Sujet Précédent Sujet Suivant

Suppression du crossbrowse

Fermé
hananitta8888 Messages postés 1 Date d'inscription jeudi 2 avril 2015 Statut Membre Dernière intervention 2 avril 2015 - 2 avril 2015 à 22:57
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 - 9 avril 2015 à 23:29
Bonjour,

J'ai eu des problèmes de lenteur avec mon pc, j ai trouvé plusieurs logiciels de pub et autres installés , j ai desinstallé plusieurs logiciels, le crossbrowse ne voulait pas se désinstaller , du coup jai installé adwcleaner et FRST
vous trouverez ci dessous le rapport ADWcleaner ainsi que les trois liens.
Dite moi svp quelle est la marche à suivre et que dois je faire pour que mon pc soit rapide

merci

Voici le rapport ADWcleaner:
# AdwCleaner v4.200 - Logfile created 02/04/2015 at 21:39:26
# Updated 29/03/2015 by Xplode
# Database : 2015-03-29.1 [Local]
# Operating system : Microsoft Windows XP Service Pack 2 (x86)
# Username : cecily - WLAN_83
# Running from : C:\Documents and Settings\cecily\My Documents\Téléchargements\adwcleaner_4.200.exe
# Option : Cleaning
          • [ Services ] *****


[#] Service Deleted : globalUpdate
[#] Service Deleted : globalUpdatem
[#] Service Deleted : IHProtect Service
[#] Service Deleted : Orbiter
[#] Service Deleted : serversu
[#] Service Deleted : servervo
[#] Service Deleted : WindowsMangerProtect
[#] Service Deleted : YahooAUService
[#] Service Deleted : {6a0e715f-5cd3-4402-8a39-80497da09315}Gt
[#] Service Deleted : {6a0e715f-5cd3-4402-8a39-80497da09315}t
[#] Service Deleted : {dc19896d-a3e2-417d-be46-d18ebc99e240}Gt
[#] Service Deleted : qrnfd_1_10_0_12
          • [ Files / Folders ] *****


