Infection pages de pubs s'ouvrent constamment

Aide à la désinfection pour supprimer les virus, adwares, ransomwares, trojans.

Modérateurs : Mods Windows, Helper

Hugod98
Messages : 2
Inscription : 30 sept. 2017 00:01

Infection pages de pubs s'ouvrent constamment

Message par Hugod98 » 30 sept. 2017 00:09

Bonsoir,
Je pense que mon pc sous windows 10 à été infecté. Des pages de pubs s'ouvrent constamment et mon ordinateur est plus lent. J'aimerais savoir comment remédier à cela. J'ai donc effectuer une analyse FRST, voici mes 3 fichiers:

https://pjjoint.malekal.com/files.php?i ... 6r11l10i11

https://pjjoint.malekal.com/files.php?i ... 7t5z9w10u7

https://pjjoint.malekal.com/files.php?i ... 14s15t5f12

Est-ce que quelqu'un pourrait m'aider s'il vous plaît ?
Merci d'avance.


Avatar de l’utilisateur
angelique
Geek à longue barbe
Geek à longue barbe
Messages : 27723
Inscription : 28 févr. 2008 14:58
Localisation : Breizhilienne à l' 0u3st
Contact :

Re: InfectionInfection pages de pubs s'ouvrent constamment

Message par angelique » 30 sept. 2017 09:25

Bonjour,

Faire déjà ça , ça va enlever déjà des merdes.
  • Ouvre le bloc-notes : Menu Démarrer / Tous les programmes / Accessoires et Bloc-Notes. (ou executer➫notepad)
    Copie/colle dedans ce qui suit :

