Lecture FRST pour résoudre une pollution pub sur mon PC
Fuzuke
Messages postés
3
Date d'inscription
Statut
Membre
Dernière intervention
-
Destrio5 Messages postés 85985 Date d'inscription Statut Modérateur Dernière intervention -
Destrio5 Messages postés 85985 Date d'inscription Statut Modérateur Dernière intervention -
Bonjour à tous.
Après avoir longuement cherché a résoudre le problème de mon père qui a - en plus du reste- une fenêtre intempestive "you are missing a plugin to play the video". Inefficace: ccleaner, adwcleaner, malwareantimalware plus son antivirus microsoft essentiel.
J'ai trouvé par CCM le tutorial Farbar Recovery Scan Tool et je l'ai appliqué jusqu'à l'obtention des liens grâce à pjjointmalekal.com.
1: A partir de là, on se sent bien seul... Pourriez-vous, svp, y jeter un oeil et m'envoyer un correctif???
2: Existe t-il un correcteur automatique pour que des personnes comme moi ne viennent vous embêter avec des choses qui sont certainement bateau pour vous?
Merci d'avance pour les réponses, affirmatives ou non.
kernavo!
Fuzuke. (un manga rigolot)
Après avoir longuement cherché a résoudre le problème de mon père qui a - en plus du reste- une fenêtre intempestive "you are missing a plugin to play the video". Inefficace: ccleaner, adwcleaner, malwareantimalware plus son antivirus microsoft essentiel.
J'ai trouvé par CCM le tutorial Farbar Recovery Scan Tool et je l'ai appliqué jusqu'à l'obtention des liens grâce à pjjointmalekal.com.
1: A partir de là, on se sent bien seul... Pourriez-vous, svp, y jeter un oeil et m'envoyer un correctif???
2: Existe t-il un correcteur automatique pour que des personnes comme moi ne viennent vous embêter avec des choses qui sont certainement bateau pour vous?
Merci d'avance pour les réponses, affirmatives ou non.
kernavo!
Fuzuke. (un manga rigolot)
A voir également:
- Lecture FRST pour résoudre une pollution pub sur mon PC
- Mon pc est lent - Guide
- Telecharger downloader pour pc - Télécharger - Téléchargement & Transfert
- Lecture epub sur pc - Guide
- Zuma pour pc - Télécharger - Jeux vidéo
- Plus de son sur mon pc - Guide
3 réponses
Fais un scan avec RogueKiller puis transmets-moi le rapport :
https://www.commentcamarche.net/faq/30719-utiliser-roguekiller
https://www.commentcamarche.net/faq/30719-utiliser-roguekiller
voici le rapport de RogueKiller:
RogueKiller V10.4.1.0 [Feb 19 2015] par Adlice Software
Mail : https://www.adlice.com/contact/
Remontées : https://forum.adlice.com/
Site Web : https://www.adlice.com/fr/roguekiller/
Blog : https://www.adlice.com/
Système d'exploitation : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Démarrage : Mode normal
Utilisateur : remi [Droits d'admin]
Mode : Recherche -- Date : 02/20/2015 10:51:56
¤¤¤ Processus malicieux : 1 ¤¤¤
[Suspicious.Path] (SVC) MpKsl00f585f9 -- \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CCDC2820-E915-4ADB-AEC9-8171B983B232}\MpKsl00f585f9.sys[7] -> STOPPÉ
¤¤¤ Entrées de registre : 14 ¤¤¤
[Suspicious.Path] HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce | {90120000-0011-0000-0000-0000000FF1CE} : C:\Windows\system32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:H -> TROUVÉ
[Suspicious.Path] HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce | {91120000-0019-0000-0000-0000000FF1CE} : C:\Windows\system32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:H -> TROUVÉ
[Suspicious.Path] HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce | {90120000-0011-0000-0000-0000000FF1CE} : C:\Windows\system32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:H -> TROUVÉ
[Suspicious.Path] HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce | {91120000-0019-0000-0000-0000000FF1CE} : C:\Windows\system32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:H -> TROUVÉ
