Help pub ads [Résolu]

Réponse 1 / 6

Malekal_morte- Messages postés 180304 Date d'inscription Statut Modérateur, Contributeur sécurité Dernière intervention 24 685

Salut,

Je regarde les rapports =)

Malekal_morte- Messages postés 180304 Date d'inscription Statut Modérateur, Contributeur sécurité Dernière intervention 24 685

il manque la fin du rapport FRST.txt
Faudrait le redonner.

Heylabrune Messages postés 3 Date d'inscription Statut Membre Dernière intervention

AH pardon je redonne tout ça:
FRST: https://pjjoint.malekal.com/files.php?id=20150606_g14x13g5f15m9
Addition:https://pjjoint.malekal.com/files.php?id=20150606_l11o5x15w15i13
Shortcut :https://pjjoint.malekal.com/files.php?id=20150606_y11s13q11g10c7

CA devrait être bon ,normalement!!!:)

Réponse 2 / 6

Malekal_morte- Messages postés 180304 Date d'inscription Statut Modérateur, Contributeur sécurité Dernière intervention 24 685

Voici la correction à effectuer avec FRST.
Tu peux t'inspirer de cette note explicative avec des captures d'écran pour t'aider: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/#fix

Ouvre le bloc-notes : Touche Windows + R, dans le champs executer, tape notepad et OK.
Copie/colle dedans ce qui suit :

