Désinstaller Crossbrowser
Fermé
SAWSAM912
Messages postés
2
Date d'inscription
dimanche 12 avril 2015
Statut
Membre
Dernière intervention
12 avril 2015
-
12 avril 2015 à 19:29
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 - 12 avril 2015 à 21:51
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 - 12 avril 2015 à 21:51
A voir également:
- Désinstaller Crossbrowser
- Desinstaller edge - Guide
- Désinstaller onedrive - Guide
- Désinstaller mcafee - Guide
- Desinstaller logiciel windows - Guide
- Désinstaller bing - Guide
3 réponses
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 651
12 avril 2015 à 19:32
12 avril 2015 à 19:32
Salut,
Je regarde =)
Je regarde =)
SAWSAM912
Messages postés
2
Date d'inscription
dimanche 12 avril 2015
Statut
Membre
Dernière intervention
12 avril 2015
12 avril 2015 à 20:39
12 avril 2015 à 20:39
Bonjour merci de votre aide
alors voila le message apparu sur bloc notes après "fix":
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 12-04-2015
Ran by NGSi at 2015-04-12 19:27:00 Run:1
Running from C:\Users\NGSi\Desktop
Loaded Profiles: NGSi (Available profiles: NGSi)
Boot Mode: Normal
==============================================
Content of fixlist:
HKU\S-1-5-21-989413040-1414339496-870702065-1000\...\Run: [GoogleChromeAutoLaunch_42AD6B334FD209D803B5D2071E7EC408] => "C:\Program Files\Crossbrowse\Crossbrowse\Application\crossbrowse.exe" --no-startup-window
AppInit_DLLs: c:\program => c:\program File Not Found
Startup: C:\Users\NGSi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hqghumeaylnlf.lnk
ShortcutTarget: hqghumeaylnlf.lnk -> C:\ProgramData\{a294e95f-d92b-fa0e-a294-4e95fd92a57f}\hqghumeaylnlf.exe (PC Utilities Software Limited)
Startup: C:\Users\NGSi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OptimizerPro-UNInstaller.lnk
ShortcutTarget: OptimizerPro-UNInstaller.lnk -> C:\ProgramData\{fdca53b4-3f39-5307-fdca-a53b43f34ed0}\OptimizerPro-UNInstaller.exe (PCUtilities Software Limited)
Startup: C:\Users\NGSi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Priceless_310315.lnk
ShortcutTarget: Priceless_310315.lnk -> C:\ProgramData\{c4b5f50e-0f37-d125-c4b5-5f50e0f3d438}\Priceless_310315.exe ()
S2 CoupoonService; C:\Program Files\coupoon\iiwjljrnpc.exe [X]
R2 ticutimo; C:\Users\NGSi\AppData\Roaming\E009C8F6-1428768795-DD11-80F1-001DBA21052B\nsn1252.tmpfs [X]
R2 cocywiso; C:\Users\NGSi\AppData\Roaming\E009C8F6-1428768795-DD11-80F1-001DBA21052B\jnsi421E.tmp [116224 2015-04-11] () [File not signed]
2015-04-12 00:05 - 2015-04-12 00:05 - 00000000 ____D () C:\Users\NGSi\AppData\Local\ZombieNews
2015-04-11 23:42 - 2015-04-11 23:42 - 00000000 ____D () C:\Users\NGSi\Documents\Optimizer Pro
2015-04-11 23:39 - 2015-04-12 00:24 - 00000000 ____D () C:\ProgramData\{fdca53b4-3f39-5307-fdca-a53b43f34ed0}
2015-04-11 23:38 - 2015-04-11 23:38 - 00000000 ____D () C:\ProgramData\T122078ED
2015-04-11 23:36 - 2015-04-12 00:23 - 00000000 ____D () C:\ProgramData\{a294e95f-d92b-fa0e-a294-4e95fd92a57f}
2015-04-11 23:35 - 2015-04-11 23:50 - 00000000 ____D () C:\Program Files\Reg Pro Cleaner
2015-04-11 18:45 - 2015-04-11 18:45 - 00000000 ____D () C:\Program Files\Hatchiho
2015-04-11 18:43 - 2015-04-12 17:51 - 00001332 _____ () C:\Windows\Tasks\HEHXC.job
2015-04-11 18:43 - 2015-04-11 23:54 - 00008704 _____ () C:\Windows\system32\CCLOff.ini
2015-04-11 18:43 - 2015-04-11 18:46 - 01316352 _____ (Cinema PlusV11.04) C:\Users\NGSi\AppData\Roaming\HEHXC.exe
2015-04-11 18:42 - 2015-04-07 16:43 - 00341696 _____ (CC Corporation) C:\Windows\system32\CCL.dll
2015-04-11 18:41 - 2015-04-12 17:51 - 00001682 _____ () C:\Windows\Tasks\NKZRBOXF.job
2015-04-11 18:41 - 2015-04-11 18:45 - 01851904 _____ (Cinema PlusV11.04) C:\Users\NGSi\AppData\Roaming\NKZRBOXF.exe
2015-04-11 18:01 - 2015-04-11 18:46 - 00000112 _____ () C:\ProgramData\oQF1pA0o.dat
2015-04-11 17:41 - 2015-04-11 23:17 - 00000004 _____ () C:\Windows\system32\029B560A371F4E00AB32838EBC01B9E7
2015-04-11 17:30 - 2015-04-11 17:30 - 00000000 ____D () C:\Users\NGSi\AppData\Roaming\E009C8F6-1428769857-DD11-80F1-001DBA21052B
2015-04-11 17:28 - 2015-04-12 17:51 - 00001332 _____ () C:\Windows\Tasks\ZHVBQ.job
2015-04-11 17:28 - 2015-04-12 17:51 - 00001328 _____ () C:\Windows\Tasks\HXG.job
2015-04-11 17:28 - 2015-04-11 17:28 - 01869824 _____ (Cinema PlusV11.04) C:\Users\NGSi\AppData\Roaming\ZHVBQ.exe
2015-04-11 17:28 - 2015-04-11 17:28 - 01325568 _____ (Cinema PlusV11.04) C:\Users\NGSi\AppData\Roaming\HXG.exe
2015-04-11 17:25 - 2015-04-11 17:25 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_webTinstMKTN_01009.Wdf