    Code : Tout sélectionner

    Task: {03A7456B-4F9E-4237-8193-CCD35530F12D} - System32\Tasks\{74B260FE-82EE-7264-321A-3F3B2ADCFA52} => C:\Program Files (x86)\Common Files\Rikafosos\updane.exe [2013-04-30] ()
    Task: {05C55C60-4D50-4F57-8F8A-45E88F6A0DE0} - System32\Tasks\75n721n352d507-dll => C:\WINDOWS\system32\rundll32.exe [2017-03-18] (Microsoft Corp.)
    Task: {094C8D39-9690-4A84-8C4D-AD7DD163DB83} - System32\Tasks\microsoft-windowscommunicationsapps_17-8016-42007-0_x64__8wekyb3d8bbwe\hxtsr => C:\WINDOWS\system32\rundll32.exe [2017-03-18] ()
    Task: {0D2D3778-9FA9-466A-A761-126585C89F22} - System32\Tasks\{2C00A7BC-B0D0-37B6-52E3-018E40BA7DFE} => C:\Program Files (x86)\Common Files\wincy\sync.exe [2013-04-25] ()
    Task: {0D44D2B3-00EC-4DCB-9149-CF45CF5011DA} - System32\Tasks\steamerrorreporter => C:\WINDOWS\system32\rundll32.exe [2013-04-25] () <==== ATTENTION
    Task: {1031A385-358F-4B41-8144-F2861FB9F61E} - System32\Tasks\temp\bfa3 => C:\WINDOWS\system32\rundll32.exe [2013-04-25] ()
    Task: {13FBBF5C-60F5-44AE-8A13-2E39DAA74836} - System32\Tasks\microsoft-zunevideo_10 => C:\WINDOWS\system32\rundll32.exe [2016-05-24] ()
    Task: {14C1D271-CC4F-4F22-8DFD-C87895A961D1} - System32\Tasks\temp\7ef0-tmp => C:\WINDOWS\system32\rundll32.exe [2016-05-24] ()
    Task: {18F513DF-35A9-406A-AD52-142AE3AA81B6} - System32\Tasks\microsoft-skypeapp_11-13-133 => C:\WINDOWS\system32\rundll32.exe [2016-05-24] ()
    Task: {1983D285-C248-481C-AA41-3940BA8E5747} - System32\Tasks\9e2f88e3-twitter_5-6-1-0_x86__wgeqdkkx372wm\twitter => C:\WINDOWS\system32\rundll32.exe [2016-05-24] ()
    Task: {1DA2411F-59BF-45ED-A654-B64EA06A2F2F} - System32\Tasks\microsoft-microsoftofficehub_17-8017 => C:\WINDOWS\system32\rundll32.exe [2017-06-20] (Microsoft Corporation)
    Task: {1E3C0307-1873-4DC5-A94F-76E135143A2E} - System32\Tasks\nvidia\nvbackend\packages\00009e20\dao => C:\WINDOWS\system32\rundll32.exe [2017-06-20] ()
    Task: {1FEB7981-3172-4F47-AF04-96709D8E3A53} - System32\Tasks\microsoft-zunevideo_10-17012 => C:\WINDOWS\system32\rundll32.exe [2017-06-20] ()
    Task: {22B4C8C2-D488-4276-88DD-2379B2522940} - System32\Tasks\temp\b15-tmp => C:\WINDOWS\system32\rundll32.exe [2017-06-20] ()
    Task: {25723B43-2E85-4EB0-B8E4-D7AA3E8512BD} - System32\Tasks\microsoft-windowscommunicationsapps_17-8008-42007-0_x64__8wekyb3d8bbwe\hxtsr => C:\WINDOWS\system32\rundll32.exe [2017-03-18] (Microsoft Corporation)
    Task: {2601F660-893C-4393-838C-DF4C71305CF3} - System32\Tasks\king-com-candycrushsodasaga_1-86-700 => C:\WINDOWS\system32\rundll32.exe [2017-03-18] ()
    Task: {260EE142-8435-4FFD-859B-39E28AEAF80C} - System32\Tasks\microsoft-zunevideo_10-17012-10301-0_x64__8wekyb3d8bbwe\video => C:\WINDOWS\system32\rundll32.exe [2017-03-18] ()
    Task: {26616ADE-B351-4D68-91FC-56C19B55083F} - System32\Tasks\microsoft-skypeapp_11-12-112 => C:\WINDOWS\system32\rundll32.exe [2017-03-18] ()
    Task: {26CADAD5-222F-4BAB-B358-AF882BADF425} - System32\Tasks\nvidia\nvbackend\packages\00009e20\dao-21837207 => C:\WINDOWS\system32\rundll32.exe [2017-03-18] ()