Folder Deleted : C:\Documents and Settings\All Users\Application Data\baidu
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Browser
Folder Deleted : C:\Documents and Settings\All Users\Application Data\WindowsMangerProtect
Folder Deleted : C:\Documents and Settings\All Users\Application Data\getthediscount
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
Folder Deleted : C:\Documents and Settings\All Users\Application Data\IHProtectUpDate
Folder Deleted : C:\Documents and Settings\All Users\Application Data\5f628632000006e5
Folder Deleted : C:\Documents and Settings\All Users\Application Data\78b94c3a7854401f
Folder Deleted : C:\Documents and Settings\All Users\Application Data\fb376aba000067bf
Folder Deleted : C:\Documents and Settings\All Users\Start Menu\Programs\GAMESDESKTOP
Folder Deleted : C:\Documents and Settings\All Users\Start Menu\Programs\Crossbrowse
Folder Deleted : C:\Program Files\globalUpdate
Folder Deleted : C:\Program Files\predm
Folder Deleted : C:\Program Files\ORBTR
Folder Deleted : C:\Program Files\XTab
Folder Deleted : C:\Program Files\GU Player
Folder Deleted : C:\Program Files\igs
Folder Deleted : C:\Program Files\Crossbrowse
Folder Deleted : C:\Program Files\eaasyToshhop
Folder Deleted : C:\Program Files\wweBseaaver
Folder Deleted : C:\Program Files\HQ-VidPro-2.5V10.01
Folder Deleted : C:\Program Files\gmsd_fr_373
Folder Deleted : C:\DOCUME~1\cecily\LOCALS~1\Temp\CommonShare
Folder Deleted : C:\Documents and Settings\cecily\Local Settings\Application Data\Boxore
Folder Deleted : C:\Documents and Settings\cecily\Local Settings\Application Data\globalUpdate
Folder Deleted : C:\Documents and Settings\cecily\Local Settings\Application Data\SmartWeb
Folder Deleted : C:\Documents and Settings\cecily\Local Settings\Application Data\Vosteran
Folder Deleted : C:\Documents and Settings\cecily\Local Settings\Application Data\CleanerPro
Folder Deleted : C:\Documents and Settings\cecily\Local Settings\Application Data\Crossbrowse
Folder Deleted : C:\Documents and Settings\cecily\Local Settings\Application Data\gmsd_fr_373
Folder Deleted : C:\Documents and Settings\cecily\Application Data\AnyProtectEx
Folder Deleted : C:\Documents and Settings\cecily\Application Data\baidu
Folder Deleted : C:\Documents and Settings\cecily\Application Data\HPAppData
Folder Deleted : C:\Documents and Settings\cecily\Application Data\Nosibay
Folder Deleted : C:\Documents and Settings\cecily\Application Data\SoftwareUpdater
Folder Deleted : C:\Documents and Settings\cecily\Application Data\Store
Folder Deleted : C:\Documents and Settings\cecily\Application Data\Systweak
Folder Deleted : C:\Documents and Settings\cecily\Application Data\VOPackage
Folder Deleted : C:\Documents and Settings\cecily\Application Data\mystartsearch
Folder Deleted : C:\Documents and Settings\cecily\Application Data\WTools
Folder Deleted : C:\Documents and Settings\cecily\Start Menu\Programs\VOPackage
Folder Deleted : C:\Documents and Settings\cecily\My Documents\Optimizer Pro
Folder Deleted : C:\Documents and Settings\cecily\My Documents\CleanerPro
Folder Deleted : C:\Documents and Settings\cecily\Application Data\Mozilla\Firefox\Profiles\7fuzhph5.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
Folder Deleted : C:\Documents and Settings\cecily\Application Data\Mozilla\Firefox\Profiles\7fuzhph5.default\Extensions\faststartff@gmail.com
Folder Deleted : C:\Documents and Settings\cecily\Application Data\Mozilla\Firefox\Profiles\7fuzhph5.default\Extensions\fftoolbar2014@etech.com
Folder Deleted : C:\Documents and Settings\cecily\Application Data\Mozilla\Firefox\Profiles\7fuzhph5.default\Extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com
Folder Deleted : C:\Documents and Settings\cecily\Application Data\Mozilla\Firefox\Profiles\7fuzhph5.default\Extensions\qhs7wz@gmail.com
[!] Folder Deleted : C:\Documents and Settings\cecily\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\obciceimmggglbmelaidpjlmodcebijb
File Deleted : C:\END
File Deleted : C:\Documents and Settings\All Users\Desktop\crossbrowse.lnk
File Deleted : C:\WINDOWS\system32\roboot.exe
File Deleted : C:\WINDOWS\system32\VCL.dll
File Deleted : C:\WINDOWS\system32\drivers\{6a0e715f-5cd3-4402-8a39-80497da09315}Gt.sys
File Deleted : C:\WINDOWS\system32\drivers\{6a0e715f-5cd3-4402-8a39-80497da09315}t.sys
File Deleted : C:\WINDOWS\system32\drivers\{dc19896d-a3e2-417d-be46-d18ebc99e240}Gt.sys
File Deleted : C:\WINDOWS\system32\drivers\qrnfd_1_10_0_12.sys
File Deleted : C:\DOCUME~1\cecily\LOCALS~1\Temp\Uninstall.exe
File Deleted : C:\Documents and Settings\cecily\Application Data\Bubble Dock.boostrap.log
File Deleted : C:\Documents and Settings\cecily\Application Data\Bubble Dock.installation.log
File Deleted : C:\Documents and Settings\cecily\Application Data\Selection Tools.installation.log
File Deleted : C:\Documents and Settings\cecily\Application Data\WindApp.boostrap.log
File Deleted : C:\Documents and Settings\cecily\Application Data\WindApp.installation.log
File Deleted : C:\Documents and Settings\cecily\Application Data\Microsoft\Internet Explorer\Quick Launch\crossbrowse.lnk
File Deleted : C:\Documents and Settings\cecily\Start Menu\Programs\Startup\crossbrowse.lnk
File Deleted : C:\Documents and Settings\cecily\Application Data\Mozilla\Firefox\Profiles\7fuzhph5.default\searchplugins\mystartsearch.xml
File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\mystartsearch.xml
File Deleted : C:\Documents and Settings\cecily\Application Data\Mozilla\Firefox\Profiles\7fuzhph5.default\searchplugins\Vosteran.xml
          • [ Scheduled tasks ] *****


Task Deleted : APSnotifierPP1
Task Deleted : APSnotifierPP2
Task Deleted : APSnotifierPP3
Task Deleted : Crossbrowse
Task Deleted : globalUpdateUpdateTaskMachineCore
Task Deleted : globalUpdateUpdateTaskMachineUA
Task Deleted : b8cd6370-8a01-4c9e-b0b5-9fec33f2725f-1
Task Deleted : b8cd6370-8a01-4c9e-b0b5-9fec33f2725f-2
Task Deleted : b8cd6370-8a01-4c9e-b0b5-9fec33f2725f-4
Task Deleted : b8cd6370-8a01-4c9e-b0b5-9fec33f2725f-5
          • [ Shortcuts ] *****


