Sujet Précédent Sujet Suivant

Problème connection internet / mwiynzm4ndy1yjz

Résolu/Fermé
Aurel78 - 5 janv. 2015 à 22:37
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 - 27 avril 2015 à 20:51
Bonjour,
Depuis hier, j'ai des soucis d'ouverture de mes navigateurs internet qui me renvoient vers des pages "inaccessibles". Dans mon gestionnaires des tâches j'ai une tache qui me prend beaucoup de mémoire et qui est nommée mwiynzm4ndy1yjz. Lorsque je la stoppe "fin de tache" je peux de nouveau ouvrir des pages internet.
J'ai vu sur des forums annexes que Xobadina64 (post du 2 janvier) a potentiellement eu le même problème que moi.
J'ai donc réalisé la première étape préconisée qui consistait à lancer ADWcleaner / nettoyer et j'ai même réinitialisé mes navigateurs.
Je pense faire ce qui est recommandé par Malekal_morte dans le fameux post en lançant le tuto permettant de générer les deux rapports FRST.
Dans un premier temps, voici le rapport d'ADWcleaner.
Merci pour votre aide
# AdwCleaner v4.106 - Rapport créé le 04/01/2015 à 23:16:09
# Mis à jour le 21/12/2014 par Xplode
# Database : 2015-01-03.1 [Live]
# Système d'exploitation : Windows 8.1 (64 bits)
# Nom d'utilisateur : Julie - PC-MAISON
# Exécuté depuis : C:\Users\Julie\Downloads\adwcleaner_4-106_fr_430277.exe
# Option : Nettoyer

***** [ Services ] *****

[#] Service Supprimé : globalUpdate
[#] Service Supprimé : globalUpdatem
Service Supprimé : UniversalUpdater
Service Supprimé : WindowsMangerProtect
Service Supprimé : rcores
Service Supprimé : IHProtect Service
[#] Service Supprimé : wpnfd_1_10_0_5

***** [ Fichiers / Dossiers ] *****

Dossier Supprimé : C:\TVWizard
Dossier Supprimé : C:\ProgramData\apn
Dossier Supprimé : C:\ProgramData\WindowsMangerProtect
Dossier Supprimé : C:\ProgramData\IHProtectUpDate
Dossier Supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PepperZip
Dossier Supprimé : C:\Program Files (x86)\Bench
Dossier Supprimé : C:\Program Files (x86)\globalUpdate
Dossier Supprimé : C:\Program Files (x86)\IminentToolbar
Dossier Supprimé : C:\Program Files (x86)\predm
Dossier Supprimé : C:\Program Files (x86)\Software
[!] Dossier Supprimé : C:\Program Files (x86)\Flwsrf
Dossier Supprimé : C:\Users\Julie\AppData\Local\BeamriseUninstall
Dossier Supprimé : C:\Users\Julie\AppData\Local\globalUpdate
Dossier Supprimé : C:\Users\Julie\AppData\Local\lollipop
Dossier Supprimé : C:\Users\Julie\AppData\Local\Software
Dossier Supprimé : C:\Users\Julie\AppData\Roaming\IminentToolbar
Dossier Supprimé : C:\Users\Julie\AppData\Roaming\Nosibay
Dossier Supprimé : C:\Users\Julie\AppData\Roaming\omiga-plus
Dossier Supprimé : C:\Users\Julie\AppData\Roaming\Systweak
Dossier Supprimé : C:\Users\Julie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Lollipop
Dossier Supprimé : C:\Users\Julie\Documents\Optimizer Pro
Dossier Supprimé : C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip
Fichier Supprimé : C:\WINDOWS\rcore.exe
Fichier Supprimé : C:\WINDOWS\System32\roboot64.exe
Fichier Supprimé : C:\Users\Julie\AppData\Roaming\Bubble Dock.boostrap.log
Fichier Supprimé : C:\Users\Julie\AppData\Roaming\Bubble Dock.installation.log
Fichier Supprimé : C:\Users\Julie\AppData\Roaming\Mozilla\Firefox\Profiles\8bbkmltm.default-1420407814458\user.js
Fichier Supprimé : C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage

***** [ Tâches planifiées ] *****

Tâche Supprimée : bench-sys
Tâche Supprimée : bench-Updater removing
Tâche Supprimée : globalUpdateUpdateTaskMachineCore
Tâche Supprimée : globalUpdateUpdateTaskMachineUA

***** [ Raccourcis ] *****


***** [ Registre ] *****

Valeur Supprimée : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [***@***]
Clé Supprimée : HKCU\Software\Classes\Applications\lollipop.exe
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Clé Supprimée : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\Iminent
Clé Supprimée : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Clé Supprimée : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Clé Supprimée : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Clé Supprimée : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Clé Supprimée : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [CrashMon]
Clé Supprimée : HKCU\Software\Mozilla\Extends
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DEDAF650-12B8-48F5-A843-BBA100716106}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DEDAF650-12B8-48F5-A843-BBA100716106}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Donnée Restaurée : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Clé Supprimée : HKCU\Software\Boxore
Clé Supprimée : HKCU\Software\GlobalUpdate
Clé Supprimée : HKCU\Software\IminentToolbar
Clé Supprimée : HKCU\Software\lollipop
Clé Supprimée : HKCU\Software\Nosibay
Clé Supprimée : HKCU\Software\Optimizer Pro
Clé Supprimée : HKCU\Software\systweak
Clé Supprimée : HKCU\Software\TutoTag
Clé Supprimée : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Clé Supprimée : HKCU\Software\AppDataLow\Software\Crossrider
Clé Supprimée : HKCU\Software\AppDataLow\Software\DynConIE
Clé Supprimée : HKCU\Software\AppDataLow\Software\Video-Saver-1
Clé Supprimée : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Clé Supprimée : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Clé Supprimée : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Clé Supprimée : HKLM\SOFTWARE\Bench
Clé Supprimée : HKLM\SOFTWARE\Boxore
Clé Supprimée : HKLM\SOFTWARE\FreeSoftToday
Clé Supprimée : HKLM\SOFTWARE\GlobalUpdate
Clé Supprimée : HKLM\SOFTWARE\Iminent
Clé Supprimée : HKLM\SOFTWARE\omiga-plusSoftware
Clé Supprimée : HKLM\SOFTWARE\SupDp
Clé Supprimée : HKLM\SOFTWARE\SupTab
Clé Supprimée : HKLM\SOFTWARE\supWindowsMangerProtect
Clé Supprimée : HKLM\SOFTWARE\Tutorials
Clé Supprimée : HKLM\SOFTWARE\Uniblue
Clé Supprimée : HKLM\SOFTWARE\Salus
Clé Supprimée : HKLM\SOFTWARE\WordProser_1.10.0.5
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Salus
Clé Supprimée : [x64] HKLM\SOFTWARE\Iminent
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SoftwareUpdate.exe
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\omiga-plus.com

***** [ Navigateurs ] *****

-\\ Internet Explorer v11.0.9600.17416

Paramètre Restauré : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Paramètre Restauré : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Paramètre Restauré : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Paramètre Restauré : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Paramètre Restauré : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Paramètre Restauré : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Paramètre Restauré : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Paramètre Restauré : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v34.0.5 (x86 fr)


