Comment supprimer le virus PUA/InstallCore.Gen7 définitivement ?

Pipouune Messages postés 19 Statut Membre -  
Pipouune Messages postés 19 Statut Membre -
Bonjour, alors voilà depuis peu j'ai mon antivirus (Avira) qui détecte ce virus "PUA/InstallCore.Gen7" et à chaque fois que je clique sur supprimer, Avira relance des alertes sans cesse. Du coup j'ai regarder sur des forums pour voir comment je pourrai faire et ils y avait ecrits d'installer FRST64 pour faire un rapport et ensuite il fallait envoyer se rapport sur pijoint pour enfin le transmettre sur un forum.. Bref j'ai se rapport mais je sais pas trop quoi en faire..
Voilà donc si quelqu'un pourrait m'aider, Mercii :'(

2 réponses

  1. Malekal_morte- Messages postés 178136 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   24 712
     
    Salut,

    Donne le rapport de scan, probablement un setup dans ton dossier de Download.
    0
    1. Malekal_morte- Messages postés 178136 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   24 712
       
      oui tu peux donner le additionnal.txt

      tu as de adwares.
      0
      1. Pipouune Messages postés 19 Statut Membre > Malekal_morte- Messages postés 178136 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention  
         
        Additional scan result of Farbar Recovery Scan Tool (x64) Version:13-07-2015
        Ran by nanab_000 at 2015-07-18 02:11:42
        Running from C:\Users\nanab_000\Music\11.06.2015
        Boot Mode: Normal
        ==========================================================


        ==================== Accounts: =============================

        Administrateur (S-1-5-21-4063324825-4206719115-4184313697-500 - Administrator - Disabled)
        Invité (S-1-5-21-4063324825-4206719115-4184313697-501 - Limited - Disabled)
        nanab_000 (S-1-5-21-4063324825-4206719115-4184313697-1005 - Administrator - Enabled) => C:\Users\nanab_000
        user (S-1-5-21-4063324825-4206719115-4184313697-1001 - Administrator - Enabled) => C:\Users\user

        ==================== Security Center ========================

        (If an entry is included in the fixlist, it will be removed.)

        AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
        AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
        AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
        AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