Shortcut Disinfected : C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
Shortcut Disinfected : C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
Shortcut Disinfected : C:\Documents and Settings\cecily\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Documents and Settings\cecily\Start Menu\Programs\GeoGebra 4\GeoGebra Forum.lnk
Shortcut Disinfected : C:\Documents and Settings\cecily\Start Menu\Programs\GeoGebra 4\GeoGebra Wiki.lnk
Shortcut Disinfected : C:\Documents and Settings\cecily\Start Menu\Programs\GeoGebra 4\GeoGebraTube.lnk
Shortcut Disinfected : C:\Documents and Settings\cecily\Start Menu\Programs\GeoGebra 4\www.geogebra.org.lnk
          • [ Registry ] *****


Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [faststartff@gmail.com]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [fftoolbar2014@etech.com]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [WindApp]
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Key Deleted : HKCU\Software\Mozilla\Extends
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Selection Tools]
Key Deleted : HKLM\SOFTWARE\Classes\P0f9457be_d2a8_4717_82c7_64542b1f0f64_.P0f9457be_d2a8_4717_82c7_64542b1f0f64_
Key Deleted : HKLM\SOFTWARE\Classes\P0f9457be_d2a8_4717_82c7_64542b1f0f64_.P0f9457be_d2a8_4717_82c7_64542b1f0f64_.9
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [gmsd_fr_373]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [upgmsd_fr_373.exe]
Key Deleted : HKLM\SOFTWARE\5043d173-f83e-5631-990b-ab7dc16b3df6
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0f9457be-d2a8-4717-82c7-64542b1f0f64}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611901161}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622902261}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655905561}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666906661}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FCE74B5F-13A9-47C3-B69E-5210C1EECBEF}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644904461}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0f9457be-d2a8-4717-82c7-64542b1f0f64}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611901161}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EFA7A511-B491-4312-BB35-4586B99E45ED}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B0022D3C-CA81-4A57-BA00-31650A761234}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0f9457be-d2a8-4717-82c7-64542b1f0f64}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110611901161}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{0f9457be-d2a8-4717-82c7-64542b1f0f64}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110611901161}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77}
Key Deleted : HKCU\Software\AnyProtect
Key Deleted : HKCU\Software\Boxore
Key Deleted : HKCU\Software\Crossrider
Key Deleted : HKCU\Software\DynConIE
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\Nosibay
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\Store
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\Tutorials
Key Deleted : HKCU\Software\TutoTag
Key Deleted : HKCU\Software\Vosteran Browser
Key Deleted : HKCU\Software\GAMESDESKTOP
Key Deleted : HKCU\Software\Baidu
Key Deleted : HKCU\Software\WTools
Key Deleted : HKCU\Software\CrossBrowser
Key Deleted : HKCU\Software\Crossbrowse
Key Deleted : HKCU\Software\HQ-VidPro-2.5V10.01
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Key Deleted : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\SOFTWARE\Boxore
Key Deleted : HKLM\SOFTWARE\Crossrider
Key Deleted : HKLM\SOFTWARE\Description
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\SupDp
Key Deleted : HKLM\SOFTWARE\SupTab
Key Deleted : HKLM\SOFTWARE\supWindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\systweak
Key Deleted : HKLM\SOFTWARE\Tutorials
Key Deleted : HKLM\SOFTWARE\mystartsearchSoftware
Key Deleted : HKLM\SOFTWARE\ORBTR
Key Deleted : HKLM\SOFTWARE\GAMESDESKTOP
Key Deleted : HKLM\SOFTWARE\Baidu
Key Deleted : HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Key Deleted : HKLM\SOFTWARE\IHProtect
Key Deleted : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
Key Deleted : HKLM\SOFTWARE\IGS
Key Deleted : HKLM\SOFTWARE\Crossbrowse
Key Deleted : HKLM\SOFTWARE\HQ-VidPro-2.5V10.01
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdater
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mystartsearch uninstall
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{532970A2-464B-73CB-BBC4-F209EAD3EEBE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Companion
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\igsc
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IGS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ASPackage
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Crossbrowse
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HQ-VidPro-2.5V10.01
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\gmsd_fr_373_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SoftwareUpdater
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\VOPackage
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{532970A2-464B-73CB-BBC4-F209EAD3EEBE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Yahoo! Companion
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{BC95F9C5-A038-45EE-A739-96B8A6D79F7D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\igsc
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\IGS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Crossbrowse
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\HQ-VidPro-2.5V10.01
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\gmsd_fr_373_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SoftwareUpdate.exe
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>
          • [ Web browsers ] *****