-\\ Google Chrome v39.0.2171.95

[C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Supprimée [Search Provider] : hxxp://search.findwide.com/serp?guid={517CCF1D-EDFB-4852-8440-818CFFF2842A}&action=default_search&serpv=22&k={searchTerms}
[C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Supprimée [Search Provider] : hxxp://search.findwide.com/serp?guid={517CCF1D-EDFB-4852-8440-818CFFF2842A}&action=default_search&serpv=22&k={searchTerms}
[C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Supprimée [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1420399978&from=tugs&uid=ST750LM022XHN-M750MBB_S2UQJ9KD400293&q={searchTerms}
[C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Supprimée [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1420399978&from=tugs&uid=ST750LM022XHN-M750MBB_S2UQJ9KD400293&q={searchTerms}
[C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Supprimée [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1420399978&from=tugs&uid=ST750LM022XHN-M750MBB_S2UQJ9KD400293&q={searchTerms}
[C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Supprimée [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1420399978&from=tugs&uid=ST750LM022XHN-M750MBB_S2UQJ9KD400293&q={searchTerms}

*************************

AdwCleaner[R0].txt - [16720 octets] - [04/01/2015 23:13:20]
AdwCleaner[S0].txt - [15114 octets] - [04/01/2015 23:16:09]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [15175 octets] ##########

6 réponses

Réponse 1 / 6
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 651
5 janv. 2015 à 22:39
Salut,

Suis ce tutoriel FRST: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/
Cela va générer trois rapports FRST :
* FRST.txt
* Shortcut.txt
* Additionnal.txt

Envoie comme expliqué, ces trois rapports sur le site pjjoint et donne les trois liens pjjoint de ces rapports afin qu'ils puissent être consultés.

0
Réponse 2 / 6
Aurel78
5 janv. 2015 à 22:54
Tout d'abord merci pour ton aide. Voici les liens vers les fichiers demandés
FRST.txt
http://pjjoint.malekal.com/files.php?id=20150105_z9v1314n14j13
Shortcut.txt
http://pjjoint.malekal.com/files.php?id=20150105_g13l14y9r12g13
Additionnal.txt
http://pjjoint.malekal.com/files.php?id=20150105_g5r15k8h15i7
0
Réponse 3 / 6
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 651
5 janv. 2015 à 23:00
Voici la correction à effectuer avec FRST.
Tu peux t'inspirer de cette note explicative avec des captures d'écran pour t'aider: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/#fix

Ouvre le bloc-notes : Touche Windows + R, dans le champs executer, tape notepad et OK.
Copie/colle dedans ce qui suit :

