Sujet Précédent Sujet Suivant

Ouverture page internet intempestif

Résolu/Fermé
Icecrime Messages postés 5 Date d'inscription mercredi 13 mai 2015 Statut Membre Dernière intervention 17 mai 2015 - 13 mai 2015 à 22:14
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 - 17 mai 2015 à 14:10
Bonsoir, depuis quelques temps, des pages internet s'ouvrent toutes seuls et envahissent mon bureau. Il m'est tres difficile de surfer tant il y'a de page qui s'affichent.

Voici le rapport de adwcleaner.... merci d'avance

# AdwCleaner v4.204 - Rapport créé le 13/05/2015 à 22:05:13
# Mis à jour le 12/05/2015 par Xplode
# Base de données : 2015-05-12.2 [Serveur]
# Système d'exploitation : Windows 8.1 (x64)
# Nom d'utilisateur : hardias - PC-RICHARD
# Exécuté depuis : C:\Users\hardias\Desktop\adwcleaner_4.204.exe
# Option : Scanner
          • [ Services ] *****


Service Trouvé : IHProtect Service
Service Trouvé : nethfdrv
Service Trouvé : Software_update
Service Trouvé : Software_update_m
Service Trouvé : WindowsMangerProtect
Service Trouvé : netmon_wfp
Service Trouvé : sogrMed
Service Trouvé : 2df638ba
          • [ Fichiers / Dossiers ] *****


Dossier Trouvé : C:\Program Files (x86)\Media Player Z
Dossier Trouvé : C:\Program Files (x86)\WajWebEnhance
Dossier Trouvé : C:\Program Files (x86)\XTab
Dossier Trouvé : C:\ProgramData\{1bee6b13-5e0b-8c66-1bee-e6b135e0ac4d}
Dossier Trouvé : C:\ProgramData\2a990bb000006dae
Dossier Trouvé : C:\ProgramData\FlashBeat
Dossier Trouvé : C:\ProgramData\IHProtectUpDate
Dossier Trouvé : C:\ProgramData\WindowsMangerProtect
Dossier Trouvé : C:\Users\hardias\AppData\Local\4C4C4544-1431186570-5910-8038-B1C04F4A354A
Dossier Trouvé : C:\Users\hardias\AppData\Roaming\Mozilla\Firefox\Profiles\k6ilkju0.default\Extensions\rssicon@jasnapaka.com
Dossier Trouvé : C:\Users\hardias\AppData\Roaming\Mozilla\Firefox\Profiles\k6ilkju0.default\Extensions\sweetsearch@gmail.com
Dossier Trouvé : C:\Users\hardias\AppData\Roaming\Mozilla\Firefox\Profiles\k6ilkju0.default\Extensions\veggy@veggyAddon.com
Fichier Trouvé : C:\Program Files (x86)\Mozilla Firefox\browser\defaults\preferences\prefs.js
Fichier Trouvé : C:\Program Files (x86)\mozilla firefox\dbghelp.dll
Fichier Trouvé : C:\Program Files (x86)\prefs.js
Fichier Trouvé : C:\Users\hardias\AppData\Local\Temp\Uninstall.exe
Fichier Trouvé : C:\Users\hardias\AppData\Roaming\Mozilla\Firefox\Profiles\k6ilkju0.default\searchplugins\mystartsearch.xml
Fichier Trouvé : C:\Users\hardias\AppData\Roaming\Mozilla\Firefox\Profiles\k6ilkju0.default\user.js
Fichier Trouvé : C:\windows\System32\drivers\netmon_wfp.sys
Fichier Trouvé : C:\windows\SysWOW64\installd.exe
          • [ Tâches planifiées ] *****


Tâche Trouvée : AmiUpdXp
Tâche Trouvée : SoftwareUpdateTaskMachineCore
Tâche Trouvée : SoftwareUpdateTaskMachineUA
Tâche Trouvée : 2b8ef831-83e6-4b72-bb80-f15439f7aaa7-1-6
Tâche Trouvée : 2b8ef831-83e6-4b72-bb80-f15439f7aaa7-1-7
Tâche Trouvée : 2b8ef831-83e6-4b72-bb80-f15439f7aaa7-10_user
Tâche Trouvée : 2b8ef831-83e6-4b72-bb80-f15439f7aaa7-4
Tâche Trouvée : 2b8ef831-83e6-4b72-bb80-f15439f7aaa7-5
Tâche Trouvée : 2b8ef831-83e6-4b72-bb80-f15439f7aaa7-5_user
Tâche Trouvée : 94610a37-f0a6-4805-8647-38024cecb8cc-10_user
Tâche Trouvée : 94610a37-f0a6-4805-8647-38024cecb8cc-5
Tâche Trouvée : 94610a37-f0a6-4805-8647-38024cecb8cc-5_user
          • [ Raccourcis ] *****


Raccourci Infecté : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Borderlands The Pre-Sequel.lnk
Raccourci Infecté : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Raccourci Infecté : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mephisto\Dragon Age Inquisition.lnk
Raccourci Infecté : C:\Users\hardias\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Raccourci Infecté : C:\Users\hardias\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk
          • [ Registre ] *****


