Je suis envahie de pubs !!!
Fermé
Audrey
-
14 janv. 2018 à 20:39
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 - 16 janv. 2018 à 11:44
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 - 16 janv. 2018 à 11:44
A voir également:
- Je suis envahie de pubs !!!
- Bloqueur de pub youtube - Guide
- Supprimer les pubs - Guide
- YT Siphon : une extension pour contourner la pub sur YouTube - Guide
- Pubs netflix - Guide
- Bloquer les pubs sur youtube - Guide
2 réponses
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 627
14 janv. 2018 à 20:42
14 janv. 2018 à 20:42
Salut,
Merci de préciser le navigateur internet puis :
Suis le tutoriel FRST. ( prends le temps de lire attentivement - tout y est bien expliqué ).
Télécharge et lance le scan FRST,
Attendre la fin du scan, un message indique que l'analyse est terminée.
Trois rapports FRST seront générés :
Envoie ces 3 rapports sur le site https://pjjoint.malekal.com/ afin de les partager.
En retour donne les 3 liens pjjoint qui mènent aux rapports ici dans une nouvelle réponse afin que l'on puisse les consulter.
Merci de préciser le navigateur internet puis :
Suis le tutoriel FRST. ( prends le temps de lire attentivement - tout y est bien expliqué ).
Télécharge et lance le scan FRST,
Attendre la fin du scan, un message indique que l'analyse est terminée.
Trois rapports FRST seront générés :
- FRST.txt
- Shortcut.txt
- Additionnal.txt
Envoie ces 3 rapports sur le site https://pjjoint.malekal.com/ afin de les partager.
En retour donne les 3 liens pjjoint qui mènent aux rapports ici dans une nouvelle réponse afin que l'on puisse les consulter.
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 627
16 janv. 2018 à 11:44
16 janv. 2018 à 11:44
wow tu as bien infecté ton ordinateur.
Tu peux envisager de réinitialiser Windows 10, c'est plus simple, tu repars sur une machine propre : Comment réinitialiser Windows 10
où on peut tenter de désinfecter l'ordinateur.
Voici la correction à effectuer avec FRST. Tu peux t'aider de cette note explicative avec des captures d'écran.
Relance FRST puis sur ton clavier appuyer sur la touche CTRL + Y.
Le bloc-note va s'ouvrir, copie/colle ceci.
Enregistre le contenu par le menu fichier puis enregistrer.
Ferme le bloc-note, retourne sur FRST et clique sur le bouton "Corriger / Fix"
Un redémarrage sera peut-être nécessaire et automatique.
Un fichier texte apparaît, copie/colle le contenu ici dans un nouveau message.
Redémarre l'ordinateur.
2°)
Réinitialise/Répare les navigateurs WEB concernés par les problèmes :
3°)
Termine par un nettoyage Malwarebytes - Tutoriel Malwarebytes Anti-Malware version gratuite
4°)
Vois ce que cela donne et si des améliorations ont eu lieu.
Si ce n'est pas le cas, si tu as encore des pages de pubs intempestives, précise sur quel navigateur WEB.
Refais un scan FRST et donne les nouveaux rapports via pjjoint.
Tu peux envisager de réinitialiser Windows 10, c'est plus simple, tu repars sur une machine propre : Comment réinitialiser Windows 10
où on peut tenter de désinfecter l'ordinateur.
Voici la correction à effectuer avec FRST. Tu peux t'aider de cette note explicative avec des captures d'écran.
Relance FRST puis sur ton clavier appuyer sur la touche CTRL + Y.
Le bloc-note va s'ouvrir, copie/colle ceci.
CreateRestorePoint:
CloseProcesses:
Task: {0002391C-519D-4A23-BE1A-129E02372DF0} - System32\Tasks\GoogleUpdateSecurityTaskMachine_VI => C:\ProgramData\18dd7888a58b4bd0acdd8a5b53e39af1\chipset.exe exec hide FWCJJPOUYC.cmd <==== ATTENTION