HKLM-x32\...\Run: [mwyyntm1ndi1zdz] => C:\Program Files (x86)\Smwyyntm1ndi1zdz\mwiynzm4ndy1yjz.exe [2385408 2015-01-04] ()
CHR HomePage: Default -> hxxp://isearch.omiga-plus.com/?type=hp&ts=1420399978&from=tugs&uid=ST750LM022XHN-M750MBB_S2UQJ9KD400293 [Pays US - 50.22.218.160]
CHR StartupUrls: Default -> hxxp://isearch.omiga-plus.com/?type=hp&ts=1420399978&from=tugs&uid=ST750LM022XHN-M750MBB_S2UQJ9KD400293 [Pays US - 50.22.218.160]
2015-01-04 22:22 - 2015-01-04 22:22 - 00000000 ____D () C:\Users\Julie\AppData\Roaming\QuickScan
2015-01-04 22:13 - 2015-01-04 22:24 - 00004536 _____ () C:\WINDOWS\SysWOW64\abengine.ini
2015-01-04 22:13 - 2015-01-04 22:24 - 00002416 _____ () C:\WINDOWS\SysWOW64\abengineOff.ini
2015-01-04 22:13 - 2015-01-04 22:24 - 00002416 _____ () C:\WINDOWS\system32\abengineOff.ini
2015-01-04 22:13 - 2015-01-04 22:13 - 00003086 _____ () C:\WINDOWS\System32\Tasks\upfs7235
2015-01-04 22:10 - 2015-01-04 23:18 - 00001360 _____ () C:\WINDOWS\Tasks\DBLDTXL.job
2015-01-04 22:10 - 2015-01-04 22:10 - 01549288 _____ (Cinema HDV04.01) C:\Users\Julie\AppData\Roaming\DBLDTXL.exe
2015-01-04 22:10 - 2015-01-04 22:10 - 00004370 _____ () C:\WINDOWS\System32\Tasks\DBLDTXL
2015-01-04 22:09 - 2015-01-04 23:18 - 00001356 _____ () C:\WINDOWS\Tasks\JDDYK.job
2015-01-04 22:09 - 2015-01-04 22:09 - 02047464 _____ (Cinema HDV04.01) C:\Users\Julie\AppData\Roaming\JDDYK.exe
2015-01-04 22:09 - 2015-01-04 22:09 - 00004366 _____ () C:\WINDOWS\System32\Tasks\JDDYK
2015-01-04 21:58 - 2015-01-04 21:58 - 00003886 _____ () C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-01-04 21:15 - 2015-01-05 22:24 - 00001002 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-01-04 21:15 - 2015-01-04 21:15 - 00003890 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-01-04 21:10 - 2015-01-05 15:00 - 00001360 _____ () C:\WINDOWS\Tasks\NHOGYRI.job
2015-01-04 21:10 - 2015-01-04 21:10 - 01330664 _____ (smart-saverplus) C:\Users\Julie\AppData\Roaming\NHOGYRI.exe
2015-01-04 21:10 - 2015-01-04 21:10 - 00004368 _____ () C:\WINDOWS\System32\Tasks\NHOGYRI
2015-01-04 21:09 - 2015-01-04 23:18 - 00001354 _____ () C:\WINDOWS\Tasks\QPNL.job
2015-01-04 21:09 - 2015-01-04 21:10 - 00004362 _____ () C:\WINDOWS\System32\Tasks\QPNL
2015-01-04 21:09 - 2015-01-04 21:09 - 01965032 _____ (smart-saverplus) C:\Users\Julie\AppData\Roaming\QPNL.exe
2015-01-04 21:08 - 2015-01-04 21:08 - 01200016 _____ () C:\Users\Julie\Downloads\Player(2).exe
2015-01-04 20:45 - 2015-01-04 20:45 - 00000000 ____D () C:\ProgramData\1887373585
2015-01-04 20:44 - 2015-01-04 20:44 - 00000000 ____D () C:\Users\Julie\AppData\Local\com
2015-01-04 20:35 - 2015-01-05 15:29 - 00001350 _____ () C:\WINDOWS\Tasks\LJ.job
2015-01-04 20:35 - 2015-01-05 13:56 - 00001352 _____ () C:\WINDOWS\Tasks\KII.job
2015-01-04 20:35 - 2015-01-04 22:30 - 00000000 ___HD () C:\Users\Public\Temp
2015-01-04 20:35 - 2015-01-04 21:10 - 01549288 _____ (Enter) C:\Users\Julie\AppData\Roaming\KII.exe
2015-01-04 20:35 - 2015-01-04 21:10 - 00004360 _____ () C:\WINDOWS\System32\Tasks\KII
2015-01-04 20:35 - 2015-01-04 20:35 - 01549288 _____ (HQProVideoV04.01) C:\Users\Julie\AppData\Roaming\LJ.exe
2015-01-04 20:35 - 2015-01-04 20:35 - 00004358 _____ () C:\WINDOWS\System32\Tasks\LJ
2015-01-04 20:35 - 2015-01-04 20:35 - 00000000 ____D () C:\Program Files (x86)\XTab
2015-01-04 20:34 - 2015-01-04 23:18 - 00001706 _____ () C:\WINDOWS\Tasks\YKHICJXT.job
2015-01-04 20:34 - 2015-01-04 23:18 - 00001704 _____ () C:\WINDOWS\Tasks\XSGUXHF.job
2015-01-04 20:34 - 2015-01-04 21:10 - 02047464 _____ (Enter) C:\Users\Julie\AppData\Roaming\YKHICJXT.exe
2015-01-04 20:34 - 2015-01-04 21:10 - 00004714 _____ () C:\WINDOWS\System32\Tasks\YKHICJXT
2015-01-04 20:34 - 2015-01-04 20:35 - 00000000 ____D () C:\Program Files (x86)\Umtayyznhndq1ntz
2015-01-04 20:34 - 2015-01-04 20:34 - 02047464 _____ (HQProVideoV04.01) C:\Users\Julie\AppData\Roaming\XSGUXHF.exe
2015-01-04 20:34 - 2015-01-04 20:34 - 00004714 _____ () C:\WINDOWS\System32\Tasks\XSGUXHF
2015-01-04 20:34 - 2015-01-04 20:34 - 00000000 ____D () C:\Program Files (x86)\Smwyyntm1ndi1zdz
Task: {01369165-1857-40E7-9BF7-218C5D9E5777} - System32\Tasks\NHOGYRI => C:\Users\Julie\AppData\Roaming\NHOGYRI.exe [2015-01-04] (smart-saverplus) <==== ATTENTION
Task: {35B829AB-AAE3-4B2E-B536-1B1AFA213099} - System32\Tasks\YKHICJXT => C:\Users\Julie\AppData\Roaming\YKHICJXT.exe [2015-01-04] (Enter) <==== ATTENTION
Task: {3D2E75E8-F640-4271-A3D2-390E56C73619} - System32\Tasks\KII => C:\Users\Julie\AppData\Roaming\KII.exe [2015-01-04] (Enter) <==== ATTENTION
Task: {4F0FE499-1D0E-4F3B-B7B7-783315A2A8F7} - System32\Tasks\DBLDTXL => C:\Users\Julie\AppData\Roaming\DBLDTXL.exe [2015-01-04] (Cinema HDV04.01) <==== ATTENTION
Task: {565D363D-0E86-43DC-96E2-DCB623CFA492} - System32\Tasks\upfs7235 => C:\PROGRA~2\Flwsrf\upfs7235.exe
Task: {779DDDA7-34B8-497B-A423-AA7F9D63B270} - System32\Tasks\QPNL => C:\Users\Julie\AppData\Roaming\QPNL.exe [2015-01-04] (smart-saverplus) <==== ATTENTION
Task: {856D37B7-CA94-4CE1-A48E-8AA08C02ADF5} - System32\Tasks\{C62EC590-F1DE-44D9-9B53-F744F54E301E} => pcalua.exe -a C:\Users\Julie\AppData\Roaming\omiga-plus\UninstallManager.exe -c -ptid=tugs
Task: {89078F39-FDA4-483B-B3CC-D0845BDF96FA} - System32\Tasks\XSGUXHF => C:\Users\Julie\AppData\Roaming\XSGUXHF.exe [2015-01-04] (HQProVideoV04.01) <==== ATTENTION
Task: {A76480E0-C2C6-4F09-96E8-BF2EB9AE647E} - System32\Tasks\LJ => C:\Users\Julie\AppData\Roaming\LJ.exe [2015-01-04] (HQProVideoV04.01) <==== ATTENTION
Task: {B16677CF-4662-4F8B-8301-AC04154CE3CC} - System32\Tasks\{F7FB3814-469D-41FD-A81C-AB757501215C} => pcalua.exe -a C:\Users\Julie\AppData\Local\BeamriseUninstall\Bootstrapper{1.Y2VqPwRP.100}.exe -c uninstall -slot=1 -bagKey=yikAakHwZJ8U
Task: {CC4E466D-54C4-4E6C-93D9-180227A04C4C} - System32\Tasks\JDDYK => C:\Users\Julie\AppData\Roaming\JDDYK.exe [2015-01-04] (Cinema HDV04.01) <==== ATTENTION
Task: C:\WINDOWS\Tasks\DBLDTXL.job => C:\Users\Julie\AppData\Roaming\DBLDTXL.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\JDDYK.job => C:\Users\Julie\AppData\Roaming\JDDYK.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\KII.job => C:\Users\Julie\AppData\Roaming\KII.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\LJ.job => C:\Users\Julie\AppData\Roaming\LJ.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\NHOGYRI.job => C:\Users\Julie\AppData\Roaming\NHOGYRI.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\QPNL.job => C:\Users\Julie\AppData\Roaming\QPNL.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\XSGUXHF.job => C:\Users\Julie\AppData\Roaming\XSGUXHF.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\YKHICJXT.job => C:\Users\Julie\AppData\Roaming\YKHICJXT.exe <==== ATTENTION



Une fois, le texte coller dans le bloc-note.
Menu Fichier puis Enregistrer sous.
A gauche, place toi sur le bureau.
Dans le champs en bas, nom du fichier mets : fixlist.txt
Clic sur Enregistrer - cela va créer un fichier fixlist.txt sur le bureau.

Relance FRST et clic sur le bouton Fix
Selon comment un redémarrage est nécessaire (pas obligatoire).
Un fichier texte apparaît, copie/colle le contenu ici dans un nouveau message.