Clé Trouvée : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Clé Trouvée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Clé Trouvée : HKCU\Software\Super Optimizer
Clé Trouvée : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Clé Trouvée : [x64] HKCU\Software\Super Optimizer
Clé Trouvée : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Clé Trouvée : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Clé Trouvée : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Clé Trouvée : HKLM\SOFTWARE\3d473fe1-6f94-88a2-6383-2db876065fa1
Clé Trouvée : HKLM\SOFTWARE\Classes\CLSID\{08230486-CBAF-4000-8036-447C3852D034}
Clé Trouvée : HKLM\SOFTWARE\Classes\CLSID\{13809C03-DE3B-47E5-96A3-2D8F83693A50}
Clé Trouvée : HKLM\SOFTWARE\Classes\CLSID\{3B96B5D3-4A8D-42DC-9CDE-E9B94B3CFE5D}
Clé Trouvée : HKLM\SOFTWARE\Classes\CLSID\{3D976BD4-0B6A-4757-9D2B-65AA20F4B4EA}
Clé Trouvée : HKLM\SOFTWARE\Classes\CLSID\{76894207-241A-473B-B111-FAA75608F1D9}
Clé Trouvée : HKLM\SOFTWARE\Classes\CLSID\{7A7C8DA9-8660-460D-849F-01619B91C03F}
Clé Trouvée : HKLM\SOFTWARE\Classes\CLSID\{ACCC747B-2A59-4F30-BA7C-D26333DE65F5}
Clé Trouvée : HKLM\SOFTWARE\Classes\CLSID\{AE2506E3-0F75-44EE-B552-CFF3BFF4D50F}
Clé Trouvée : HKLM\SOFTWARE\Classes\CLSID\{B6CD3C31-ABF4-4C7A-8CB7-29960BC7017C}
Clé Trouvée : HKLM\SOFTWARE\Classes\CLSID\{C24C3824-63D8-42CD-BB5A-77631072FDB2}
Clé Trouvée : HKLM\SOFTWARE\Classes\CLSID\{EB41B92A-3A76-4237-9E6B-A5DDC2EAA771}
Clé Trouvée : HKLM\SOFTWARE\Classes\CLSID\{F9A8326E-9C90-4BF2-ACC7-D0883D16AA82}
Clé Trouvée : HKLM\SOFTWARE\Classes\Software.OneClickCtrl.9
Clé Trouvée : HKLM\SOFTWARE\Classes\Software.OneClickProcessLauncherMachine
Clé Trouvée : HKLM\SOFTWARE\Classes\Software.OneClickProcessLauncherMachine.1.0
Clé Trouvée : HKLM\SOFTWARE\Classes\Software.Update3WebControl.3
Clé Trouvée : HKLM\SOFTWARE\Classes\SoftwareUpdate.CoCreateAsync
Clé Trouvée : HKLM\SOFTWARE\Classes\SoftwareUpdate.CoCreateAsync.1.0
Clé Trouvée : HKLM\SOFTWARE\Classes\SoftwareUpdate.CoreClass
Clé Trouvée : HKLM\SOFTWARE\Classes\SoftwareUpdate.CoreClass.1
Clé Trouvée : HKLM\SOFTWARE\Classes\SoftwareUpdate.CoreMachineClass
Clé Trouvée : HKLM\SOFTWARE\Classes\SoftwareUpdate.CoreMachineClass.1
Clé Trouvée : HKLM\SOFTWARE\Classes\SoftwareUpdate.CredentialDialogMachine
Clé Trouvée : HKLM\SOFTWARE\Classes\SoftwareUpdate.CredentialDialogMachine.1.0
Clé Trouvée : HKLM\SOFTWARE\Classes\SoftwareUpdate.OnDemandCOMClassMachine
Clé Trouvée : HKLM\SOFTWARE\Classes\SoftwareUpdate.OnDemandCOMClassMachine.1.0
Clé Trouvée : HKLM\SOFTWARE\Classes\SoftwareUpdate.OnDemandCOMClassMachineFallback
Clé Trouvée : HKLM\SOFTWARE\Classes\SoftwareUpdate.OnDemandCOMClassMachineFallback.1.0
Clé Trouvée : HKLM\SOFTWARE\Classes\SoftwareUpdate.ProcessLauncher
Clé Trouvée : HKLM\SOFTWARE\Classes\SoftwareUpdate.ProcessLauncher.1.0
Clé Trouvée : HKLM\SOFTWARE\Classes\SoftwareUpdate.Update3WebMachine
Clé Trouvée : HKLM\SOFTWARE\Classes\SoftwareUpdate.Update3WebMachine.1.0
Clé Trouvée : HKLM\SOFTWARE\Classes\SoftwareUpdate.Update3WebMachineFallback
Clé Trouvée : HKLM\SOFTWARE\Classes\SoftwareUpdate.Update3WebMachineFallback.1.0
Clé Trouvée : HKLM\SOFTWARE\FFPluginHp
Clé Trouvée : HKLM\SOFTWARE\FlashBeat
Clé Trouvée : HKLM\SOFTWARE\IHProtect
Clé Trouvée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3B96B5D3-4A8D-42DC-9CDE-E9B94B3CFE5D}
Clé Trouvée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3D976BD4-0B6A-4757-9D2B-65AA20F4B4EA}
Clé Trouvée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ACCC747B-2A59-4F30-BA7C-D26333DE65F5}
Clé Trouvée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SoftwareUpdate.exe
Clé Trouvée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3B96B5D3-4A8D-42DC-9CDE-E9B94B3CFE5D}
Clé Trouvée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{ACCC747B-2A59-4F30-BA7C-D26333DE65F5}
Clé Trouvée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2EA0095A-7DA8-4056-A281-F19C92325C04}
Clé Trouvée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{53B21E29-3967-C332-57EB-C02631658584}
Clé Trouvée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Clé Trouvée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FlashBeat
Clé Trouvée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdater
Clé Trouvée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
Clé Trouvée : HKLM\SOFTWARE\MozillaPlugins\@tools.Software.com/Software Update;version=3
Clé Trouvée : HKLM\SOFTWARE\MozillaPlugins\@tools.Software.com/Software Update;version=9
Clé Trouvée : HKLM\SOFTWARE\mystartsearchSoftware
Clé Trouvée : HKLM\SOFTWARE\SupDp
Clé Trouvée : HKLM\SOFTWARE\supWindowsMangerProtect
Clé Trouvée : HKLM\SOFTWARE\ZoomWebLists
Clé Trouvée : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Clé Trouvée : [x64] HKLM\SOFTWARE\FlashBeat
Donnée Trouvée : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>
Donnée Trouvée : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command [(Default)] - "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" hxxp://www.mystartsearch.com/?type=sc&ts=1431171972&z=e2a9851dab0e2ffe9c34369g4zec6g9gembg2tfm3o&from=ium5&uid=WDCXWD10EZEX-75ZF5A0_WD-WCC1S143714637146
Donnée Trouvée : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [(Default)] - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.mystartsearch.com/?type=sc&ts=1431171972&z=e2a9851dab0e2ffe9c34369g4zec6g9gembg2tfm3o&from=ium5&uid=WDCXWD10EZEX-75ZF5A0_WD-WCC1S143714637146
Donnée Trouvée : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyEnable] - 1
Donnée Trouvée : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>
Donnée Trouvée : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - hxxp=127.0.0.1:62882;hxxps=127.0.0.1:62882
Valeur Trouvée : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [sweetsearch@gmail.com]
Valeur Trouvée : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [DefaultConnectionSettings]
Valeur Trouvée : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [SavedLegacySettings]
          • [ Navigateurs ] *****