Task: {787EE349-5460-42DF-8269-644978AD504D} - System32\Tasks\Run_Bobby_Browser => C:\Users\alexandra\AppData\Local\BoBrowser\Application\bobrowser.exe [2014-11-19] () <==== ATTENTION
Task: {9A88BB7A-AFAD-49CF-9592-BE2C296DA266} - System32\Tasks\BackgroundContainer Startup Task => Rundll32.exe "C:\Users\alexandra\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun <==== ATTENTION
Task: {9C23DB01-BC5A-42D8-98A4-A2BB3CB180C1} - \DealPlyUpdate No Task File <==== ATTENTION
HKU\S-1-5-21-2687953633-1713756693-4218504553-1000\...\Run: [BackgroundContainer] => "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\alexandra\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun <===== ATTENTION
HKU\S-1-5-21-2687953633-1713756693-4218504553-1000\...\Run: [WindApp] => "C:\Users\alexandra\AppData\Roaming\Store\WindApp\WindApp Update.exe" /winstartup
HKU\S-1-5-21-2687953633-1713756693-4218504553-1000\...\Run: [uTorrent] => C:\Program Files (x86)\uTorrent\uTorrent.exe [399736 2014-11-04] (BitTorrent, Inc.)
HKU\S-1-5-21-2687953633-1713756693-4218504553-1000\...\Run: [GoogleChromeAutoLaunch_2006FA8349CEF703961C83A64615EA1C] => "C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe" --no-startup-window
ProxyServer: [S-1-5-21-2687953633-1713756693-4218504553-1000] => http=localhost:51932
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.webpageing.com/?type=hp&ts=1413301414&from=nsbfr&uid=HitachiXHTS547564A9E384_110408J23B0053G5SWZRX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/webhp?gws_rd=ssl{searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.webpageing.com/?type=hp&ts=1413301414&from=nsbfr&uid=HitachiXHTS547564A9E384_110408J23B0053G5SWZRX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.google.com/webhp?gws_rd=ssl{searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
BHO: iWin Games Toolbar -> {c29f28ce-1c64-483d-80cc-05ab2aff3e5c} -> C:\Program Files (x86)\iwingamestoolbar\encyclopediabritannicagamesbarX64.dll No File
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
BHO-x32: Conduit Engine -> {30F9B915-B755-4826-820B-08FBA6BD249D} -> C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll [2011-01-17] ()
BHO-x32: iWin Games Toolbar -> {c29f28ce-1c64-483d-80cc-05ab2aff3e5c} -> C:\Program Files (x86)\iwingamestoolbar\encyclopediabritannicagamesbarX.dll No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM - iWin Games Toolbar - {c29f28ce-1c64-483d-80cc-05ab2aff3e5c} - C:\Program Files (x86)\iwingamestoolbar\encyclopediabritannicagamesbarX64.dll No File
Toolbar: HKLM-x32 - No Name - {ce0c2586-da36-452b-acdb-320d9bcb19bf} - No File
Toolbar: HKLM-x32 - Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll [2011-01-17] ()
Toolbar: HKLM-x32 - iWin Games Toolbar - {c29f28ce-1c64-483d-80cc-05ab2aff3e5c} - C:\Program Files (x86)\iwingamestoolbar\encyclopediabritannicagamesbarX.dll No File
CHR HKU\S-1-5-21-2687953633-1713756693-4218504553-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [biahaobfpkgeiomkihcdgknebbhadonc] - C:\Users\alexandra\AppData\Local\CRE\biahaobfpkgeiomkihcdgknebbhadonc.crx [Not Found]
CHR HKU\S-1-5-21-2687953633-1713756693-4218504553-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gaiilaahiahdejapggenmdmafpmbipje] - C:\Program Files (x86)\DealPly\DealPly.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [biahaobfpkgeiomkihcdgknebbhadonc] - C:\Users\alexandra\AppData\Local\CRE\biahaobfpkgeiomkihcdgknebbhadonc.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\IB Updater\source.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [fdloijijlkoblmigdofommgnheckmaki] - C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16\funmoodsOEM.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [fgfdfcbeamjnjdejakdidpniblllnbpg] - C:\Windows\SysWOW64\jmdp\pnte.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [gaiilaahiahdejapggenmdmafpmbipje] - C:\Program Files (x86)\DealPly\DealPly.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [iaimhpklononapfjngelgdokckfjekfc] - C:\Program Files (x86)\Whilokii\iaimhpklononapfjngelgdokckfjekfc.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [jcdgjdiieiljkfkdcloehkohchhpekkn] - C:\Users\alexandra\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [mibfbmhijjgpkmobcfdlelpccpeafoom] - No Path Or update_url value
CHR HKLM-x32\...\Chrome\Extension: [mpieaakhacmfleokhjcjnpcnmnmpfkid] - C:\Program Files (x86)\fbphotozoom\fbphotozoom.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [ogccgbmabaphcakpiclgcnmcnimhokcj] - C:\Windows\SysWOW64\mjcm\SweetNT.crx [2014-06-24]
S2 trntv; C:\Users\alexandra\AppData\Roaming\TornTV.com\TornTVSvc.exe [10240 2014-08-19] () [File not signed]
C:\Users\alexandra\AppData\Roaming\TornTV.com
S2 IBUpdaterService; C:\Windows\system32\dmwu.exe [3039536 2015-01-05] () [File not signed]
2015-06-06 18:17 - 2014-10-14 17:19 - 00000000 ____D C:\Users\alexandra\AppData\Roaming\TornTV.com
2015-06-06 18:17 - 2014-08-05 11:19 - 00000000 ____D C:\Users\alexandra\AppData\Local\Amigo
2015-06-06 18:17 - 2014-04-13 13:57 - 00000000 ____D C:\Windows\SysWOW64\jmdp
2015-06-06 18:17 - 2014-04-13 13:57 - 00000000 ____D C:\Windows\system32\ljkb
2015-06-06 18:17 - 2013-04-10 17:42 - 00000000 ____D C:\Windows\SysWOW64\ARFC
2015-06-06 18:17 - 2012-12-23 23:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly
2015-06-06 18:17 - 2012-11-24 14:39 - 00000000 ____D C:\Windows\SysWOW64\WNLT
2015-06-06 18:17 - 2012-11-24 14:25 - 00000000 ____D C:\Users\alexandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV Player
2015-06-06 18:17 - 2012-01-18 22:32 - 00000000 ____D C:\Users\alexandra\AppData\Roaming\quickclick
2015-06-06 18:17 - 2011-12-16 17:48 - 00000000 ____D C:\Users\alexandra\AppData\Roaming\OpenCandy
2015-06-06 18:17 - 2011-08-15 19:12 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2015-06-06 18:17 - 2011-07-09 21:06 - 00000000 ____D C:\Users\alexandra\AppData\Local\Conduit
2015-06-06 18:16 - 2014-04-01 10:53 - 00000000 ____D C:\Program Files (x86)\GamesBar
2015-06-06 18:16 - 2013-10-07 23:20 - 00000000 ____D C:\Program Files (x86)\MyPC Backup
2015-06-06 18:16 - 2013-09-30 18:11 - 00000000 ____D C:\ProgramData\DSearchLink
2015-06-06 18:16 - 2013-09-04 16:56 - 00000000 ____D C:\Program Files (x86)\Plus-HD-3.5
2015-06-06 18:16 - 2012-12-23 23:14 - 00000000 ____D C:\Program Files (x86)\DealPly
2015-06-06 18:16 - 2012-11-24 14:31 - 00000000 ____D C:\Kreapixel
2015-06-06 18:16 - 2012-11-24 14:28 - 00000000 ____D C:\Program Files (x86)\Webplayer setup
2015-06-06 18:16 - 2012-11-24 14:25 - 00000000 ____D C:\Program Files (x86)\FLVPlayer
2015-06-06 18:16 - 2012-04-16 13:49 - 00000000 ____D C:\Program Files (x86)\SweetIM
2015-06-06 18:16 - 2012-02-16 19:00 - 00000000 ____D C:\Program Files (x86)\~BabylonToolbar
2015-06-06 18:16 - 2011-07-09 21:07 - 00000000 ____D C:\Program Files (x86)\ConduitEngine