-\\ Internet Explorer v6.0.2900.2180

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [CustomizeSearch]

-\\ Mozilla Firefox v34.0.5 (x86 fr)

[7fuzhph5.default\prefs.js] - Line Deleted : user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");
[7fuzhph5.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename", "mystartsearch");
[7fuzhph5.default\prefs.js] - Line Deleted : user_pref("browser.search.searchengine.alias", "mystartsearch");
[7fuzhph5.default\prefs.js] - Line Deleted : user_pref("browser.search.searchengine.iconURL", "hxxp://www.mystartsearch.com/favicon.ico");
[7fuzhph5.default\prefs.js] - Line Deleted : user_pref("browser.search.searchengine.name", "mystartsearch");
[7fuzhph5.default\prefs.js] - Line Deleted : user_pref("browser.search.searchengine.url", "hxxp://www.mystartsearch.com/web/?type=ds&ts=1420917898&from=ima&uid=WDCXWD3000JS-98PDB0_WD-WCAPD236291862918&q={searchTerms}");
[7fuzhph5.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "mystartsearch");
[7fuzhph5.default\prefs.js] - Line Deleted : user_pref("extensions.ac6d10446ffd84587ac59c8230189815dffea895e418f9d9fd8cfcom69061.69061.internaldb.__ICM_LITE__blacklist_domain.value", "%7B%22SLIDERS%22%3A%5B%226pm.com%22%2C%22amazon.co.uk%22%2C%2[...]
[7fuzhph5.default\prefs.js] - Line Deleted : user_pref("extensions.ac6d10446ffd84587ac59c8230189815dffea895e418f9d9fd8cfcom69061.69061.internaldb.__ICM_LITE__fifty_test_rules.value", "%7B%22DE%22%3A%7B%22ALL%22%3A%5B%22anastasiadate.com%22%2C%22[...]
[7fuzhph5.default\prefs.js] - Line Deleted : user_pref("extensions.ac6d10446ffd84587ac59c8230189815dffea895e418f9d9fd8cfcom69061.69061.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%22%[...]
[7fuzhph5.default\prefs.js] - Line Deleted : user_pref("extensions.crossrider.bic", "14ad5509c32ffdbfc6dfca7b49c9ffe5");
[7fuzhph5.default\prefs.js] - Line Deleted : user_pref("extensions.quick_start.enable_search1", false);
[7fuzhph5.default\prefs.js] - Line Deleted : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);
[7fuzhph5.default\prefs.js] - Line Deleted : user_pref("extensions.srchvstrn.hmpgUrl", "hxxp://Vosteran.com/?f=1&a=vst_tele_15_02_ff&cd=2XzuyEtN2Y1L1QzutDtDtCyC0C0FyEtB0Fzy0DyEzz0E0FtDtN0D0Tzu0StCtCtDyDtN1L2XzutAtFyCtFtCyCtFyCtN1L1CzutCyEtBzytDy[...]
[7fuzhph5.default\prefs.js] - Line Deleted : user_pref("extensions.srchvstrn.newTabUrl", "hxxp://Vosteran.com/?f=2&a=vst_tele_15_02_ff&cd=2XzuyEtN2Y1L1QzutDtDtCyC0C0FyEtB0Fzy0DyEzz0E0FtDtN0D0Tzu0StCtCtDyDtN1L2XzutAtFyCtFtCyCtFyCtN1L1CzutCyEtBzyt[...]
[7fuzhph5.default\prefs.js] - Line Deleted : user_pref("extensions.srchvstrn.tlbrSrchUrl", "hxxp://Vosteran.com/?f=3&a=vst_tele_15_02_ff&cd=2XzuyEtN2Y1L1QzutDtDtCyC0C0FyEtB0Fzy0DyEzz0E0FtDtN0D0Tzu0StCtCtDyDtN1L2XzutAtFyCtFtCyCtFyCtN1L1CzutCyEtBz[...]