Redémarre l'ordinateur

0
Réponse 4 / 6
Aurel78
5 janv. 2015 à 23:06
voici le rapport après la réparation.

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 04-01-2015
Ran by Julie at 2015-01-05 23:04:34 Run:1
Running from C:\Users\Julie\Desktop
Loaded Profile: Julie (Available profiles: Julie)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKLM-x32\...\Run: [mwyyntm1ndi1zdz] => C:\Program Files (x86)\Smwyyntm1ndi1zdz\mwiynzm4ndy1yjz.exe [2385408 2015-01-04] ()
CHR HomePage: Default -> hxxp://isearch.omiga-plus.com/?type=hp&ts=1420399978&from=tugs&uid=ST750LM022XHN-M750MBB_S2UQJ9KD400293 [Pays US - 50.22.218.160]
CHR StartupUrls: Default -> hxxp://isearch.omiga-plus.com/?type=hp&ts=1420399978&from=tugs&uid=ST750LM022XHN-M750MBB_S2UQJ9KD400293 [Pays US - 50.22.218.160]
2015-01-04 22:22 - 2015-01-04 22:22 - 00000000 ____D () C:\Users\Julie\AppData\Roaming\QuickScan
2015-01-04 22:13 - 2015-01-04 22:24 - 00004536 _____ () C:\WINDOWS\SysWOW64\abengine.ini
2015-01-04 22:13 - 2015-01-04 22:24 - 00002416 _____ () C:\WINDOWS\SysWOW64\abengineOff.ini
2015-01-04 22:13 - 2015-01-04 22:24 - 00002416 _____ () C:\WINDOWS\system32\abengineOff.ini
2015-01-04 22:13 - 2015-01-04 22:13 - 00003086 _____ () C:\WINDOWS\System32\Tasks\upfs7235
2015-01-04 22:10 - 2015-01-04 23:18 - 00001360 _____ () C:\WINDOWS\Tasks\DBLDTXL.job
2015-01-04 22:10 - 2015-01-04 22:10 - 01549288 _____ (Cinema HDV04.01) C:\Users\Julie\AppData\Roaming\DBLDTXL.exe
2015-01-04 22:10 - 2015-01-04 22:10 - 00004370 _____ () C:\WINDOWS\System32\Tasks\DBLDTXL
2015-01-04 22:09 - 2015-01-04 23:18 - 00001356 _____ () C:\WINDOWS\Tasks\JDDYK.job
2015-01-04 22:09 - 2015-01-04 22:09 - 02047464 _____ (Cinema HDV04.01) C:\Users\Julie\AppData\Roaming\JDDYK.exe
2015-01-04 22:09 - 2015-01-04 22:09 - 00004366 _____ () C:\WINDOWS\System32\Tasks\JDDYK
2015-01-04 21:58 - 2015-01-04 21:58 - 00003886 _____ () C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-01-04 21:15 - 2015-01-05 22:24 - 00001002 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-01-04 21:15 - 2015-01-04 21:15 - 00003890 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-01-04 21:10 - 2015-01-05 15:00 - 00001360 _____ () C:\WINDOWS\Tasks\NHOGYRI.job
2015-01-04 21:10 - 2015-01-04 21:10 - 01330664 _____ (smart-saverplus) C:\Users\Julie\AppData\Roaming\NHOGYRI.exe
2015-01-04 21:10 - 2015-01-04 21:10 - 00004368 _____ () C:\WINDOWS\System32\Tasks\NHOGYRI
2015-01-04 21:09 - 2015-01-04 23:18 - 00001354 _____ () C:\WINDOWS\Tasks\QPNL.job
2015-01-04 21:09 - 2015-01-04 21:10 - 00004362 _____ () C:\WINDOWS\System32\Tasks\QPNL
2015-01-04 21:09 - 2015-01-04 21:09 - 01965032 _____ (smart-saverplus) C:\Users\Julie\AppData\Roaming\QPNL.exe
2015-01-04 21:08 - 2015-01-04 21:08 - 01200016 _____ () C:\Users\Julie\Downloads\Player(2).exe
2015-01-04 20:45 - 2015-01-04 20:45 - 00000000 ____D () C:\ProgramData\1887373585
2015-01-04 20:44 - 2015-01-04 20:44 - 00000000 ____D () C:\Users\Julie\AppData\Local\com
2015-01-04 20:35 - 2015-01-05 15:29 - 00001350 _____ () C:\WINDOWS\Tasks\LJ.job
2015-01-04 20:35 - 2015-01-05 13:56 - 00001352 _____ () C:\WINDOWS\Tasks\KII.job
2015-01-04 20:35 - 2015-01-04 22:30 - 00000000 ___HD () C:\Users\Public\Temp
2015-01-04 20:35 - 2015-01-04 21:10 - 01549288 _____ (Enter) C:\Users\Julie\AppData\Roaming\KII.exe
2015-01-04 20:35 - 2015-01-04 21:10 - 00004360 _____ () C:\WINDOWS\System32\Tasks\KII
2015-01-04 20:35 - 2015-01-04 20:35 - 01549288 _____ (HQProVideoV04.01) C:\Users\Julie\AppData\Roaming\LJ.exe
2015-01-04 20:35 - 2015-01-04 20:35 - 00004358 _____ () C:\WINDOWS\System32\Tasks\LJ
2015-01-04 20:35 - 2015-01-04 20:35 - 00000000 ____D () C:\Program Files (x86)\XTab
2015-01-04 20:34 - 2015-01-04 23:18 - 00001706 _____ () C:\WINDOWS\Tasks\YKHICJXT.job
2015-01-04 20:34 - 2015-01-04 23:18 - 00001704 _____ () C:\WINDOWS\Tasks\XSGUXHF.job
2015-01-04 20:34 - 2015-01-04 21:10 - 02047464 _____ (Enter) C:\Users\Julie\AppData\Roaming\YKHICJXT.exe
2015-01-04 20:34 - 2015-01-04 21:10 - 00004714 _____ () C:\WINDOWS\System32\Tasks\YKHICJXT
2015-01-04 20:34 - 2015-01-04 20:35 - 00000000 ____D () C:\Program Files (x86)\Umtayyznhndq1ntz
2015-01-04 20:34 - 2015-01-04 20:34 - 02047464 _____ (HQProVideoV04.01) C:\Users\Julie\AppData\Roaming\XSGUXHF.exe
2015-01-04 20:34 - 2015-01-04 20:34 - 00004714 _____ () C:\WINDOWS\System32\Tasks\XSGUXHF
2015-01-04 20:34 - 2015-01-04 20:34 - 00000000 ____D () C:\Program Files (x86)\Smwyyntm1ndi1zdz
Task: {01369165-1857-40E7-9BF7-218C5D9E5777} - System32\Tasks\NHOGYRI => C:\Users\Julie\AppData\Roaming\NHOGYRI.exe [2015-01-04] (smart-saverplus) <==== ATTENTION
Task: {35B829AB-AAE3-4B2E-B536-1B1AFA213099} - System32\Tasks\YKHICJXT => C:\Users\Julie\AppData\Roaming\YKHICJXT.exe [2015-01-04] (Enter) <==== ATTENTION
Task: {3D2E75E8-F640-4271-A3D2-390E56C73619} - System32\Tasks\KII => C:\Users\Julie\AppData\Roaming\KII.exe [2015-01-04] (Enter) <==== ATTENTION
Task: {4F0FE499-1D0E-4F3B-B7B7-783315A2A8F7} - System32\Tasks\DBLDTXL => C:\Users\Julie\AppData\Roaming\DBLDTXL.exe [2015-01-04] (Cinema HDV04.01) <==== ATTENTION
Task: {565D363D-0E86-43DC-96E2-DCB623CFA492} - System32\Tasks\upfs7235 => C:\PROGRA~2\Flwsrf\upfs7235.exe
Task: {779DDDA7-34B8-497B-A423-AA7F9D63B270} - System32\Tasks\QPNL => C:\Users\Julie\AppData\Roaming\QPNL.exe [2015-01-04] (smart-saverplus) <==== ATTENTION
Task: {856D37B7-CA94-4CE1-A48E-8AA08C02ADF5} - System32\Tasks\{C62EC590-F1DE-44D9-9B53-F744F54E301E} => pcalua.exe -a C:\Users\Julie\AppData\Roaming\omiga-plus\UninstallManager.exe -c -ptid=tugs
Task: {89078F39-FDA4-483B-B3CC-D0845BDF96FA} - System32\Tasks\XSGUXHF => C:\Users\Julie\AppData\Roaming\XSGUXHF.exe [2015-01-04] (HQProVideoV04.01) <==== ATTENTION
Task: {A76480E0-C2C6-4F09-96E8-BF2EB9AE647E} - System32\Tasks\LJ => C:\Users\Julie\AppData\Roaming\LJ.exe [2015-01-04] (HQProVideoV04.01) <==== ATTENTION
Task: {B16677CF-4662-4F8B-8301-AC04154CE3CC} - System32\Tasks\{F7FB3814-469D-41FD-A81C-AB757501215C} => pcalua.exe -a C:\Users\Julie\AppData\Local\BeamriseUninstall\Bootstrapper{1.Y2VqPwRP.100}.exe -c uninstall -slot=1 -bagKey=yikAakHwZJ8U
Task: {CC4E466D-54C4-4E6C-93D9-180227A04C4C} - System32\Tasks\JDDYK => C:\Users\Julie\AppData\Roaming\JDDYK.exe [2015-01-04] (Cinema HDV04.01) <==== ATTENTION
Task: C:\WINDOWS\Tasks\DBLDTXL.job => C:\Users\Julie\AppData\Roaming\DBLDTXL.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\JDDYK.job => C:\Users\Julie\AppData\Roaming\JDDYK.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\KII.job => C:\Users\Julie\AppData\Roaming\KII.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\LJ.job => C:\Users\Julie\AppData\Roaming\LJ.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\NHOGYRI.job => C:\Users\Julie\AppData\Roaming\NHOGYRI.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\QPNL.job => C:\Users\Julie\AppData\Roaming\QPNL.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\XSGUXHF.job => C:\Users\Julie\AppData\Roaming\XSGUXHF.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\YKHICJXT.job => C:\Users\Julie\AppData\Roaming\YKHICJXT.exe <==== ATTENTION
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\mwyyntm1ndi1zdz => value deleted successfully.
Chrome HomePage deleted successfully.
Chrome StartupUrls deleted successfully.
C:\Users\Julie\AppData\Roaming\QuickScan => Moved successfully.
C:\WINDOWS\SysWOW64\abengine.ini => Moved successfully.
C:\WINDOWS\SysWOW64\abengineOff.ini => Moved successfully.
C:\WINDOWS\system32\abengineOff.ini => Moved successfully.
C:\WINDOWS\System32\Tasks\upfs7235 => Moved successfully.
C:\WINDOWS\Tasks\DBLDTXL.job => Moved successfully.
C:\Users\Julie\AppData\Roaming\DBLDTXL.exe => Moved successfully.
C:\WINDOWS\System32\Tasks\DBLDTXL => Moved successfully.
C:\WINDOWS\Tasks\JDDYK.job => Moved successfully.
C:\Users\Julie\AppData\Roaming\JDDYK.exe => Moved successfully.
C:\WINDOWS\System32\Tasks\JDDYK => Moved successfully.
C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task => Moved successfully.
C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater => Moved successfully.
C:\WINDOWS\Tasks\NHOGYRI.job => Moved successfully.
C:\Users\Julie\AppData\Roaming\NHOGYRI.exe => Moved successfully.
C:\WINDOWS\System32\Tasks\NHOGYRI => Moved successfully.
C:\WINDOWS\Tasks\QPNL.job => Moved successfully.
C:\WINDOWS\System32\Tasks\QPNL => Moved successfully.
C:\Users\Julie\AppData\Roaming\QPNL.exe => Moved successfully.
C:\Users\Julie\Downloads\Player(2).exe => Moved successfully.
C:\ProgramData\1887373585 => Moved successfully.
C:\Users\Julie\AppData\Local\com => Moved successfully.
C:\WINDOWS\Tasks\LJ.job => Moved successfully.
C:\WINDOWS\Tasks\KII.job => Moved successfully.
C:\Users\Public\Temp => Moved successfully.
C:\Users\Julie\AppData\Roaming\KII.exe => Moved successfully.
C:\WINDOWS\System32\Tasks\KII => Moved successfully.
C:\Users\Julie\AppData\Roaming\LJ.exe => Moved successfully.
C:\WINDOWS\System32\Tasks\LJ => Moved successfully.
C:\Program Files (x86)\XTab => Moved successfully.
C:\WINDOWS\Tasks\YKHICJXT.job => Moved successfully.
C:\WINDOWS\Tasks\XSGUXHF.job => Moved successfully.
C:\Users\Julie\AppData\Roaming\YKHICJXT.exe => Moved successfully.
C:\WINDOWS\System32\Tasks\YKHICJXT => Moved successfully.
C:\Program Files (x86)\Umtayyznhndq1ntz => Moved successfully.
C:\Users\Julie\AppData\Roaming\XSGUXHF.exe => Moved successfully.
C:\WINDOWS\System32\Tasks\XSGUXHF => Moved successfully.
C:\Program Files (x86)\Smwyyntm1ndi1zdz => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{01369165-1857-40E7-9BF7-218C5D9E5777}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{01369165-1857-40E7-9BF7-218C5D9E5777}" => Key deleted successfully.
C:\Windows\System32\Tasks\NHOGYRI not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NHOGYRI" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{35B829AB-AAE3-4B2E-B536-1B1AFA213099}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{35B829AB-AAE3-4B2E-B536-1B1AFA213099}" => Key deleted successfully.
C:\Windows\System32\Tasks\YKHICJXT not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\YKHICJXT" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3D2E75E8-F640-4271-A3D2-390E56C73619}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3D2E75E8-F640-4271-A3D2-390E56C73619}" => Key deleted successfully.
C:\Windows\System32\Tasks\KII not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\KII" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4F0FE499-1D0E-4F3B-B7B7-783315A2A8F7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4F0FE499-1D0E-4F3B-B7B7-783315A2A8F7}" => Key deleted successfully.
C:\Windows\System32\Tasks\DBLDTXL not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DBLDTXL" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{565D363D-0E86-43DC-96E2-DCB623CFA492}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{565D363D-0E86-43DC-96E2-DCB623CFA492}" => Key deleted successfully.
C:\Windows\System32\Tasks\upfs7235 not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\upfs7235" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{779DDDA7-34B8-497B-A423-AA7F9D63B270}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{779DDDA7-34B8-497B-A423-AA7F9D63B270}" => Key deleted successfully.
C:\Windows\System32\Tasks\QPNL not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\QPNL" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{856D37B7-CA94-4CE1-A48E-8AA08C02ADF5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{856D37B7-CA94-4CE1-A48E-8AA08C02ADF5}" => Key deleted successfully.
C:\Windows\System32\Tasks\{C62EC590-F1DE-44D9-9B53-F744F54E301E} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C62EC590-F1DE-44D9-9B53-F744F54E301E}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{89078F39-FDA4-483B-B3CC-D0845BDF96FA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{89078F39-FDA4-483B-B3CC-D0845BDF96FA}" => Key deleted successfully.
C:\Windows\System32\Tasks\XSGUXHF not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\XSGUXHF" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A76480E0-C2C6-4F09-96E8-BF2EB9AE647E}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A76480E0-C2C6-4F09-96E8-BF2EB9AE647E}" => Key deleted successfully.
C:\Windows\System32\Tasks\LJ not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LJ" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B16677CF-4662-4F8B-8301-AC04154CE3CC}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B16677CF-4662-4F8B-8301-AC04154CE3CC}" => Key deleted successfully.
C:\Windows\System32\Tasks\{F7FB3814-469D-41FD-A81C-AB757501215C} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F7FB3814-469D-41FD-A81C-AB757501215C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CC4E466D-54C4-4E6C-93D9-180227A04C4C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CC4E466D-54C4-4E6C-93D9-180227A04C4C}" => Key deleted successfully.
C:\Windows\System32\Tasks\JDDYK not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\JDDYK" => Key deleted successfully.
C:\WINDOWS\Tasks\DBLDTXL.job not found.
C:\WINDOWS\Tasks\JDDYK.job not found.
C:\WINDOWS\Tasks\KII.job not found.
C:\WINDOWS\Tasks\LJ.job not found.
C:\WINDOWS\Tasks\NHOGYRI.job not found.
C:\WINDOWS\Tasks\QPNL.job not found.
C:\WINDOWS\Tasks\XSGUXHF.job not found.
C:\WINDOWS\Tasks\YKHICJXT.job not found.

