Apres nettoyage adwcleaner
Fermé
spyckerois
Messages postés
2
Date d'inscription
samedi 1 novembre 2014
Statut
Membre
Dernière intervention
1 novembre 2014
-
1 nov. 2014 à 17:07
spyckerois - 4 nov. 2014 à 21:54
spyckerois - 4 nov. 2014 à 21:54
A voir également:
- Apres nettoyage adwcleaner
- Nettoyage pc lent - Guide
- Telecharger adwcleaner - Télécharger - Antivirus & Antimalwares
- Nettoyage mac - Guide
- Nettoyage de disque - Guide
- Logiciel nettoyage pc gratuit - Guide
9 réponses
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 662
1 nov. 2014 à 17:11
1 nov. 2014 à 17:11
Salut,
Si tu as des erreurs proxys - fais ça - Supprime les proxys : https://forum.malekal.com/viewtopic.php?t=47404&start=
Si tu as des erreurs proxys - fais ça - Supprime les proxys : https://forum.malekal.com/viewtopic.php?t=47404&start=
spyckerois
Messages postés
2
Date d'inscription
samedi 1 novembre 2014
Statut
Membre
Dernière intervention
1 novembre 2014
1 nov. 2014 à 17:33
1 nov. 2014 à 17:33
non c des erreurs de connections ssl apres avoir desinstaller omiga plus
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 662
1 nov. 2014 à 18:01
1 nov. 2014 à 18:01
Faire un Scan OTL - Temps : Environ 40min
=====================
OTL permet de diagnostiquer les programmes qui tournent et déceler des infections - Le programme va générer deux rapports OTL.txt et Extras.txt
Fournir les deux rapports :
Tu peux suivre les indications de cette page pour t'aider : https://www.malekal.com/tutorial-otl/
* Télécharge http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/ sur ton bureau.
(Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)
* Lance OTL
* En haut à droite de Analyse rapide, coche "tous les utilisateurs"
* Sur OTL, sous Personnalisation, copie-colle le script ci-dessous :
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%ALLUSERSPROFILE%\Application Data\*.dll /s
%APPDATA%\*.
%PROGRAMFILES%\*.
%PROGRAMDATA%\*.
%APPDATA%\*.exe /s
%temp%\*.exe /s
%SYSTEMDRIVE%\*.exe
%systemroot%\*. /mp /s
%systemroot%\system32\consrv.dll
%systemroot%\system32\*.dll /lockedfiles
%windir%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
/md5start
explorer.exe
winlogon.exe
services.exe
wininit.exe
/md5stop
HKEY_CLASSES_ROOT\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InprocServer32 /s
HKEY_LOCAL_MACHINE\SYSTEM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters /s
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems /s
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls /s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList /s
HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor /s
HKEY_CURRENT_USER\Software\Microsoft\Command Processor /s
CREATERESTOREPOINT
nslookup www.google.fr /c
ping www.google.fr /c
ipconfig /all /c
SAVEMBR:0
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
* Clique sur le bouton Analyse.
**** Si durant le scan - OTL ne répond pas, ne touche à rien et laisse le scan se poursuivre ****
* Quand le scan est fini, utilise le site http://pjjoint.malekal.com/ pour envoyer le rapport OTL.txt (et Extra.txt si présent).
Donne le ou les liens pjjoint qui pointent vers ces rapports ici dans une réponse.
Je répète : donne le lien du rapport pjjoint ici en réponse.
NE PAS COPIER/COLLER LE RAPPORT ICI - DONNER LE LIEN PJJOINT DANS UN NOUVEAU MESSAGE
=====================
OTL permet de diagnostiquer les programmes qui tournent et déceler des infections - Le programme va générer deux rapports OTL.txt et Extras.txt
Fournir les deux rapports :
Tu peux suivre les indications de cette page pour t'aider : https://www.malekal.com/tutorial-otl/
* Télécharge http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/ sur ton bureau.
(Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)
* Lance OTL
* En haut à droite de Analyse rapide, coche "tous les utilisateurs"
* Sur OTL, sous Personnalisation, copie-colle le script ci-dessous :
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%ALLUSERSPROFILE%\Application Data\*.dll /s
%APPDATA%\*.
%PROGRAMFILES%\*.
%PROGRAMDATA%\*.
%APPDATA%\*.exe /s
%temp%\*.exe /s
%SYSTEMDRIVE%\*.exe
%systemroot%\*. /mp /s
%systemroot%\system32\consrv.dll
%systemroot%\system32\*.dll /lockedfiles
%windir%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
/md5start
explorer.exe
winlogon.exe
services.exe
wininit.exe
/md5stop
HKEY_CLASSES_ROOT\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InprocServer32 /s
HKEY_LOCAL_MACHINE\SYSTEM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters /s
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems /s
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls /s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList /s
HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor /s
HKEY_CURRENT_USER\Software\Microsoft\Command Processor /s
CREATERESTOREPOINT
nslookup www.google.fr /c
ping www.google.fr /c
ipconfig /all /c
SAVEMBR:0
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
* Clique sur le bouton Analyse.