Task: {1DD784D4-9FAB-4841-9C48-9D4A09CC083D} - System32\Tasks\GoogleUpdateSecurityTaskMachine_XV => C:\Users\dober\AppData\Local\Temp\f053ddcc8ba849ca8a7e93a57fe08598\chipset.exe exec hide HCVAYIFETO.cmd <==== ATTENTION
Task: {332A3B17-F5BB-4092-9AEB-F405EE392892} - System32\Tasks\plaAVjRQXWCDePSecyr => rundll32 "C:\Program Files (x86)\aohGTEheqdnWC\DLaTHXO.dll",#1
Task: {338CE7AF-0746-4F7B-8E3F-BEE0BBA2D9E6} - System32\Tasks\pnIxobGIUDXdNt => rundll32 "C:\Program Files (x86)\TwPufLOWyrxU2\yjPnzeIqSwvqT.dll",#1
Task: {4EDC5941-9B83-4723-B73B-3CC7315A60C7} - System32\Tasks\saKXaLnxQURzlMgex2 => rundll32 "C:\Program Files (x86)\RrHYXuUpocPTIXdsppR\EcJmUrf.dll",#1
Task: {50A9A52C-92C6-41C9-B8E4-B019AD12822A} - System32\Tasks\One System Care Monitor => C:\Program Files (x86)\OneSystemCare\CleanupConsole.exe [2017-12-26] () <==== ATTENTION
Task: {64EF070E-BC0E-4D22-A21A-6928CFDBE7D8} - System32\Tasks\saKXaLnxQURzlMgex => rundll32 "C:\Program Files (x86)\RrHYXuUpocPTIXdsppR\EcJmUrf.dll",#1
Task: {6FE0F639-6A1F-4CDF-9B7F-A7983AD0D334} - System32\Tasks\GoogleUpdateSecurityTaskMachine_DS => C:\ProgramData\460b41ecb97b4471b5b0896044c113b2\chipset.exe exec hide JTJZTRDJCN.cmd <==== ATTENTION
Task: {72D0AD1F-8616-422A-B411-013CF5945B47} - System32\Tasks\{7A0F7F47-7E7D-057D-0B11-7A09040E117A}
Task: {80060B85-DD7F-4027-948D-EEBC6C82F68B} - System32\Tasks\BcyoMZkjXMgFaPP2 => rundll32 "C:\Program Files (x86)\umkISPBbU\jneqwq.dll",#1
Task: {849AD14E-E093-4EAE-B3E2-8263A4CAAC96} - System32\Tasks\FastDataX Task => C:\Program Files (x86)\FastDataX\FastDataX.exe [2017-12-26] () <==== ATTENTION
Task: {8FB05874-7F48-4CBC-8BC8-EC06E3187C68} - System32\Tasks\plaAVjRQXWCDePSecyr2 => rundll32 "C:\Program Files (x86)\aohGTEheqdnWC\DLaTHXO.dll",#1
Task: {906CF8FA-38B5-463E-8EB6-005EFCD4C184} - System32\Tasks\GoogleUpdateSecurityTaskMachine_LX => C:\Users\dober\AppData\Local\Temp\0fb82fa8eaee48ed8d0465ec1b8847c5\chipset.exe exec hide EQLMRQSDXH.cmd <==== ATTENTION
Task: {964AA021-8B51-4156-BCB0-DA606823D084} - System32\Tasks\GoogleUpdateSecurityTaskMachine_QW => C:\Users\dober\AppData\Local\09ebac3f83904554b37be92650e59af4\chipset.exe exec hide EPNTIFWUEH.cmd <==== ATTENTION
Task: {995B162B-64DA-440C-8A83-6EEAAAF74350} - System32\Tasks\{22CF225D-87DE-04CF-BDE9-273A5754C86F} => C:\Windows\system32\regsvr32.exe /s /n /i:"/rt" "C:\PROGRA~3\d657cc79\c2f3a3aa.dll" <==== ATTENTION
Task: {C017CA53-3A11-4FBF-B02D-100F305BEEBB} - System32\Tasks\a6985661db2b7013dce93207d7ff3f7a => sc start a6985661db2b7013dce93207d7ff3f7a <==== ATTENTION
Task: {D75F2764-5178-441D-A424-8952E138FB9D} - System32\Tasks\BcyoMZkjXMgFaPP => rundll32 "C:\Program Files (x86)\umkISPBbU\jneqwq.dll",#1
Task: {E025286C-E470-4C5C-9E76-67F542C7023A} - System32\Tasks\OneSystemCare Task => C:\Program Files (x86)\OneSystemCare\SystemConsole.exe [2017-12-26] () <==== ATTENTION
Task: {E2E61215-5EC8-475A-8FF7-FD63FF1942F9} - System32\Tasks\One System Care Delayed => C:\Program Files (x86)\OneSystemCare\OneSystemCare.exe [2017-12-26] () <==== ATTENTION
KLM\...\Run: [gplyra] => C:\Users\dober\AppData\Roaming\gplyra\gplyra\start.cmd [216 2017-01-10] () <==== ATTENTION
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Optimizer.exe] => C:\Users\dober\AppData\Local\Optimizer\Optimizer.exe [777728 2017-12-27] (www.xmrig.com)
HKU\S-1-5-21-2322154037-2640408679-1921954383-1001\...\Run: [HP Deskjet 3050A J611 series (NET)] => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-2322154037-2640408679-1921954383-1001\...\Run: [BitTorrent] => C:\Users\dober\AppData\Roaming\BitTorrent\BitTorrent.exe [2408648 2017-10-04] (BitTorrent Inc.)
