Sujet Précédent Sujet Suivant

Impossible de me connecter a internet / FRSTR help

Fermé
ToToSe13 Messages postés 2 Date d'inscription samedi 8 août 2015 Statut Membre Dernière intervention 9 août 2015 - 8 août 2015 à 20:11
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 - 9 août 2015 à 20:19
Bonjour, je ne peu plus me connecter a internet, apres plusieurs recherche, je suis tomber sur la methode FRST64 :
Voici les 2 fichier generé par le logiciel :
Addition.txt : https://pjjoint.malekal.com/files.php?id=20150808_8x12x14i9m7
FRSTR.txt : https://pjjoint.malekal.com/files.php?id=FRST_20150808_z15w14z14p10o11

Merci d'avance pour votre aide :)

3 réponses

Réponse 1 / 3
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 660
8 août 2015 à 20:22
Salut,

Beaucoup d'adwares,


Voici la correction à effectuer avec FRST.
Tu peux t'inspirer de cette note explicative avec des captures d'écran pour t'aider: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/#fix

Ouvre le bloc-notes : Touche Windows + R, dans le champs executer, tape notepad et OK.
Copie/colle dedans ce qui suit :


Startup: C:\Users\Sofiene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OptimizerPro.lnk [2015-02-05]
ShortcutTarget: OptimizerPro.lnk -> C:\ProgramData\{23b9c291-4ad2-5ac9-23b9-9c2914ad0a45}\OptimizerPro.exe (No File)
ProxyEnable: [S-1-5-21-2945384693-3709462287-1373025756-1001] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-21-2945384693-3709462287-1373025756-1001] => http=127.0.0.1:9880
CHR Extension: (No Name) - C:\Users\Sofiene\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaaogcninhibjjfnjhhljkmdkepfnf [2015-07-13]
CHR Extension: (No Name) - C:\Users\Sofiene\AppData\Local\Google\Chrome\User Data\Default\Extensions\elkkomimknapgodalnkjeddkjnjkfmfp [2015-07-12]
CHR Extension: (MSN Homepage & Bing Search Engine) - C:\Users\Sofiene\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2015-07-10]
CHR Extension: (No Name) - C:\Users\Sofiene\AppData\Local\Google\Chrome\User Data\Default\Extensions\kohoehgoafblafjinhplmhcbphgaaobc [2015-07-13]
2015-07-13 19:02 - 2015-07-13 19:03 - 00000000 ____D C:\Program Files (x86)\GUM2FC.tmp
2015-07-13 19:02 - 2015-07-13 19:02 - 48957440 _____ C:\Program Files (x86)\GUT2FD.tmp
2015-07-13 18:12 - 2015-07-13 04:06 - 00048784 _____ (StdLib) C:\WINDOWS\system32\Drivers\{e789ddb0-d21e-4917-9218-742217563d5b}Gw64.sys
2015-07-13 15:24 - 2015-07-13 17:47 - 00000000 ____D C:\Program Files (x86)\DOwnnSSave
2015-07-13 15:24 - 2015-07-13 17:47 - 00000000 ____D C:\Program Files (x86)\DoownSave
2015-07-13 15:23 - 2015-07-13 17:47 - 00000000 ____D C:\Program Files (x86)\Internet Speed Tracker
2015-07-13 15:23 - 2015-07-13 17:47 - 00000000 ____D C:\Program Files (x86)\DiOwNNSaVVe
2015-07-13 15:07 - 2015-07-13 17:47 - 00000000 ____D C:\Program Files (x86)\rec_fr_47
2015-07-13 15:07 - 2015-07-13 15:07 - 00000000 ____D C:\Users\Sofiene\AppData\Local\rec_fr_47
2015-07-11 18:06 - 2015-07-13 18:08 - 00000000 ____D C:\Users\Sofiene\AppData\Local\gmsd_fr_002020027
2015-07-11 18:06 - 2015-07-13 17:47 - 00000000 ____D C:\Program Files (x86)\gmsd_fr_002020027
2015-07-11 18:05 - 2015-07-13 17:47 - 00000000 ____D C:\Users\Sofiene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GUPlayer
2015-07-11 18:05 - 2015-07-13 17:47 - 00000000 ____D C:\ProgramData\RXhHSIME