2015-04-11 17:20 - 2015-04-12 17:51 - 00001330 _____ () C:\Windows\Tasks\GNOK.job
2015-04-11 17:20 - 2015-04-11 17:20 - 01380352 _____ (Cinema PlusV16.03) C:\Users\NGSi\AppData\Roaming\GNOK.exe
2015-04-11 17:19 - 2015-04-12 17:51 - 00001682 _____ () C:\Windows\Tasks\BYAIAMUF.job
2015-04-11 17:19 - 2015-04-11 17:20 - 00000000 ____D () C:\Users\NGSi\AppData\Local\8AF575F0-46F4-144E-8D31-5F894DCAE284
2015-04-11 17:19 - 2015-04-11 17:19 - 02035200 _____ (Cinema PlusV16.03) C:\Users\NGSi\AppData\Roaming\BYAIAMUF.exe
2015-04-11 17:17 - 2015-04-11 17:23 - 00000000 ____D () C:\Users\NGSi\AppData\Local\E009C8F6-1428772669-DD11-80F1-001DBA21052B
2015-04-11 17:15 - 2015-04-11 17:15 - 00000000 ____D () C:\ProgramData\iljehjpmhkfmnmjidolkkgkhbkemmnlj
2015-04-11 17:13 - 2015-04-11 17:13 - 00000000 ____D () C:\Users\NGSi\AppData\Roaming\E009C8F6-1428768795-DD11-80F1-001DBA21052B
2015-04-11 17:13 - 2015-04-11 17:13 - 00000000 ____D () C:\ProgramData\PastaLeadsAgent
2015-04-11 17:13 - 2015-04-11 17:13 - 00000000 ____D () C:\ProgramData\b253b81131784e57ad68168e4c536585
2015-04-11 17:13 - 2015-04-11 17:13 - 00000000 ____D () C:\ProgramData\3099c14c7f4d4d83ae6521057058036b
2015-04-11 17:09 - 2015-04-11 18:47 - 00000000 ____D () C:\Users\NGSi\Desktop\BOOK ANIME
2015-04-11 17:08 - 2015-04-11 17:08 - 00000000 ____D () C:\ProgramData\7758859783194979329
2015-04-11 17:07 - 2015-04-11 17:07 - 00000000 ____D () C:\ProgramData\ddamdebkigmdidlnefolfbpehhdhlgdg
2015-04-11 17:06 - 2015-04-11 23:55 - 00000000 ____D () C:\Program Files\10
2015-04-11 17:06 - 2015-04-11 18:00 - 00000000 ____D () C:\ProgramData\{c4b5f50e-0f37-d125-c4b5-5f50e0f3d438}
2015-03-26 20:14 - 2015-03-26 20:14 - 00005542 _____ () C:\Users\NGSi\AppData\Roaming\ZHVBQ
2015-03-26 20:14 - 2015-03-26 20:14 - 00005542 _____ () C:\Users\NGSi\AppData\Roaming\NKZRBOXF
2015-03-26 20:14 - 2015-03-26 20:14 - 00004185 _____ () C:\Users\NGSi\AppData\Roaming\HXG
2015-03-26 20:14 - 2015-03-26 20:14 - 00004185 _____ () C:\Users\NGSi\AppData\Roaming\HEHXC
Task: C:\Windows\Tasks\BYAIAMUF.job => C:\Users\NGSi\AppData\Roaming\BYAIAMUF.exe <==== ATTENTION
Task: C:\Windows\Tasks\GNOK.job => C:\Users\NGSi\AppData\Roaming\GNOK.exe <==== ATTENTION
Task: C:\Windows\Tasks\HEHXC.job => C:\Users\NGSi\AppData\Roaming\HEHXC.exe <==== ATTENTION
Task: C:\Windows\Tasks\HXG.job => C:\Users\NGSi\AppData\Roaming\HXG.exe <==== ATTENTION
Task: C:\Windows\Tasks\NKZRBOXF.job => C:\Users\NGSi\AppData\Roaming\NKZRBOXF.exe <==== ATTENTION
Task: C:\Windows\Tasks\ZHVBQ.job => C:\Users\NGSi\AppData\Roaming\ZHVBQ.exe <==== ATTENTION
Task: {2DD3B4F0-8CE7-4982-A9E0-30777ED1FCB3} - System32\Tasks\NKZRBOXF => C:\Users\NGSi\AppData\Roaming\NKZRBOXF.exe [2015-04-11] (Cinema PlusV11.04) <==== ATTENTION
Task: {35BC636E-0ED6-4664-A6B6-B69590E70F16} - System32\Tasks\Runner for IC => %LOCALAPPDATA%\8AF575F0-46F4-144E-8D31-5F894DCAE284\Runner.exe
Task: {651D71B0-01C1-4334-9E5F-93001189658F} - System32\Tasks\HXG => C:\Users\NGSi\AppData\Roaming\HXG.exe [2015-04-11] (Cinema PlusV11.04) <==== ATTENTION
Task: {760653C4-78C1-49D0-B444-4890521677ED} - System32\Tasks\ZHVBQ => C:\Users\NGSi\AppData\Roaming\ZHVBQ.exe [2015-04-11] (Cinema PlusV11.04) <==== ATTENTION
Task: {88D69ED3-B0A8-424F-96BB-A9EE1FB1AAE2} - System32\Tasks\GNOK => C:\Users\NGSi\AppData\Roaming\GNOK.exe [2015-04-11] (Cinema PlusV16.03) <==== ATTENTION
Task: {DECCD0F1-89CD-4255-B78F-F1E7D11053E0} - System32\Tasks\FQVCDXOEJ => C:\ProgramData\3099c14c7f4d4d83ae6521057058036b\3099c14c7f4d4d83ae6521057058036b.exe [2015-04-11] ()
Task: {DFF794BE-C742-4E5D-A0A9-5EC255DBD2D1} - System32\Tasks\{9515F024-65FD-437A-A777-8BBFFF9FDE93} => Iexplore.exe http://ui.skype.com/ui/0/6.18.73.106.456/fr/go/help.faq.installer?LastError=1618
Task: {EDA00E4B-358C-46F3-B54C-CA6275DBF2EF} - System32\Tasks\BYAIAMUF => C:\Users\NGSi\AppData\Roaming\BYAIAMUF.exe [2015-04-11] (Cinema PlusV16.03) <==== ATTENTION
HKU\S-1-5-21-989413040-1414339496-870702065-1000\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_42AD6B334FD209D803B5D2071E7EC408 => value deleted successfully.
"c:\program" => Value Data removed successfully.
C:\Users\NGSi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hqghumeaylnlf.lnk => Moved successfully.
C:\ProgramData\{a294e95f-d92b-fa0e-a294-4e95fd92a57f}\hqghumeaylnlf.exe => Moved successfully.
C:\Users\NGSi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OptimizerPro-UNInstaller.lnk => Moved successfully.
C:\ProgramData\{fdca53b4-3f39-5307-fdca-a53b43f34ed0}\OptimizerPro-UNInstaller.exe => Moved successfully.