Une fois, le texte coller dans le bloc-note.
Menu Fichier puis Enregistrer sous.
A gauche, place toi sur le bureau.
Dans le champs en bas, nom du fichier mets : fixlist.txt
Clic sur Enregistrer - cela va créer un fichier fixlist.txt sur le bureau.

Relance FRST et clic sur le bouton Fix
Selon comment un redémarrage est nécessaire (pas obligatoire).
Un fichier texte apparaît, copie/colle le contenu ici dans un nouveau message.

Redémarre l'ordinateur

puis réinitialise tes navigateurs:
==================================
Réinitialise tes navigateurs et ou manuellement reparamètre tes navigateurs WEB (page de démarrage, moteur de recherche etc) mais aussi supprimer/désactiver les extensions inutiles/parasites :

Firefox : https://www.malekal.com/reparer-firefox/?t=36057&start=
Google Chrome : https://www.malekal.com/reparer-google-chrome/?t=35837&start=
Internet Explorer et modules complémentaires / moteurs de recherche : https://forum.malekal.com/viewtopic.php?t=41399&start=

Heylabrune Messages postés 3 Date d'inscription Statut Membre Dernière intervention

VOici le rapport après le fix:
Fix result of Farbar Recovery Scan Tool (x64) Version:06-06-2015
Ran by alexandra at 2015-06-06 22:58:35 Run:1
Running from C:\Users\alexandra\Desktop
Loaded Profiles: alexandra (Available Profiles: alexandra)
Boot Mode: Normal
==============================================

fixlist content:

