Publicités inttext, ordinateur lent

Résolu
26665583616 Messages postés 7 Date d'inscription   Statut Membre Dernière intervention   -  
26665583616 Messages postés 7 Date d'inscription   Statut Membre Dernière intervention   -
Bonjour, j'ai depuis quelques temps des problème avec de la publicité que je ne parviens pas à bloquer, notamment des pop-ups (les anti pop-ups n'y font rien) et depuis moins de temps de la publicité intext. J'ai téléchargé le logiciel OTL mais je ne sais pas analyser les rapports. De plus, mon ordi est beaucoup plus lent qu'avant et pour cause : lorsque aucune action n'était en cours prédemment, le processeur stagnait toujours à 0% d'utilisation. Maintenant, il est presque en permanence à plus de 30% d'utilisation sans que je ne lance rien. Quelqu'un pourrait-il m'aider? Je lui en serait vraiment très reconnaissante... Ces pub commencent à m'être insupportables...



A voir également:

10 réponses

Réponse 1 / 10
kalimusic Messages postés 14014 Date d'inscription   Statut Contributeur sécurité Dernière intervention   3 027
 
Bonjour et Bienvenue sur CCM



Si tu as déjà OTL, fait ceci :

Ferme toutes tes applications en cours

● Lance OTL.exe, l'interface principale s'ouvre.
● Coche la case Tous les utilisateurs
Laisse tous les autres paramètres par défaut
● Dans la partie du bas "Personnalisation", copie/colle la liste en citation : 

msconfig 
netsvcs 
/md5start
explorer.exe
winlogon.exe
userinit.exe
svchost.exe
services.exe
/md5stop
%temp%\*.exe /s 
%ALLUSERSPROFILE%\Application Data\*.exe /s 
%ALLUSERSPROFILE%\Application Data\*.
%APPDATA%\*.exe /s 
%SYSTEMDRIVE%\*.exe 
CREATERESTOREPOINT

● Clique sur le bouton Analyse rapide, patiente pendant le balayage du système.
● 2 rapports vont s'ouvrir au format bloc-note :
▸ ▸ OTL.txt (qui sera affiché) ainsi que Extras.txt (réduit dans la barre des tâches)
Ne les poste pas sur le forum, ils seraient trop long
● Héberge les sur un des sites suivants :
https://www.cjoint.com/
http://pjjoint.malekal.com/
https://textup.fr/
● Tu obtiendras 2 liens que tu me donneras dans ton prochain message.

Aide : Tutorial OTL (par Malekal)

A +
0
Réponse 2 / 10
26665583616 Messages postés 7 Date d'inscription   Statut Membre Dernière intervention  
 
Merci beaucoup de répondre aussi rapidement... J'aurai voulu ne pas tant me faire assister mais je ne trouve pas de tutoriel sur internet qui explique de manière compréhensible la démarche d'analyse d'un rapport OTL (ou bien c'est moi qui suis trop bête pour comprendre, ce qui est également une possibilité à envisager). Voici les liens obtenus, et encore merci :
https://www.cjoint.com/?BJDlLba5n7M
https://www.cjoint.com/?BJDlL3mZ9MZ
0
Réponse 3 / 10
26665583616 Messages postés 7 Date d'inscription   Statut Membre Dernière intervention  
 
Bon, j'ai quand même essayé de comprendre quelque chose à ce charabia. (du moins de le lire). Et j'ai remarqué qu'il y a un processus qui m'embête régulièrement parce qu'il s'ouvre automatiquement sur IE (en sachant que je ne l'utilise jamais) et depuis peu de temps (ça correspond à peu près au début de mes ennuis). Ce processus s'appelle tuto_4PC... Dois-je supprimer le dossier qui le contient dans Program Files?
Merci encore pour votre aide.
0
Réponse 4 / 10
kalimusic Messages postés 14014 Date d'inscription   Statut Contributeur sécurité Dernière intervention   3 027
 
re,

Au contraire, tu as bien fait de poster, il vaut mieux se faire aider par quelqu'un qui connait l'outil.