        ==================== Installed Programs ======================

        (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

        µTorrent (HKU\S-1-5-21-4063324825-4206719115-4184313697-1005\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
        7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
        Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
        Apple Application Support (32 bits) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
        Apple Application Support (64 bits) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
        Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
        Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
        Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.11.579 - Avira Operations GmbH & Co. KG)
        Bejeweled 3 (x32 Version: 3.0.2.59 - WildTangent) Hidden
        Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
        Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: - Broadcom Corporation)
        Broadcom Bluetooth Drivers (HKLM\...\{0A1B4690-E176-4533-8058-939480AEE1D0}) (Version: 12.0.0.9810 - Broadcom Corporation)
        Build-a-lot (x32 Version: 2.2.0.98 - WildTangent) Hidden
        Building the Great Wall of China Collector's Edition (x32 Version: 3.0.2.48 - WildTangent) Hidden
        Crazy Chicken Soccer (x32 Version: 2.2.0.110 - WildTangent) Hidden
        CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.7.4023 - CyberLink Corp.)
        CyberLink MediaEspresso 6.7 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.7.2.5308 - CyberLink Corp.)
        Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.1.5406 - CyberLink Corp.)
        Cyberlink PhotoDirector (Version: 5.0.1.5406 - Nom de votre société) Hidden
        CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.7.4016 - CyberLink Corp.)
        CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.1.3121 - CyberLink Corp.)
        CyberLink PowerDirector 12 (Version: 12.0.1.3121 - Nom de votre société) Hidden
        CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.4.4223 - CyberLink Corp.)
        CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.4.4218 - CyberLink Corp.)
        DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
        Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
        Evernote v. 5.3 (HKLM-x32\...\{E461B1AC-BC3C-11E3-B5B8-00163E98E7D6}) (Version: 5.3.0.3360 - Evernote Corp.)
        Farm Frenzy (x32 Version: 3.0.2.59 - WildTangent) Hidden
        Foxit PhantomPDF (HKLM-x32\...\{00CD7D62-056A-4F0F-9143-44522D44E6DD}) (Version: 6.0.32.507 - Foxit Corporation)
        Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.134 - Google Inc.)
        Google Drive (HKLM-x32\...\{6EA8B94E-D869-4D96-88DF-5E1ECE1D6876}) (Version: 1.23.9648.8824 - Google, Inc.)
        Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
        Governor of Poker 2 Premium Edition (x32 Version: 3.0.2.59 - WildTangent) Hidden
        Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
        HP 3D DriveGuard (HKLM-x32\...\{13133E99-B0D5-4143-B832-AAD55C62A41C}) (Version: 6.0.19.1 - Hewlett-Packard Company)
        HP CoolSense (HKLM-x32\...\{ADE2F6A7-E7BD-4955-BD66-30903B223DDF}) (Version: 2.20.41 - Hewlett-Packard Company)
        HP Documentation (HKLM-x32\...\{416DDA39-F1B0-4BFF-A649-C997CCBA7A90}) (Version: 1.1.0.0 - Hewlett-Packard)
        HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7745.4851 - Hewlett-Packard)
        HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.11 - Hewlett-Packard)
        HP Support Assistant (HKLM-x32\...\{7FE016CC-DAA9-4E21-BD2F-98390D1E6F3F}) (Version: 7.6.23.8 - Hewlett-Packard Company)
        HP System Event Utility (HKLM-x32\...\{E20B0C89-ACCF-4EBB-909D-2E5BD4A9C024}) (Version: 1.1.11 - Hewlett-Packard Company)
        HP Utility Center (HKLM\...\{DCD5C599-5CCC-4E37-8938-FBB548D780C6}) (Version: 2.5.3 - Hewlett-Packard Company)
        HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
        iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
        Inst5675 (Version: 8.01.11 - Softex Inc.) Hidden
        Inst5676 (Version: 8.01.11 - Softex Inc.) Hidden
        Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
        Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
        Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3574 - Intel Corporation)
        Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.9.1000 - Intel Corporation)
        Intel(R) Smart Connect Technology (HKLM\...\{B5ADC77D-81D7-483D-9373-3D00A69E5854}) (Version: 4.2.41.2710 - Intel Corporation)
        iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
        Jeux WildTangent (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
        Jewel Match 3 (x32 Version: 3.0.2.59 - WildTangent) Hidden
        Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
        Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
        Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
        Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
        Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
        Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
        Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
        Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
        Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
        Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
        Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
        Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
        Mises à jour NVIDIA 2.4.5.28 (Version: 2.4.5.28 - NVIDIA Corporation) Hidden
        Mytubetheater Assistant (HKLM-x32\...\zz.853.mtt) (Version: 1.0.0 - CSDI)
        NVIDIA GeForce Experience 2.4.5.28 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.28 - NVIDIA Corporation)
        NVIDIA Logiciel système PhysX 9.13.0927 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0927 - NVIDIA Corporation)
        NVIDIA Pilote graphique 333.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 333.11 - NVIDIA Corporation)
        OpenOffice 4.1.1 (HKLM-x32\...\{121727D5-FDF3-4723-BA57-EB383440ED72}) (Version: 4.11.9775 - Apache Software Foundation)
        Panneau de configuration NVIDIA 333.11 (Version: 333.11 - NVIDIA Corporation) Hidden
        Plants vs. Zombies - Game of the Year (x32 Version: 3.0.2.51 - WildTangent) Hidden
        Polar Bowler 1st Frame (x32 Version: 3.0.2.59 - WildTangent) Hidden
        Ranch Rush 2 - Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
        Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.273.49 - Realtek Semiconductor Corp.)
        Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.32.508.2014 - Realtek)
        Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7231 - Realtek Semiconductor Corp.)
        Search App by Ask (HKLM-x32\...\{4254522D-5350-006A-76A7-A75C790C1D00}) (Version: 12.29.0.1481 - APN, LLC) <==== ATTENTION
        SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
        SHIELD Wireless Controller Driver (Version: 2.4.5.28 - NVIDIA Corporation) Hidden
        shopperz 2.0.0.461 (HKLM\...\{72a94386-d7dd-4032-86b6-e013e104f0ab}_is1) (Version: 2.0.0.461 - shopperz) <==== ATTENTION
        shopperz 2.0.0.461 (HKLM\...\{9c760b40-4718-40c3-a68d-2e4f21591d62}_is1) (Version: 2.0.0.461 - shopperz) <==== ATTENTION
        Spotify (HKU\S-1-5-21-4063324825-4206719115-4184313697-1005\...\Spotify) (Version: 1.0.9.133.gcedaee38 - Spotify AB)
        swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
        Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.1.7.16 - Synaptics Incorporated)
        Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
        Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
        Validity WBF DDK (HKLM\...\{21498212-1146-4540-8A81-6A1328BA19F2}) (Version: 4.5.228.0 - Validity Sensors, Inc.)
        Virtual Families (x32 Version: 2.2.0.98 - WildTangent) Hidden
        Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
        WildTangent Games App pour HP (x32 Version: 4.0.11.9 - WildTangent) Hidden
        Youda Jewel Shop (x32 Version: 3.0.2.51 - WildTangent) Hidden

