Fenêtres "Breaking News Alert" et sondages
Résolu/Fermé
Ju6221
Messages postés
8
Date d'inscription
vendredi 26 avril 2013
Statut
Membre
Dernière intervention
6 mai 2015
-
6 mai 2015 à 11:34
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 - 17 mai 2015 à 18:55
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 - 17 mai 2015 à 18:55
A voir également:
- Fenêtres "Breaking News Alert" et sondages
- Afficher toutes les fenetres ouvertes windows - Guide
- Comment ouvrir deux fenetres sur pc - Guide
- Breaking bad streaming gratuit ✓ - Forum Réseaux sociaux
- Restaurer les fenetres chrome - Guide
- Mon clavier n'écrit plus et ouvre des fenetres ✓ - Forum Clavier
4 réponses
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 659
6 mai 2015 à 11:35
6 mai 2015 à 11:35
Salut,
Tu as installé des adwares et programmes parasites sur ton PC qui ouvrent des publicités et ralentissent l'ordinateur et les navigateurs WEB.
Voici la procédure à suivre pour les supprimer :
Commence par ceci :
Suis le tutorial AdwCleaner https://www.malekal.com/adwcleaner-supprimer-virus-adwares-pup/?t=33839&start= ( d'Xplode )
Télécharge le sur ton bureau ou dossier de téléchargement.
Lance AdwCleaner, clique sur [Scanner].
L'analyse peux durer plusieurs minutes, patiente.
Une fois le scan terminé, ne décoche rien, clique sur [Nettoyer]
Une fois le nettoyage terminé, un rapport s'ouvrira. Copie/colle le contenu du rapport dans ta prochaine réponse par un copier/coller.
Si cela ne fonctionne pas, utilise le site http://pjjoint.malekal.com pour héberger le rapport, donne le lien du rapport dans un nouveau message.
Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt
puis :
Suis ce tutoriel FRST: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/
(et bien prendre le temps de lire afin d'appliquer correctement - tout y est expliqué).
Télécharge et lance le scan FRST, cela va générer trois rapports FRST :
Envoie, comme expliqué, ces trois rapports sur le site http://pjjoint.malekal.com et en retour donne les trois liens pjjoint qui mènent à ses rapports ici dans une nouvelle réponse afin que l'on puisse les consulter.
Tu as installé des adwares et programmes parasites sur ton PC qui ouvrent des publicités et ralentissent l'ordinateur et les navigateurs WEB.
Voici la procédure à suivre pour les supprimer :
Commence par ceci :
Suis le tutorial AdwCleaner https://www.malekal.com/adwcleaner-supprimer-virus-adwares-pup/?t=33839&start= ( d'Xplode )
Télécharge le sur ton bureau ou dossier de téléchargement.
Lance AdwCleaner, clique sur [Scanner].
L'analyse peux durer plusieurs minutes, patiente.
Une fois le scan terminé, ne décoche rien, clique sur [Nettoyer]
Une fois le nettoyage terminé, un rapport s'ouvrira. Copie/colle le contenu du rapport dans ta prochaine réponse par un copier/coller.
Si cela ne fonctionne pas, utilise le site http://pjjoint.malekal.com pour héberger le rapport, donne le lien du rapport dans un nouveau message.
Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt
puis :
Suis ce tutoriel FRST: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/
(et bien prendre le temps de lire afin d'appliquer correctement - tout y est expliqué).
Télécharge et lance le scan FRST, cela va générer trois rapports FRST :
- FRST.txt
- Shortcut.txt
- Additionnal.txt
Envoie, comme expliqué, ces trois rapports sur le site http://pjjoint.malekal.com et en retour donne les trois liens pjjoint qui mènent à ses rapports ici dans une nouvelle réponse afin que l'on puisse les consulter.
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 659
6 mai 2015 à 13:20
6 mai 2015 à 13:20
=)
Voila, c'est terminé, tu peux supprimer les programmes utilisés.
Quelques conseils :
Pour prévenir les sites malicieux, tu peux installer Blockulicious : https://forum.malekal.com/viewtopic.php?t=46656&start=
Pour ne plus te faire avoir.
A lire - Programmes parasites / PUPs : https://www.malekal.com/adwares-pup-protection/
(Surtout active les détections LPIs pour détecter les programmes parasites et publicitaires)
Le reste de la sécurité : http://forum.malekal.com/comment-securiser-son-ordinateur.html
Voila, c'est terminé, tu peux supprimer les programmes utilisés.
Quelques conseils :
Pour prévenir les sites malicieux, tu peux installer Blockulicious : https://forum.malekal.com/viewtopic.php?t=46656&start=
Pour ne plus te faire avoir.
A lire - Programmes parasites / PUPs : https://www.malekal.com/adwares-pup-protection/
(Surtout active les détections LPIs pour détecter les programmes parasites et publicitaires)
Le reste de la sécurité : http://forum.malekal.com/comment-securiser-son-ordinateur.html
Bonjour, je prends la suite; je suis affecte également par ce programme.
Voici ci dessous mon rapport ADW Cleaner
Merci pour vos informations.
# AdwCleaner v4.204 - Rapport créé le 17/05/2015 à 10:45:07
# Mis à jour le 12/05/2015 par Xplode
# Base de données : 2015-05-12.2 [Serveur]
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (x64)
# Nom d'utilisateur : xx - MARYSE
# Exécuté depuis : C:\Users\xx\Desktop\adwcleaner_4.204.exe
# Option : Nettoyer
Dossier Supprimé : C:\BreakingNewsAlert
Dossier Supprimé : C:\ProgramData\NetEngine
Dossier Supprimé : C:\Users\xx\AppData\Local\BreakingNewsAlert
Tâche Supprimée : NetEngine
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
-\\ Internet Explorer v11.0.9600.17689
AdwCleaner[R0].txt - [4735 octets] - [30/01/2014 15:28:42]
AdwCleaner[R10].txt - [8774 octets] - [05/05/2015 10:12:10]
AdwCleaner[R11].txt - [19569 octets] - [16/05/2015 20:29:35]
AdwCleaner[R12].txt - [2178 octets] - [16/05/2015 20:35:46]
AdwCleaner[R13].txt - [2371 octets] - [16/05/2015 21:30:16]
AdwCleaner[R14].txt - [2321 octets] - [16/05/2015 21:34:27]
AdwCleaner[R15].txt - [2677 octets] - [17/05/2015 08:18:53]
AdwCleaner[R16].txt - [2505 octets] - [17/05/2015 08:26:06]
AdwCleaner[R17].txt - [2698 octets] - [17/05/2015 08:44:35]
AdwCleaner[R18].txt - [2941 octets] - [17/05/2015 09:59:14]
AdwCleaner[R19].txt - [3002 octets] - [17/05/2015 10:40:18]
AdwCleaner[R1].txt - [5386 octets] - [06/02/2014 12:02:26]
AdwCleaner[R2].txt - [3715 octets] - [22/02/2014 16:48:22]
AdwCleaner[R3].txt - [1916 octets] - [25/02/2014 10:11:57]
AdwCleaner[R4].txt - [1144 octets] - [25/02/2014 10:14:50]
AdwCleaner[R5].txt - [1204 octets] - [26/02/2014 18:56:11]
AdwCleaner[R6].txt - [5240 octets] - [21/04/2014 10:50:24]
AdwCleaner[R7].txt - [3988 octets] - [15/05/2014 09:35:19]
AdwCleaner[R8].txt - [4061 octets] - [25/07/2014 21:44:30]
AdwCleaner[R9].txt - [17806 octets] - [01/05/2015 10:00:17]
AdwCleaner[S0].txt - [4318 octets] - [30/01/2014 15:29:35]
AdwCleaner[S10].txt - [2246 octets] - [16/05/2015 20:36:44]
AdwCleaner[S11].txt - [2401 octets] - [16/05/2015 21:33:05]
AdwCleaner[S12].txt - [2711 octets] - [17/05/2015 08:24:02]
AdwCleaner[S13].txt - [2767 octets] - [17/05/2015 08:45:34]
AdwCleaner[S14].txt - [2390 octets] - [17/05/2015 10:45:07]
AdwCleaner[S1].txt - [3411 octets] - [06/02/2014 12:03:18]
AdwCleaner[S2].txt - [3750 octets] - [22/02/2014 16:48:59]
AdwCleaner[S3].txt - [1956 octets] - [25/02/2014 10:12:48]
AdwCleaner[S4].txt - [4935 octets] - [21/04/2014 10:52:20]
AdwCleaner[S5].txt - [4081 octets] - [15/05/2014 09:35:44]
AdwCleaner[S6].txt - [3411 octets] - [25/07/2014 21:45:42]
AdwCleaner[S7].txt - [12244 octets] - [01/05/2015 10:01:22]
AdwCleaner[S8].txt - [8800 octets] - [05/05/2015 10:14:17]
AdwCleaner[S9].txt - [17516 octets] - [16/05/2015 20:30:49]
########## EOF - C:\AdwCleaner\AdwCleaner[S14].txt - [2993 octets] ##########
Voici ci dessous mon rapport ADW Cleaner
Merci pour vos informations.
