ADW bloqué

Andrath93 Messages postés 1 Statut Membre -  
Malekal_morte- Messages postés 178136 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   -
Bonjour,

Je tente de lancer ADW sur mon PC mais il est bloqué par l'administrateur (je suppose à cause d'un malware).
J'ai déjà scanné mon PC avec FRST, est ce que quelqu'un pourrait m'aider pour la suite? En vous remerciant d'avance

Les 3 Liens sont: FRST - Addition - Shortcut
https://pjjoint.malekal.com/files.php?id=FRST_20180124_n8i8v5o14u5
https://pjjoint.malekal.com/files.php?id=20180124_y10v15f12i13q7
https://pjjoint.malekal.com/files.php?id=20180124_y14g12g14e14j7

1 réponse

  1. Malekal_morte- Messages postés 178136 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   24 712
     
    Salut,

    Voici la correction à effectuer avec FRST. Tu peux t'aider de cette note explicative avec des captures d'écran.
    Relance FRST puis sur ton clavier appuyer sur la touche CTRL + Y.
    Le bloc-note va s'ouvrir, copie/colle ceci.

    CreateRestorePoint:
    CloseProcesses:
    Task: {6F3FC527-9439-4A29-A47E-31907C37E45A} - \saKXaLnxQURzlMgex -> No File <==== ATTENTION
    Task: {6FFF6E3F-58C4-4DE3-918A-020F9DB2C2BB} - \plaAVjRQXWCDePSecyr2 -> No File <==== ATTENTION
    Task: {76C2CF5B-4F97-4CF6-8CED-38DE9FC57D86} - \GoogleUpdateSecurityTaskMachine_CL -> No File <==== ATTENTION
    Task: {76F9D45C-37CE-4B73-BDE5-6A195E022542} - System32\Tasks\44088936 => C:\Program Files (x86)\Morton\sheath.exe [2018-01-24] () <==== ATTENTION
    Task: C:\Windows\Tasks\BcyoMZkjXMgFaPP.job => C:\Program Files (x86)\umkISPBbU\hrzvaT.dll
    Task: C:\Windows\Tasks\plaAVjRQXWCDePSecyr.job => C:\Program Files (x86)\aohGTEheqdnWC\mTLAADT.dll
    Task: C:\Windows\Tasks\saKXaLnxQURzlMgex.job => C:\Program Files (x86)\RrHYXuUpocPTIXdsppR\sRHqnhA.dll
    Task: {D5003D57-66BD-48C8-BB1E-53ABD6E08B0E} - \BcyoMZkjXMgFaPP -> No File <==== ATTENTION
    Task: {E9F62F0A-687A-48A0-85F6-5AB988E24B98} - \BcyoMZkjXMgFaPP2 -> No File <==== ATTENTION
    Task: {84CD9966-AD3B-4195-BCB7-747FDDBE4CA0} - System32\Tasks\3f23ffaaf57054bf0c6da4db93225a9d => sc start 3f23ffaaf57054bf0c6da4db93225a9d <==== ATTENTION
    Task: {98A40675-CCE3-4450-8856-2ECE9CF00784} - \GoogleUpdateSecurityTaskMachine_WQ -> No File <==== ATTENTION
    Task: {9AC2FF19-5E06-4511-B401-FFB1CF4A8C84} - System32\Tasks\ba62576889625768896257688962576889 => C:\Users\Nahel\AppData\Local\navarra.exe
    Task: {A14EF60E-F2DA-43DA-BB06-094ED036803C} - \HR Sticky Office Builder -> No File <==== ATTENTION
    Task: {A8C62A8C-2ED3-40A3-9D0A-04D57440D291} - System32\Tasks\4442383344423833 => C:\Program Files (x86)\doctoring\navarra.exe <==== ATTENTION
    Task: {F02ECC2D-E7A1-49F0-AA50-729E6B327973} - \saKXaLnxQURzlMgex2 -> No File <==== ATTENTION
    Task: {64B37A90-9F26-4DAB-8EFE-41C0ADADBEFE} - System32\Tasks\Nahel => cmd.exe /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v Nahel /t REG_SZ /d "explorer.exe hxxp://ozirizsoos.info" <==== ATTENTION
    Task: {028AC040-793A-4F3A-A491-BB283D35B83B} - System32\Tasks\ba4408893644088936 => C:\Program Files (x86)\Morton\sheath.exe [2018-01-24] ()