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\mbr (\??\C:\Users\remi\AppData\Local\Temp\mbr.sys) -> TROUVÉ
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\MpKsl00f585f9 (\??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CCDC2820-E915-4ADB-AEC9-8171B983B232}\MpKsl00f585f9.sys) -> TROUVÉ
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\mbr (\??\C:\Users\remi\AppData\Local\Temp\mbr.sys) -> TROUVÉ
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MpKsl00f585f9 (\??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CCDC2820-E915-4ADB-AEC9-8171B983B232}\MpKsl00f585f9.sys) -> TROUVÉ
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\ControlSet003\Services\mbr (\??\C:\Users\remi\AppData\Local\Temp\mbr.sys) -> TROUVÉ
[PUM.Proxy] HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : -> TROUVÉ
[PUM.Proxy] HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : -> TROUVÉ
[PUM.StartMenu] HKEY_USERS\S-1-5-21-3955473603-544043898-4286527960-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowPrinters : 0 -> TROUVÉ
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> TROUVÉ
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> TROUVÉ
¤¤¤ Tâches planifiées : 2 ¤¤¤
[Suspicious.Path] LSHLRGPF.job -- C:\Users\remi\AppData\Roaming\LSHLRGPF.exe (/infocmdline=ohQqmHQbUxrxtGYzl+jqk6Eyn9pZ16D8+8FfJKskl/eEiis9kX6Tii9s35ZHVjimUpH1CqYOqWVasccAiKBhFYJ/VC9DLCImwdYsBrtpegFSYNDW8A+BL4OFXI5jZtxAV29Jm1qGoMK2xYVo8bR3Mdj/VgpH/O0vdgT3NCsjoHlDrEvZUyZKukTvRaXX9tpDHlj7fOHdWk/DI70AddDP7fnV18JW7jGcIf+4L5/MJWUfE1Lm3RefmoWJiC+owEOJ5hnsWsV0H3xkP4+bE9FTT1Y5k8hK7Wa3WxH4QHiMm1yHEdqVr41Rh7Gdi9wtyuHyjKjweJ3DwWufVQjoNiG4UzjmcZOLeMpXxEu3HEcNJpm6OF7GmgY4mRQqv5od80pkbr/ahjtrJmdTR1/WqagV/vc52ClAwpmZuyqOFm2tooqe1oPtItsLMlezrezGiiZXIpd8qhDxWFwQsQDltt8E9MOs02KQHZHc1eP2K74shq3LH44Z7WMcogE3BWbpBDR/sZkLutK+wRg09MBTdV6esMVJAnVrHQ18v7KwLAnjHLQ6qygpZwcc4FRKmt288xLM80NNLghoNjL7A5LleUPNwEK91s0rHvKmd83SdnKb64/+DklNpVBvfiP1S7ufH9ZR3T06y0c1dfgiSyZsKto8dEXbr5D/fQu+D2xz3adWKyg=) -> TROUVÉ
[Suspicious.Path] \\LSHLRGPF -- C:\Users\remi\AppData\Roaming\LSHLRGPF.exe (/infocmdline=ohQqmHQbUxrxtGYzl+jqk6Eyn9pZ16D8+8FfJKskl/eEiis9kX6Tii9s35ZHVjimUpH1CqYOqWVasccAiKBhFYJ/VC9DLCImwdYsBrtpegFSYNDW8A+BL4OFXI5jZtxAV29Jm1qGoMK2xYVo8bR3Mdj/VgpH/O0vdgT3NCsjoHlDrEvZUyZKukTvRaXX9tpDHlj7fOHdWk/DI70AddDP7fnV18JW7jGcIf+4L5/MJWUfE1Lm3RefmoWJiC+owEOJ5hnsWsV0H3xkP4+bE9FTT1Y5k8hK7Wa3WxH4QHiMm1yHEdqVr41Rh7Gdi9wtyuHyjKjweJ3DwWufVQjoNiG4UzjmcZOLeMpXxEu3HEcNJpm6OF7GmgY4mRQqv5od80pkbr/ahjtrJmdTR1/WqagV/vc52ClAwpmZuyqOFm2tooqe1oPtItsLMlezrezGiiZXIpd8qhDxWFwQsQDltt8E9MOs02KQHZHc1eP2K74shq3LH44Z7WMcogE3BWbpBDR/sZkLutK+wRg09MBTdV6esMVJAnVrHQ18v7KwLAnjHLQ6qygpZwcc4FRKmt288xLM80NNLghoNjL7A5LleUPNwEK91s0rHvKmd83SdnKb64/+DklNpVBvfiP1S7ufH9ZR3T06y0c1dfgiSyZsKto8dEXbr5D/fQu+D2xz3adWKyg=) -> TROUVÉ
¤¤¤ Fichiers : 0 ¤¤¤
¤¤¤ Fichier HOSTS : 2 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost
[C:\Windows\System32\drivers\etc\hosts] ::1 localhost
¤¤¤ Antirootkit : 7 (Driver: CHARGE) ¤¤¤
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\DRIVERS\iaStor.sys - IRP_MJ_CREATE[0] : Unknown @ 0x8773f1f8
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\DRIVERS\iaStor.sys - IRP_MJ_CLOSE[2] : Unknown @ 0x8773f1f8
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\DRIVERS\iaStor.sys - IRP_MJ_DEVICE_CONTROL[14] : Unknown @ 0x8773f1f8
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\DRIVERS\iaStor.sys - IRP_MJ_INTERNAL_DEVICE_CONTROL[15] : Unknown @ 0x8773f1f8
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\DRIVERS\iaStor.sys - IRP_MJ_POWER[22] : Unknown @ 0x8773f1f8
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\DRIVERS\iaStor.sys - IRP_MJ_SYSTEM_CONTROL[23] : Unknown @ 0x8773f1f8