    Task: {29B7B917-FE3A-4152-B729-EE3C7FA814AB} - System32\Tasks\microsoft-windowscommunicationsapps_17-8016-42007 => C:\WINDOWS\system32\rundll32.exe [2017-03-18] ()
    Task: {2DC4D9BB-0CD5-4C69-A719-9ECCAAFF6BEC} - System32\Tasks\microsoft-windowscommunicationsapps_17-8016 => C:\WINDOWS\system32\rundll32.exe [2017-03-18] ()
    Task: {2EB73F69-2772-4D29-B4C2-17F2946A24FC} - System32\Tasks\temp\c188-tmp => C:\WINDOWS\system32\rundll32.exe [2017-03-18] ()
    Task: {3270BB5B-D963-4C00-BFA0-5683F1A7B579} - System32\Tasks\microsoft-windows-photos_17-313-10010-0_x64__8wekyb3d8bbwe\microsoft => C:\WINDOWS\system32\rundll32.exe [2017-03-18] ()
    Task: {3355FF0E-3750-4173-B202-225D04EF0ADE} - System32\Tasks\microsoft-windowscommunicationsapps_17-8021-42017 => C:\WINDOWS\system32\rundll32.exe [2017-03-18] ()
    Task: {340EE897-D357-44D1-8219-7E5A5CD86EBD} - System32\Tasks\temp\5d8fbe20-d7a0-403f-86ed-97d95d200ca1\dismhost-exe => C:\WINDOWS\system32\rundll32.exe [2017-03-18] (Microsoft Corporation)
    Task: {3563FD62-3164-4D05-9BE1-2A5F75BD6F00} - System32\Tasks\nvidia\nvbackend\packages\00009ebc\dao => C:\WINDOWS\system32\rundll32.exe [2017-03-18] ()
    Task: {358D696F-5DD7-4A65-9214-6520942702EE} - System32\Tasks\microsoft-zunevideo_10-17022-10311-0_x64__8wekyb3d8bbwe\video => C:\WINDOWS\system32\rundll32.exe [2017-03-18] ()
    Task: {35B440D6-F535-43C4-A8F6-296BB54E522C} - System32\Tasks\temp\6fc8-tmp => C:\WINDOWS\system32\rundll32.exe [2017-03-18] ()
    Task: {38476AEA-7CE7-436F-BC14-F2CB770E85A6} - System32\Tasks\temp\2698-tmp => C:\WINDOWS\system32\rundll32.exe [2015-09-22] ()
    Task: {392216D2-369E-4E99-80AF-ABEB058C337D} - System32\Tasks\king-com-candycrushsodasaga_1-86-700-0_x86__kgqvnymyfvs32\stritz => C:\WINDOWS\system32\rundll32.exe [2015-09-22] ()
    Task: {39376BFD-68A5-4313-9D44-8B4192A84B85} - System32\Tasks\{8359b~1\lala => C:\WINDOWS\system32\rundll32.exe [2015-09-22] ()
    Task: {39C815F2-B147-4EAD-9BD0-1301EE656763} - System32\Tasks\microsoft-windowscommunicationsapps_17-8008-42007 => C:\WINDOWS\system32\rundll32.exe [2015-09-22] ()
    Task: {3F7A2CF7-4EB5-4236-98A6-C0C85F35BCA8} - System32\Tasks\microsoft-windowscommunicationsapps_17-8021-42367 => C:\WINDOWS\system32\rundll32.exe [2017-03-18] (Microsoft Corporation)
    Task: {3FD59390-56FE-4AEE-82AA-9F94C9EC7CF4} - System32\Tasks\microsoft-windows-photos_17 => C:\WINDOWS\system32\rundll32.exe [2017-03-18] ()
    Task: {4037A2CA-9234-4E61-ACB7-ECC486F5CA36} - System32\Tasks\temp\nna089-tmp => C:\WINDOWS\system32\rundll32.exe [2017-03-18] ()
    Task: {43A02E67-339F-4819-AE33-1CAA21AD1AB3} - System32\Tasks\temp\9ee9-tmp => C:\WINDOWS\system32\rundll32.exe [2016-08-01] ()
    Task: {57C17C9E-5732-40AA-A780-3EBEE3C45B65} - System32\Tasks\{194D220C-70E7-A599-F93E-0DF4F4D29D32} => C:\Users\hugi6\AppData\Roaming\194d220c70e7a599f93e0df4f4d29d32\productupdt.exe [2013-04-27] ()
    Task: {62F0733B-90FD-44EA-8571-718EDE4C4562} - System32\Tasks\temp\e892e5a9-0138-4362-b8d8-ebe673071e64\dismhost => C:\WINDOWS\system32\rundll32.exe [2017-06-20] ()