    Task: {057C945A-5DC0-40CD-8BEF-E2FA965C85E5} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-12-16] (NVIDIA Corporation)
    Task: {0D9E3072-AAFF-455A-B726-C05BA7FF4DC6} - System32\Tasks\44423833 => C:\Program Files (x86)\Octahedron\sheath.exe <==== ATTENTION
    Task: {15544ADD-6364-4A69-8568-1AED32F99513} - System32\Tasks\ba6257688962576889 => C:\Users\Nahel\AppData\Local\sheath.exe
    Task: {165D6360-1B21-419A-A95C-5E31D4FD8ED3} - System32\Tasks\6257688962576889 => C:\Users\Nahel\AppData\Local\navarra.exe <==== ATTENTION
    Task: {1D53AE0A-5D7F-449F-97D7-D834CE001256} - System32\Tasks\YgVPrxo2fNEw => ygvprxo2fnew.exe
    HKLM\...\Run: [gplyra] => C:\Users\Nahel\AppData\Roaming\gplyra\gplyra\start.cmd <==== ATTENTION
    HKLM\...\Run: [xerxes] => C:\Program Files (x86)\Octahedron\sheath.exe
    HKLM\...\Run: [xerxesmorita] => C:\Program Files (x86)\doctoring\navarra.exe
    HKLM\...\Run: [xerxesxerxes] => C:\Program Files (x86)\Morton\sheath.exe [11264 2018-01-24] ()
    HKLM-x32\...\Run: [RzWizard] => C:\Program Files (x86)\Razer\RzWizard\RzWizard.exe [263112 2016-03-23] (Razer Inc.)
    HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [235624 2015-01-09] (CANON INC.)
    HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1314432 2016-06-09] (CANON INC.)
    HKLM-x32\...\Run: [preuss] => C:\Program Files (x86)\Octahedron\sheath.exe
    HKLM-x32\...\Run: [preussconrad] => C:\Program Files (x86)\doctoring\navarra.exe
    HKLM-x32\...\Run: [preusspreuss] => C:\Program Files (x86)\Morton\sheath.exe [11264 2018-01-24] ()
    HKLM\ DisallowedCertificates: 03D22C9C66915D58C88912B64C1F984B8344EF09 (Comodo Security Solutions) <==== ATTENTION
    HKLM\ DisallowedCertificates: 0F684EC1163281085C6AF20528878103ACEFCAAB (F-Secure Corporation) <==== ATTENTION
    HKLM\ DisallowedCertificates: 1667908C9E22EFBD0590E088715CC74BE4C60884 (FRISK Software International/F-Prot) <==== ATTENTION
    HKLM\ DisallowedCertificates: 18DEA4EFA93B06AE997D234411F3FD72A677EECE (Bitdefender SRL) <==== ATTENTION
    HKLM\ DisallowedCertificates: 2026D13756EB0DB753DF26CB3B7EEBE3E70BB2CF (G DATA Software AG) <==== ATTENTION
    HKLM\ DisallowedCertificates: 249BDA38A611CD746A132FA2AF995A2D3C941264 (Malwarebytes Corporation) <==== ATTENTION
    HKLM\ DisallowedCertificates: 31AC96A6C17C425222C46D55C3CCA6BA12E54DAF (Symantec Corporation) <==== ATTENTION
    HKLM\ DisallowedCertificates: 331E2046A1CCA7BFEF766724394BE6112B4CA3F7 (Trend Micro) <==== ATTENTION
    HKLM\ DisallowedCertificates: 3353EA609334A9F23A701B9159E30CB6C22D4C59 (Webroot Inc.) <==== ATTENTION
    HKLM\ DisallowedCertificates: 373C33726722D3A5D1EDD1F1585D5D25B39BEA1A (SUPERAntiSpyware.com) <==== ATTENTION
    HKLM\ DisallowedCertificates: 3850EDD77CC74EC9F4829AE406BBF9C21E0DA87F (Kaspersky Lab) <==== ATTENTION
    HKLM\ DisallowedCertificates: 3D496FA682E65FC122351EC29B55AB94F3BB03FC (AVG Technologies CZ) <==== ATTENTION
    HKLM\ DisallowedCertificates: 4243A03DB4C3C15149CEA8B38EEA1DA4F26BD159 (PC Tools) <==== ATTENTION
