Infection de l'ordinateur

Résolu/Fermé

nanoq44 - 24 mai 2015 à 12:09
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 - 25 mai 2015 à 14:30

Bonjour,

mon ordinateur portable toshiba est infesté de logiciels qui se lancent tout seul et pollue la navigation. Le programme Continue Live Installation apparait sur le bureau. Apres avoir essayer plusieurs anti spyware comme Malwarebytes, Adwares, JRT,.. lu pas mal de sujet sur le forum et croisé le tuto :

http://www.malekal.com/2013/06/15/tutorial-farbar-recovery-scan-tool-frst/

je m'en remet au lecteur de ce forum en envoyant les 3 fichiers (FRST , Addition, Shortcut ) :

http://pjjoint.malekal.com/files.php?id=20150524_r5p13c6s12q11

http://pjjoint.malekal.com/files.php?id=20150524_g88c9p8u12

http://pjjoint.malekal.com/files.php?id=20150524_r15s5i11l5t5

Merci

A voir également:

Infection de l'ordinateur
Ordinateur qui rame - Guide
Réinitialiser ordinateur - Guide
Pad ordinateur - Guide
Comment réinitialiser un ordinateur verrouillé - Guide
Qu'est ce qui se lance au démarrage de l'ordinateur - Guide

3 réponses

Réponse 1 / 3

Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 656
24 mai 2015 à 12:15

Salut,

Je regarde cela =)

Réponse 2 / 3

Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 656
24 mai 2015 à 12:25

Voici la correction à effectuer avec FRST.
Tu peux t'inspirer de cette note explicative avec des captures d'écran pour t'aider: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/#fix

Ouvre le bloc-notes : Touche Windows + R, dans le champs executer, tape notepad et OK.
Copie/colle dedans ce qui suit :