2015-07-11 18:05 - 2015-07-13 17:47 - 00000000 ____D C:\ProgramData\BreakingNewsAlert
2015-07-11 18:04 - 2015-07-13 17:47 - 00000000 ____D C:\Users\Sofiene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASPackage
2015-07-11 18:04 - 2015-07-13 17:47 - 00000000 ____D C:\Users\Sofiene\AppData\Roaming\C3C696D5-1436630655-5D06-A0A8-C0C8381496DC
2015-07-11 18:04 - 2015-07-13 17:47 - 00000000 ____D C:\Users\Sofiene\AppData\Roaming\ASPackage
2015-07-11 18:04 - 2015-07-13 17:47 - 00000000 ____D C:\Program Files (x86)\Product Deals
2015-07-11 17:56 - 2015-07-13 17:47 - 00000000 ____D C:\Users\Sofiene\AppData\Roaming\C3C696D5-1436630175-5D06-A0A8-C0C8381496DC
2015-07-10 21:28 - 2015-07-13 17:47 - 00000000 ____D C:\Program Files (x86)\50CoupooNs
2015-07-10 21:28 - 2015-07-13 17:47 - 00000000 ____D C:\Program Files (x86)\50COupoNS
2015-07-10 21:27 - 2015-07-13 17:47 - 00000000 ____D C:\Program Files (x86)\50Couponss
2015-07-10 13:36 - 2015-07-13 17:47 - 00000000 __SHD C:\Program Files (x86)\HuzzilySyriscriping
2015-07-10 13:36 - 2015-07-13 17:47 - 00000000 ____D C:\Program Files (x86)\NeWSaver
2015-07-10 13:35 - 2015-07-13 17:47 - 00000000 ____D C:\Program Files (x86)\NewSavoeRi
2015-07-10 13:35 - 2015-07-13 17:47 - 00000000 ____D C:\Program Files (x86)\Image Size Info
2015-07-10 13:34 - 2015-07-13 17:47 - 00000000 ____D C:\Users\Sofiene\AppData\Roaming\C3C696D5-1436528041-5D06-A0A8-C0C8381496DC
2015-07-10 11:18 - 2015-07-13 17:47 - 00000000 ____D C:\ProgramData\Radio
2015-07-09 12:36 - 2015-07-13 17:47 - 00000000 ____D C:\Program Files (x86)\doullarsavaer
2015-07-09 12:36 - 2015-07-13 17:47 - 00000000 ____D C:\Program Files (x86)\doolLarsaVer
2015-07-09 12:36 - 2015-07-13 17:47 - 00000000 ____D C:\Program Files (x86)\dollaersaaver
2015-07-09 10:57 - 2015-07-13 17:47 - 00000000 ____D C:\ProgramData\{960b4f4e-eda5-7b6e-960b-b4f4eeda3d3b}
2015-07-09 10:57 - 2015-07-13 16:57 - 00000378 _____ C:\WINDOWS\Tasks\EasyNotes.job
2015-07-09 10:57 - 2015-07-09 10:57 - 00003268 _____ C:\WINDOWS\System32\Tasks\EasyNotes
2015-07-09 05:23 - 2015-07-09 05:23 - 00000000 ____D C:\Users\Sofiene\AppData\Local\Crossbrowse
2015-07-09 05:10 - 2015-07-13 18:08 - 00003460 _____ C:\WINDOWS\System32\Tasks\Hnoarpna
2015-07-09 05:10 - 2015-07-13 18:08 - 00000000 ____D C:\ProgramData\Hnoarpna
2015-07-09 05:05 - 2015-07-13 17:47 - 00000000 ____D C:\Users\Sofiene\AppData\Roaming\C3C696D5-1436411132-5D06-A0A8-C0C8381496DC
2015-07-09 04:30 - 2015-07-09 04:30 - 00000079 _____ C:\Program Files (x86)\prefs.js
2015-07-09 04:10 - 2015-07-09 04:10 - 00000000 ____D C:\Program Files (x86)\LibraryProc
2015-07-13 17:47 - 2015-06-19 02:41 - 00000000 ____D C:\Program Files (x86)\GUPlayer
2015-07-13 17:47 - 2015-06-19 02:32 - 00000000 ____D C:\Program Files (x86)\Iminent
2015-07-13 17:47 - 2015-06-19 02:30 - 00000000 ____D C:\Program Files (x86)\MiuiTab
2015-07-13 17:47 - 2015-06-10 20:42 - 00000000 ____D C:\Program Files (x86)\FuoNDealsi
2015-07-13 17:47 - 2015-06-10 20:42 - 00000000 ____D C:\Program Files (x86)\FunDEoalls
2015-07-13 17:47 - 2015-06-10 20:42 - 00000000 ____D C:\Program Files (x86)\FounDeals
2015-07-13 17:47 - 2015-06-03 16:59 - 00000000 ____D C:\Program Files (x86)\bestadblocker
2015-07-13 17:47 - 2015-06-03 16:59 - 00000000 ____D C:\Program Files (x86)\2cloud
2015-07-13 17:47 - 2015-06-03 16:58 - 00000000 ____D C:\Program Files (x86)\PriceMinuus