    Task: {6420B23B-16DA-4B28-870E-812934C4C943} - System32\Tasks\microsoft-windowscommunicationsapps_17-8021-42017-0_x64__8wekyb3d8bbwe\hxtsr => C:\WINDOWS\system32\rundll32.exe [2017-06-20] ()
    Task: {745BDA8E-BEF8-421D-95BB-86DC21EB0928} - System32\Tasks\temp\cr_8f46a-tmp\setup => C:\WINDOWS\system32\rundll32.exe [2017-03-18] ()
    Task: {748D3886-3D7B-46AF-AEBF-6F26C6CD71DE} - System32\Tasks\google\chrome\user data\swreporter\17-98 => C:\WINDOWS\system32\rundll32.exe [2017-03-18] ()
    Task: {799AC654-A37D-49AA-B0F3-433D7D5EBBD9} - System32\Tasks\Microsoft\Windows\WCM\WiFiTask
    Task: {7D43A782-EBE0-4BFA-B5BE-1FF3DE544FEF} - System32\Tasks\google\chrome\user data\swreporter\17-97-3\software_reporter_tool => C:\WINDOWS\system32\rundll32.exe [2016-03-24] ()
    Task: {7DB96628-292E-4F58-8603-0C8B7439EC95} - System32\Tasks\75n721n352d507 => C:\WINDOWS\system32\rundll32.exe [2017-03-20] (Microsoft Corporation)
    Task: {817118CE-E472-4E0D-9AF0-CD5A8EF9B006} - System32\Tasks\chromium\application\chrome => C:\WINDOWS\system32\rundll32.exe [2017-03-20] (Microsoft Corporation)
    Task: {84DE1495-A222-4262-8FF9-DEF0E9AB739F} - System32\Tasks\microsoft-windows-photos_17-214-10010 => C:\WINDOWS\system32\rundll32.exe [2017-03-18] (Microsoft Corporation)
    Task: {86BA3DA8-30B9-4459-9516-CED0EC309064} - System32\Tasks\{C3A68A69-7C62-4FF0-A868-8C342EDAB710} => C:\WINDOWS\system32\pcalua.exe [2017-03-18] ()
    Task: {953C9EA1-1F32-4567-9B6F-85A00D1BDF7B} - System32\Tasks\rzwizard\rzwizard => C:\WINDOWS\system32\rundll32.exe [2017-03-18] ()
    Task: {97134709-3E0F-4C1B-9DF0-634C9FB0EEA1} - System32\Tasks\discord\update => C:\WINDOWS\system32\rundll32.exe [2017-03-18] ()
    Task: {A7FF36E5-D708-4A49-B712-A1AB2ACED2ED} - System32\Tasks\temp\cr_76ce7-tmp\setup => C:\WINDOWS\system32\rundll32.exe [2017-03-18] (Microsoft Corporation)
    Task: {A80A9BED-1495-4F46-9CFC-3429DF233B4D} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-28] ()
    Task: {A90ECE58-0519-4E3F-B944-384AADFC32E2} - System32\Tasks\bin\cef\cef-win7\steamwebhelper-exe => C:\WINDOWS\system32\rundll32.exe [2017-09-28] () <==== ATTENTION
    Task: {B1D37E77-695E-479B-BD61-7C461CEDE26F} - System32\Tasks\temp\9ee9 => C:\WINDOWS\system32\rundll32.exe [2017-03-18] (Microsoft Corporation)
    Task: {B3F70AF9-2FCB-405F-87C5-7F94666411CE} - System32\Tasks\temp\2a08-tmp => C:\WINDOWS\system32\rundll32.exe [2017-03-18] ()
    Task: {B475CE8F-C916-4EDF-9438-1E58579E1FF1} - System32\Tasks\microsoft-zunevideo_10-17012-10301 => C:\WINDOWS\system32\rundll32.exe [2017-03-18] ()
    Task: {B49E943A-69F8-4374-946B-9BBC50F6E85C} - System32\Tasks\temp\bfa3-tmp => C:\WINDOWS\system32\rundll32.exe [2017-03-18] ()
    Task: {BFC3C9B1-A1D3-4D18-9C66-D94140421298} - System32\Tasks\bin\cef\cef-win7\steamwebhelper => C:\WINDOWS\system32\rundll32.exe [2017-03-18] (Microsoft Corporation) <==== ATTENTION
    Task: {C34F2A89-BBBC-4714-8D70-06257FDA7C35} - System32\Tasks\temp\cr_76ce7 => C:\WINDOWS\system32\rundll32.exe [2017-03-18] (Microsoft Corporation)
