgramData\TEMP:2AE74FF9 deleted successfully.

ADS C:\ProgramData\TEMP:BEACE4C8 deleted successfully.

ADS C:\ProgramData\TEMP:A6D89509 deleted successfully.

ADS C:\ProgramData\TEMP:8B4C1181 deleted successfully.

ADS C:\ProgramData\TEMP:2F8138B7 deleted successfully.

ADS C:\ProgramData\TEMP:0785072C deleted successfully.

ADS C:\ProgramData\TEMP:E0888117 deleted successfully.

ADS C:\ProgramData\TEMP:689AB7E9 deleted successfully.

ADS C:\ProgramData\TEMP:587F3582 deleted successfully.

ADS C:\ProgramData\TEMP:D53344E0 deleted successfully.

ADS C:\ProgramData\TEMP:B38BEEEE deleted successfully.

ADS C:\ProgramData\TEMP:A76A1B1B deleted successfully.

ADS C:\ProgramData\TEMP:697DDE2B deleted successfully.

ADS C:\ProgramData\TEMP:140AD176 deleted successfully.

ADS C:\ProgramData\TEMP:23834E1E deleted successfully.

ADS C:\ProgramData\TEMP:F6A0889A deleted successfully.

ADS C:\ProgramData\TEMP:B0A727D1 deleted successfully.

ADS C:\ProgramData\TEMP:A819A132 deleted successfully.

ADS C:\ProgramData\TEMP:9C3AAD57 deleted successfully.

ADS C:\ProgramData\TEMP:DB2748F7 deleted successfully.

ADS C:\ProgramData\TEMP:3DB6F365 deleted successfully.

ADS C:\ProgramData\TEMP:D4558A0B deleted successfully.

ADS C:\ProgramData\TEMP:BD34FFC5 deleted successfully.

ADS C:\ProgramData\TEMP:B0456F0C deleted successfully.

ADS C:\ProgramData\TEMP:65137F0D deleted successfully.

ADS C:\ProgramData\TEMP:3D922890 deleted successfully.

ADS C:\ProgramData\TEMP:AE8FDB48 deleted successfully.

ADS C:\ProgramData\TEMP:6E2D80C8 deleted successfully.

ADS C:\ProgramData\TEMP:943971F5 deleted successfully.

ADS C:\ProgramData\TEMP:63210866 deleted successfully.

ADS C:\ProgramData\TEMP:164561C8 deleted successfully.

ADS C:\ProgramData\TEMP:18A6D2CC deleted successfully.

ADS C:\ProgramData\TEMP:94B46CA2 deleted successfully.

ADS C:\ProgramData\TEMP:BE6B5FC3 deleted successfully.

ADS C:\ProgramData\TEMP:6A0A47E7 deleted successfully.

ADS C:\ProgramData\TEMP:E6708F08 deleted successfully.

ADS C:\ProgramData\TEMP:8924043A deleted successfully.

ADS C:\ProgramData\TEMP:7A3AAF2E deleted successfully.

ADS C:\ProgramData\TEMP:1B389835 deleted successfully.

ADS C:\ProgramData\TEMP:E5496666 deleted successfully.

ADS C:\ProgramData\TEMP:2AF322BF deleted successfully.

ADS C:\ProgramData\TEMP:609CAC7C deleted successfully.

ADS C:\ProgramData\TEMP:ED2D63E4 deleted successfully.

ADS C:\ProgramData\TEMP:ED0B32CA deleted successfully.

ADS C:\ProgramData\TEMP:33B04540 deleted successfully.

ADS C:\ProgramData\TEMP:A5241382 deleted successfully.

ADS C:\ProgramData\TEMP:9603033A deleted successfully.

ADS C:\ProgramData\TEMP:54380FEC deleted successfully.

ADS C:\ProgramData\TEMP:2E3F04BC deleted successfully.

ADS C:\ProgramData\TEMP:E40D7F76 deleted successfully.

ADS C:\ProgramData\TEMP:B1381B34 deleted successfully.

ADS C:\ProgramData\TEMP:8075370B deleted successfully.

ADS C:\ProgramData\TEMP:68A41423 deleted successfully.

ADS C:\ProgramData\TEMP:28BEC2EC deleted successfully.

ADS C:\ProgramData\TEMP:E8C44CB4 deleted successfully.

ADS C:\ProgramData\TEMP:D9656460 deleted successfully.