**** Si durant le scan - OTL ne répond pas, ne touche à rien et laisse le scan se poursuivre ****
* Quand le scan est fini, utilise le site http://pjjoint.malekal.com/ pour envoyer le rapport OTL.txt (et Extra.txt si présent).
Donne le ou les liens pjjoint qui pointent vers ces rapports ici dans une réponse.
Je répète : donne le lien du rapport pjjoint ici en réponse.
NE PAS COPIER/COLLER LE RAPPORT ICI - DONNER LE LIEN PJJOINT DANS UN NOUVEAU MESSAGE
bonjour
voici les rapports du scan otl merci d avance
http://pjjoint.malekal.com/files.php?id=20141102_w12k14c7q14o6
http://pjjoint.malekal.com/files.php?id=20141102_m6z6n14z5v7
voici les rapports du scan otl merci d avance
http://pjjoint.malekal.com/files.php?id=20141102_w12k14c7q14o6
http://pjjoint.malekal.com/files.php?id=20141102_m6z6n14z5v7
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 662
Modifié par Malekal_morte- le 2/11/2014 à 11:21
Modifié par Malekal_morte- le 2/11/2014 à 11:21
Supprime les proxys : https://forum.malekal.com/viewtopic.php?t=47404&start=
Relance OTL.
o sous Personnalisation (Custom Scan), copie_colle le contenu ci dessous (bien prendre :OTL en début).
Clic Correction (Fix), un rapport apparraitra, copie/colle le contenu ici:
:OTL
SRV - [2014/11/01 17:35:38 | 002,322,296 | ---- | M] (Time Lapse Solutions) [Auto | Running] -- C:\ProgramData\IdYjVd\VBqRXcPMGN.exe -- (VBqRXcPMGN)
SRV - [2014/11/01 08:52:16 | 004,959,744 | ---- | M] () [Auto | Running] -- C:\Windows\rcore.exe -- (rcores)
CHR - Extension: No name found = C:\Users\virginie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpffalghigmkdghibgickgcnkbcaidch\1.26.49_0\
CHR - Extension: No name found = C:\Users\virginie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoidflomjnnnbiemmkjdjkkialmhbago\1.26.19_0\
O2 - BHO: (FlowSurf) - {E3F1CA13-EA0E-4617-8D03-3EAA6A94A7E0} - C:\Program Files (x86)\Flowsurf\flowsurf.dll (FlowSurf Inc.)
O4 - HKLM..\Run: [CrashMon] C:\Program Files (x86)\0ca45c95134d\5596b4e010aa.exe ()
O4 - HKLM..\Run: [Salus] C:\Program Files (x86)\Salus\Salus.exe ()
O4 - HKLM..\Run: [Salus CrashMon] C:\Program Files (x86)\Salus\CrashMon.exe ()
[2014/11/01 18:35:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Flowsurf
[2014/11/01 17:49:32 | 000,000,000 | ---D | C] -- C:\Users\virginie\AppData\Local\ZombieInvasion
[2014/11/01 17:37:27 | 001,498,032 | ---- | C] (Cinema ProV01.11) -- C:\Users\virginie\AppData\Roaming\GJBUOHO.exe
[2014/11/01 17:36:48 | 001,974,704 | ---- | C] (Cinema ProV01.11) -- C:\Users\virginie\AppData\Roaming\LSINTHFZ.exe
[2014/11/01 17:36:32 | 000,000,000 | ---D | C] -- C:\Users\virginie\AppData\Local\globalUpdate
[2014/11/01 17:36:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\globalUpdate
[2014/11/01 17:36:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CinemaPlus Pro 1.3V01.11
[2014/11/01 17:35:38 | 000,000,000 | ---D | C] -- C:\ProgramData\IdYjVd
[2014/11/01 17:35:32 | 000,000,000 | ---D | C] -- C:\ProgramData\ZombieInvasion
[2014/11/01 11:24:04 | 002,043,808 | ---- | C] (browser) -- C:\Users\virginie\AppData\Roaming\XXJQKZF.exe
[2014/11/01 11:22:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Salus
[2014/11/01 11:22:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BrowsersApp_Pro_v1.1
[2014/11/01 11:21:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\0ca45c95134d
[2014/11/01 11:21:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\f552dd4c52e3
[2014/11/02 10:06:03 | 000,001,712 | ---- | M] () -- C:\Windows\tasks\XXJQKZF.job
[2014/11/02 08:45:03 | 000,001,368 | ---- | M] () -- C:\Windows\tasks\GJBUOHO.job
[2014/11/02 05:06:03 | 000,001,714 | ---- | M] () -- C:\Windows\tasks\LSINTHFZ.job
[2014/11/01 11:26:40 | 000,001,360 | ---- | M] () -- C:\Windows\tasks\UHY.job
[2014/11/01 11:26:26 | 001,551,776 | ---- | M] () -- C:\Users\virginie\AppData\Roaming\UHY.exe
[2014/11/01 11:24:04 | 002,043,808 | ---- | M] (browser) -- C:\Users\virginie\AppData\Roaming\XXJQKZF.exe