# AdwCleaner v4.204 - Rapport créé le 17/05/2015 à 10:45:07
# Mis à jour le 12/05/2015 par Xplode
# Base de données : 2015-05-12.2 [Serveur]
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (x64)
# Nom d'utilisateur : xx - MARYSE
# Exécuté depuis : C:\Users\xx\Desktop\adwcleaner_4.204.exe
# Option : Nettoyer
- [ Services ] *****
- [ Fichiers / Dossiers ] *****
Dossier Supprimé : C:\BreakingNewsAlert
Dossier Supprimé : C:\ProgramData\NetEngine
Dossier Supprimé : C:\Users\xx\AppData\Local\BreakingNewsAlert
- [ Tâches planifiées ] *****
Tâche Supprimée : NetEngine
- [ Raccourcis ] *****
- [ Registre ] *****
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
- [ Navigateurs ] *****
-\\ Internet Explorer v11.0.9600.17689
AdwCleaner[R0].txt - [4735 octets] - [30/01/2014 15:28:42]
AdwCleaner[R10].txt - [8774 octets] - [05/05/2015 10:12:10]
AdwCleaner[R11].txt - [19569 octets] - [16/05/2015 20:29:35]
AdwCleaner[R12].txt - [2178 octets] - [16/05/2015 20:35:46]
AdwCleaner[R13].txt - [2371 octets] - [16/05/2015 21:30:16]
AdwCleaner[R14].txt - [2321 octets] - [16/05/2015 21:34:27]
AdwCleaner[R15].txt - [2677 octets] - [17/05/2015 08:18:53]
AdwCleaner[R16].txt - [2505 octets] - [17/05/2015 08:26:06]
AdwCleaner[R17].txt - [2698 octets] - [17/05/2015 08:44:35]
AdwCleaner[R18].txt - [2941 octets] - [17/05/2015 09:59:14]
AdwCleaner[R19].txt - [3002 octets] - [17/05/2015 10:40:18]
AdwCleaner[R1].txt - [5386 octets] - [06/02/2014 12:02:26]
AdwCleaner[R2].txt - [3715 octets] - [22/02/2014 16:48:22]
AdwCleaner[R3].txt - [1916 octets] - [25/02/2014 10:11:57]
AdwCleaner[R4].txt - [1144 octets] - [25/02/2014 10:14:50]
AdwCleaner[R5].txt - [1204 octets] - [26/02/2014 18:56:11]
AdwCleaner[R6].txt - [5240 octets] - [21/04/2014 10:50:24]
AdwCleaner[R7].txt - [3988 octets] - [15/05/2014 09:35:19]
AdwCleaner[R8].txt - [4061 octets] - [25/07/2014 21:44:30]
AdwCleaner[R9].txt - [17806 octets] - [01/05/2015 10:00:17]
AdwCleaner[S0].txt - [4318 octets] - [30/01/2014 15:29:35]
AdwCleaner[S10].txt - [2246 octets] - [16/05/2015 20:36:44]
AdwCleaner[S11].txt - [2401 octets] - [16/05/2015 21:33:05]
AdwCleaner[S12].txt - [2711 octets] - [17/05/2015 08:24:02]
AdwCleaner[S13].txt - [2767 octets] - [17/05/2015 08:45:34]
AdwCleaner[S14].txt - [2390 octets] - [17/05/2015 10:45:07]
AdwCleaner[S1].txt - [3411 octets] - [06/02/2014 12:03:18]
AdwCleaner[S2].txt - [3750 octets] - [22/02/2014 16:48:59]
AdwCleaner[S3].txt - [1956 octets] - [25/02/2014 10:12:48]
AdwCleaner[S4].txt - [4935 octets] - [21/04/2014 10:52:20]
AdwCleaner[S5].txt - [4081 octets] - [15/05/2014 09:35:44]
AdwCleaner[S6].txt - [3411 octets] - [25/07/2014 21:45:42]
AdwCleaner[S7].txt - [12244 octets] - [01/05/2015 10:01:22]
AdwCleaner[S8].txt - [8800 octets] - [05/05/2015 10:14:17]
AdwCleaner[S9].txt - [17516 octets] - [16/05/2015 20:30:49]
########## EOF - C:\AdwCleaner\AdwCleaner[S14].txt - [2993 octets] ##########
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 659
17 mai 2015 à 10:59
17 mai 2015 à 10:59
Salut,
Faire FRST, voir instructions dans le premier message : https://forums.commentcamarche.net/forum/affich-31933485-fenetres-breaking-news-alert-et-sondages#1
Faire FRST, voir instructions dans le premier message : https://forums.commentcamarche.net/forum/affich-31933485-fenetres-breaking-news-alert-et-sondages#1
tony27430
>
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
17 mai 2015 à 11:38
17 mai 2015 à 11:38
Merci de tes informations...
Voila les trois rapports FRST
http://pjjoint.malekal.com/files.php?id=20150517_h12b15i9v12n6
http://pjjoint.malekal.com/files.php?id=20150517_r6b8q6e10h13
http://pjjoint.malekal.com/files.php?id=20150517_j11s8n14x1111
Voila les trois rapports FRST
http://pjjoint.malekal.com/files.php?id=20150517_h12b15i9v12n6
http://pjjoint.malekal.com/files.php?id=20150517_r6b8q6e10h13
http://pjjoint.malekal.com/files.php?id=20150517_j11s8n14x1111
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 659
17 mai 2015 à 11:45
17 mai 2015 à 11:45
Voici la correction à effectuer avec FRST.
Tu peux t'inspirer de cette note explicative avec des captures d'écran pour t'aider: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/#fix
Ouvre le bloc-notes : Touche Windows + R, dans le champs executer, tape notepad et OK.
Copie/colle dedans ce qui suit :
AppInit_DLLs: C:\ProgramData\LolliScan\LolliScan64.dll => C:\ProgramData\LolliScan\LolliScan64.dll File Not Found
AppInit_DLLs-x32: C:\ProgramData\LolliScan\LolliScan32.dll => C:\ProgramData\LolliScan\LolliScan32.dll File Not Found
HKLM-x32\...\Run: [fst_fr_68] => [X]
HKLM-x32\...\Run: [gmsd_fr_509] => [X]
HKLM-x32\...\Run: [gmsd_fr_539] => [X]
Startup: C:\Users\xx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hqghumeaylnlf.lnk [2015-04-28]
ShortcutTarget: hqghumeaylnlf.lnk -> C:\ProgramData\{5a7e33d4-7d6f-8a5a-5a7e-e33d47d6cf51}\hqghumeaylnlf.exe (No File)
FF HKLM\...\Firefox\Extensions: [{5081D2D4-1637-404c-B74F-50526718257D}] - C:\Program Files\shopperz\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{5081D2D4-1637-404c-B74F-50526718257D}] - C:\Program Files\shopperz\Firefox
FF HKU\S-1-5-21-375400878-4290662891-575217006-1000\...\Firefox\Extensions: [{fd4267e8-9c63-47d4-a37a-3714f991605d}] - C:\Program Files (x86)\Re-Markable\150.xpi
R2 KELsnckkk; C:\ProgramData\kjdhaYImg\KELsnckkk.exe [2731488 2015-05-16] (Useful Technology)
R2 Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [243232 2010-01-29] (Acer Group)
R2 xixynyko; C:\Users\xx\AppData\Roaming\E1A6FB90-1431788769-1020-0615-211750000000\jnsw2E4F.tmp [235520 2015-05-16] () [File not signed]
R2 xygefuzu; C:\Users\xx\AppData\Roaming\E1A6FB90-1431788769-1020-0615-211750000000\hnsw4663.tmp [396288 2015-05-16] () [File not signed]
S2 cipyjywi; C:\Users\xx\AppData\Roaming\E1A6FB90-1430466647-1020-0615-211750000000\nsf8C2.tmpfs [X]
R2 lupucylu; C:\Users\xx\AppData\Roaming\E1A6FB90-1431788769-1020-0615-211750000000\nsbF214.tmpfs [X]
S2 pihewyqu; C:\Users\xx\AppData\Roaming\E1A6FB90-1430466647-1020-0615-211750000000\jnsu4357.tmp [X]
2015-05-17 10:57 - 2015-05-17 10:57 - 00000000 ____D () C:\BreakingNewsAlert
2015-05-17 10:51 - 2015-05-17 11:32 - 00003456 _____ () C:\Windows\System32\Tasks\NetEngine
2015-05-17 10:51 - 2015-05-17 10:51 - 00000000 ____D () C:\ProgramData\NetEngine
2015-05-17 10:46 - 2015-05-17 11:31 - 00000000 ____D () C:\Users\xx\AppData\Local\BreakingNewsAlert
2015-05-16 20:26 - 2015-05-17 11:27 - 00000324 _____ () C:\Windows\Tasks\EMAUAH1.job
2015-05-16 20:26 - 2015-05-16 20:27 - 00000000 ____D () C:\ProgramData\kjdhaYImg
2015-05-16 20:26 - 2015-05-16 20:26 - 00003542 _____ () C:\Windows\System32\Tasks\HJPQXRTER
2015-05-16 20:26 - 2015-05-16 20:26 - 00002846 _____ () C:\Windows\System32\Tasks\EMAUAH1
2015-05-16 20:26 - 2015-05-16 20:26 - 00000000 ____D () C:\Users\xx\AppData\Roaming\E1A6FB90-1431800763-1020-0615-211750000000
2015-05-16 20:26 - 2015-05-16 20:26 - 00000000 ____D () C:\ProgramData\c1c05f7061d940b085ed209085e4a787
2015-05-16 20:25 - 2015-05-16 20:25 - 00000000 ____D () C:\ProgramData\7c0535b143fc4671b6ebd202fbffe066
2015-05-16 18:54 - 2015-05-16 18:54 - 00000000 ____D () C:\Users\xx\AppData\Roaming\E1A6FB90-1431795298-1020-0615-211750000000
2015-05-16 18:52 - 2015-05-16 18:52 - 00000000 ____D () C:\Program Files (x86)\Exploremedia
2015-05-16 18:48 - 2015-05-16 18:48 - 00003138 _____ () C:\Windows\System32\Tasks\{5709581D-ADF8-4771-9A8D-2FE12AA7F600}
2015-05-16 18:45 - 2015-05-16 18:45 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_webTinstMKTN84_01009.Wdf
2015-05-16 18:44 - 2015-05-16 18:44 - 00000045 _____ () C:\user.js
2015-05-16 18:44 - 2015-05-16 18:44 - 00000000 _____ () C:\Windows\SysWOW64\Number of results
2015-05-16 18:18 - 2015-05-16 18:18 - 00628688 _____ (CMI Limited) C:\Users\xx\AppData\Local\nsn9ED7.tmp
2015-05-16 17:40 - 2015-05-16 17:40 - 00613255 _____ (CMI Limited) C:\Users\xx\AppData\Local\nsz3DEC.tmp
2015-05-16 17:25 - 2015-05-16 17:24 - 00613255 _____ (CMI Limited) C:\Users\xx\AppData\Local\nstA4A0.tmp
2015-05-16 17:06 - 2015-05-16 17:24 - 00000000 ____D () C:\Users\xx\AppData\Roaming\E1A6FB90-1431788769-1020-0615-211750000000
2015-05-16 17:06 - 2009-06-10 23:00 - 00000824 _____ () C:\Windows\system32\Drivers\etc\hp.bak