2015-07-13 17:47 - 2015-06-03 16:57 - 00000000 ____D C:\ProgramData\{505c6900-cdcc-9c42-505c-c6900cdca403}
2015-07-13 17:47 - 2015-04-26 11:06 - 00000000 ____D C:\Program Files (x86)\ExttrAShoPupera
2015-07-13 17:47 - 2015-04-06 04:25 - 00000000 ____D C:\Program Files (x86)\RoyalCoupeon
2015-07-13 17:47 - 2015-03-17 03:31 - 00000000 ____D C:\Program Files (x86)\KiingCoupon
2015-07-13 17:47 - 2015-03-17 03:30 - 00000000 ____D C:\Program Files (x86)\LuckkyShoipperr
2015-07-13 17:47 - 2015-02-05 21:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2
2015-07-13 17:47 - 2015-02-05 21:05 - 00000000 ____D C:\Program Files (x86)\Optimizer Pro 3.38
2015-07-13 16:57 - 2015-07-05 22:57 - 00000378 _____ C:\WINDOWS\Tasks\DataHider.job
2015-07-13 15:24 - 2015-02-24 05:16 - 00000000 ____D C:\ProgramData\15582645751170416548
2015-07-13 06:07 - 2015-06-19 02:41 - 00000002 _____ C:\END
2015-07-13 06:04 - 2015-06-19 03:06 - 00000354 _____ C:\WINDOWS\Tasks\DBJXMQ1.job
2015-07-11 23:29 - 2015-06-19 02:38 - 00000000 ____D C:\Program Files (x86)\globalUpdate
2015-07-09 04:10 - 2015-06-19 03:32 - 00000000 ____D C:\ProgramData\645cb22b00007527
2015-06-30 14:23 - 2015-06-30 14:23 - 0364032 ____N () C:\Users\Sofiene\AppData\Local\WikiUpdate.exe
Task: C:\WINDOWS\Tasks\DataHider.job => c:\programdata\{dfdbcd72-6812-bf4c-dfdb-bcd7268135c9}\4659619290919158727b.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\DBJXMQ1.job => C:\ProgramData\FlashBeat\FlashBeat.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\dsmonitor.job => 0x0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
Task: C:\WINDOWS\Tasks\EasyNotes.job => c:\programdata\{960b4f4e-eda5-7b6e-960b-b4f4eeda3d3b}\6004139006009157997b.exe <==== ATTENTION
Task: {002D80E6-C68B-4F4C-B428-704E4A5E26B6} - System32\Tasks\LaunchPreSignup => C:\Program Files (x86)\OLBPre\OLBPre.exe <==== ATTENTION
Task: {23734117-089E-4BC8-BA39-F29609ADC575} - System32\Tasks\sol3007 => C:\PROGRA~2\FASTSE~1\sol3007.exe
Task: {26892C8A-23C2-49A9-8A0F-5B7DEB67B703} - System32\Tasks\EasyNotes => c:\programdata\{960b4f4e-eda5-7b6e-960b-b4f4eeda3d3b}\6004139006009157997b.exe <==== ATTENTION
Task: {42404379-3B82-45B0-83DC-FC478AFA5DF2} - System32\Tasks\ZFPJSEUK => C:\ProgramData\6e589a01ba0f4c4e96fed4b4f5d233ce\6e589a01ba0f4c4e96fed4b4f5d233ce.exe <==== ATTENTION
Task: {4DE3698A-72F7-47B3-B9C2-4BB4505971C4} - System32\Tasks\Hnoarpna => C:\ProgramData\Hnoarpna\1.0.4.1\honejefa.exe [2015-07-09] ()
Task: {614BD130-C0D4-4CBD-AF82-B698BE1ED963} - System32\Tasks\iren3006 => C:\Program Files (x86)\HighlightSearches\iren3006.exe [2015-04-24] () <==== ATTENTION
Task: {82CED6A6-928F-427D-BCA7-54753303AD88} - System32\Tasks\MaxComputerCleaner_Start => C:\Program Files (x86)\Max Computer Cleaner\MaxComputerCleaner.exe <==== ATTENTION
Task: {8ED3E8D6-2B79-4CEB-81AD-DAA627FE4BD9} - System32\Tasks\DataHider => c:\programdata\{dfdbcd72-6812-bf4c-dfdb-bcd7268135c9}\4659619290919158727b.exe <==== ATTENTION
Task: {956273A4-6FE5-4DA4-9837-88C989D731C4} - System32\Tasks\{3B16BDAE-0E7E-4FB1-BA45-A23DC3900504} => pcalua.exe -a C:\Users\Sofiene\AppData\Roaming\istartsurf\UninstallManager.exe -c -ptid=tugs
Task: {B227439A-9676-4F07-BE2B-0EA1CA3CE44F} - System32\Tasks\DBJXMQ1 => C:\ProgramData\FlashBeat\FlashBeat.exe <==== ATTENTION
Task: {F0610852-9784-4549-B044-0A7C0693E451} - System32\Tasks\tet3008 => C:\PROGRA~2\FASTSE~1\tet3008.exe
cmd: netsh winsock reset