[2014/11/01 08:52:16 | 004,959,744 | ---- | M] () -- C:\Windows\rcore.exe
[2014/11/01 17:37:29 | 000,001,368 | ---- | C] () -- C:\Windows\tasks\GJBUOHO.job
[2014/11/01 17:36:49 | 000,001,714 | ---- | C] () -- C:\Windows\tasks\LSINTHFZ.job
[2014/11/01 15:35:40 | 000,001,112 | ---- | C] () -- C:\Users\virginie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
[2014/11/01 15:35:40 | 000,001,082 | ---- | C] () -- C:\Users\virginie\Desktop\Search.lnk
[2014/11/01 11:22:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Salus
[2014/09/21 21:48:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Search Extensions
[2014/11/01 15:21:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\snipsmart
* poste le rapport ici
Redémarre l'ordinateur
Like the angel you are, you laugh creating a lightness in my chest,
Your eyes they penetrate me,
(Your answer's always 'maybe')
That's when I got up and left
Relance OTL.
o sous Personnalisation (Custom Scan), copie_colle le contenu ci dessous (bien prendre :OTL en début).
Clic Correction (Fix), un rapport apparraitra, copie/colle le contenu ici:
:OTL
SRV - [2014/11/01 17:35:38 | 002,322,296 | ---- | M] (Time Lapse Solutions) [Auto | Running] -- C:\ProgramData\IdYjVd\VBqRXcPMGN.exe -- (VBqRXcPMGN)
SRV - [2014/11/01 08:52:16 | 004,959,744 | ---- | M] () [Auto | Running] -- C:\Windows\rcore.exe -- (rcores)
CHR - Extension: No name found = C:\Users\virginie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpffalghigmkdghibgickgcnkbcaidch\1.26.49_0\
CHR - Extension: No name found = C:\Users\virginie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoidflomjnnnbiemmkjdjkkialmhbago\1.26.19_0\
O2 - BHO: (FlowSurf) - {E3F1CA13-EA0E-4617-8D03-3EAA6A94A7E0} - C:\Program Files (x86)\Flowsurf\flowsurf.dll (FlowSurf Inc.)
O4 - HKLM..\Run: [CrashMon] C:\Program Files (x86)\0ca45c95134d\5596b4e010aa.exe ()
O4 - HKLM..\Run: [Salus] C:\Program Files (x86)\Salus\Salus.exe ()
O4 - HKLM..\Run: [Salus CrashMon] C:\Program Files (x86)\Salus\CrashMon.exe ()
[2014/11/01 18:35:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Flowsurf
[2014/11/01 17:49:32 | 000,000,000 | ---D | C] -- C:\Users\virginie\AppData\Local\ZombieInvasion
[2014/11/01 17:37:27 | 001,498,032 | ---- | C] (Cinema ProV01.11) -- C:\Users\virginie\AppData\Roaming\GJBUOHO.exe
[2014/11/01 17:36:48 | 001,974,704 | ---- | C] (Cinema ProV01.11) -- C:\Users\virginie\AppData\Roaming\LSINTHFZ.exe
[2014/11/01 17:36:32 | 000,000,000 | ---D | C] -- C:\Users\virginie\AppData\Local\globalUpdate
[2014/11/01 17:36:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\globalUpdate
[2014/11/01 17:36:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CinemaPlus Pro 1.3V01.11
[2014/11/01 17:35:38 | 000,000,000 | ---D | C] -- C:\ProgramData\IdYjVd
[2014/11/01 17:35:32 | 000,000,000 | ---D | C] -- C:\ProgramData\ZombieInvasion
[2014/11/01 11:24:04 | 002,043,808 | ---- | C] (browser) -- C:\Users\virginie\AppData\Roaming\XXJQKZF.exe
[2014/11/01 11:22:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Salus
[2014/11/01 11:22:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BrowsersApp_Pro_v1.1
[2014/11/01 11:21:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\0ca45c95134d
[2014/11/01 11:21:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\f552dd4c52e3
[2014/11/02 10:06:03 | 000,001,712 | ---- | M] () -- C:\Windows\tasks\XXJQKZF.job
[2014/11/02 08:45:03 | 000,001,368 | ---- | M] () -- C:\Windows\tasks\GJBUOHO.job
[2014/11/02 05:06:03 | 000,001,714 | ---- | M] () -- C:\Windows\tasks\LSINTHFZ.job
[2014/11/01 11:26:40 | 000,001,360 | ---- | M] () -- C:\Windows\tasks\UHY.job
[2014/11/01 11:26:26 | 001,551,776 | ---- | M] () -- C:\Users\virginie\AppData\Roaming\UHY.exe
[2014/11/01 11:24:04 | 002,043,808 | ---- | M] (browser) -- C:\Users\virginie\AppData\Roaming\XXJQKZF.exe
[2014/11/01 08:52:16 | 004,959,744 | ---- | M] () -- C:\Windows\rcore.exe
[2014/11/01 17:37:29 | 000,001,368 | ---- | C] () -- C:\Windows\tasks\GJBUOHO.job