    HKLM\ DisallowedCertificates: 42727E052C0C2E1B35AB53E1005FD9EDC9DE8F01 (K7 Computing Pvt Ltd) <==== ATTENTION
    HKLM\ DisallowedCertificates: 4420C99742DF11DD0795BC15B7B0ABF090DC84DF (Doctor Web Ltd.) <==== ATTENTION
    HKLM\ DisallowedCertificates: 4C0AF5719009B7C9D85C5EAEDFA3B7F090FE5FFF (Emsisoft Ltd) <==== ATTENTION
    HKLM\ DisallowedCertificates: 5240AB5B05D11B37900AC7712A3C6AE42F377C8C (Check Point Software Technologies Ltd.) <==== ATTENTION
    HKLM\ DisallowedCertificates: 5DD3D41810F28B2A13E9A004E6412061E28FA48D (Emsisoft Ltd) <==== ATTENTION
    HKLM\ DisallowedCertificates: 7457A3793086DBB58B3858D6476889E3311E550E (K7 Computing Pvt Ltd) <==== ATTENTION
    HKLM\ DisallowedCertificates: 76A9295EF4343E12DFC5FE05DC57227C1AB00D29 (BullGuard Ltd) <==== ATTENTION
    HKLM\ DisallowedCertificates: 775B373B33B9D15B58BC02B184704332B97C3CAF (McAfee) <==== ATTENTION
    HKLM\ DisallowedCertificates: 872CD334B7E7B3C3D1C6114CD6B221026D505EAB (Comodo Security Solutions) <==== ATTENTION
    HKLM\ DisallowedCertificates: 88AD5DFE24126872B33175D1778687B642323ACF (McAfee) <==== ATTENTION
    HKLM\ DisallowedCertificates: 9132E8B079D080E01D52631690BE18EBC2347C1E (Adaware Software) <==== ATTENTION
    HKLM\ DisallowedCertificates: 982D98951CF3C0CA2A02814D474A976CBFF6BDB1 (Safer Networking Ltd.) <==== ATTENTION
    HKLM\ DisallowedCertificates: 9A08641F7C5F2CCA0888388BE3E5DBDDAAA3B361 (Webroot Inc.) <==== ATTENTION
    HKLM\ DisallowedCertificates: 9C43F665E690AB4D486D4717B456C5554D4BCEB5 (ThreatTrack Security) <==== ATTENTION
    HKLM\ DisallowedCertificates: 9E3F95577B37C74CA2F70C1E1859E798B7FC6B13 (CURIOLAB S.M.B.A.) <==== ATTENTION
    HKLM\ DisallowedCertificates: A1F8DCB086E461E2ABB4B46ADCFA0B48C58B6E99 (Avira Operations GmbH & Co. KG) <==== ATTENTION
    HKLM\ DisallowedCertificates: A5341949ABE1407DD7BF7DFE75460D9608FBC309 (BullGuard Ltd) <==== ATTENTION
    HKLM\ DisallowedCertificates: A59CC32724DD07A6FC33F7806945481A2D13CA2F (ESET) <==== ATTENTION
    HKLM\ DisallowedCertificates: AB7E760DA2485EA9EF5A6EEE7647748D4BA6B947 (AVG Technologies CZ) <==== ATTENTION
    HKLM\ DisallowedCertificates: AD4C5429E10F4FF6C01840C20ABA344D7401209F (Avast Antivirus/Software) <==== ATTENTION
    HKLM\ DisallowedCertificates: AD96BB64BA36379D2E354660780C2067B81DA2E0 (Symantec Corporation) <==== ATTENTION
    HKLM\ DisallowedCertificates: B8EBF0E696AF77F51C96DB4D044586E2F4F8FD84 (Malwarebytes Corporation) <==== ATTENTION
    HKLM\ DisallowedCertificates: CDC37C22FE9272D8F2610206AD397A45040326B8 (Trend Micro) <==== ATTENTION
    HKLM\ DisallowedCertificates: D3F78D747E7C5D6D3AE8ABFDDA7522BFB4CBD598 (Kaspersky Lab) <==== ATTENTION
    HKLM\ DisallowedCertificates: DB303C9B61282DE525DC754A535CA2D6A9BD3D87 (ThreatTrack Security) <==== ATTENTION
    HKLM\ DisallowedCertificates: DB77E5CFEC34459146748B667C97B185619251BA (Avast Antivirus/Software) <==== ATTENTION
    HKLM\ DisallowedCertificates: E22240E837B52E691C71DF248F12D27F96441C00 (Total Defense, Inc.) <==== ATTENTION
    HKLM\ DisallowedCertificates: E513EAB8610CFFD7C87E00BCA15C23AAB407FCEF (AVG Technologies CZ) <==== ATTENTION