        ==================== Custom CLSID (Whitelisted): ==========================

        (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


        ==================== Restore Points =========================

        08-07-2015 10:44:09 Point de contrôle planifié
        15-07-2015 11:19:54 Windows Update

        ==================== Hosts content: ===============================

        (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

        2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

        ==================== Scheduled Tasks (Whitelisted) =============

        (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

        Task: {17719867-AA23-4D5A-90C2-5AD68804A901} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-06-03] (Hewlett-Packard Company)
        Task: {25E26B6D-4697-42B5-AFDD-1A7BBC7A8003} - System32\Tasks\Cpicxmn => C:\Program Files\shopperz\Eaueeexx.bat <==== ATTENTION
        Task: {26CF0E3E-6E12-4287-9A2C-5312AFE26782} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-06-03] (Hewlett-Packard Company)
        Task: {32C80526-081F-40C5-B2F8-4A4F8C5663A6} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2014-05-19] (Hewlett-Packard Development Company, L.P.)
        Task: {3F0A7903-365A-4692-B156-66D730D6787A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-06-16] (Hewlett-Packard)
        Task: {4C550607-ED6C-41A0-B60F-45BC9596C7E1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
        Task: {5778FDDA-9FE1-4460-AD12-A87CBE3B147B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-08] (Google Inc.)
        Task: {5AFC9C96-2FD6-495C-9686-7AC7D523D3A1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-06-16] (Hewlett-Packard)
        Task: {5B0C2E54-3E35-42B8-B407-4909E22CB934} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-08] (Google Inc.)
        Task: {632F5CA7-488D-4D28-85AF-BEEE98854CFA} - System32\Tasks\Ehebcnoee => C:\Program Files\shopperz\Eiefj.bat <==== ATTENTION
        Task: {6611A00A-BBFA-4133-A880-41A722D6999C} - System32\Tasks\{F6087F6A-110E-4997-9AB4-11D9627097D5} => pcalua.exe -a C:\Users\nanab_000\AppData\Roaming\sweet-page\UninstallManager.exe -c -ptid=cor
        Task: {96F71BAD-8964-43B6-B5CE-C790362511F9} - \WordShark Auto Updater 1.10.0.19 Core No Task File <==== ATTENTION
        Task: {BA427FD8-D173-45E0-AEBC-1DF8983C9A52} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [2014-06-18] (CyberLink Corp.)
        Task: {C01217DF-904E-4C66-91A3-7DD3C71BD19A} - \WordShark Auto Updater 1.10.0.19 Pending Update No Task File <==== ATTENTION
        Task: {D6EA12F6-7C53-4A25-80FE-EE92689ABAAB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
        Task: {DE496A3F-BD5A-4E75-9181-2E1A76B1FAC3} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-07-03] (Microsoft Corporation)
        Task: {FDC885C6-0905-4F4B-AAEA-DD27259A85F6} - System32\Tasks\avastBCLRestartS-1-5-21-4063324825-4206719115-4184313697-1001 => Chrome.exe

        (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

        Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
        Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

