Windows 10 infecté par DNSUnlocker, Chrome et Edge infestés

darkseb · par **darkseb** » 31 août 2016 04:58

Windows 10 est TRÈS TRÈS LENT et totalement infecté.

Merci de votre aide.

Search results from Spybot - Search & Destroy

30/08/2016 22:36:00
Scan took 00:33:13.
66 items found.

Babylon.Toolbar: [SBI $DEB52F26] Program directory (Directory, nothing done)
  C:\ProgramData\Babylon\
  Category=Adware
  ThreatLevel=3
  Weblink=http://forums.spybot.info/forumdisplay.php?54

Babylon.Toolbar: [SBI $DEB52F26] Program directory (Directory, nothing done)
  C:\Users\Denis\AppData\Roaming\Babylon\
  Category=Adware
  ThreatLevel=3
  Weblink=http://forums.spybot.info/forumdisplay.php?54
  Directory.subfile=C:\Users\Denis\AppData\Roaming\Babylon\log_file.txt
  Directory.subfile.size=2669
  Directory.subfile.md5=2048652F892CD10777C56DB46DC46FF2
  Directory.subfile.filedate=1454859619
  Directory.subfile.filedatetext=2016-02-07 15:40:18

Babylon.Toolbar: [SBI $0C3B54D0] Program directory (Directory, nothing done)
  C:\Users\Denis\AppData\Local\Babylon\
  Category=Adware
  ThreatLevel=3
  Weblink=http://forums.spybot.info/forumdisplay.php?54
  Directory.subfile=C:\Users\Denis\AppData\Local\Babylon\Setup\Setup2.zpb
  Directory.subfile.size=3844
  Directory.subfile.md5=5E6230B3B16798E23720958756AC6D9E
  Directory.subfile.filedate=1454859618
  Directory.subfile.filedatetext=2016-02-07 15:40:18

Babylon.Toolbar: [SBI $C87F6C5D]  Data (File, nothing done)
  C:\Users\Denis\AppData\Roaming\Babylon\log_file.txt
  Category=Adware
  ThreatLevel=3
  Weblink=http://forums.spybot.info/forumdisplay.php?54
  Properties.size=2669
  Properties.md5=2048652F892CD10777C56DB46DC46FF2
  Properties.filedate=1454859619
  Properties.filedatetext=2016-02-07 15:40:18

Babylon.Toolbar: [SBI $D61DEB54]  Data (File, nothing done)
  C:\Users\Denis\AppData\Local\Temp\5264167C-BAB0-7891-8A3F-7E4F9949B98D\Latest\bab033.tbinst.dat
  Category=Adware
  ThreatLevel=3
  Weblink=http://forums.spybot.info/forumdisplay.php?54
  Properties.size=205
  Properties.md5=90713AB7A74884CD36A5FB4CFCDECE8A
  Properties.filedate=1355384207
  Properties.filedatetext=2012-12-13 07:36:46

Babylon.Toolbar: [SBI $099DB13A]  Data (File, nothing done)
  C:\Users\Denis\AppData\Local\Temp\5264167C-BAB0-7891-8A3F-7E4F9949B98D\Latest\bab091.norecovericon.dat
  Category=Adware
  ThreatLevel=3
  Weblink=http://forums.spybot.info/forumdisplay.php?54
  Properties.size=174
  Properties.md5=4F6E1FDBEF102CDBD379FDAC550B9F48
  Properties.filedate=1308110904
  Properties.filedatetext=2011-06-15 04:08:24

Babylon.Toolbar: [SBI $2A253B2D]  Data (File, nothing done)
  C:\Users\Denis\AppData\Local\Temp\5264167C-BAB0-7891-8A3F-7E4F9949B98D\Latest\bab148.spreg.dat
  Category=Adware
  ThreatLevel=3
  Weblink=http://forums.spybot.info/forumdisplay.php?54
  Properties.size=249
  Properties.md5=A4AF0A0C254B38F2F9EECBF0E00B08FE
  Properties.filedate=1348734097
  Properties.filedatetext=2012-09-27 08:21:36

Babylon.Toolbar: [SBI $E4BEDEBC]  Data (File, nothing done)
  C:\Users\Denis\AppData\Local\Temp\5264167C-BAB0-7891-8A3F-7E4F9949B98D\Latest\bab187.wl.dat
  Category=Adware
  ThreatLevel=3
  Weblink=http://forums.spybot.info/forumdisplay.php?54
  Properties.size=234
  Properties.md5=6358860CD0C336C1F91F86BE701D77C4
  Properties.filedate=1367144703
  Properties.filedatetext=2013-04-28 10:25:02