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\DRIVERS\iaStor.sys - IRP_MJ_PNP[27] : Unknown @ 0x8773f1f8
¤¤¤ Navigateurs web : 0 ¤¤¤
¤¤¤ MBR Verif : ¤¤¤
+++++ PhysicalDrive0: +++++
--- User ---
[MBR] 97ba1b4ea871fc79e8154dcd4c6885c2
[BSP] b7f88d621534fe69cada9bc84c4586b5 : HP MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 MB
1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 3074048 | Size: 119078 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 246945792 | Size: 117895 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK
RogueKiller V10.4.1.0 [Feb 19 2015] par Adlice Software
Mail : https://www.adlice.com/contact/
Remontées : https://forum.adlice.com/
Site Web : https://www.adlice.com/fr/roguekiller/
Blog : https://www.adlice.com/
Système d'exploitation : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Démarrage : Mode normal
Utilisateur : remi [Droits d'admin]
Mode : Recherche -- Date : 02/20/2015 10:51:56
¤¤¤ Processus malicieux : 1 ¤¤¤
[Suspicious.Path] (SVC) MpKsl00f585f9 -- \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CCDC2820-E915-4ADB-AEC9-8171B983B232}\MpKsl00f585f9.sys[7] -> STOPPÉ
¤¤¤ Entrées de registre : 14 ¤¤¤
[Suspicious.Path] HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce | {90120000-0011-0000-0000-0000000FF1CE} : C:\Windows\system32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:H -> TROUVÉ
[Suspicious.Path] HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce | {91120000-0019-0000-0000-0000000FF1CE} : C:\Windows\system32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:H -> TROUVÉ
[Suspicious.Path] HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce | {90120000-0011-0000-0000-0000000FF1CE} : C:\Windows\system32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:H -> TROUVÉ
[Suspicious.Path] HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce | {91120000-0019-0000-0000-0000000FF1CE} : C:\Windows\system32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:H -> TROUVÉ
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\mbr (\??\C:\Users\remi\AppData\Local\Temp\mbr.sys) -> TROUVÉ
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\MpKsl00f585f9 (\??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CCDC2820-E915-4ADB-AEC9-8171B983B232}\MpKsl00f585f9.sys) -> TROUVÉ
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\mbr (\??\C:\Users\remi\AppData\Local\Temp\mbr.sys) -> TROUVÉ
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MpKsl00f585f9 (\??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CCDC2820-E915-4ADB-AEC9-8171B983B232}\MpKsl00f585f9.sys) -> TROUVÉ
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\ControlSet003\Services\mbr (\??\C:\Users\remi\AppData\Local\Temp\mbr.sys) -> TROUVÉ
[PUM.Proxy] HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : -> TROUVÉ
[PUM.Proxy] HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : -> TROUVÉ
[PUM.StartMenu] HKEY_USERS\S-1-5-21-3955473603-544043898-4286527960-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowPrinters : 0 -> TROUVÉ
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> TROUVÉ
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> TROUVÉ
¤¤¤ Tâches planifiées : 2 ¤¤¤
[Suspicious.Path] LSHLRGPF.job -- C:\Users\remi\AppData\Roaming\LSHLRGPF.exe (/infocmdline=ohQqmHQbUxrxtGYzl+jqk6Eyn9pZ16D8+8FfJKskl/eEiis9kX6Tii9s35ZHVjimUpH1CqYOqWVasccAiKBhFYJ/VC9DLCImwdYsBrtpegFSYNDW8A+BL4OFXI5jZtxAV29Jm1qGoMK2xYVo8bR3Mdj/VgpH/O0vdgT3NCsjoHlDrEvZUyZKukTvRaXX9tpDHlj7fOHdWk/DI70AddDP7fnV18JW7jGcIf+4L5/MJWUfE1Lm3RefmoWJiC+owEOJ5hnsWsV0H3xkP4+bE9FTT1Y5k8hK7Wa3WxH4QHiMm1yHEdqVr41Rh7Gdi9wtyuHyjKjweJ3DwWufVQjoNiG4UzjmcZOLeMpXxEu3HEcNJpm6OF7GmgY4mRQqv5od80pkbr/ahjtrJmdTR1/WqagV/vc52ClAwpmZuyqOFm2tooqe1oPtItsLMlezrezGiiZXIpd8qhDxWFwQsQDltt8E9MOs02KQHZHc1eP2K74shq3LH44Z7WMcogE3BWbpBDR/sZkLutK+wRg09MBTdV6esMVJAnVrHQ18v7KwLAnjHLQ6qygpZwcc4FRKmt288xLM80NNLghoNjL7A5LleUPNwEK91s0rHvKmd83SdnKb64/+DklNpVBvfiP1S7ufH9ZR3T06y0c1dfgiSyZsKto8dEXbr5D/fQu+D2xz3adWKyg=) -> TROUVÉ