==== End of Fixlog 23:04:40 ====
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 6
Aurel78
5 janv. 2015 à 23:11
Je viens de relancer. Tout fonctionne, merci beaucoup pour ton aide.
0
Réponse 6 / 6
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 651
6 janv. 2015 à 09:17
ok :)


Voila, c'est terminé, tu peux supprimer les programmes utilisés.

Quelques conseils :


Installe Malwarebyte's Anti-Malware : https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
Fais des scans réguliers avec, il est efficace.
(sauf si tu es sur un netbook)

Pour prévenir les sites malicieux, tu peux installer Blockulicious : https://forum.malekal.com/viewtopic.php?t=46656&start=


Pour ne plus te faire avoir.
A lire - Programmes parasites / PUPs : https://www.malekal.com/adwares-pup-protection/

0
fred
27 avril 2015 à 00:13
bonjour j ai aussi un souci voici ce que vous demander pour pouvoir analyser..
merci de votre aide

http://pjjoint.malekal.com/files.php?id=20150427_k13k8d14p12q7

http://pjjoint.malekal.com/files.php?id=20150427_x9j13e14f15m7

http://pjjoint.malekal.com/files.php?id=20150427_e11c5l5o6h12
0
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 651
27 avril 2015 à 07:44
Salut,



Voici la correction à effectuer avec FRST.
Tu peux t'inspirer de cette note explicative avec des captures d'écran pour t'aider: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/#fix

Ouvre le bloc-notes : Touche Windows + R, dans le champs executer, tape notepad et OK.
Copie/colle dedans ce qui suit :