Babylon.Toolbar: [SBI $DD499179]  Data (File, nothing done)
  C:\Users\Denis\AppData\Local\Temp\5264167C-BAB0-7891-8A3F-7E4F9949B98D\Latest\bab307.sp_pop0.dat
  Category=Adware
  ThreatLevel=3
  Weblink=http://forums.spybot.info/forumdisplay.php?54
  Properties.size=178
  Properties.md5=0B7BE9C4B72C2C5166BFD61CA5EBBFED
  Properties.filedate=1353407146
  Properties.filedatetext=2012-11-20 10:25:45

Babylon.Toolbar: [SBI $E759D8FC]  Data (File, nothing done)
  C:\Users\Denis\AppData\Local\Temp\5264167C-BAB0-7891-8A3F-7E4F9949B98D\Latest\bab456.TB_OldWay.dat
  Category=Adware
  ThreatLevel=3
  Weblink=http://forums.spybot.info/forumdisplay.php?54
  Properties.size=174
  Properties.md5=7E72D256E34635D351092955D1F8516B
  Properties.filedate=1358330248
  Properties.filedatetext=2013-01-16 09:57:27

Babylon.Toolbar: [SBI $C8371539]  Data (File, nothing done)
  C:\Users\Denis\AppData\Local\Temp\5264167C-BAB0-7891-8A3F-7E4F9949B98D\Latest\Babylon.dat
  Category=Adware
  ThreatLevel=3
  Weblink=http://forums.spybot.info/forumdisplay.php?54
  Properties.size=12384
  Properties.md5=825E5733974586A0A1229A53361ED13E
  Properties.filedate=1361261851
  Properties.filedatetext=2013-02-19 08:17:30

Babylon.Toolbar: [SBI $E7DA096E]  Library (File, nothing done)
  C:\Users\Denis\AppData\Local\Temp\5264167C-BAB0-7891-8A3F-7E4F9949B98D\Latest\BExternal.dll
  Category=Adware
  ThreatLevel=3
  Weblink=http://forums.spybot.info/forumdisplay.php?54
  Properties.size=132096
  Properties.md5=B212865E7E478A28A97268F960079A8D
  Properties.filedate=1355384240
  Properties.filedatetext=2012-12-13 07:37:19

Delta.Toolbar: [SBI $936FA28C]  Executable (File, nothing done)
  C:\Users\Denis\AppData\Local\Temp\DeltaTB.exe
  Category=Adware
  ThreatLevel=3
  Weblink=http://forums.spybot.info/forumdisplay.php?54
  Properties.size=785904
  Properties.md5=EB2764885565B6C01CB32E5F51F213B3
  Properties.filedate=1368148232
  Properties.filedatetext=2013-05-10 01:10:32

Ad.CostMin: [SBI $55874B38]  Data (File, nothing done)
  C:\Users\Denis\AppData\LocalLow\{FB03EE66-0720-3500-648C-096325B8437E}\CostMin.2.9.dat
  Category=Adware
  ThreatLevel=3
  Weblink=http://forums.spybot.info/forumdisplay.php?54
  Properties.size=63698
  Properties.md5=5735503709512A97AA7097505182127E
  Properties.filedate=1399668742
  Properties.filedatetext=2014-05-09 20:52:21

YoutubeAdblocker.BHO: [SBI $3DF0D315]  Data (File, nothing done)
  C:\Users\Denis\AppData\LocalLow\{644D540D-AF4B-887A-C031-76689F53BD15}\YoutubeAdblocker.2.7.dat
  Category=Adware
  ThreatLevel=3
  Weblink=http://forums.spybot.info/forumdisplay.php?54
  Properties.size=42292
  Properties.md5=B53364A42D16DC861A55CCC7B8AF3919
  Properties.filedate=1388229880
  Properties.filedatetext=2013-12-28 11:24:39

PCUtilities.OptimizerPro: [SBI $7AF08CCA] Program directory (Directory, nothing done)
  C:\Users\Denis\Documents\Optimizer Pro\
  Category=PUPS
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54
  Directory.subfile=C:\Users\Denis\Documents\Optimizer Pro\CookiesException.txt
  Directory.subfile.size=677
  Directory.subfile.md5=71F86B0204069684DB1B7879A693FB6D
  Directory.subfile.filedate=1410035045
  Directory.subfile.filedatetext=2014-09-06 20:24:05