    Task: {C54320CF-F9C0-461D-9E4E-39819637D4A4} - System32\Tasks\temp\nna089 => C:\WINDOWS\system32\rundll32.exe [2017-03-18] (Microsoft Corporation)
    Task: {C63EB0BC-BCF6-40DE-8BAE-AE559417C6E9} - System32\Tasks\microsoft-zunevideo_10-17022-10311-0_x64__8wekyb3d8bbwe\video-ui => C:\WINDOWS\system32\rundll32.exe [2017-03-18] ()
    Task: {CE29054C-5D8E-43FC-93E1-B050A2BF7C5C} - System32\Tasks\king-com-candycrushsodasaga_1-86 => C:\WINDOWS\system32\rundll32.exe [2017-03-18] (Microsoft Corporation)
    Task: {E3BE5683-34F3-4993-BB34-9026D9E07633} - System32\Tasks\temp\adb1-tmp => C:\WINDOWS\system32\rundll32.exe [2017-03-18] ()
    Task: {F69D27B1-6D91-42B9-B002-A8000C526CCD} - System32\Tasks\discord\app-0-0-297\discord => C:\WINDOWS\system32\rundll32.exe [2017-09-08] ()
    Task: {FB92842B-5A3D-46A7-B698-FDD7341E353B} - System32\Tasks\temp\5019-tmp => C:\WINDOWS\system32\rundll32.exe [2017-09-05] (Microsoft Corporation)
    Task: {FC6AFB96-D57B-49D9-A9FB-F37BC09B04F1} - System32\Tasks\temp\6fc8 => C:\WINDOWS\system32\rundll32.exe [2017-09-05] ()
    Task: {FC9851A1-2079-4474-98A9-FCCAE04D46A0} - System32\Tasks\microsoft-windows => C:\WINDOWS\system32\rundll32.exe [2017-09-05] ()
    Task: {FE00C58B-5517-43CA-B5D1-60AE5C98F09D} - System32\Tasks\steam => C:\WINDOWS\system32\rundll32.exe [2017-09-05] ()
    Task: {FECEA4D7-7571-4AC6-85B6-5D5DB87CC227} - System32\Tasks\google\chrome\user data\swreporter\17 => C:\WINDOWS\system32\rundll32.exe [2017-09-05] () <==== ATTENTION
    Task: C:\WINDOWS\Tasks\microsoft.job => rundll32.exe  C:\ProgramData\75n721n352d507\75n721n352d507.dll
    Task: C:\WINDOWS\Tasks\Yahoo! Powered fadad.job => Wscript.exe  C:\ProgramData\{94D851BB-1E9A-DB7D-985C-453F021ECEF1}\mati.txt <==== ATTENTION
    Task: C:\WINDOWS\Tasks\{194D220C-70E7-A599-F93E-0DF4F4D29D32}.job => C:\Users\hugi6\AppData\Roaming\194D22~1\PRODUC~1.EXE <==== ATTENTION
    Shortcut: C:\Users\hugi6\Desktop\Lеаguе оf Legends.lnk -> C:\Users\hugi6\AppData\Roaming\Browsers\exe.rehcnual.lol.bat ()
    Shortcut: C:\Users\hugi6\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Gооgle Chrоmе.lnk -> C:\Users\hugi6\AppData\Roaming\Browsers\exe.emorhc.bat ()
    Shortcut: C:\Users\hugi6\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Gооgle Chrоmе.lnk -> C:\Users\hugi6\AppData\Roaming\Browsers\exe.emorhc.bat ()
    Shortcut: C:\Users\hugi6\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Lеague of Lеgends.lnk -> C:\Users\hugi6\AppData\Roaming\Browsers\exe.rehcnual.lol.bat ()
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gооglе Chromе.lnk -> C:\Users\hugi6\AppData\Roaming\Browsers\exe.emorhc.bat ()
    2017-03-17 12:51 - 2014-03-22 06:10 - 003103744 _____ () C:\ProgramData\75n721n352d507\75n721n352d507.dll
    2017-09-29 17:12 - 2017-09-29 17:12 - 000569344 _____ () C:\WINDOWS\TEMP\gC67E.tmp.exe
    HKLM\...\RunOnce: [DESKTOP-00BP7MB] => C:\Windows\Temp\gC67D.tmp.exe [212992 2017-09-29] () <==== ATTENTION