-\\ Internet Explorer v11.0.9600.17416

Paramètre Trouvé : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.mystartsearch.com/web/?type=ds&ts=1431171972&z=e2a9851dab0e2ffe9c34369g4zec6g9gembg2tfm3o&from=ium5&uid=WDCXWD10EZEX-75ZF5A0_WD-WCC1S143714637146&q={searchTerms}
Paramètre Trouvé : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.sweet-page.com/?type=hp&ts=1405943907&from=cor&uid=WDCXWD10EZEX-75ZF5A0_WD-WCC1S143714637146
Paramètre Trouvé : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.mystartsearch.com/web/?type=ds&ts=1431171972&z=e2a9851dab0e2ffe9c34369g4zec6g9gembg2tfm3o&from=ium5&uid=WDCXWD10EZEX-75ZF5A0_WD-WCC1S143714637146&q={searchTerms}
Paramètre Trouvé : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.mystartsearch.com/web/?type=ds&ts=1431171972&z=e2a9851dab0e2ffe9c34369g4zec6g9gembg2tfm3o&from=ium5&uid=WDCXWD10EZEX-75ZF5A0_WD-WCC1S143714637146&q={searchTerms}
Paramètre Trouvé : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.mystartsearch.com/web/?type=ds&ts=1431171972&z=e2a9851dab0e2ffe9c34369g4zec6g9gembg2tfm3o&from=ium5&uid=WDCXWD10EZEX-75ZF5A0_WD-WCC1S143714637146&q={searchTerms}

-\\ Mozilla Firefox v37.0.2 (x86 fr)

[k6ilkju0.default] - Ligne Trouvée : user_pref("browser.search.defaultenginename", "mystartsearch");
[k6ilkju0.default] - Ligne Trouvée : user_pref("browser.search.searchengine.alias", "mystartsearch");
[k6ilkju0.default] - Ligne Trouvée : user_pref("browser.search.searchengine.iconURL", "hxxp://www.mystartsearch.com/favicon.ico");
[k6ilkju0.default] - Ligne Trouvée : user_pref("browser.search.searchengine.name", "mystartsearch");
[k6ilkju0.default] - Ligne Trouvée : user_pref("browser.search.searchengine.url", "hxxp://www.mystartsearch.com/web/?type=ds&ts=1431171972&z=e2a9851dab0e2ffe9c34369g4zec6g9gembg2tfm3o&from=ium5&uid=WDCXWD10EZEX-75ZF5A0_WD-WCC1S1437146371[...]
[k6ilkju0.default] - Ligne Trouvée : user_pref("browser.search.selectedEngine", "mystartsearch");
[k6ilkju0.default] - Ligne Trouvée : user_pref("extensions.WN9woTbqkzClxQUj.scode", "(function(){try{if(window.self.location.href.indexOf(\"pdU9rTY6rHY5rHk4rTa5pdnH\")>-1){return;}}catch(e){}try{var d=[[\"trianglecash.com\",\"acebook\",\[...]
[k6ilkju0.default] - Ligne Trouvée : user_pref("extensions.gAXqI1ceu8NorWAx.scode", "(function(){try{if(window.self.location.href.indexOf(\"pdU9rTY6rHY5rHk4rTa5pdnH\")>-1){return;}}catch(e){}try{var d=[[\"trianglecash.com\",\"acebook\",\[...]
[k6ilkju0.default] - Ligne Trouvée : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);
[k6ilkju0.default] - Ligne Trouvée : user_pref("extensions.ueRPumsZ2h8UVljN.scode", "(function(){try{if(window.location.href.indexOf(\"pdU9rTY6rHY5rHk4rTa5pdnH\")>-1){return;}}catch(e){}try{var d=[[\"trianglecash.com\",\"acebook\",\"flyb[...]

-\\ Chromium v


AdwCleaner[R0].txt - [49310 octets] - [09/05/2015 02:12:23]
AdwCleaner[R1].txt - [13199 octets] - [13/05/2015 22:05:13]
AdwCleaner[S0].txt - [46160 octets] - [09/05/2015 02:15:06]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [13321 octets] ##########
A voir également:

8 réponses

Réponse 1 / 8
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 628
13 mai 2015 à 22:16
Salut,

Tu as installé des adwares et programmes parasites sur ton PC qui ouvrent des publicités et ralentissent l'ordinateur et les navigateurs WEB.
Voici la procédure à suivre pour les supprimer :

Commence par ceci :

Fais nettoyer sur AdwCleaner.

puis :

Suis ce tutoriel FRST: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/
(et bien prendre le temps de lire afin d'appliquer correctement - tout y est expliqué).
Télécharge et lance le scan FRST, cela va générer trois rapports FRST :
  • FRST.txt
  • Shortcut.txt
  • Additionnal.txt