ADS C:\ProgramData\TEMP:A774141A deleted successfully.

ADS C:\ProgramData\TEMP:7C8AA9A6 deleted successfully.

ADS C:\ProgramData\TEMP:4DDE401B deleted successfully.

ADS C:\ProgramData\TEMP:C48905F4 deleted successfully.

ADS C:\ProgramData\TEMP:774A0E14 deleted successfully.

========== COMMANDS ==========

 

[EMPTYTEMP]

 

User: All Users

 

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

->Flash cache emptied: 0 bytes

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

->Flash cache emptied: 0 bytes

 

User: Gaul

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 230753 bytes

->Java cache emptied: 0 bytes

->FireFox cache emptied: 59215845 bytes

->Flash cache emptied: 470 bytes

 

User: Public

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 60762 bytes

RecycleBin emptied: 279973348 bytes

 

Total Files Cleaned = 324,00 mb

 

 

[EMPTYFLASH]

 

User: All Users

 

User: Default

->Flash cache emptied: 0 bytes

 

User: Default User

->Flash cache emptied: 0 bytes

 

User: Gaul

->Flash cache emptied: 0 bytes

 

User: Public

 

Total Flash Files Cleaned = 0,00 mb

 

 

 

OTL by OldTimer - Version 3.2.31.0 log created on 12182011_221419"

 

@+

[tomtom95]

Bonjour Lannah13

 

Attention au rapport trop long

 

Ok trés bien comment ce comporte ton ordinateur maintenant ?

 

Si c'est ok on fini avec les derniéres indications.

 

J'attend ta réponse

 

A+

[Lannah13]

bonsoir tomtom95,

 

l'ordinateur démarre normalement et je ne remarque pas de problème particulier... tout semble ok...

[tomtom95]

Bonsoir Lannah13

 

Ok Désinstallation des outils

• Télecharge sur le site

DelFix (de Xplode) sur ton Bureau
 
Choisis l'option "Recherche"
Valide sur Entrée
Laisse travailler l'outil
Copie/colle le rapport obtenu
 
Relance Delfix
 
Choisis l'option "Suppression"
Valide sur Entrée
Laisse travailler l'outil
Copie/colle le rapport obtenu sur le forum
 
Supprime DelFix ainsi que les autres outils restant éventuellement sur le bureau.

 

• Tu va supprimer tes anciennes points de sauvegarde du pc :
  Après une désinfection
  il est nécessaire de désactiver puis réactiver la restauration système pour la purger car les points de restauration peuvent être infectés.
  
• Clique sur démarrer et faire un clique droit sur ordinateur
  
• puis cliquer sur Propriétés.
  
• Dans la colonne Page d'accueil du panneau de configuration
   
  
• Clique sur Protection du système.
  
• Clique sur configurer.
  
• Clique sur Supprimer.
  
• Un message de confirmation va apparaître valider par Oui
   
  Crée un nouveau point de restauration sain
  
• Cliquer sur Démarrer puis sur Panneau de configuration
  
• Cliquer sur Système et sécurité puis sur Système.
  
• Cliquer sur Protection système
  
• Cliquer sur Créer.
  
• Entrer le nom du point de restauration.
  
• Un message confirmant que le point de restauration a été crée va apparaître
  cliquer sur Ok.

 

• Pour des raisons de sécurité pour ton pc vérifie tes mise a jour
   
  
• Sun java Runtime Version 6 Update 30
  http://www.java.com/fr/download/windows_ie.jsp?locale=fr&host=www.java.com:80
   
  
• Flash player 11 ( décoche avant le téléchargement la case de la barre google)
  http://get.adobe.com/fr/flashplayer/
   
  Adobe Acrobat version 10
  http://get.adobe.com/fr/reader/otherversions/
  Sur la page clique sur ton systéme exploitation et installe la derniére version
   
  Lance windows Update pour récupérer les mises a jour.