C:\Users\NGSi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Priceless_310315.lnk => Moved successfully.
C:\ProgramData\{c4b5f50e-0f37-d125-c4b5-5f50e0f3d438}\Priceless_310315.exe => Moved successfully.
CoupoonService => Service deleted successfully.
ticutimo => Service stopped successfully.
ticutimo => Service deleted successfully.
cocywiso => Service stopped successfully.
cocywiso => Service deleted successfully.
C:\Users\NGSi\AppData\Local\ZombieNews => Moved successfully.
C:\Users\NGSi\Documents\Optimizer Pro => Moved successfully.
"C:\ProgramData\{fdca53b4-3f39-5307-fdca-a53b43f34ed0}" directory move:
Could not move "C:\ProgramData\{fdca53b4-3f39-5307-fdca-a53b43f34ed0}" directory. => Scheduled to move on reboot.
C:\ProgramData\T122078ED => Moved successfully.
C:\ProgramData\{a294e95f-d92b-fa0e-a294-4e95fd92a57f} => Moved successfully.
C:\Program Files\Reg Pro Cleaner => Moved successfully.
C:\Program Files\Hatchiho => Moved successfully.
C:\Windows\Tasks\HEHXC.job => Moved successfully.
C:\Windows\system32\CCLOff.ini => Moved successfully.
C:\Users\NGSi\AppData\Roaming\HEHXC.exe => Moved successfully.
C:\Windows\system32\CCL.dll => Moved successfully.
C:\Windows\Tasks\NKZRBOXF.job => Moved successfully.
C:\Users\NGSi\AppData\Roaming\NKZRBOXF.exe => Moved successfully.
C:\ProgramData\oQF1pA0o.dat => Moved successfully.
C:\Windows\system32\029B560A371F4E00AB32838EBC01B9E7 => Moved successfully.
C:\Users\NGSi\AppData\Roaming\E009C8F6-1428769857-DD11-80F1-001DBA21052B => Moved successfully.
C:\Windows\Tasks\ZHVBQ.job => Moved successfully.
C:\Windows\Tasks\HXG.job => Moved successfully.
C:\Users\NGSi\AppData\Roaming\ZHVBQ.exe => Moved successfully.
C:\Users\NGSi\AppData\Roaming\HXG.exe => Moved successfully.
C:\Windows\system32\Drivers\Msft_Kernel_webTinstMKTN_01009.Wdf => Moved successfully.
C:\Windows\Tasks\GNOK.job => Moved successfully.
C:\Users\NGSi\AppData\Roaming\GNOK.exe => Moved successfully.
C:\Windows\Tasks\BYAIAMUF.job => Moved successfully.
"C:\Users\NGSi\AppData\Local\8AF575F0-46F4-144E-8D31-5F894DCAE284" directory move:
Could not move "C:\Users\NGSi\AppData\Local\8AF575F0-46F4-144E-8D31-5F894DCAE284" directory. => Scheduled to move on reboot.
C:\Users\NGSi\AppData\Roaming\BYAIAMUF.exe => Moved successfully.
C:\Users\NGSi\AppData\Local\E009C8F6-1428772669-DD11-80F1-001DBA21052B => Moved successfully.
C:\ProgramData\iljehjpmhkfmnmjidolkkgkhbkemmnlj => Moved successfully.
C:\Users\NGSi\AppData\Roaming\E009C8F6-1428768795-DD11-80F1-001DBA21052B => Moved successfully.
C:\ProgramData\PastaLeadsAgent => Moved successfully.
C:\ProgramData\b253b81131784e57ad68168e4c536585 => Moved successfully.
C:\ProgramData\3099c14c7f4d4d83ae6521057058036b => Moved successfully.
C:\Users\NGSi\Desktop\BOOK ANIME => Moved successfully.
C:\ProgramData\7758859783194979329 => Moved successfully.
C:\ProgramData\ddamdebkigmdidlnefolfbpehhdhlgdg => Moved successfully.
C:\Program Files\10 => Moved successfully.
"C:\ProgramData\{c4b5f50e-0f37-d125-c4b5-5f50e0f3d438}" directory move:
Could not move "C:\ProgramData\{c4b5f50e-0f37-d125-c4b5-5f50e0f3d438}" directory. => Scheduled to move on reboot.
C:\Users\NGSi\AppData\Roaming\ZHVBQ => Moved successfully.
C:\Users\NGSi\AppData\Roaming\NKZRBOXF => Moved successfully.
C:\Users\NGSi\AppData\Roaming\HXG => Moved successfully.
C:\Users\NGSi\AppData\Roaming\HEHXC => Moved successfully.
C:\Windows\Tasks\BYAIAMUF.job not found.
C:\Windows\Tasks\GNOK.job not found.
C:\Windows\Tasks\HEHXC.job not found.
C:\Windows\Tasks\HXG.job not found.
C:\Windows\Tasks\NKZRBOXF.job not found.
C:\Windows\Tasks\ZHVBQ.job not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2DD3B4F0-8CE7-4982-A9E0-30777ED1FCB3}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2DD3B4F0-8CE7-4982-A9E0-30777ED1FCB3}" => Key deleted successfully.
C:\Windows\System32\Tasks\NKZRBOXF => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NKZRBOXF" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{35BC636E-0ED6-4664-A6B6-B69590E70F16}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{35BC636E-0ED6-4664-A6B6-B69590E70F16}" => Key deleted successfully.
C:\Windows\System32\Tasks\Runner for IC => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Runner for IC" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{651D71B0-01C1-4334-9E5F-93001189658F}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{651D71B0-01C1-4334-9E5F-93001189658F}" => Key deleted successfully.
C:\Windows\System32\Tasks\HXG => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HXG" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{760653C4-78C1-49D0-B444-4890521677ED}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{760653C4-78C1-49D0-B444-4890521677ED}" => Key deleted successfully.
C:\Windows\System32\Tasks\ZHVBQ => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ZHVBQ" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{88D69ED3-B0A8-424F-96BB-A9EE1FB1AAE2}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{88D69ED3-B0A8-424F-96BB-A9EE1FB1AAE2}" => Key deleted successfully.
C:\Windows\System32\Tasks\GNOK => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GNOK" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DECCD0F1-89CD-4255-B78F-F1E7D11053E0}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DECCD0F1-89CD-4255-B78F-F1E7D11053E0}" => Key deleted successfully.
C:\Windows\System32\Tasks\FQVCDXOEJ => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FQVCDXOEJ" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DFF794BE-C742-4E5D-A0A9-5EC255DBD2D1}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DFF794BE-C742-4E5D-A0A9-5EC255DBD2D1}" => Key deleted successfully.