HKU\S-1-5-21-2322154037-2640408679-1921954383-1001\...\Run: [Ivideon Server] => C:\Users\dober\AppData\Local\Ivideon\IvideonServer\IvideonServer.exe [5148880 2017-11-24] ()
HKU\S-1-5-21-2322154037-2640408679-1921954383-1001\...\Run: [7836906] => C:\Users\dober\AppData\Roaming\ztwfctf51xk\n1yowy1n2oi.exe [571271 2017-12-27] ( )
HKU\S-1-5-21-2322154037-2640408679-1921954383-1001\...\Run: [3744649] => C:\Users\dober\AppData\Roaming\r23jumgq32e\kalsw41h3ya.exe [571271 2017-12-27] ( )
HKU\S-1-5-21-2322154037-2640408679-1921954383-1001\...\Run: [comsrv] => rundll32.exe C:\Users\dober\AppData\Local\comsrv.dll,comsrv <==== ATTENTION
HKU\S-1-5-21-2322154037-2640408679-1921954383-1001\...\Run: [XNO2J2MZKXESS27] => C:\Program Files\1MZZE3R6PY\CBDNUCRV6.exe [669184 2017-12-27] (ITS4JCPY)
HKU\S-1-5-21-2322154037-2640408679-1921954383-1001\...\Run: [9838743] => C:\Users\dober\AppData\Roaming\5l3jn0hw3nc\0qlbrqg55uu.exe [571271 2017-12-27] ( )
HKU\S-1-5-21-2322154037-2640408679-1921954383-1001\...\Run: [5358013] => C:\Users\dober\AppData\Roaming\buxjhzgw1w4\gfr5julukwg.exe [571271 2017-12-27] ( )
HKU\S-1-5-21-2322154037-2640408679-1921954383-1001\...\Run: [KBY2A2E22C0T6GA] => C:\Program Files\NRDV6V0KIZ\QKWECZ9ZO.exe [669184 2017-12-27] (ITS4JCPY)
HKU\S-1-5-21-2322154037-2640408679-1921954383-1001\...\Run: [9575364] => C:\Users\dober\AppData\Roaming\vokeqdji5pb\nwx53src0ta.exe [571271 2017-12-27] ( )
HKU\S-1-5-21-2322154037-2640408679-1921954383-1001\...\Run: [3369766] => C:\Users\dober\AppData\Roaming\jskctmqopkz\reso2zqes15.exe [571271 2017-12-27] ( )
HKU\S-1-5-21-2322154037-2640408679-1921954383-1001\...\Run: [2375623] => C:\Users\dober\AppData\Roaming\jq0y5i03z2n\jrrilh4si2x.exe [571271 2017-12-27] ( )
HKU\S-1-5-21-2322154037-2640408679-1921954383-1001\...\Run: [ZH4BCO5X3EM9ZY4] => C:\Program Files\285FJ2UBT5\285FJ2UBT.exe [669184 2017-12-27] (EQ)
HKU\S-1-5-21-2322154037-2640408679-1921954383-1001\...\Run: [9732691] => C:\Users\dober\AppData\Roaming\i4fcgs5wir0\eegnhjii5nr.exe [571271 2017-12-27] ( )
HKU\S-1-5-21-2322154037-2640408679-1921954383-1001\...\Run: [9181635] => C:\Users\dober\AppData\Roaming\3oyqgzdwj0l\ozzm0p0wn01.exe [571271 2017-12-27] ( )
HKU\S-1-5-21-2322154037-2640408679-1921954383-1001\...\Run: [9FRT5JOCGFJ0VAG] => C:\Program Files\VM9AX2U6X3\VM9AX2U6X.exe [669184 2017-12-29] (ORTRK)
HKU\S-1-5-21-2322154037-2640408679-1921954383-1001\...\Run: [6159163] => C:\Users\dober\AppData\Roaming\jtu1wokqoim\jachdmsczsx.exe [697872 2017-12-29] (Goff )
Task: C:\WINDOWS\Tasks\BcyoMZkjXMgFaPP.job => C:\Program Files (x86)\umkISPBbU\jneqwq.dll
Task: C:\WINDOWS\Tasks\bku5694181861490539.job =>
Task: C:\WINDOWS\Tasks\bku6938649124603814.job =>
Task: C:\WINDOWS\Tasks\plaAVjRQXWCDePSecyr.job => C:\Program Files (x86)\aohGTEheqdnWC\DLaTHXO.dll
Task: C:\WINDOWS\Tasks\saKXaLnxQURzlMgex.job => C:\Program Files (x86)\RrHYXuUpocPTIXdsppR\EcJmUrf.dll
R2 8d35405c598ce5588b0f55b089d21195; C:\WINDOWS\8d35405c598ce5588b0f55b089d21195.dll [956416 2017-12-27] () [Fichier non signé]
S2 a6985661db2b7013dce93207d7ff3f7a; C:\Program Files\a6985661db2b7013dce93207d7ff3f7a\04fa54e9834c72420e91712842bd97e9.exe [472576 2017-12-26] () [Fichier non signé] <==== ATTENTION
S2 ByteFenceService; C:\Program Files\ByteFence\ByteFenceService.exe [156640 2017-10-03] (Byte Technologies LLC)
R2 rtop; C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe [302920 2017-12-29] ()
2017-10-23 07:15 - 2017-10-23 07:15 - 000000000 ____D C:\ProgramData\Wondershare
2017-10-23 07:08 - 2017-10-23 07:08 - 000000000 ____D C:\Users\dober\AppData\Local\Wondershare
2017-10-23 07:08 - 2017-04-11 10:57 - 000112840 _____ (Wondershare Software) C:\WINDOWS\system32\WSPDFelementMonitor.dll
2017-10-23 07:04 - 2017-10-23 07:15 - 000000000 ____D C:\Users\dober\AppData\Roaming\Wondershare
2017-12-27 19:07 - 2017-12-29 11:53 - 000000000 ____D C:\Users\dober\AppData\Local\chromium