[2014/11/01 17:36:49 | 000,001,714 | ---- | C] () -- C:\Windows\tasks\LSINTHFZ.job
[2014/11/01 15:35:40 | 000,001,112 | ---- | C] () -- C:\Users\virginie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
[2014/11/01 15:35:40 | 000,001,082 | ---- | C] () -- C:\Users\virginie\Desktop\Search.lnk
[2014/11/01 11:22:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Salus
[2014/09/21 21:48:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Search Extensions
[2014/11/01 15:21:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\snipsmart
* poste le rapport ici
Redémarre l'ordinateur
Like the angel you are, you laugh creating a lightness in my chest,
Your eyes they penetrate me,
(Your answer's always 'maybe')
That's when I got up and left
Error: Unable to interpret <%ALLUSERSPROFILE%\Application Data\*. > in the current context!
Error: Unable to interpret <%ALLUSERSPROFILE%\Application Data\*.exe /s > in the current context!
Error: Unable to interpret <%ALLUSERSPROFILE%\Application Data\*.dll /s > in the current context!
Error: Unable to interpret <%APPDATA%\*. > in the current context!
Error: Unable to interpret <%PROGRAMFILES%\*. > in the current context!
Error: Unable to interpret <%PROGRAMDATA%\*. > in the current context!
Error: Unable to interpret <%APPDATA%\*.exe /s > in the current context!
Error: Unable to interpret <%temp%\*.exe /s > in the current context!
Error: Unable to interpret <%SYSTEMDRIVE%\*.exe > in the current context!
Error: Unable to interpret <%systemroot%\*. /mp /s > in the current context!
Error: Unable to interpret <%systemroot%\system32\consrv.dll > in the current context!
Error: Unable to interpret <%systemroot%\system32\*.dll /lockedfiles > in the current context!
Error: Unable to interpret <%windir%\Tasks\*.job /lockedfiles > in the current context!
Error: Unable to interpret <%systemroot%\system32\drivers\*.sys /lockedfiles > in the current context!
Error: Unable to interpret <%systemroot%\System32\config\*.sav > in the current context!
Error: Unable to interpret </md5start > in the current context!
Error: Unable to interpret <explorer.exe > in the current context!
Error: Unable to interpret <winlogon.exe > in the current context!
Error: Unable to interpret <services.exe > in the current context!
Error: Unable to interpret <wininit.exe > in the current context!
Error: Unable to interpret </md5stop > in the current context!
Error: Unable to interpret <HKEY_CLASSES_ROOT\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InprocServer32 /s > in the current context!
Error: Unable to interpret <HKEY_LOCAL_MACHINE\SYSTEM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters /s > in the current context!
Error: Unable to interpret <HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems /s > in the current context!
Error: Unable to interpret <HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls /s > in the current context!
Error: Unable to interpret <HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList /s > in the current context!
Error: Unable to interpret <HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor /s > in the current context!
Error: Unable to interpret <HKEY_CURRENT_USER\Software\Microsoft\Command Processor /s > in the current context!
Error: Unable to interpret <nslookup www.google.fr /c > in the current context!
Error: Unable to interpret <ping www.google.fr /c > in the current context!
Error: Unable to interpret <ipconfig /all /c > in the current context!
========== OTL ==========
Error: Unable to stop service VBqRXcPMGN!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\VBqRXcPMGN deleted successfully.
C:\ProgramData\IdYjVd\VBqRXcPMGN.exe moved successfully.
Error: Unable to stop service rcores!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\rcores deleted successfully.
C:\Windows\rcore.exe moved successfully.
C:\Users\virginie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpffalghigmkdghibgickgcnkbcaidch\1.26.49_0\js\lib\popupResource folder moved successfully.