C:\Windows\System32\Tasks\{9515F024-65FD-437A-A777-8BBFFF9FDE93} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{9515F024-65FD-437A-A777-8BBFFF9FDE93}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{EDA00E4B-358C-46F3-B54C-CA6275DBF2EF}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EDA00E4B-358C-46F3-B54C-CA6275DBF2EF}" => Key deleted successfully.
C:\Windows\System32\Tasks\BYAIAMUF => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BYAIAMUF" => Key deleted successfully.
C:\Users\NGSi\AppData\Local\8AF575F0-46F4-144E-8D31-5F894DCAE284 => Is moved successfully.
C:\ProgramData\{c4b5f50e-0f37-d125-c4b5-5f50e0f3d438} => Moved successfully.
alors voila le message apparu sur bloc notes après "fix":
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 12-04-2015
Ran by NGSi at 2015-04-12 19:27:00 Run:1
Running from C:\Users\NGSi\Desktop
Loaded Profiles: NGSi (Available profiles: NGSi)
Boot Mode: Normal
==============================================
Content of fixlist:
HKU\S-1-5-21-989413040-1414339496-870702065-1000\...\Run: [GoogleChromeAutoLaunch_42AD6B334FD209D803B5D2071E7EC408] => "C:\Program Files\Crossbrowse\Crossbrowse\Application\crossbrowse.exe" --no-startup-window
AppInit_DLLs: c:\program => c:\program File Not Found
Startup: C:\Users\NGSi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hqghumeaylnlf.lnk
ShortcutTarget: hqghumeaylnlf.lnk -> C:\ProgramData\{a294e95f-d92b-fa0e-a294-4e95fd92a57f}\hqghumeaylnlf.exe (PC Utilities Software Limited)
Startup: C:\Users\NGSi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OptimizerPro-UNInstaller.lnk
ShortcutTarget: OptimizerPro-UNInstaller.lnk -> C:\ProgramData\{fdca53b4-3f39-5307-fdca-a53b43f34ed0}\OptimizerPro-UNInstaller.exe (PCUtilities Software Limited)
Startup: C:\Users\NGSi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Priceless_310315.lnk
ShortcutTarget: Priceless_310315.lnk -> C:\ProgramData\{c4b5f50e-0f37-d125-c4b5-5f50e0f3d438}\Priceless_310315.exe ()
S2 CoupoonService; C:\Program Files\coupoon\iiwjljrnpc.exe [X]
R2 ticutimo; C:\Users\NGSi\AppData\Roaming\E009C8F6-1428768795-DD11-80F1-001DBA21052B\nsn1252.tmpfs [X]
R2 cocywiso; C:\Users\NGSi\AppData\Roaming\E009C8F6-1428768795-DD11-80F1-001DBA21052B\jnsi421E.tmp [116224 2015-04-11] () [File not signed]
2015-04-12 00:05 - 2015-04-12 00:05 - 00000000 ____D () C:\Users\NGSi\AppData\Local\ZombieNews
2015-04-11 23:42 - 2015-04-11 23:42 - 00000000 ____D () C:\Users\NGSi\Documents\Optimizer Pro
2015-04-11 23:39 - 2015-04-12 00:24 - 00000000 ____D () C:\ProgramData\{fdca53b4-3f39-5307-fdca-a53b43f34ed0}
2015-04-11 23:38 - 2015-04-11 23:38 - 00000000 ____D () C:\ProgramData\T122078ED
2015-04-11 23:36 - 2015-04-12 00:23 - 00000000 ____D () C:\ProgramData\{a294e95f-d92b-fa0e-a294-4e95fd92a57f}
2015-04-11 23:35 - 2015-04-11 23:50 - 00000000 ____D () C:\Program Files\Reg Pro Cleaner
2015-04-11 18:45 - 2015-04-11 18:45 - 00000000 ____D () C:\Program Files\Hatchiho
2015-04-11 18:43 - 2015-04-12 17:51 - 00001332 _____ () C:\Windows\Tasks\HEHXC.job
2015-04-11 18:43 - 2015-04-11 23:54 - 00008704 _____ () C:\Windows\system32\CCLOff.ini
2015-04-11 18:43 - 2015-04-11 18:46 - 01316352 _____ (Cinema PlusV11.04) C:\Users\NGSi\AppData\Roaming\HEHXC.exe
2015-04-11 18:42 - 2015-04-07 16:43 - 00341696 _____ (CC Corporation) C:\Windows\system32\CCL.dll
2015-04-11 18:41 - 2015-04-12 17:51 - 00001682 _____ () C:\Windows\Tasks\NKZRBOXF.job
2015-04-11 18:41 - 2015-04-11 18:45 - 01851904 _____ (Cinema PlusV11.04) C:\Users\NGSi\AppData\Roaming\NKZRBOXF.exe
2015-04-11 18:01 - 2015-04-11 18:46 - 00000112 _____ () C:\ProgramData\oQF1pA0o.dat
2015-04-11 17:41 - 2015-04-11 23:17 - 00000004 _____ () C:\Windows\system32\029B560A371F4E00AB32838EBC01B9E7
2015-04-11 17:30 - 2015-04-11 17:30 - 00000000 ____D () C:\Users\NGSi\AppData\Roaming\E009C8F6-1428769857-DD11-80F1-001DBA21052B
2015-04-11 17:28 - 2015-04-12 17:51 - 00001332 _____ () C:\Windows\Tasks\ZHVBQ.job
2015-04-11 17:28 - 2015-04-12 17:51 - 00001328 _____ () C:\Windows\Tasks\HXG.job
2015-04-11 17:28 - 2015-04-11 17:28 - 01869824 _____ (Cinema PlusV11.04) C:\Users\NGSi\AppData\Roaming\ZHVBQ.exe
2015-04-11 17:28 - 2015-04-11 17:28 - 01325568 _____ (Cinema PlusV11.04) C:\Users\NGSi\AppData\Roaming\HXG.exe
2015-04-11 17:25 - 2015-04-11 17:25 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_webTinstMKTN_01009.Wdf
2015-04-11 17:20 - 2015-04-12 17:51 - 00001330 _____ () C:\Windows\Tasks\GNOK.job
2015-04-11 17:20 - 2015-04-11 17:20 - 01380352 _____ (Cinema PlusV16.03) C:\Users\NGSi\AppData\Roaming\GNOK.exe