        ==================== Loaded Modules (Whitelisted) ==============

        2014-08-12 19:43 - 2014-04-29 19:11 - 00117536 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
        2014-03-28 13:31 - 2014-03-28 13:31 - 02110464 _____ () C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
        2014-03-28 13:27 - 2014-03-28 13:27 - 00021504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll
        2014-03-28 13:27 - 2014-03-28 13:27 - 00035328 _____ () C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
        2014-03-28 13:27 - 2014-03-28 13:27 - 00055296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
        2014-03-28 13:48 - 2014-03-28 13:48 - 00367504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll
        2014-03-28 13:48 - 2014-03-28 13:48 - 00712080 _____ () C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll
        2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
        2015-01-20 23:35 - 2015-01-20 23:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
        2013-12-04 08:44 - 2013-12-04 08:44 - 00200168 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
        2013-12-04 08:44 - 2013-12-04 08:44 - 00054760 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
        2013-12-04 08:44 - 2013-12-04 08:44 - 00034792 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetMon.dll
        2014-08-12 20:24 - 2014-04-14 18:59 - 00389896 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
        2015-08-18 22:44 - 2015-08-18 22:44 - 00199168 _____ () C:\Users\nanab_000\AppData\Roaming\34444335-1439930651-4A34-4E50-8CDCD4716E3C\jnsk7DB9.tmp
        2015-06-29 18:33 - 2015-06-29 18:33 - 00033992 _____ () C:\Program Files (x86)\MyTubeTheater_v50.853\MyTubeTheater_Assistant.exe
        2014-03-28 13:36 - 2014-03-28 13:36 - 00065024 _____ () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
        2014-06-11 18:19 - 2014-06-11 18:19 - 00622080 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\JobCapsA.dll
        2015-05-28 22:26 - 2015-05-23 03:48 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
        2015-01-20 23:35 - 2015-01-20 23:35 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
        2014-08-12 19:31 - 2013-12-10 17:27 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
        2015-07-14 19:11 - 2015-07-13 23:55 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.134\libglesv2.dll
        2015-07-14 19:11 - 2015-07-13 23:55 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.134\libegl.dll
        2015-07-14 19:11 - 2015-07-13 23:55 - 16308040 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.134\PepperFlash\pepflashplayer.dll

        ==================== Alternate Data Streams (Whitelisted) =========

        (If an entry is included in the fixlist, only the ADS will be removed.)

        AlternateDataStreams: C:\Users\nanab_000\OneDrive:ms-properties
        AlternateDataStreams: C:\Users\user\OneDrive:ms-properties

        ==================== Safe Mode (Whitelisted) ===================

        (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

        HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
        HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

        ==================== EXE Association (Whitelisted) ===============

        (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


        ==================== Internet Explorer trusted/restricted ===============

        (If an entry is included in the fixlist, it will be removed from the registry.)


        ==================== Other Areas ============================

        (Currently there is no automatic fix for this section.)

        HKU\S-1-5-21-4063324825-4206719115-4184313697-1005\Control Panel\Desktop\\Wallpaper -> C:\Users\nanab_000\Pictures\10436154_655309744548366_8606445021418050505_n.jpg
        DNS Servers: 212.27.40.240 - 212.27.40.241

        ==================== MSCONFIG/TASK MANAGER disabled items ==

        (Currently there is no automatic fix for this section.)