2015-05-04 12:18 - 2015-05-04 12:18 - 00000000 _____ () C:\Users\xx\AppData\Local\.a852.db
2015-05-01 10:00 - 2015-05-16 17:18 - 00003806 _____ () C:\Windows\SysWOW64\${LOGFILE}
2015-05-01 09:52 - 2015-05-01 09:52 - 00003130 _____ () C:\Windows\System32\Tasks\{6C03F32F-EC3E-4378-A904-09E7B45B79A9}
2015-04-28 18:40 - 2015-05-16 20:16 - 00000004 _____ () C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-04-28 17:42 - 2015-04-28 17:42 - 00000000 ____D () C:\Users\xx\Documents\Optimizer Pro
2015-04-28 17:38 - 2015-05-16 18:56 - 00000437 _____ () C:\Users\xx\AppData\Local\recently-fix.db
2015-04-28 17:38 - 2015-04-28 17:44 - 00003300 _____ () C:\Windows\System32\Tasks\WIN-statsAdmin
2015-04-28 17:38 - 2015-04-28 17:38 - 00003274 _____ () C:\Windows\System32\Tasks\KA2mWpwC4zeodnU
2015-04-28 17:38 - 2015-04-28 17:38 - 00003234 _____ () C:\Windows\System32\Tasks\IfIYHOTn4QRux1k
2015-04-28 17:38 - 2015-04-28 17:38 - 00003232 _____ () C:\Windows\System32\Tasks\JKe63u5RPqX1IJL
2015-04-28 17:38 - 2015-04-28 17:38 - 00000000 ____D () C:\Users\xx\AppData\Roaming\vdUw4rg
2015-04-28 17:38 - 2015-04-28 17:38 - 00000000 ____D () C:\Users\xx\AppData\Roaming\Un0yuBT
2015-04-28 17:38 - 2015-04-28 17:38 - 00000000 ____D () C:\Users\xx\AppData\Roaming\pFV5Mhf
2015-05-16 18:18 - 2015-05-16 18:18 - 0628688 _____ (CMI Limited) C:\Users\xx\AppData\Local\nsn9ED7.tmp
2015-05-16 17:25 - 2015-05-16 17:24 - 0613255 _____ (CMI Limited) C:\Users\xx\AppData\Local\nstA4A0.tmp
2015-05-16 17:40 - 2015-05-16 17:40 - 0613255 _____ (CMI Limited) C:\Users\xx\AppData\Local\nsz3DEC.tmp
2014-03-15 11:21 - 2014-03-15 22:16 - 0013880 _____ () C:\ProgramData\bnijo28z.fee
Task: {13CA65F1-D0FC-4C1E-9544-6833EDD6C052} - System32\Tasks\WIN-statsAdmin => C:\Users\xx\AppData\Local\Microsoft\WinU\~tistxyx.exe <==== ATTENTION
Task: {29350A53-FB18-4DF6-BA4B-7721A8E98602} - System32\Tasks\{5709581D-ADF8-4771-9A8D-2FE12AA7F600} => pcalua.exe -a C:\Users\xx\AppData\Roaming\mystartsearch\UninstallManager.exe -c -ptid=slb2
Task: {405C3504-118F-4E35-8DF1-C27821289006} - System32\Tasks\{8325F6C8-0D81-4194-8B7C-4782E665709E} => pcalua.exe -a "C:\Program Files (x86)\WildGames\Uninstall.exe"
Task: {5716439E-B7EB-4FC5-81E4-0BAEA1CB872C} - System32\Tasks\NetEngine => C:\ProgramData\NetEngine\bin\D10\netengine.exe [2015-05-17] () <==== ATTENTION
Task: {643D4459-EF74-4241-848A-0D7C51DD7D09} - System32\Tasks\HJPQXRTER => C:\ProgramData\c1c05f7061d940b085ed209085e4a787\c1c05f7061d940b085ed209085e4a787.exe [2015-05-14] ()
Task: {65B895DE-C182-4435-A605-23D1B3765466} - \Re-Markable Update No Task File <==== ATTENTION
Task: {7FB7A503-E5A5-4456-8932-FC20EC8039D1} - System32\Tasks\{E515B78C-8CEF-40CC-BF56-B18646F7A045} => pcalua.exe -a C:\Users\xx\AppData\Roaming\webssearches\UninstallManager.exe -c -ptid=obw <==== ATTENTION
Task: {88CD1B2B-2207-4A80-A996-CB974ED5B08A} - System32\Tasks\EMAUAH1 => C:\ProgramData\LolliScan\LolliScan.exe
Task: {AAE2B76D-2BA5-4AB0-B69F-E2A237AF68F6} - System32\Tasks\JKe63u5RPqX1IJL => C:\Users\xx\AppData\Roaming\vdUw4rg\iFDDGyI.exe [2015-04-28] ( )
Task: {BDD3A72A-7808-410F-A80C-3908ADF40576} - System32\Tasks\KA2mWpwC4zeodnU => C:\Users\xx\AppData\Roaming\Un0yuBT\lWofrS1.exe [2015-04-28] ( )
Task: {D0FEEF24-7291-4F90-B8E1-79B245D86F2D} - System32\Tasks\{6C03F32F-EC3E-4378-A904-09E7B45B79A9} => pcalua.exe -a C:\Users\xx\AppData\Roaming\istartsurf\UninstallManager.exe -c -ptid=obw
Task: {ED468EBB-0512-4492-AF24-E0E90D6DD42A} - System32\Tasks\IfIYHOTn4QRux1k => C:\Users\xx\AppData\Roaming\pFV5Mhf\fmWFfpR.exe [2015-04-28] ( )
Task: {F5E9EDBF-4E37-4331-99B1-A4F863E1AF7E} - System32\Tasks\WIN-statsSystem => C:\Users\xx\AppData\Local\Microsoft\WinU\~yucofvp.exe
Task: C:\Windows\Tasks\EMAUAH1.job => C:\ProgramData\LolliScan\LolliScan.exe
Une fois, le texte coller dans le bloc-note.
Menu Fichier puis Enregistrer sous.
A gauche, place toi sur le bureau.
Dans le champs en bas, nom du fichier mets : fixlist.txt
Clic sur Enregistrer - cela va créer un fichier fixlist.txt sur le bureau.
Relance FRST et clic sur le bouton Fix
Selon comment un redémarrage est nécessaire (pas obligatoire).
Un fichier texte apparaît, copie/colle le contenu ici dans un nouveau message.
Redémarre l'ordinateur
puis réinitialise tes navigateurs:
==================================
Réinitialise tes navigateurs et ou manuellement reparamètre tes navigateurs WEB (page de démarrage, moteur de recherche etc) mais aussi supprimer/désactiver les extensions inutiles/parasites :
~~
installe Avast! : https://www.malekal.com/tutoriel-antivirus-avast/
(Surtout active les détections LPIs pour détecter les programmes parasites et publicitaires)
Tu peux t'inspirer de cette note explicative avec des captures d'écran pour t'aider: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/#fix
Ouvre le bloc-notes : Touche Windows + R, dans le champs executer, tape notepad et OK.
Copie/colle dedans ce qui suit :
AppInit_DLLs: C:\ProgramData\LolliScan\LolliScan64.dll => C:\ProgramData\LolliScan\LolliScan64.dll File Not Found
AppInit_DLLs-x32: C:\ProgramData\LolliScan\LolliScan32.dll => C:\ProgramData\LolliScan\LolliScan32.dll File Not Found
HKLM-x32\...\Run: [fst_fr_68] => [X]
HKLM-x32\...\Run: [gmsd_fr_509] => [X]
HKLM-x32\...\Run: [gmsd_fr_539] => [X]
Startup: C:\Users\xx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hqghumeaylnlf.lnk [2015-04-28]
ShortcutTarget: hqghumeaylnlf.lnk -> C:\ProgramData\{5a7e33d4-7d6f-8a5a-5a7e-e33d47d6cf51}\hqghumeaylnlf.exe (No File)
FF HKLM\...\Firefox\Extensions: [{5081D2D4-1637-404c-B74F-50526718257D}] - C:\Program Files\shopperz\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{5081D2D4-1637-404c-B74F-50526718257D}] - C:\Program Files\shopperz\Firefox
FF HKU\S-1-5-21-375400878-4290662891-575217006-1000\...\Firefox\Extensions: [{fd4267e8-9c63-47d4-a37a-3714f991605d}] - C:\Program Files (x86)\Re-Markable\150.xpi
R2 KELsnckkk; C:\ProgramData\kjdhaYImg\KELsnckkk.exe [2731488 2015-05-16] (Useful Technology)
R2 Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [243232 2010-01-29] (Acer Group)
R2 xixynyko; C:\Users\xx\AppData\Roaming\E1A6FB90-1431788769-1020-0615-211750000000\jnsw2E4F.tmp [235520 2015-05-16] () [File not signed]
R2 xygefuzu; C:\Users\xx\AppData\Roaming\E1A6FB90-1431788769-1020-0615-211750000000\hnsw4663.tmp [396288 2015-05-16] () [File not signed]
S2 cipyjywi; C:\Users\xx\AppData\Roaming\E1A6FB90-1430466647-1020-0615-211750000000\nsf8C2.tmpfs [X]
R2 lupucylu; C:\Users\xx\AppData\Roaming\E1A6FB90-1431788769-1020-0615-211750000000\nsbF214.tmpfs [X]
S2 pihewyqu; C:\Users\xx\AppData\Roaming\E1A6FB90-1430466647-1020-0615-211750000000\jnsu4357.tmp [X]
2015-05-17 10:57 - 2015-05-17 10:57 - 00000000 ____D () C:\BreakingNewsAlert
2015-05-17 10:51 - 2015-05-17 11:32 - 00003456 _____ () C:\Windows\System32\Tasks\NetEngine
2015-05-17 10:51 - 2015-05-17 10:51 - 00000000 ____D () C:\ProgramData\NetEngine
2015-05-17 10:46 - 2015-05-17 11:31 - 00000000 ____D () C:\Users\xx\AppData\Local\BreakingNewsAlert
2015-05-16 20:26 - 2015-05-17 11:27 - 00000324 _____ () C:\Windows\Tasks\EMAUAH1.job
2015-05-16 20:26 - 2015-05-16 20:27 - 00000000 ____D () C:\ProgramData\kjdhaYImg
2015-05-16 20:26 - 2015-05-16 20:26 - 00003542 _____ () C:\Windows\System32\Tasks\HJPQXRTER
2015-05-16 20:26 - 2015-05-16 20:26 - 00002846 _____ () C:\Windows\System32\Tasks\EMAUAH1
2015-05-16 20:26 - 2015-05-16 20:26 - 00000000 ____D () C:\Users\xx\AppData\Roaming\E1A6FB90-1431800763-1020-0615-211750000000
2015-05-16 20:26 - 2015-05-16 20:26 - 00000000 ____D () C:\ProgramData\c1c05f7061d940b085ed209085e4a787
2015-05-16 20:25 - 2015-05-16 20:25 - 00000000 ____D () C:\ProgramData\7c0535b143fc4671b6ebd202fbffe066
2015-05-16 18:54 - 2015-05-16 18:54 - 00000000 ____D () C:\Users\xx\AppData\Roaming\E1A6FB90-1431795298-1020-0615-211750000000
2015-05-16 18:52 - 2015-05-16 18:52 - 00000000 ____D () C:\Program Files (x86)\Exploremedia
2015-05-16 18:48 - 2015-05-16 18:48 - 00003138 _____ () C:\Windows\System32\Tasks\{5709581D-ADF8-4771-9A8D-2FE12AA7F600}
2015-05-16 18:45 - 2015-05-16 18:45 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_webTinstMKTN84_01009.Wdf
2015-05-16 18:44 - 2015-05-16 18:44 - 00000045 _____ () C:\user.js
2015-05-16 18:44 - 2015-05-16 18:44 - 00000000 _____ () C:\Windows\SysWOW64\Number of results
