Sujet Précédent Sujet Suivant

Programmes indesirables (crossbrowser...)

Résolu/Fermé
SCHOTCH22 Messages postés 1 Date d'inscription mardi 28 avril 2015 Statut Membre Dernière intervention 28 avril 2015 - 28 avril 2015 à 20:01
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 - 1 mai 2015 à 14:49
Bonsoir, alors j'ai un très vieux ordinateur qui a besoin d'un grand netoyage! En effet, ne l'ayant pas utilisé depuis un certain temps du à sa lenteur level interminable (impatiente).
Bref, aujourd'hui j'en ai besoin et c'est urgent! Je me suis déjà débarrassé de queques programmes malveillants, cependant certains ne veulent pas se supprimer tel que "crossbrowse"...ect

J'ai donc télechargé https://www.malekal.com/adwcleaner-supprimer-virus-adwares-pup/?t=33839&start=
J'ai fait "Scan" puis "Clean", et là je ne comprend pas ce qu'il faut faire si quelqu'un pourrait m'aidee svp...merci

6 réponses

Réponse 1 / 6
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 658
Modifié par Malekal_morte- le 28/04/2015 à 20:04
Salut,

Tu as installé des adwares et programmes parasites sur ton PC qui ouvrent des publicités et ralentissent l'ordinateur et les navigateurs WEB.
Voici la procédure à suivre pour les supprimer :

Commence par ceci :

Copie/colle le rapport AdwCleaner ici en réponse.


puis :

Suis ce tutoriel FRST: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/
(et bien prendre le temps de lire afin d'appliquer correctement - tout y est expliqué).
Télécharge et lance le scan FRST, cela va générer trois rapports FRST :
  • FRST.txt
  • Shortcut.txt
  • Additionnal.txt


Envoie, comme expliqué, ces trois rapports sur le site http://pjjoint.malekal.com et en retour donne les trois liens pjjoint qui mènent à ses rapports ici dans une nouvelle réponse afin que l'on puisse les consulter.


Like the angel you are, you laugh creating a lightness in my chest,
Your eyes they penetrate me,
(Your answer's always 'maybe')
That's when I got up and left
1
SCOTCH22
28 avril 2015 à 20:24
Donc voici mon rapport: # AdwCleaner v4.202 - Logfile created 28/04/2015 at 20:09:25
# Updated 23/04/2015 by Xplode
# Database : 2015-04-23.1 [Local]
# Operating system : Microsoft Windows XP Service Pack 3 (x86)
# Username : HP_Administrateur - STEFANIA
# Running from : C:\Documents and Settings\HP_Administrateur\Mes documents\Téléchargements\adwcleaner_4.202.exe
# Option : Cleaning
          • [ Services ] *****
          • [ Files / Folders ] *****


Folder Deleted : C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl
          • [ Scheduled tasks ] *****
          • [ Shortcuts ] *****
          • [ Registry ] *****