    HKLM\ DisallowedCertificates: ED841A61C0F76025598421BC1B00E24189E68D54 (Bitdefender SRL) <==== ATTENTION
    HKLM\ DisallowedCertificates: F83099622B4A9F72CB5081F742164AD1B8D048C9 (ESET) <==== ATTENTION
    HKLM\ DisallowedCertificates: FBB42F089AF2D570F2BF6F493D107A3255A9BB1A (Panda Security S.L) <==== ATTENTION
    HKLM\ DisallowedCertificates: FFFA650F2CB2ABC0D80527B524DD3F9FC172C138 (Doctor Web Ltd.) <==== ATTENTION
    HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
    HKU\S-1-5-21-1971819610-2725849522-1102091563-1001\...\Run: [Steam] => D:\Steam\steam.exe [3111712 2017-12-15] (Valve Corporation)
    HKU\S-1-5-21-1971819610-2725849522-1102091563-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [5094080 2017-07-03] (Disc Soft Ltd)
    HKU\S-1-5-21-1971819610-2725849522-1102091563-1001\...\Run: [uTorrent] => C:\Users\Nahel\AppData\Roaming\uTorrent\uTorrent.exe [1981624 2018-01-06] (BitTorrent Inc.)
    HKU\S-1-5-21-1971819610-2725849522-1102091563-1001\...\Run: [electron.app.Deezer] => C:\Users\Nahel\AppData\Local\Programs\deezer-desktop\Deezer.exe [56505152 2017-12-11] (Deezer)
    HKU\S-1-5-21-1971819610-2725849522-1102091563-1001\...\Run: [Spotify] => C:\Users\Nahel\AppData\Roaming\Spotify\Spotify.exe [21070224 2018-01-07] (Spotify Ltd)
    HKU\S-1-5-21-1971819610-2725849522-1102091563-1001\...\Run: [Nahel] => explorer.exe hxxp://ozirizsoos.info <==== ATTENTION [Pays NL - 51.15.2.200]
    HKU\S-1-5-21-1971819610-2725849522-1102091563-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10249048 2017-12-13] (Piriform Ltd)
    HKU\S-1-5-21-1971819610-2725849522-1102091563-1001\...\Run: [Spotify Web Helper] => C:\Users\Nahel\AppData\Roaming\Spotify\SpotifyWebHelper.exe [780688 2018-01-07] (Spotify Ltd)
    HKU\S-1-5-21-1971819610-2725849522-1102091563-1001\...\Run: [fguard] => rundll32.exe C:\Users\Nahel\AppData\Local\fguard.dll,fguard <==== ATTENTION
    HKU\S-1-5-21-1971819610-2725849522-1102091563-1001\...\Run: [conrad] => C:\Program Files (x86)\Octahedron\sheath.exe
    HKU\S-1-5-21-1971819610-2725849522-1102091563-1001\...\Run: [conradpreuss] => C:\Program Files (x86)\doctoring\navarra.exe
    HKU\S-1-5-21-1971819610-2725849522-1102091563-1001\...\Run: [conradconrad] => C:\Program Files (x86)\Morton\sheath.exe [11264 2018-01-24] ()
    HKU\S-1-5-21-1971819610-2725849522-1102091563-1001\...\Run: [morita] => C:\Program Files (x86)\Octahedron\sheath.exe
    HKU\S-1-5-21-1971819610-2725849522-1102091563-1001\...\Run: [moritaxerxes] => C:\Program Files (x86)\doctoring\navarra.exe
    HKU\S-1-5-21-1971819610-2725849522-1102091563-1001\...\Run: [moritamorita] => C:\Program Files (x86)\Morton\sheath.exe [11264 2018-01-24] ()
    HKU\S-1-5-21-1971819610-2725849522-1102091563-1001\...\Run: [burglary] => C:\Program Files (x86)\punted\burglary.exe [73516 2018-01-24] ()
    HKU\S-1-5-21-1971819610-2725849522-1102091563-1001\...\Run: [duodenal] => C:\Program Files (x86)\Octahedron\sheath.exe
    HKU\S-1-5-21-1971819610-2725849522-1102091563-1001\...\Run: [Interstatnogui] => C:\Users\Nahel\AppData\Roaming\Interstatnogui\interstatnogui.exe [1135728 2018-01-24] (IOT Mega) <==== ATTENTION