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\Denis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\ZK3GA2T2\#AppContainer\static-news-eus.s-msn.com\VideoWindow.sol
  Category=Tracks
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54
  Properties.size=99
  Properties.md5=A1E9A2D317A5EF0E8DFC55DCFA0AEA8A
  Properties.filedate=1450021600
  Properties.filedatetext=2015-12-13 15:46:39

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\Denis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\ZK3GA2T2\#AppContainer\static.baifendian.com\bfdfid.sol
  Category=Tracks
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54
  Properties.size=77
  Properties.md5=00DBB91217AC74806BB8B7120610AF16
  Properties.filedate=1451143647
  Properties.filedatetext=2015-12-26 15:27:27

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\Denis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\ZK3GA2T2\#AppContainer\static1.dmcdn.net\com.dm.player.sol
  Category=Tracks
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54
  Properties.size=92
  Properties.md5=42134A2174961682CA2FE75A1FFCD9B9
  Properties.filedate=1452719846
  Properties.filedatetext=2016-01-13 21:17:25

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\Denis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\ZK3GA2T2\#AppContainer\u.videostep.com\VsCookie.sol
  Category=Tracks
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54
  Properties.size=89
  Properties.md5=C41B1F76386ACC595A0778A5B246EEED
  Properties.filedate=1451128230
  Properties.filedatetext=2015-12-26 11:10:30

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\Denis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\ZK3GA2T2\www.ajaxcdn.org\swf.swf\dm_cookie.sol
  Category=Tracks
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54
  Properties.size=416
  Properties.md5=02E11C30E3D88DEB7EDC1CAD790F85D5
  Properties.filedate=1451051543
  Properties.filedatetext=2015-12-25 13:52:23

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\Denis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\ZK3GA2T2\#AppContainer\aa.online-metrix.net\fpc.swf\session.sol
  Category=Tracks
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54
  Properties.size=76
  Properties.md5=0144120FBFE74363137B8C64A7F0DD54
  Properties.filedate=1455314555
  Properties.filedatetext=2016-02-12 22:02:35

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\Denis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\ZK3GA2T2\cdn2.dashbida.com\prod\vpaid2-dbfp.swf\dbStore.sol
  Category=Tracks
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54
  Properties.size=69
  Properties.md5=8B49B6202DC976400C2C7B3C8D1D2AF3
  Properties.filedate=1448812549
  Properties.filedatetext=2015-11-29 15:55:49

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\Denis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\ZK3GA2T2\static.adzerk.net\Advertisers\1adc5cda16fb4ea98b3b8cebfd3532b0.swf\thu_host_test_client_id.sol
  Category=Tracks
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54
  Properties.size=61
  Properties.md5=C38850B6ECF42F704D3E0D04020BBBB3
  Properties.filedate=1451168528
  Properties.filedatetext=2015-12-26 22:22:07

DoubleClick: [SBI $4E2AF2AC] Tracking cookie (Internet Explorer (Utilisateur): Denis) (Browser: Cookie, nothing done)
  
  Category=Browser
  ThreatLevel=1
  Weblink=http://forums.spybot.info/forumdisplay.php?54

CasaleMedia: [SBI $4E2AF2AC] Tracking cookie (Internet Explorer (Utilisateur): Denis) (Browser: Cookie, nothing done)
  
  Category=Browser
  ThreatLevel=1
  Weblink=http://forums.spybot.info/forumdisplay.php?54

WebTrends live: [SBI $4E2AF2AC] Tracking cookie (Internet Explorer (Utilisateur): Denis) (Browser: Cookie, nothing done)
  
  Category=Browser
  ThreatLevel=1
  Weblink=http://forums.spybot.info/forumdisplay.php?54

Internet Explorer: [SBI $1E8157BE] Typed URL list (Registry Key, nothing done)
  HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\TypedURLs
  Category=Tracks
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54

Internet Explorer: [SBI $1E8157BE] Typed URL list (Registry Key, nothing done)
  HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\TypedURLs
  Category=Tracks
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54

Internet Explorer: [SBI $1E8157BE] Typed URL list (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1188364431-2197674882-4222689211-1000\Software\Microsoft\Internet Explorer\TypedURLs
  Category=Tracks
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54

Internet Explorer: [SBI $1E8157BE] Typed URL list (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1188364431-2197674882-4222689211-1005\Software\Microsoft\Internet Explorer\TypedURLs
  Category=Tracks
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
  Category=Tracks
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
  Category=Tracks
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
  Category=Tracks
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-1188364431-2197674882-4222689211-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
  Category=Tracks
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-1188364431-2197674882-4222689211-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
  Category=Tracks
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
  Category=Tracks
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54