2017-12-27 19:05 - 2018-01-13 14:05 - 000000000 ____D C:\ProgramData\{A9166C75-2354-E6B3-A592-78F13FD0F33F}
2017-12-27 19:04 - 2018-01-13 01:26 - 000000000 ____D C:\Program Files\ByteFence
2017-12-26 23:08 - 2017-12-26 23:08 - 000635904 _____ C:\WINDOWS\bdc7809b9257ae065373937cefde8151.exe
2017-12-26 23:08 - 2017-12-26 23:08 - 000105000 _____ C:\WINDOWS\system32\Drivers\0173b18fb9fbce7ac3a3ef20a419d20b.sys
2017-12-29 11:20 - 2018-01-04 10:08 - 000000004 _____ () C:\ProgramData\lock.dat
2017-07-05 18:19 - 2017-07-05 18:19 - 000015927 _____ () C:\Users\dober\excanvas.js
2017-12-29 12:08 - 2017-12-29 12:12 - 000000000 ____D C:\Users\dober\AppData\Local\{2A2A1C76-0E82-70CE-631A-55264772A9BE}
2017-12-29 12:04 - 2017-12-29 12:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ByteFence Anti-Malware
2017-07-05 18:19 - 2017-07-05 18:19 - 000093868 _____ () C:\Users\dober\jquery.js
2018-01-05 21:11 - 2018-01-08 20:29 - 000000000 ____D C:\ProgramData\{3633FD13-8198-4AB8-EFDC-C586CD662FA2}
2018-01-05 21:11 - 2018-01-08 20:29 - 000000000 ____D C:\ProgramData\{33DEA9E6-8475-1E4D-9980-E336C1EED1A5}
2018-01-05 21:11 - 2018-01-05 21:11 - 000000000 ____D C:\ProgramData\{B00A7A09-07A1-CDA2-FE82-53300E6EBCE0}
2018-01-05 21:08 - 2018-01-05 21:08 - 000003882 _____ C:\WINDOWS\System32\Tasks\{22CF225D-87DE-04CF-BDE9-273A5754C86F}
2018-01-05 21:07 - 2018-01-05 21:07 - 000000000 ____D C:\ProgramData\3a27e9bc-74f1-1
2018-01-05 21:07 - 2018-01-05 21:07 - 000000000 ____D C:\ProgramData\3a27e9bc-0041-0
2018-01-05 21:04 - 2018-01-06 14:56 - 000000000 ____D C:\ProgramData\d657cc79
2018-01-05 21:02 - 2018-01-05 21:02 - 000000000 ____D C:\ProgramData\{7f4b233f-712c-0}
2018-01-05 21:02 - 2018-01-05 21:02 - 000000000 ____D C:\ProgramData\{722b6e12-212c-1}
2018-01-05 21:02 - 2018-01-05 21:02 - 000000000 ____D C:\ProgramData\{6e7408c2-312c-1}
2018-01-05 21:02 - 2018-01-05 21:02 - 000000000 ____D C:\ProgramData\{50a77e54-512c-1}
2018-01-05 21:02 - 2018-01-05 21:02 - 000000000 ____D C:\ProgramData\{449960bf-612c-0}
2018-01-05 21:02 - 2018-01-05 21:02 - 000000000 ____D C:\ProgramData\{319e158d-612c-0}
2017-12-31 16:06 - 2018-01-08 18:06 - 000000052 _____ C:\Users\dober\AppData\Local\mLeDWpOhGZ
2018-01-08 19:22 - 2018-01-08 19:22 - 000000000 ____D C:\ProgramData\bd42fb6e-7f55-0
2018-01-08 19:22 - 2018-01-08 19:22 - 000000000 ____D C:\ProgramData\bd42fb6e-4a25-1
2018-01-08 16:17 - 2018-01-08 16:17 - 000000052 _____ C:\Users\dober\AppData\Local\8wne5tkb2q
2017-07-05 18:19 - 2017-07-05 18:19 - 000001395 _____ () C:\Users\dober\jquery.mousewheel.js
2017-07-05 18:19 - 2017-07-05 18:19 - 000015474 _____ () C:\Users\dober\wa_common_messages_fr.js
2017-07-05 18:19 - 2017-07-05 18:19 - 000001321 _____ () C:\Users\dober\wa_site_global_settings.js
2017-07-05 18:19 - 2017-07-05 18:19 - 000082376 _____ () C:\Users\dober\webacappella_core.js
2017-07-05 18:19 - 2017-07-05 18:19 - 000023188 _____ () C:\Users\dober\webacappella_dialog.js
2017-07-05 18:19 - 2017-07-05 18:19 - 000006864 _____ () C:\Users\dober\webacappella_form.js
2017-07-05 18:19 - 2017-07-05 18:19 - 000003883 _____ () C:\Users\dober\webacappella_patch_ie8.js
2017-07-05 18:19 - 2017-07-05 18:19 - 000009329 _____ () C:\Users\dober\webacappella_tools.js
2017-10-12 09:49 - 2017-10-12 09:50 - 000009591 _____ () C:\Program Files (x86)\DeviceManage Setup Log.txt
2017-12-29 11:08 - 2018-01-08 16:17 - 000000197 _____ () C:\Users\dober\AppData\Roaming\WB.CFG
2018-01-08 16:17 - 2018-01-08 16:17 - 000000052 _____ () C:\Users\dober\AppData\Local\8wne5tkb2q
2017-12-27 19:14 - 2017-12-27 19:14 - 000014848 _____ () C:\Users\dober\AppData\Local\comsrv.dll
2017-12-27 19:12 - 2017-12-27 19:12 - 000011568 _____ () C:\Users\dober\AppData\Local\InstallationConfiguration.xml
2017-12-27 19:12 - 2017-12-27 19:12 - 000140800 _____ () C:\Users\dober\AppData\Local\installer.dat
2017-12-31 16:06 - 2018-01-08 18:06 - 000000052 _____ () C:\Users\dober\AppData\Local\mLeDWpOhGZ