[Suspicious.Path] \\LSHLRGPF -- C:\Users\remi\AppData\Roaming\LSHLRGPF.exe (/infocmdline=ohQqmHQbUxrxtGYzl+jqk6Eyn9pZ16D8+8FfJKskl/eEiis9kX6Tii9s35ZHVjimUpH1CqYOqWVasccAiKBhFYJ/VC9DLCImwdYsBrtpegFSYNDW8A+BL4OFXI5jZtxAV29Jm1qGoMK2xYVo8bR3Mdj/VgpH/O0vdgT3NCsjoHlDrEvZUyZKukTvRaXX9tpDHlj7fOHdWk/DI70AddDP7fnV18JW7jGcIf+4L5/MJWUfE1Lm3RefmoWJiC+owEOJ5hnsWsV0H3xkP4+bE9FTT1Y5k8hK7Wa3WxH4QHiMm1yHEdqVr41Rh7Gdi9wtyuHyjKjweJ3DwWufVQjoNiG4UzjmcZOLeMpXxEu3HEcNJpm6OF7GmgY4mRQqv5od80pkbr/ahjtrJmdTR1/WqagV/vc52ClAwpmZuyqOFm2tooqe1oPtItsLMlezrezGiiZXIpd8qhDxWFwQsQDltt8E9MOs02KQHZHc1eP2K74shq3LH44Z7WMcogE3BWbpBDR/sZkLutK+wRg09MBTdV6esMVJAnVrHQ18v7KwLAnjHLQ6qygpZwcc4FRKmt288xLM80NNLghoNjL7A5LleUPNwEK91s0rHvKmd83SdnKb64/+DklNpVBvfiP1S7ufH9ZR3T06y0c1dfgiSyZsKto8dEXbr5D/fQu+D2xz3adWKyg=) -> TROUVÉ
¤¤¤ Fichiers : 0 ¤¤¤
¤¤¤ Fichier HOSTS : 2 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost
[C:\Windows\System32\drivers\etc\hosts] ::1 localhost
¤¤¤ Antirootkit : 7 (Driver: CHARGE) ¤¤¤
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\DRIVERS\iaStor.sys - IRP_MJ_CREATE[0] : Unknown @ 0x8773f1f8
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\DRIVERS\iaStor.sys - IRP_MJ_CLOSE[2] : Unknown @ 0x8773f1f8
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\DRIVERS\iaStor.sys - IRP_MJ_DEVICE_CONTROL[14] : Unknown @ 0x8773f1f8
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\DRIVERS\iaStor.sys - IRP_MJ_INTERNAL_DEVICE_CONTROL[15] : Unknown @ 0x8773f1f8
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\DRIVERS\iaStor.sys - IRP_MJ_POWER[22] : Unknown @ 0x8773f1f8
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\DRIVERS\iaStor.sys - IRP_MJ_SYSTEM_CONTROL[23] : Unknown @ 0x8773f1f8
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\DRIVERS\iaStor.sys - IRP_MJ_PNP[27] : Unknown @ 0x8773f1f8
¤¤¤ Navigateurs web : 0 ¤¤¤
¤¤¤ MBR Verif : ¤¤¤
+++++ PhysicalDrive0: +++++
--- User ---
[MBR] 97ba1b4ea871fc79e8154dcd4c6885c2
[BSP] b7f88d621534fe69cada9bc84c4586b5 : HP MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 MB
1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 3074048 | Size: 119078 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 246945792 | Size: 117895 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK
--> Ouvre le Bloc-notes (Démarrer => Tous les programmes => Accessoires => Bloc-notes).
--> Copie-colle le texte en gras ci-dessous dans le Bloc-notes :
start
CloseProcesses:
HKU\S-1-5-21-3955473603-544043898-4286527960-1000\...0c966feabec1\InprocServer32: [Default-shell32] ATTENTION! ====> ZeroAccess?
HKU\S-1-5-21-3955473603-544043898-4286527960-1000\...A8F59079A8D5}\localserver32: <==== ATTENTION!
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3955473603-544043898-4286527960-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
URLSearchHook: [S-1-5-21-3955473603-544043898-4286527960-1000] ATTENTION ==> Default URLSearchHook is missing.
BHO: rrocKeTddeal -> {3db0c605-b77d-44bc-b5ab-ac073eebaac0} -> C:\Program Files\rrocKeTddeal\LIuNHSJNZM5K1r.dll ()
BHO: CoOlnncheAp -> {41506ff8-ed89-4650-b55e-178fae42bbd3} -> C:\Program Files\CoOlnncheAp\LQ0GGyaCwim3fX.dll ()
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
FF Extension: roCkketdeeal - C:\Users\remi\AppData\Roaming\Mozilla\Firefox\Profiles\cgxzetzh.default-1417965153365\Extensions\pGrDoE@R9H.edu [2015-02-15]
FF Extension: lowporicEs - C:\Users\remi\AppData\Roaming\Mozilla\Firefox\Profiles\cgxzetzh.default-1417965153365\Extensions\uiyibv@fg3.org [2014-12-28]