Key Deleted : HKLM\SOFTWARE\Classes\AppID\
Key Deleted : HKLM\SOFTWARE\Classes\AppID\
Key Deleted : HKLM\SOFTWARE\Classes\AppID\
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\
Key Deleted : HKLM\SOFTWARE\Classes\Interface\
Key Deleted : HKLM\SOFTWARE\Classes\Interface\
Key Deleted : HKLM\SOFTWARE\Classes\Interface\
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{0BC6E3FA-78EF-4886-842C-5A1258C4455A}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{84FF7BD6-B47F-46F8-9130-01B2696B36CB}]
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{460C3D19-B3D4-4964-A550-77D263B0CCCB}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9D5BD211-422C-4164-9298-BB4186A30F31}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A33DB9FD-7A8A-496E-92D3-9CFCF9D9E1C9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{F0ADB78B-FD9D-45F1-B614-917D66CCE60B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKCU\Software\AGI
Key Deleted : HKCU\Software\AnyProtect
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\Bitberry
Key Deleted : HKCU\Software\BlockAndSurf
Key Deleted : HKCU\Software\Boxore
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\conduitEngine
Key Deleted : HKCU\Software\Crossrider
Key Deleted : HKCU\Software\DynConIE
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\HomeTab
Key Deleted : HKCU\Software\Imesh
Key Deleted : HKCU\Software\Nosibay
Key Deleted : HKCU\Software\Offerbox
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\PriceGong
Key Deleted : HKCU\Software\simplytech
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Spointer
Key Deleted : HKCU\Software\Store
Key Deleted : HKCU\Software\SweetIM
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\Tutorials
Key Deleted : HKCU\Software\TutoTag
Key Deleted : HKCU\Software\Vittalia
Key Deleted : HKCU\Software\StormWatchApp
Key Deleted : HKCU\Software\WTools
Key Deleted : HKCU\Software\TNT2
Key Deleted : HKCU\Software\Super Optimizer
Key Deleted : HKCU\Software\CrossBrowser
Key Deleted : HKCU\Software\SearchProtectWS
Key Deleted : HKCU\Software\{4E7638A1-6962-4e44-A6B9-F40E84FD6D09}
Key Deleted : HKCU\Software\Crossbrowse
Key Deleted : HKCU\Software\Local AppWizard-Generated Applications
Key Deleted : HKCU\Software\Linkey
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\SOFTWARE\AGI
Key Deleted : HKLM\SOFTWARE\AskPartnerNetwork
Key Deleted : HKLM\SOFTWARE\Boxore
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\conduitEngine
Key Deleted : HKLM\SOFTWARE\Crossrider
Key Deleted : HKLM\SOFTWARE\Freeze.com
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\Iminent
Key Deleted : HKLM\SOFTWARE\istartsurfSoftware
Key Deleted : HKLM\SOFTWARE\Messenger Plus!\OpenCandy
Key Deleted : HKLM\SOFTWARE\Offerbox
Key Deleted : HKLM\SOFTWARE\OpenCandy NSIS SDK
Key Deleted : HKLM\SOFTWARE\SearchProtect
Key Deleted : HKLM\SOFTWARE\SupDp
Key Deleted : HKLM\SOFTWARE\SupTab
Key Deleted : HKLM\SOFTWARE\supWindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\SweetIM
Key Deleted : HKLM\SOFTWARE\systweak
Key Deleted : HKLM\SOFTWARE\Tutorials
Key Deleted : HKLM\SOFTWARE\Uniblue
Key Deleted : HKLM\SOFTWARE\StormWatchApp
Key Deleted : HKLM\SOFTWARE\GAMESDESKTOP
Key Deleted : HKLM\SOFTWARE\IHProtect
Key Deleted : HKLM\SOFTWARE\WebBar
Key Deleted : HKLM\SOFTWARE\Crossbrowse
Key Deleted : HKLM\SOFTWARE\SpeedBit
Key Deleted : HKLM\SOFTWARE\luckysearchesSoftware
Key Deleted : HKLM\SOFTWARE\Infonaut_1.10.0.13
Key Deleted : HKU\.DEFAULT\Software\Boxore
Key Deleted : HKU\.DEFAULT\Software\shopperz
Key Deleted : HKU\.DEFAULT\Software\{4E7638A1-6962-4e44-A6B9-F40E84FD6D09}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdater
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZombieNews
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ConvertAd
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Crossbrowse
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\0BB5A864-B491-0C48-FE83-83E19A81C14D
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Bubble Dock
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Imesh
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\RegClean Pro_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SoftwareUpdater
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ConvertAd
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1F7C80F9CE5CDF44E9AADDC99402534C
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3DA5F64B3483DE549947A9164ACBAD21
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4FEEA83BF72B97E43A2DF0EE4BE4F261
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\509EC7EFB89B7D942997574AB14037A4
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6241FF6F317CABD4EBBEE0DE9076BD94
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\90841B1FC98200349925C88999866F17
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B752EF3300008394886C402CC27B474F
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D5389AEEA4A1E20428D045E86BCF643B
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DEF7558C7CD27EF46AF802AFBE402675
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EEB44C47185BD304D80FDF5A4BBE8F54
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F214EB834D2EC474CA76C1CDE306CF3A
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F1057DD419AED0B468AD8888429E139A
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DatamngrCoordinator.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SoftwareUpdate.exe
Data Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - hxxp=127.0.0.1:3945;hxxps=127.0.0.1:3945;
Data Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyEnable] - 1
Data Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - hxxp=127.0.0.1:13895;hxxps=127.0.0.1:13895
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyEnable] - 1
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>
          • [ Web browsers ] *****


-\\ Internet Explorer v8.0.6001.18702

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [CustomizeSearch]

-\\ Mozilla Firefox v37.0.2 (x86 fr)