C:\Users\virginie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpffalghigmkdghibgickgcnkbcaidch\1.26.49_0\js\lib folder moved successfully.
C:\Users\virginie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpffalghigmkdghibgickgcnkbcaidch\1.26.49_0\js\api folder moved successfully.
C:\Users\virginie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpffalghigmkdghibgickgcnkbcaidch\1.26.49_0\js folder moved successfully.
C:\Users\virginie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpffalghigmkdghibgickgcnkbcaidch\1.26.49_0\icons\actions folder moved successfully.
C:\Users\virginie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpffalghigmkdghibgickgcnkbcaidch\1.26.49_0\icons folder moved successfully.
C:\Users\virginie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpffalghigmkdghibgickgcnkbcaidch\1.26.49_0\extensionData\userCode folder moved successfully.
C:\Users\virginie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpffalghigmkdghibgickgcnkbcaidch\1.26.49_0\extensionData\plugins folder moved successfully.
C:\Users\virginie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpffalghigmkdghibgickgcnkbcaidch\1.26.49_0\extensionData folder moved successfully.
C:\Users\virginie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpffalghigmkdghibgickgcnkbcaidch\1.26.49_0 folder moved successfully.
C:\Users\virginie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoidflomjnnnbiemmkjdjkkialmhbago\1.26.19_0\js\lib\popupResource folder moved successfully.
C:\Users\virginie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoidflomjnnnbiemmkjdjkkialmhbago\1.26.19_0\js\lib folder moved successfully.
C:\Users\virginie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoidflomjnnnbiemmkjdjkkialmhbago\1.26.19_0\js\api folder moved successfully.
C:\Users\virginie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoidflomjnnnbiemmkjdjkkialmhbago\1.26.19_0\js folder moved successfully.
C:\Users\virginie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoidflomjnnnbiemmkjdjkkialmhbago\1.26.19_0\icons\actions folder moved successfully.
C:\Users\virginie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoidflomjnnnbiemmkjdjkkialmhbago\1.26.19_0\icons folder moved successfully.
C:\Users\virginie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoidflomjnnnbiemmkjdjkkialmhbago\1.26.19_0\extensionData\userCode folder moved successfully.
C:\Users\virginie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoidflomjnnnbiemmkjdjkkialmhbago\1.26.19_0\extensionData\plugins folder moved successfully.
C:\Users\virginie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoidflomjnnnbiemmkjdjkkialmhbago\1.26.19_0\extensionData folder moved successfully.
C:\Users\virginie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoidflomjnnnbiemmkjdjkkialmhbago\1.26.19_0 folder moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E3F1CA13-EA0E-4617-8D03-3EAA6A94A7E0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E3F1CA13-EA0E-4617-8D03-3EAA6A94A7E0}\ deleted successfully.
C:\Program Files (x86)\Flowsurf\flowsurf.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\CrashMon deleted successfully.
C:\Program Files (x86)\0ca45c95134d\5596b4e010aa.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Salus deleted successfully.
C:\Program Files (x86)\Salus\Salus.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Salus CrashMon deleted successfully.
C:\Program Files (x86)\Salus\CrashMon.exe moved successfully.
C:\Program Files (x86)\Flowsurf folder moved successfully.
C:\Users\virginie\AppData\Local\ZombieInvasion folder moved successfully.
C:\Users\virginie\AppData\Roaming\GJBUOHO.exe moved successfully.
C:\Users\virginie\AppData\Roaming\LSINTHFZ.exe moved successfully.
C:\Users\virginie\AppData\Local\globalUpdate\CrashReports folder moved successfully.
C:\Users\virginie\AppData\Local\globalUpdate folder moved successfully.
C:\Program Files (x86)\globalUpdate\Update\Offline\{2F60C333-350F-440F-BE0A-C09CB48EC4B3} folder moved successfully.
C:\Program Files (x86)\globalUpdate\Update\Offline folder moved successfully.
C:\Program Files (x86)\globalUpdate\Update\Install folder moved successfully.
C:\Program Files (x86)\globalUpdate\Update\Download folder moved successfully.
C:\Program Files (x86)\globalUpdate\Update\1.3.25.0 folder moved successfully.
C:\Program Files (x86)\globalUpdate\Update folder moved successfully.
C:\Program Files (x86)\globalUpdate\CrashReports folder moved successfully.
C:\Program Files (x86)\globalUpdate folder moved successfully.
C:\Program Files (x86)\CinemaPlus Pro 1.3V01.11 folder moved successfully.
Folder move failed. C:\ProgramData\IdYjVd\dat scheduled to be moved on reboot.
Folder move failed. C:\ProgramData\IdYjVd scheduled to be moved on reboot.
C:\ProgramData\ZombieInvasion folder moved successfully.
C:\Users\virginie\AppData\Roaming\XXJQKZF.exe moved successfully.