Envoie, comme expliqué, ces trois rapports sur le site http://pjjoint.malekal.com et en retour donne les trois liens pjjoint qui mènent à ses rapports ici dans une nouvelle réponse afin que l'on puisse les consulter.
0
Icecrime Messages postés 5 Date d'inscription mercredi 13 mai 2015 Statut Membre Dernière intervention 17 mai 2015
13 mai 2015 à 23:05
Merci pour la rapidité de la réponse^^
Voici les liens demandés
https://pjjoint.malekal.com/files.php?id=20150513_z6x6t11r14s9
https://pjjoint.malekal.com/files.php?id=20150513_x8v5s9v8e11
https://pjjoint.malekal.com/files.php?id=FRST_20150513_d8n9c6x12e13
0
Réponse 2 / 8
OTK Livai
13 mai 2015 à 22:17
Utilise le store de ton logiciel internet ( google, internet explorer, Firefox ) et telecharge "AdBlock" ce module va supprimer les ouverture de page intempestif et les pub sur les coter de la page.
0
piquesous Messages postés 15930 Date d'inscription mercredi 9 janvier 2013 Statut Contributeur Dernière intervention 13 août 2023 6 045
13 mai 2015 à 22:19
Bonjour,

Juste pour information, AdBlock est bien, seulement une fois l'ordinateur "propre".
L'installer après avoir eu une infection ne donne rien.
0
Réponse 3 / 8
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 628
Modifié par Malekal_morte- le 14/05/2015 à 10:10
Bcp d'adwares,

Désinstalle les programmes IOBit, ça sert à rien (Advanced scare, IOBit Malware Fighter etc).



Voici la correction à effectuer avec FRST.
Tu peux t'inspirer de cette note explicative avec des captures d'écran pour t'aider: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/#fix

Ouvre le bloc-notes : Touche Windows + R, dans le champs executer, tape notepad et OK.
Copie/colle dedans ce qui suit :