[8qz368lo.default-1398453713062\prefs.js] - Line Deleted : user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");
[8qz368lo.default-1398453713062\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename", "istartsurf");
[8qz368lo.default-1398453713062\prefs.js] - Line Deleted : user_pref("browser.search.searchengine.alias", "istartsurf");
[8qz368lo.default-1398453713062\prefs.js] - Line Deleted : user_pref("browser.search.searchengine.iconURL", "hxxp://www.istartsurf.com/web/favicon.ico");
[8qz368lo.default-1398453713062\prefs.js] - Line Deleted : user_pref("browser.search.searchengine.name", "istartsurf");
[8qz368lo.default-1398453713062\prefs.js] - Line Deleted : user_pref("browser.search.searchengine.url", "hxxp://www.istartsurf.com/web/?type=dspp&ts=1428609799&from=profr&uid=HDT722525DLA380_VDS41DT4F9371JF9371JX&q={searchTerms}");
[8qz368lo.default-1398453713062\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "istartsurf");
[8qz368lo.default-1398453713062\prefs.js] - Line Deleted : user_pref("browser.startup.homepage", "hxxp://www.istartsurf.com/?type=hppp&ts=1428609799&from=profr&uid=HDT722525DLA380_VDS41DT4F9371JF9371JX");
[8qz368lo.default-1398453713062\prefs.js] - Line Deleted : user_pref("extensions.quick_start.enable_search1", false);
[8qz368lo.default-1398453713062\prefs.js] - Line Deleted : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);
[8qz368lo.default-1398453713062\prefs.js] - Line Deleted : user_pref("extensions.xpiState", "{\"app-profile\":{\"***@***\":{\"d\":\"C:\\\\Documents and Settings\\\\HP_Administrateur\\\\Application Data\\\\Mozilla\\\\[...]
[8qz368lo.default-1398453713062\prefs.js] - Line Deleted : user_pref("iminent.adapters", "{\"www.google.fr\":{\"CountryCode\":\"FR\",\"NoAds\":false,\"Status\":1,\"AdapterKey\":\"google\",\"v\":true,\"p\":0,\"t\":1,\"th\":0.228,\"expireTime\":\"13988038086468[...]
[8qz368lo.default-1398453713062\prefs.js] - Line Deleted : user_pref("iminent.enableToolbar", "false");
[8qz368lo.default-1398453713062\prefs.js] - Line Deleted : user_pref("iminent.externalScripts", "{\"value\":[{\"addonUid\":\"10bb6277-6b2b-413e-8d82-ad9398543254\",\"name\":\"Dealply\",\"addonId\":1,\"url\":\"//i.imitinjs.info/imitin/javascript.js\",\"urlhxxp[...]
[08axc40d.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename", "Astromenda");
[08axc40d.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "Astromenda");
[08axc40d.default\prefs.js] - Line Deleted : user_pref("browser.startup.homepage", "hxxp://astromenda.com/?f=1&a=ast_ggbc_14_44_other&cd=2XzuyEtN2Y1L1QzutDtDtC0B0Bzy0B0FyD0E0FtDzyzztCzytN0D0Tzu0StCtDtAyCtN1L2XzutAtFyDtFtCtFyEtN1L1CzutCyEtBzytDyD[...]
[08axc40d.default\prefs.js] - Line Deleted : user_pref("extensions.astrmndasr.hmpgUrl", "hxxp://astromenda.com/?f=1&a=ast_ggbc_14_44_other&cd=2XzuyEtN2Y1L1QzutDtDtC0B0Bzy0B0FyD0E0FtDzyzztCzytN0D0Tzu0StCtDtAyCtN1L2XzutAtFyDtFtCtFyEtN1L1CzutCyEtBz[...]
[08axc40d.default\prefs.js] - Line Deleted : user_pref("extensions.astrmndasr.newTabUrl", "hxxp://astromenda.com/?f=2&a=ast_ggbc_14_44_other&cd=2XzuyEtN2Y1L1QzutDtDtC0B0Bzy0B0FyD0E0FtDzyzztCzytN0D0Tzu0StCtDtAyCtN1L2XzutAtFyDtFtCtFyEtN1L1CzutCyEt[...]
[08axc40d.default\prefs.js] - Line Deleted : user_pref("extensions.astrmndasr.prtnrId", "WSE_Astromenda");
[08axc40d.default\prefs.js] - Line Deleted : user_pref("extensions.astrmndasr.srchPrvdr", "Astromenda");
[08axc40d.default\prefs.js] - Line Deleted : user_pref("extensions.astrmndasr.tlbrSrchUrl", "hxxp://astromenda.com/?f=3&a=ast_ggbc_14_44_other&cd=2XzuyEtN2Y1L1QzutDtDtC0B0Bzy0B0FyD0E0FtDzyzztCzytN0D0Tzu0StCtDtAyCtN1L2XzutAtFyDtFtCtFyEtN1L1CzutCy[...]
[08axc40d.default\prefs.js] - Line Deleted : user_pref("iminent.adapters", "{\"search.iminent.com\":{\"CountryCode\":\"FR\",\"NoAds\":false,\"Status\":1,\"AdapterKey\":\"iminent\",\"v\":true,\"p\":0,\"t\":1,\"th\":1.1,\"expireTime\":\"1409257775[...]
[08axc40d.default\prefs.js] - Line Deleted : user_pref("iminent.externalScripts", "{\"value\":[{\"addonUid\":\"10bb6277-6b2b-413e-8d82-ad9398543254\",\"name\":\"Dealply\",\"addonId\":1,\"url\":\"//i.imitinjs.info/imitin/javascript.js\",\"querySt[...]

-\\ Google Chrome v


AdwCleaner[R0].txt - [41826 bytes] - [27/04/2015 20:26:11]
AdwCleaner[R1].txt - [42433 bytes] - [28/04/2015 19:53:23]
AdwCleaner[R2].txt - [20057 bytes] - [28/04/2015 20:08:12]
AdwCleaner[S0].txt - [22816 bytes] - [28/04/2015 20:05:47]
AdwCleaner[S1].txt - [17902 bytes] - [28/04/2015 20:09:25]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [17962 bytes] ##########
0
Réponse 2 / 6
SCOTCH22
28 avril 2015 à 21:19
voilà les rapports pjjoint demandés:
-FRST.txt: http://pjjoint.malekal.com/files.php?id=20150428_x11j9k7b12j5
-Shortcut.txt: http://pjjoint.malekal.com/files.php?id=20150428_j13o15z77g13
-Additionnal.txt: http://pjjoint.malekal.com/files.php?id=20150428_n14p12r1015i11
0
Réponse 3 / 6
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 658
28 avril 2015 à 21:58
Voici la correction à effectuer avec FRST.
Tu peux t'inspirer de cette note explicative avec des captures d'écran pour t'aider: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/#fix