MS Management Console: [SBI $ECD50EAD] Recent command list (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1188364431-2197674882-4222689211-1000\Software\Microsoft\Microsoft Management Console\Recent File List
  Category=Tracks
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54

MS Media Player: [SBI $5C51E349] Client ID (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-1188364431-2197674882-4222689211-1005\Software\Microsoft\MediaPlayer\Player\Settings\Client ID
  Category=Tracks
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54

MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name
  Category=Tracks
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54

MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name
  Category=Tracks
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54

MS DirectInput: [SBI $9A063C91] Most recent application (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-1188364431-2197674882-4222689211-1000\Software\Microsoft\DirectInput\MostRecentApplication\Name
  Category=Tracks
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54

MS DirectInput: [SBI $7B184199] Most recent application ID (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-1188364431-2197674882-4222689211-1000\Software\Microsoft\DirectInput\MostRecentApplication\Id
  Category=Tracks
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54

MS Paint: [SBI $07867C39] Recent file list (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1188364431-2197674882-4222689211-1000\Software\Microsoft\Windows\CurrentVersion\Applets\Paint\Recent File List
  Category=Tracks
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54

Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources
  Category=Tracks
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54

Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources
  Category=Tracks
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54

Windows.OpenWith: [SBI $16E309E0] Open with list - .ASF extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1188364431-2197674882-4222689211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ASF\OpenWithList
  Category=Tracks
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54

Windows.OpenWith: [SBI $F7204896] Open with list - .AVI extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1188364431-2197674882-4222689211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AVI\OpenWithList
  Category=Tracks
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54

Windows.OpenWith: [SBI $F36A4DFD] Open with list - .CA extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1188364431-2197674882-4222689211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CA\OpenWithList
  Category=Tracks
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54

Windows.OpenWith: [SBI $ECC28BDF] Open with list - .CSV extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1188364431-2197674882-4222689211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSV\OpenWithList
  Category=Tracks
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54

Windows Explorer: [SBI $A2C7B3CD] Recent wallpaper list (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1188364431-2197674882-4222689211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Wallpaper\MRU
  Category=Tracks
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54

Windows Explorer: [SBI $7308A845] Run history (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1188364431-2197674882-4222689211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU
  Category=Tracks
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54

Windows Explorer: [SBI $AA0766B5] Stream history (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1188364431-2197674882-4222689211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU
  Category=Tracks
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54

Windows Explorer: [SBI $AA0766B5] Stream history (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1188364431-2197674882-4222689211-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU
  Category=Tracks
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54

Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1188364431-2197674882-4222689211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
  Category=Tracks
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54

Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1188364431-2197674882-4222689211-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
  Category=Tracks
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54

Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-1188364431-2197674882-4222689211-1000\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
  Category=Tracks
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54

Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-1188364431-2197674882-4222689211-1000\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
  Category=Tracks
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54

Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
  HKEY_USERS\S-1-5-21-1188364431-2197674882-4222689211-1000\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
  Category=Tracks
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54

WinRAR: [SBI $0B56E92B] Recent file list (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1188364431-2197674882-4222689211-1000\Software\WinRAR\ArcHistory
  Category=Tracks
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54

WinRAR: [SBI $A59A1C0A] Recent exe file list (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1188364431-2197674882-4222689211-1000\Software\WinRAR\DialogEditHistory\ArcName
  Category=Tracks
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54

WinRAR: [SBI $B84F9965] Last used directory (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-1188364431-2197674882-4222689211-1000\Software\WinRAR\General\LastFolder
  Category=Tracks
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54

WinRAR: [SBI $B510882E] Extraction directory history (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1188364431-2197674882-4222689211-1000\Software\WinRAR\DialogEditHistory\ExtrPath
  Category=Tracks
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54

Cookie: [SBI $49804B54] Browser: Cookie (137) (Browser: Cookie, nothing done)
  
  Category=Browser
  ThreatLevel=1
  Weblink=http://forums.spybot.info/forumdisplay.php?54

Cache: [SBI $49804B54] Browser: Cache (2258) (Browser: Cache, nothing done)
  
  Category=Browser
  ThreatLevel=1
  Weblink=http://forums.spybot.info/forumdisplay.php?54

Historique: [SBI $49804B54] Browser: History (681) (Browser: History, nothing done)
  
  Category=Browser
  ThreatLevel=1
  Weblink=http://forums.spybot.info/forumdisplay.php?54