-\\ Google Chrome v

[C:\Documents and Settings\cecily\Local Settings\Application Data\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://es.ask.com/web?q={searchTerms}
[C:\Documents and Settings\cecily\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences] - Deleted [Extension] : obciceimmggglbmelaidpjlmodcebijb


AdwCleaner[R0].txt - [27503 bytes] - [02/04/2015 21:35:25]
AdwCleaner[S0].txt - [26288 bytes] - [02/04/2015 21:39:26]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [26348 bytes] ##########




sinon j ai lancé FRST voici les trois liens:


FRST: https://pjjoint.malekal.com/files.php?id=20150402_j10d15w12h5d7
Addition: https://pjjoint.malekal.com/files.php?id=20150402_x6k8s6p811
Shortcut: https://pjjoint.malekal.com/files.php?id=20150402_r6e15s6h9r10

Merci de m'indiquer la marche à suivre

merci
A voir également:

7 réponses

Réponse 1 / 7
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 658
Modifié par Malekal_morte- le 2/04/2015 à 23:00
Salut,


Voici la correction à effectuer avec FRST.
Tu peux t'inspirer de cette note explicative avec des captures d'écran pour t'aider: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/#fix

Ouvre le bloc-notes : Touche Windows + R, dans le champs executer, tape notepad et OK.
Copie/colle dedans ce qui suit :

R2 qrsvc_1.10.0.12; C:\Program Files\QuickRef_1.10.0.12\Service\qrsvc.exe [278592 2015-03-26] (Quick Ref)
R2 qynovuzu; C:\Documents and Settings\cecily\Local Settings\Application Data\60B12194-1427831698-DB11-813C-0013A94C7A9D\insvA2.tmp [155136 2015-03-31] () [File not signed]
2015-04-03 15:49 - 2015-04-03 15:49 - 01224704 _____ () C:\Documents and Settings\cecily\Application Data\MP0Mr7SMz3JobQ.exe
2015-04-02 21:02 - 2015-04-02 21:02 - 00613255 _____ (CMI Limited) C:\Documents and Settings\cecily\Local Settings\Application Data\nsb117.tmp
2015-04-02 20:58 - 2015-04-02 20:58 - 00000000 ____D () C:\Program Files\QuickRef_1.10.0.12
2015-04-02 20:09 - 2015-04-02 20:09 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\LizardSales
2015-04-02 20:04 - 2015-04-02 20:05 - 00001785 _____ () C:\Documents and Settings\cecily\${LOGFILE}
2015-04-02 20:03 - 2015-04-02 21:45 - 00001040 _____ () C:\WINDOWS\Tasks\MP0Mr7SMz3JobQ.job
2015-04-02 20:03 - 2015-04-02 21:45 - 00000786 _____ () C:\WINDOWS\Tasks\shopping_blast_updating_service.job
2015-04-02 20:03 - 2015-04-02 21:43 - 00001424 _____ () C:\WINDOWS\Tasks\shopping_blast_notification_service.job
2015-04-02 20:03 - 2015-04-02 20:03 - 00000000 ____D () C:\Documents and Settings\cecily\Local Settings\Application Data\shopping blast
2015-04-02 19:39 - 2015-04-02 19:39 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\8699067969253425183
2015-04-01 21:00 - 2015-04-01 21:00 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\NetEngine
2015-04-01 20:46 - 2015-04-01 20:46 - 00613255 _____ (CMI Limited) C:\Documents and Settings\cecily\Local Settings\Application Data\nsj127.tmp
2015-04-01 20:45 - 2015-04-02 19:33 - 00000000 _____ () C:\WINDOWS\system32\TempWmicBatchFile.bat
2015-04-01 20:41 - 2015-04-01 20:41 - 00000000 ____D () C:\Documents and Settings\Default User\Local Settings\Application Data\Crossbrowse
2015-04-01 20:37 - 2015-04-01 20:37 - 00000000 ____D () C:\Documents and Settings\Default User\Local Settings\Application Data\Boxore
2015-04-01 20:13 - 2015-04-02 21:43 - 00000004 _____ () C:\WINDOWS\system32\029B560A371F4E00AB32838EBC01B9E7
2015-03-31 19:55 - 2015-04-02 21:45 - 00001374 _____ () C:\WINDOWS\Tasks\EUAQ.job
2015-03-31 19:55 - 2015-04-02 21:45 - 00001372 _____ () C:\WINDOWS\Tasks\WKA.job
2015-03-31 19:55 - 2015-03-31 19:57 - 01782272 _____ (Cinema PlusV31.03) C:\Documents and Settings\cecily\Application Data\EUAQ.exe
2015-03-31 19:55 - 2015-03-31 19:57 - 01382912 _____ (Cinema PlusV31.03) C:\Documents and Settings\cecily\Application Data\WKA.exe
2015-03-31 19:54 - 2015-03-31 19:55 - 00000000 ____D () C:\Documents and Settings\cecily\Local Settings\Application Data\60B12194-1427831698-DB11-813C-0013A94C7A9D
2015-03-31 10:14 - 2015-03-31 10:14 - 00004387 _____ () C:\Documents and Settings\cecily\Application Data\MP0Mr7SMz3JobQ
2015-03-26 21:14 - 2015-03-26 21:14 - 00005542 _____ () C:\Documents and Settings\cecily\Application Data\EUAQ
2015-03-26 21:14 - 2015-03-26 21:14 - 00004185 _____ () C:\Documents and Settings\cecily\Application Data\WKA
2015-04-01 21:32 - 2013-12-12 19:36 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1