Task: {787EE349-5460-42DF-8269-644978AD504D} - System32\Tasks\Run_Bobby_Browser => C:\Users\alexandra\AppData\Local\BoBrowser\Application\bobrowser.exe [2014-11-19] () <==== ATTENTION
Task: {9A88BB7A-AFAD-49CF-9592-BE2C296DA266} - System32\Tasks\BackgroundContainer Startup Task => Rundll32.exe "C:\Users\alexandra\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun <==== ATTENTION
Task: {9C23DB01-BC5A-42D8-98A4-A2BB3CB180C1} - \DealPlyUpdate No Task File <==== ATTENTION
HKU\S-1-5-21-2687953633-1713756693-4218504553-1000\...\Run: [BackgroundContainer] => "C: WINDOWS\SysWOW64\Rundll32.exe" "C:\Users\alexandra\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun <===== ATTENTION
HKU\S-1-5-21-2687953633-1713756693-4218504553-1000\...\Run: [WindApp] => "C:\Users\alexandra\AppData\Roaming\Store\WindApp\WindApp Update.exe" /winstartup
HKU\S-1-5-21-2687953633-1713756693-4218504553-1000\...\Run: UTORRENT] => C:\Program Files (x86)\uTorrent\uTorrent.exe [399736 2014-11-04] (BitTorrent, Inc.)
HKU\S-1-5-21-2687953633-1713756693-4218504553-1000\...\Run: [GoogleChromeAutoLaunch_2006FA8349CEF703961C83A64615EA1C] => "C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe" --no-startup-window
ProxyServer: [S-1-5-21-2687953633-1713756693-4218504553-1000] => http=localhost:51932
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.webpageing.com/?type=hp&ts=1413301414&from=nsbfr&uid=HitachiXHTS547564A9E384_110408J23B0053G5SWZRX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/webhp?gws_rd=ssl{searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.webpageing.com/?type=hp&ts=1413301414&from=nsbfr&uid=HitachiXHTS547564A9E384_110408J23B0053G5SWZRX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.google.com/webhp?gws_rd=ssl{searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
BHO: iWin Games Toolbar -> {c29f28ce-1c64-483d-80cc-05ab2aff3e5c} -> C:\Program Files (x86)\iwingamestoolbar\encyclopediabritannicagamesbarX64.dll No File
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files MICROSOFT OFFICE15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
BHO-x32: Conduit Engine -> {30F9B915-B755-4826-820B-08FBA6BD249D} -> C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll [2011-01-17] ()
BHO-x32: iWin Games Toolbar -> {c29f28ce-1c64-483d-80cc-05ab2aff3e5c} -> C:\Program Files (x86)\iwingamestoolbar\encyclopediabritannicagamesbarX.dll No File
Toolbar: HKLM - NO NAME - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM - iWin Games Toolbar - {c29f28ce-1c64-483d-80cc-05ab2aff3e5c} - C:\Program Files (x86)\iwingamestoolbar\encyclopediabritannicagamesbarX64.dll No File
Toolbar: HKLM-x32 - No Name - {ce0c2586-da36-452b-acdb-320d9bcb19bf} - No File
Toolbar: HKLM-x32 - Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll [2011-01-17] ()
Toolbar: HKLM-x32 - iWin Games Toolbar - {c29f28ce-1c64-483d-80cc-05ab2aff3e5c} - C:\Program Files (x86)\iwingamestoolbar\encyclopediabritannicagamesbarX.dll No File
CHR HKU\S-1-5-21-2687953633-1713756693-4218504553-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [biahaobfpkgeiomkihcdgknebbhadonc] - C:\Users\alexandra\AppData\Local\CRE\biahaobfpkgeiomkihcdgknebbhadonc.crx [Not Found]