2015-04-11 17:19 - 2015-04-12 17:51 - 00001682 _____ () C:\Windows\Tasks\BYAIAMUF.job
2015-04-11 17:19 - 2015-04-11 17:20 - 00000000 ____D () C:\Users\NGSi\AppData\Local\8AF575F0-46F4-144E-8D31-5F894DCAE284
2015-04-11 17:19 - 2015-04-11 17:19 - 02035200 _____ (Cinema PlusV16.03) C:\Users\NGSi\AppData\Roaming\BYAIAMUF.exe
2015-04-11 17:17 - 2015-04-11 17:23 - 00000000 ____D () C:\Users\NGSi\AppData\Local\E009C8F6-1428772669-DD11-80F1-001DBA21052B
2015-04-11 17:15 - 2015-04-11 17:15 - 00000000 ____D () C:\ProgramData\iljehjpmhkfmnmjidolkkgkhbkemmnlj
2015-04-11 17:13 - 2015-04-11 17:13 - 00000000 ____D () C:\Users\NGSi\AppData\Roaming\E009C8F6-1428768795-DD11-80F1-001DBA21052B
2015-04-11 17:13 - 2015-04-11 17:13 - 00000000 ____D () C:\ProgramData\PastaLeadsAgent
2015-04-11 17:13 - 2015-04-11 17:13 - 00000000 ____D () C:\ProgramData\b253b81131784e57ad68168e4c536585
2015-04-11 17:13 - 2015-04-11 17:13 - 00000000 ____D () C:\ProgramData\3099c14c7f4d4d83ae6521057058036b
2015-04-11 17:09 - 2015-04-11 18:47 - 00000000 ____D () C:\Users\NGSi\Desktop\BOOK ANIME
2015-04-11 17:08 - 2015-04-11 17:08 - 00000000 ____D () C:\ProgramData\7758859783194979329
2015-04-11 17:07 - 2015-04-11 17:07 - 00000000 ____D () C:\ProgramData\ddamdebkigmdidlnefolfbpehhdhlgdg
2015-04-11 17:06 - 2015-04-11 23:55 - 00000000 ____D () C:\Program Files\10
2015-04-11 17:06 - 2015-04-11 18:00 - 00000000 ____D () C:\ProgramData\{c4b5f50e-0f37-d125-c4b5-5f50e0f3d438}
2015-03-26 20:14 - 2015-03-26 20:14 - 00005542 _____ () C:\Users\NGSi\AppData\Roaming\ZHVBQ
2015-03-26 20:14 - 2015-03-26 20:14 - 00005542 _____ () C:\Users\NGSi\AppData\Roaming\NKZRBOXF
2015-03-26 20:14 - 2015-03-26 20:14 - 00004185 _____ () C:\Users\NGSi\AppData\Roaming\HXG
2015-03-26 20:14 - 2015-03-26 20:14 - 00004185 _____ () C:\Users\NGSi\AppData\Roaming\HEHXC
Task: C:\Windows\Tasks\BYAIAMUF.job => C:\Users\NGSi\AppData\Roaming\BYAIAMUF.exe <==== ATTENTION
Task: C:\Windows\Tasks\GNOK.job => C:\Users\NGSi\AppData\Roaming\GNOK.exe <==== ATTENTION
Task: C:\Windows\Tasks\HEHXC.job => C:\Users\NGSi\AppData\Roaming\HEHXC.exe <==== ATTENTION
Task: C:\Windows\Tasks\HXG.job => C:\Users\NGSi\AppData\Roaming\HXG.exe <==== ATTENTION
Task: C:\Windows\Tasks\NKZRBOXF.job => C:\Users\NGSi\AppData\Roaming\NKZRBOXF.exe <==== ATTENTION
Task: C:\Windows\Tasks\ZHVBQ.job => C:\Users\NGSi\AppData\Roaming\ZHVBQ.exe <==== ATTENTION
Task: {2DD3B4F0-8CE7-4982-A9E0-30777ED1FCB3} - System32\Tasks\NKZRBOXF => C:\Users\NGSi\AppData\Roaming\NKZRBOXF.exe [2015-04-11] (Cinema PlusV11.04) <==== ATTENTION
Task: {35BC636E-0ED6-4664-A6B6-B69590E70F16} - System32\Tasks\Runner for IC => %LOCALAPPDATA%\8AF575F0-46F4-144E-8D31-5F894DCAE284\Runner.exe
Task: {651D71B0-01C1-4334-9E5F-93001189658F} - System32\Tasks\HXG => C:\Users\NGSi\AppData\Roaming\HXG.exe [2015-04-11] (Cinema PlusV11.04) <==== ATTENTION
Task: {760653C4-78C1-49D0-B444-4890521677ED} - System32\Tasks\ZHVBQ => C:\Users\NGSi\AppData\Roaming\ZHVBQ.exe [2015-04-11] (Cinema PlusV11.04) <==== ATTENTION
Task: {88D69ED3-B0A8-424F-96BB-A9EE1FB1AAE2} - System32\Tasks\GNOK => C:\Users\NGSi\AppData\Roaming\GNOK.exe [2015-04-11] (Cinema PlusV16.03) <==== ATTENTION
Task: {DECCD0F1-89CD-4255-B78F-F1E7D11053E0} - System32\Tasks\FQVCDXOEJ => C:\ProgramData\3099c14c7f4d4d83ae6521057058036b\3099c14c7f4d4d83ae6521057058036b.exe [2015-04-11] ()
Task: {DFF794BE-C742-4E5D-A0A9-5EC255DBD2D1} - System32\Tasks\{9515F024-65FD-437A-A777-8BBFFF9FDE93} => Iexplore.exe http://ui.skype.com/ui/0/6.18.73.106.456/fr/go/help.faq.installer?LastError=1618
Task: {EDA00E4B-358C-46F3-B54C-CA6275DBF2EF} - System32\Tasks\BYAIAMUF => C:\Users\NGSi\AppData\Roaming\BYAIAMUF.exe [2015-04-11] (Cinema PlusV16.03) <==== ATTENTION
HKU\S-1-5-21-989413040-1414339496-870702065-1000\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_42AD6B334FD209D803B5D2071E7EC408 => value deleted successfully.
"c:\program" => Value Data removed successfully.
C:\Users\NGSi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hqghumeaylnlf.lnk => Moved successfully.
C:\ProgramData\{a294e95f-d92b-fa0e-a294-4e95fd92a57f}\hqghumeaylnlf.exe => Moved successfully.
C:\Users\NGSi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OptimizerPro-UNInstaller.lnk => Moved successfully.
C:\ProgramData\{fdca53b4-3f39-5307-fdca-a53b43f34ed0}\OptimizerPro-UNInstaller.exe => Moved successfully.
C:\Users\NGSi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Priceless_310315.lnk => Moved successfully.
C:\ProgramData\{c4b5f50e-0f37-d125-c4b5-5f50e0f3d438}\Priceless_310315.exe => Moved successfully.