CHR HKU\S-1-5-21-2997919155-1234199993-1558458210-1004\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [kfecnpmgnlnbmipaogfhoacoioifjgko] - http://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [abfmigjiaapipflmopkaaooigcjjdojh] - C:\Program Files (x86)\LyricsContainer\128.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [agbbmachalkmbecmaamehkfbhaggpckk] - C:\Program Files (x86)\CertifiedToolbar\chrome\CertifiedToolbar.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [kfecnpmgnlnbmipaogfhoacoioifjgko] - http://clients2.google.com/service/update2/crx
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [gmsd_fr_504] => [X]
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:62882;https=127.0.0.1:62882 [Attention - Possible Proxy Malicieux]
FF Extension: No Name - C:\Users\hardias\AppData\Roaming\Mozilla\Firefox\Profiles\k6ilkju0.default\extensions\veggy@veggyAddon.com [Not Found]
FF Extension: No Name - C:\Users\hardias\AppData\Roaming\Mozilla\Firefox\Profiles\k6ilkju0.default\extensions\sweetsearch@gmail.com [Not Found]
FF Extension: No Name - C:\Users\hardias\AppData\Roaming\Mozilla\Firefox\Profiles\k6ilkju0.default\extensions\rssicon@jasnapaka.com [Not Found]
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\hardias\AppData\Roaming\Mozilla\Firefox\Profiles\k6ilkju0.default\Extensions\iobitascsurfingprotection@iobit.com [2015-04-17]
FF Extension: Supreme AdBlocker - C:\Users\hardias\AppData\Roaming\Mozilla\Firefox\Profiles\k6ilkju0.default\Extensions\maqvs__jpcmheyijgm@stvelcqzbbmymi.net [2015-04-17]
FF Extension: nishannaseergoogimagesearchgmailcom - C:\Users\hardias\AppData\Roaming\Mozilla\Firefox\Profiles\k6ilkju0.default\Extensions\nishan.naseer.googimagesearch@gmail.com [2015-05-11]
FF Extension: Zoom It - C:\Users\hardias\AppData\Roaming\Mozilla\Firefox\Profiles\k6ilkju0.default\Extensions\{47564ef9-7013-4a5e-2fd6-1444749ba30a} [2015-05-13]
FF Extension: Web Protector - C:\Users\hardias\AppData\Roaming\Mozilla\Firefox\Profiles\k6ilkju0.default\Extensions\{bcf837d7-fc5f-7a2e-5932-211927489a0b} [2015-05-06]
FF Extension: Deal Keeper - C:\Users\hardias\AppData\Roaming\Mozilla\Firefox\Profiles\k6ilkju0.default\Extensions\firefox@mightydealkeeper.com.xpi [2014-07-15]
R2 EDQLnqaoQ; C:\ProgramData\MyWNDLj\EDQLnqaoQ.exe [2731512 2015-05-06] (Irrational Number Applications)
R2 gcp; c:\windows\gcp.exe [417792 2015-05-06] () [File not signed]
R2 hehopove; C:\Users\hardias\AppData\Roaming\4C4C4544-1431179329-5910-8038-B1C04F4A354A\jnsp36FA.tmp [541696 2015-05-09] () [File not signed]
S2 jovysino; C:\Users\hardias\AppData\Local\4C4C4544-1431186570-5910-8038-B1C04F4A354A\snsz9B35.tmp [X]
S2 nunecyze; C:\Users\hardias\AppData\Roaming\4C4C4544-1429915707-5910-8038-B1C04F4A354A\nsk67B5.tmp [X]
S2 rileburi; C:\Users\hardias\AppData\Roaming\4C4C4544-1429915707-5910-8038-B1C04F4A354A\jnsy4E67.tmp [X]
R2 rupudomi; C:\Users\hardias\AppData\Roaming\4C4C4544-1431179329-5910-8038-B1C04F4A354A\nsi180F.tmp [165376 2015-05-13] () [File not signed]
2015-05-09 17:16 - 2015-05-09 17:17 - 00000000 ____D () C:\Users\hardias\AppData\Roaming\ftblauncher
2015-05-06 21:48 - 2015-05-13 22:46 - 00000000 ____D () C:\Users\hardias\AppData\Local\WebShield
2015-05-06 21:44 - 2015-05-07 18:05 - 00004044 _____ () C:\windows\System32\Tasks\g8KYtufZc23j0u
2015-05-06 21:44 - 2015-05-07 18:05 - 00004034 _____ () C:\windows\System32\Tasks\6FfP4NXoR
2015-05-06 21:44 - 2015-05-06 21:44 - 00005184 _____ () C:\windows\System32\Tasks\temp_c744d5db-2523-4d71-8f9d-748bf2891027-1-6
2015-05-06 21:44 - 2015-05-06 21:44 - 00000000 ____D () C:\Users\Default\AppData\Local\Crossbrowse
2015-05-06 21:44 - 2015-05-06 21:44 - 00000000 ____D () C:\Users\Default User\AppData\Local\Crossbrowse
2015-04-25 11:09 - 2015-05-07 21:06 - 00000004 _____ () C:\windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-04-14 18:28 - 2015-04-14 18:28 - 00004387 _____ () C:\Users\hardias\AppData\Roaming\Wem84OY8AGE
2015-05-05 18:41 - 2015-03-14 16:41 - 00000000 ____D () C:\ProgramData\11139375614925433382
Task: {041620E9-527F-4954-B2AB-B6C74179ED50} - System32\Tasks\Wem84OY8AGE => C:\Users\hardias\AppData\Roaming\Wem84OY8AGE.exe [2015-04-20] () <==== ATTENTION
Task: {228864BC-27B2-435D-B5FC-690FE53F1F93} - System32\Tasks\6FfP4NXoR => C:\Users\hardias\AppData\Roaming\6FfP4NXoR.exe <==== ATTENTION
Task: {24ACE7FD-2A59-40C7-9309-ACC932B2B1D1} - System32\Tasks\temp_c744d5db-2523-4d71-8f9d-748bf2891027-10_user => C:\Program Files (x86)\MediaPlayerVid2.4\c744d5db-2523-4d71-8f9d-748bf2891027-10.exe <==== ATTENTION
Task: {30D5A6DE-EC96-4EEC-8D74-D6DEBF30AA73} - \AdobeFlashPlayerUpdate 2 No Task File <==== ATTENTION
Task: {49D394CA-028E-4BDB-8541-A3BAF873CF25} - \Driver Booster Scan No Task File <==== ATTENTION
Task: {4CCF3ACD-1A7D-4A35-AB89-CAEC13089225} - System32\Tasks\SYTCST => C:\ProgramData\bf027fb0757d43f7bd514bba61f8c6a7\bf027fb0757d43f7bd514bba61f8c6a7.exe [2015-05-07] ()
Task: {5595A7F4-812C-429F-BCC1-7D1DCCEB3472} - \Driver Booster SkipUAC (hardias) No Task File <==== ATTENTION
Task: {587AD2E7-C309-4899-8339-F8DFF3EEF2F5} - System32\Tasks\Updater27096.exe => C:\Users\hardias\AppData\Local\Updater27096\Updater27096.exe <==== ATTENTION
Task: {65902D93-3758-485F-9AA0-8867A896E3D6} - System32\Tasks\temp_94610a37-f0a6-4805-8647-38024cecb8cc-10_user => C:\Program Files (x86)\System NotifierV06.05\94610a37-f0a6-4805-8647-38024cecb8cc-10.exe <==== ATTENTION
Task: {6ADA1CEA-82D9-4465-97D2-67FAAE2C8A6B} - \PCDoctorBackgroundMonitorTask No Task File <==== ATTENTION
Task: {802154ED-86DF-4266-8FF6-C7B11321E467} - \AdobeFlashPlayerUpdate No Task File <==== ATTENTION
Task: {8DA5F6BA-38F2-47A2-B17E-4B95E07571AB} - \Driver Booster Update No Task File <==== ATTENTION
Task: {91F438F8-C262-4D13-88EC-7F72F81F5B2B} - System32\Tasks\g8KYtufZc23j0u => C:\Users\hardias\AppData\Roaming\g8KYtufZc23j0u.exe <==== ATTENTION
Task: {94AA3C1F-7E5B-4AE8-B622-4C3D9D97B129} - \ProPCCleaner_Start No Task File <==== ATTENTION
Task: {BC73FA13-1388-4301-B68E-70908F347F9E} - \SmartDefrag4_Startup No Task File <==== ATTENTION
Task: {E947895C-907E-4634-8687-186457682808} - \AutoKMS No Task File <==== ATTENTION
Task: {F6AEE189-75B2-4021-84C8-77CA362E95BC} - \ProPCCleaner_Popup No Task File <==== ATTENTION
Task: {F953736A-25EC-4F4D-9D94-6BBE4152C3ED} - \Easy Driver Pro Schedule No Task File <==== ATTENTION
Task: C:\windows\Tasks\Wem84OY8AGE.job => C:\Users\hardias\AppData\Roaming\Wem84OY8AGE.exe <==== ATTENTION

Une fois, le texte coller dans le bloc-note.
Menu Fichier puis Enregistrer sous.
A gauche, place toi sur le bureau.
Dans le champs en bas, nom du fichier mets : fixlist.txt
Clic sur Enregistrer - cela va créer un fichier fixlist.txt sur le bureau.

Relance FRST et clic sur le bouton Fix
Selon comment un redémarrage est nécessaire (pas obligatoire).
Un fichier texte apparaît, copie/colle le contenu ici dans un nouveau message.