CHR HKU\S-1-5-21-2687953633-1713756693-4218504553-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gaiilaahiahdejapggenmdmafpmbipje] - C:\Program Files (x86)\DealPly\DealPly.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [biahaobfpkgeiomkihcdgknebbhadonc] - C:\Users\alexandra\AppData\Local\CRE\biahaobfpkgeiomkihcdgknebbhadonc.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\IB Updater\source.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [fdloijijlkoblmigdofommgnheckmaki] - C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16\funmoodsOEM.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [fgfdfcbeamjnjdejakdidpniblllnbpg] - C:\Windows\SysWOW64\jmdp\pnte.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [gaiilaahiahdejapggenmdmafpmbipje] - C:\Program Files (x86)\DealPly\DealPly.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [iaimhpklononapfjngelgdokckfjekfc] - C:\Program Files (x86)\Whilokii\iaimhpklononapfjngelgdokckfjekfc.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [jcdgjdiieiljkfkdcloehkohchhpekkn] - C:\Users\alexandra\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [mibfbmhijjgpkmobcfdlelpccpeafoom] - No Path Or update_url value
CHR HKLM-x32\...\Chrome\Extension: [mpieaakhacmfleokhjcjnpcnmnmpfkid] - C:\Program Files (x86)\fbphotozoom\fbphotozoom.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [ogccgbmabaphcakpiclgcnmcnimhokcj] - C:\Windows\SysWOW64\mjcm\SweetNT.crx [2014-06-24]
S2 trntv; C:\Users\alexandra\AppData\Roaming\TornTV.com\TornTVSvc.exe [10240 2014-08-19] () [File not signed]
C:\Users\alexandra\AppData\Roaming\TornTV.com
S2 IBUpdaterService; C:\Windows\system32\dmwu.exe [3039536 2015-01-05] () [File not signed]
2015-06-06 18:17 - 2014-10-14 17:19 - 00000000 ____D C:\Users\alexandra\AppData\Roaming\TornTV.com
2015-06-06 18:17 - 2014-08-05 11:19 - 00000000 ____D C:\Users\alexandra\AppData\Local\Amigo
2015-06-06 18:17 - 2014-04-13 13:57 - 00000000 ____D C:\Windows\SysWOW64\jmdp
2015-06-06 18:17 - 2014-04-13 13:57 - 00000000 ____D C:\Windows\system32\ljkb
2015-06-06 18:17 - 2013-04-10 17:42 - 00000000 ____D C:\Windows\SysWOW64\ARFC
2015-06-06 18:17 - 2012-12-23 23:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly
2015-06-06 18:17 - 2012-11-24 14:39 - 00000000 ____D C:\Windows\SysWOW64\WNLT
2015-06-06 18:17 - 2012-11-24 14:25 - 00000000 ____D C:\Users\alexandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV Player
2015-06-06 18:17 - 2012-01-18 22:32 - 00000000 ____D C:\Users\alexandra\AppData\Roaming\quickclick
2015-06-06 18:17 - 2011-12-16 17:48 - 00000000 ____D C:\Users\alexandra\AppData\Roaming\OpenCandy
2015-06-06 18:17 - 2011-08-15 19:12 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2015-06-06 18:17 - 2011-07-09 21:06 - 00000000 ____D C:\Users\alexandra\AppData\Local\Conduit
2015-06-06 18:16 - 2014-04-01 10:53 - 00000000 ____D C:\Program Files (x86)\GamesBar
2015-06-06 18:16 - 2013-10-07 23:20 - 00000000 ____D C:\Program Files (x86)\MyPC Backup
2015-06-06 18:16 - 2013-09-30 18:11 - 00000000 ____D C:\ProgramData\DSearchLink
2015-06-06 18:16 - 2013-09-04 16:56 - 00000000 ____D C:\Program Files (x86)\Plus-HD-3.5
2015-06-06 18:16 - 2012-12-23 23:14 - 00000000 ____D C:\Program Files (x86)\DealPly
2015-06-06 18:16 - 2012-11-24 14:31 - 00000000 ____D C:\Kreapixel
2015-06-06 18:16 - 2012-11-24 14:28 - 00000000 ____D C:\Program Files (x86)\Webplayer setup
2015-06-06 18:16 - 2012-11-24 14:25 - 00000000 ____D C:\Program Files (x86)\FLVPlayer
2015-06-06 18:16 - 2012-04-16 13:49 - 00000000 ____D C:\Program Files (x86)\SweetIM
2015-06-06 18:16 - 2012-02-16 19:00 - 00000000 ____D C:\Program Files (x86)\~BabylonToolbar
2015-06-06 18:16 - 2011-07-09 21:07 - 00000000 ____D C:\Program Files (x86)\ConduitEngine