CoupoonService => Service deleted successfully.
ticutimo => Service stopped successfully.
ticutimo => Service deleted successfully.
cocywiso => Service stopped successfully.
cocywiso => Service deleted successfully.
C:\Users\NGSi\AppData\Local\ZombieNews => Moved successfully.
C:\Users\NGSi\Documents\Optimizer Pro => Moved successfully.
"C:\ProgramData\{fdca53b4-3f39-5307-fdca-a53b43f34ed0}" directory move:
Could not move "C:\ProgramData\{fdca53b4-3f39-5307-fdca-a53b43f34ed0}" directory. => Scheduled to move on reboot.
C:\ProgramData\T122078ED => Moved successfully.
C:\ProgramData\{a294e95f-d92b-fa0e-a294-4e95fd92a57f} => Moved successfully.
C:\Program Files\Reg Pro Cleaner => Moved successfully.
C:\Program Files\Hatchiho => Moved successfully.
C:\Windows\Tasks\HEHXC.job => Moved successfully.
C:\Windows\system32\CCLOff.ini => Moved successfully.
C:\Users\NGSi\AppData\Roaming\HEHXC.exe => Moved successfully.
C:\Windows\system32\CCL.dll => Moved successfully.
C:\Windows\Tasks\NKZRBOXF.job => Moved successfully.
C:\Users\NGSi\AppData\Roaming\NKZRBOXF.exe => Moved successfully.
C:\ProgramData\oQF1pA0o.dat => Moved successfully.
C:\Windows\system32\029B560A371F4E00AB32838EBC01B9E7 => Moved successfully.
C:\Users\NGSi\AppData\Roaming\E009C8F6-1428769857-DD11-80F1-001DBA21052B => Moved successfully.
C:\Windows\Tasks\ZHVBQ.job => Moved successfully.
C:\Windows\Tasks\HXG.job => Moved successfully.
C:\Users\NGSi\AppData\Roaming\ZHVBQ.exe => Moved successfully.
C:\Users\NGSi\AppData\Roaming\HXG.exe => Moved successfully.
C:\Windows\system32\Drivers\Msft_Kernel_webTinstMKTN_01009.Wdf => Moved successfully.
C:\Windows\Tasks\GNOK.job => Moved successfully.
C:\Users\NGSi\AppData\Roaming\GNOK.exe => Moved successfully.
C:\Windows\Tasks\BYAIAMUF.job => Moved successfully.
"C:\Users\NGSi\AppData\Local\8AF575F0-46F4-144E-8D31-5F894DCAE284" directory move:
Could not move "C:\Users\NGSi\AppData\Local\8AF575F0-46F4-144E-8D31-5F894DCAE284" directory. => Scheduled to move on reboot.
C:\Users\NGSi\AppData\Roaming\BYAIAMUF.exe => Moved successfully.
C:\Users\NGSi\AppData\Local\E009C8F6-1428772669-DD11-80F1-001DBA21052B => Moved successfully.
C:\ProgramData\iljehjpmhkfmnmjidolkkgkhbkemmnlj => Moved successfully.
C:\Users\NGSi\AppData\Roaming\E009C8F6-1428768795-DD11-80F1-001DBA21052B => Moved successfully.
C:\ProgramData\PastaLeadsAgent => Moved successfully.
C:\ProgramData\b253b81131784e57ad68168e4c536585 => Moved successfully.
C:\ProgramData\3099c14c7f4d4d83ae6521057058036b => Moved successfully.
C:\Users\NGSi\Desktop\BOOK ANIME => Moved successfully.
C:\ProgramData\7758859783194979329 => Moved successfully.
C:\ProgramData\ddamdebkigmdidlnefolfbpehhdhlgdg => Moved successfully.
C:\Program Files\10 => Moved successfully.
"C:\ProgramData\{c4b5f50e-0f37-d125-c4b5-5f50e0f3d438}" directory move:
Could not move "C:\ProgramData\{c4b5f50e-0f37-d125-c4b5-5f50e0f3d438}" directory. => Scheduled to move on reboot.
C:\Users\NGSi\AppData\Roaming\ZHVBQ => Moved successfully.
C:\Users\NGSi\AppData\Roaming\NKZRBOXF => Moved successfully.
C:\Users\NGSi\AppData\Roaming\HXG => Moved successfully.
C:\Users\NGSi\AppData\Roaming\HEHXC => Moved successfully.
C:\Windows\Tasks\BYAIAMUF.job not found.
C:\Windows\Tasks\GNOK.job not found.
C:\Windows\Tasks\HEHXC.job not found.
C:\Windows\Tasks\HXG.job not found.
C:\Windows\Tasks\NKZRBOXF.job not found.
C:\Windows\Tasks\ZHVBQ.job not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2DD3B4F0-8CE7-4982-A9E0-30777ED1FCB3}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2DD3B4F0-8CE7-4982-A9E0-30777ED1FCB3}" => Key deleted successfully.
C:\Windows\System32\Tasks\NKZRBOXF => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NKZRBOXF" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{35BC636E-0ED6-4664-A6B6-B69590E70F16}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{35BC636E-0ED6-4664-A6B6-B69590E70F16}" => Key deleted successfully.
C:\Windows\System32\Tasks\Runner for IC => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Runner for IC" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{651D71B0-01C1-4334-9E5F-93001189658F}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{651D71B0-01C1-4334-9E5F-93001189658F}" => Key deleted successfully.
C:\Windows\System32\Tasks\HXG => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HXG" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{760653C4-78C1-49D0-B444-4890521677ED}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{760653C4-78C1-49D0-B444-4890521677ED}" => Key deleted successfully.
C:\Windows\System32\Tasks\ZHVBQ => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ZHVBQ" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{88D69ED3-B0A8-424F-96BB-A9EE1FB1AAE2}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{88D69ED3-B0A8-424F-96BB-A9EE1FB1AAE2}" => Key deleted successfully.
C:\Windows\System32\Tasks\GNOK => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GNOK" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DECCD0F1-89CD-4255-B78F-F1E7D11053E0}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DECCD0F1-89CD-4255-B78F-F1E7D11053E0}" => Key deleted successfully.
C:\Windows\System32\Tasks\FQVCDXOEJ => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FQVCDXOEJ" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DFF794BE-C742-4E5D-A0A9-5EC255DBD2D1}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DFF794BE-C742-4E5D-A0A9-5EC255DBD2D1}" => Key deleted successfully.
C:\Windows\System32\Tasks\{9515F024-65FD-437A-A777-8BBFFF9FDE93} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{9515F024-65FD-437A-A777-8BBFFF9FDE93}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{EDA00E4B-358C-46F3-B54C-CA6275DBF2EF}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EDA00E4B-358C-46F3-B54C-CA6275DBF2EF}" => Key deleted successfully.