Une fois, le texte coller dans le bloc-note.
Menu Fichier puis Enregistrer sous.
A gauche, place toi sur le bureau.
Dans le champs en bas, nom du fichier mets : fixlist.txt
Clic sur Enregistrer - cela va créer un fichier fixlist.txt sur le bureau.

Relance FRST et clic sur le bouton Fix
Selon comment un redémarrage est nécessaire (pas obligatoire).
Un fichier texte apparaît, copie/colle le contenu ici dans un nouveau message.

Redémarre l'ordinateur


puis réinitialise tes navigateurs:
==================================
Réinitialise tes navigateurs et ou manuellement reparamètre tes navigateurs WEB (page de démarrage, moteur de recherche etc) mais aussi supprimer/désactiver les extensions inutiles/parasites :



Like the angel you are, you laugh creating a lightness in my chest,
Your eyes they penetrate me,
(Your answer's always 'maybe')
That's when I got up and left
0
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 658
2 avril 2015 à 23:00
Faudra penser à installer un antivirus, style Avast!
0
Réponse 2 / 7
hananitta8888
3 avril 2015 à 19:03
Bonjour,

J'ai copié le texte, j'ai lancé FRST voici le résultat des logs:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 11-03-2015
Ran by cecily at 2015-04-03 18:54:32 Run:1
Running from C:\Documents and Settings\cecily\My Documents\Téléchargements
Loaded Profiles: cecily (Available profiles: cecily & Administrator)
Boot Mode: Normal

==============================================

Content of fixlist:

R2 qrsvc_1.10.0.12; C:\Program Files\QuickRef_1.10.0.12\Service\qrsvc.exe [278592 2015-03-26] (Quick Ref)

R2 qynovuzu; C:\Documents and Settings\cecily\Local Settings\Application Data\60B12194-1427831698-DB11-813C-0013A94C7A9D\insvA2.tmp [155136 2015-03-31] () [File not signed]

2015-04-03 15:49 - 2015-04-03 15:49 - 01224704 _____ () C:\Documents and Settings\cecily\Application Data\MP0Mr7SMz3JobQ.exe

2015-04-02 21:02 - 2015-04-02 21:02 - 00613255 _____ (CMI Limited) C:\Documents and Settings\cecily\Local Settings\Application Data\nsb117.tmp

2015-04-02 20:58 - 2015-04-02 20:58 - 00000000 ____D () C:\Program Files\QuickRef_1.10.0.12

2015-04-02 20:09 - 2015-04-02 20:09 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\LizardSales

2015-04-02 20:04 - 2015-04-02 20:05 - 00001785 _____ () C:\Documents and Settings\cecily\${LOGFILE}

2015-04-02 20:03 - 2015-04-02 21:45 - 00001040 _____ () C:\WINDOWS\Tasks\MP0Mr7SMz3JobQ.job

2015-04-02 20:03 - 2015-04-02 21:45 - 00000786 _____ () C:\WINDOWS\Tasks\shopping_blast_updating_service.job

2015-04-02 20:03 - 2015-04-02 21:43 - 00001424 _____ () C:\WINDOWS\Tasks\shopping_blast_notification_service.job

2015-04-02 20:03 - 2015-04-02 20:03 - 00000000 ____D () C:\Documents and Settings\cecily\Local Settings\Application Data\shopping blast

2015-04-02 19:39 - 2015-04-02 19:39 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\8699067969253425183

2015-04-01 21:00 - 2015-04-01 21:00 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\NetEngine

2015-04-01 20:46 - 2015-04-01 20:46 - 00613255 _____ (CMI Limited) C:\Documents and Settings\cecily\Local Settings\Application Data\nsj127.tmp