Ouvre le bloc-notes : Touche Windows + R, dans le champs executer, tape notepad et OK.
Copie/colle dedans ce qui suit :

HKU\S-1-5-21-2391336045-2106614700-611418158-1007\...\Run: [UniblueRegistryBooster] => C:\Program Files\Uniblue\RegistryBooster\launcher.exe delay 20000
HKU\S-1-5-21-2391336045-2106614700-611418158-1007\...\Run: [GoogleChromeAutoLaunch_6585F2DB1745C53B0E224CD703466D93] => C:\Program Files\Crossbrowse\Crossbrowse\Application\crossbrowse.exe --no-startup-window
Startup: C:\Documents and Settings\HP_Administrateur\Menu Démarrer\Programmes\Démarrage\hqghumeaylnlf.lnk [2015-04-09]
FF Extension: Iminent WebBooster - C:\Program Files\Mozilla Firefox\extensions\webbooster@iminent.com [2015-03-29]
FF Extension: CinemaPlus-3.2cV26.04 - C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\8qz368lo.default-1398453713062\Extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com [2015-04-26]
R2 zepiluzu; C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\03000200-1430065749-0500-0006-000700080009\cnso10BE.tmp [151040 2015-04-26] () [File not signed]
S2 kikutuwy; C:\Documents and Settings\HP_Administrateur\Application Data\03000200-1430058305-0500-0006-000700080009\nsk169.tmp [X]
S2 mofutipe; C:\Documents and Settings\HP_Administrateur\Application Data\03000200-1430058305-0500-0006-000700080009\jnsk1075.tmp [X]
S2 Util Mountain Bike; C:\Program Files\Mountain Bike\bin\utilMountainBike.exe [X]
R2 posotebo; C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\03000200-1430065779-0500-0006-000700080009\snsq10C8.tmp [123392 2015-04-26] () [File not signed]
2015-04-27 18:00 - 2015-04-28 20:16 - 00001420 _____ () C:\WINDOWS\Tasks\QJNFZ.job
2015-04-27 18:00 - 2015-04-27 18:00 - 01973760 _____ (System NotifierV10.03) C:\Documents and Settings\HP_Administrateur\Application Data\QJNFZ.exe
2015-04-26 22:05 - 2015-04-28 19:49 - 00000000 ____D () C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\ZombieNews
2015-04-26 21:46 - 2015-04-27 19:50 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\ZombieNews
2015-04-26 21:45 - 2015-04-26 21:44 - 00613255 _____ (CMI Limited) C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\nsk11C.tmp
2015-04-26 20:58 - 2015-04-26 20:58 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\Application Data\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A}
2015-04-26 20:58 - 2015-04-26 20:58 - 00000000 ____D () C:\Documents and Settings\HP_Administrateur\Application Data\Company
2015-04-26 20:58 - 2015-04-26 20:58 - 00000000 ____D () C:\Documents and Settings\HP_Administrateur\Application Data\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A}
2015-04-26 17:40 - 2015-04-26 17:40 - 00628688 _____ (CMI Limited) C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\nso1233.tmp
2015-04-26 17:24 - 2015-04-26 17:30 - 00000000 ____D () C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\AdRotate for IE
2015-04-26 17:23 - 2015-04-26 17:22 - 00613255 _____ (CMI Limited) C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\nsk120D.tmp
2015-04-26 17:21 - 2015-04-26 17:20 - 00613255 _____ (CMI Limited) C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\nsl1204.tmp
2015-04-26 17:05 - 2015-04-28 20:16 - 00001086 _____ () C:\WINDOWS\Tasks\O3Kdv6bwrwTaiOE.job
2015-04-26 17:05 - 2015-04-26 17:05 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\Application Data\StormWatch
2015-04-26 17:04 - 2015-04-26 17:04 - 00000000 _____ () C:\WINDOWS\system32\Number of results
2015-04-26 17:01 - 2015-04-28 20:16 - 00001088 _____ () C:\WINDOWS\Tasks\rXir9BNcEu3WnISg.job
2015-04-26 16:59 - 2015-04-27 19:28 - 00000004 _____ () C:\WINDOWS\system32\029B560A371F4E00AB32838EBC01B9E7
2015-04-26 16:29 - 2015-04-28 20:20 - 00000000 ____D () C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\03000200-1430065779-0500-0006-000700080009
2015-04-26 16:29 - 2015-04-26 16:29 - 00000000 ____D () C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\03000200-1430065749-0500-0006-000700080009
2015-04-26 16:23 - 2015-04-28 20:16 - 00001106 _____ () C:\WINDOWS\Tasks\fQWhqb6vj2nsDK73JOBPwT7e0.job
2015-04-20 15:45 - 2015-04-20 15:45 - 01246720 _____ () C:\Documents and Settings\HP_Administrateur\Application Data\rXir9BNcEu3WnISg.exe
2015-04-20 15:45 - 2015-04-20 15:45 - 01246720 _____ () C:\Documents and Settings\HP_Administrateur\Application Data\O3Kdv6bwrwTaiOE.exe
2015-04-20 15:45 - 2015-04-20 15:45 - 01246720 _____ () C:\Documents and Settings\HP_Administrateur\Application Data\fQWhqb6vj2nsDK73JOBPwT7e0.exe
2015-04-14 18:28 - 2015-04-14 18:28 - 00004387 _____ () C:\Documents and Settings\HP_Administrateur\Application Data\rXir9BNcEu3WnISg
2015-04-14 18:28 - 2015-04-14 18:28 - 00004387 _____ () C:\Documents and Settings\HP_Administrateur\Application Data\O3Kdv6bwrwTaiOE
2015-04-14 18:28 - 2015-04-14 18:28 - 00004387 _____ () C:\Documents and Settings\HP_Administrateur\Application Data\fQWhqb6vj2nsDK73JOBPwT7e0
2015-04-14 18:28 - 2015-04-14 18:28 - 0004387 _____ () C:\Documents and Settings\HP_Administrateur\Application Data\fQWhqb6vj2nsDK73JOBPwT7e0
2015-04-20 15:45 - 2015-04-20 15:45 - 1246720 _____ () C:\Documents and Settings\HP_Administrateur\Application Data\fQWhqb6vj2nsDK73JOBPwT7e0.exe
2015-04-14 18:28 - 2015-04-14 18:28 - 0004387 _____ () C:\Documents and Settings\HP_Administrateur\Application Data\O3Kdv6bwrwTaiOE
2015-04-20 15:45 - 2015-04-20 15:45 - 1246720 _____ () C:\Documents and Settings\HP_Administrateur\Application Data\O3Kdv6bwrwTaiOE.exe
2015-03-09 23:30 - 2015-03-09 23:30 - 0005487 _____ () C:\Documents and Settings\HP_Administrateur\Application Data\QJNFZ
2015-04-27 18:00 - 2015-04-27 18:00 - 1973760 _____ (System NotifierV10.03) C:\Documents and Settings\HP_Administrateur\Application Data\QJNFZ.exe
2015-04-14 18:28 - 2015-04-14 18:28 - 0004387 _____ () C:\Documents and Settings\HP_Administrateur\Application Data\rXir9BNcEu3WnISg
2015-04-20 15:45 - 2015-04-20 15:45 - 1246720 _____ () C:\Documents and Settings\HP_Administrateur\Application Data\rXir9BNcEu3WnISg.exe
2008-10-08 14:56 - 2007-05-23 15:32 - 0000140 ____C () C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\fusioncache.dat
2015-04-26 21:45 - 2015-04-26 21:44 - 0613255 _____ (CMI Limited) C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\nsk11C.tmp
2015-04-26 17:23 - 2015-04-26 17:22 - 0613255 _____ (CMI Limited) C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\nsk120D.tmp
2015-04-26 17:21 - 2015-04-26 17:20 - 0613255 _____ (CMI Limited) C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\nsl1204.tmp
2015-04-26 17:40 - 2015-04-26 17:40 - 0628688 _____ (CMI Limited) C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\nso1233.tmp
Task: C:\WINDOWS\Tasks\fQWhqb6vj2nsDK73JOBPwT7e0.job => C:\Documents and Settings\HP_Administrateur\Application Data\fQWhqb6vj2nsDK73JOBPwT7e0.exe
Task: C:\WINDOWS\Tasks\O3Kdv6bwrwTaiOE.job => C:\Documents and Settings\HP_Administrateur\Application Data\O3Kdv6bwrwTaiOE.exe
Task: C:\WINDOWS\Tasks\QJNFZ.job => C:\Documents and Settings\HP_Administrateur\Application Data\QJNFZ.exe
Task: C:\WINDOWS\Tasks\rXir9BNcEu3WnISg.job => C:\Documents and Settings\HP_Administrateur\Application Data\rXir9BNcEu3WnISg.exe