2015-05-16 18:18 - 2015-05-16 18:18 - 00628688 _____ (CMI Limited) C:\Users\xx\AppData\Local\nsn9ED7.tmp
2015-05-16 17:40 - 2015-05-16 17:40 - 00613255 _____ (CMI Limited) C:\Users\xx\AppData\Local\nsz3DEC.tmp
2015-05-16 17:25 - 2015-05-16 17:24 - 00613255 _____ (CMI Limited) C:\Users\xx\AppData\Local\nstA4A0.tmp
2015-05-16 17:06 - 2015-05-16 17:24 - 00000000 ____D () C:\Users\xx\AppData\Roaming\E1A6FB90-1431788769-1020-0615-211750000000
2015-05-16 17:06 - 2009-06-10 23:00 - 00000824 _____ () C:\Windows\system32\Drivers\etc\hp.bak
2015-05-04 12:18 - 2015-05-04 12:18 - 00000000 _____ () C:\Users\xx\AppData\Local\.a852.db
2015-05-01 10:00 - 2015-05-16 17:18 - 00003806 _____ () C:\Windows\SysWOW64\${LOGFILE}
2015-05-01 09:52 - 2015-05-01 09:52 - 00003130 _____ () C:\Windows\System32\Tasks\{6C03F32F-EC3E-4378-A904-09E7B45B79A9}
2015-04-28 18:40 - 2015-05-16 20:16 - 00000004 _____ () C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-04-28 17:42 - 2015-04-28 17:42 - 00000000 ____D () C:\Users\xx\Documents\Optimizer Pro
2015-04-28 17:38 - 2015-05-16 18:56 - 00000437 _____ () C:\Users\xx\AppData\Local\recently-fix.db
2015-04-28 17:38 - 2015-04-28 17:44 - 00003300 _____ () C:\Windows\System32\Tasks\WIN-statsAdmin
2015-04-28 17:38 - 2015-04-28 17:38 - 00003274 _____ () C:\Windows\System32\Tasks\KA2mWpwC4zeodnU
2015-04-28 17:38 - 2015-04-28 17:38 - 00003234 _____ () C:\Windows\System32\Tasks\IfIYHOTn4QRux1k
2015-04-28 17:38 - 2015-04-28 17:38 - 00003232 _____ () C:\Windows\System32\Tasks\JKe63u5RPqX1IJL
2015-04-28 17:38 - 2015-04-28 17:38 - 00000000 ____D () C:\Users\xx\AppData\Roaming\vdUw4rg
2015-04-28 17:38 - 2015-04-28 17:38 - 00000000 ____D () C:\Users\xx\AppData\Roaming\Un0yuBT
2015-04-28 17:38 - 2015-04-28 17:38 - 00000000 ____D () C:\Users\xx\AppData\Roaming\pFV5Mhf
2015-05-16 18:18 - 2015-05-16 18:18 - 0628688 _____ (CMI Limited) C:\Users\xx\AppData\Local\nsn9ED7.tmp
2015-05-16 17:25 - 2015-05-16 17:24 - 0613255 _____ (CMI Limited) C:\Users\xx\AppData\Local\nstA4A0.tmp
2015-05-16 17:40 - 2015-05-16 17:40 - 0613255 _____ (CMI Limited) C:\Users\xx\AppData\Local\nsz3DEC.tmp
2014-03-15 11:21 - 2014-03-15 22:16 - 0013880 _____ () C:\ProgramData\bnijo28z.fee
Task: {13CA65F1-D0FC-4C1E-9544-6833EDD6C052} - System32\Tasks\WIN-statsAdmin => C:\Users\xx\AppData\Local\Microsoft\WinU\~tistxyx.exe <==== ATTENTION
Task: {29350A53-FB18-4DF6-BA4B-7721A8E98602} - System32\Tasks\{5709581D-ADF8-4771-9A8D-2FE12AA7F600} => pcalua.exe -a C:\Users\xx\AppData\Roaming\mystartsearch\UninstallManager.exe -c -ptid=slb2
Task: {405C3504-118F-4E35-8DF1-C27821289006} - System32\Tasks\{8325F6C8-0D81-4194-8B7C-4782E665709E} => pcalua.exe -a "C:\Program Files (x86)\WildGames\Uninstall.exe"
Task: {5716439E-B7EB-4FC5-81E4-0BAEA1CB872C} - System32\Tasks\NetEngine => C:\ProgramData\NetEngine\bin\D10\netengine.exe [2015-05-17] () <==== ATTENTION
Task: {643D4459-EF74-4241-848A-0D7C51DD7D09} - System32\Tasks\HJPQXRTER => C:\ProgramData\c1c05f7061d940b085ed209085e4a787\c1c05f7061d940b085ed209085e4a787.exe [2015-05-14] ()
Task: {65B895DE-C182-4435-A605-23D1B3765466} - \Re-Markable Update No Task File <==== ATTENTION
Task: {7FB7A503-E5A5-4456-8932-FC20EC8039D1} - System32\Tasks\{E515B78C-8CEF-40CC-BF56-B18646F7A045} => pcalua.exe -a C:\Users\xx\AppData\Roaming\webssearches\UninstallManager.exe -c -ptid=obw <==== ATTENTION
Task: {88CD1B2B-2207-4A80-A996-CB974ED5B08A} - System32\Tasks\EMAUAH1 => C:\ProgramData\LolliScan\LolliScan.exe
Task: {AAE2B76D-2BA5-4AB0-B69F-E2A237AF68F6} - System32\Tasks\JKe63u5RPqX1IJL => C:\Users\xx\AppData\Roaming\vdUw4rg\iFDDGyI.exe [2015-04-28] ( )
Task: {BDD3A72A-7808-410F-A80C-3908ADF40576} - System32\Tasks\KA2mWpwC4zeodnU => C:\Users\xx\AppData\Roaming\Un0yuBT\lWofrS1.exe [2015-04-28] ( )
Task: {D0FEEF24-7291-4F90-B8E1-79B245D86F2D} - System32\Tasks\{6C03F32F-EC3E-4378-A904-09E7B45B79A9} => pcalua.exe -a C:\Users\xx\AppData\Roaming\istartsurf\UninstallManager.exe -c -ptid=obw
Task: {ED468EBB-0512-4492-AF24-E0E90D6DD42A} - System32\Tasks\IfIYHOTn4QRux1k => C:\Users\xx\AppData\Roaming\pFV5Mhf\fmWFfpR.exe [2015-04-28] ( )
Task: {F5E9EDBF-4E37-4331-99B1-A4F863E1AF7E} - System32\Tasks\WIN-statsSystem => C:\Users\xx\AppData\Local\Microsoft\WinU\~yucofvp.exe
Task: C:\Windows\Tasks\EMAUAH1.job => C:\ProgramData\LolliScan\LolliScan.exe
Une fois, le texte coller dans le bloc-note.
Menu Fichier puis Enregistrer sous.
A gauche, place toi sur le bureau.
Dans le champs en bas, nom du fichier mets : fixlist.txt
Clic sur Enregistrer - cela va créer un fichier fixlist.txt sur le bureau.
Relance FRST et clic sur le bouton Fix
Selon comment un redémarrage est nécessaire (pas obligatoire).
Un fichier texte apparaît, copie/colle le contenu ici dans un nouveau message.
Redémarre l'ordinateur
puis réinitialise tes navigateurs:
==================================
Réinitialise tes navigateurs et ou manuellement reparamètre tes navigateurs WEB (page de démarrage, moteur de recherche etc) mais aussi supprimer/désactiver les extensions inutiles/parasites :
- Firefox : https://www.malekal.com/reparer-firefox/?t=36057&start=
- Google Chrome : https://www.malekal.com/reparer-google-chrome/?t=35837&start=
- Internet Explorer et modules complémentaires / moteurs de recherche : https://forum.malekal.com/viewtopic.php?t=41399&start=
~~
installe Avast! : https://www.malekal.com/tutoriel-antivirus-avast/
(Surtout active les détections LPIs pour détecter les programmes parasites et publicitaires)
Re comme convenu, je transmets le rapport apres application de ce qui est notifier ci dessus.
J'ai egalement realise une reinitialisationde Internet Explorer..
Merci de tes infos
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 16-05-2015 02
Ran by xx at 2015-05-17 14:04:08 Run:3
Running from C:\Users\xx\Desktop\123
Loaded Profiles: xx (Available profiles: xx)
Boot Mode: Normal
==============================================
Content of fixlist:
AppInit_DLLs: C:\ProgramData\LolliScan\LolliScan64.dll => C:\ProgramData\LolliScan\LolliScan64.dll File Not Found
AppInit_DLLs-x32: C:\ProgramData\LolliScan\LolliScan32.dll => C:\ProgramData\LolliScan\LolliScan32.dll File Not Found
HKLM-x32\...\Run: [fst_fr_68] => [X]
HKLM-x32\...\Run: [gmsd_fr_509] => [X]
HKLM-x32\...\Run: [gmsd_fr_539] => [X]
Startup: C:\Users\xx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hqghumeaylnlf.lnk [2015-04-28]
ShortcutTarget: hqghumeaylnlf.lnk -> C:\ProgramData\{5a7e33d4-7d6f-8a5a-5a7e-e33d47d6cf51}\hqghumeaylnlf.exe (No File)
FF HKLM\...\Firefox\Extensions: [{5081D2D4-1637-404c-B74F-50526718257D}] - C:\Program Files\shopperz\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{5081D2D4-1637-404c-B74F-50526718257D}] - C:\Program Files\shopperz\Firefox
FF HKU\S-1-5-21-375400878-4290662891-575217006-1000\...\Firefox\Extensions: [{fd4267e8-9c63-47d4-a37a-3714f991605d}] - C:\Program Files (x86)\Re-Markable\150.xpi
R2 KELsnckkk; C:\ProgramData\kjdhaYImg\KELsnckkk.exe [2731488 2015-05-16] (Useful Technology)
R2 Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [243232 2010-01-29] (Acer Group)
R2 xixynyko; C:\Users\xx\AppData\Roaming\E1A6FB90-1431788769-1020-0615-211750000000\jnsw2E4F.tmp [235520 2015-05-16] () [File not signed]
R2 xygefuzu; C:\Users\xx\AppData\Roaming\E1A6FB90-1431788769-1020-0615-211750000000\hnsw4663.tmp [396288 2015-05-16] () [File not signed]
S2 cipyjywi; C:\Users\xx\AppData\Roaming\E1A6FB90-1430466647-1020-0615-211750000000\nsf8C2.tmpfs [X]
R2 lupucylu; C:\Users\xx\AppData\Roaming\E1A6FB90-1431788769-1020-0615-211750000000\nsbF214.tmpfs [X]
S2 pihewyqu; C:\Users\xx\AppData\Roaming\E1A6FB90-1430466647-1020-0615-211750000000\jnsu4357.tmp [X]
2015-05-17 10:57 - 2015-05-17 10:57 - 00000000 ____D () C:\BreakingNewsAlert
2015-05-17 10:51 - 2015-05-17 11:32 - 00003456 _____ () C:\Windows\System32\Tasks\NetEngine
2015-05-17 10:51 - 2015-05-17 10:51 - 00000000 ____D () C:\ProgramData\NetEngine
2015-05-17 10:46 - 2015-05-17 11:31 - 00000000 ____D () C:\Users\xx\AppData\Local\BreakingNewsAlert
2015-05-16 20:26 - 2015-05-17 11:27 - 00000324 _____ () C:\Windows\Tasks\EMAUAH1.job
2015-05-16 20:26 - 2015-05-16 20:27 - 00000000 ____D () C:\ProgramData\kjdhaYImg
2015-05-16 20:26 - 2015-05-16 20:26 - 00003542 _____ () C:\Windows\System32\Tasks\HJPQXRTER