--- Spybot - Search & Destroy version: 2.6.44.134  DLL (build: 20160321) ---

2014-06-24 blindman.exe (2.4.40.151)
2014-06-24 explorer.exe (2.4.40.181)
2014-06-24 SDBootCD.exe (2.4.40.109)
2016-03-21 SDCleaner.exe (2.6.44.110)
2014-06-24 SDDelFile.exe (2.4.40.94)
2013-06-18 SDDisableProxy.exe
2014-06-24 SDFiles.exe (2.4.40.135)
2014-06-24 SDFileScanHelper.exe (2.4.40.1)
2014-06-24 SDFSSvc.exe (2.4.40.217)
2014-06-24 SDHelp.exe (2.4.40.1)
2014-04-25 SDHookHelper.exe (2.3.39.2)
2014-04-25 SDHookInst32.exe (2.3.39.2)
2014-04-25 SDHookInst64.exe (2.3.39.2)
2016-03-21 SDImmunize.exe (2.6.44.130)
2014-06-24 SDLogReport.exe (2.4.40.107)
2014-06-24 SDOnAccess.exe (2.4.40.11)
2014-06-24 SDPESetup.exe (2.4.40.3)
2014-06-24 SDPEStart.exe (2.4.40.86)
2014-06-24 SDPhoneScan.exe (2.4.40.28)
2014-06-24 SDPRE.exe (2.4.40.22)
2014-06-24 SDPrepPos.exe (2.4.40.15)
2014-06-24 SDQuarantine.exe (2.4.40.103)
2014-06-24 SDRootAlyzer.exe (2.4.40.116)
2014-06-24 SDSBIEdit.exe (2.4.40.39)
2016-03-21 SDScan.exe (2.6.44.181)
2014-06-24 SDScript.exe (2.4.40.54)
2016-03-21 SDSettings.exe (2.6.44.141)
2014-06-24 SDShell.exe (2.4.40.2)
2014-06-24 SDShred.exe (2.4.40.108)
2014-06-24 SDSysRepair.exe (2.4.40.102)
2014-06-24 SDTools.exe (2.4.40.157)
2014-06-24 SDTray.exe (2.4.40.129)
2014-06-27 SDUpdate.exe (2.4.40.94)
2014-06-27 SDUpdSvc.exe (2.4.40.77)
2014-06-24 SDWelcome.exe (2.4.40.130)
2014-04-25 SDWSCSvc.exe (2.3.39.2)
2015-03-25 spybotsd2-install-av-update.exe (2.4.40.0)
2014-05-20 spybotsd2-install-bdcore-update.exe (2.3.39.0)
2016-05-02 spybotsd2-install-iefreezefix.exe (2.4.40.0)
2014-07-31 spybotsd2-translation-esx.exe
2013-06-19 spybotsd2-translation-frx.exe
2015-03-25 spybotsd2-translation-hrx.exe
2014-08-25 spybotsd2-translation-hux2.exe
2014-10-01 spybotsd2-translation-nlx2.exe
2014-11-05 spybotsd2-translation-ukx.exe
2015-07-28 spybotsd2-windows-upgrade-installer.exe (1.4.0.0)
2016-08-30 unins000.exe (51.1052.0.0)
1999-12-02 xcacls.exe
2012-08-23 borlndmm.dll (10.0.2288.42451)
2012-09-05 DelZip190.dll (1.9.0.107)
2016-03-21 DelZip192.dll (1.9.2.132)
2012-09-10 libeay32.dll (1.0.0.4)
2012-09-10 libssl32.dll (1.0.0.4)
2014-04-25 NotificationSpreader.dll
2014-06-24 SDAdvancedCheckLibrary.dll (2.4.40.98)
2015-03-25 SDAV.dll
2014-06-24 SDECon32.dll (2.4.40.114)
2014-06-24 SDECon64.dll (2.3.39.113)
2014-06-24 SDEvents.dll (2.4.40.2)
2014-06-24 SDFileScanLibrary.dll (2.4.40.14)
2014-04-25 SDHook32.dll (2.3.39.2)
2014-04-25 SDHook64.dll (2.3.39.2)
2014-06-24 SDImmunizeLibrary.dll (2.4.40.2)
2014-06-24 SDLicense.dll (2.4.40.0)
2014-06-24 SDLists.dll (2.4.40.4)
2014-06-24 SDResources.dll (2.4.40.7)
2016-03-21 SDScanLibrary.dll (2.6.44.134)
2014-06-24 SDTasks.dll (2.4.40.15)
2014-06-24 SDWinLogon.dll (2.4.40.0)
2012-08-23 sqlite3.dll
2012-09-10 ssleay32.dll (1.0.0.4)
2014-06-24 Tools.dll (2.4.40.36)
2015-04-22 Includes\Adware-000.sbi (*)
2015-08-05 Includes\Adware-001.sbi (*)
2016-08-22 Includes\Adware-C.sbi (*)
2014-01-13 Includes\Adware.sbi (*)
2014-01-13 Includes\AdwareC.sbi (*)
2010-08-13 Includes\Cookies.sbi (*)
2014-11-14 Includes\Dialer-000.sbi (*)
2014-11-14 Includes\Dialer-001.sbi (*)
2015-07-29 Includes\Dialer-C.sbi (*)
2014-01-13 Includes\Dialer.sbi (*)
2014-01-13 Includes\DialerC.sbi (*)
2014-01-09 Includes\Fraud-000.sbi (*)
2014-01-09 Includes\Fraud-001.sbi (*)
2014-03-31 Includes\Fraud-002.sbi (*)
2016-07-06 Includes\Fraud-003.sbi (*)
2012-11-14 Includes\HeavyDuty.sbi (*)