Relance FRST et clic sur le bouton Fix
Selon comment un redémarrage est nécessaire (pas obligatoire).
Un fichier texte apparaît, copie/colle le contenu ici dans un nouveau message.

Redémarre l'ordinateur


puis réinitialise tes navigateurs:
==================================
Réinitialise tes navigateurs et ou manuellement reparamètre tes navigateurs WEB (page de démarrage, moteur de recherche etc) mais aussi supprimer/désactiver les extensions inutiles/parasites :

0
Réponse 2 / 3
ToToSe13 Messages postés 2 Date d'inscription samedi 8 août 2015 Statut Membre Dernière intervention 9 août 2015
9 août 2015 à 20:17
Bonsoir,
Voila le contenue du fichier fixlog :
Fix result of Farbar Recovery Scan Tool (x64) Version:08-08-2015 01
Ran by Sofiene (2015-08-09 18:16:20) Run:1
Running from C:\Users\Sofiene\Desktop
Loaded Profiles: Sofiene (Available Profiles: Sofiene)
Boot Mode: Normal
==============================================

fixlist content:

Startup: C:\Users\Sofiene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OptimizerPro.lnk [2015-02-05]
ShortcutTarget: OptimizerPro.lnk -> C:\ProgramData\{23b9c291-4ad2-5ac9-23b9-9c2914ad0a45}\OptimizerPro.exe (No File)
ProxyEnable: [S-1-5-21-2945384693-3709462287-1373025756-1001] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-21-2945384693-3709462287-1373025756-1001] => http=127.0.0.1:9880
CHR Extension: (No Name) - C:\Users\Sofiene\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaaogcninhibjjfnjhhljkmdkepfnf [2015-07-13]
CHR Extension: (No Name) - C:\Users\Sofiene\AppData\Local\Google\Chrome\User Data\Default\Extensions\elkkomimknapgodalnkjeddkjnjkfmfp [2015-07-12]
CHR Extension: (MSN Homepage & Bing Search Engine) - C:\Users\Sofiene\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2015-07-10]
CHR Extension: (No Name) - C:\Users\Sofiene\AppData\Local\Google\Chrome\User Data\Default\Extensions\kohoehgoafblafjinhplmhcbphgaaobc [2015-07-13]
2015-07-13 19:02 - 2015-07-13 19:03 - 00000000 ____D C:\Program Files (x86)\GUM2FC.tmp
2015-07-13 19:02 - 2015-07-13 19:02 - 48957440 _____ C:\Program Files (x86)\GUT2FD.tmp
2015-07-13 18:12 - 2015-07-13 04:06 - 00048784 _____ (StdLib) C:\WINDOWS\system32\Drivers\{e789ddb0-d21e-4917-9218-742217563d5b}Gw64.sys
2015-07-13 15:24 - 2015-07-13 17:47 - 00000000 ____D C:\Program Files (x86)\DOwnnSSave
2015-07-13 15:24 - 2015-07-13 17:47 - 00000000 ____D C:\Program Files (x86)\DoownSave
2015-07-13 15:23 - 2015-07-13 17:47 - 00000000 ____D C:\Program Files (x86)\Internet Speed Tracker
2015-07-13 15:23 - 2015-07-13 17:47 - 00000000 ____D C:\Program Files (x86)\DiOwNNSaVVe
2015-07-13 15:07 - 2015-07-13 17:47 - 00000000 ____D C:\Program Files (x86)\rec_fr_47
2015-07-13 15:07 - 2015-07-13 15:07 - 00000000 ____D C:\Users\Sofiene\AppData\Local\rec_fr_47
2015-07-11 18:06 - 2015-07-13 18:08 - 00000000 ____D C:\Users\Sofiene\AppData\Local\gmsd_fr_002020027
2015-07-11 18:06 - 2015-07-13 17:47 - 00000000 ____D C:\Program Files (x86)\gmsd_fr_002020027
2015-07-11 18:05 - 2015-07-13 17:47 - 00000000 ____D C:\Users\Sofiene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GUPlayer
2015-07-11 18:05 - 2015-07-13 17:47 - 00000000 ____D C:\ProgramData\RXhHSIME
2015-07-11 18:05 - 2015-07-13 17:47 - 00000000 ____D C:\ProgramData\BreakingNewsAlert