    HKU\S-1-5-21-1971819610-2725849522-1102091563-1001\...\MountPoints2: {782eb10f-d9d3-11e6-9082-708bcda9c7e3} - H:\stpdh2.exe
    Startup: C:\Users\Nahel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\slutsky.lnk [2018-01-24]
    ShortcutTarget: slutsky.lnk -> C:\Program Files (x86)\Octahedron\sheath.exe (No File)
    Startup: C:\Users\Nahel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\slutskyslutsky.lnk [2018-01-24]
    ShortcutTarget: slutskyslutsky.lnk -> C:\Program Files (x86)\doctoring\navarra.exe (No File)
    BootExecute: autocheck autochk * bootdelete
    GroupPolicy: Restriction - Chrome <==== ATTENTION
    GroupPolicy\User: Restriction <==== ATTENTION
    S1 NetUtils2016; C:\Windows\system32\drivers\NetUtils2016.sys [914920 2018-01-11] () <==== ATTENTION
    S2 olDJdY5UyFwz Updater; C:\Program Files (x86)\olDJdY5UyFwz Updater\olDJdY5UyFwz Updater.exe [X]
    S2 RUzxkfMdcB1V Updater; C:\Program Files (x86)\RUzxkfMdcB1V Updater\RUzxkfMdcB1V Updater.exe [X]
    S2 service_box.exe; C:\Program Files (x86)\System Native\Main Services\service_box.exe [X] <==== ATTENTION
    S3 updater; C:\Program Files (x86)\System Native\Main Services\updater.exe /runservice [X] <==== ATTENTION
    S2 YgVPrxo2fNEw Updater; C:\Program Files (x86)\YgVPrxo2fNEw Updater\YgVPrxo2fNEw Updater.exe [X]
    S2 3f23ffaaf57054bf0c6da4db93225a9d; C:\Program Files\3f23ffaaf57054bf0c6da4db93225a9d\43fa9e0688498e698b2b9384e518b47f.exe [X]
    S2 cUa5lSfQBDmk Updater; C:\Program Files (x86)\cUa5lSfQBDmk Updater\cUa5lSfQBDmk Updater.exe [X]
    R2 HNService; C:\Users\Nahel\AppData\Local\AdService\AdService.dll [711168 2018-01-24] (HNService) [File not signed]
    R2 Wallpaper Engine Service; D:\Wallpaper.Engine.Build.1.0.746\bin\wallpaperservice32_c.exe [337408 2017-05-26] () [File not signed]
    2018-01-24 11:36 - 2018-01-24 11:36 - 000003902 _____ C:\Windows\System32\Tasks\4442383344423833
    2018-01-24 11:36 - 2018-01-24 11:36 - 000003896 _____ C:\Windows\System32\Tasks\4408893644088936
    2018-01-24 11:36 - 2018-01-24 11:36 - 000003894 _____ C:\Windows\System32\Tasks\6257688962576889
    2018-01-24 11:36 - 2018-01-24 11:36 - 000003856 _____ C:\Windows\System32\Tasks\k44088936
    2018-01-24 11:36 - 2018-01-24 11:36 - 000003854 _____ C:\Windows\System32\Tasks\44423833
    2018-01-24 11:36 - 2018-01-24 11:36 - 000003846 _____ C:\Windows\System32\Tasks\44088936
    2018-01-24 11:36 - 2018-01-24 11:36 - 000003844 _____ C:\Windows\System32\Tasks\62576889
    2018-01-24 11:36 - 2018-01-24 11:36 - 000003776 _____ C:\Windows\System32\Tasks\ba44423833444238334442383344423833
    2018-01-24 11:36 - 2018-01-24 11:36 - 000003770 _____ C:\Windows\System32\Tasks\SoftUpgrade
    2018-01-24 11:36 - 2018-01-24 11:36 - 000003770 _____ C:\Windows\System32\Tasks\ba44088936440889364408893644088936
    2018-01-24 11:36 - 2018-01-24 11:36 - 000003768 _____ C:\Windows\System32\Tasks\ba62576889625768896257688962576889
    2018-01-24 11:36 - 2018-01-24 11:36 - 000003716 _____ C:\Windows\System32\Tasks\bak44088936k44088936