C:\Windows\System32\Tasks\BYAIAMUF => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BYAIAMUF" => Key deleted successfully.
> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2015-04-12 19:36:36)<
C:\ProgramData\{fdca53b4-3f39-5307-fdca-a53b43f34ed0} => Moved successfully.C:\Users\NGSi\AppData\Local\8AF575F0-46F4-144E-8D31-5F894DCAE284 => Is moved successfully.
C:\ProgramData\{c4b5f50e-0f37-d125-c4b5-5f50e0f3d438} => Moved successfully.
End of Fixlog 19:36:36
Merci de me dire c'est c'est fini et réglé, en tous cas je vous en remercie énormément!!!
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 651
12 avril 2015 à 21:51
12 avril 2015 à 21:51
fais le reste et vois ce que cela donne =)
Modifié par Malekal_morte- le 12/04/2015 à 19:35
Tu peux t'inspirer de cette note explicative avec des captures d'écran pour t'aider: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/#fix
Ouvre le bloc-notes : Touche Windows + R, dans le champs executer, tape notepad et OK.
Copie/colle dedans ce qui suit :
HKU\S-1-5-21-989413040-1414339496-870702065-1000\...\Run: [GoogleChromeAutoLaunch_42AD6B334FD209D803B5D2071E7EC408] => "C:\Program Files\Crossbrowse\Crossbrowse\Application\crossbrowse.exe" --no-startup-window
AppInit_DLLs: c:\program => c:\program File Not Found
Startup: C:\Users\NGSi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hqghumeaylnlf.lnk
ShortcutTarget: hqghumeaylnlf.lnk -> C:\ProgramData\{a294e95f-d92b-fa0e-a294-4e95fd92a57f}\hqghumeaylnlf.exe (PC Utilities Software Limited)
Startup: C:\Users\NGSi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OptimizerPro-UNInstaller.lnk
ShortcutTarget: OptimizerPro-UNInstaller.lnk -> C:\ProgramData\{fdca53b4-3f39-5307-fdca-a53b43f34ed0}\OptimizerPro-UNInstaller.exe (PCUtilities Software Limited)
Startup: C:\Users\NGSi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Priceless_310315.lnk
ShortcutTarget: Priceless_310315.lnk -> C:\ProgramData\{c4b5f50e-0f37-d125-c4b5-5f50e0f3d438}\Priceless_310315.exe ()
S2 CoupoonService; C:\Program Files\coupoon\iiwjljrnpc.exe [X]
R2 ticutimo; C:\Users\NGSi\AppData\Roaming\E009C8F6-1428768795-DD11-80F1-001DBA21052B\nsn1252.tmpfs [X]
R2 cocywiso; C:\Users\NGSi\AppData\Roaming\E009C8F6-1428768795-DD11-80F1-001DBA21052B\jnsi421E.tmp [116224 2015-04-11] () [File not signed]
2015-04-12 00:05 - 2015-04-12 00:05 - 00000000 ____D () C:\Users\NGSi\AppData\Local\ZombieNews
2015-04-11 23:42 - 2015-04-11 23:42 - 00000000 ____D () C:\Users\NGSi\Documents\Optimizer Pro
2015-04-11 23:39 - 2015-04-12 00:24 - 00000000 ____D () C:\ProgramData\{fdca53b4-3f39-5307-fdca-a53b43f34ed0}
2015-04-11 23:38 - 2015-04-11 23:38 - 00000000 ____D () C:\ProgramData\T122078ED
2015-04-11 23:36 - 2015-04-12 00:23 - 00000000 ____D () C:\ProgramData\{a294e95f-d92b-fa0e-a294-4e95fd92a57f}
2015-04-11 23:35 - 2015-04-11 23:50 - 00000000 ____D () C:\Program Files\Reg Pro Cleaner
2015-04-11 18:45 - 2015-04-11 18:45 - 00000000 ____D () C:\Program Files\Hatchiho
2015-04-11 18:43 - 2015-04-12 17:51 - 00001332 _____ () C:\Windows\Tasks\HEHXC.job
2015-04-11 18:43 - 2015-04-11 23:54 - 00008704 _____ () C:\Windows\system32\CCLOff.ini
2015-04-11 18:43 - 2015-04-11 18:46 - 01316352 _____ (Cinema PlusV11.04) C:\Users\NGSi\AppData\Roaming\HEHXC.exe
2015-04-11 18:42 - 2015-04-07 16:43 - 00341696 _____ (CC Corporation) C:\Windows\system32\CCL.dll
2015-04-11 18:41 - 2015-04-12 17:51 - 00001682 _____ () C:\Windows\Tasks\NKZRBOXF.job
2015-04-11 18:41 - 2015-04-11 18:45 - 01851904 _____ (Cinema PlusV11.04) C:\Users\NGSi\AppData\Roaming\NKZRBOXF.exe
2015-04-11 18:01 - 2015-04-11 18:46 - 00000112 _____ () C:\ProgramData\oQF1pA0o.dat
2015-04-11 17:41 - 2015-04-11 23:17 - 00000004 _____ () C:\Windows\system32\029B560A371F4E00AB32838EBC01B9E7
2015-04-11 17:30 - 2015-04-11 17:30 - 00000000 ____D () C:\Users\NGSi\AppData\Roaming\E009C8F6-1428769857-DD11-80F1-001DBA21052B
2015-04-11 17:28 - 2015-04-12 17:51 - 00001332 _____ () C:\Windows\Tasks\ZHVBQ.job
2015-04-11 17:28 - 2015-04-12 17:51 - 00001328 _____ () C:\Windows\Tasks\HXG.job
2015-04-11 17:28 - 2015-04-11 17:28 - 01869824 _____ (Cinema PlusV11.04) C:\Users\NGSi\AppData\Roaming\ZHVBQ.exe
2015-04-11 17:28 - 2015-04-11 17:28 - 01325568 _____ (Cinema PlusV11.04) C:\Users\NGSi\AppData\Roaming\HXG.exe
2015-04-11 17:25 - 2015-04-11 17:25 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_webTinstMKTN_01009.Wdf
2015-04-11 17:20 - 2015-04-12 17:51 - 00001330 _____ () C:\Windows\Tasks\GNOK.job