2015-04-01 20:45 - 2015-04-02 19:33 - 00000000 _____ () C:\WINDOWS\system32\TempWmicBatchFile.bat

2015-04-01 20:41 - 2015-04-01 20:41 - 00000000 ____D () C:\Documents and Settings\Default User\Local Settings\Application Data\Crossbrowse

2015-04-01 20:37 - 2015-04-01 20:37 - 00000000 ____D () C:\Documents and Settings\Default User\Local Settings\Application Data\Boxore

2015-04-01 20:13 - 2015-04-02 21:43 - 00000004 _____ () C:\WINDOWS\system32\029B560A371F4E00AB32838EBC01B9E7

2015-03-31 20:30 - 2015-03-31 20:30 - 00000038 _____ () C:\Documents and Settings\cecily\Application Data\WB.CFG

2015-03-31 19:56 - 2015-03-31 19:56 - 00008520 _____ () C:\WINDOWS\system32\VCLOff.ini

2015-03-31 19:56 - 2015-03-31 19:56 - 00000000 ____D () C:\Documents and Settings\LocalService\Application Data\VCL

2015-03-31 19:55 - 2015-04-02 21:45 - 00001374 _____ () C:\WINDOWS\Tasks\EUAQ.job

2015-03-31 19:55 - 2015-04-02 21:45 - 00001372 _____ () C:\WINDOWS\Tasks\WKA.job

2015-03-31 19:55 - 2015-03-31 19:57 - 01782272 _____ (Cinema PlusV31.03) C:\Documents and Settings\cecily\Application Data\EUAQ.exe

2015-03-31 19:55 - 2015-03-31 19:57 - 01382912 _____ (Cinema PlusV31.03) C:\Documents and Settings\cecily\Application Data\WKA.exe

2015-03-31 19:54 - 2015-03-31 19:55 - 00000000 ____D () C:\Documents and Settings\cecily\Local Settings\Application Data\60B12194-1427831698-DB11-813C-0013A94C7A9D

2015-03-31 10:14 - 2015-03-31 10:14 - 00004387 _____ () C:\Documents and Settings\cecily\Application Data\MP0Mr7SMz3JobQ

2015-03-26 21:14 - 2015-03-26 21:14 - 00005542 _____ () C:\Documents and Settings\cecily\Application Data\EUAQ

2015-03-26 21:14 - 2015-03-26 21:14 - 00004185 _____ () C:\Documents and Settings\cecily\Application Data\WKA

2015-04-01 21:32 - 2013-12-12 19:36 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1


qrsvc_1.10.0.12 => Service stopped successfully.
qrsvc_1.10.0.12 => Service deleted successfully.
qynovuzu => Service stopped successfully.
qynovuzu => Service deleted successfully.
C:\Documents and Settings\cecily\Application Data\MP0Mr7SMz3JobQ.exe => Moved successfully.
C:\Documents and Settings\cecily\Local Settings\Application Data\nsb117.tmp => Moved successfully.
C:\Program Files\QuickRef_1.10.0.12 => Moved successfully.
C:\Documents and Settings\All Users\Application Data\LizardSales => Moved successfully.
C:\Documents and Settings\cecily\${LOGFILE} => Moved successfully.
C:\WINDOWS\Tasks\MP0Mr7SMz3JobQ.job => Moved successfully.
C:\WINDOWS\Tasks\shopping_blast_updating_service.job => Moved successfully.
C:\WINDOWS\Tasks\shopping_blast_notification_service.job => Moved successfully.
C:\Documents and Settings\cecily\Local Settings\Application Data\shopping blast => Moved successfully.
C:\Documents and Settings\All Users\Application Data\8699067969253425183 => Moved successfully.
C:\Documents and Settings\All Users\Application Data\NetEngine => Moved successfully.
C:\Documents and Settings\cecily\Local Settings\Application Data\nsj127.tmp => Moved successfully.
C:\WINDOWS\system32\TempWmicBatchFile.bat => Moved successfully.
C:\Documents and Settings\Default User\Local Settings\Application Data\Crossbrowse => Moved successfully.
C:\Documents and Settings\Default User\Local Settings\Application Data\Boxore => Moved successfully.
C:\WINDOWS\system32\029B560A371F4E00AB32838EBC01B9E7 => Moved successfully.
C:\Documents and Settings\cecily\Application Data\WB.CFG => Moved successfully.
C:\WINDOWS\system32\VCLOff.ini => Moved successfully.
C:\Documents and Settings\LocalService\Application Data\VCL => Moved successfully.
C:\WINDOWS\Tasks\EUAQ.job => Moved successfully.
C:\WINDOWS\Tasks\WKA.job => Moved successfully.
C:\Documents and Settings\cecily\Application Data\EUAQ.exe => Moved successfully.
C:\Documents and Settings\cecily\Application Data\WKA.exe => Moved successfully.
C:\Documents and Settings\cecily\Local Settings\Application Data\60B12194-1427831698-DB11-813C-0013A94C7A9D => Moved successfully.
C:\Documents and Settings\cecily\Application Data\MP0Mr7SMz3JobQ => Moved successfully.
C:\Documents and Settings\cecily\Application Data\EUAQ => Moved successfully.
C:\Documents and Settings\cecily\Application Data\WKA => Moved successfully.
C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1 => Moved successfully.