Redémarre l'ordinateur


puis réinitialise tes navigateurs:
==================================
Réinitialise tes navigateurs et ou manuellement reparamètre tes navigateurs WEB (page de démarrage, moteur de recherche etc) mais aussi supprimer/désactiver les extensions inutiles/parasites :

~~

installe Avast! : https://www.malekal.com/tutoriel-antivirus-avast/
(Surtout active les détections LPIs pour détecter les programmes parasites et publicitaires)



Like the angel you are, you laugh creating a lightness in my chest,
Your eyes they penetrate me,
(Your answer's always 'maybe')
That's when I got up and left
0
Réponse 4 / 8
Icecrime Messages postés 5 Date d'inscription mercredi 13 mai 2015 Statut Membre Dernière intervention 17 mai 2015
14 mai 2015 à 14:49
Merci, voici le rapport FRST

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 14-05-2015 01
Ran by hardias at 2015-05-14 14:30:48 Run:1
Running from C:\Users\hardias\Desktop
Loaded Profiles: hardias (Available profiles: richard & hardias)
Boot Mode: Normal
==============================================

Content of fixlist:

HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [gmsd_fr_504] => [X]
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:62882;https=127.0.0.1:62882 [Attention - Possible Proxy Malicieux]
FF Extension: No Name - C:\Users\hardias\AppData\Roaming\Mozilla\Firefox\Profiles\k6ilkju0.default\extensions\veggy@veggyAddon.com [Not Found]
FF Extension: No Name - C:\Users\hardias\AppData\Roaming\Mozilla\Firefox\Profiles\k6ilkju0.default\extensions\sweetsearch@gmail.com [Not Found]
FF Extension: No Name - C:\Users\hardias\AppData\Roaming\Mozilla\Firefox\Profiles\k6ilkju0.default\extensions\rssicon@jasnapaka.com [Not Found]
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\hardias\AppData\Roaming\Mozilla\Firefox\Profiles\k6ilkju0.default\Extensions\iobitascsurfingprotection@iobit.com [2015-04-17]
FF Extension: Supreme AdBlocker - C:\Users\hardias\AppData\Roaming\Mozilla\Firefox\Profiles\k6ilkju0.default\Extensions\maqvs__jpcmheyijgm@stvelcqzbbmymi.net [2015-04-17]
FF Extension: nishannaseergoogimagesearchgmailcom - C:\Users\hardias\AppData\Roaming\Mozilla\Firefox\Profiles\k6ilkju0.default\Extensions\nishan.naseer.googimagesearch@gmail.com [2015-05-11]
FF Extension: Zoom It - C:\Users\hardias\AppData\Roaming\Mozilla\Firefox\Profiles\k6ilkju0.default\Extensions\{47564ef9-7013-4a5e-2fd6-1444749ba30a} [2015-05-13]
FF Extension: Web Protector - C:\Users\hardias\AppData\Roaming\Mozilla\Firefox\Profiles\k6ilkju0.default\Extensions\{bcf837d7-fc5f-7a2e-5932-211927489a0b} [2015-05-06]
FF Extension: Deal Keeper - C:\Users\hardias\AppData\Roaming\Mozilla\Firefox\Profiles\k6ilkju0.default\Extensions\firefox@mightydealkeeper.com.xpi [2014-07-15]
R2 EDQLnqaoQ; C:\ProgramData\MyWNDLj\EDQLnqaoQ.exe [2731512 2015-05-06] (Irrational Number Applications)
R2 gcp; c:\windows\gcp.exe [417792 2015-05-06] () [File not signed]
R2 hehopove; C:\Users\hardias\AppData\Roaming\4C4C4544-1431179329-5910-8038-B1C04F4A354A\jnsp36FA.tmp [541696 2015-05-09] () [File not signed]
S2 jovysino; C:\Users\hardias\AppData\Local\4C4C4544-1431186570-5910-8038-B1C04F4A354A\snsz9B35.tmp [X]
S2 nunecyze; C:\Users\hardias\AppData\Roaming\4C4C4544-1429915707-5910-8038-B1C04F4A354A\nsk67B5.tmp [X]
S2 rileburi; C:\Users\hardias\AppData\Roaming\4C4C4544-1429915707-5910-8038-B1C04F4A354A\jnsy4E67.tmp [X]
R2 rupudomi; C:\Users\hardias\AppData\Roaming\4C4C4544-1431179329-5910-8038-B1C04F4A354A\nsi180F.tmp [165376 2015-05-13] () [File not signed]
2015-05-09 17:16 - 2015-05-09 17:17 - 00000000 ____D () C:\Users\hardias\AppData\Roaming\ftblauncher
2015-05-06 21:48 - 2015-05-13 22:46 - 00000000 ____D () C:\Users\hardias\AppData\Local\WebShield
2015-05-06 21:44 - 2015-05-07 18:05 - 00004044 _____ () C:\windows\System32\Tasks\g8KYtufZc23j0u
2015-05-06 21:44 - 2015-05-07 18:05 - 00004034 _____ () C:\windows\System32\Tasks\6FfP4NXoR
2015-05-06 21:44 - 2015-05-06 21:44 - 00005184 _____ () C:\windows\System32\Tasks\temp_c744d5db-2523-4d71-8f9d-748bf2891027-1-6
2015-05-06 21:44 - 2015-05-06 21:44 - 00000000 ____D () C:\Users\Default\AppData\Local\Crossbrowse
2015-05-06 21:44 - 2015-05-06 21:44 - 00000000 ____D () C:\Users\Default User\AppData\Local\Crossbrowse
2015-04-25 11:09 - 2015-05-07 21:06 - 00000004 _____ () C:\windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-04-14 18:28 - 2015-04-14 18:28 - 00004387 _____ () C:\Users\hardias\AppData\Roaming\Wem84OY8AGE
2015-05-05 18:41 - 2015-03-14 16:41 - 00000000 ____D () C:\ProgramData\11139375614925433382
Task: {041620E9-527F-4954-B2AB-B6C74179ED50} - System32\Tasks\Wem84OY8AGE => C:\Users\hardias\AppData\Roaming\Wem84OY8AGE.exe [2015-04-20] () <==== ATTENTION
Task: {228864BC-27B2-435D-B5FC-690FE53F1F93} - System32\Tasks\6FfP4NXoR => C:\Users\hardias\AppData\Roaming\6FfP4NXoR.exe <==== ATTENTION
Task: {24ACE7FD-2A59-40C7-9309-ACC932B2B1D1} - System32\Tasks\temp_c744d5db-2523-4d71-8f9d-748bf2891027-10_user => C:\Program Files (x86)\MediaPlayerVid2.4\c744d5db-2523-4d71-8f9d-748bf2891027-10.exe <==== ATTENTION
Task: {30D5A6DE-EC96-4EEC-8D74-D6DEBF30AA73} - \AdobeFlashPlayerUpdate 2 No Task File <==== ATTENTION
Task: {49D394CA-028E-4BDB-8541-A3BAF873CF25} - \Driver Booster Scan No Task File <==== ATTENTION
Task: {4CCF3ACD-1A7D-4A35-AB89-CAEC13089225} - System32\Tasks\SYTCST => C:\ProgramData\bf027fb0757d43f7bd514bba61f8c6a7\bf027fb0757d43f7bd514bba61f8c6a7.exe [2015-05-07] ()
Task: {5595A7F4-812C-429F-BCC1-7D1DCCEB3472} - \Driver Booster SkipUAC (hardias) No Task File <==== ATTENTION
Task: {587AD2E7-C309-4899-8339-F8DFF3EEF2F5} - System32\Tasks\Updater27096.exe => C:\Users\hardias\AppData\Local\Updater27096\Updater27096.exe <==== ATTENTION
Task: {65902D93-3758-485F-9AA0-8867A896E3D6} - System32\Tasks\temp_94610a37-f0a6-4805-8647-38024cecb8cc-10_user => C:\Program Files (x86)\System NotifierV06.05\94610a37-f0a6-4805-8647-38024cecb8cc-10.exe <==== ATTENTION
Task: {6ADA1CEA-82D9-4465-97D2-67FAAE2C8A6B} - \PCDoctorBackgroundMonitorTask No Task File <==== ATTENTION
Task: {802154ED-86DF-4266-8FF6-C7B11321E467} - \AdobeFlashPlayerUpdate No Task File <==== ATTENTION
Task: {8DA5F6BA-38F2-47A2-B17E-4B95E07571AB} - \Driver Booster Update No Task File <==== ATTENTION
Task: {91F438F8-C262-4D13-88EC-7F72F81F5B2B} - System32\Tasks\g8KYtufZc23j0u => C:\Users\hardias\AppData\Roaming\g8KYtufZc23j0u.exe <==== ATTENTION
Task: {94AA3C1F-7E5B-4AE8-B622-4C3D9D97B129} - \ProPCCleaner_Start No Task File <==== ATTENTION
Task: {BC73FA13-1388-4301-B68E-70908F347F9E} - \SmartDefrag4_Startup No Task File <==== ATTENTION
Task: {E947895C-907E-4634-8687-186457682808} - \AutoKMS No Task File <==== ATTENTION
Task: {F6AEE189-75B2-4021-84C8-77CA362E95BC} - \ProPCCleaner_Popup No Task File <==== ATTENTION
Task: {F953736A-25EC-4F4D-9D94-6BBE4152C3ED} - \Easy Driver Pro Schedule No Task File <==== ATTENTION
Task: C:\windows\Tasks\Wem84OY8AGE.job => C:\Users\hardias\AppData\Roaming\Wem84OY8AGE.exe <==== ATTENTION


HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\gmsd_fr_504 => value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value deleted successfully.
C:\Users\hardias\AppData\Roaming\Mozilla\Firefox\Profiles\k6ilkju0.default\extensions\veggy@veggyAddon.com => Moved successfully.
C:\Users\hardias\AppData\Roaming\Mozilla\Firefox\Profiles\k6ilkju0.default\extensions\sweetsearch@gmail.com not found.
C:\Users\hardias\AppData\Roaming\Mozilla\Firefox\Profiles\k6ilkju0.default\extensions\rssicon@jasnapaka.com not found.
C:\Users\hardias\AppData\Roaming\Mozilla\Firefox\Profiles\k6ilkju0.default\Extensions\iobitascsurfingprotection@iobit.com not found.
C:\Users\hardias\AppData\Roaming\Mozilla\Firefox\Profiles\k6ilkju0.default\Extensions\maqvs__jpcmheyijgm@stvelcqzbbmymi.net => Moved successfully.
C:\Users\hardias\AppData\Roaming\Mozilla\Firefox\Profiles\k6ilkju0.default\Extensions\nishan.naseer.googimagesearch@gmail.com => Moved successfully.
C:\Users\hardias\AppData\Roaming\Mozilla\Firefox\Profiles\k6ilkju0.default\Extensions\{47564ef9-7013-4a5e-2fd6-1444749ba30a} => Moved successfully.
C:\Users\hardias\AppData\Roaming\Mozilla\Firefox\Profiles\k6ilkju0.default\Extensions\{bcf837d7-fc5f-7a2e-5932-211927489a0b} => Moved successfully.
C:\Users\hardias\AppData\Roaming\Mozilla\Firefox\Profiles\k6ilkju0.default\Extensions\firefox@mightydealkeeper.com.xpi => Moved successfully.
EDQLnqaoQ => Unable to stop service
EDQLnqaoQ => Service deleted successfully.
gcp => Unable to stop service
gcp => Service deleted successfully.
hehopove => Unable to stop service
hehopove => Service deleted successfully.
jovysino => Service deleted successfully.
nunecyze => Service deleted successfully.
rileburi => Service deleted successfully.
rupudomi => Service not found.
C:\Users\hardias\AppData\Roaming\ftblauncher => Moved successfully.
C:\Users\hardias\AppData\Local\WebShield => Moved successfully.
C:\windows\System32\Tasks\g8KYtufZc23j0u => Moved successfully.
C:\windows\System32\Tasks\6FfP4NXoR => Moved successfully.
C:\windows\System32\Tasks\temp_c744d5db-2523-4d71-8f9d-748bf2891027-1-6 => Moved successfully.
C:\Users\Default\AppData\Local\Crossbrowse => Moved successfully.
"C:\Users\Default User\AppData\Local\Crossbrowse" => File/Directory not found.
C:\windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7 => Moved successfully.
C:\Users\hardias\AppData\Roaming\Wem84OY8AGE => Moved successfully.
C:\ProgramData\11139375614925433382 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{041620E9-527F-4954-B2AB-B6C74179ED50}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{041620E9-527F-4954-B2AB-B6C74179ED50}" => Key deleted successfully.
C:\Windows\System32\Tasks\Wem84OY8AGE => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Wem84OY8AGE" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{228864BC-27B2-435D-B5FC-690FE53F1F93}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{228864BC-27B2-435D-B5FC-690FE53F1F93}" => Key deleted successfully.
C:\Windows\System32\Tasks\6FfP4NXoR not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\6FfP4NXoR" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{24ACE7FD-2A59-40C7-9309-ACC932B2B1D1}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{24ACE7FD-2A59-40C7-9309-ACC932B2B1D1}" => Key deleted successfully.
C:\Windows\System32\Tasks\temp_c744d5db-2523-4d71-8f9d-748bf2891027-10_user => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\temp_c744d5db-2523-4d71-8f9d-748bf2891027-10_user" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{30D5A6DE-EC96-4EEC-8D74-D6DEBF30AA73}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{30D5A6DE-EC96-4EEC-8D74-D6DEBF30AA73}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdobeFlashPlayerUpdate 2" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{49D394CA-028E-4BDB-8541-A3BAF873CF25} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Scan => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4CCF3ACD-1A7D-4A35-AB89-CAEC13089225}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4CCF3ACD-1A7D-4A35-AB89-CAEC13089225}" => Key deleted successfully.
C:\Windows\System32\Tasks\SYTCST => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SYTCST" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5595A7F4-812C-429F-BCC1-7D1DCCEB3472}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5595A7F4-812C-429F-BCC1-7D1DCCEB3472}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster SkipUAC (hardias)" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{587AD2E7-C309-4899-8339-F8DFF3EEF2F5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{587AD2E7-C309-4899-8339-F8DFF3EEF2F5}" => Key deleted successfully.
C:\Windows\System32\Tasks\Updater27096.exe => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Updater27096.exe" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{65902D93-3758-485F-9AA0-8867A896E3D6}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{65902D93-3758-485F-9AA0-8867A896E3D6}" => Key deleted successfully.
C:\Windows\System32\Tasks\temp_94610a37-f0a6-4805-8647-38024cecb8cc-10_user => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\temp_94610a37-f0a6-4805-8647-38024cecb8cc-10_user" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6ADA1CEA-82D9-4465-97D2-67FAAE2C8A6B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6ADA1CEA-82D9-4465-97D2-67FAAE2C8A6B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PCDoctorBackgroundMonitorTask" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{802154ED-86DF-4266-8FF6-C7B11321E467}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{802154ED-86DF-4266-8FF6-C7B11321E467}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdobeFlashPlayerUpdate" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8DA5F6BA-38F2-47A2-B17E-4B95E07571AB} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Update => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{91F438F8-C262-4D13-88EC-7F72F81F5B2B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{91F438F8-C262-4D13-88EC-7F72F81F5B2B}" => Key deleted successfully.
C:\Windows\System32\Tasks\g8KYtufZc23j0u not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\g8KYtufZc23j0u" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{94AA3C1F-7E5B-4AE8-B622-4C3D9D97B129}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{94AA3C1F-7E5B-4AE8-B622-4C3D9D97B129}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ProPCCleaner_Start" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BC73FA13-1388-4301-B68E-70908F347F9E} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SmartDefrag4_Startup => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{E947895C-907E-4634-8687-186457682808}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E947895C-907E-4634-8687-186457682808}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F6AEE189-75B2-4021-84C8-77CA362E95BC}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F6AEE189-75B2-4021-84C8-77CA362E95BC}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ProPCCleaner_Popup" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F953736A-25EC-4F4D-9D94-6BBE4152C3ED}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F953736A-25EC-4F4D-9D94-6BBE4152C3ED}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Easy Driver Pro Schedule" => Key deleted successfully.
C:\windows\Tasks\Wem84OY8AGE.job => Moved successfully.