2017-12-27 19:14 - 2017-12-27 19:14 - 000003072 _____ () C:\Users\dober\AppData\Local\uninstallML.exe
2017-12-29 11:20 - 2018-01-04 10:10 - 000000012 _____ C:\ProgramData\rwi.chad
2017-12-29 11:20 - 2018-01-04 10:08 - 000000004 _____ C:\ProgramData\lock.dat
2017-12-29 11:08 - 2018-01-08 16:17 - 000000197 _____ C:\Users\dober\AppData\Roaming\WB.CFG
2017-12-29 10:14 - 2017-12-29 10:14 - 000000000 ____D C:\Users\dober\AppData\Roaming\jtu1wokqoim
2017-12-29 10:14 - 2017-12-29 10:14 - 000000000 ____D C:\Program Files\VM9AX2U6X3
2017-12-27 22:02 - 2017-12-27 22:02 - 000000000 ____D C:\Users\dober\AppData\Roaming\dwdz1iymclv
2017-12-27 22:01 - 2017-12-27 22:02 - 000000000 ____D C:\Program Files\E37V7MHN8M
2017-12-27 22:01 - 2017-12-27 22:01 - 000000000 ____D C:\Users\dober\AppData\Roaming\y42fnbaouzx
2017-12-27 22:01 - 2017-12-27 22:01 - 000000000 ____D C:\Users\dober\AppData\Roaming\3ihgnvp5r2w
2017-12-27 22:01 - 2017-12-27 22:01 - 000000000 ____D C:\ProgramData\b2b845186300457bafda28f94abc97c1
2017-12-27 22:01 - 2017-12-27 22:01 - 000000000 ____D C:\ProgramData\ad6c67290956483dbe710ab53e215790
2017-12-27 22:01 - 2017-12-27 22:01 - 000000000 ____D C:\ProgramData\9b78c5a37ba14b80af9302fa4d634e04
2017-12-27 22:00 - 2017-12-27 22:00 - 000000000 ____D C:\Program Files\EX7XHAM94F
2017-12-27 21:59 - 2017-12-27 21:59 - 000000000 ____D C:\Users\dober\AppData\Roaming\v051xpzjkvh
2017-12-27 21:54 - 2017-12-27 21:54 - 000000000 ____D C:\Users\dober\AppData\Roaming\wpufe34onij
2017-12-27 21:54 - 2017-12-27 21:54 - 000000000 ____D C:\Users\dober\AppData\Roaming\b7256edec16840178304f1140fa40c2f
2017-12-27 21:54 - 2017-12-27 21:54 - 000000000 ____D C:\Users\dober\AppData\Roaming\6b7539e006b94c718f8346556f995e47
2017-12-27 21:54 - 2017-12-27 21:54 - 000000000 ____D C:\ProgramData\cd228e3164e6495c8774832bf07c1a34
2017-12-27 21:54 - 2017-12-27 21:54 - 000000000 ____D C:\Program Files\NCE7HGUTLU
2017-12-27 21:53 - 2017-12-27 21:53 - 000000000 ____D C:\Users\dober\AppData\Roaming\xnhgsgdpvos
2017-12-27 21:53 - 2017-12-27 21:53 - 000000000 ____D C:\Users\dober\AppData\Roaming\odvojjqe1bt
2017-12-27 21:51 - 2017-12-27 21:52 - 000000000 ____D C:\Program Files\2ANHOAV4KY
2017-12-27 21:51 - 2017-12-27 21:51 - 000000000 ____D C:\Users\dober\AppData\Roaming\yscz4cydadw
2017-12-27 21:47 - 2017-12-27 21:47 - 000000000 ____D C:\Users\dober\AppData\Roaming\px3dh1zha2p
2017-12-27 21:47 - 2017-12-27 21:47 - 000000000 ____D C:\Users\dober\AppData\Roaming\iv50yhtvheg
2017-12-27 21:47 - 2017-12-27 21:47 - 000000000 ____D C:\Users\dober\AppData\Local\870efd732a6644a4be7ec741b16af3d7
2017-12-27 21:47 - 2017-12-27 21:47 - 000000000 ____D C:\ProgramData\be49eccd1e024959a271a9f6873021a1
2017-12-27 21:45 - 2017-12-27 21:45 - 000000000 ____D C:\Users\dober\AppData\Roaming\3oyqgzdwj0l
2017-12-27 21:45 - 2017-12-27 21:45 - 000000000 ____D C:\Program Files\A9UKCAIIT2
2017-12-27 21:30 - 2017-12-27 21:30 - 000000000 ____D C:\Users\dober\AppData\Roaming\e7a2ae2fcd4d437da74214a996aac702
2017-12-27 21:30 - 2017-12-27 21:30 - 000000000 ____D C:\Users\dober\AppData\Local\c793522756604384938328eea2b68a50
2017-12-27 21:19 - 2017-12-27 21:19 - 000000000 ____D C:\Users\dober\AppData\Roaming\a366b062e0ae4e08a58ebbe1baccbd6e
2017-12-27 21:19 - 2017-12-27 21:19 - 000000000 ____D C:\ProgramData\26f3ea499996453587da207d41bc7c44
2017-12-27 21:12 - 2017-12-27 21:12 - 000000420 _____ C:\WINDOWS\Tasks\bku6938649124603814.job
2017-12-27 21:12 - 2017-12-27 21:12 - 000000000 ____D C:\Users\dober\AppData\Roaming\tyf3ts1t2zr
2017-12-27 21:12 - 2017-12-27 21:12 - 000000000 ____D C:\Users\dober\AppData\Roaming\kngidiw13hd
2017-12-27 21:12 - 2017-12-27 21:12 - 000000000 ____D C:\Users\dober\AppData\Roaming\doxacwgdqz4
2017-12-27 21:12 - 2017-12-27 21:12 - 000000000 ____D C:\ProgramData\f5ec1bdc934845049adbcf704a976b85