    2018-01-24 11:36 - 2018-01-24 11:36 - 000003712 _____ C:\Windows\System32\Tasks\ba4442383344423833
    2018-01-24 11:36 - 2018-01-24 11:36 - 000003704 _____ C:\Windows\System32\Tasks\ba4408893644088936
    2018-01-24 11:36 - 2018-01-24 11:36 - 000003702 _____ C:\Windows\System32\Tasks\ba6257688962576889
    2018-01-24 11:36 - 2018-01-24 11:36 - 000003072 _____ C:\Users\Nahel\AppData\Local\uninstallBTCG.exe
    2018-01-24 11:36 - 2018-01-24 11:36 - 000000020 _____ C:\Windows\b44423833
    2018-01-24 11:36 - 2018-01-24 11:36 - 000000000 ___HD C:\Program Files (x86)\punted
    2018-01-24 11:36 - 2018-01-24 11:36 - 000000000 ___HD C:\Program Files (x86)\Morton
    2018-01-24 11:36 - 2018-01-24 11:36 - 000000000 ____D C:\Users\Nahel\AppData\Roaming\Interstatnogui
    2018-01-24 11:36 - 2018-01-24 11:36 - 000000000 ____D C:\Users\Nahel\AppData\Local\AdService
    2018-01-24 11:36 - 2018-01-24 11:36 - 000000000 ____D C:\Program Files (x86)\SoftUpgrade
    2018-01-11 20:20 - 2018-01-11 20:20 - 000021588 _____ C:\Windows\System32\Tasks\YgVPrxo2fNEw
    2018-01-11 19:54 - 2018-01-11 19:55 - 007172032 _____ (AVAST Software) C:\Users\Public\Desktop\avast_free_antivirus_setup_online_a2a.exe
    2018-01-11 19:54 - 2018-01-11 19:55 - 007172032 _____ (AVAST Software) C:\Users\Nahel\Downloads\avast_free_antivirus_setup_online_a2a.exe
    2018-01-11 19:48 - 2018-01-11 19:48 - 000002346 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2018-01-11 19:48 - 2018-01-11 19:48 - 000002334 _____ C:\Users\Public\Desktop\Google Chrome.lnk
    2018-01-11 19:48 - 2018-01-11 19:48 - 000000000 ____D C:\Users\Nahel\AppData\Roaming\Google
    2018-01-11 19:44 - 2018-01-11 19:47 - 001129816 _____ (Google Inc.) C:\Users\Nahel\Downloads\ChromeSetup.exe
    2018-01-11 19:36 - 2018-01-11 19:36 - 000003938 _____ C:\Windows\System32\Tasks\CCleaner Update
    2018-01-11 19:36 - 2018-01-11 19:36 - 000002856 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
    2018-01-11 19:36 - 2018-01-11 19:36 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
    2018-01-11 19:36 - 2018-01-11 19:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
    2018-01-11 19:36 - 2018-01-11 19:36 - 000000000 ____D C:\Program Files\CCleaner
    2018-01-11 19:35 - 2018-01-11 19:36 - 011201632 _____ (Piriform Ltd) C:\Users\Nahel\Downloads\ccsetup538.exe
    2018-01-11 19:24 - 2018-01-11 19:24 - 000003286 _____ C:\Windows\System32\Tasks\3f23ffaaf57054bf0c6da4db93225a9d
    2018-01-11 19:24 - 2018-01-11 19:24 - 000000000 ____D C:\Windows\SysWOW64\SSL
    2018-01-11 19:21 - 2018-01-12 13:38 - 000000000 ____D C:\ProgramData\a7a78152-4921-1
    2018-01-11 19:21 - 2018-01-12 13:38 - 000000000 ____D C:\ProgramData\a7a78152-1a65-0
    2018-01-11 19:21 - 2018-01-11 20:42 - 000000328 _____ C:\Windows\Tasks\saKXaLnxQURzlMgex.job
    2018-01-11 19:21 - 2018-01-11 20:42 - 000000316 _____ C:\Windows\Tasks\plaAVjRQXWCDePSecyr.job
    2018-01-11 19:21 - 2018-01-11 20:42 - 000000306 _____ C:\Windows\Tasks\BcyoMZkjXMgFaPP.job
    2018-01-11 19:21 - 2018-01-11 19:21 - 000000000 ____D C:\Users\Nahel\AppData\Local\SystemHealer