Le responsable des publicités est le logiciel/tutoriel tu4pc ou pctuto, pour comprendre pourquoi : https://forum.security-x.fr/securite-generale/tuto4pc-et-accord-de-licence/

Il faut être vigilant quand on installe un programme, faire attention aux conditions d'utilisation et aux cases pré-cochées.
Bannir les diverses barres d'outils ou moteurs de recherches, etc....proposées lors de l'installation : https://forum.malekal.com/viewtopic.php?t=33776&start=

1. Désinstalle si encore présents et si possible : 

TUTO4PC_FR_5-v1.0
Savings Sidekick 
SpecialSavings

Aide : Comment désinstaller un programme

2. Télécharge AdwCleaner ( d'Xplode ) sur ton bureau.
● Lance AdwCleaner
- Sous XP double-clic sur l'icône pour lancer l'outil.
- Sous Vista/Seven clic-droit sur l'icône et choisir "Exécuter en tant qu'administrateur" dans le menu contextuel.
Ferme impérativement le navigateur ainsi que les applications en cours.
● Clique sur Suppression
● Patiente le temps du scan, accepte de redémarrer si l'outil le demande
● Le rapport doit s'ouvrir spontanément.

Le rapport est sauvegardé à la racine du disque C:\AdwCleaner[S1].txt

Poste le rapport, A +
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 10
26665583616 Messages postés 7 Date d'inscription   Statut Membre Dernière intervention  
 
J'ai essayé de tuer le processus tuto4_pc_fr_5 (via le gestionnaire des tâches) juste pour voir.... Je n'ai noté aucune amélioration au niveau de la publicité intext.
0
kalimusic Messages postés 14014 Date d'inscription   Statut Contributeur sécurité Dernière intervention   3 027
 
c'est normal, intext est du à une extension du navigateur.
0
Réponse 6 / 10
26665583616 Messages postés 7 Date d'inscription   Statut Membre Dernière intervention  
 
Merci beaucoup, vraiment... Je ne sais pas si le problème est vraiment parti mais la publicité intext n'apparaît plus...
Voici le rapport de adwcleaner :
# AdwCleaner v2.005 - Rapport créé le 29/10/2012 à 12:01:50
# Mis à jour le 14/10/2012 par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : 141592653 - 141592653-PC
# Mode de démarrage : Normal
# Exécuté depuis : C:\Users\141592653\Downloads\adwcleaner.exe
# Option [Suppression]


***** [Services] *****


***** [Fichiers / Dossiers] *****

Dossier Supprimé : C:\Program Files (x86)\Savings Sidekick
Dossier Supprimé : C:\ProgramData\IBUpdaterService
Dossier Supprimé : C:\ProgramData\Partner
Dossier Supprimé : C:\Users\141592~1\AppData\Local\Temp\Iminent
Dossier Supprimé : C:\Users\141592653\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo
Dossier Supprimé : C:\Users\141592653\AppData\Local\Savings Sidekick

***** [Registre] *****

Clé Supprimée : HKCU\Software\AppDataLow\Software\Crossrider
Clé Supprimée : HKCU\Software\AppDataLow\Software\Savings Sidekick
Clé Supprimée : HKCU\Software\AppDataLow\Software\SmartBar
Clé Supprimée : HKCU\Software\Conduit
Clé Supprimée : HKCU\Software\Cr_Installer
Clé Supprimée : HKCU\Software\Iminent
Clé Supprimée : HKCU\Software\InstalledBrowserExtensions
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011501160}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110011501160}
Clé Supprimée : HKCU\Software\Softonic
Clé Supprimée : HKCU\Software\Tutorials
Clé Supprimée : HKLM\SOFTWARE\Classes\CrossriderApp0005060.BHO
Clé Supprimée : HKLM\SOFTWARE\Classes\CrossriderApp0005060.BHO.1
Clé Supprimée : HKLM\SOFTWARE\Classes\CrossriderApp0005060.Sandbox
Clé Supprimée : HKLM\SOFTWARE\Classes\CrossriderApp0005060.Sandbox.1
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440044504460}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Clé Supprimée : HKLM\Software\Iminent
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011501160}
Clé Supprimée : HKLM\Software\Tuto4PC
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{11111111-1111-1111-1111-110011501160}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220022502260}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{55555555-5555-5555-5555-550055505560}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66666666-6666-6666-6666-660066506660}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011501160}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110011501160}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Savings Sidekick
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550055505560}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066506660}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Tutorials]