C:\Program Files (x86)\Salus\Salus\SSL folder moved successfully.
C:\Program Files (x86)\Salus\Salus folder moved successfully.
C:\Program Files (x86)\BrowsersApp_Pro_v1.1 folder moved successfully.
C:\Program Files (x86)\0ca45c95134d folder moved successfully.
C:\Program Files (x86)\f552dd4c52e3\nss folder moved successfully.
C:\Program Files (x86)\f552dd4c52e3\CrashReports folder moved successfully.
C:\Program Files (x86)\f552dd4c52e3\b786bdb3c67d\SSL folder moved successfully.
C:\Program Files (x86)\f552dd4c52e3\b786bdb3c67d folder moved successfully.
C:\Program Files (x86)\f552dd4c52e3 folder moved successfully.
C:\Windows\Tasks\XXJQKZF.job moved successfully.
C:\Windows\Tasks\GJBUOHO.job moved successfully.
C:\Windows\Tasks\LSINTHFZ.job moved successfully.
C:\Windows\Tasks\UHY.job moved successfully.
C:\Users\virginie\AppData\Roaming\UHY.exe moved successfully.
File C:\Users\virginie\AppData\Roaming\XXJQKZF.exe not found.
File C:\Windows\rcore.exe not found.
File C:\Windows\tasks\GJBUOHO.job not found.
File C:\Windows\tasks\LSINTHFZ.job not found.
C:\Users\virginie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk moved successfully.
C:\Users\virginie\Desktop\Search.lnk moved successfully.
C:\Program Files (x86)\Salus\nss folder moved successfully.
C:\Program Files (x86)\Salus folder moved successfully.
C:\Program Files (x86)\Search Extensions\Resources folder moved successfully.
C:\Program Files (x86)\Search Extensions folder moved successfully.
C:\Program Files (x86)\snipsmart folder moved successfully.
OTL by OldTimer - Version 3.2.69.0 log created on 11022014_115302
Files\Folders moved on Reboot...
C:\ProgramData\IdYjVd\dat folder moved successfully.
C:\ProgramData\IdYjVd folder moved successfully.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
voici le rapport de correction
je peut de nouveau acceder a internet merci beaucoup pour votre aide
et pour vos reponses rapides encore merci
Error: Unable to interpret <%ALLUSERSPROFILE%\Application Data\*.exe /s > in the current context!
Error: Unable to interpret <%ALLUSERSPROFILE%\Application Data\*.dll /s > in the current context!
Error: Unable to interpret <%APPDATA%\*. > in the current context!
Error: Unable to interpret <%PROGRAMFILES%\*. > in the current context!
Error: Unable to interpret <%PROGRAMDATA%\*. > in the current context!
Error: Unable to interpret <%APPDATA%\*.exe /s > in the current context!
Error: Unable to interpret <%temp%\*.exe /s > in the current context!
Error: Unable to interpret <%SYSTEMDRIVE%\*.exe > in the current context!
Error: Unable to interpret <%systemroot%\*. /mp /s > in the current context!
Error: Unable to interpret <%systemroot%\system32\consrv.dll > in the current context!
Error: Unable to interpret <%systemroot%\system32\*.dll /lockedfiles > in the current context!
Error: Unable to interpret <%windir%\Tasks\*.job /lockedfiles > in the current context!
Error: Unable to interpret <%systemroot%\system32\drivers\*.sys /lockedfiles > in the current context!
Error: Unable to interpret <%systemroot%\System32\config\*.sav > in the current context!
Error: Unable to interpret </md5start > in the current context!
Error: Unable to interpret <explorer.exe > in the current context!
Error: Unable to interpret <winlogon.exe > in the current context!
Error: Unable to interpret <services.exe > in the current context!
Error: Unable to interpret <wininit.exe > in the current context!
Error: Unable to interpret </md5stop > in the current context!
Error: Unable to interpret <HKEY_CLASSES_ROOT\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InprocServer32 /s > in the current context!
Error: Unable to interpret <HKEY_LOCAL_MACHINE\SYSTEM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters /s > in the current context!
Error: Unable to interpret <HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems /s > in the current context!
Error: Unable to interpret <HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls /s > in the current context!
Error: Unable to interpret <HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList /s > in the current context!
Error: Unable to interpret <HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor /s > in the current context!
Error: Unable to interpret <HKEY_CURRENT_USER\Software\Microsoft\Command Processor /s > in the current context!
Error: Unable to interpret <nslookup www.google.fr /c > in the current context!
Error: Unable to interpret <ping www.google.fr /c > in the current context!
Error: Unable to interpret <ipconfig /all /c > in the current context!
========== OTL ==========
Error: Unable to stop service VBqRXcPMGN!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\VBqRXcPMGN deleted successfully.