2015-04-11 17:20 - 2015-04-11 17:20 - 01380352 _____ (Cinema PlusV16.03) C:\Users\NGSi\AppData\Roaming\GNOK.exe
2015-04-11 17:19 - 2015-04-12 17:51 - 00001682 _____ () C:\Windows\Tasks\BYAIAMUF.job
2015-04-11 17:19 - 2015-04-11 17:20 - 00000000 ____D () C:\Users\NGSi\AppData\Local\8AF575F0-46F4-144E-8D31-5F894DCAE284
2015-04-11 17:19 - 2015-04-11 17:19 - 02035200 _____ (Cinema PlusV16.03) C:\Users\NGSi\AppData\Roaming\BYAIAMUF.exe
2015-04-11 17:17 - 2015-04-11 17:23 - 00000000 ____D () C:\Users\NGSi\AppData\Local\E009C8F6-1428772669-DD11-80F1-001DBA21052B
2015-04-11 17:15 - 2015-04-11 17:15 - 00000000 ____D () C:\ProgramData\iljehjpmhkfmnmjidolkkgkhbkemmnlj
2015-04-11 17:13 - 2015-04-11 17:13 - 00000000 ____D () C:\Users\NGSi\AppData\Roaming\E009C8F6-1428768795-DD11-80F1-001DBA21052B
2015-04-11 17:13 - 2015-04-11 17:13 - 00000000 ____D () C:\ProgramData\PastaLeadsAgent
2015-04-11 17:13 - 2015-04-11 17:13 - 00000000 ____D () C:\ProgramData\b253b81131784e57ad68168e4c536585
2015-04-11 17:13 - 2015-04-11 17:13 - 00000000 ____D () C:\ProgramData\3099c14c7f4d4d83ae6521057058036b
2015-04-11 17:09 - 2015-04-11 18:47 - 00000000 ____D () C:\Users\NGSi\Desktop\BOOK ANIME
2015-04-11 17:08 - 2015-04-11 17:08 - 00000000 ____D () C:\ProgramData\7758859783194979329
2015-04-11 17:07 - 2015-04-11 17:07 - 00000000 ____D () C:\ProgramData\ddamdebkigmdidlnefolfbpehhdhlgdg
2015-04-11 17:06 - 2015-04-11 23:55 - 00000000 ____D () C:\Program Files\10
2015-04-11 17:06 - 2015-04-11 18:00 - 00000000 ____D () C:\ProgramData\{c4b5f50e-0f37-d125-c4b5-5f50e0f3d438}
2015-03-26 20:14 - 2015-03-26 20:14 - 00005542 _____ () C:\Users\NGSi\AppData\Roaming\ZHVBQ
2015-03-26 20:14 - 2015-03-26 20:14 - 00005542 _____ () C:\Users\NGSi\AppData\Roaming\NKZRBOXF
2015-03-26 20:14 - 2015-03-26 20:14 - 00004185 _____ () C:\Users\NGSi\AppData\Roaming\HXG
2015-03-26 20:14 - 2015-03-26 20:14 - 00004185 _____ () C:\Users\NGSi\AppData\Roaming\HEHXC
Task: C:\Windows\Tasks\BYAIAMUF.job => C:\Users\NGSi\AppData\Roaming\BYAIAMUF.exe <==== ATTENTION
Task: C:\Windows\Tasks\GNOK.job => C:\Users\NGSi\AppData\Roaming\GNOK.exe <==== ATTENTION
Task: C:\Windows\Tasks\HEHXC.job => C:\Users\NGSi\AppData\Roaming\HEHXC.exe <==== ATTENTION
Task: C:\Windows\Tasks\HXG.job => C:\Users\NGSi\AppData\Roaming\HXG.exe <==== ATTENTION
Task: C:\Windows\Tasks\NKZRBOXF.job => C:\Users\NGSi\AppData\Roaming\NKZRBOXF.exe <==== ATTENTION
Task: C:\Windows\Tasks\ZHVBQ.job => C:\Users\NGSi\AppData\Roaming\ZHVBQ.exe <==== ATTENTION
Task: {2DD3B4F0-8CE7-4982-A9E0-30777ED1FCB3} - System32\Tasks\NKZRBOXF => C:\Users\NGSi\AppData\Roaming\NKZRBOXF.exe [2015-04-11] (Cinema PlusV11.04) <==== ATTENTION
Task: {35BC636E-0ED6-4664-A6B6-B69590E70F16} - System32\Tasks\Runner for IC => %LOCALAPPDATA%\8AF575F0-46F4-144E-8D31-5F894DCAE284\Runner.exe
Task: {651D71B0-01C1-4334-9E5F-93001189658F} - System32\Tasks\HXG => C:\Users\NGSi\AppData\Roaming\HXG.exe [2015-04-11] (Cinema PlusV11.04) <==== ATTENTION
Task: {760653C4-78C1-49D0-B444-4890521677ED} - System32\Tasks\ZHVBQ => C:\Users\NGSi\AppData\Roaming\ZHVBQ.exe [2015-04-11] (Cinema PlusV11.04) <==== ATTENTION
Task: {88D69ED3-B0A8-424F-96BB-A9EE1FB1AAE2} - System32\Tasks\GNOK => C:\Users\NGSi\AppData\Roaming\GNOK.exe [2015-04-11] (Cinema PlusV16.03) <==== ATTENTION
Task: {DECCD0F1-89CD-4255-B78F-F1E7D11053E0} - System32\Tasks\FQVCDXOEJ => C:\ProgramData\3099c14c7f4d4d83ae6521057058036b\3099c14c7f4d4d83ae6521057058036b.exe [2015-04-11] ()
Task: {DFF794BE-C742-4E5D-A0A9-5EC255DBD2D1} - System32\Tasks\{9515F024-65FD-437A-A777-8BBFFF9FDE93} => Iexplore.exe http://ui.skype.com/ui/0/6.18.73.106.456/fr/go/help.faq.installer?LastError=1618
Task: {EDA00E4B-358C-46F3-B54C-CA6275DBF2EF} - System32\Tasks\BYAIAMUF => C:\Users\NGSi\AppData\Roaming\BYAIAMUF.exe [2015-04-11] (Cinema PlusV16.03) <==== ATTENTION
Une fois, le texte coller dans le bloc-note.
Menu Fichier puis Enregistrer sous.
A gauche, place toi sur le bureau.
Dans le champs en bas, nom du fichier mets : fixlist.txt
Clic sur Enregistrer - cela va créer un fichier fixlist.txt sur le bureau.
Relance FRST et clic sur le bouton Fix
Selon comment un redémarrage est nécessaire (pas obligatoire).
Un fichier texte apparaît, copie/colle le contenu ici dans un nouveau message.
Redémarre l'ordinateur
puis réinitialise tes navigateurs:
==================================
Réinitialise tes navigateurs et ou manuellement reparamètre tes navigateurs WEB (page de démarrage, moteur de recherche etc) mais aussi supprimer/désactiver les extensions inutiles/parasites :