CHR Extension: (Interest Recognizer for Pixeasy) - C:\Users\remi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaigemenfdchjldbnoeklodikdljomnf [2012-09-04]
CHR Extension: (TheFreeDictionarycom Extension) - C:\Users\remi\AppData\Local\Google\Chrome\User Data\Default\Extensions\afgabimphpgkjochcoogplolgpcagmap [2015-01-16]
CHR Extension: (aappsave) - C:\Users\remi\AppData\Local\Google\Chrome\User Data\Default\Extensions\clehimfagikkhcmidjghpgplpgdgiide [2015-02-15]
CHR Extension: (ifhikkcafabcgolfjegfcgloomalapol) - C:\Users\remi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifhikkcafabcgolfjegfcgloomalapol [2014-12-03]
CHR Extension: (FSymbols Stickers for Facebook) - C:\Users\remi\AppData\Local\Google\Chrome\User Data\Default\Extensions\kehodepjgiiheddbihdkcgcbkeibmnij [2015-02-15]
CHR Extension: (cheaap4ALll) - C:\Users\remi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkfdklejoieeoflihdhploecbkchehac [2015-01-31]
S2 845ed441; c:\Program Files\ProcessFunc\ProcessFunc.dll [5348864 2014-12-27] () [File not signed]
c:\Program Files\ProcessFunc
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
2015-02-17 09:23 - 2015-02-17 09:24 - 00775968 _____ (Reimage®) C:\Users\remi\Downloads\ReimageRepair(3).exe
2015-02-15 07:55 - 2015-02-15 07:56 - 00000000 ____D () C:\Program Files\rrocKeTddeal
2015-02-15 07:55 - 2015-02-15 07:56 - 00000000 ____D () C:\Program Files\roCkketdeeal
2015-02-15 07:55 - 2015-02-15 07:56 - 00000000 ____D () C:\Program Files\aappsave
2015-01-31 08:34 - 2015-01-31 08:38 - 00000000 ____D () C:\Program Files\Ed2kHelper
2015-01-31 08:34 - 2015-01-31 08:38 - 00000000 ____D () C:\Program Files\CoOlnncheAp
2015-01-31 08:33 - 2015-01-31 08:38 - 00000000 ____D () C:\Program Files\cheaap4ALll
2015-01-22 22:00 - 2015-01-22 22:00 - 00775968 _____ (Reimage®) C:\Users\remi\Downloads\ReimageRepair(2).exe
2015-01-22 21:59 - 2015-01-22 22:00 - 00775968 _____ (Reimage®) C:\Users\remi\Downloads\ReimageRepair(1).exe
2015-02-19 21:55 - 2014-12-07 10:06 - 00001682 _____ () C:\Windows\Tasks\LSHLRGPF.job
2015-02-19 21:09 - 2015-01-16 08:02 - 00000000 ____D () C:\ProgramData\offeraPPp
2015-02-19 21:09 - 2015-01-16 08:01 - 00000000 ____D () C:\ProgramData\rockeatdEal
2015-02-19 21:09 - 2014-12-28 08:53 - 00000000 ____D () C:\ProgramData\lowPricEes
2015-02-19 21:09 - 2014-11-29 23:54 - 00000000 ____D () C:\Program Files\HQVid-v2.5V29.11
2014-09-01 09:18 - 2014-09-01 09:18 - 0001248 _____ () C:\Users\remi\AppData\Roaming\LSHLRGPF
Task: {0073E32D-857B-4961-BB30-2C0A6A096483} - \a23a83a9-3831-448a-927d-d62a4a4d0608-3 No Task File <==== ATTENTION
Task: {01D2A314-819D-45AF-928D-AE421BBD9C96} - \5e78d405-5ef8-415c-8ce7-429082810130 No Task File <==== ATTENTION
Task: {02D2828E-D735-4A72-A5ED-619B600D87F1} - \70d1c105-1008-41d4-b85d-240ef575a3ff-11 No Task File <==== ATTENTION
Task: {03B88F01-0D2D-42EC-8D8A-848D3F2A10E3} - \70d1c105-1008-41d4-b85d-240ef575a3ff-5_user No Task File <==== ATTENTION
Task: {0B53B60C-CD73-4990-A68D-8B9D44750CED} - \1378e84e-a902-44c1-b5cc-f3762948367c-5 No Task File <==== ATTENTION
Task: {10B78989-B5ED-461B-83CC-65B408BB421E} - \1378e84e-a902-44c1-b5cc-f3762948367c-4 No Task File <==== ATTENTION
Task: {1EA0175C-4937-4DC9-86C3-AF6F257EBA5A} - \70d1c105-1008-41d4-b85d-240ef575a3ff-1 No Task File <==== ATTENTION
Task: {26B40A35-85D9-497A-B7B3-1A9D518722AF} - \70d1c105-1008-41d4-b85d-240ef575a3ff-10_user No Task File <==== ATTENTION
Task: {29C42376-20CA-424B-B830-FC94690D546F} - \ad1ca8ac-8c4a-45aa-953d-1f2812f5573c No Task File <==== ATTENTION
Task: {3BB6E842-CCB6-46B0-8801-B7E3FD8870F7} - \70d1c105-1008-41d4-b85d-240ef575a3ff-7 No Task File <==== ATTENTION
Task: {3FCACFB2-9DDE-44AD-884F-6B03C5A9D7BF} - \1378e84e-a902-44c1-b5cc-f3762948367c-6 No Task File <==== ATTENTION