2015-07-11 18:04 - 2015-07-13 17:47 - 00000000 ____D C:\Users\Sofiene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASPackage
2015-07-11 18:04 - 2015-07-13 17:47 - 00000000 ____D C:\Users\Sofiene\AppData\Roaming\C3C696D5-1436630655-5D06-A0A8-C0C8381496DC
2015-07-11 18:04 - 2015-07-13 17:47 - 00000000 ____D C:\Users\Sofiene\AppData\Roaming\ASPackage
2015-07-11 18:04 - 2015-07-13 17:47 - 00000000 ____D C:\Program Files (x86)\Product Deals
2015-07-11 17:56 - 2015-07-13 17:47 - 00000000 ____D C:\Users\Sofiene\AppData\Roaming\C3C696D5-1436630175-5D06-A0A8-C0C8381496DC
2015-07-10 21:28 - 2015-07-13 17:47 - 00000000 ____D C:\Program Files (x86)\50CoupooNs
2015-07-10 21:28 - 2015-07-13 17:47 - 00000000 ____D C:\Program Files (x86)\50COupoNS
2015-07-10 21:27 - 2015-07-13 17:47 - 00000000 ____D C:\Program Files (x86)\50Couponss
2015-07-10 13:36 - 2015-07-13 17:47 - 00000000 __SHD C:\Program Files (x86)\HuzzilySyriscriping
2015-07-10 13:36 - 2015-07-13 17:47 - 00000000 ____D C:\Program Files (x86)\NeWSaver
2015-07-10 13:35 - 2015-07-13 17:47 - 00000000 ____D C:\Program Files (x86)\NewSavoeRi
2015-07-10 13:35 - 2015-07-13 17:47 - 00000000 ____D C:\Program Files (x86)\Image Size Info
2015-07-10 13:34 - 2015-07-13 17:47 - 00000000 ____D C:\Users\Sofiene\AppData\Roaming\C3C696D5-1436528041-5D06-A0A8-C0C8381496DC
2015-07-10 11:18 - 2015-07-13 17:47 - 00000000 ____D C:\ProgramData\Radio
2015-07-09 12:36 - 2015-07-13 17:47 - 00000000 ____D C:\Program Files (x86)\doullarsavaer
2015-07-09 12:36 - 2015-07-13 17:47 - 00000000 ____D C:\Program Files (x86)\doolLarsaVer
2015-07-09 12:36 - 2015-07-13 17:47 - 00000000 ____D C:\Program Files (x86)\dollaersaaver
2015-07-09 10:57 - 2015-07-13 17:47 - 00000000 ____D C:\ProgramData\{960b4f4e-eda5-7b6e-960b-b4f4eeda3d3b}
2015-07-09 10:57 - 2015-07-13 16:57 - 00000378 _____ C:\WINDOWS\Tasks\EasyNotes.job
2015-07-09 10:57 - 2015-07-09 10:57 - 00003268 _____ C:\WINDOWS\System32\Tasks\EasyNotes
2015-07-09 05:23 - 2015-07-09 05:23 - 00000000 ____D C:\Users\Sofiene\AppData\Local\Crossbrowse
2015-07-09 05:10 - 2015-07-13 18:08 - 00003460 _____ C:\WINDOWS\System32\Tasks\Hnoarpna
2015-07-09 05:10 - 2015-07-13 18:08 - 00000000 ____D C:\ProgramData\Hnoarpna
2015-07-09 05:05 - 2015-07-13 17:47 - 00000000 ____D C:\Users\Sofiene\AppData\Roaming\C3C696D5-1436411132-5D06-A0A8-C0C8381496DC
2015-07-09 04:30 - 2015-07-09 04:30 - 00000079 _____ C:\Program Files (x86)\prefs.js
2015-07-09 04:10 - 2015-07-09 04:10 - 00000000 ____D C:\Program Files (x86)\LibraryProc
2015-07-13 17:47 - 2015-06-19 02:41 - 00000000 ____D C:\Program Files (x86)\GUPlayer
2015-07-13 17:47 - 2015-06-19 02:32 - 00000000 ____D C:\Program Files (x86)\Iminent
2015-07-13 17:47 - 2015-06-19 02:30 - 00000000 ____D C:\Program Files (x86)\MiuiTab
2015-07-13 17:47 - 2015-06-10 20:42 - 00000000 ____D C:\Program Files (x86)\FuoNDealsi
2015-07-13 17:47 - 2015-06-10 20:42 - 00000000 ____D C:\Program Files (x86)\FunDEoalls
2015-07-13 17:47 - 2015-06-10 20:42 - 00000000 ____D C:\Program Files (x86)\FounDeals
2015-07-13 17:47 - 2015-06-03 16:59 - 00000000 ____D C:\Program Files (x86)\bestadblocker
2015-07-13 17:47 - 2015-06-03 16:59 - 00000000 ____D C:\Program Files (x86)\2cloud
2015-07-13 17:47 - 2015-06-03 16:58 - 00000000 ____D C:\Program Files (x86)\PriceMinuus
2015-07-13 17:47 - 2015-06-03 16:57 - 00000000 ____D C:\ProgramData\{505c6900-cdcc-9c42-505c-c6900cdca403}