    HKLM-x32\...\RunOnce: [Sigapedada] => C:\WINDOWS\SysWOW64\wscript.exe /E:vbscript /B "C:\Users\hugi6\AppData\Roaming\194D22~1\Nurofuh.dat"
    HKLM\ DisallowedCertificates: 03D22C9C66915D58C88912B64C1F984B8344EF09 (Comodo Security Solutions) <==== ATTENTION
    HKLM\ DisallowedCertificates: 0F684EC1163281085C6AF20528878103ACEFCAAB (F-Secure Corporation) <==== ATTENTION
    HKLM\ DisallowedCertificates: 1667908C9E22EFBD0590E088715CC74BE4C60884 (FRISK Software International/F-Prot) <==== ATTENTION
    HKLM\ DisallowedCertificates: 18DEA4EFA93B06AE997D234411F3FD72A677EECE (Bitdefender SRL) <==== ATTENTION
    HKLM\ DisallowedCertificates: 2026D13756EB0DB753DF26CB3B7EEBE3E70BB2CF (G DATA Software AG) <==== ATTENTION
    HKLM\ DisallowedCertificates: 249BDA38A611CD746A132FA2AF995A2D3C941264 (Malwarebytes Corporation) <==== ATTENTION
    HKLM\ DisallowedCertificates: 31AC96A6C17C425222C46D55C3CCA6BA12E54DAF (Symantec Corporation) <==== ATTENTION
    HKLM\ DisallowedCertificates: 331E2046A1CCA7BFEF766724394BE6112B4CA3F7 (Trend Micro) <==== ATTENTION
    HKLM\ DisallowedCertificates: 3353EA609334A9F23A701B9159E30CB6C22D4C59 (Webroot Inc.) <==== ATTENTION
    HKLM\ DisallowedCertificates: 373C33726722D3A5D1EDD1F1585D5D25B39BEA1A (SUPERAntiSpyware.com) <==== ATTENTION
    HKLM\ DisallowedCertificates: 3850EDD77CC74EC9F4829AE406BBF9C21E0DA87F (Kaspersky Lab) <==== ATTENTION
    HKLM\ DisallowedCertificates: 3D496FA682E65FC122351EC29B55AB94F3BB03FC (AVG Technologies CZ) <==== ATTENTION
    HKLM\ DisallowedCertificates: 4243A03DB4C3C15149CEA8B38EEA1DA4F26BD159 (PC Tools) <==== ATTENTION
    HKLM\ DisallowedCertificates: 42727E052C0C2E1B35AB53E1005FD9EDC9DE8F01 (K7 Computing Pvt Ltd) <==== ATTENTION
    HKLM\ DisallowedCertificates: 4420C99742DF11DD0795BC15B7B0ABF090DC84DF (Doctor Web Ltd.) <==== ATTENTION
    HKLM\ DisallowedCertificates: 4C0AF5719009B7C9D85C5EAEDFA3B7F090FE5FFF (Emsisoft Ltd) <==== ATTENTION
    HKLM\ DisallowedCertificates: 5240AB5B05D11B37900AC7712A3C6AE42F377C8C (Check Point Software Technologies Ltd.) <==== ATTENTION
    HKLM\ DisallowedCertificates: 5DD3D41810F28B2A13E9A004E6412061E28FA48D (Emsisoft Ltd) <==== ATTENTION
    HKLM\ DisallowedCertificates: 7457A3793086DBB58B3858D6476889E3311E550E (K7 Computing Pvt Ltd) <==== ATTENTION
    HKLM\ DisallowedCertificates: 76A9295EF4343E12DFC5FE05DC57227C1AB00D29 (BullGuard Ltd) <==== ATTENTION
    HKLM\ DisallowedCertificates: 775B373B33B9D15B58BC02B184704332B97C3CAF (McAfee) <==== ATTENTION
    HKLM\ DisallowedCertificates: 872CD334B7E7B3C3D1C6114CD6B221026D505EAB (Comodo Security Solutions) <==== ATTENTION
    HKLM\ DisallowedCertificates: 88AD5DFE24126872B33175D1778687B642323ACF (McAfee) <==== ATTENTION
    HKLM\ DisallowedCertificates: 9132E8B079D080E01D52631690BE18EBC2347C1E (Adaware Software) <==== ATTENTION
    HKLM\ DisallowedCertificates: 982D98951CF3C0CA2A02814D474A976CBFF6BDB1 (Safer Networking Ltd.) <==== ATTENTION
    HKLM\ DisallowedCertificates: 9A08641F7C5F2CCA0888388BE3E5DBDDAAA3B361 (Webroot Inc.) <==== ATTENTION