HKLM-x32\...\Run: [mbot_fr_565] => [X]
HKLM-x32\...\Run: [gmsd_fr_362] => [X]
HKLM-x32\...\Run: [gmsd_fr_358] => [X]
HKLM-x32\...\Run: [gmsd_fr_365] => [X]
Winsock: Catalog9 01 C:\windows\SysWOW64\VCL.dll [335064 2015-03-31] (VC Corporation)
Winsock: Catalog9 02 C:\windows\SysWOW64\VCL.dll [335064 2015-03-31] (VC Corporation)
Winsock: Catalog9 03 C:\windows\SysWOW64\VCL.dll [335064 2015-03-31] (VC Corporation)
Winsock: Catalog9 04 C:\windows\SysWOW64\VCL.dll [335064 2015-03-31] (VC Corporation)
Winsock: Catalog9 16 C:\windows\SysWOW64\VCL.dll [335064 2015-03-31] (VC Corporation)
HKLM-x32\...\Run: [mwyyntm1ndi1zdz] => C:\Program Files (x86)\Smwyyntm1ndi1zdz\y2iymzj2y3m2bdd.exe [2388480 2015-04-26] ()
FF HKLM-x32\...\Firefox\Extensions: [fftoolbar2014@etech.com] - C:\Users\BCG\AppData\Roaming\Mozilla\Firefox\Profiles\mephx8pv.default\extensions\fftoolbar2014@etech.com
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\BCG\AppData\Roaming\Mozilla\Firefox\Profiles\mephx8pv.default\extensions\faststartff@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [searchengine@gmail.com] - C:\Users\BCG\AppData\Roaming\Mozilla\Firefox\Profiles\mephx8pv.default\extensions\searchengine@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [istart_ffnt@gmail.com] - C:\Users\BCG\AppData\Roaming\Mozilla\Firefox\Profiles\mephx8pv.default\extensions\istart_ffnt@gmail.com
R2 IHProtect Service; C:\Program Files (x86)\XTab\ProtectService.exe [158816 2015-03-16] (XTab system)
R2 UniversalUpdater; C:\Program Files (x86)\Umtayyznhndq1ntz\mwmyzjmzngu1mdy.exe [709120 2015-03-31] () [File not signed]
S4 lomemuwe; C:\Users\BCG\AppData\Roaming\ABF0C328-1427810872-11E0-BA87-2485BF0C503B\nsy5369.tmp [X]
S4 nypikyjy; C:\Users\BCG\AppData\Roaming\ABF0C328-1427810872-11E0-BA87-2485BF0C503B\jnsb8622.tmp [X]
S2 Orbiter; C:/Program Files (x86)/ORBTR/orbiter.dll [X]
S2 Update PathMaxx; C:\Program Files (x86)\PathMaxx\updatePathMaxx.exe [X]
2015-04-26 20:36 - 2015-04-26 23:32 - 00000000 ____D () C:\Program Files (x86)\Smwyyntm1ndi1zdz
2015-04-01 16:31 - 2015-04-01 16:32 - 00001328 _____ () C:\windows\Tasks\DVGAN.job
2015-04-01 16:31 - 2015-04-01 16:31 - 00007184 _____ () C:\windows\System32\Tasks\temp_1fbd11ed-2bfb-4782-b8fc-1d379461c127-6
2015-04-01 16:31 - 2015-04-01 16:31 - 00006496 _____ () C:\windows\System32\Tasks\1fbd11ed-2bfb-4782-b8fc-1d379461c127-4
2015-04-01 16:31 - 2015-04-01 16:31 - 00004460 _____ () C:\windows\Tasks\1fbd11ed-2bfb-4782-b8fc-1d379461c127-4.job
2015-04-01 16:31 - 2015-04-01 16:31 - 00004346 _____ () C:\windows\System32\Tasks\DVGAN
2015-04-01 16:31 - 2015-04-01 16:31 - 00003452 _____ () C:\windows\System32\Tasks\ProPCCleaner_Popup
2015-04-01 16:31 - 2015-04-01 16:31 - 00003186 _____ () C:\windows\System32\Tasks\ProPCCleaner_Start
2015-04-01 16:30 - 2015-04-01 16:32 - 00001678 _____ () C:\windows\Tasks\ZKQHAXFZ.job
2015-04-01 16:30 - 2015-04-01 16:32 - 00001678 _____ () C:\windows\Tasks\PUKYLKRG.job
2015-04-01 16:30 - 2015-04-01 16:32 - 00001326 _____ () C:\windows\Tasks\VEKR.job
2015-04-01 16:30 - 2015-04-01 16:30 - 00004696 _____ () C:\windows\System32\Tasks\ZKQHAXFZ
2015-04-01 16:30 - 2015-04-01 16:30 - 00004696 _____ () C:\windows\System32\Tasks\PUKYLKRG
2015-04-01 16:30 - 2015-04-01 16:30 - 00004344 _____ () C:\windows\System32\Tasks\VEKR
2015-04-01 16:29 - 2015-04-01 16:29 - 00745472 _____ () C:\windows\fcr.dat
2015-04-01 16:29 - 2015-04-01 16:29 - 00458240 _____ () C:\windows\mfcr.exe
2015-04-01 16:29 - 2015-04-01 16:29 - 00004006 _____ () C:\windows\System32\Tasks\LaunchSignup
2015-04-01 16:29 - 2015-04-01 16:29 - 00003278 _____ () C:\windows\System32\Tasks\aPbBcfTYw0EAMMI
2015-04-01 16:29 - 2015-04-01 16:29 - 00003236 _____ () C:\windows\System32\Tasks\TVjlOnDYelZYvbP
2015-04-01 16:29 - 2015-04-01 16:29 - 00003234 _____ () C:\windows\System32\Tasks\Z0GSBJeu3D7R0ql
2015-04-01 16:28 - 2015-04-01 16:29 - 00521216 _____ () C:\windows\fcr.exe
2015-04-01 16:28 - 2015-04-01 16:28 - 00003546 _____ () C:\windows\System32\Tasks\TQHPUTIBUB
2015-03-31 23:31 - 2015-03-31 23:31 - 00001463 _____ () C:\Users\BCG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-03-31 18:56 - 2015-04-03 18:56 - 00000376 _____ () C:\windows\Tasks\APSnotifierPP3.job
2015-03-31 18:56 - 2015-04-01 18:56 - 00000376 _____ () C:\windows\Tasks\APSnotifierPP2.job
2015-03-31 18:56 - 2015-03-31 18:56 - 00002822 _____ () C:\windows\System32\Tasks\APSnotifierPP3
2015-03-31 18:56 - 2015-03-31 18:56 - 00002822 _____ () C:\windows\System32\Tasks\APSnotifierPP2
2015-03-31 18:40 - 2015-04-01 16:23 - 00001326 _____ () C:\windows\Tasks\NEWL.job
2015-03-31 18:40 - 2015-03-31 18:40 - 00004344 _____ () C:\windows\System32\Tasks\NEWL
2015-03-31 18:39 - 2015-04-01 16:23 - 00001678 _____ () C:\windows\Tasks\WDGGYEVU.job
2015-03-31 18:39 - 2015-03-31 18:39 - 00004696 _____ () C:\windows\System32\Tasks\WDGGYEVU
2015-03-31 18:36 - 2015-04-01 16:23 - 00001330 _____ () C:\windows\Tasks\JRPYSO.job
2015-03-31 18:36 - 2015-03-31 18:37 - 00004348 _____ () C:\windows\System32\Tasks\JRPYSO
2015-03-31 18:30 - 2015-04-01 16:59 - 00002196 _____ () C:\Users\BCG\Desktop\chrome.lnk
2015-03-31 18:20 - 2015-03-31 18:20 - 00003140 _____ () C:\windows\System32\Tasks\{079994B9-1342-49D1-9F17-28FE5531B887}
2015-03-31 18:16 - 2015-03-31 18:16 - 00001642 _____ () C:\windows\SysWOW64\${LOGFILE}
2015-03-31 17:33 - 2015-03-31 18:38 - 00000000 ____D () C:\Program Files (x86)\Software
2015-03-31 17:31 - 2015-03-31 23:30 - 00000378 _____ () C:\windows\Tasks\APSnotifierPP1.job
2015-03-31 17:31 - 2015-03-31 18:56 - 00002824 _____ () C:\windows\System32\Tasks\APSnotifierPP1
2015-03-31 17:31 - 2015-03-31 18:07 - 00001928 _____ () C:\windows\patsearch.bin
2015-03-31 17:31 - 2015-03-31 17:31 - 00000000 ____H () C:\windows\system32\Drivers\Msft_Kernel_webTinstMKTN_01009.Wdf
2015-03-31 17:30 - 2015-03-31 17:30 - 00000000 __SHD () C:\Users\BCG\AppData\Roaming\AnyProtectEx