Task: {567CA967-27A8-4C56-8633-2A30C22544DC} - System32\Tasks\LSHLRGPF => C:\Users\remi\AppData\Roaming\LSHLRGPF.exe <==== ATTENTION
Task: {5E7AAF5D-5763-4285-85CB-AB1324E7159C} - \globalUpdateUpdateTaskMachineCore No Task File <==== ATTENTION
Task: {5FD665BC-CAD8-43E5-B6AF-DD0B040A1DE6} - \1378e84e-a902-44c1-b5cc-f3762948367c-1 No Task File <==== ATTENTION
Task: {74E9241C-8FE0-48A0-B877-D357F4361FA6} - \d260984a-7aea-4eed-a74a-9936d7a614b5 No Task File <==== ATTENTION
Task: {768FC361-6FB9-48A2-87E5-ECFFA8D76572} - \1378e84e-a902-44c1-b5cc-f3762948367c-5_user No Task File <==== ATTENTION
Task: {803015A9-C7AA-4978-B5A5-3E1450EEEC9F} - \70d1c105-1008-41d4-b85d-240ef575a3ff-6 No Task File <==== ATTENTION
Task: {82CF1433-1720-4D7C-B2D9-30D05BF18096} - \1378e84e-a902-44c1-b5cc-f3762948367c-3 No Task File <==== ATTENTION
Task: {88746F3D-39B5-4038-9BF1-EB6E44924A45} - \1378e84e-a902-44c1-b5cc-f3762948367c-2 No Task File <==== ATTENTION
Task: {9FFB4FE3-098B-46DB-8A49-36255D147506} - \70d1c105-1008-41d4-b85d-240ef575a3ff-4 No Task File <==== ATTENTION
Task: {A61E0B17-F81C-4143-90DA-8098F4B943FE} - \70d1c105-1008-41d4-b85d-240ef575a3ff-3 No Task File <==== ATTENTION
Task: {B63C9799-9393-4AD5-AC9E-4E5E14C8E5F7} - \70d1c105-1008-41d4-b85d-240ef575a3ff-2 No Task File <==== ATTENTION
Task: {BFC2FE00-A13A-4720-A1D3-9F5809236B96} - \a23a83a9-3831-448a-927d-d62a4a4d0608-10_user No Task File <==== ATTENTION
Task: {C5271336-6669-47EB-AD57-D7560E7A56F6} - \1378e84e-a902-44c1-b5cc-f3762948367c-7 No Task File <==== ATTENTION
Task: {DCE626A5-AB7C-42B5-AA0F-B16187ED6D51} - \70d1c105-1008-41d4-b85d-240ef575a3ff-5 No Task File <==== ATTENTION
Task: {F28F4317-0D89-48F0-BA8C-3D1C4BB49331} - \beb65a7c-a4f1-4e36-a647-0bf74db31cfd No Task File <==== ATTENTION
Task: {F5C0656A-69ED-4395-9784-B32B015990C5} - \1378e84e-a902-44c1-b5cc-f3762948367c-11 No Task File <==== ATTENTION
Task: C:\Windows\Tasks\LSHLRGPF.job => C:\Users\remi\AppData\Roaming\LSHLRGPF.exe <==== ATTENTION
C:\Users\remi\AppData\Roaming\LSHLRGPF.exe
Reg: reg delete "HKU\S-1-5-21-3955473603-544043898-4286527960-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{23564cb7-8dc2-4f54-80ba-75b958f88b3f}" /f
Reg: reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{01E5401C-D2E0-4FEC-9A37-92ACD8852F81}" /f
Reg: reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1D301950-EA2F-4882-9AA0-49467756842A}" /f
Reg: reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B9D71BE6-7226-4BA3-AB0D-09CCB27B6A9F}" /f
Reg: reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PDFCreator Toolbar" /f
Reg: reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{97BBECCF-B1FD-4010-8D4B-EFC9E3CCEECF}" /f
end
--> Enregistre le fichier sur ton Bureau (au même endroit que FRST) sous le nom fixlist.txt
--> Lance FRST (Sous Windows Vista/7/8, clic droit sur FRST > Exécuter en tant qu'administrateur).
--> Clique sur Fix. Patiente le temps de la correction.
Note : si l'outil a besoin d'un redémarrage, laisse le système redémarrer normalement, l'outil terminera son travail.
--> Une fois la correction terminée, un rapport Fixlog.txt sera présent sur le Bureau.
--> Héberge le rapport sur pjjoint.malekal.com et copie-colle le lien fourni dans ta prochaine réponse.
--> Copie-colle le texte en gras ci-dessous dans le Bloc-notes :
start
CloseProcesses:
HKU\S-1-5-21-3955473603-544043898-4286527960-1000\...0c966feabec1\InprocServer32: [Default-shell32] ATTENTION! ====> ZeroAccess?
HKU\S-1-5-21-3955473603-544043898-4286527960-1000\...A8F59079A8D5}\localserver32: <==== ATTENTION!
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3955473603-544043898-4286527960-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
URLSearchHook: [S-1-5-21-3955473603-544043898-4286527960-1000] ATTENTION ==> Default URLSearchHook is missing.