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{787EE349-5460-42DF-8269-644978AD504D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{787EE349-5460-42DF-8269-644978AD504D}" => key removed successfully
C:\Windows\System32\Tasks\Run_Bobby_Browser => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Run_Bobby_Browser" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9A88BB7A-AFAD-49CF-9592-BE2C296DA266}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9A88BB7A-AFAD-49CF-9592-BE2C296DA266}" => key removed successfully
C:\Windows\System32\Tasks\BackgroundContainer Startup Task => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BackgroundContainer Startup Task" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9C23DB01-BC5A-42D8-98A4-A2BB3CB180C1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9C23DB01-BC5A-42D8-98A4-A2BB3CB180C1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DealPlyUpdate" => key removed successfully
HKU\S-1-5-21-2687953633-1713756693-4218504553-1000\Software\Microsoft\Windows\CurrentVersion\Run\\BackgroundContainer => value removed successfully
HKU\S-1-5-21-2687953633-1713756693-4218504553-1000\Software\Microsoft\Windows\CurrentVersion\Run\\WindApp => value removed successfully
HKU\S-1-5-21-2687953633-1713756693-4218504553-1000\Software\Microsoft\Windows\CurrentVersion\Run\\HKU\S-1-5-21-2687953633-1713756693-4218504553-1000\...\Run: UTORRENT] => C:\Program Files (x86)\uTorrent\uTorrent.exe [399736 2014-11-04] (BitTorrent, Inc.) => value not found.
HKU\S-1-5-21-2687953633-1713756693-4218504553-1000\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_2006FA8349CEF703961C83A64615EA1C => value removed successfully
HKU\S-1-5-21-2687953633-1713756693-4218504553-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c29f28ce-1c64-483d-80cc-05ab2aff3e5c}" => key removed successfully
"HKCR\CLSID\{c29f28ce-1c64-483d-80cc-05ab2aff3e5c}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}" => key removed successfully
"HKCR\CLSID\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c29f28ce-1c64-483d-80cc-05ab2aff3e5c}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{c29f28ce-1c64-483d-80cc-05ab2aff3e5c}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value removed successfully
HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{c29f28ce-1c64-483d-80cc-05ab2aff3e5c} => value removed successfully
HKCR\CLSID\{c29f28ce-1c64-483d-80cc-05ab2aff3e5c} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{ce0c2586-da36-452b-acdb-320d9bcb19bf} => value removed successfully
HKCR\Wow6432Node\CLSID\{ce0c2586-da36-452b-acdb-320d9bcb19bf} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{30F9B915-B755-4826-820B-08FBA6BD249D} => value removed successfully
HKCR\Wow6432Node\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{c29f28ce-1c64-483d-80cc-05ab2aff3e5c} => value removed successfully
HKCR\Wow6432Node\CLSID\{c29f28ce-1c64-483d-80cc-05ab2aff3e5c} => key not found.
"HKU\S-1-5-21-2687953633-1713756693-4218504553-1000\SOFTWARE\Google\Chrome\Extensions\biahaobfpkgeiomkihcdgknebbhadonc" => key removed successfully
"HKU\S-1-5-21-2687953633-1713756693-4218504553-1000\SOFTWARE\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\biahaobfpkgeiomkihcdgknebbhadonc" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fgfdfcbeamjnjdejakdidpniblllnbpg" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\iaimhpklononapfjngelgdokckfjekfc" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\mibfbmhijjgpkmobcfdlelpccpeafoom" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj" => key removed successfully
C:\Windows\SysWOW64\mjcm\SweetNT.crx => moved successfully.
trntv => Service removed successfully
C:\Users\alexandra\AppData\Roaming\TornTV.com => moved successfully.
IBUpdaterService => Service removed successfully
"C:\Users\alexandra\AppData\Roaming\TornTV.com" => File/Folder not found.
C:\Users\alexandra\AppData\Local\Amigo => moved successfully.
C:\Windows\SysWOW64\jmdp => moved successfully.
C:\Windows\system32\ljkb => moved successfully.
C:\Windows\SysWOW64\ARFC => moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly => moved successfully.
C:\Windows\SysWOW64\WNLT => moved successfully.
C:\Users\alexandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV Player => moved successfully.
C:\Users\alexandra\AppData\Roaming\quickclick => moved successfully.
C:\Users\alexandra\AppData\Roaming\OpenCandy => moved successfully.
C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform => moved successfully.
C:\Users\alexandra\AppData\Local\Conduit => moved successfully.
C:\Program Files (x86)\GamesBar => moved successfully.
C:\Program Files (x86)\MyPC Backup => moved successfully.
C:\ProgramData\DSearchLink => moved successfully.
C:\Program Files (x86)\Plus-HD-3.5 => moved successfully.
C:\Program Files (x86)\DealPly => moved successfully.
C:\Kreapixel => moved successfully.
C:\Program Files (x86)\Webplayer setup => moved successfully.
C:\Program Files (x86)\FLVPlayer => moved successfully.
C:\Program Files (x86)\SweetIM => moved successfully.
C:\Program Files (x86)\~BabylonToolbar => moved successfully.
C:\Program Files (x86)\ConduitEngine => moved successfully.