2015-03-31 17:04 - 2015-03-31 20:08 - 00000004 _____ () C:\windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-03-31 16:25 - 2015-03-31 16:26 - 00000000 ____D () C:\Program Files (x86)\XTab
2015-03-31 16:24 - 2015-03-31 18:41 - 00008448 _____ () C:\windows\SysWOW64\VCLOff.ini
2015-03-31 16:24 - 2015-03-31 18:41 - 00008448 _____ () C:\windows\system32\VCLOff.ini
2015-03-31 16:23 - 2015-04-01 16:23 - 00001676 _____ () C:\windows\Tasks\RRUOJVE.job
2015-03-31 16:23 - 2015-04-01 16:23 - 00001322 _____ () C:\windows\Tasks\FA.job
2015-03-31 16:23 - 2015-03-31 16:23 - 00004694 _____ () C:\windows\System32\Tasks\RRUOJVE
2015-03-31 16:23 - 2015-03-31 16:23 - 00004340 _____ () C:\windows\System32\Tasks\FA
2015-03-31 16:23 - 2015-03-20 15:54 - 00335064 _____ (VC Corporation) C:\windows\SysWOW64\VCL.dll
2015-03-31 16:20 - 2015-03-31 16:20 - 00004022 _____ () C:\windows\System32\Tasks\SmartWeb Upgrade Trigger Task
2015-03-31 16:07 - 2015-03-30 18:30 - 00048776 _____ (StdLib) C:\windows\system32\Drivers\{61bc9620-8c15-4bf6-b992-006d0996a7bb}Gw64.sys
2015-03-31 16:04 - 2015-04-12 13:09 - 00000000 ____D () C:\Program Files (x86)\Umtayyznhndq1ntz
2015-03-31 16:03 - 2015-03-31 16:03 - 00003136 _____ () C:\windows\System32\Tasks\Run_Bobby_Browser
2015-03-30 23:04 - 2015-04-04 16:09 - 00000000 ____D () C:\Users\BCG\AppData\Roaming\ImgBurn
2015-03-30 08:42 - 2015-03-30 08:42 - 00000000 _____ () C:\windows\SysWOW64\sho7BA2.tmp
2015-03-31 23:29 - 2015-03-25 21:52 - 00000000 ____D () C:\Users\BCG\AppData\Roaming\Internet-Controller
Task: {116790B6-E786-4E2A-BFC2-B20678FE396C} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
Task: {119D2FF5-C37D-4692-A8F6-2CDBF6EEDB74} - System32\Tasks\1fbd11ed-2bfb-4782-b8fc-1d379461c127-4 => C:\Program Files (x86)\Sm23mS\1fbd11ed-2bfb-4782-b8fc-1d379461c127-4.exe <==== ATTENTION
Task: {1579EE1D-6587-463E-AA70-013DFB7EE548} - System32\Tasks\PUKYLKRG => C:\Users\BCG\AppData\Roaming\PUKYLKRG.exe <==== ATTENTION
Task: {23FE1B03-F568-4691-9EAA-4403E605EC18} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {2A2C2CE8-F110-458F-8664-E3B3A6E67F45} - System32\Tasks\SmartWeb Upgrade Trigger Task => C:\Users\BCG\AppData\Local\SmartWeb\SmartWebHelper.exe <==== ATTENTION
Task: {3512B02E-AD1F-4A6E-A18E-BA4DADE8AA98} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {48012C8F-00EB-44DC-9756-455ED43B2C15} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {5408235C-358E-4C8C-9A3A-D30D5DD428C2} - System32\Tasks\VEKR => C:\Users\BCG\AppData\Roaming\VEKR.exe <==== ATTENTION
Task: {56737AC4-4672-4644-A1FB-DDA6DD070BCA} - System32\Tasks\TVjlOnDYelZYvbP => C:\Users\BCG\AppData\Roaming\g6gzCH1\bETMFIz.exe
Task: {5BF73BB4-7092-4280-839C-F4B4E2FFFD00} - System32\Tasks\NEWL => C:\Users\BCG\AppData\Roaming\NEWL.exe <==== ATTENTION
Task: {5C5AEA22-B4D1-424F-8798-24AE2112A62E} - System32\Tasks\temp_1fbd11ed-2bfb-4782-b8fc-1d379461c127-6 => C:\Program Files (x86)\Sm23mS\1fbd11ed-2bfb-4782-b8fc-1d379461c127-6.exe <==== ATTENTION
Task: {60E80CC2-DCC1-4D6F-9BD6-17958767BF0D} - System32\Tasks\ProPCCleaner_Start => C:\Program Files (x86)\Pro PC Cleaner\ProPCCleaner.exe <==== ATTENTION
Task: {6D8B663C-180B-413A-BE37-8A59166D5D0E} - System32\Tasks\Run_Bobby_Browser => C:\Users\BCG\AppData\Local\BoBrowser\Application\bobrowser.exe <==== ATTENTION
Task: {6F69C546-3F3D-46AF-A9F3-2863C56628E8} - System32\Tasks\ZKQHAXFZ => C:\Users\BCG\AppData\Roaming\ZKQHAXFZ.exe <==== ATTENTION
Task: {7BE26EE5-B474-41C8-A933-45BF02BC0E22} - System32\Tasks\TQHPUTIBUB => C:\ProgramData\c23f8769a0bb48b69b1f10fa17020bc6\c23f8769a0bb48b69b1f10fa17020bc6.exe
Task: {7FF6ABFA-FC25-4A66-9B6F-8353EF056569} - System32\Tasks\ProPCCleaner_Popup => C:\Program Files (x86)\Pro PC Cleaner\Splash.exe <==== ATTENTION
Task: {8E4CCBA6-F883-4012-989D-1FD1F6C00B3C} - System32\Tasks\WDGGYEVU => C:\Users\BCG\AppData\Roaming\WDGGYEVU.exe <==== ATTENTION
Task: {A03650AC-06E7-4AA0-813C-AD06B5F809EE} - System32\Tasks\WSE_Astromenda => C:\Users\BCG\AppData\Roaming\WSE_AS~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {A445A4C3-6168-48AF-A5D0-F4842B4E712E} - System32\Tasks\RRUOJVE => C:\Users\BCG\AppData\Roaming\RRUOJVE.exe <==== ATTENTION
Task: {A7C4C69B-D83F-4E31-AE96-38F8F734454C} - System32\Tasks\FA => C:\Users\BCG\AppData\Roaming\FA.exe <==== ATTENTION
Task: {BA5C0CAE-27D7-47DA-8C85-EF17A1280ED7} - System32\Tasks\Z0GSBJeu3D7R0ql => C:\Users\BCG\AppData\Roaming\vxGpv4r\1O46Bn8.exe
Task: {CFF21541-0B0D-411D-8421-B9B58AB9DF0F} - System32\Tasks\JRPYSO => C:\Users\BCG\AppData\Roaming\JRPYSO.exe <==== ATTENTION
Task: {D878526C-D17B-46E1-BEB7-397A163B6782} - System32\Tasks\DVGAN => C:\Users\BCG\AppData\Roaming\DVGAN.exe <==== ATTENTION
Task: {F9BF2C11-CB99-4DC9-B1CD-BD3F37D267E8} - System32\Tasks\aPbBcfTYw0EAMMI => C:\Users\BCG\AppData\Roaming\HbsL25u\vi9lbZE.exe
Task: C:\windows\Tasks\1fbd11ed-2bfb-4782-b8fc-1d379461c127-4.job => C:\Program Files (x86)\Sm23mS\1fbd11ed-2bfb-4782-b8fc-1d379461c127-4.exe <==== ATTENTION
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\windows\Tasks\DVGAN.job => C:\Users\BCG\AppData\Roaming\DVGAN.exe <==== ATTENTION
Task: C:\windows\Tasks\FA.job => C:\Users\BCG\AppData\Roaming\FA.exe <==== ATTENTION
Task: C:\windows\Tasks\JRPYSO.job => C:\Users\BCG\AppData\Roaming\JRPYSO.exe <==== ATTENTION
Task: C:\windows\Tasks\NEWL.job => C:\Users\BCG\AppData\Roaming\NEWL.exe <==== ATTENTION
Task: C:\windows\Tasks\PUKYLKRG.job => C:\Users\BCG\AppData\Roaming\PUKYLKRG.exe <==== ATTENTION
Task: C:\windows\Tasks\RRUOJVE.job => C:\Users\BCG\AppData\Roaming\RRUOJVE.exe <==== ATTENTION
Task: C:\windows\Tasks\VEKR.job => C:\Users\BCG\AppData\Roaming\VEKR.exe <==== ATTENTION
Task: C:\windows\Tasks\WDGGYEVU.job => C:\Users\BCG\AppData\Roaming\WDGGYEVU.exe <==== ATTENTION
Task: C:\windows\Tasks\WSE_Astromenda.job => C:\Users\BCG\AppData\Roaming\WSE_AS~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\windows\Tasks\ZKQHAXFZ.job => C:\Users\BCG\AppData\Roaming\ZKQHAXFZ.exe <==== ATTENTION
cmd: netsh winsock reset