BHO: rrocKeTddeal -> {3db0c605-b77d-44bc-b5ab-ac073eebaac0} -> C:\Program Files\rrocKeTddeal\LIuNHSJNZM5K1r.dll ()
BHO: CoOlnncheAp -> {41506ff8-ed89-4650-b55e-178fae42bbd3} -> C:\Program Files\CoOlnncheAp\LQ0GGyaCwim3fX.dll ()
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
FF Extension: roCkketdeeal - C:\Users\remi\AppData\Roaming\Mozilla\Firefox\Profiles\cgxzetzh.default-1417965153365\Extensions\pGrDoE@R9H.edu [2015-02-15]
FF Extension: lowporicEs - C:\Users\remi\AppData\Roaming\Mozilla\Firefox\Profiles\cgxzetzh.default-1417965153365\Extensions\uiyibv@fg3.org [2014-12-28]
CHR Extension: (Interest Recognizer for Pixeasy) - C:\Users\remi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaigemenfdchjldbnoeklodikdljomnf [2012-09-04]
CHR Extension: (TheFreeDictionarycom Extension) - C:\Users\remi\AppData\Local\Google\Chrome\User Data\Default\Extensions\afgabimphpgkjochcoogplolgpcagmap [2015-01-16]
CHR Extension: (aappsave) - C:\Users\remi\AppData\Local\Google\Chrome\User Data\Default\Extensions\clehimfagikkhcmidjghpgplpgdgiide [2015-02-15]
CHR Extension: (ifhikkcafabcgolfjegfcgloomalapol) - C:\Users\remi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifhikkcafabcgolfjegfcgloomalapol [2014-12-03]
CHR Extension: (FSymbols Stickers for Facebook) - C:\Users\remi\AppData\Local\Google\Chrome\User Data\Default\Extensions\kehodepjgiiheddbihdkcgcbkeibmnij [2015-02-15]
CHR Extension: (cheaap4ALll) - C:\Users\remi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkfdklejoieeoflihdhploecbkchehac [2015-01-31]
S2 845ed441; c:\Program Files\ProcessFunc\ProcessFunc.dll [5348864 2014-12-27] () [File not signed]
c:\Program Files\ProcessFunc
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
2015-02-17 09:23 - 2015-02-17 09:24 - 00775968 _____ (Reimage®) C:\Users\remi\Downloads\ReimageRepair(3).exe
2015-02-15 07:55 - 2015-02-15 07:56 - 00000000 ____D () C:\Program Files\rrocKeTddeal
2015-02-15 07:55 - 2015-02-15 07:56 - 00000000 ____D () C:\Program Files\roCkketdeeal
2015-02-15 07:55 - 2015-02-15 07:56 - 00000000 ____D () C:\Program Files\aappsave
2015-01-31 08:34 - 2015-01-31 08:38 - 00000000 ____D () C:\Program Files\Ed2kHelper
2015-01-31 08:34 - 2015-01-31 08:38 - 00000000 ____D () C:\Program Files\CoOlnncheAp
2015-01-31 08:33 - 2015-01-31 08:38 - 00000000 ____D () C:\Program Files\cheaap4ALll
2015-01-22 22:00 - 2015-01-22 22:00 - 00775968 _____ (Reimage®) C:\Users\remi\Downloads\ReimageRepair(2).exe
2015-01-22 21:59 - 2015-01-22 22:00 - 00775968 _____ (Reimage®) C:\Users\remi\Downloads\ReimageRepair(1).exe
2015-02-19 21:55 - 2014-12-07 10:06 - 00001682 _____ () C:\Windows\Tasks\LSHLRGPF.job
2015-02-19 21:09 - 2015-01-16 08:02 - 00000000 ____D () C:\ProgramData\offeraPPp
2015-02-19 21:09 - 2015-01-16 08:01 - 00000000 ____D () C:\ProgramData\rockeatdEal
2015-02-19 21:09 - 2014-12-28 08:53 - 00000000 ____D () C:\ProgramData\lowPricEes
2015-02-19 21:09 - 2014-11-29 23:54 - 00000000 ____D () C:\Program Files\HQVid-v2.5V29.11
2014-09-01 09:18 - 2014-09-01 09:18 - 0001248 _____ () C:\Users\remi\AppData\Roaming\LSHLRGPF
Task: {0073E32D-857B-4961-BB30-2C0A6A096483} - \a23a83a9-3831-448a-927d-d62a4a4d0608-3 No Task File <==== ATTENTION
Task: {01D2A314-819D-45AF-928D-AE421BBD9C96} - \5e78d405-5ef8-415c-8ce7-429082810130 No Task File <==== ATTENTION
Task: {02D2828E-D735-4A72-A5ED-619B600D87F1} - \70d1c105-1008-41d4-b85d-240ef575a3ff-11 No Task File <==== ATTENTION
Task: {03B88F01-0D2D-42EC-8D8A-848D3F2A10E3} - \70d1c105-1008-41d4-b85d-240ef575a3ff-5_user No Task File <==== ATTENTION
Task: {0B53B60C-CD73-4990-A68D-8B9D44750CED} - \1378e84e-a902-44c1-b5cc-f3762948367c-5 No Task File <==== ATTENTION
Task: {10B78989-B5ED-461B-83CC-65B408BB421E} - \1378e84e-a902-44c1-b5cc-f3762948367c-4 No Task File <==== ATTENTION
Task: {1EA0175C-4937-4DC9-86C3-AF6F257EBA5A} - \70d1c105-1008-41d4-b85d-240ef575a3ff-1 No Task File <==== ATTENTION
Task: {26B40A35-85D9-497A-B7B3-1A9D518722AF} - \70d1c105-1008-41d4-b85d-240ef575a3ff-10_user No Task File <==== ATTENTION