2017-12-27 21:11 - 2018-01-12 18:21 - 000000000 ____D C:\Users\dober\AppData\Roaming\98798349c8014fea9d76c346e5f923ec
2017-12-27 21:11 - 2017-12-27 21:11 - 000000000 ____D C:\ProgramData\703c07e8a68d42df8d1fff4c24e42489
2017-12-27 21:10 - 2017-12-27 21:10 - 000000000 ____D C:\Users\dober\AppData\Roaming\0qv0fiijlwy
2017-12-27 21:10 - 2017-12-27 21:10 - 000000000 ____D C:\Program Files\RWC45WBKSW
2017-12-27 20:59 - 2017-12-27 20:59 - 000000000 ____D C:\Program Files\HBSPNARAE6
2017-12-27 20:58 - 2017-12-27 20:58 - 000000000 ____D C:\Users\dober\AppData\Roaming\pvsz5rwnqit
2017-12-27 20:58 - 2017-12-27 20:58 - 000000000 ____D C:\Users\dober\AppData\Roaming\hlhwtlpnn4j
2017-12-27 20:57 - 2017-12-27 20:57 - 000000000 ____D C:\Users\dober\AppData\Roaming\i4fcgs5wir0
2017-12-27 20:57 - 2017-12-27 20:57 - 000000000 ____D C:\Program Files\285FJ2UBT5
2017-12-27 20:37 - 2017-12-27 20:37 - 000002882 _____ C:\WINDOWS\System32\Tasks\plaAVjRQXWCDePSecyr2
2017-12-27 20:37 - 2017-12-27 20:37 - 000002658 _____ C:\WINDOWS\System32\Tasks\plaAVjRQXWCDePSecyr
2017-12-27 20:36 - 2017-12-27 21:04 - 000000330 _____ C:\WINDOWS\Tasks\plaAVjRQXWCDePSecyr.job
2017-12-27 20:36 - 2017-12-27 20:47 - 000000000 ____D C:\Program Files (x86)\aohGTEheqdnWC
2017-12-27 20:33 - 2017-12-27 21:04 - 000000342 _____ C:\WINDOWS\Tasks\saKXaLnxQURzlMgex.job
2017-12-27 20:33 - 2017-12-27 20:33 - 000002890 _____ C:\WINDOWS\System32\Tasks\saKXaLnxQURzlMgex2
2017-12-27 20:33 - 2017-12-27 20:33 - 000002666 _____ C:\WINDOWS\System32\Tasks\saKXaLnxQURzlMgex
2017-12-27 20:33 - 2017-12-27 20:33 - 000000000 ____D C:\Program Files (x86)\RrHYXuUpocPTIXdsppR
2017-12-27 20:31 - 2017-12-27 20:31 - 000003214 _____ C:\WINDOWS\System32\Tasks\pnIxobGIUDXdNt
2017-12-27 20:30 - 2017-12-27 20:31 - 000000000 ____D C:\Program Files (x86)\TwPufLOWyrxU2
2017-12-27 20:30 - 2017-12-27 20:30 - 000002864 _____ C:\WINDOWS\System32\Tasks\BcyoMZkjXMgFaPP2
2017-12-27 20:29 - 2017-12-27 20:29 - 000000000 ____D C:\Program Files (x86)\qTTaaczyWvUn
2017-12-27 20:28 - 2017-12-27 20:29 - 000000000 ____D C:\Program Files (x86)\GBeMZXQZBIE
2017-12-27 20:27 - 2017-12-27 21:04 - 000000320 _____ C:\WINDOWS\Tasks\BcyoMZkjXMgFaPP.job
2017-12-27 20:27 - 2017-12-27 20:30 - 000000000 ____D C:\Program Files (x86)\umkISPBbU
2017-12-27 20:27 - 2017-12-27 20:27 - 000002640 _____ C:\WINDOWS\System32\Tasks\BcyoMZkjXMgFaPP
2017-12-27 20:24 - 2017-12-27 20:24 - 000000000 ____D C:\Program Files (x86)\System Native
2017-12-27 20:21 - 2017-12-27 20:21 - 000000000 ____D C:\Program Files\1HK5H1S8TH
2017-12-27 20:19 - 2017-12-27 20:19 - 000000000 ____D C:\Users\dober\AppData\Roaming\jskctmqopkz
2017-12-27 20:19 - 2017-12-27 20:19 - 000000000 ____D C:\Users\dober\AppData\Roaming\jq0y5i03z2n
2017-12-27 20:18 - 2017-12-27 20:20 - 000000000 ____D C:\Program Files\NRDV6V0KIZ
2017-12-27 20:18 - 2017-12-27 20:18 - 000000000 ____D C:\Users\dober\AppData\Roaming\buxjhzgw1w4
2017-12-27 20:17 - 2018-01-12 18:14 - 000000000 ____D C:\Users\dober\AppData\Local\ce8fd88eda8349a0975b56eb98741f0a
2017-12-27 20:17 - 2017-12-27 20:17 - 000000000 ____D C:\Users\dober\AppData\Roaming\vokeqdji5pb
2017-12-27 20:17 - 2017-12-27 20:17 - 000000000 ____D C:\Users\dober\AppData\Roaming\bb7dc5f4daf0446bb545ba39b60a3c8f
2017-12-27 20:16 - 2017-12-27 20:16 - 000000000 ____D C:\Users\dober\AppData\Roaming\5l3jn0hw3nc
2017-12-27 20:16 - 2017-12-27 20:16 - 000000000 ____D C:\Program Files\1MZZE3R6PY
2017-12-27 20:08 - 2017-12-29 11:25 - 000000000 ____D C:\Users\dober\AppData\LocalLow\BitTorrent
2017-12-27 20:08 - 2017-12-27 20:08 - 000003084 _____ C:\WINDOWS\System32\Tasks\bku5694181861490539
2017-12-27 20:08 - 2017-12-27 20:08 - 000000420 _____ C:\WINDOWS\Tasks\bku5694181861490539.job
2017-12-27 20:08 - 2017-12-27 20:08 - 000000000 ____D C:\Users\dober\AppData\Roaming\yfuqyzfilfl
2017-12-27 19:28 - 2017-12-27 20:28 - 000001267 _____ C:\Users\Public\Desktop\Download icq.lnk