Une fois, le texte coller dans le bloc-note.
Menu Fichier puis Enregistrer sous.
A gauche, place toi sur le bureau.

Dans le champs en bas, nom du fichier mets : fixlist.txt
Clic sur Enregistrer - cela va créer un fichier fixlist.txt sur le bureau.

Relance FRST qui doit se trouver sur le bureau et clic sur le bouton Fix
Selon comment un redémarrage est nécessaire (pas obligatoire).
Un fichier texte apparaît, copie/colle le contenu ici dans un nouveau message.

Redémarre l'ordinateur


puis réinitialise tes navigateurs:
==================================
Réinitialise tes navigateurs et ou manuellement reparamètre tes navigateurs WEB (page de démarrage, moteur de recherche etc) mais aussi supprimer/désactiver les extensions inutiles/parasites :


0
Réponse 4 / 6
SCOTCH22
1 mai 2015 à 13:43
Bonjour, merci de tes réponses
désoler de ne répondre que maintenant j'ai eu une semaine un peu chargé!

Voila le contenu demandé:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 27-04-2015 01
Ran by HP_Administrateur at 2015-04-29 20:45:28 Run:1
Running from C:\Documents and Settings\HP_Administrateur\Bureau
Loaded Profiles: HP_Administrateur (Available profiles: HP_Administrateur & VEM & Administrateur)
Boot Mode: Normal

==============================================

Content of fixlist:

HKU\S-1-5-21-2391336045-2106614700-611418158-1007\...\Run: [UniblueRegistryBooster] => C:\Program Files\Uniblue\RegistryBooster\launcher.exe delay 20000
HKU\S-1-5-21-2391336045-2106614700-611418158-1007\...\Run: [GoogleChromeAutoLaunch_6585F2DB1745C53B0E224CD703466D93] => C:\Program Files\Crossbrowse\Crossbrowse\Application\crossbrowse.exe --no-startup-window
Startup: C:\Documents and Settings\HP_Administrateur\Menu Démarrer\Programmes\Démarrage\hqghumeaylnlf.lnk [2015-04-09]
FF Extension: Iminent WebBooster - C:\Program Files\Mozilla Firefox\extensions\***@*** [2015-03-29]
FF Extension: CinemaPlus-3.2cV26.04 - C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\8qz368lo.default-1398453713062\Extensions\***@*** [2015-04-26]
R2 zepiluzu; C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\03000200-1430065749-0500-0006-000700080009\cnso10BE.tmp [151040 2015-04-26] () [File not signed]
S2 kikutuwy; C:\Documents and Settings\HP_Administrateur\Application Data\03000200-1430058305-0500-0006-000700080009\nsk169.tmp [X]
S2 mofutipe; C:\Documents and Settings\HP_Administrateur\Application Data\03000200-1430058305-0500-0006-000700080009\jnsk1075.tmp [X]
S2 Util Mountain Bike; C:\Program Files\Mountain Bike\bin\utilMountainBike.exe [X]
R2 posotebo; C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\03000200-1430065779-0500-0006-000700080009\snsq10C8.tmp [123392 2015-04-26] () [File not signed]
2015-04-27 18:00 - 2015-04-28 20:16 - 00001420 _____ () C:\WINDOWS\Tasks\QJNFZ.job
2015-04-27 18:00 - 2015-04-27 18:00 - 01973760 _____ (System NotifierV10.03) C:\Documents and Settings\HP_Administrateur\Application Data\QJNFZ.exe
2015-04-26 22:05 - 2015-04-28 19:49 - 00000000 ____D () C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\ZombieNews
2015-04-26 21:46 - 2015-04-27 19:50 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\ZombieNews
2015-04-26 21:45 - 2015-04-26 21:44 - 00613255 _____ (CMI Limited) C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\nsk11C.tmp
2015-04-26 20:58 - 2015-04-26 20:58 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\Application Data\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A}
2015-04-26 20:58 - 2015-04-26 20:58 - 00000000 ____D () C:\Documents and Settings\HP_Administrateur\Application Data\Company
2015-04-26 20:58 - 2015-04-26 20:58 - 00000000 ____D () C:\Documents and Settings\HP_Administrateur\Application Data\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A}
2015-04-26 17:40 - 2015-04-26 17:40 - 00628688 _____ (CMI Limited) C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\nso1233.tmp
2015-04-26 17:24 - 2015-04-26 17:30 - 00000000 ____D () C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\AdRotate for IE
2015-04-26 17:23 - 2015-04-26 17:22 - 00613255 _____ (CMI Limited) C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\nsk120D.tmp