        ==================== FirewallRules (Whitelisted) ===============

        (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

        FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
        FirewallRules: [{175A9812-C76B-4F83-B9AE-E35C23E89077}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
        FirewallRules: [{D90A31D1-E578-41AC-8637-E4010886FC6C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
        FirewallRules: [{B7AEDA8A-2995-473F-A2B5-4C25D88CA2B2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
        FirewallRules: [{48ACC76A-5B52-4FDF-B450-094E3729D775}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
        FirewallRules: [{EE0F9ABC-9CDC-42B2-A1A5-47B4636B48D1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
        FirewallRules: [{D3430963-A021-4F8A-9C0D-3A1C2CB61FA0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
        FirewallRules: [{D51F13C2-5E37-486D-BC46-FEFD43A74F30}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
        FirewallRules: [{7F488766-C0E6-4F48-B6AC-2ADFD6C5C6D0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
        FirewallRules: [{42E1DC01-7F9C-414A-83AC-2A89D87CFBA9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
        FirewallRules: [{0E49B9C1-B0C9-4A31-96EC-21C031387195}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
        FirewallRules: [{DEA29C45-849E-4373-A714-1717F8EB9262}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
        FirewallRules: [{5A0A7620-5C81-48A8-A8D6-8310C1B85C0A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
        FirewallRules: [{AD6323BA-4B28-420C-A9CC-914BD7A599FD}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
        FirewallRules: [{CE144644-D024-4594-B4EC-34579E96E53B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
        FirewallRules: [{742B8691-2C4C-4AED-850E-25B07B182FD2}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
        FirewallRules: [{F5751EF6-194D-492F-A53E-3363648E0853}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
        FirewallRules: [{27DA6964-4D52-4293-A7A0-B0F1EFAFA29D}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
        FirewallRules: [{2A26A519-6AFD-4FC1-9B3E-D31E78E8F206}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
        FirewallRules: [{75637170-2716-4859-A687-5D759243DA91}] => (Allow) C:\Program Files\CyberLink\PowerDirector12\PDR10.EXE
        FirewallRules: [TCP Query User{E1DB3FD5-9190-45CB-B37A-1D776085057F}C:\users\user\appdata\roaming\cacaoweb\cacaoweb.exe] => (Allow) C:\users\user\appdata\roaming\cacaoweb\cacaoweb.exe
        FirewallRules: [UDP Query User{84D697CB-1735-4257-B4C1-54F5A2FD52F4}C:\users\user\appdata\roaming\cacaoweb\cacaoweb.exe] => (Allow) C:\users\user\appdata\roaming\cacaoweb\cacaoweb.exe
        FirewallRules: [TCP Query User{0A914136-33A6-4F8C-B6B9-D4C8F99CF2D0}C:\users\nanab_000\appdata\roaming\cacaoweb\cacaoweb.exe] => (Allow) C:\users\nanab_000\appdata\roaming\cacaoweb\cacaoweb.exe
        FirewallRules: [UDP Query User{B6C7F796-2E7D-478A-B935-8A867E27C6E1}C:\users\nanab_000\appdata\roaming\cacaoweb\cacaoweb.exe] => (Allow) C:\users\nanab_000\appdata\roaming\cacaoweb\cacaoweb.exe
        FirewallRules: [TCP Query User{9CE5D891-DFB4-46AA-944F-0E2586EBEFB0}C:\users\user\appdata\roaming\cacaoweb\cacaoweb.exe] => (Block) C:\users\user\appdata\roaming\cacaoweb\cacaoweb.exe
        FirewallRules: [UDP Query User{A901D033-BBB5-42FA-9C33-48A1C55A037E}C:\users\user\appdata\roaming\cacaoweb\cacaoweb.exe] => (Block) C:\users\user\appdata\roaming\cacaoweb\cacaoweb.exe
        FirewallRules: [TCP Query User{C52E857C-EBD0-431B-B980-C36DD27595BC}C:\users\nanab_000\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\nanab_000\appdata\roaming\spotify\spotify.exe
        FirewallRules: [UDP Query User{55C47726-F950-405C-8505-F943F6C4E2E0}C:\users\nanab_000\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\nanab_000\appdata\roaming\spotify\spotify.exe
        FirewallRules: [TCP Query User{813F8357-56EC-4C60-A1CA-6D3AAA1D983A}C:\users\nanab_000\appdata\roaming\cacaoweb\cacaoweb.exe] => (Block) C:\users\nanab_000\appdata\roaming\cacaoweb\cacaoweb.exe
        FirewallRules: [UDP Query User{4D6771B9-BB5B-4A95-9B7E-E19970A92A51}C:\users\nanab_000\appdata\roaming\cacaoweb\cacaoweb.exe] => (Block) C:\users\nanab_000\appdata\roaming\cacaoweb\cacaoweb.exe
        FirewallRules: [TCP Query User{14E8128E-C9E6-4E0D-85FF-8BCA83E736CB}C:\users\nanab_000\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\nanab_000\appdata\roaming\spotify\spotify.exe
        FirewallRules: [UDP Query User{4C70C798-F971-4099-BA7E-BE747EE40CC4}C:\users\nanab_000\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\nanab_000\appdata\roaming\spotify\spotify.exe
        FirewallRules: [{0DA035ED-7ACC-4D11-ACF9-65E58BEE110D}] => (Allow) C:\Program Files\iTunes\iTunes.exe
        FirewallRules: [{5653FE54-8C95-4F5D-B518-91B80B739EB6}] => (Allow) C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe
        FirewallRules: [{D4C95FD5-4724-4CDE-9445-8BC5A069DB08}] => (Allow) C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe
        FirewallRules: [TCP Query User{F26F6B74-1892-4240-B7C1-4E8CEC0FC09B}C:\users\nanab_000\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\nanab_000\appdata\roaming\utorrent\utorrent.exe
        FirewallRules: [UDP Query User{F856BEC3-E7D9-421C-9741-615FF9F8716E}C:\users\nanab_000\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\nanab_000\appdata\roaming\utorrent\utorrent.exe
        FirewallRules: [TCP Query User{6B831C30-9952-4032-91EA-63DA05ADC97E}C:\users\nanab_000\music\11.06.2015\cacaoweb.exe] => (Allow) C:\users\nanab_000\music\11.06.2015\cacaoweb.exe
        FirewallRules: [UDP Query User{A0B25648-DDC4-4104-B348-205193CD999C}C:\users\nanab_000\music\11.06.2015\cacaoweb.exe] => (Allow) C:\users\nanab_000\music\11.06.2015\cacaoweb.exe
        FirewallRules: [{0FA0CD70-A3CD-4BA6-AC02-BBB34AF75867}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
        FirewallRules: [{7CF6B78E-6D19-4116-9402-19A210912654}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        FirewallRules: [{71CCCCF2-9E49-48EF-8B9E-C98BF7D09684}] => (Allow) C:\Users\user\AppData\Local\BoBrowser\Application\bobrowser.exe