***** [Navigateurs] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Le registre ne contient aucune entrée illégitime.

-\\ Google Chrome v [Impossible d'obtenir la version]

Fichier : C:\Users\141592653\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Le fichier ne contient aucune entrée illégitime.

-\\ Opera v12.2.1578.0

Fichier : C:\Users\141592653\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] Le fichier ne contient aucune entrée illégitime.

*************************

AdwCleaner[S1].txt - [13172 octets] - [29/10/2012 12:01:50]

########## EOF - C:\AdwCleaner[S1].txt - [13233 octets] ##########
0
Réponse 7 / 10
kalimusic Messages postés 14014 Date d'inscription   Statut Contributeur sécurité Dernière intervention   3 027
 
re,



== == == == == == == == == == == == == == == == == == == == == ==
Avis aux utilisateurs de l'antivirus Avast! , ne pas exécuter OTL dans la sandbox.
== == == == == == == == == == == == == == == == == == == == == ==

1. Relance OTL

● Dans la partie "Personnalisation", copie/colle les instructions suivantes (sans oublier la commande initiale) : 

:OTL
O2 - BHO: (Savings Sidekick) - {11111111-1111-1111-1111-110011501160} - C:\Program Files (x86)\Savings Sidekick\Savings Sidekick.dll (215 Apps) 
O2 - BHO: (SpecialSavings) - {74F475FA-6C75-43BD-AAB9-ECDA6184F600} - C:\Program Files (x86)\SpecialSavings\SpecialSavingsSinged.dll (SpecialSavings) 
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM\..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4 - HKLM\..\Run: [bdinstaller] "C:\Users\141592~1\AppData\Local\Temp\RarSFX0\setuplauncher.exe" /run:"C:\Users\141592~1\AppData\Local\Temp\RarSFX0\setupdownloader.exe" /args:"/after_restart" File not found
O4 - HKLM\..\Run: [Tutorials] C:\Program Files (x86)\TUTO4PC\tuto4pc_fr_5.exe ()     
O4 - HKLM\..\RunOnce: [upt4pc_fr_5.exe] C:\Users\141592653\AppData\Local\tuto4pc_fr_5\upt4pc_fr_5.exe () 
O9 - Extra Button: SpecialSavings - {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - C:\Program Files (x86)\SpecialSavings\SpecialSavingsSinged.dll (SpecialSavings) 
[266 C:\Users\141592~1\AppData\Local\Temp\*.tmp files -> C:\Users\141592~1\AppData\Local\Temp\*.tmp -> ] 
:Commands 
[emptytemp]

Ferme impérativement les applications en cours.
● Clique sur le bouton Correction.
● Patiente pendant le travail de l'outil, il doit ensuite redémarrer le PC.
● Accepte en cliquant sur OK.
● Le rapport indiquant les actions réalisées par OTL doit s'ouvrir spontanément.