2015-05-16 20:26 - 2015-05-16 20:26 - 00002846 _____ () C:\Windows\System32\Tasks\EMAUAH1
2015-05-16 20:26 - 2015-05-16 20:26 - 00000000 ____D () C:\Users\xx\AppData\Roaming\E1A6FB90-1431800763-1020-0615-211750000000
2015-05-16 20:26 - 2015-05-16 20:26 - 00000000 ____D () C:\ProgramData\c1c05f7061d940b085ed209085e4a787
2015-05-16 20:25 - 2015-05-16 20:25 - 00000000 ____D () C:\ProgramData\7c0535b143fc4671b6ebd202fbffe066
2015-05-16 18:54 - 2015-05-16 18:54 - 00000000 ____D () C:\Users\xx\AppData\Roaming\E1A6FB90-1431795298-1020-0615-211750000000
2015-05-16 18:52 - 2015-05-16 18:52 - 00000000 ____D () C:\Program Files (x86)\Exploremedia
2015-05-16 18:48 - 2015-05-16 18:48 - 00003138 _____ () C:\Windows\System32\Tasks\{5709581D-ADF8-4771-9A8D-2FE12AA7F600}
2015-05-16 18:45 - 2015-05-16 18:45 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_webTinstMKTN84_01009.Wdf
2015-05-16 18:44 - 2015-05-16 18:44 - 00000045 _____ () C:\user.js
2015-05-16 18:44 - 2015-05-16 18:44 - 00000000 _____ () C:\Windows\SysWOW64\Number of results
2015-05-16 18:18 - 2015-05-16 18:18 - 00628688 _____ (CMI Limited) C:\Users\xx\AppData\Local\nsn9ED7.tmp
2015-05-16 17:40 - 2015-05-16 17:40 - 00613255 _____ (CMI Limited) C:\Users\xx\AppData\Local\nsz3DEC.tmp
2015-05-16 17:25 - 2015-05-16 17:24 - 00613255 _____ (CMI Limited) C:\Users\xx\AppData\Local\nstA4A0.tmp
2015-05-16 17:06 - 2015-05-16 17:24 - 00000000 ____D () C:\Users\xx\AppData\Roaming\E1A6FB90-1431788769-1020-0615-211750000000
2015-05-16 17:06 - 2009-06-10 23:00 - 00000824 _____ () C:\Windows\system32\Drivers\etc\hp.bak
2015-05-04 12:18 - 2015-05-04 12:18 - 00000000 _____ () C:\Users\xx\AppData\Local\.a852.db
2015-05-01 10:00 - 2015-05-16 17:18 - 00003806 _____ () C:\Windows\SysWOW64\${LOGFILE}
2015-05-01 09:52 - 2015-05-01 09:52 - 00003130 _____ () C:\Windows\System32\Tasks\{6C03F32F-EC3E-4378-A904-09E7B45B79A9}
2015-04-28 18:40 - 2015-05-16 20:16 - 00000004 _____ () C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-04-28 17:42 - 2015-04-28 17:42 - 00000000 ____D () C:\Users\xx\Documents\Optimizer Pro
2015-04-28 17:38 - 2015-05-16 18:56 - 00000437 _____ () C:\Users\xx\AppData\Local\recently-fix.db
2015-04-28 17:38 - 2015-04-28 17:44 - 00003300 _____ () C:\Windows\System32\Tasks\WIN-statsAdmin
2015-04-28 17:38 - 2015-04-28 17:38 - 00003274 _____ () C:\Windows\System32\Tasks\KA2mWpwC4zeodnU
2015-04-28 17:38 - 2015-04-28 17:38 - 00003234 _____ () C:\Windows\System32\Tasks\IfIYHOTn4QRux1k
2015-04-28 17:38 - 2015-04-28 17:38 - 00003232 _____ () C:\Windows\System32\Tasks\JKe63u5RPqX1IJL
2015-04-28 17:38 - 2015-04-28 17:38 - 00000000 ____D () C:\Users\xx\AppData\Roaming\vdUw4rg
2015-04-28 17:38 - 2015-04-28 17:38 - 00000000 ____D () C:\Users\xx\AppData\Roaming\Un0yuBT
2015-04-28 17:38 - 2015-04-28 17:38 - 00000000 ____D () C:\Users\xx\AppData\Roaming\pFV5Mhf
2015-05-16 18:18 - 2015-05-16 18:18 - 0628688 _____ (CMI Limited) C:\Users\xx\AppData\Local\nsn9ED7.tmp
2015-05-16 17:25 - 2015-05-16 17:24 - 0613255 _____ (CMI Limited) C:\Users\xx\AppData\Local\nstA4A0.tmp
2015-05-16 17:40 - 2015-05-16 17:40 - 0613255 _____ (CMI Limited) C:\Users\xx\AppData\Local\nsz3DEC.tmp
2014-03-15 11:21 - 2014-03-15 22:16 - 0013880 _____ () C:\ProgramData\bnijo28z.fee
Task: {13CA65F1-D0FC-4C1E-9544-6833EDD6C052} - System32\Tasks\WIN-statsAdmin => C:\Users\xx\AppData\Local\Microsoft\WinU\~tistxyx.exe <==== ATTENTION
Task: {29350A53-FB18-4DF6-BA4B-7721A8E98602} - System32\Tasks\{5709581D-ADF8-4771-9A8D-2FE12AA7F600} => pcalua.exe -a C:\Users\xx\AppData\Roaming\mystartsearch\UninstallManager.exe -c -ptid=slb2
Task: {405C3504-118F-4E35-8DF1-C27821289006} - System32\Tasks\{8325F6C8-0D81-4194-8B7C-4782E665709E} => pcalua.exe -a "C:\Program Files (x86)\WildGames\Uninstall.exe"
Task: {5716439E-B7EB-4FC5-81E4-0BAEA1CB872C} - System32\Tasks\NetEngine => C:\ProgramData\NetEngine\bin\D10\netengine.exe [2015-05-17] () <==== ATTENTION
Task: {643D4459-EF74-4241-848A-0D7C51DD7D09} - System32\Tasks\HJPQXRTER => C:\ProgramData\c1c05f7061d940b085ed209085e4a787\c1c05f7061d940b085ed209085e4a787.exe [2015-05-14] ()
Task: {65B895DE-C182-4435-A605-23D1B3765466} - \Re-Markable Update No Task File <==== ATTENTION
Task: {7FB7A503-E5A5-4456-8932-FC20EC8039D1} - System32\Tasks\{E515B78C-8CEF-40CC-BF56-B18646F7A045} => pcalua.exe -a C:\Users\xx\AppData\Roaming\webssearches\UninstallManager.exe -c -ptid=obw <==== ATTENTION
Task: {88CD1B2B-2207-4A80-A996-CB974ED5B08A} - System32\Tasks\EMAUAH1 => C:\ProgramData\LolliScan\LolliScan.exe
Task: {AAE2B76D-2BA5-4AB0-B69F-E2A237AF68F6} - System32\Tasks\JKe63u5RPqX1IJL => C:\Users\xx\AppData\Roaming\vdUw4rg\iFDDGyI.exe [2015-04-28] ( )
Task: {BDD3A72A-7808-410F-A80C-3908ADF40576} - System32\Tasks\KA2mWpwC4zeodnU => C:\Users\xx\AppData\Roaming\Un0yuBT\lWofrS1.exe [2015-04-28] ( )
Task: {D0FEEF24-7291-4F90-B8E1-79B245D86F2D} - System32\Tasks\{6C03F32F-EC3E-4378-A904-09E7B45B79A9} => pcalua.exe -a C:\Users\xx\AppData\Roaming\istartsurf\UninstallManager.exe -c -ptid=obw
Task: {ED468EBB-0512-4492-AF24-E0E90D6DD42A} - System32\Tasks\IfIYHOTn4QRux1k => C:\Users\xx\AppData\Roaming\pFV5Mhf\fmWFfpR.exe [2015-04-28] ( )
Task: {F5E9EDBF-4E37-4331-99B1-A4F863E1AF7E} - System32\Tasks\WIN-statsSystem => C:\Users\xx\AppData\Local\Microsoft\WinU\~yucofvp.exe
Task: C:\Windows\Tasks\EMAUAH1.job => C:\ProgramData\LolliScan\LolliScan.exe
"C:\ProgramData\LolliScan\LolliScan64.dll" => Value Data removed successfully.
"C:\ProgramData\LolliScan\LolliScan32.dll" => Value Data removed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\fst_fr_68 => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\gmsd_fr_509 => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\gmsd_fr_539 => value deleted successfully.
C:\Users\xx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hqghumeaylnlf.lnk => Moved successfully.
C:\ProgramData\{5a7e33d4-7d6f-8a5a-5a7e-e33d47d6cf51}\hqghumeaylnlf.exe not found.
HKLM\Software\Mozilla\Firefox\Extensions\\{5081D2D4-1637-404c-B74F-50526718257D} => value deleted successfully.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\{5081D2D4-1637-404c-B74F-50526718257D} => value deleted successfully.
HKU\S-1-5-21-375400878-4290662891-575217006-1000\Software\Mozilla\Firefox\Extensions\\{fd4267e8-9c63-47d4-a37a-3714f991605d} => value deleted successfully.
KELsnckkk => Unable to stop service
KELsnckkk => Service deleted successfully.
Updater Service => Service stopped successfully.
Updater Service => Service deleted successfully.
xixynyko => Service stopped successfully.
xixynyko => Service deleted successfully.
xygefuzu => Service stopped successfully.
xygefuzu => Service deleted successfully.
cipyjywi => Service deleted successfully.
lupucylu => Service not found.
pihewyqu => Service deleted successfully.
C:\BreakingNewsAlert => Moved successfully.
C:\Windows\System32\Tasks\NetEngine => Moved successfully.
C:\ProgramData\NetEngine => Moved successfully.
C:\Users\xx\AppData\Local\BreakingNewsAlert => Moved successfully.
C:\Windows\Tasks\EMAUAH1.job => Moved successfully.
"C:\ProgramData\kjdhaYImg" directory move:
Could not move "C:\ProgramData\kjdhaYImg" directory. => Scheduled to move on reboot.
C:\Windows\System32\Tasks\HJPQXRTER => Moved successfully.
C:\Windows\System32\Tasks\EMAUAH1 => Moved successfully.
C:\Users\xx\AppData\Roaming\E1A6FB90-1431800763-1020-0615-211750000000 => Moved successfully.
C:\ProgramData\c1c05f7061d940b085ed209085e4a787 => Moved successfully.
C:\ProgramData\7c0535b143fc4671b6ebd202fbffe066 => Moved successfully.
C:\Users\xx\AppData\Roaming\E1A6FB90-1431795298-1020-0615-211750000000 => Moved successfully.
C:\Program Files (x86)\Exploremedia => Moved successfully.
C:\Windows\System32\Tasks\{5709581D-ADF8-4771-9A8D-2FE12AA7F600} => Moved successfully.
C:\Windows\system32\Drivers\Msft_Kernel_webTinstMKTN84_01009.Wdf => Moved successfully.
C:\user.js => Moved successfully.
C:\Windows\SysWOW64\Number of results => Moved successfully.
C:\Users\xx\AppData\Local\nsn9ED7.tmp => Moved successfully.
C:\Users\xx\AppData\Local\nsz3DEC.tmp => Moved successfully.
C:\Users\xx\AppData\Local\nstA4A0.tmp => Moved successfully.
C:\Users\xx\AppData\Roaming\E1A6FB90-1431788769-1020-0615-211750000000 => Moved successfully.
C:\Windows\system32\Drivers\etc\hp.bak => Moved successfully.