Task: {29C42376-20CA-424B-B830-FC94690D546F} - \ad1ca8ac-8c4a-45aa-953d-1f2812f5573c No Task File <==== ATTENTION
Task: {3BB6E842-CCB6-46B0-8801-B7E3FD8870F7} - \70d1c105-1008-41d4-b85d-240ef575a3ff-7 No Task File <==== ATTENTION
Task: {3FCACFB2-9DDE-44AD-884F-6B03C5A9D7BF} - \1378e84e-a902-44c1-b5cc-f3762948367c-6 No Task File <==== ATTENTION
Task: {567CA967-27A8-4C56-8633-2A30C22544DC} - System32\Tasks\LSHLRGPF => C:\Users\remi\AppData\Roaming\LSHLRGPF.exe <==== ATTENTION
Task: {5E7AAF5D-5763-4285-85CB-AB1324E7159C} - \globalUpdateUpdateTaskMachineCore No Task File <==== ATTENTION
Task: {5FD665BC-CAD8-43E5-B6AF-DD0B040A1DE6} - \1378e84e-a902-44c1-b5cc-f3762948367c-1 No Task File <==== ATTENTION
Task: {74E9241C-8FE0-48A0-B877-D357F4361FA6} - \d260984a-7aea-4eed-a74a-9936d7a614b5 No Task File <==== ATTENTION
Task: {768FC361-6FB9-48A2-87E5-ECFFA8D76572} - \1378e84e-a902-44c1-b5cc-f3762948367c-5_user No Task File <==== ATTENTION
Task: {803015A9-C7AA-4978-B5A5-3E1450EEEC9F} - \70d1c105-1008-41d4-b85d-240ef575a3ff-6 No Task File <==== ATTENTION
Task: {82CF1433-1720-4D7C-B2D9-30D05BF18096} - \1378e84e-a902-44c1-b5cc-f3762948367c-3 No Task File <==== ATTENTION
Task: {88746F3D-39B5-4038-9BF1-EB6E44924A45} - \1378e84e-a902-44c1-b5cc-f3762948367c-2 No Task File <==== ATTENTION
Task: {9FFB4FE3-098B-46DB-8A49-36255D147506} - \70d1c105-1008-41d4-b85d-240ef575a3ff-4 No Task File <==== ATTENTION
Task: {A61E0B17-F81C-4143-90DA-8098F4B943FE} - \70d1c105-1008-41d4-b85d-240ef575a3ff-3 No Task File <==== ATTENTION
Task: {B63C9799-9393-4AD5-AC9E-4E5E14C8E5F7} - \70d1c105-1008-41d4-b85d-240ef575a3ff-2 No Task File <==== ATTENTION
Task: {BFC2FE00-A13A-4720-A1D3-9F5809236B96} - \a23a83a9-3831-448a-927d-d62a4a4d0608-10_user No Task File <==== ATTENTION
Task: {C5271336-6669-47EB-AD57-D7560E7A56F6} - \1378e84e-a902-44c1-b5cc-f3762948367c-7 No Task File <==== ATTENTION
Task: {DCE626A5-AB7C-42B5-AA0F-B16187ED6D51} - \70d1c105-1008-41d4-b85d-240ef575a3ff-5 No Task File <==== ATTENTION
Task: {F28F4317-0D89-48F0-BA8C-3D1C4BB49331} - \beb65a7c-a4f1-4e36-a647-0bf74db31cfd No Task File <==== ATTENTION
Task: {F5C0656A-69ED-4395-9784-B32B015990C5} - \1378e84e-a902-44c1-b5cc-f3762948367c-11 No Task File <==== ATTENTION
Task: C:\Windows\Tasks\LSHLRGPF.job => C:\Users\remi\AppData\Roaming\LSHLRGPF.exe <==== ATTENTION
C:\Users\remi\AppData\Roaming\LSHLRGPF.exe
Reg: reg delete "HKU\S-1-5-21-3955473603-544043898-4286527960-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{23564cb7-8dc2-4f54-80ba-75b958f88b3f}" /f
Reg: reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{01E5401C-D2E0-4FEC-9A37-92ACD8852F81}" /f
Reg: reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1D301950-EA2F-4882-9AA0-49467756842A}" /f
Reg: reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B9D71BE6-7226-4BA3-AB0D-09CCB27B6A9F}" /f
Reg: reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PDFCreator Toolbar" /f
Reg: reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{97BBECCF-B1FD-4010-8D4B-EFC9E3CCEECF}" /f
end
--> Enregistre le fichier sur ton Bureau (au même endroit que FRST) sous le nom fixlist.txt
--> Lance FRST (Sous Windows Vista/7/8, clic droit sur FRST > Exécuter en tant qu'administrateur).
--> Clique sur Fix. Patiente le temps de la correction.
Note : si l'outil a besoin d'un redémarrage, laisse le système redémarrer normalement, l'outil terminera son travail.
--> Une fois la correction terminée, un rapport Fixlog.txt sera présent sur le Bureau.
--> Héberge le rapport sur pjjoint.malekal.com et copie-colle le lien fourni dans ta prochaine réponse.
Je t'ai mis les liens des 3 rapports Farbar. J'espère que tu réussiras a démêler quelque chose dans tout ça! Ce Pc qui date a dû récupérer plein de cochonneries.
Bon courage!
https://pjjoint.malekal.com/files.php?id=FRST_20150219_i15o9z78y10
https://pjjoint.malekal.com/files.php?id=20150219_t15k12b5b13q6
https://pjjoint.malekal.com/files.php?id=20150219_i15n15i5u8p6