Tu peux le retrouver à la racine du disque dans ce dossier : C:\_OTL\MovedFiles

2. Télécharge MBAM et installe le selon l'emplacement par défaut.
(l'essai de la version pro est facultative)
Effectue la mise à jour, lance un examen rapide et supprime les éléments trouvés.
Tuto : https://forum.security-x.fr/archives/(tutoriel)-malwarebyte's-anti-malware/?PHPSESSID=bl3ngphatppbfl2g9p5j9fnppb

3. Poste les rapports

A +
0
Réponse 8 / 10
26665583616 Messages postés 7 Date d'inscription   Statut Membre Dernière intervention  
 
MBAM n'a détecté aucun élément infecté.
Je mets quand même les rapport de MBAM :

Premier rapport :
Malwarebytes Anti-Malware (Essai) 1.65.1.1000
www.malwarebytes.org

Version de la base de données: v2012.10.29.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
141592653 :: 141592653-PC [administrateur]

Protection: Activé

29/10/2012 13:07:01
mbam-log-2012-10-29 (13-07-01).txt

Type d'examen: Examen rapide
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 221517
Temps écoulé: 4 minute(s), 36 seconde(s)

Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Clé(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)

Valeur(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)

Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)

Dossier(s) détecté(s): 0
(Aucun élément nuisible détecté)

Fichier(s) détecté(s): 0
(Aucun élément nuisible détecté)

(fin)





Second rapport MBAM :



2012/10/29 13:05:27 +0100 141592653-PC 141592653 MESSAGE Executing scheduled update: Daily
2012/10/29 13:05:36 +0100 141592653-PC 141592653 MESSAGE Starting protection
2012/10/29 13:05:36 +0100 141592653-PC 141592653 MESSAGE Protection started successfully
2012/10/29 13:05:36 +0100 141592653-PC 141592653 MESSAGE Starting IP protection
2012/10/29 13:05:41 +0100 141592653-PC 141592653 MESSAGE IP Protection started successfully
2012/10/29 13:06:13 +0100 141592653-PC 141592653 MESSAGE Starting database refresh
2012/10/29 13:06:13 +0100 141592653-PC 141592653 MESSAGE Scheduled update executed successfully: database updated from version v2012.09.29.05 to version v2012.10.29.05
2012/10/29 13:06:13 +0100 141592653-PC 141592653 MESSAGE Stopping IP protection
2012/10/29 13:06:13 +0100 141592653-PC 141592653 MESSAGE IP Protection stopped successfully
2012/10/29 13:06:19 +0100 141592653-PC 141592653 MESSAGE Database refreshed successfully
2012/10/29 13:06:19 +0100 141592653-PC 141592653 MESSAGE Starting IP protection
2012/10/29 13:06:25 +0100 141592653-PC 141592653 MESSAGE IP Protection started successfully
2012/10/29 13:06:32 +0100 141592653-PC 141592653 MESSAGE Starting database refresh
2012/10/29 13:06:32 +0100 141592653-PC 141592653 MESSAGE Stopping IP protection
2012/10/29 13:06:32 +0100 141592653-PC 141592653 MESSAGE IP Protection stopped successfully
2012/10/29 13:06:40 +0100 141592653-PC 141592653 MESSAGE Database refreshed successfully
2012/10/29 13:06:40 +0100 141592653-PC 141592653 MESSAGE Starting IP protection
2012/10/29 13:06:45 +0100 141592653-PC 141592653 MESSAGE IP Protection started successfully





Voici le rapport d'Otl après la correction :