    HKLM\ DisallowedCertificates: 9C43F665E690AB4D486D4717B456C5554D4BCEB5 (ThreatTrack Security) <==== ATTENTION
    HKLM\ DisallowedCertificates: 9E3F95577B37C74CA2F70C1E1859E798B7FC6B13 (CURIOLAB S.M.B.A.) <==== ATTENTION
    HKLM\ DisallowedCertificates: A1F8DCB086E461E2ABB4B46ADCFA0B48C58B6E99 (Avira Operations GmbH & Co. KG) <==== ATTENTION
    HKLM\ DisallowedCertificates: A5341949ABE1407DD7BF7DFE75460D9608FBC309 (BullGuard Ltd) <==== ATTENTION
    HKLM\ DisallowedCertificates: A59CC32724DD07A6FC33F7806945481A2D13CA2F (ESET) <==== ATTENTION
    HKLM\ DisallowedCertificates: AB7E760DA2485EA9EF5A6EEE7647748D4BA6B947 (AVG Technologies CZ) <==== ATTENTION
    HKLM\ DisallowedCertificates: AD4C5429E10F4FF6C01840C20ABA344D7401209F (Avast Antivirus/Software) <==== ATTENTION
    HKLM\ DisallowedCertificates: AD96BB64BA36379D2E354660780C2067B81DA2E0 (Symantec Corporation) <==== ATTENTION
    HKLM\ DisallowedCertificates: B8EBF0E696AF77F51C96DB4D044586E2F4F8FD84 (Malwarebytes Corporation) <==== ATTENTION
    HKLM\ DisallowedCertificates: CDC37C22FE9272D8F2610206AD397A45040326B8 (Trend Micro) <==== ATTENTION
    HKLM\ DisallowedCertificates: D3F78D747E7C5D6D3AE8ABFDDA7522BFB4CBD598 (Kaspersky Lab) <==== ATTENTION
    HKLM\ DisallowedCertificates: DB303C9B61282DE525DC754A535CA2D6A9BD3D87 (ThreatTrack Security) <==== ATTENTION
    HKLM\ DisallowedCertificates: DB77E5CFEC34459146748B667C97B185619251BA (Avast Antivirus/Software) <==== ATTENTION
    HKLM\ DisallowedCertificates: E22240E837B52E691C71DF248F12D27F96441C00 (Total Defense, Inc.) <==== ATTENTION
    HKLM\ DisallowedCertificates: E513EAB8610CFFD7C87E00BCA15C23AAB407FCEF (AVG Technologies CZ) <==== ATTENTION
    HKLM\ DisallowedCertificates: ED841A61C0F76025598421BC1B00E24189E68D54 (Bitdefender SRL) <==== ATTENTION
    HKLM\ DisallowedCertificates: F83099622B4A9F72CB5081F742164AD1B8D048C9 (ESET) <==== ATTENTION
    HKLM\ DisallowedCertificates: FBB42F089AF2D570F2BF6F493D107A3255A9BB1A (Panda Security S.L) <==== ATTENTION
    HKLM\ DisallowedCertificates: FFFA650F2CB2ABC0D80527B524DD3F9FC172C138 (Doctor Web Ltd.) <==== ATTENTION
    HKU\S-1-5-21-3830388127-1417881005-1381953934-1001\...\Run: [DD6PFPCOHV] => C:\Program Files\QMTH1SQVZK\ZQATTNSRC.exe [669696 2017-03-17] (48Q7C73EP)
    HKU\S-1-5-21-3830388127-1417881005-1381953934-1001\...\Run: [Chromium] => c:\users\hugi6\appdata\local\chromium\application\chrome.exe [828416 2017-01-23] (The Chromium Authors)
    HKU\S-1-5-21-3830388127-1417881005-1381953934-1001\...\Policies\Explorer\Run: [Hotspot] => C:\Users\hugi6\AppData\Roaming\Microsoft\hsbssfac\besirdda.exe
    C:\Windows\Temp\gC67D.tmp.exe
    C:\Windows\Tasks\{194D220C-70E7-A599-F93E-0DF4F4D29D32}.job
    C:\Windows\Tasks\{2C00A7BC-B0D0-37B6-52E3-018E40BA7DFE}.job
    C:\Windows\Tasks\{74B260FE-82EE-7264-321A-3F3B2ADCFA52}.job
    C:\Program Files\QMTH1SQVZK
    C:\Users\hugi6\AppData\Roaming\Microsoft\hsbssfac
    C:\Users\hugi6\AppData\Roaming\194D22~1
    C:\Users\hugi6\AppData\Roaming\Browsers
    C:\ProgramData\75n721n352d507
    Hosts:
    EmptyTemp:
    