C:\Users\xx\AppData\Local\.a852.db => Moved successfully.
C:\Windows\SysWOW64\${LOGFILE} => Moved successfully.
C:\Windows\System32\Tasks\{6C03F32F-EC3E-4378-A904-09E7B45B79A9} => Moved successfully.
C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7 => Moved successfully.
C:\Users\xx\Documents\Optimizer Pro => Moved successfully.
C:\Users\xx\AppData\Local\recently-fix.db => Moved successfully.
C:\Windows\System32\Tasks\WIN-statsAdmin => Moved successfully.
C:\Windows\System32\Tasks\KA2mWpwC4zeodnU => Moved successfully.
C:\Windows\System32\Tasks\IfIYHOTn4QRux1k => Moved successfully.
C:\Windows\System32\Tasks\JKe63u5RPqX1IJL => Moved successfully.
C:\Users\xx\AppData\Roaming\vdUw4rg => Moved successfully.
C:\Users\xx\AppData\Roaming\Un0yuBT => Moved successfully.
C:\Users\xx\AppData\Roaming\pFV5Mhf => Moved successfully.
"C:\Users\xx\AppData\Local\nsn9ED7.tmp" => File/Directory not found.
"C:\Users\xx\AppData\Local\nstA4A0.tmp" => File/Directory not found.
"C:\Users\xx\AppData\Local\nsz3DEC.tmp" => File/Directory not found.
C:\ProgramData\bnijo28z.fee => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{13CA65F1-D0FC-4C1E-9544-6833EDD6C052}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{13CA65F1-D0FC-4C1E-9544-6833EDD6C052}" => Key deleted successfully.
C:\Windows\System32\Tasks\WIN-statsAdmin not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WIN-statsAdmin" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{29350A53-FB18-4DF6-BA4B-7721A8E98602}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{29350A53-FB18-4DF6-BA4B-7721A8E98602}" => Key deleted successfully.
C:\Windows\System32\Tasks\{5709581D-ADF8-4771-9A8D-2FE12AA7F600} not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{5709581D-ADF8-4771-9A8D-2FE12AA7F600}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{405C3504-118F-4E35-8DF1-C27821289006}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{405C3504-118F-4E35-8DF1-C27821289006}" => Key deleted successfully.
C:\Windows\System32\Tasks\{8325F6C8-0D81-4194-8B7C-4782E665709E} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{8325F6C8-0D81-4194-8B7C-4782E665709E}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{5716439E-B7EB-4FC5-81E4-0BAEA1CB872C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5716439E-B7EB-4FC5-81E4-0BAEA1CB872C}" => Key deleted successfully.
C:\Windows\System32\Tasks\NetEngine not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NetEngine" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{643D4459-EF74-4241-848A-0D7C51DD7D09}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{643D4459-EF74-4241-848A-0D7C51DD7D09}" => Key deleted successfully.
C:\Windows\System32\Tasks\HJPQXRTER not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HJPQXRTER" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{65B895DE-C182-4435-A605-23D1B3765466}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{65B895DE-C182-4435-A605-23D1B3765466}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Re-Markable Update" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7FB7A503-E5A5-4456-8932-FC20EC8039D1}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7FB7A503-E5A5-4456-8932-FC20EC8039D1}" => Key deleted successfully.
C:\Windows\System32\Tasks\{E515B78C-8CEF-40CC-BF56-B18646F7A045} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E515B78C-8CEF-40CC-BF56-B18646F7A045}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{88CD1B2B-2207-4A80-A996-CB974ED5B08A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{88CD1B2B-2207-4A80-A996-CB974ED5B08A}" => Key deleted successfully.
C:\Windows\System32\Tasks\EMAUAH1 not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EMAUAH1" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AAE2B76D-2BA5-4AB0-B69F-E2A237AF68F6}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AAE2B76D-2BA5-4AB0-B69F-E2A237AF68F6}" => Key deleted successfully.
C:\Windows\System32\Tasks\JKe63u5RPqX1IJL not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\JKe63u5RPqX1IJL" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{BDD3A72A-7808-410F-A80C-3908ADF40576}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BDD3A72A-7808-410F-A80C-3908ADF40576}" => Key deleted successfully.
C:\Windows\System32\Tasks\KA2mWpwC4zeodnU not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\KA2mWpwC4zeodnU" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D0FEEF24-7291-4F90-B8E1-79B245D86F2D}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D0FEEF24-7291-4F90-B8E1-79B245D86F2D}" => Key deleted successfully.
C:\Windows\System32\Tasks\{6C03F32F-EC3E-4378-A904-09E7B45B79A9} not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{6C03F32F-EC3E-4378-A904-09E7B45B79A9}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{ED468EBB-0512-4492-AF24-E0E90D6DD42A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ED468EBB-0512-4492-AF24-E0E90D6DD42A}" => Key deleted successfully.
C:\Windows\System32\Tasks\IfIYHOTn4QRux1k not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\IfIYHOTn4QRux1k" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F5E9EDBF-4E37-4331-99B1-A4F863E1AF7E}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F5E9EDBF-4E37-4331-99B1-A4F863E1AF7E}" => Key deleted successfully.
C:\Windows\System32\Tasks\WIN-statsSystem => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WIN-statsSystem" => Key deleted successfully.
C:\Windows\Tasks\EMAUAH1.job not found.
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-05-17 14:05:59)<=
C:\ProgramData\kjdhaYImg => Is moved successfully.
J'ai egalement realise une reinitialisationde Internet Explorer..
Merci de tes infos
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 16-05-2015 02
Ran by xx at 2015-05-17 14:04:08 Run:3
Running from C:\Users\xx\Desktop\123
Loaded Profiles: xx (Available profiles: xx)
Boot Mode: Normal
==============================================
Content of fixlist:
AppInit_DLLs: C:\ProgramData\LolliScan\LolliScan64.dll => C:\ProgramData\LolliScan\LolliScan64.dll File Not Found
AppInit_DLLs-x32: C:\ProgramData\LolliScan\LolliScan32.dll => C:\ProgramData\LolliScan\LolliScan32.dll File Not Found
HKLM-x32\...\Run: [fst_fr_68] => [X]
HKLM-x32\...\Run: [gmsd_fr_509] => [X]
HKLM-x32\...\Run: [gmsd_fr_539] => [X]
Startup: C:\Users\xx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hqghumeaylnlf.lnk [2015-04-28]
ShortcutTarget: hqghumeaylnlf.lnk -> C:\ProgramData\{5a7e33d4-7d6f-8a5a-5a7e-e33d47d6cf51}\hqghumeaylnlf.exe (No File)
FF HKLM\...\Firefox\Extensions: [{5081D2D4-1637-404c-B74F-50526718257D}] - C:\Program Files\shopperz\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{5081D2D4-1637-404c-B74F-50526718257D}] - C:\Program Files\shopperz\Firefox
FF HKU\S-1-5-21-375400878-4290662891-575217006-1000\...\Firefox\Extensions: [{fd4267e8-9c63-47d4-a37a-3714f991605d}] - C:\Program Files (x86)\Re-Markable\150.xpi
R2 KELsnckkk; C:\ProgramData\kjdhaYImg\KELsnckkk.exe [2731488 2015-05-16] (Useful Technology)
R2 Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [243232 2010-01-29] (Acer Group)
R2 xixynyko; C:\Users\xx\AppData\Roaming\E1A6FB90-1431788769-1020-0615-211750000000\jnsw2E4F.tmp [235520 2015-05-16] () [File not signed]
R2 xygefuzu; C:\Users\xx\AppData\Roaming\E1A6FB90-1431788769-1020-0615-211750000000\hnsw4663.tmp [396288 2015-05-16] () [File not signed]
S2 cipyjywi; C:\Users\xx\AppData\Roaming\E1A6FB90-1430466647-1020-0615-211750000000\nsf8C2.tmpfs [X]
R2 lupucylu; C:\Users\xx\AppData\Roaming\E1A6FB90-1431788769-1020-0615-211750000000\nsbF214.tmpfs [X]
S2 pihewyqu; C:\Users\xx\AppData\Roaming\E1A6FB90-1430466647-1020-0615-211750000000\jnsu4357.tmp [X]
2015-05-17 10:57 - 2015-05-17 10:57 - 00000000 ____D () C:\BreakingNewsAlert
2015-05-17 10:51 - 2015-05-17 11:32 - 00003456 _____ () C:\Windows\System32\Tasks\NetEngine
2015-05-17 10:51 - 2015-05-17 10:51 - 00000000 ____D () C:\ProgramData\NetEngine
2015-05-17 10:46 - 2015-05-17 11:31 - 00000000 ____D () C:\Users\xx\AppData\Local\BreakingNewsAlert
2015-05-16 20:26 - 2015-05-17 11:27 - 00000324 _____ () C:\Windows\Tasks\EMAUAH1.job
2015-05-16 20:26 - 2015-05-16 20:27 - 00000000 ____D () C:\ProgramData\kjdhaYImg
2015-05-16 20:26 - 2015-05-16 20:26 - 00003542 _____ () C:\Windows\System32\Tasks\HJPQXRTER
2015-05-16 20:26 - 2015-05-16 20:26 - 00002846 _____ () C:\Windows\System32\Tasks\EMAUAH1
2015-05-16 20:26 - 2015-05-16 20:26 - 00000000 ____D () C:\Users\xx\AppData\Roaming\E1A6FB90-1431800763-1020-0615-211750000000
2015-05-16 20:26 - 2015-05-16 20:26 - 00000000 ____D () C:\ProgramData\c1c05f7061d940b085ed209085e4a787
2015-05-16 20:25 - 2015-05-16 20:25 - 00000000 ____D () C:\ProgramData\7c0535b143fc4671b6ebd202fbffe066
2015-05-16 18:54 - 2015-05-16 18:54 - 00000000 ____D () C:\Users\xx\AppData\Roaming\E1A6FB90-1431795298-1020-0615-211750000000
2015-05-16 18:52 - 2015-05-16 18:52 - 00000000 ____D () C:\Program Files (x86)\Exploremedia