C:\ProgramData\IdYjVd\VBqRXcPMGN.exe moved successfully.
Error: Unable to stop service rcores!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\rcores deleted successfully.
C:\Windows\rcore.exe moved successfully.
C:\Users\virginie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpffalghigmkdghibgickgcnkbcaidch\1.26.49_0\js\lib\popupResource folder moved successfully.
C:\Users\virginie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpffalghigmkdghibgickgcnkbcaidch\1.26.49_0\js\lib folder moved successfully.
C:\Users\virginie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpffalghigmkdghibgickgcnkbcaidch\1.26.49_0\js\api folder moved successfully.
C:\Users\virginie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpffalghigmkdghibgickgcnkbcaidch\1.26.49_0\js folder moved successfully.
C:\Users\virginie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpffalghigmkdghibgickgcnkbcaidch\1.26.49_0\icons\actions folder moved successfully.
C:\Users\virginie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpffalghigmkdghibgickgcnkbcaidch\1.26.49_0\icons folder moved successfully.
C:\Users\virginie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpffalghigmkdghibgickgcnkbcaidch\1.26.49_0\extensionData\userCode folder moved successfully.
C:\Users\virginie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpffalghigmkdghibgickgcnkbcaidch\1.26.49_0\extensionData\plugins folder moved successfully.
C:\Users\virginie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpffalghigmkdghibgickgcnkbcaidch\1.26.49_0\extensionData folder moved successfully.
C:\Users\virginie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpffalghigmkdghibgickgcnkbcaidch\1.26.49_0 folder moved successfully.
C:\Users\virginie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoidflomjnnnbiemmkjdjkkialmhbago\1.26.19_0\js\lib\popupResource folder moved successfully.
C:\Users\virginie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoidflomjnnnbiemmkjdjkkialmhbago\1.26.19_0\js\lib folder moved successfully.
C:\Users\virginie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoidflomjnnnbiemmkjdjkkialmhbago\1.26.19_0\js\api folder moved successfully.
C:\Users\virginie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoidflomjnnnbiemmkjdjkkialmhbago\1.26.19_0\js folder moved successfully.
C:\Users\virginie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoidflomjnnnbiemmkjdjkkialmhbago\1.26.19_0\icons\actions folder moved successfully.
C:\Users\virginie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoidflomjnnnbiemmkjdjkkialmhbago\1.26.19_0\icons folder moved successfully.
C:\Users\virginie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoidflomjnnnbiemmkjdjkkialmhbago\1.26.19_0\extensionData\userCode folder moved successfully.
C:\Users\virginie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoidflomjnnnbiemmkjdjkkialmhbago\1.26.19_0\extensionData\plugins folder moved successfully.
C:\Users\virginie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoidflomjnnnbiemmkjdjkkialmhbago\1.26.19_0\extensionData folder moved successfully.
C:\Users\virginie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoidflomjnnnbiemmkjdjkkialmhbago\1.26.19_0 folder moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E3F1CA13-EA0E-4617-8D03-3EAA6A94A7E0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E3F1CA13-EA0E-4617-8D03-3EAA6A94A7E0}\ deleted successfully.
C:\Program Files (x86)\Flowsurf\flowsurf.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\CrashMon deleted successfully.
C:\Program Files (x86)\0ca45c95134d\5596b4e010aa.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Salus deleted successfully.
C:\Program Files (x86)\Salus\Salus.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Salus CrashMon deleted successfully.
C:\Program Files (x86)\Salus\CrashMon.exe moved successfully.
C:\Program Files (x86)\Flowsurf folder moved successfully.
C:\Users\virginie\AppData\Local\ZombieInvasion folder moved successfully.
C:\Users\virginie\AppData\Roaming\GJBUOHO.exe moved successfully.
C:\Users\virginie\AppData\Roaming\LSINTHFZ.exe moved successfully.
C:\Users\virginie\AppData\Local\globalUpdate\CrashReports folder moved successfully.
C:\Users\virginie\AppData\Local\globalUpdate folder moved successfully.
C:\Program Files (x86)\globalUpdate\Update\Offline\{2F60C333-350F-440F-BE0A-C09CB48EC4B3} folder moved successfully.
C:\Program Files (x86)\globalUpdate\Update\Offline folder moved successfully.
C:\Program Files (x86)\globalUpdate\Update\Install folder moved successfully.
C:\Program Files (x86)\globalUpdate\Update\Download folder moved successfully.
C:\Program Files (x86)\globalUpdate\Update\1.3.25.0 folder moved successfully.
C:\Program Files (x86)\globalUpdate\Update folder moved successfully.
C:\Program Files (x86)\globalUpdate\CrashReports folder moved successfully.