2015-04-26 17:21 - 2015-04-26 17:20 - 00613255 _____ (CMI Limited) C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\nsl1204.tmp
2015-04-26 17:05 - 2015-04-28 20:16 - 00001086 _____ () C:\WINDOWS\Tasks\O3Kdv6bwrwTaiOE.job
2015-04-26 17:05 - 2015-04-26 17:05 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\Application Data\StormWatch
2015-04-26 17:04 - 2015-04-26 17:04 - 00000000 _____ () C:\WINDOWS\system32\Number of results
2015-04-26 17:01 - 2015-04-28 20:16 - 00001088 _____ () C:\WINDOWS\Tasks\rXir9BNcEu3WnISg.job
2015-04-26 16:59 - 2015-04-27 19:28 - 00000004 _____ () C:\WINDOWS\system32\029B560A371F4E00AB32838EBC01B9E7
2015-04-26 16:29 - 2015-04-28 20:20 - 00000000 ____D () C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\03000200-1430065779-0500-0006-000700080009
2015-04-26 16:29 - 2015-04-26 16:29 - 00000000 ____D () C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\03000200-1430065749-0500-0006-000700080009
2015-04-26 16:23 - 2015-04-28 20:16 - 00001106 _____ () C:\WINDOWS\Tasks\fQWhqb6vj2nsDK73JOBPwT7e0.job
2015-04-20 15:45 - 2015-04-20 15:45 - 01246720 _____ () C:\Documents and Settings\HP_Administrateur\Application Data\rXir9BNcEu3WnISg.exe
2015-04-20 15:45 - 2015-04-20 15:45 - 01246720 _____ () C:\Documents and Settings\HP_Administrateur\Application Data\O3Kdv6bwrwTaiOE.exe
2015-04-20 15:45 - 2015-04-20 15:45 - 01246720 _____ () C:\Documents and Settings\HP_Administrateur\Application Data\fQWhqb6vj2nsDK73JOBPwT7e0.exe
2015-04-14 18:28 - 2015-04-14 18:28 - 00004387 _____ () C:\Documents and Settings\HP_Administrateur\Application Data\rXir9BNcEu3WnISg
2015-04-14 18:28 - 2015-04-14 18:28 - 00004387 _____ () C:\Documents and Settings\HP_Administrateur\Application Data\O3Kdv6bwrwTaiOE
2015-04-14 18:28 - 2015-04-14 18:28 - 00004387 _____ () C:\Documents and Settings\HP_Administrateur\Application Data\fQWhqb6vj2nsDK73JOBPwT7e0
2015-04-14 18:28 - 2015-04-14 18:28 - 0004387 _____ () C:\Documents and Settings\HP_Administrateur\Application Data\fQWhqb6vj2nsDK73JOBPwT7e0
2015-04-20 15:45 - 2015-04-20 15:45 - 1246720 _____ () C:\Documents and Settings\HP_Administrateur\Application Data\fQWhqb6vj2nsDK73JOBPwT7e0.exe
2015-04-14 18:28 - 2015-04-14 18:28 - 0004387 _____ () C:\Documents and Settings\HP_Administrateur\Application Data\O3Kdv6bwrwTaiOE
2015-04-20 15:45 - 2015-04-20 15:45 - 1246720 _____ () C:\Documents and Settings\HP_Administrateur\Application Data\O3Kdv6bwrwTaiOE.exe
2015-03-09 23:30 - 2015-03-09 23:30 - 0005487 _____ () C:\Documents and Settings\HP_Administrateur\Application Data\QJNFZ
2015-04-27 18:00 - 2015-04-27 18:00 - 1973760 _____ (System NotifierV10.03) C:\Documents and Settings\HP_Administrateur\Application Data\QJNFZ.exe
2015-04-14 18:28 - 2015-04-14 18:28 - 0004387 _____ () C:\Documents and Settings\HP_Administrateur\Application Data\rXir9BNcEu3WnISg
2015-04-20 15:45 - 2015-04-20 15:45 - 1246720 _____ () C:\Documents and Settings\HP_Administrateur\Application Data\rXir9BNcEu3WnISg.exe
2008-10-08 14:56 - 2007-05-23 15:32 - 0000140 ____C () C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\fusioncache.dat
2015-04-26 21:45 - 2015-04-26 21:44 - 0613255 _____ (CMI Limited) C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\nsk11C.tmp
2015-04-26 17:23 - 2015-04-26 17:22 - 0613255 _____ (CMI Limited) C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\nsk120D.tmp
2015-04-26 17:21 - 2015-04-26 17:20 - 0613255 _____ (CMI Limited) C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\nsl1204.tmp
2015-04-26 17:40 - 2015-04-26 17:40 - 0628688 _____ (CMI Limited) C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\nso1233.tmp
Task: C:\WINDOWS\Tasks\fQWhqb6vj2nsDK73JOBPwT7e0.job => C:\Documents and Settings\HP_Administrateur\Application Data\fQWhqb6vj2nsDK73JOBPwT7e0.exe
Task: C:\WINDOWS\Tasks\O3Kdv6bwrwTaiOE.job => C:\Documents and Settings\HP_Administrateur\Application Data\O3Kdv6bwrwTaiOE.exe
Task: C:\WINDOWS\Tasks\QJNFZ.job => C:\Documents and Settings\HP_Administrateur\Application Data\QJNFZ.exe
Task: C:\WINDOWS\Tasks\rXir9BNcEu3WnISg.job => C:\Documents and Settings\HP_Administrateur\Application Data\rXir9BNcEu3WnISg.exe