2015-05-16 18:48 - 2015-05-16 18:48 - 00003138 _____ () C:\Windows\System32\Tasks\{5709581D-ADF8-4771-9A8D-2FE12AA7F600}
2015-05-16 18:45 - 2015-05-16 18:45 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_webTinstMKTN84_01009.Wdf
2015-05-16 18:44 - 2015-05-16 18:44 - 00000045 _____ () C:\user.js
2015-05-16 18:44 - 2015-05-16 18:44 - 00000000 _____ () C:\Windows\SysWOW64\Number of results
2015-05-16 18:18 - 2015-05-16 18:18 - 00628688 _____ (CMI Limited) C:\Users\xx\AppData\Local\nsn9ED7.tmp
2015-05-16 17:40 - 2015-05-16 17:40 - 00613255 _____ (CMI Limited) C:\Users\xx\AppData\Local\nsz3DEC.tmp
2015-05-16 17:25 - 2015-05-16 17:24 - 00613255 _____ (CMI Limited) C:\Users\xx\AppData\Local\nstA4A0.tmp
2015-05-16 17:06 - 2015-05-16 17:24 - 00000000 ____D () C:\Users\xx\AppData\Roaming\E1A6FB90-1431788769-1020-0615-211750000000
2015-05-16 17:06 - 2009-06-10 23:00 - 00000824 _____ () C:\Windows\system32\Drivers\etc\hp.bak
2015-05-04 12:18 - 2015-05-04 12:18 - 00000000 _____ () C:\Users\xx\AppData\Local\.a852.db
2015-05-01 10:00 - 2015-05-16 17:18 - 00003806 _____ () C:\Windows\SysWOW64\${LOGFILE}
2015-05-01 09:52 - 2015-05-01 09:52 - 00003130 _____ () C:\Windows\System32\Tasks\{6C03F32F-EC3E-4378-A904-09E7B45B79A9}
2015-04-28 18:40 - 2015-05-16 20:16 - 00000004 _____ () C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-04-28 17:42 - 2015-04-28 17:42 - 00000000 ____D () C:\Users\xx\Documents\Optimizer Pro
2015-04-28 17:38 - 2015-05-16 18:56 - 00000437 _____ () C:\Users\xx\AppData\Local\recently-fix.db
2015-04-28 17:38 - 2015-04-28 17:44 - 00003300 _____ () C:\Windows\System32\Tasks\WIN-statsAdmin
2015-04-28 17:38 - 2015-04-28 17:38 - 00003274 _____ () C:\Windows\System32\Tasks\KA2mWpwC4zeodnU
2015-04-28 17:38 - 2015-04-28 17:38 - 00003234 _____ () C:\Windows\System32\Tasks\IfIYHOTn4QRux1k
2015-04-28 17:38 - 2015-04-28 17:38 - 00003232 _____ () C:\Windows\System32\Tasks\JKe63u5RPqX1IJL
2015-04-28 17:38 - 2015-04-28 17:38 - 00000000 ____D () C:\Users\xx\AppData\Roaming\vdUw4rg
2015-04-28 17:38 - 2015-04-28 17:38 - 00000000 ____D () C:\Users\xx\AppData\Roaming\Un0yuBT
2015-04-28 17:38 - 2015-04-28 17:38 - 00000000 ____D () C:\Users\xx\AppData\Roaming\pFV5Mhf
2015-05-16 18:18 - 2015-05-16 18:18 - 0628688 _____ (CMI Limited) C:\Users\xx\AppData\Local\nsn9ED7.tmp
2015-05-16 17:25 - 2015-05-16 17:24 - 0613255 _____ (CMI Limited) C:\Users\xx\AppData\Local\nstA4A0.tmp
2015-05-16 17:40 - 2015-05-16 17:40 - 0613255 _____ (CMI Limited) C:\Users\xx\AppData\Local\nsz3DEC.tmp
2014-03-15 11:21 - 2014-03-15 22:16 - 0013880 _____ () C:\ProgramData\bnijo28z.fee
Task: {13CA65F1-D0FC-4C1E-9544-6833EDD6C052} - System32\Tasks\WIN-statsAdmin => C:\Users\xx\AppData\Local\Microsoft\WinU\~tistxyx.exe <==== ATTENTION
Task: {29350A53-FB18-4DF6-BA4B-7721A8E98602} - System32\Tasks\{5709581D-ADF8-4771-9A8D-2FE12AA7F600} => pcalua.exe -a C:\Users\xx\AppData\Roaming\mystartsearch\UninstallManager.exe -c -ptid=slb2
Task: {405C3504-118F-4E35-8DF1-C27821289006} - System32\Tasks\{8325F6C8-0D81-4194-8B7C-4782E665709E} => pcalua.exe -a "C:\Program Files (x86)\WildGames\Uninstall.exe"
Task: {5716439E-B7EB-4FC5-81E4-0BAEA1CB872C} - System32\Tasks\NetEngine => C:\ProgramData\NetEngine\bin\D10\netengine.exe [2015-05-17] () <==== ATTENTION
Task: {643D4459-EF74-4241-848A-0D7C51DD7D09} - System32\Tasks\HJPQXRTER => C:\ProgramData\c1c05f7061d940b085ed209085e4a787\c1c05f7061d940b085ed209085e4a787.exe [2015-05-14] ()
Task: {65B895DE-C182-4435-A605-23D1B3765466} - \Re-Markable Update No Task File <==== ATTENTION
Task: {7FB7A503-E5A5-4456-8932-FC20EC8039D1} - System32\Tasks\{E515B78C-8CEF-40CC-BF56-B18646F7A045} => pcalua.exe -a C:\Users\xx\AppData\Roaming\webssearches\UninstallManager.exe -c -ptid=obw <==== ATTENTION
Task: {88CD1B2B-2207-4A80-A996-CB974ED5B08A} - System32\Tasks\EMAUAH1 => C:\ProgramData\LolliScan\LolliScan.exe
Task: {AAE2B76D-2BA5-4AB0-B69F-E2A237AF68F6} - System32\Tasks\JKe63u5RPqX1IJL => C:\Users\xx\AppData\Roaming\vdUw4rg\iFDDGyI.exe [2015-04-28] ( )
Task: {BDD3A72A-7808-410F-A80C-3908ADF40576} - System32\Tasks\KA2mWpwC4zeodnU => C:\Users\xx\AppData\Roaming\Un0yuBT\lWofrS1.exe [2015-04-28] ( )
Task: {D0FEEF24-7291-4F90-B8E1-79B245D86F2D} - System32\Tasks\{6C03F32F-EC3E-4378-A904-09E7B45B79A9} => pcalua.exe -a C:\Users\xx\AppData\Roaming\istartsurf\UninstallManager.exe -c -ptid=obw
Task: {ED468EBB-0512-4492-AF24-E0E90D6DD42A} - System32\Tasks\IfIYHOTn4QRux1k => C:\Users\xx\AppData\Roaming\pFV5Mhf\fmWFfpR.exe [2015-04-28] ( )
Task: {F5E9EDBF-4E37-4331-99B1-A4F863E1AF7E} - System32\Tasks\WIN-statsSystem => C:\Users\xx\AppData\Local\Microsoft\WinU\~yucofvp.exe
Task: C:\Windows\Tasks\EMAUAH1.job => C:\ProgramData\LolliScan\LolliScan.exe
"C:\ProgramData\LolliScan\LolliScan64.dll" => Value Data removed successfully.
"C:\ProgramData\LolliScan\LolliScan32.dll" => Value Data removed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\fst_fr_68 => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\gmsd_fr_509 => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\gmsd_fr_539 => value deleted successfully.
C:\Users\xx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hqghumeaylnlf.lnk => Moved successfully.
C:\ProgramData\{5a7e33d4-7d6f-8a5a-5a7e-e33d47d6cf51}\hqghumeaylnlf.exe not found.
HKLM\Software\Mozilla\Firefox\Extensions\\{5081D2D4-1637-404c-B74F-50526718257D} => value deleted successfully.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\{5081D2D4-1637-404c-B74F-50526718257D} => value deleted successfully.
HKU\S-1-5-21-375400878-4290662891-575217006-1000\Software\Mozilla\Firefox\Extensions\\{fd4267e8-9c63-47d4-a37a-3714f991605d} => value deleted successfully.
KELsnckkk => Unable to stop service
KELsnckkk => Service deleted successfully.
Updater Service => Service stopped successfully.
Updater Service => Service deleted successfully.
xixynyko => Service stopped successfully.
xixynyko => Service deleted successfully.
xygefuzu => Service stopped successfully.
xygefuzu => Service deleted successfully.
cipyjywi => Service deleted successfully.
lupucylu => Service not found.
pihewyqu => Service deleted successfully.
C:\BreakingNewsAlert => Moved successfully.
C:\Windows\System32\Tasks\NetEngine => Moved successfully.
C:\ProgramData\NetEngine => Moved successfully.
C:\Users\xx\AppData\Local\BreakingNewsAlert => Moved successfully.
C:\Windows\Tasks\EMAUAH1.job => Moved successfully.
"C:\ProgramData\kjdhaYImg" directory move:
Could not move "C:\ProgramData\kjdhaYImg" directory. => Scheduled to move on reboot.
C:\Windows\System32\Tasks\HJPQXRTER => Moved successfully.
C:\Windows\System32\Tasks\EMAUAH1 => Moved successfully.
C:\Users\xx\AppData\Roaming\E1A6FB90-1431800763-1020-0615-211750000000 => Moved successfully.
C:\ProgramData\c1c05f7061d940b085ed209085e4a787 => Moved successfully.
C:\ProgramData\7c0535b143fc4671b6ebd202fbffe066 => Moved successfully.
C:\Users\xx\AppData\Roaming\E1A6FB90-1431795298-1020-0615-211750000000 => Moved successfully.
C:\Program Files (x86)\Exploremedia => Moved successfully.
C:\Windows\System32\Tasks\{5709581D-ADF8-4771-9A8D-2FE12AA7F600} => Moved successfully.
C:\Windows\system32\Drivers\Msft_Kernel_webTinstMKTN84_01009.Wdf => Moved successfully.
C:\user.js => Moved successfully.
C:\Windows\SysWOW64\Number of results => Moved successfully.
C:\Users\xx\AppData\Local\nsn9ED7.tmp => Moved successfully.
C:\Users\xx\AppData\Local\nsz3DEC.tmp => Moved successfully.
C:\Users\xx\AppData\Local\nstA4A0.tmp => Moved successfully.
C:\Users\xx\AppData\Roaming\E1A6FB90-1431788769-1020-0615-211750000000 => Moved successfully.
C:\Windows\system32\Drivers\etc\hp.bak => Moved successfully.
C:\Users\xx\AppData\Local\.a852.db => Moved successfully.
C:\Windows\SysWOW64\${LOGFILE} => Moved successfully.
C:\Windows\System32\Tasks\{6C03F32F-EC3E-4378-A904-09E7B45B79A9} => Moved successfully.
C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7 => Moved successfully.
C:\Users\xx\Documents\Optimizer Pro => Moved successfully.
C:\Users\xx\AppData\Local\recently-fix.db => Moved successfully.
C:\Windows\System32\Tasks\WIN-statsAdmin => Moved successfully.
C:\Windows\System32\Tasks\KA2mWpwC4zeodnU => Moved successfully.
C:\Windows\System32\Tasks\IfIYHOTn4QRux1k => Moved successfully.
C:\Windows\System32\Tasks\JKe63u5RPqX1IJL => Moved successfully.
C:\Users\xx\AppData\Roaming\vdUw4rg => Moved successfully.
C:\Users\xx\AppData\Roaming\Un0yuBT => Moved successfully.
C:\Users\xx\AppData\Roaming\pFV5Mhf => Moved successfully.
"C:\Users\xx\AppData\Local\nsn9ED7.tmp" => File/Directory not found.
"C:\Users\xx\AppData\Local\nstA4A0.tmp" => File/Directory not found.
"C:\Users\xx\AppData\Local\nsz3DEC.tmp" => File/Directory not found.
C:\ProgramData\bnijo28z.fee => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{13CA65F1-D0FC-4C1E-9544-6833EDD6C052}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{13CA65F1-D0FC-4C1E-9544-6833EDD6C052}" => Key deleted successfully.