 

Post les rapports Delfix stp

 

A+

[Lannah13]

Re,

 

voici le 1er rapport delfix R3 :

 

"# DelFix v8.7 - Rapport créé le 19/12/2011 à 19:29:28

# Mis à jour le 01/12/11 à 20h par Xplode

# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (32 bits)

# Nom d'utilisateur : Gaul - PC-DE-GAUL (Administrateur)

# Exécuté depuis : C:\Users\Gaul\Desktop\delfix.exe

# Option [Recherche]

 

 

~~~~~~ Dossiers(s) ~~~~~~

 

Présent : C:\_OTL

Présent : C:\_OTM

Présent : C:\Program Files\SEAF

 

~~~~~~ Fichier(s) ~~~~~~

 

Présent : C:\SeafLog avg 17-12.txt

Présent : C:\SeafLog.txt

Présent : C:\Users\Gaul\Desktop\avgremover.log

Présent : C:\Users\Gaul\Desktop\Extras.Txt

Présent : C:\Users\Gaul\Desktop\OTL.exe

Présent : C:\Users\Gaul\Desktop\OTL.Txt

Présent : C:\Users\Gaul\Desktop\OTM.exe

Présent : C:\Users\Gaul\Desktop\SEAF.exe

Présent : C:\Users\Gaul\Desktop\SeafLog AVG 18-12.txt

Présent : C:\Users\Gaul\Desktop\ZHPDiag.txt

 

~~~~~~ Registre ~~~~~~

 

Clé Présente : HKLM\SOFTWARE\OldTimer Tools

Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SEAF

 

~~~~~~ Autres ~~~~~~

 

 

*************************

 

DelFix[R3].txt - [1068 octets] - [19/12/2011 19:29:28]

 

########## EOF - C:\DelFix[R3].txt - [1192 octets] ##########

 

je continue...

 

voici le rapport S3 :

"# DelFix v8.7 - Rapport créé le 19/12/2011 à 19:31:23

# Mis à jour le 01/12/11 à 20h par Xplode

# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (32 bits)

# Nom d'utilisateur : Gaul - PC-DE-GAUL (Administrateur)

# Exécuté depuis : C:\Users\Gaul\Desktop\delfix.exe

# Option [suppression]

 

 

~~~~~~ Dossiers(s) ~~~~~~

 

Supprimé : C:\_OTL

Supprimé : C:\_OTM

Supprimé : C:\Program Files\SEAF

 

~~~~~~ Fichier(s) ~~~~~~

 

Supprimé : C:\SeafLog avg 17-12.txt

Supprimé : C:\SeafLog.txt

Supprimé : C:\Users\Gaul\Desktop\avgremover.log

Supprimé : C:\Users\Gaul\Desktop\Extras.Txt

Supprimé : C:\Users\Gaul\Desktop\OTL.exe

Supprimé : C:\Users\Gaul\Desktop\OTL.Txt

Supprimé : C:\Users\Gaul\Desktop\OTM.exe

Supprimé : C:\Users\Gaul\Desktop\SEAF.exe

Supprimé : C:\Users\Gaul\Desktop\SeafLog AVG 18-12.txt

Supprimé : C:\Users\Gaul\Desktop\ZHPDiag.txt

 

~~~~~~ Registre ~~~~~~

 

Clé Supprimée : HKLM\SOFTWARE\OldTimer Tools

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SEAF

 

~~~~~~ Autres ~~~~~~

 

-> Prefetch Vidé

 

*************************

 

DelFix[R3].txt - [1189 octets] - [19/12/2011 19:29:28]

DelFix[s3].txt - [1159 octets] - [19/12/2011 19:31:23]

 

########## EOF - C:\DelFix[s3].txt - [1283 octets] ##########

[tomtom95]

RE

 

Ok aprés les derniéres manips

 

Pour améliorer la sécurité de ton PC prend quelques instants pour lire,

Les toolbars c'est pas obligatoire! Merci Malekal_morte

Les risques du peer-to-peer Merci ogun

Lisez d'abord cliquez après !!! Merci TopXm

 

Astuces et tutoriaux sur Vista et Windows 7

http://www.chantal11.com/ Merci chantal 11

 

Si tu n'as pas de questions.Marque ton sujet comme résolu

Comment afficher son sujet comme étant résolu Merci thorgal

 

Passe de bonne fête et prudence sur le net

A+ sur les forums Zeb

[tomtom95]

Lannah13

 

Profite de mettre aussi sur ton autre sujet Software> Windows 7

comme résolu ici >> http://forum.zebulon.fr/bureau-fig-t189980.html&st=40

[Lannah13]

ok, je vais lire tout ça.

 

Encore merci pour ta gentillesse et ta patience....

 

je vais lire tout ça et faire très attention à ce qui est téléchargé sur ce portable...

 

Encore merci et passe toi aussi de bonne fêtes.