HKU\S-1-5-21-2391336045-2106614700-611418158-1007\Software\Microsoft\Windows\CurrentVersion\Run\\UniblueRegistryBooster => value deleted successfully.
HKU\S-1-5-21-2391336045-2106614700-611418158-1007\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_6585F2DB1745C53B0E224CD703466D93 => value deleted successfully.
C:\Documents and Settings\HP_Administrateur\Menu Démarrer\Programmes\Démarrage\hqghumeaylnlf.lnk => Moved successfully.
C:\Program Files\Mozilla Firefox\extensions\***@*** => Moved successfully.
C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\8qz368lo.default-1398453713062\Extensions\***@*** => Moved successfully.
zepiluzu => Service stopped successfully.
zepiluzu => Service deleted successfully.
kikutuwy => Service deleted successfully.
mofutipe => Service deleted successfully.
Util Mountain Bike => Service deleted successfully.
posotebo => Service stopped successfully.
posotebo => Service deleted successfully.
C:\WINDOWS\Tasks\QJNFZ.job => Moved successfully.
C:\Documents and Settings\HP_Administrateur\Application Data\QJNFZ.exe => Moved successfully.
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\ZombieNews => Moved successfully.
C:\Documents and Settings\All Users\Application Data\ZombieNews => Moved successfully.
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\nsk11C.tmp => Moved successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A} => Moved successfully.
C:\Documents and Settings\HP_Administrateur\Application Data\Company => Moved successfully.
C:\Documents and Settings\HP_Administrateur\Application Data\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A} => Moved successfully.
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\nso1233.tmp => Moved successfully.
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\AdRotate for IE => Moved successfully.
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\nsk120D.tmp => Moved successfully.
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\nsl1204.tmp => Moved successfully.
C:\WINDOWS\Tasks\O3Kdv6bwrwTaiOE.job => Moved successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\StormWatch => Moved successfully.
C:\WINDOWS\system32\Number of results => Moved successfully.
C:\WINDOWS\Tasks\rXir9BNcEu3WnISg.job => Moved successfully.
C:\WINDOWS\system32\029B560A371F4E00AB32838EBC01B9E7 => Moved successfully.
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\03000200-1430065779-0500-0006-000700080009 => Moved successfully.
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\03000200-1430065749-0500-0006-000700080009 => Moved successfully.
C:\WINDOWS\Tasks\fQWhqb6vj2nsDK73JOBPwT7e0.job => Moved successfully.
C:\Documents and Settings\HP_Administrateur\Application Data\rXir9BNcEu3WnISg.exe => Moved successfully.
C:\Documents and Settings\HP_Administrateur\Application Data\O3Kdv6bwrwTaiOE.exe => Moved successfully.
C:\Documents and Settings\HP_Administrateur\Application Data\fQWhqb6vj2nsDK73JOBPwT7e0.exe => Moved successfully.
C:\Documents and Settings\HP_Administrateur\Application Data\rXir9BNcEu3WnISg => Moved successfully.
C:\Documents and Settings\HP_Administrateur\Application Data\O3Kdv6bwrwTaiOE => Moved successfully.
C:\Documents and Settings\HP_Administrateur\Application Data\fQWhqb6vj2nsDK73JOBPwT7e0 => Moved successfully.
"C:\Documents and Settings\HP_Administrateur\Application Data\fQWhqb6vj2nsDK73JOBPwT7e0" => File/Directory not found.
"C:\Documents and Settings\HP_Administrateur\Application Data\fQWhqb6vj2nsDK73JOBPwT7e0.exe" => File/Directory not found.
"C:\Documents and Settings\HP_Administrateur\Application Data\O3Kdv6bwrwTaiOE" => File/Directory not found.
"C:\Documents and Settings\HP_Administrateur\Application Data\O3Kdv6bwrwTaiOE.exe" => File/Directory not found.
C:\Documents and Settings\HP_Administrateur\Application Data\QJNFZ => Moved successfully.
"C:\Documents and Settings\HP_Administrateur\Application Data\QJNFZ.exe" => File/Directory not found.
"C:\Documents and Settings\HP_Administrateur\Application Data\rXir9BNcEu3WnISg" => File/Directory not found.
"C:\Documents and Settings\HP_Administrateur\Application Data\rXir9BNcEu3WnISg.exe" => File/Directory not found.
C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\fusioncache.dat => Moved successfully.
"C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\nsk11C.tmp" => File/Directory not found.
"C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\nsk120D.tmp" => File/Directory not found.
"C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\nsl1204.tmp" => File/Directory not found.
"C:\Documents and Settings\HP_Administrateur\Local Settings\Application Data\nso1233.tmp" => File/Directory not found.
C:\WINDOWS\Tasks\fQWhqb6vj2nsDK73JOBPwT7e0.job not found.
C:\WINDOWS\Tasks\O3Kdv6bwrwTaiOE.job not found.
C:\WINDOWS\Tasks\QJNFZ.job not found.
C:\WINDOWS\Tasks\rXir9BNcEu3WnISg.job not found.