C:\Program Files (x86)\globalUpdate folder moved successfully.
C:\Program Files (x86)\CinemaPlus Pro 1.3V01.11 folder moved successfully.
Folder move failed. C:\ProgramData\IdYjVd\dat scheduled to be moved on reboot.
Folder move failed. C:\ProgramData\IdYjVd scheduled to be moved on reboot.
C:\ProgramData\ZombieInvasion folder moved successfully.
C:\Users\virginie\AppData\Roaming\XXJQKZF.exe moved successfully.
C:\Program Files (x86)\Salus\Salus\SSL folder moved successfully.
C:\Program Files (x86)\Salus\Salus folder moved successfully.
C:\Program Files (x86)\BrowsersApp_Pro_v1.1 folder moved successfully.
C:\Program Files (x86)\0ca45c95134d folder moved successfully.
C:\Program Files (x86)\f552dd4c52e3\nss folder moved successfully.
C:\Program Files (x86)\f552dd4c52e3\CrashReports folder moved successfully.
C:\Program Files (x86)\f552dd4c52e3\b786bdb3c67d\SSL folder moved successfully.
C:\Program Files (x86)\f552dd4c52e3\b786bdb3c67d folder moved successfully.
C:\Program Files (x86)\f552dd4c52e3 folder moved successfully.
C:\Windows\Tasks\XXJQKZF.job moved successfully.
C:\Windows\Tasks\GJBUOHO.job moved successfully.
C:\Windows\Tasks\LSINTHFZ.job moved successfully.
C:\Windows\Tasks\UHY.job moved successfully.
C:\Users\virginie\AppData\Roaming\UHY.exe moved successfully.
File C:\Users\virginie\AppData\Roaming\XXJQKZF.exe not found.
File C:\Windows\rcore.exe not found.
File C:\Windows\tasks\GJBUOHO.job not found.
File C:\Windows\tasks\LSINTHFZ.job not found.
C:\Users\virginie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk moved successfully.
C:\Users\virginie\Desktop\Search.lnk moved successfully.
C:\Program Files (x86)\Salus\nss folder moved successfully.
C:\Program Files (x86)\Salus folder moved successfully.
C:\Program Files (x86)\Search Extensions\Resources folder moved successfully.
C:\Program Files (x86)\Search Extensions folder moved successfully.
C:\Program Files (x86)\snipsmart folder moved successfully.
OTL by OldTimer - Version 3.2.69.0 log created on 11022014_115302
Files\Folders moved on Reboot...
C:\ProgramData\IdYjVd\dat folder moved successfully.
C:\ProgramData\IdYjVd folder moved successfully.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
voici le rapport de correction
je peut de nouveau acceder a internet merci beaucoup pour votre aide
et pour vos reponses rapides encore merci
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 662
2 nov. 2014 à 13:00
2 nov. 2014 à 13:00
Ca doit commencer à aller mieux :)
Scan Malwarebytes (temps : environ 40min de scan):
==================================================
Télécharge et installe Malwarebyte : https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
Mets le à jour puis lance un examen.
A la fin du scan, clic sur "Mettre tout en quarantaine" en bas à gauche.
Redémarre l'ordinateur si besoin.
Après redémarrage, relance Malwarebytes.
Vas chercher le rapport dans l'onglet Historique.
A gauche Journal des examens.
Doube-clic sur l'examen dans la liste.
Puis en bas Copier dans le presse papier
Vas sur http://pjjoint.malekal.com et en bas, clic droit / coller pour coller le rapport du scan Malwarebytes.
Clic sur envoyer.
Dans un nouveau message ici en réponse, donne le lien pjjoint afin de pouvoir consulter le rapport.
Scan Malwarebytes (temps : environ 40min de scan):
==================================================
Télécharge et installe Malwarebyte : https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
Mets le à jour puis lance un examen.
A la fin du scan, clic sur "Mettre tout en quarantaine" en bas à gauche.
Redémarre l'ordinateur si besoin.
Après redémarrage, relance Malwarebytes.
Vas chercher le rapport dans l'onglet Historique.
A gauche Journal des examens.
Doube-clic sur l'examen dans la liste.
Puis en bas Copier dans le presse papier
Vas sur http://pjjoint.malekal.com et en bas, clic droit / coller pour coller le rapport du scan Malwarebytes.
Clic sur envoyer.
Dans un nouveau message ici en réponse, donne le lien pjjoint afin de pouvoir consulter le rapport.
bonjour voici le rapport
http://pjjoint.malekal.com/files.php?id=20141104_z9d6x9y11o13
http://pjjoint.malekal.com/files.php?id=20141104_z9d6x9y11o13
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 662
4 nov. 2014 à 18:27
4 nov. 2014 à 18:27
ce n'est pas un rapport de scan mais de la protection.