C:\Windows\System32\Tasks\WIN-statsAdmin not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WIN-statsAdmin" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{29350A53-FB18-4DF6-BA4B-7721A8E98602}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{29350A53-FB18-4DF6-BA4B-7721A8E98602}" => Key deleted successfully.
C:\Windows\System32\Tasks\{5709581D-ADF8-4771-9A8D-2FE12AA7F600} not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{5709581D-ADF8-4771-9A8D-2FE12AA7F600}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{405C3504-118F-4E35-8DF1-C27821289006}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{405C3504-118F-4E35-8DF1-C27821289006}" => Key deleted successfully.
C:\Windows\System32\Tasks\{8325F6C8-0D81-4194-8B7C-4782E665709E} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{8325F6C8-0D81-4194-8B7C-4782E665709E}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{5716439E-B7EB-4FC5-81E4-0BAEA1CB872C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5716439E-B7EB-4FC5-81E4-0BAEA1CB872C}" => Key deleted successfully.
C:\Windows\System32\Tasks\NetEngine not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NetEngine" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{643D4459-EF74-4241-848A-0D7C51DD7D09}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{643D4459-EF74-4241-848A-0D7C51DD7D09}" => Key deleted successfully.
C:\Windows\System32\Tasks\HJPQXRTER not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HJPQXRTER" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{65B895DE-C182-4435-A605-23D1B3765466}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{65B895DE-C182-4435-A605-23D1B3765466}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Re-Markable Update" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7FB7A503-E5A5-4456-8932-FC20EC8039D1}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7FB7A503-E5A5-4456-8932-FC20EC8039D1}" => Key deleted successfully.
C:\Windows\System32\Tasks\{E515B78C-8CEF-40CC-BF56-B18646F7A045} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E515B78C-8CEF-40CC-BF56-B18646F7A045}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{88CD1B2B-2207-4A80-A996-CB974ED5B08A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{88CD1B2B-2207-4A80-A996-CB974ED5B08A}" => Key deleted successfully.
C:\Windows\System32\Tasks\EMAUAH1 not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EMAUAH1" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AAE2B76D-2BA5-4AB0-B69F-E2A237AF68F6}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AAE2B76D-2BA5-4AB0-B69F-E2A237AF68F6}" => Key deleted successfully.
C:\Windows\System32\Tasks\JKe63u5RPqX1IJL not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\JKe63u5RPqX1IJL" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{BDD3A72A-7808-410F-A80C-3908ADF40576}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BDD3A72A-7808-410F-A80C-3908ADF40576}" => Key deleted successfully.
C:\Windows\System32\Tasks\KA2mWpwC4zeodnU not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\KA2mWpwC4zeodnU" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D0FEEF24-7291-4F90-B8E1-79B245D86F2D}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D0FEEF24-7291-4F90-B8E1-79B245D86F2D}" => Key deleted successfully.
C:\Windows\System32\Tasks\{6C03F32F-EC3E-4378-A904-09E7B45B79A9} not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{6C03F32F-EC3E-4378-A904-09E7B45B79A9}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{ED468EBB-0512-4492-AF24-E0E90D6DD42A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ED468EBB-0512-4492-AF24-E0E90D6DD42A}" => Key deleted successfully.
C:\Windows\System32\Tasks\IfIYHOTn4QRux1k not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\IfIYHOTn4QRux1k" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F5E9EDBF-4E37-4331-99B1-A4F863E1AF7E}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F5E9EDBF-4E37-4331-99B1-A4F863E1AF7E}" => Key deleted successfully.
C:\Windows\System32\Tasks\WIN-statsSystem => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WIN-statsSystem" => Key deleted successfully.
C:\Windows\Tasks\EMAUAH1.job not found.
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-05-17 14:05:59)<=
C:\ProgramData\kjdhaYImg => Is moved successfully.
End of Fixlog 14:05:59
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 659
Modifié par Malekal_morte- le 17/05/2015 à 18:55
Modifié par Malekal_morte- le 17/05/2015 à 18:55
Réinitialise bien les navigateurs WEB et histoire de terminer.
Télécharge et installe Malwarebyte : https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
Mets le à jour puis lance un examen.
Supprime les éléments détectés.
Like the angel you are, you laugh creating a lightness in my chest,
Your eyes they penetrate me,
(Your answer's always 'maybe')
That's when I got up and left
Télécharge et installe Malwarebyte : https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
Mets le à jour puis lance un examen.
Supprime les éléments détectés.
Like the angel you are, you laugh creating a lightness in my chest,
Your eyes they penetrate me,
(Your answer's always 'maybe')
That's when I got up and left
6 mai 2015 à 11:50
# AdwCleaner v4.203 -0 Rapport créé le 06/05/2015 à 11:43:19
# Mis à jour le 30/04/2015 par Xplode
# Base de données : 2015-05-05.1 [Serveur]
# Système d'exploitation : Windows 8.1 (x64)
# Nom d'utilisateur : Julie -0 PC-JULIE
# Exécuté depuis : C:\Users\Julie\Downloads\adwcleaner_4.203(1).exe
# Option : Nettoyer
-\\ Internet Explorer v11.0.9600.17416
-\\ Mozilla Firefox v37.0.2 (x86 fr)
-\\ Google Chrome v
AdwCleaner[R0].txt -0 [22931 octets] -0 [06/05/2015 10:42:43]
AdwCleaner[R1].txt -0 [925 octets] -0 [06/05/2015 11:39:02]
AdwCleaner[R2].txt -0 [984 octets] -0 [06/05/2015 11:42:34]
AdwCleaner[S0].txt -0 [21290 octets] -0 [06/05/2015 10:45:10]
AdwCleaner[S1].txt -0 [906 octets] -0 [06/05/2015 11:43:19]
########## EOF -0 C:\AdwCleaner\AdwCleaner[S1].txt -0 [965 octets] ##########
6 mai 2015 à 11:59
6 mai 2015 à 12:07
https://pjjoint.malekal.com/files.php?id=20150506_u8w15k6u10k7
https://pjjoint.malekal.com/files.php?id=20150506_d15c15i9q12d14
https://pjjoint.malekal.com/files.php?id=20150506_d12i9w10k6i6
6 mai 2015 à 12:13
Tu peux t'inspirer de cette note explicative avec des captures d'écran pour t'aider: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/#fix
Ouvre le bloc-notes : Touche Windows + R, dans le champs executer, tape notepad et OK.
Copie/colle dedans ce qui suit :
2015-04-14 18:28 - 2015-04-14 18:28 - 00004387 _____ () C:\Users\Julie\AppData\Roaming\yOKGIVqnsnVwadNHXCSuA4aThNG
2015-04-14 18:28 - 2015-04-14 18:28 - 00004387 _____ () C:\Users\Julie\AppData\Roaming\4fNIUC5JeHotZSxCn7
2015-05-05 11:01 - 2015-05-05 22:50 - 00000000 ____D () C:\ProgramData\nnjVZRfTnsx
2015-05-05 10:54 - 2015-05-05 10:54 - 00613255 _____ (CMI Limited) C:\Users\Julie\AppData\Local\nsuB6A3.tmp
2015-05-05 10:53 - 2015-05-05 10:53 - 00613255 _____ (CMI Limited) C:\Users\Julie\AppData\Local\nsmCBEB.tmp
2015-05-05 10:40 - 2015-05-05 16:40 - 00000000 ____D () C:\ProgramData\f68332f424604575b4e9ca42c0c35935
2015-05-05 10:40 - 2015-05-05 10:40 - 00000000 ____D () C:\ProgramData\3c9fc34af925438d90c9a3b90321f01f
2015-05-05 10:37 - 2015-05-05 10:37 - 00000000 ____D () C:\Program Files (x86)\Fragile Fixer
2015-05-05 10:37 - 2015-05-05 10:37 - 00000000 ____D () C:\Program Files (x86)\ConnectPC
Une fois, le texte coller dans le bloc-note.
Menu Fichier puis Enregistrer sous.
A gauche, place toi sur le bureau.
Dans le champs en bas, nom du fichier mets : fixlist.txt
Clic sur Enregistrer - cela va créer un fichier fixlist.txt sur le bureau.
Relance FRST et clic sur le bouton Fix
Selon comment un redémarrage est nécessaire (pas obligatoire).
Un fichier texte apparaît, copie/colle le contenu ici dans un nouveau message.
Redémarre l'ordinateur
puis réinitialise tes navigateurs:
==================================
Réinitialise tes navigateurs et ou manuellement reparamètre tes navigateurs WEB (page de démarrage, moteur de recherche etc) mais aussi supprimer/désactiver les extensions inutiles/parasites :
6 mai 2015 à 13:00
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 06-05-2015
Ran by Julie at 2015-05-06 12:58:07 Run:1
Running from C:\Users\Julie\Desktop
Loaded Profiles: Julie (Available profiles: Julie)
Boot Mode: Normal
==============================================
Content of fixlist:
2015-04-14 18:28 - 2015-04-14 18:28 - 00004387 _____ () C:\Users\Julie\AppData\Roaming\yOKGIVqnsnVwadNHXCSuA4aThNG
2015-04-14 18:28 - 2015-04-14 18:28 - 00004387 _____ () C:\Users\Julie\AppData\Roaming\4fNIUC5JeHotZSxCn7
2015-05-05 11:01 - 2015-05-05 22:50 - 00000000 ____D () C:\ProgramData\nnjVZRfTnsx
2015-05-05 10:54 - 2015-05-05 10:54 - 00613255 _____ (CMI Limited) C:\Users\Julie\AppData\Local\nsuB6A3.tmp
2015-05-05 10:53 - 2015-05-05 10:53 - 00613255 _____ (CMI Limited) C:\Users\Julie\AppData\Local\nsmCBEB.tmp
2015-05-05 10:40 - 2015-05-05 16:40 - 00000000 ____D () C:\ProgramData\f68332f424604575b4e9ca42c0c35935
2015-05-05 10:40 - 2015-05-05 10:40 - 00000000 ____D () C:\ProgramData\3c9fc34af925438d90c9a3b90321f01f
2015-05-05 10:37 - 2015-05-05 10:37 - 00000000 ____D () C:\Program Files (x86)\Fragile Fixer
2015-05-05 10:37 - 2015-05-05 10:37 - 00000000 ____D () C:\Program Files (x86)\ConnectPC
C:\Users\Julie\AppData\Roaming\yOKGIVqnsnVwadNHXCSuA4aThNG => Moved successfully.
C:\Users\Julie\AppData\Roaming\4fNIUC5JeHotZSxCn7 => Moved successfully.
C:\ProgramData\nnjVZRfTnsx => Moved successfully.
C:\Users\Julie\AppData\Local\nsuB6A3.tmp => Moved successfully.
C:\Users\Julie\AppData\Local\nsmCBEB.tmp => Moved successfully.
C:\ProgramData\f68332f424604575b4e9ca42c0c35935 => Moved successfully.
C:\ProgramData\3c9fc34af925438d90c9a3b90321f01f => Moved successfully.
C:\Program Files (x86)\Fragile Fixer => Moved successfully.
C:\Program Files (x86)\ConnectPC => Moved successfully.
End of Fixlog 12:58:08