End of Fixlog 20:46:19

0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 6
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 658
1 mai 2015 à 14:16
Fais le reste et vois ce que cela donne =)
0
SCOTCH22
1 mai 2015 à 14:37
Je te remercie énormément, mozilla s'ouvre en moins d'une minute, je n'ai plus de virus c'est génial!
Merci beaucoup! :)
0
Réponse 6 / 6
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 658
1 mai 2015 à 14:49
=)

Voila, c'est terminé, tu peux supprimer les programmes utilisés.

Quelques conseils :



Pour prévenir les sites malicieux, tu peux installer Blockulicious : https://forum.malekal.com/viewtopic.php?t=46656&start=


Pour ne plus te faire avoir.
A lire - Programmes parasites / PUPs : https://www.malekal.com/adwares-pup-protection/
(notamment active les détections LPIs/PUP sur ton antivirus comme cela est conseillé)

Le reste de la sécurité : http://forum.malekal.com/comment-securiser-son-ordinateur.html


0

Discussions similaires

Pourquoi Program files (x86) et Programmes?
peer_at -
abdelhak -

7 réponses
Virus Dr Guard sur mon PC
Mike -
Mike -

78 réponses
Program files (x86) ?
Naudellette -
g33 -

8 réponses
absence affichage des programmes TV (info indisponible quel que soit la chaîne)
lili -
Andy31200 -

1 réponse