2015-07-13 17:47 - 2015-04-26 11:06 - 00000000 ____D C:\Program Files (x86)\ExttrAShoPupera
2015-07-13 17:47 - 2015-04-06 04:25 - 00000000 ____D C:\Program Files (x86)\RoyalCoupeon
2015-07-13 17:47 - 2015-03-17 03:31 - 00000000 ____D C:\Program Files (x86)\KiingCoupon
2015-07-13 17:47 - 2015-03-17 03:30 - 00000000 ____D C:\Program Files (x86)\LuckkyShoipperr
2015-07-13 17:47 - 2015-02-05 21:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2
2015-07-13 17:47 - 2015-02-05 21:05 - 00000000 ____D C:\Program Files (x86)\Optimizer Pro 3.38
2015-07-13 16:57 - 2015-07-05 22:57 - 00000378 _____ C:\WINDOWS\Tasks\DataHider.job
2015-07-13 15:24 - 2015-02-24 05:16 - 00000000 ____D C:\ProgramData\15582645751170416548
2015-07-13 06:07 - 2015-06-19 02:41 - 00000002 _____ C:\END
2015-07-13 06:04 - 2015-06-19 03:06 - 00000354 _____ C:\WINDOWS\Tasks\DBJXMQ1.job
2015-07-11 23:29 - 2015-06-19 02:38 - 00000000 ____D C:\Program Files (x86)\globalUpdate
2015-07-09 04:10 - 2015-06-19 03:32 - 00000000 ____D C:\ProgramData\645cb22b00007527
2015-06-30 14:23 - 2015-06-30 14:23 - 0364032 ____N () C:\Users\Sofiene\AppData\Local\WikiUpdate.exe
Task: C:\WINDOWS\Tasks\DataHider.job => c:\programdata\{dfdbcd72-6812-bf4c-dfdb-bcd7268135c9}\4659619290919158727b.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\DBJXMQ1.job => C:\ProgramData\FlashBeat\FlashBeat.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\dsmonitor.job => 0x0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
Task: C:\WINDOWS\Tasks\EasyNotes.job => c:\programdata\{960b4f4e-eda5-7b6e-960b-b4f4eeda3d3b}\6004139006009157997b.exe <==== ATTENTION
Task: {002D80E6-C68B-4F4C-B428-704E4A5E26B6} - System32\Tasks\LaunchPreSignup => C:\Program Files (x86)\OLBPre\OLBPre.exe <==== ATTENTION
Task: {23734117-089E-4BC8-BA39-F29609ADC575} - System32\Tasks\sol3007 => C:\PROGRA~2\FASTSE~1\sol3007.exe
Task: {26892C8A-23C2-49A9-8A0F-5B7DEB67B703} - System32\Tasks\EasyNotes => c:\programdata\{960b4f4e-eda5-7b6e-960b-b4f4eeda3d3b}\6004139006009157997b.exe <==== ATTENTION
Task: {42404379-3B82-45B0-83DC-FC478AFA5DF2} - System32\Tasks\ZFPJSEUK => C:\ProgramData\6e589a01ba0f4c4e96fed4b4f5d233ce\6e589a01ba0f4c4e96fed4b4f5d233ce.exe <==== ATTENTION
Task: {4DE3698A-72F7-47B3-B9C2-4BB4505971C4} - System32\Tasks\Hnoarpna => C:\ProgramData\Hnoarpna\1.0.4.1\honejefa.exe [2015-07-09] ()
Task: {614BD130-C0D4-4CBD-AF82-B698BE1ED963} - System32\Tasks\iren3006 => C:\Program Files (x86)\HighlightSearches\iren3006.exe [2015-04-24] () <==== ATTENTION
Task: {82CED6A6-928F-427D-BCA7-54753303AD88} - System32\Tasks\MaxComputerCleaner_Start => C:\Program Files (x86)\Max Computer Cleaner\MaxComputerCleaner.exe <==== ATTENTION
Task: {8ED3E8D6-2B79-4CEB-81AD-DAA627FE4BD9} - System32\Tasks\DataHider => c:\programdata\{dfdbcd72-6812-bf4c-dfdb-bcd7268135c9}\4659619290919158727b.exe <==== ATTENTION
Task: {956273A4-6FE5-4DA4-9837-88C989D731C4} - System32\Tasks\{3B16BDAE-0E7E-4FB1-BA45-A23DC3900504} => pcalua.exe -a C:\Users\Sofiene\AppData\Roaming\istartsurf\UninstallManager.exe -c -ptid=tugs
Task: {B227439A-9676-4F07-BE2B-0EA1CA3CE44F} - System32\Tasks\DBJXMQ1 => C:\ProgramData\FlashBeat\FlashBeat.exe <==== ATTENTION
Task: {F0610852-9784-4549-B044-0A7C0693E451} - System32\Tasks\tet3008 => C:\PROGRA~2\FASTSE~1\tet3008.exe
cmd: netsh winsock reset