All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110011501160}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110011501160}\ not found.
File C:\Program Files (x86)\Savings Sidekick\Savings Sidekick.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}\ deleted successfully.
C:\Program Files (x86)\SpecialSavings\SpecialSavingsSinged.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\RunOnce not found.
Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.
Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.
File C:\Program Files (x86)\TUTO4PC\tuto4pc_fr_5.exe not found.
Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\RunOnce not found.
File C:\Users\141592653\AppData\Local\tuto4pc_fr_5\upt4pc_fr_5.exe not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{A69A551A-1AAE-4B67-8C2E-52F8B8A19504}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A69A551A-1AAE-4B67-8C2E-52F8B8A19504}\ deleted successfully.
File C:\Program Files (x86)\SpecialSavings\SpecialSavingsSinged.dll not found.
C:\Users\141592~1\AppData\Local\Temp\72A0.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\74F0.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\780F.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\7zOE1BF.tmp\zh-Hant\Songr.resources.dll deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\7zOE1BF.tmp\zh-Hant folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\7zOE1BF.tmp\tr\Songr.resources.dll deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\7zOE1BF.tmp\tr folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\7zOE1BF.tmp\sv\Songr.resources.dll deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\7zOE1BF.tmp\sv folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\7zOE1BF.tmp\ru\Songr.resources.dll deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\7zOE1BF.tmp\ru folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\7zOE1BF.tmp\ro\Songr.resources.dll deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\7zOE1BF.tmp\ro folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\7zOE1BF.tmp\pt-pt\Songr.resources.dll deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\7zOE1BF.tmp\pt-pt folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\7zOE1BF.tmp\pt-br\Songr.resources.dll deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\7zOE1BF.tmp\pt-br folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\7zOE1BF.tmp\pl\Songr.resources.dll deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\7zOE1BF.tmp\pl folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\7zOE1BF.tmp\no\Songr.resources.dll deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\7zOE1BF.tmp\no folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\7zOE1BF.tmp\nl\Songr.resources.dll deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\7zOE1BF.tmp\nl folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\7zOE1BF.tmp\lv\Songr.resources.dll deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\7zOE1BF.tmp\lv folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\7zOE1BF.tmp\ko\Songr.resources.dll deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\7zOE1BF.tmp\ko folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\7zOE1BF.tmp\it\Songr.resources.dll deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\7zOE1BF.tmp\it folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\7zOE1BF.tmp\id\Songr.resources.dll deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\7zOE1BF.tmp\id folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\7zOE1BF.tmp\hu\Songr.resources.dll deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\7zOE1BF.tmp\hu folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\7zOE1BF.tmp\he\Songr.resources.dll deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\7zOE1BF.tmp\he folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\7zOE1BF.tmp\gl\Songr.resources.dll deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\7zOE1BF.tmp\gl folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\7zOE1BF.tmp\fr\Songr.resources.dll deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\7zOE1BF.tmp\fr folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\7zOE1BF.tmp\fi\Songr.resources.dll deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\7zOE1BF.tmp\fi folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\7zOE1BF.tmp\eu\Songr.resources.dll deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\7zOE1BF.tmp\eu folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\7zOE1BF.tmp\es\Songr.resources.dll deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\7zOE1BF.tmp\es folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\7zOE1BF.tmp\el\Songr.resources.dll deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\7zOE1BF.tmp\el folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\7zOE1BF.tmp\de\Songr.resources.dll deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\7zOE1BF.tmp\de folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\7zOE1BF.tmp\da\Songr.resources.dll deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\7zOE1BF.tmp\da folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\7zOE1BF.tmp\cs\Songr.resources.dll deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\7zOE1BF.tmp\cs folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\7zOE1BF.tmp\ca\Songr.resources.dll deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\7zOE1BF.tmp\ca folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\7zOE1BF.tmp\bg\Songr.resources.dll deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\7zOE1BF.tmp\bg folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\7zOE1BF.tmp\Interop.WMPLib.dll deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\7zOE1BF.tmp\Newtonsoft.Json.dll deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\7zOE1BF.tmp\Songr.exe deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\7zOE1BF.tmp\Songr.exe.config deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\7zOE1BF.tmp\SongrJumplistLauncher.exe deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\7zOE1BF.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\7zOED65.tmp\Songr.exe deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\7zOED65.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\98A6.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\DMI3239.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\DMI49DC.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\DMI9D67.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\DMI9EC0.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\E292.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\gch1027.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\gch1029.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\gch14F7.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\gch14F9.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\gch1564.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\gch1576.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\gch1A15.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\gch1A17.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\gch1B86.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\gch1B88.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\gch1FB1.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\gch1FB3.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\gch205C.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\gch205E.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\gch208B.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\gch208D.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\gch2339.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\gch234B.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\gch2414.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\gch2425.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\gch2F4A.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\gch2F7B.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\gch36A.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\gch36D9.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\gch36EA.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\gch37C.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\gch3959.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\gch395B.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\gch474D.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\gch474F.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\gch4FD5.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\gch4FD7.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\gch5496.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\gch54A7.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\gch5B2A.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\gch5B2C.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\gch5F20.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\gch5F41.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\gch686.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\gch688.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\gch7B77.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\gch7B89.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\gch88DF.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\gch88F1.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\gch97BD.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\gch97BF.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\gch99A1.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\gch99B3.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\gchAD11.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\gchAD13.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\gchAE0A.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\gchAE0C.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\gchB3AC.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\gchB3DD.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\gchC8FA.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\gchC969.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\gchCFD0.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\gchCFE1.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\gchD5A0.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\gchD5B1.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\gchD88.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\gchD8A.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\gchDF09.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\gchDF0B.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\gchE57E.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\gchE60D.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\gchF2C7.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\gchF2D9.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\gchF307.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\gchF318.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\gchF779.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\gchF77B.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\gchF8DF.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\gchF8E1.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\gchFAA.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\gchFBB.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\jar_cache1592510642579378614.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\jar_cache1741129433437384579.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\jar_cache4170886419444375336.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\jar_cache4225261934694361448.