2014-11-14 Includes\Hijackers-000.sbi (*)
2014-11-14 Includes\Hijackers-001.sbi (*)
2015-12-23 Includes\Hijackers-C.sbi (*)
2014-01-13 Includes\Hijackers.sbi (*)
2014-01-13 Includes\HijackersC.sbi (*)
2014-01-08 Includes\iPhone-000.sbi (*)
2016-05-27 Includes\Keyloggers-000.sbi (*)
2016-08-16 Includes\Keyloggers-C.sbi (*)
2014-01-13 Includes\Keyloggers.sbi (*)
2014-01-13 Includes\KeyloggersC.sbi (*)
2015-06-25 Includes\Malware-000.sbi (*)
2014-11-14 Includes\Malware-001.sbi (*)
2016-06-14 Includes\Malware-002.sbi (*)
2015-11-19 Includes\Malware-003.sbi (*)
2014-11-14 Includes\Malware-004.sbi (*)
2014-11-14 Includes\Malware-005.sbi (*)
2014-02-26 Includes\Malware-006.sbi (*)
2014-01-09 Includes\Malware-007.sbi (*)
2016-07-06 Includes\Malware-C.sbi (*)
2014-01-13 Includes\Malware.sbi (*)
2013-12-23 Includes\MalwareC.sbi (*)
2014-11-14 Includes\PUPS-000.sbi (*)
2014-01-15 Includes\PUPS-001.sbi (*)
2014-01-15 Includes\PUPS-002.sbi (*)
2016-08-22 Includes\PUPS-C.sbi (*)
2012-11-14 Includes\PUPS.sbi (*)
2014-01-07 Includes\PUPSC.sbi (*)
2014-01-08 Includes\Security-000.sbi (*)
2015-12-02 Includes\Security-C.sbi (*)
2014-01-21 Includes\Security.sbi (*)
2014-01-21 Includes\SecurityC.sbi (*)
2015-11-11 Includes\Spyware-000.sbi (*)
2015-05-06 Includes\Spyware-001.sbi (*)
2016-08-10 Includes\Spyware-C.sbi (*)
2014-01-21 Includes\Spyware.sbi (*)
2014-01-21 Includes\SpywareC.sbi (*)
2011-06-07 Includes\Tracks.sbi (*)
2012-11-19 Includes\Tracks.uti (*)
2014-01-15 Includes\Trojans-000.sbi (*)
2014-01-15 Includes\Trojans-001.sbi (*)
2014-11-14 Includes\Trojans-002.sbi (*)
2016-01-20 Includes\Trojans-003.sbi (*)
2014-01-15 Includes\Trojans-004.sbi (*)
2014-03-19 Includes\Trojans-005.sbi (*)
2015-03-31 Includes\Trojans-006.sbi (*)
2014-01-15 Includes\Trojans-007.sbi (*)
2014-07-09 Includes\Trojans-008.sbi (*)
2014-07-09 Includes\Trojans-009.sbi (*)
2016-08-22 Includes\Trojans-C.sbi (*)
2014-01-15 Includes\Trojans-OG-000.sbi (*)
2014-01-15 Includes\Trojans-TD-000.sbi (*)
2014-01-15 Includes\Trojans-VM-000.sbi (*)
2014-01-15 Includes\Trojans-VM-001.sbi (*)
2014-01-15 Includes\Trojans-VM-002.sbi (*)
2014-01-15 Includes\Trojans-VM-003.sbi (*)
2014-01-15 Includes\Trojans-VM-004.sbi (*)
2014-01-15 Includes\Trojans-VM-005.sbi (*)
2014-01-15 Includes\Trojans-VM-006.sbi (*)
2014-01-15 Includes\Trojans-VM-007.sbi (*)
2014-01-15 Includes\Trojans-VM-008.sbi (*)
2014-01-15 Includes\Trojans-VM-009.sbi (*)
2014-01-15 Includes\Trojans-VM-010.sbi (*)
2014-01-15 Includes\Trojans-VM-011.sbi (*)
2014-01-15 Includes\Trojans-VM-012.sbi (*)
2014-01-15 Includes\Trojans-VM-013.sbi (*)
2014-01-15 Includes\Trojans-VM-014.sbi (*)
2014-01-15 Includes\Trojans-VM-015.sbi (*)
2014-01-15 Includes\Trojans-VM-016.sbi (*)
2014-01-15 Includes\Trojans-VM-017.sbi (*)
2014-01-15 Includes\Trojans-VM-018.sbi (*)
2014-01-15 Includes\Trojans-VM-019.sbi (*)
2014-01-15 Includes\Trojans-VM-020.sbi (*)
2014-01-15 Includes\Trojans-VM-021.sbi (*)
2014-01-15 Includes\Trojans-VM-022.sbi (*)
2014-01-15 Includes\Trojans-VM-023.sbi (*)
2014-01-15 Includes\Trojans-VM-024.sbi (*)
2014-01-15 Includes\Trojans-ZB-000.sbi (*)
2016-02-03 Includes\Trojans-ZL-000.sbi (*)
2014-01-09 Includes\Trojans.sbi (*)
2014-01-16 Includes\TrojansC-01.sbi (*)
2014-01-16 Includes\TrojansC-02.sbi (*)
2014-01-16 Includes\TrojansC-03.sbi (*)
2014-01-16 Includes\TrojansC-04.sbi (*)
2014-01-16 Includes\TrojansC-05.sbi (*)
2014-01-09 Includes\TrojansC.sbi (*)