        ==================== Faulty Device Manager Devices =============


        ==================== Event log errors: =========================

        Application errors:
        ==================
        Error: (07/18/2015 02:17:27 AM) (Source: Bonjour Service) (EventID: 100) (User: )
        Description: Client application bug: DNSServiceResolve(d8:96:95:75:04:5c@fe80::da96:95ff:fe75:45c._apple-mobdev2._tcp.local.) active for over two minutes. This places considerable burden on the network.

        Error: (07/18/2015 02:14:21 AM) (Source: Bonjour Service) (EventID: 100) (User: )
        Description: ERROR: handle_resolve_request bad interfaceIndex 24

        Error: (07/18/2015 02:14:21 AM) (Source: Bonjour Service) (EventID: 100) (User: )
        Description: ERROR: handle_resolve_request bad interfaceIndex 23

        Error: (07/18/2015 02:14:21 AM) (Source: Bonjour Service) (EventID: 100) (User: )
        Description: ERROR: handle_resolve_request bad interfaceIndex 22

        Error: (07/18/2015 02:14:21 AM) (Source: Bonjour Service) (EventID: 100) (User: )
        Description: ERROR: handle_resolve_request bad interfaceIndex 21

        Error: (07/18/2015 02:14:21 AM) (Source: Bonjour Service) (EventID: 100) (User: )
        Description: ERROR: handle_resolve_request bad interfaceIndex 20

        Error: (07/18/2015 02:14:21 AM) (Source: Bonjour Service) (EventID: 100) (User: )
        Description: ERROR: handle_resolve_request bad interfaceIndex 19

        Error: (07/18/2015 02:14:21 AM) (Source: Bonjour Service) (EventID: 100) (User: )
        Description: ERROR: handle_resolve_request bad interfaceIndex 18

        Error: (07/18/2015 02:14:21 AM) (Source: Bonjour Service) (EventID: 100) (User: )
        Description: ERROR: handle_resolve_request bad interfaceIndex 17

        Error: (07/18/2015 02:14:21 AM) (Source: Bonjour Service) (EventID: 100) (User: )
        Description: ERROR: handle_resolve_request bad interfaceIndex 16


        System errors:
        =============
        Error: (07/18/2015 01:41:39 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
        Description: Le service Kerning Down n'a pas pu démarrer en raison de l'erreur :
        %%2

        Error: (07/18/2015 01:40:51 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
        Description: Le service Windows Search n'a pas pu démarrer en raison de l'erreur :
        %%3

        Error: (07/18/2015 01:40:43 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
        Description: Le service Windows Search n'a pas pu démarrer en raison de l'erreur :
        %%1069

        Error: (07/18/2015 01:40:43 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
        Description: Le service WSearch n'a pas pu ouvrir de session en tant que NT AUTHORITY\SYSTEM avec le mot de passe actuellement configuré en raison de l'erreur suivante :
        %%50

        Pour vous assurer que le service est configuré correctement, utilisez le composant logiciel enfichable Services dans Microsoft Management Console (MMC).

        Error: (07/18/2015 01:40:43 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: AUTORITE NT)
        Description: Le module d'extensibilité WLAN s'est arrêté de façon inattendue.

        Chemin d'accès du module : C:\Windows\System32\bcmihvsrv64.dll

        Error: (07/18/2015 01:40:43 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: AUTORITE NT)
        Description: Le module d'extensibilité WLAN s'est arrêté de façon inattendue.

        Chemin d'accès du module : C:\Windows\System32\bcmihvsrv64.dll

        Error: (07/18/2015 01:40:35 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: AUTORITE NT)
        Description: Le module d'extensibilité WLAN s'est arrêté de façon inattendue.

        Chemin d'accès du module : C:\Windows\System32\bcmihvsrv64.dll

        Error: (07/18/2015 01:40:21 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
        Description: Le service Intel(R) Smart Connect Technology Agent s'est terminé de manière inattendue. Ceci s'est produit 2 fois. L'action corrective suivante va être effectuée dans 5000 millisecondes : Redémarrer le service.

        Error: (07/18/2015 01:40:21 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
        Description: Le service Spouleur d'impression s'est terminé de manière inattendue. Ceci s'est produit 2 fois. L'action corrective suivante va être effectuée dans 5000 millisecondes : Redémarrer le service.