End of Fixlog 22:58:52

Réponse 3 / 6

Malekal_morte- Messages postés 180304 Date d'inscription Statut Modérateur, Contributeur sécurité Dernière intervention 24 685

Voici la suite :

Suis le tutorial AdwCleaner https://www.malekal.com/adwcleaner-supprimer-virus-adwares-pup/?t=33839&start= ( d'Xplode )
Télécharge le sur ton bureau ou dossier de téléchargement.
Lance AdwCleaner, clique sur [Scanner].
L'analyse peux durer plusieurs minutes, patiente.
Une fois le scan terminé, ne décoche rien, clique sur [Nettoyer]

Une fois le nettoyage terminé, un rapport s'ouvrira. Copie/colle le contenu du rapport dans ta prochaine réponse par un copier/coller.
Si cela ne fonctionne pas, utilise le site http://pjjoint.malekal.com pour héberger le rapport, donne le lien du rapport dans un nouveau message.

Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt

Like the angel you are, you laugh creating a lightness in my chest,
Your eyes they penetrate me,
(Your answer's always 'maybe')
That's when I got up and left

heylabrune

Voilà le rapport suite au nettoyage:
http://pjjoint.malekal.com/files.php?id=20150606_l12m6v7r8r15

Réponse 4 / 6

Malekal_morte- Messages postés 180304 Date d'inscription Statut Modérateur, Contributeur sécurité Dernière intervention 24 685

ok, voici la suite :

Malwarebytes (temps : environ 40min de scan):
==================================================
Télécharge et installe Malwarebyte : https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
Mets le à jour puis lance un examen.

A la fin du scan, clic sur "Mettre tout en quarantaine" en bas à gauche.
Redémarre l'ordinateur si besoin.
Après redémarrage, relance Malwarebytes.
Vas chercher le rapport dans l'onglet Historique.
A gauche Journal des examens.
Doube-clic sur l'examen dans la liste.
Puis en bas Copier dans le presse papier
Vas sur http://pjjoint.malekal.com et en bas, clic droit / coller pour coller le rapport du scan Malwarebytes.
Clic sur envoyer.
Dans un nouveau message ici en réponse, donne le lien pjjoint afin de pouvoir consulter le rapport.

heylabrune

Bonjour,
J'ai donc scanner mais je n'ai pas la mention "mettre tout en quarantaine" j'ai seulement supprimer la sélection, que dois-je faire?

Malekal_morte- Messages postés 180304 Date d'inscription Statut Modérateur, Contributeur sécurité Dernière intervention 24 685

"Supprimer selection", ça ira bien.

heylabrune

Voilà:
http://pjjoint.malekal.com/files.php?id=20150607_p7d9s10r12v7

Malekal_morte- Messages postés 180304 Date d'inscription Statut Modérateur, Contributeur sécurité Dernière intervention 24 685

C'est le rapport d'application, pas d'analyse.

heylabrune

Est ce celui là: http://pjjoint.malekal.com/files.php?id=20150607_d5o15b13w12l12

Réponse 5 / 6

Malekal_morte- Messages postés 180304 Date d'inscription Statut Modérateur, Contributeur sécurité Dernière intervention 24 685

c'est mieux oui, que reste-t-il comme problème ?

heylabrune

Et bien j'ai l'impression que le problème est réglé pour le moment!!
Merci beaucoup!!
Bonne journée

Réponse 6 / 6

Malekal_morte- Messages postés 180304 Date d'inscription Statut Modérateur, Contributeur sécurité Dernière intervention 24 685

=)

Voila, c'est terminé, tu peux supprimer les programmes utilisés.

Quelques conseils :

Pour prévenir les sites malicieux, tu peux installer Blockulicious : https://forum.malekal.com/viewtopic.php?t=46656&start=

Pour ne plus te faire avoir.
A lire - Programmes parasites / PUPs : https://www.malekal.com/adwares-pup-protection/
(Surtout active les détections LPIs pour détecter les programmes parasites et publicitaires)

Le reste de la sécurité : http://forum.malekal.com/comment-securiser-son-ordinateur.html

Help pub ads

6 réponses

End of Fixlog 22:58:52

Votre réponse

Discussions similaires