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\jar_cache7639824101946280440.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\jar_cache796356918071781909.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\mfi1028.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\mfi14F6.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\mfi14F8.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\mfi1554.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\mfi1575.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\mfi1A05.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\mfi1A16.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\mfi1B85.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\mfi1B87.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\mfi1FB0.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\mfi1FB2.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\mfi205B.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\mfi205D.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\mfi208A.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\mfi208C.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\mfi2338.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\mfi234A.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\mfi2413.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\mfi2424.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\mfi2F49.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\mfi2F7A.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\mfi369.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\mfi36A9.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\mfi36E9.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\mfi37B.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\mfi3958.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\mfi395A.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\mfi473C.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\mfi474E.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\mfi4E4E.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\mfi4FD6.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\mfi5495.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\mfi54A6.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\mfi5B1A.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\mfi5B2B.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\mfi5F10.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\mfi5F40.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\mfi685.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\mfi687.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\mfi7B48.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\mfi7B88.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\mfi88DE.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\mfi88F0.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\mfi97BC.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\mfi97BE.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\mfi99A0.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\mfi99B2.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\mfiACE1.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\mfiAD12.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\mfiAE09.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\mfiAE0B.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\mfiB39C.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\mfiB3CD.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\mfiC8BA.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\mfiC968.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\mfiCFCF.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\mfiCFE0.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\mfiD59F.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\mfiD5B0.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\mfiD77.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\mfiD89.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\mfiDEF8.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\mfiDF0A.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\mfiE57D.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\mfiE5CD.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\mfiF2C6.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\mfiF2D8.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\mfiF306.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\mfiF317.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\mfiF778.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\mfiF77A.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\mfiF8DE.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\mfiF8E0.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\mfiF99.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\mfiFA9.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\mfiFBA.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\nsl2CCD.tmp\DropboxNSISTools.dll deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\nsl2CCD.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\nsm4F42.tmp\nsProcess.dll deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\nsm4F42.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\PCWA939.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\qhiD068.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\SetD1A0.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\svaoc.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD1352.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD18A1.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD19EC.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD19ED.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD1C8D.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD1CBE.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD1D8B.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD2145.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD21A4.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD25AD.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD25DD.tmp\CleanGradient.thmx deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD25DD.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD25FA.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD2753.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD2929.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD2BD9.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD2D3C.tmp\CleanGradient.thmx deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD2D3C.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD2D71.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD2D9C.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD2F28.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD3062.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD3370.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD35E2.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD376A.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD37BA.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD3858.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD3934.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD3955.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD3A51.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD3B6C.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD3BFA.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD3CC7.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD3D07.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD3DA5.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD40E.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD43C6.tmp\CleanGradient.thmx deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD43C6.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD4455.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD44C4.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD44E5.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD4564.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD510A.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD5743.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD58BB.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD5A14.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD5C77.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD5DA1.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD5E3F.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD5EDD.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD5F6C.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD6029.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD60B7.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD6174.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD62ED.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD64C3.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD6542.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD6718.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD6787.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD6C69.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD6E8D.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD6EDD.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD6F4C.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD6F6D.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD701B.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD703C.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD70EA.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD7149.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD7199.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD71F9.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD7239.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD72A8.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD8191.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD8192.tmp\CleanGradient.thmx deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD8192.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD831B.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD8D73.tmp\CleanGradient.thmx deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD8D73.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD8EDC.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD8F1D.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD9028.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD90B6.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCD9BB.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCDCE8.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCDD95.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCDE1.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCDFCB7.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCDFE9C.tmp\CleanGradient.thmx deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\TCDFE9C.tmp folder deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\wlsBA5C.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\wlsBCDC.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\wlsD7F8.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\wlsD931.tmp deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\~DF272E961043BEF4C8.TMP deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\~DF44A9760020C86171.TMP deleted successfully.
C:\Users\141592~1\AppData\Local\Temp\~DF58856F7CAD7A8969.TMP deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: 141592653
->Temp folder emptied: 65899950 bytes
->Temporary Internet Files folder emptied: 95785481 bytes
->Java cache emptied: 25743284 bytes
->Google Chrome cache emptied: 231969889 bytes
->Opera cache emptied: 50643852 bytes
->Flash cache emptied: 70548 bytes