        Error: (07/18/2015 01:40:21 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
        Description: Le service Windows Search s'est terminé de manière inattendue. Ceci s'est produit 2 fois. L'action corrective suivante va être effectuée dans 30000 millisecondes : Redémarrer le service.


        Microsoft Office:
        =========================
        Error: (07/18/2015 02:17:27 AM) (Source: Bonjour Service) (EventID: 100) (User: )
        Description: Client application bug: DNSServiceResolve(d8:96:95:75:04:5c@fe80::da96:95ff:fe75:45c._apple-mobdev2._tcp.local.) active for over two minutes. This places considerable burden on the network.

        Error: (07/18/2015 02:14:21 AM) (Source: Bonjour Service) (EventID: 100) (User: )
        Description: ERROR: handle_resolve_request bad interfaceIndex 24

        Error: (07/18/2015 02:14:21 AM) (Source: Bonjour Service) (EventID: 100) (User: )
        Description: ERROR: handle_resolve_request bad interfaceIndex 23

        Error: (07/18/2015 02:14:21 AM) (Source: Bonjour Service) (EventID: 100) (User: )
        Description: ERROR: handle_resolve_request bad interfaceIndex 22

        Error: (07/18/2015 02:14:21 AM) (Source: Bonjour Service) (EventID: 100) (User: )
        Description: ERROR: handle_resolve_request bad interfaceIndex 21

        Error: (07/18/2015 02:14:21 AM) (Source: Bonjour Service) (EventID: 100) (User: )
        Description: ERROR: handle_resolve_request bad interfaceIndex 20

        Error: (07/18/2015 02:14:21 AM) (Source: Bonjour Service) (EventID: 100) (User: )
        Description: ERROR: handle_resolve_request bad interfaceIndex 19

        Error: (07/18/2015 02:14:21 AM) (Source: Bonjour Service) (EventID: 100) (User: )
        Description: ERROR: handle_resolve_request bad interfaceIndex 18

        Error: (07/18/2015 02:14:21 AM) (Source: Bonjour Service) (EventID: 100) (User: )
        Description: ERROR: handle_resolve_request bad interfaceIndex 17

        Error: (07/18/2015 02:14:21 AM) (Source: Bonjour Service) (EventID: 100) (User: )
        Description: ERROR: handle_resolve_request bad interfaceIndex 16


        ==================== Memory info ===========================

        Processor: Intel(R) Core(TM) i7-4510U CPU @ 2.00GHz
        Percentage of memory in use: 48%
        Total physical RAM: 4026.15 MB
        Available physical RAM: 2075.53 MB
        Total Virtual: 4794.15 MB
        Available Virtual: 2310.23 MB

        ==================== Drives ================================

        Drive c: (Windows) (Fixed) (Total:675.9 GB) (Free:558.6 GB) NTFS
        Drive d: (RECOVERY) (Fixed) (Total:21.72 GB) (Free:2.42 GB) NTFS ==>[system with boot components (obtained from reading drive)]

        ==================== MBR & Partition Table ==================

        ========================================================
        Disk: 0 (Size: 698.6 GB) (Disk ID: 06AB8717)

        Partition: GPT Partition Type.

        ==================== End of log ============================
        0
    2. Pipouune Messages postés 19 Statut Membre
       
      Maintenant avira ma trouvé ce virus Adware/EoRezo.gen, je vais jamais en finir ...
      0
  2. Malekal_morte- Messages postés 178136 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   24 712
     
    Voici la correction à effectuer avec FRST.
    Tu peux t'inspirer de cette note explicative avec des captures d'écran pour t'aider: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/#fix

    Ouvre le bloc-notes : Touche Windows + R, dans le champs executer, tape notepad et OK.
    Copie/colle dedans ce qui suit :