par **Malekal_morte** » 31 août 2016 08:39

Salut,

Je te conseille de désinstaller Spybot, pas super efficace, selon moi. ( Adwares : Antispyware comment ne pas désinfecter son Windows )

1/
Remets/Vérifie que tous les serveurs de noms (DNS) sont automatiques. Suis le paragraphe "manuellement" PUIS vide ensuite le cache DNS et internet. Ces 3 étapes sont importantes et à faire sinon les publicités vont continuer.

2/

Suis le tutoriel FRST. ( prends le temps de lire attentivement - tout y est bien expliqué ).

Télécharge et lance le scan FRST, 3 rapports FRST seront générés :
* FRST.txt
* Shortcut.txt
* Additionnal.txt

Envoie ces 3 rapports sur le site http://pjjoint.malekal.com/ et en retour donne les 3 liens pjjoint qui mènent aux rapports ici dans une nouvelle réponse afin que l'on puisse les consulter.

darkseb · par **darkseb** » 08 oct. 2016 18:04

(1) Serveur DNS à automatique "FAIT" + Vider DNS Cache et Internet Cache "FAIT"

(2) Liens pour rapports:

Addition : http://pjjoint.malekal.com/files.php?id ... 14w14w9l11
FRST : http://pjjoint.malekal.com/files.php?id ... 3c13s10u12
Shortcut: http://pjjoint.malekal.com/files.php?id ... 3x15v912f5

par **Malekal_morte** » 09 oct. 2016 10:52

Voici la correction à effectuer avec FRST. Tu peux t'aider de cette note explicative avec des captures d'écran.

Ouvre le bloc-notes : Touche Windows + R,
Dans le champs "Exécuter", saisir notepad et OK.
Copie/Colle dedans ce qui suit :