2017-12-27 19:25 - 2017-12-27 19:25 - 000000000 ____D C:\Users\dober\AppData\Roaming\EpicNet Inc
2017-12-27 19:23 - 2017-12-27 19:23 - 000009352 _____ C:\WINDOWS\system32\Drivers\Winmon.sys
2017-12-27 19:21 - 2018-01-05 21:07 - 000000000 ____D C:\ProgramData\52a3048a-1a61-1
2017-12-27 19:21 - 2018-01-05 21:02 - 000000000 ____D C:\ProgramData\52a3048a-47f5-0
2017-12-27 19:21 - 2017-12-27 19:22 - 008319384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntkrnlmp.exe
2017-12-27 19:21 - 2017-12-27 19:22 - 001186464 _____ (Microsoft Corporation) C:\WINDOWS\system32\osloader.exe
2017-12-27 19:21 - 2017-12-27 19:21 - 000003674 _____ C:\WINDOWS\System32\Tasks\FastDataX Task
2017-12-27 19:20 - 2017-12-27 19:20 - 000000000 ____D C:\Program Files (x86)\FastDataX
2017-12-27 19:19 - 2017-12-29 12:31 - 000000000 ___HD C:\WINDOWS\rss
2017-12-27 19:19 - 2017-12-27 19:19 - 000000000 ____D C:\Users\dober\AppData\Local\FastDataX
2017-12-27 19:18 - 2017-12-27 19:18 - 000956416 _____ C:\WINDOWS\8d35405c598ce5588b0f55b089d21195.dll
2017-12-27 19:17 - 2018-01-13 14:58 - 000003300 _____ C:\WINDOWS\System32\Tasks\a6985661db2b7013dce93207d7ff3f7a
2017-12-27 19:17 - 2017-12-27 19:24 - 000000000 ____D C:\WINDOWS\SysWOW64\SSL
2017-12-27 19:17 - 2017-12-27 19:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Healer
2017-12-27 19:16 - 2017-12-27 19:16 - 000024722 _____ C:\WINDOWS\System32\Tasks\{7A0F7F47-7E7D-057D-0B11-7A09040E117A}
2017-12-27 19:16 - 2017-12-27 19:16 - 000003682 _____ C:\WINDOWS\System32\Tasks\OneSystemCare Task
2017-12-27 19:16 - 2017-12-27 19:16 - 000001128 _____ C:\Users\dober\Desktop\Launch System Healer.lnk
2017-12-27 19:16 - 2017-12-27 19:16 - 000000000 ____D C:\Users\dober\AppData\Roaming\02o0tdocgam
2017-12-27 19:15 - 2018-01-05 21:05 - 000000000 ____D C:\ProgramData\bd42fb6e-0fb5-0
2017-12-27 19:15 - 2017-12-27 19:17 - 000000000 ____D C:\Program Files (x86)\SystemHealer
2017-12-27 19:15 - 2017-12-27 19:15 - 000004022 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateSecurityTaskMachine_VI
2017-12-27 19:15 - 2017-12-27 19:15 - 000000000 ____D C:\Windat
2017-12-27 19:15 - 2017-12-27 19:15 - 000000000 ____D C:\Users\dober\AppData\Roaming\System Healer
2017-12-27 19:14 - 2018-01-06 16:23 - 000000000 ____D C:\Users\dober\AppData\Local\09ebac3f83904554b37be92650e59af4
2017-12-27 19:14 - 2018-01-06 15:15 - 000000000 ____D C:\Disk
2017-12-27 19:14 - 2018-01-05 21:06 - 000000000 ____D C:\ProgramData\bd42fb6e-3b31-1
2017-12-27 19:14 - 2017-12-27 20:26 - 000000000 ____D C:\Program Files\a6985661db2b7013dce93207d7ff3f7a
2017-12-27 19:14 - 2017-12-27 19:20 - 000000000 ____D C:\Users\dober\AppData\Roaming\gplyra
2017-12-27 19:14 - 2017-12-27 19:15 - 000000000 ____D C:\ProgramData\18dd7888a58b4bd0acdd8a5b53e39af1
2017-12-27 19:14 - 2017-12-27 19:15 - 000000000 ____D C:\Program Files\P2HALUP2Y9
2017-12-27 19:14 - 2017-12-27 19:14 - 000014848 _____ C:\Users\dober\AppData\Local\comsrv.dll
2017-12-27 19:14 - 2017-12-27 19:14 - 000004098 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateSecurityTaskMachine_LX
2017-12-27 19:14 - 2017-12-27 19:14 - 000004078 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateSecurityTaskMachine_QW
2017-12-27 19:14 - 2017-12-27 19:14 - 000003072 _____ C:\Users\dober\AppData\Local\uninstallML.exe
2017-12-27 19:14 - 2017-12-27 19:14 - 000000000 ____D C:\Users\dober\AppData\Roaming\t4abg23r3z5
2017-12-27 19:14 - 2017-12-27 19:14 - 000000000 ____D C:\Users\dober\AppData\Roaming\lha21d1qcqg
2017-12-27 19:14 - 2017-12-27 19:14 - 000000000 ____D C:\Users\dober\AppData\Roaming\13of3mu0evx
2017-12-27 19:14 - 2017-12-27 19:14 - 000000000 ____D C:\Users\dober\AppData\Local\SystemHealer
2017-12-27 19:13 - 2017-12-29 10:48 - 000000000 ____D C:\ProgramData\460b41ecb97b4471b5b0896044c113b2
2017-12-27 19:13 - 2017-12-29 10:40 - 000000000 ____D C:\Users\dober\AppData\Local\AdService
2017-12-27 19:13 - 2017-12-27 19:13 - 000004098 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateSecurityTaskMachine_XV