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56466 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 356916536 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50674 bytes
RecycleBin emptied: 300605 bytes

Total Files Cleaned = 789,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 10292012_125509

Files\Folders moved on Reboot...
C:\Users\141592653\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
0
Réponse 9 / 10
kalimusic Messages postés 14014 Date d'inscription   Statut Contributeur sécurité Dernière intervention   3 027
 
ok,

Sauf si tu as d'autres soucis, c'est fini.


== == == == == == DÉSINSTALLATION DES OUTILS == == == == == ==

1. Relance AdwCleaner en tant qu'administrateur
● Clique sur Désinstallation

2. Lance OTL

● Dans la partie "Personnalisation", copie/colle : 

:commands
[clearallrestorepoints]

● Clique sur le bouton Correction.

3. Relance OTL
● Clique sur le bouton Purge outils
● Puis sur OK dans la boite de dialogue qui t'invite à redémarrer le système.
● Supprime les outils et les rapports restants éventuellement sur ton Bureau

4. Tu peux garder Malwarebytes Anti-Malware comme logiciel complémentaire à ton antivirus et t'en servir contrôler ton PC avec un scan rapide de temps en temps sans oublier de le mettre à jour avant


== == == == == == == == == == MISES A JOUR == == == == == == == == == ==

Vérifie que les logiciels pouvant présenter des failles de sécurité sont à jour, c'est par ce biais que les infections arrivent :

Maintenir Java, Adobe Reader et le player Flash à jour ou bien tu peux utiliser cet outil : Vérifier et mettre à jour facilement les logiciels à risque avec SX Check&Update

!! Décoche les cases proposant des logiciels partenaires pendant les installations !!

Désinstalle les anciennes versions de Java si tu en as encore installées.
https://www.java.com/fr/download/help/remove_olderversions.html


== == == == == == == == == == == == == == == == == == == == == ==

La sécurité de son PC, c'est quoi ? (par Malekal)

== == == == == == == == == == == == == == == == == == == == == ==

Bonne journée
0
Réponse 10 / 10
26665583616 Messages postés 7 Date d'inscription   Statut Membre Dernière intervention  
 
D'accord. Merci beaucoup pour cette aide qui m'a vraiment été très utile.
0