The system needed a reboot.

End of Fixlog 14:31:05

0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 8
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 628
14 mai 2015 à 15:01
ok fais le reste et vois ce que cela donne.
0
Réponse 6 / 8
Icecrime Messages postés 5 Date d'inscription mercredi 13 mai 2015 Statut Membre Dernière intervention 17 mai 2015
14 mai 2015 à 21:12
Après 6h de scan (avast....) tout a l'air d'être revenu a la normale.
Je vais attendre un petit peu avant de passer en "résolu".
Merci beaucoup pour tous ces conseil et surtout la rapidité du traitement de ma demande.
0
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 628
15 mai 2015 à 00:02
ça roule =)
0
Réponse 7 / 8
Icecrime Messages postés 5 Date d'inscription mercredi 13 mai 2015 Statut Membre Dernière intervention 17 mai 2015
17 mai 2015 à 13:58
OK plus de publicité intempestive, encore merci.
0
Réponse 8 / 8
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 628
17 mai 2015 à 14:10
=)


Voila, c'est terminé, tu peux supprimer les programmes utilisés.

Quelques conseils :


Pour prévenir les sites malicieux, tu peux installer Blockulicious : https://forum.malekal.com/viewtopic.php?t=46656&start=


Pour ne plus te faire avoir.
A lire - Programmes parasites / PUPs : https://www.malekal.com/adwares-pup-protection/
(Surtout active les détections LPIs pour détecter les programmes parasites et publicitaires)


Le reste de la sécurité : http://forum.malekal.com/comment-securiser-son-ordinateur.html

0

Discussions similaires

[PIX] Commencer chaque poème sur une nouvelle page
ETHAN -
Willzac -

19 réponses
Comment consulter mon solde internet Lycamobile ?
MohandAmokraneHANDALA -
Matthews89 -

17 réponses
Je tiens combien de temps avec 2Go d'internet ?
champi100 -
dadout -

7 réponses