    Task: {6611A00A-BBFA-4133-A880-41A722D6999C} - System32\Tasks\{F6087F6A-110E-4997-9AB4-11D9627097D5} => pcalua.exe -a C:\Users\nanab_000\AppData\Roaming\sweet-page\UninstallManager.exe -c -ptid=cor
    Task: {632F5CA7-488D-4D28-85AF-BEEE98854CFA} - System32\Tasks\Ehebcnoee => C:\Program Files\shopperz\Eiefj.bat <==== ATTENTION
    Task: {25E26B6D-4697-42B5-AFDD-1A7BBC7A8003} - System32\Tasks\Cpicxmn => C:\Program Files\shopperz\Eaueeexx.bat <==== ATTENTION
    HKLM\...\Run: [shopperz] => C:\Program Files\shopperz\Jkuixmkv.exe
    HKLM\...\Run: [shopperz64] => C:\Program Files\shopperz\Jkuixmkv64.exe
    HKLM-x32\...\RunOnce: [MyTubeTheater_v50.853] => C:\Program Files (x86)\MyTubeTheater_v50.853\MyTubeTheater_Assistant.exe [33992 2015-06-29] ()
    BHO: shopperz -> {9c760b40-4718-40c3-a68d-2e4f21591d62} -> C:\Program Files\shopperz\Cdwyagsnp64.dll No File
    BHO-x32: shopperz -> {9c760b40-4718-40c3-a68d-2e4f21591d62} -> C:\Program Files\shopperz\Cdwyagsnp.dll No File
    R2 zejytose; C:\Users\nanab_000\AppData\Roaming\34444335-1439930651-4A34-4E50-8CDCD4716E3C\jnsk7DB9.tmp [199168 2015-08-18] () [File not signed]
    S2 gopibeko; C:\Users\nanab_000\AppData\Local\34444335-1439938046-4A34-4E50-8CDCD4716E3C\snsg21C2.tmp [X]
    2015-08-22 20:41 - 2015-08-22 20:41 - 00613255 _____ (CMI Limited) C:\Users\user\AppData\Local\nsuA91D.tmp
    2015-08-22 20:35 - 2015-08-22 21:46 - 00000000 ____D C:\Program Files (x86)\MyTubeTheater
    2015-08-22 20:35 - 2015-08-22 20:35 - 00003624 _____ C:\Windows\System32\Tasks\Cpicxmn
    2015-08-22 20:35 - 2015-08-22 20:35 - 00000000 ____D C:\Program Files (x86)\MyTubeTheater_v50.853
    2015-08-21 00:16 - 2015-08-21 00:16 - 00532784 _____ C:\Users\nanab_000\Downloads\cacaoweb.exe
    2015-08-19 15:00 - 2015-07-18 01:40 - 00000000 ____D C:\AdwCleaner
    2015-08-19 12:34 - 2015-08-19 12:34 - 00613255 _____ (CMI Limited) C:\Users\nanab_000\AppData\Local\nssCDE5.tmp
    2015-08-18 23:00 - 2015-08-18 23:00 - 00613255 _____ (CMI Limited) C:\Users\nanab_000\AppData\Local\nsi4E64.tmp
    2015-08-18 22:56 - 2015-08-22 20:35 - 00000045 _____ C:\user.js
    2015-08-18 22:56 - 2015-08-18 22:56 - 00003628 _____ C:\Windows\System32\Tasks\Ehebcnoee
    2015-08-18 22:44 - 2015-08-23 10:46 - 00000000 ____D C:\Users\nanab_000\AppData\Roaming\34444335-1439930651-4A34-4E50-8CDCD4716E3C
    2015-08-18 22:44 - 2015-08-18 22:44 - 02560346 _____ (BlueStack Systems Inc.) C:\Users\nanab_000\Downloads\Non confirmé 985220.crdownload
    2015-08-18 22:44 - 2015-08-18 22:44 - 00000000 _____ C:\Windows\prleth.sys
    2015-08-18 22:44 - 2015-08-18 22:44 - 00000000 _____ C:\Windows\hgfs.sys

    Une fois, le texte coller dans le bloc-note.
    Menu Fichier puis Enregistrer sous.
    A gauche, place toi sur le bureau.
    Dans le champs en bas, nom du fichier mets : fixlist.txt
    Clic sur Enregistrer - cela va créer un fichier fixlist.txt sur le bureau.

    Relance FRST et clic sur le bouton Fix
    Selon comment un redémarrage est nécessaire (pas obligatoire).
    Un fichier texte apparaît, copie/colle le contenu ici dans un nouveau message.

    Redémarre l'ordinateur

    puis réinitialise tes navigateurs:
    ==================================
    Réinitialise tes navigateurs et ou manuellement reparamètre tes navigateurs WEB (page de démarrage, moteur de recherche etc) mais aussi supprimer/désactiver les extensions inutiles/parasites :

    0
    1. Pipouune Messages postés 19 Statut Membre
       
      J'ai fais tout ce que tu m'as dit mais quand le pc a redemmaré aprés FRST je n'ai pas eu de fichier texte
      0