End of Fixlog 18:54:45

je vais redémarrer mon pc et réinitialiser les navigateurs.

Que dois je fare d'autre SVP?
Je souhaterai installer un antivirus gratut, lequel vous me conseillez SVP?

Merci
0
Réponse 3 / 7
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 658
3 avril 2015 à 19:47
Réinitialise les navigateurs WEB.

Installe Avast et active les détections LPis : https://www.malekal.com/tutoriel-antivirus-avast/
0
Réponse 4 / 7
Hananitta8888
4 avril 2015 à 10:20
Bonjour

J ai installé avast qui a ait un scan puis m a demandé de redémarrer ma machine
Après le redémarrage , ma machine n'arrête pas de se relancer toute seule, sans atteindre la page du bureau...
Que dois je faire SVP ?
0
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 658
Modifié par Malekal_morte- le 4/04/2015 à 11:07
Super.
Tu peux redémarrer en mode sans échec ?

C'est fou tous ces XP qui tombent comme des mouches.
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 7
Hananitta8888
4 avril 2015 à 12:53
Oui j arrive a redémarrer en mode sans échec
Pourriez vous m indiquer la marche a suivre SVP

Merci
0
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 658
Modifié par Malekal_morte- le 4/04/2015 à 17:29
en mode sans échec, désinstalle Avast! (Panneau de configuration puis ajout/suppression de programmes)
et vois ce que cela donne si tu redémarres en mode normal.
0
hananitta8888
9 avril 2015 à 21:42
bonjour

j ai desinstallé avast puis démarré mon pc ça fonctionne bien, du coup je voudrai savoir quel autre anti virus je peux installer svp?

merci
0
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 658
Modifié par Malekal_morte- le 9/04/2015 à 22:35
ok les pubs sont encore là ?

refais une analyse FRST et donne les rapports via pjjoint.
0
Réponse 6 / 7
Hananitta8888
9 avril 2015 à 22:54
Oui j ai des pubs style efix pro et by contexte, ce sont de pages qui s affichent toutes seules
J ai fait un clean avec adwclean il me dit qu il a tout nettoyé mais le pb persiste....
0
Réponse 7 / 7
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 658
Modifié par Malekal_morte- le 9/04/2015 à 23:30
ok, si les pubs sont sur Firefox :

Exporte tes favoris : https://support.mozilla.org/fr/kb/exporter-marque-pages-firefox-fichier-html
Désinstalle Mozille Firefox en cochant l'option de suppression du profil.

Affiche les fichiers cachés et systèmes : https://www.commentcamarche.net/informatique/windows/185-afficher-les-extensions-et-les-fichiers-caches-sous-windows/

Désinstalle Firefox.

Le dossier à supprimer est dans :
Mon Ordinateur => Disque C => Utilisateurs => Ton user => AppData => Roaming
clic droit sur le dossier Mozilla puis renommer
renomme le en Mozilla.old

Mon Ordinateur => Disque C => Program Files => supprime le dossier Mozilla.

Réinstalle Firefox à partir de ce lien : https://telecharger.malekal.com/download/mozilla-firefox/

Réimporte tes favoris.


et refais un scan FRST et donne le rapport via pjjoint.

Like the angel you are, you laugh creating a lightness in my chest,
Your eyes they penetrate me,
(Your answer's always 'maybe')
That's when I got up and left
0

Discussions similaires

me desinscrire du site voisinsolitaire.com
maitre -
Clarckos -

19 réponses
on me supprime mes annonces
clownette27 -
yoyo46 -

16 réponses
Comment supprimer une conversation Messenger pour les 2 personnes ?
mercidemaider -
sd -

7 réponses
Se desinscrire totalement de voisinsSolitaires.
Doumiel -
Moto -

2 réponses