Une fois, le texte coller dans le bloc-note.
Menu Fichier puis Enregistrer sous.
A gauche, place toi sur le bureau.

Dans le champs en bas, nom du fichier mets : fixlist.txt
Clic sur Enregistrer - cela va créer un fichier fixlist.txt sur le bureau.

Relance FRST qui doit se trouver sur le bureau et clic sur le bouton Fix
Selon comment un redémarrage est nécessaire (pas obligatoire).
Un fichier texte apparaît, copie/colle le contenu ici dans un nouveau message.

Redémarre l'ordinateur


puis réinitialise tes navigateurs:
==================================
Réinitialise tes navigateurs et ou manuellement reparamètre tes navigateurs WEB (page de démarrage, moteur de recherche etc) mais aussi supprimer/désactiver les extensions inutiles/parasites :
0
fred
27 avril 2015 à 20:38
super merci beaucoup c est super cool de votre part
0
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 651
27 avril 2015 à 20:51
Tu as fait les manips ?
0

Discussions similaires

FOTOSE (allemagne)
lix -
pierre -

12 réponses
35 GO à l'étranger
Laurence -
Laurence -

2 réponses
Vérifier que le server freebox est bien connecté à internet
Fatfa265 -
Pierr10 -

1 réponse
Votre Freebox Server n'est actuellement pas connecté à Internet
doucette -
Ty -

15 réponses
Recevoir le code pour bénéficier de l internet gratuit
Jeannette ma fee -
Pierrecastor -

3 réponses