Code : Tout sélectionner

CreateRestorePoint:
CloseProcesses:
 2016-10-03 14:24 - 2016-10-03 14:24 - 00000000 ____D C:\Users\Denis\AppData\Local\Tempzxpsign7f0ce7c3438ff9b2 
 2016-10-03 14:24 - 2016-10-03 14:24 - 00000000 ____D C:\Users\Denis\AppData\Local\Tempzxpsign6577aaa7eeab73e2 
 2016-10-03 14:24 - 2016-10-03 14:24 - 00000000 ____D C:\Users\Denis\AppData\Local\Tempzxpsign16deed616268be75 
 2016-09-30 13:13 - 2016-09-30 13:13 - 00000000 ____D C:\ProgramData\6dbd8420-3db3-0 
 2016-09-30 13:08 - 2016-09-30 13:08 - 00003972 _____ C:\WINDOWS\System32\Tasks\{5A666325-EDCD-D48E-B9C5-AE02A7F81EB1} 
 2016-09-30 13:08 - 2016-09-30 13:08 - 00003882 _____ C:\WINDOWS\System32\Tasks\{55BEA471-00F4-1675-2184-BD6DF9696C7C} 
 2016-09-30 13:08 - 2016-09-30 13:08 - 00000000 ____D C:\ProgramData\6dbd8420-0921-0 
 2016-09-30 13:08 - 2016-09-30 13:08 - 00000000 ____D C:\ProgramData\{44F45429-F35F-E382-5DCD-C9F2D64BDF26} 
2016-09-30 13:07 - 2016-09-30 13:07 - 00000000 ____D C:\ProgramData\{11a51726-112c-0} 
 2016-10-07 00:31 - 2016-08-13 10:51 - 00000000 ____D C:\Users\Denis\AppData\Local\4C4C4544-1471085486-3010-8047-B1C04F4E4B31 
2016-09-30 13:09 - 2016-08-20 07:49 - 00000000 ____D C:\ProgramData\{201229ce-412c-0} 
 2016-09-30 13:08 - 2016-08-13 10:48 - 00000000 ____D C:\ProgramData\a9ec175b 
Task: {F41E0783-0B39-41DC-9AA1-4442FAC14BA3} - System32\Tasks\{5A666325-EDCD-D48E-B9C5-AE02A7F81EB1} => C:\ProgramData\{44F45429-F35F-E382-5DCD-C9F2D64BDF26}\F353A35D-44F8-14F6-2A87-04E6D1EFB418.exe [2016-09-30] () <==== ATTENTION
Task: {D590C0E0-7D07-428D-AAAA-E4C8D8EE02F0} - System32\Tasks\{55BEA471-00F4-1675-2184-BD6DF9696C7C} => Regsvr32.exe /s /n /i:"/rt" "C:\PROGRA~3\a9ec175b\e11f7456.dll" <==== ATTENTION
EmptyTemp:
Reboot:

Une fois, le texte collé dans le Bloc-notes,
Menu "Fichier" puis "Enregistrer sous",
A gauche, place toi sur le Bureau,
Dans le champs en bas, nom du fichier mets : fixlist.txt
Clique sur "Enregistrer", cela va créer fixlist.txt sur le Bureau.

Relance FRST et clique sur le bouton "Corriger / Fix"
Un redémarrage sera peut-être nécessaire ( pas obligatoire )
Un fichier texte apparait, copie/colle le contenu ici dans un nouveau message.

Redémarre l'ordinateur.

Vérifie à nouveaux que les DNS soient bien en automatiques.
Refais un scan FRST pour vérifier que tout est correct.

darkseb · par **darkseb** » 29 oct. 2016 18:49

FIXLOG: http://pjjoint.malekal.com/files.php?id ... c9s13w6f11

FRST: id=FRST_20161029_m14n12c10w12y6
Addition: http://pjjoint.malekal.com/files.php?id ... 1d11i10e15
Shortcut: http://pjjoint.malekal.com/files.php?id ... s13i12o512

DNS COUNTERFLIX toujours présent.

merci

darkseb · par **darkseb** » 29 oct. 2016 18:51

FRST: http://pjjoint.malekal.com/files.php?id ... 15i15p5o11

par **Malekal_morte** » 29 oct. 2016 21:07

Ca doit être bon côté fichier malicieux.
Par contre, les DNS ont encore été remis pour des serveurs pourris.
Repasse bien toutes les cartes en automatiques.

Et vois si ça tient.

Malekal.com forum

Windows 10 infecté par DNSUnlocker, Chrome et Edge infestés

Windows 10 infecté par DNSUnlocker, Chrome et Edge infestés

Re: DNSUnlocker - Windows 10 Chrome et Edge

Re: Windows 10 infecté par DNSUnlocker, Chrome et Edge infes

Re: Windows 10 infecté par DNSUnlocker, Chrome et Edge infes

Re: Windows 10 infecté par DNSUnlocker, Chrome et Edge infes

Re: Windows 10 infecté par DNSUnlocker, Chrome et Edge infes

Re: Windows 10 infecté par DNSUnlocker, Chrome et Edge infes