C:\Users\Sofiene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OptimizerPro.lnk => moved successfully.
C:\ProgramData\{23b9c291-4ad2-5ac9-23b9-9c2914ad0a45}\OptimizerPro.exe not found.
HKU\S-1-5-21-2945384693-3709462287-1373025756-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value removed successfully
HKU\S-1-5-21-2945384693-3709462287-1373025756-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value removed successfully
C:\Users\Sofiene\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaaogcninhibjjfnjhhljkmdkepfnf => moved successfully.
C:\Users\Sofiene\AppData\Local\Google\Chrome\User Data\Default\Extensions\elkkomimknapgodalnkjeddkjnjkfmfp => moved successfully.
C:\Users\Sofiene\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd => moved successfully.
C:\Users\Sofiene\AppData\Local\Google\Chrome\User Data\Default\Extensions\kohoehgoafblafjinhplmhcbphgaaobc => moved successfully.
C:\Program Files (x86)\GUM2FC.tmp => moved successfully.
C:\Program Files (x86)\GUT2FD.tmp => moved successfully.
C:\WINDOWS\system32\Drivers\{e789ddb0-d21e-4917-9218-742217563d5b}Gw64.sys => moved successfully.
C:\Program Files (x86)\DOwnnSSave => moved successfully.
C:\Program Files (x86)\DoownSave => moved successfully.
C:\Program Files (x86)\Internet Speed Tracker => moved successfully.
C:\Program Files (x86)\DiOwNNSaVVe => moved successfully.
C:\Program Files (x86)\rec_fr_47 => moved successfully.
C:\Users\Sofiene\AppData\Local\rec_fr_47 => moved successfully.
C:\Users\Sofiene\AppData\Local\gmsd_fr_002020027 => moved successfully.
C:\Program Files (x86)\gmsd_fr_002020027 => moved successfully.
C:\Users\Sofiene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GUPlayer => moved successfully.
C:\ProgramData\RXhHSIME => moved successfully.
C:\ProgramData\BreakingNewsAlert => moved successfully.
C:\Users\Sofiene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASPackage => moved successfully.
C:\Users\Sofiene\AppData\Roaming\C3C696D5-1436630655-5D06-A0A8-C0C8381496DC => moved successfully.
C:\Users\Sofiene\AppData\Roaming\ASPackage => moved successfully.
C:\Program Files (x86)\Product Deals => moved successfully.
C:\Users\Sofiene\AppData\Roaming\C3C696D5-1436630175-5D06-A0A8-C0C8381496DC => moved successfully.
C:\Program Files (x86)\50CoupooNs => moved successfully.
C:\Program Files (x86)\50COupoNS => moved successfully.
C:\Program Files (x86)\50Couponss => moved successfully.
C:\Program Files (x86)\HuzzilySyriscriping => moved successfully.
C:\Program Files (x86)\NeWSaver => moved successfully.
C:\Program Files (x86)\NewSavoeRi => moved successfully.
C:\Program Files (x86)\Image Size Info => moved successfully.
C:\Users\Sofiene\AppData\Roaming\C3C696D5-1436528041-5D06-A0A8-C0C8381496DC => moved successfully.
C:\ProgramData\Radio => moved successfully.
C:\Program Files (x86)\doullarsavaer => moved successfully.
C:\Program Files (x86)\doolLarsaVer => moved successfully.
C:\Program Files (x86)\dollaersaaver => moved successfully.
C:\ProgramData\{960b4f4e-eda5-7b6e-960b-b4f4eeda3d3b} => moved successfully.
C:\WINDOWS\Tasks\EasyNotes.job => moved successfully.
C:\WINDOWS\System32\Tasks\EasyNotes => moved successfully.
C:\Users\Sofiene\AppData\Local\Crossbrowse => moved successfully.
C:\WINDOWS\System32\Tasks\Hnoarpna => moved successfully.
C:\ProgramData\Hnoarpna => moved successfully.
C:\Users\Sofiene\AppData\Roaming\C3C696D5-1436411132-5D06-A0A8-C0C8381496DC => moved successfully.
C:\Program Files (x86)\prefs.js => moved successfully.
C:\Program Files (x86)\LibraryProc => moved successfully.
C:\Program Files (x86)\GUPlayer => moved successfully.
C:\Program Files (x86)\Iminent => moved successfully.
C:\Program Files (x86)\MiuiTab => moved successfully.
C:\Program Files (x86)\FuoNDealsi => moved successfully.
C:\Program Files (x86)\FunDEoalls => moved successfully.
C:\Program Files (x86)\FounDeals => moved successfully.
C:\Program Files (x86)\bestadblocker => moved successfully.
C:\Program Files (x86)\2cloud => moved successfully.
C:\Program Files (x86)\PriceMinuus => moved successfully.
C:\ProgramData\{505c6900-cdcc-9c42-505c-c6900cdca403} => moved successfully.
C:\Program Files (x86)\ExttrAShoPupera => moved successfully.
C:\Program Files (x86)\RoyalCoupeon => moved successfully.
C:\Program Files (x86)\KiingCoupon => moved successfully.
C:\Program Files (x86)\LuckkyShoipperr => moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2 => moved successfully.
C:\Program Files (x86)\Optimizer Pro 3.38 => moved successfully.
C:\WINDOWS\Tasks\DataHider.job => moved successfully.
C:\ProgramData\15582645751170416548 => moved successfully.
C:\END => moved successfully.
C:\WINDOWS\Tasks\DBJXMQ1.job => moved successfully.
C:\Program Files (x86)\globalUpdate => moved successfully.
C:\ProgramData\645cb22b00007527 => moved successfully.
C:\Users\Sofiene\AppData\Local\WikiUpdate.exe => moved successfully.
C:\WINDOWS\Tasks\DataHider.job not found.
C:\WINDOWS\Tasks\DBJXMQ1.job not found.
C:\WINDOWS\Tasks\dsmonitor.job => moved successfully.
C:\WINDOWS\Tasks\EasyNotes.job not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{002D80E6-C68B-4F4C-B428-704E4A5E26B6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{002D80E6-C68B-4F4C-B428-704E4A5E26B6}" => key removed successfully
C:\WINDOWS\System32\Tasks\LaunchPreSignup => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LaunchPreSignup" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{23734117-089E-4BC8-BA39-F29609ADC575}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{23734117-089E-4BC8-BA39-F29609ADC575}" => key removed successfully
C:\WINDOWS\System32\Tasks\sol3007 => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\sol3007" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{26892C8A-23C2-49A9-8A0F-5B7DEB67B703}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{26892C8A-23C2-49A9-8A0F-5B7DEB67B703}" => key removed successfully
C:\WINDOWS\System32\Tasks\EasyNotes not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EasyNotes" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{42404379-3B82-45B0-83DC-FC478AFA5DF2}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{42404379-3B82-45B0-83DC-FC478AFA5DF2}" => key removed successfully
C:\WINDOWS\System32\Tasks\ZFPJSEUK => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ZFPJSEUK" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{4DE3698A-72F7-47B3-B9C2-4BB4505971C4}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4DE3698A-72F7-47B3-B9C2-4BB4505971C4}" => key removed successfully
C:\WINDOWS\System32\Tasks\Hnoarpna not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Hnoarpna" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{614BD130-C0D4-4CBD-AF82-B698BE1ED963}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{614BD130-C0D4-4CBD-AF82-B698BE1ED963}" => key removed successfully
C:\WINDOWS\System32\Tasks\iren3006 => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\iren3006" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{82CED6A6-928F-427D-BCA7-54753303AD88}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{82CED6A6-928F-427D-BCA7-54753303AD88}" => key removed successfully
C:\WINDOWS\System32\Tasks\MaxComputerCleaner_Start => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\MaxComputerCleaner_Start" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8ED3E8D6-2B79-4CEB-81AD-DAA627FE4BD9}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8ED3E8D6-2B79-4CEB-81AD-DAA627FE4BD9}" => key removed successfully
C:\WINDOWS\System32\Tasks\DataHider => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DataHider" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{956273A4-6FE5-4DA4-9837-88C989D731C4}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{956273A4-6FE5-4DA4-9837-88C989D731C4}" => key removed successfully
C:\WINDOWS\System32\Tasks\{3B16BDAE-0E7E-4FB1-BA45-A23DC3900504} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{3B16BDAE-0E7E-4FB1-BA45-A23DC3900504}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B227439A-9676-4F07-BE2B-0EA1CA3CE44F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B227439A-9676-4F07-BE2B-0EA1CA3CE44F}" => key removed successfully
C:\WINDOWS\System32\Tasks\DBJXMQ1 => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DBJXMQ1" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F0610852-9784-4549-B044-0A7C0693E451}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F0610852-9784-4549-B044-0A7C0693E451}" => key removed successfully
C:\WINDOWS\System32\Tasks\tet3008 => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\tet3008" => key removed successfully