2017-12-27 19:13 - 2017-12-27 19:13 - 000004022 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateSecurityTaskMachine_DS
2017-12-27 19:13 - 2017-12-27 19:13 - 000000000 ____D C:\Users\dober\AppData\Roaming\System Native
2017-12-27 19:13 - 2017-12-27 19:13 - 000000000 ____D C:\Users\dober\AppData\Roaming\r23jumgq32e
2017-12-27 19:13 - 2017-12-27 19:13 - 000000000 ____D C:\Program Files\25BFSENXVP
2017-12-27 19:12 - 2018-01-13 14:40 - 000002630 _____ C:\WINDOWS\System32\Tasks\One System Care Monitor
2017-12-27 19:12 - 2018-01-13 14:40 - 000002622 _____ C:\WINDOWS\System32\Tasks\One System Care Delayed
2017-12-27 19:12 - 2018-01-12 19:50 - 000000000 ____D C:\Program Files (x86)\texttotalk
2017-12-27 19:12 - 2018-01-05 21:21 - 000000000 ____D C:\ProgramData\dahcService
2017-12-27 19:12 - 2017-12-29 11:51 - 000000000 ____D C:\Program Files (x86)\boostPc
2017-12-27 19:12 - 2017-12-27 22:01 - 000930816 _____ C:\Users\dober\AppData\Local\po.db
2017-12-27 19:12 - 2017-12-27 19:13 - 000000000 ____D C:\Users\dober\AppData\Roaming\ryntkmyou23
2017-12-27 19:12 - 2017-12-27 19:13 - 000000000 ____D C:\Program Files\NDOCG9G10C
2017-12-27 19:12 - 2017-12-27 19:12 - 000140800 _____ C:\Users\dober\AppData\Local\installer.dat
2017-12-27 19:12 - 2017-12-27 19:12 - 000011568 _____ C:\Users\dober\AppData\Local\InstallationConfiguration.xml
2017-12-27 19:12 - 2017-12-27 19:12 - 000002229 ___RS C:\Users\Public\Desktop\Вrothеr Utilities.lnk
2017-12-27 19:12 - 2017-12-27 19:12 - 000001140 _____ C:\Users\dober\Desktop\Launch One System Care.lnk
2017-12-27 19:12 - 2017-12-27 19:12 - 000000000 ____D C:\Users\Public\Documents\XMUpdate
2017-12-27 19:12 - 2017-12-27 19:12 - 000000000 ____D C:\Users\dober\AppData\Roaming\ztwfctf51xk
2017-12-27 19:12 - 2017-12-27 19:12 - 000000000 ____D C:\Users\dober\AppData\Roaming\One System Care
2017-12-27 19:12 - 2017-12-27 19:12 - 000000000 ____D C:\Users\dober\AppData\Local\Optimizer
2017-12-27 19:12 - 2017-12-27 19:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\One System Care
2017-12-27 19:12 - 2017-12-27 19:12 - 000000000 ____D C:\Program Files (x86)\OneSystemCare
2017-12-27 19:11 - 2017-12-30 17:47 - 000000000 ____D C:\Program Files (x86)\ipufzwyuqnl
2017-12-27 19:11 - 2017-12-29 12:01 - 000000000 ____D C:\Program Files (x86)\Multitimer
2017-12-27 19:11 - 2017-12-27 19:12 - 000000000 ____D C:\Users\dober\AppData\Roaming\Browsers
2017-12-27 19:11 - 2017-12-27 19:11 - 000001361 ___RS C:\Users\dober\Desktop\Сhrоmium.lnk
2017-12-27 19:11 - 2017-12-27 19:11 - 000001347 ___RS C:\Users\dober\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Сhromium.lnk
Hosts:
EmptyTemp:
RemoveProxy:
Reboot:
Enregistre le contenu par le menu fichier puis enregistrer.
Ferme le bloc-note, retourne sur FRST et clique sur le bouton "Corriger / Fix"
Un redémarrage sera peut-être nécessaire et automatique.
Un fichier texte apparaît, copie/colle le contenu ici dans un nouveau message.
Redémarre l'ordinateur.
2°)
Réinitialise/Répare les navigateurs WEB concernés par les problèmes :
- Réparer Mozilla Firefox (premier paragraphe)
- Réparer Google Chrome (seulement le premier paragraphe).
3°)
Termine par un nettoyage Malwarebytes - Tutoriel Malwarebytes Anti-Malware version gratuite
4°)
Vois ce que cela donne et si des améliorations ont eu lieu.
Si ce n'est pas le cas, si tu as encore des pages de pubs intempestives, précise sur quel navigateur WEB.
Refais un scan FRST et donne les nouveaux rapports via pjjoint.
14 janv. 2018 à 23:13
https://pjjoint.malekal.com/files.php?id=20180114_u6g9r11r11w11
https://pjjoint.malekal.com/files.php?id=20180114_u6g9r11r11w11
ça ne m'a sorti que ces deux rapports
14 janv. 2018 à 23:21
15 janv. 2018 à 12:54
15 janv. 2018 à 13:00
https://pjjoint.malekal.com/files.php?id=20180114_u6g9r11r11w11
15 janv. 2018 à 15:33
il manque le rapport FRST.txt