    2018-01-11 19:21 - 2018-01-11 19:21 - 000000000 ____D C:\Users\Nahel\AppData\Local\OneSystemCare
    2018-01-11 19:20 - 2018-01-11 20:20 - 000930816 _____ C:\Users\Nahel\AppData\Local\po.db
    2018-01-11 19:20 - 2018-01-11 20:20 - 000914920 _____ C:\Windows\system32\Drivers\NetUtils2016.sys
    2018-01-11 18:00 - 2018-01-11 18:00 - 000000000 ____D C:\ProgramData\System Native
    2018-01-11 16:37 - 2018-01-11 16:49 - 008198432 _____ (Malwarebytes) C:\Users\Nahel\Downloads\adwcleaner-7-0-6-0.exe
    2018-01-11 16:25 - 2018-01-11 16:25 - 000000000 ____D C:\ProgramData\SecuritySuite
    2018-01-11 16:20 - 2018-01-11 16:20 - 000000000 ____D C:\Users\Nahel\AppData\Roaming\Macromedia
    2018-01-11 15:44 - 2018-01-11 15:44 - 000702976 _____ C:\Windows\730bb5c0a272e1f40ad13024f6c50517.exe
    2018-01-11 15:44 - 2018-01-11 15:44 - 000097248 _____ C:\Windows\system32\Drivers\ec1681814d7e3c7e4ab15cb815bdcf59.sys
    2018-01-11 15:44 - 2018-01-11 15:44 - 000053583 _____ C:\Windows\uninstaller.dat
    2018-01-11 15:19 - 2018-01-11 15:19 - 000003784 _____ C:\Windows\System32\Tasks\updater
    2018-01-11 15:19 - 2018-01-11 15:19 - 000003580 _____ C:\Windows\System32\Tasks\Guard
    2018-01-11 15:19 - 2018-01-11 15:19 - 000000000 ____D C:\Windat
    2018-01-11 15:18 - 2018-01-11 15:18 - 000000000 ____D C:\Users\Nahel\AppData\Roaming\System Native
    2018-01-11 15:09 - 2018-01-11 20:20 - 000005136 __RSH C:\ProgramData\ntuser.pol
    2018-01-11 15:08 - 2018-01-11 19:17 - 000000004 _____ C:\ProgramData\lock.dat
    2018-01-11 15:08 - 2018-01-11 15:17 - 000000012 _____ C:\ProgramData\rwi.hhad
    2018-01-11 15:07 - 2018-01-11 20:40 - 000000000 ____D C:\Users\Nahel\AppData\Roaming\9260c3042cc648cd835e75f953d947e1
    2018-01-11 15:07 - 2018-01-11 20:40 - 000000000 ____D C:\ProgramData\e3066acc64c84b0a93345565acae2741
    2018-01-11 15:07 - 2018-01-11 20:40 - 000000000 ____D C:\Program Files (x86)\tools
    2018-01-11 15:07 - 2018-01-11 15:21 - 000000103 _____ C:\Windows\SysWOW64\del.bat
    2018-01-11 15:07 - 2018-01-11 15:07 - 000140800 _____ C:\Users\Nahel\AppData\Local\installer.dat
    2018-01-11 15:05 - 2018-01-11 15:20 - 000000000 ____D C:\Users\Nahel\AppData\Local\Deployment
    2018-01-11 15:05 - 2018-01-11 15:05 - 000000000 ____D C:\Users\Nahel\AppData\Local\Apps\2.0
    Hosts:
    EmptyTemp:
    RemoveProxy:
    Reboot:


    Enregistre le contenu par le menu fichier puis enregistrer.

    Ferme le bloc-note, retourne sur FRST et clique sur le bouton "Corriger / Fix"
    Un redémarrage sera peut-être nécessaire et automatique.
    Un fichier texte apparaît, copie/colle le contenu ici dans un nouveau message.

    Redémarre l'ordinateur.

    2°)
    Réinitialise/Répare les navigateurs WEB concernés par les problèmes :

    3°)
    Termine par un nettoyage Malwarebytes - Tutoriel Malwarebytes Anti-Malware version gratuite

    4°)
    Vois ce que cela donne et si des améliorations ont eu lieu.
    Si ce n'est pas le cas, si tu as encore des pages de pubs intempestives, précise sur quel navigateur WEB.
    Refais un scan FRST et donne les nouveaux rapports via pjjoint.

    0