========= netsh winsock reset =========


Le catalogue Winsock a ?t? r?initialis? correctement.
Vous devez red?marrer l'ordinateur afin de finaliser la r?initialisation.


========= End of CMD: =========

End of Fixlog 18:16:25

0
Réponse 3 / 3
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 660
9 août 2015 à 20:19
ok, voici la suite :

Malwarebytes (temps : environ 40min de scan):
==================================================
Télécharge et installe Malwarebyte : https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
Mets le à jour puis lance un examen.

A la fin du scan, clic sur "Supprimer Selection" en bas à gauche.
Redémarre l'ordinateur si besoin.
Après redémarrage, relance Malwarebytes.
Vas chercher le rapport dans l'onglet Historique.
A gauche Journal d'analyse.
Doube-clic sur l'examen dans la liste.
Puis en bas Copier dans le presse papier
Vas sur http://pjjoint.malekal.com et en bas, clic droit / coller pour coller le rapport du scan Malwarebytes.
Clic sur envoyer.
Dans un nouveau message ici en réponse, donne le lien pjjoint afin de pouvoir consulter le rapport.


0

Discussions similaires

FOTOSE (allemagne)
lix -
pierre -

12 réponses
35 GO à l'étranger
Laurence -
Laurence -

2 réponses
Vérifier que le server freebox est bien connecté à internet
Fatfa265 -
Pierr10 -

1 réponse
Comment trouver l'adresse IP d'un correspondant ?
chanfran -
mildiou123 -

1 réponse