    
  • Menu Fichier / Enregistrer-sous
    Place toi sur le bureau.
    Dans le champs en bas, nom du fichier mets : fixlist.txt
    Clic sur Enregistrer - cela va créer un fichier fixlist.txt sur le bureau.
  • Ferme toutes les applications, y compris ton navigateur
  • Double-clique sur FRST.exe
    Image Sous Vista, Windows 7, 8,10, etc.... il faut lancer le fichier par clic-droit ➫ Exécuter en tant qu'administrateur
    Sur le menu principal, clique une seule fois sur Corriger/Fix et patiente le temps de la correction


    Un redémarrage peut être nécessaire (pas obligatoire).
  • L'outil va créer un rapport de correction Fixlog.txt. Poste ce rapport dans ta réponse avec ton commentaire si c'est mieux !
Avec Gnu_Linux t'as un Noyau ... avec Ѡindows t'as que les pépins
http://angelik.altervista.org/
Supprimer les "virus" gratuitement http://www.supprimer-trojan.com/
Ne soyez pas Rat!
Image
---------------------------------------------------------------------------------------------------------------------
ZIK.:: R00tsL3gacy Reggae141.com
ZIK.:: LaGr0sseRadi0

Hugod98
Messages : 2
Inscription : 30 sept. 2017 00:01

Re: Infection pages de pubs s'ouvrent constamment

Message par Hugod98 » 30 sept. 2017 19:10

Bonjour, merci de ta réponse, pour le moment ça fonctionne mieux je n'ai pas de pages de pubs.
Voici la fixlog:
https://pjjoint.malekal.com/files.php?i ... k10q8u15f8

Avatar de l’utilisateur
angelique
Geek à longue barbe
Geek à longue barbe
Messages : 27723
Inscription : 28 févr. 2008 14:58
Localisation : Breizhilienne à l' 0u3st
Contact :

Re: Infection pages de pubs s'ouvrent constamment

Message par angelique » 01 oct. 2017 06:40

OK dans ce cas tu pourras supprimer frst, ses rapports et sa quarantaine C:\FRST

➫ Quelques conseils :


Utilise Malwarebyte's Anti-Malware : http://www.malekal.com/tutorial_Malware ... alware.php
Fais des scans réguliers avec, il est efficace.



Pour ne plus te faire avoir.
A lire - Programmes parasites / PUPs : http://www.malekal.com/2011/07/27/detec ... d-program/
Avec Gnu_Linux t'as un Noyau ... avec Ѡindows t'as que les pépins
http://angelik.altervista.org/
Supprimer les "virus" gratuitement http://www.supprimer-trojan.com/
Ne soyez pas Rat!
Image
---------------------------------------------------------------------------------------------------------------------
ZIK.:: R00tsL3gacy Reggae141.com
ZIK.:: LaGr0sseRadi0


Répondre

Revenir vers « VIRUS : Supprimer/Desinfecter (Trojan, Adwares, Ransomwares, Backdoor, Spywares) »

Qui est en ligne ?

Utilisateurs parcourant ce forum : Aucun utilisateur inscrit et 24 invités