HKLM-x32\...\RunOnce: [upgmsd_fr_552.exe] => C:\Users\yannick\AppData\Local\gmsd_fr_552\upgmsd_fr_552.exe [3296200 2015-05-18] ()
Winsock: Catalog9-x64 01 C:\windows\system32\abengine64.dll File Not ' & & '
Winsock: Catalog9-x64 02 C:\windows\system32\abengine64.dll File Not ' & & '
Winsock: Catalog9-x64 03 C:\windows\system32\abengine64.dll File Not ' & & '
Winsock: Catalog9-x64 04 C:\windows\system32\abengine64.dll File Not ' & & '
Winsock: Catalog9-x64 16 C:\windows\system32\abengine64.dll File Not ' & & '
R2 SG_Service; C:\ProgramData\RbtProt\sgsrv.exe [180224 2007-04-04] () []
R2 sijypolo; C:\Users\yannick\AppData\Roaming\908EDA80-1427658385-81E2-3434-4C72B96F2E98\nszF802.tmp [124416 2015-05-10] () []
R2 sojihemu; C:\Users\yannick\AppData\Roaming\908EDA80-1431266383-81E2-3434-4C72B96F2E98\jnsb70EC.tmp [348672 2015-05-10] () []
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [112080 2011-02-10] (Toshiba Europe GmbH)
R2 tobereze; C:\Users\yannick\AppData\Roaming\908EDA80-1427658385-81E2-3434-4C72B96F2E98\jnsh5EC2.tmp [173568 2015-03-29] () []
S2 23cb3056; C:\windows\system32\rundll32.exe c:\Program Files (x86)\Optimizer Pro 3.93\OptProMon.dll,ENT <==== ATTENTION
R2 bybuxino; C:\Users\yannick\AppData\Local\908EDA80-1431273777-81E2-3434-4C72B96F2E98\cnsn3401.tmp [206336 2015-05-10] () []
S1 innfd_1_10_0_13; system32\drivers\innfd_1_10_0_13.sys [X]
2015-05-23 12:33 - 2015-05-23 12:33 - 00000000 ____D () C:\ProgramData\{2a389fa6-e1d1-9461-2a38-89fa6e1d7e9b}
2015-05-23 12:30 - 2015-05-23 12:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossbrowse
2015-05-23 12:22 - 2015-05-24 11:28 - 00015226 _____ () C:\windows\PFRO.log
2015-05-23 12:22 - 2015-05-24 11:28 - 00000948 _____ () C:\windows\setupact.log
2015-05-23 12:22 - 2015-05-23 12:22 - 00000000 _____ () C:\windows\setuperr.log
2015-05-23 12:20 - 2015-05-24 11:39 - 00034689 _____ () C:\windows\WindowsUpdate.log
2015-05-19 22:59 - 2015-05-19 22:59 - 00000000 ____D () C:\Program Files (x86)\Edu App
2015-05-19 22:58 - 2015-05-19 22:58 - 00000916 _____ () C:\windows\Tasks\SoftwareUpdateTaskMachineCore.job
2015-05-19 22:58 - 2015-05-19 22:58 - 00000000 _____ () C:\windows\SysWOW64\Number of results
2015-05-19 22:57 - 2015-05-24 11:32 - 00000000 ____D () C:\Users\yannick\AppData\Local\gmsd_fr_552
2015-05-19 22:57 - 2015-05-23 12:15 - 00000000 ____D () C:\Users\yannick\AppData\Local\SmartWeb
2015-05-19 22:57 - 2015-05-19 22:58 - 00000000 ____D () C:\Program Files (x86)\gmsd_fr_552
2015-05-10 16:20 - 2015-05-10 16:19 - 00613255 _____ (CMI Limited) C:\Users\yannick\AppData\Local\nsd4F80.tmp
2015-05-10 16:17 - 2015-05-19 22:25 - 00000998 _____ () C:\windows\Tasks\gAH8TLj2e.job
2015-05-10 16:17 - 2015-05-10 16:17 - 00004036 _____ () C:\windows\System32\Tasks\gAH8TLj2e
2015-05-10 16:03 - 2015-05-10 16:08 - 00000000 ____D () C:\Users\yannick\AppData\Local\908EDA80-1431273797-81E2-3434-4C72B96F2E98
2015-05-10 16:02 - 2015-05-10 16:03 - 00000000 ____D () C:\Users\yannick\AppData\Local\908EDA80-1431273777-81E2-3434-4C72B96F2E98
2015-05-10 15:59 - 2015-05-10 16:16 - 00000000 ____D () C:\Users\yannick\AppData\Roaming\908EDA80-1431266383-81E2-3434-4C72B96F2E98
2015-05-09 22:01 - 2015-05-10 18:23 - 00000000 ____D () C:\Users\yannick\AppData\Roaming\Store
2015-05-09 22:00 - 2015-05-10 13:54 - 00001024 _____ () C:\windows\Tasks\6Shcsw5XFdPDM57WuOALTn.job
2015-05-09 22:00 - 2015-05-09 22:00 - 00004062 _____ () C:\windows\System32\Tasks\6Shcsw5XFdPDM57WuOALTn
2015-04-28 13:21 - 2015-04-28 13:21 - 00003094 _____ () C:\windows\System32\Tasks\iren3006
2015-05-19 22:25 - 2015-03-29 22:24 - 00001344 _____ () C:\windows\Tasks\CJQGB.job
2015-05-10 18:31 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\Speech
2015-05-10 18:16 - 2015-03-29 22:34 - 00000004 _____ () C:\windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-05-10 17:58 - 2015-03-29 21:56 - 00001344 _____ () C:\windows\Tasks\OWARI.job
2015-05-10 17:55 - 2015-03-29 21:46 - 00000000 ____D () C:\Users\yannick\AppData\Roaming\908EDA80-1427658385-81E2-3434-4C72B96F2E98
2015-05-10 13:54 - 2015-04-11 22:04 - 00001344 _____ () C:\windows\Tasks\QJNFZ.job
2015-05-10 13:54 - 2015-03-29 22:25 - 00001346 _____ () C:\windows\Tasks\RAQMHE.job
2015-05-10 13:54 - 2015-03-29 22:09 - 00001338 _____ () C:\windows\Tasks\EG.job
2015-05-10 13:54 - 2015-03-29 22:08 - 00001694 _____ () C:\windows\Tasks\AYVUGWMK.job
2015-05-10 13:54 - 2015-03-29 22:07 - 00001346 _____ () C:\windows\Tasks\MAQTEL.job
2015-05-10 13:54 - 2015-03-29 22:07 - 00001338 _____ () C:\windows\Tasks\PC.job
2015-05-10 13:54 - 2015-03-29 21:56 - 00001338 _____ () C:\windows\Tasks\MV.job
2015-04-14 18:28 - 2015-04-14 18:28 - 0004387 _____ () C:\Users\yannick\AppData\Roaming\6Shcsw5XFdPDM57WuOALTn
2015-03-26 21:14 - 2015-03-26 21:14 - 0005542 _____ () C:\Users\yannick\AppData\Roaming\AYVUGWMK
2015-03-26 21:14 - 2015-03-26 21:14 - 0005542 _____ () C:\Users\yannick\AppData\Roaming\CJQGB
2015-03-26 21:14 - 2015-03-26 21:14 - 0004185 _____ () C:\Users\yannick\AppData\Roaming\EG
2015-04-14 18:28 - 2015-04-14 18:28 - 0004387 _____ () C:\Users\yannick\AppData\Roaming\gAH8TLj2e
2015-03-26 21:14 - 2015-03-26 21:14 - 0005542 _____ () C:\Users\yannick\AppData\Roaming\MAQTEL
2015-03-26 21:14 - 2015-03-26 21:14 - 0004185 _____ () C:\Users\yannick\AppData\Roaming\MV
2015-03-26 21:14 - 2015-03-26 21:14 - 0005542 _____ () C:\Users\yannick\AppData\Roaming\OWARI
2015-03-26 21:14 - 2015-03-26 21:14 - 0004185 _____ () C:\Users\yannick\AppData\Roaming\PC
2015-03-09 23:30 - 2015-03-09 23:30 - 0005487 _____ () C:\Users\yannick\AppData\Roaming\QJNFZ
2015-03-26 21:14 - 2015-03-26 21:14 - 0004185 _____ () C:\Users\yannick\AppData\Roaming\RAQMHE
2015-03-29 15:25 - 2015-03-29 15:25 - 0000000 ____H () C:\Users\yannick\AppData\Local\BIT6F8F.tmp
2015-05-10 16:20 - 2015-05-10 16:19 - 0613255 _____ (CMI Limited) C:\Users\yannick\AppData\Local\nsd4F80.tmp
2015-03-29 22:28 - 2015-03-29 22:28 - 0613255 _____ (CMI Limited) C:\Users\yannick\AppData\Local\nsm40E2.tmp
2015-03-29 21:53 - 2015-03-29 21:53 - 0260876 _____ (VuuPC Limited) C:\Users\yannick\AppData\Local\nso395F.tmp
2015-03-29 15:25 - 2015-03-29 15:25 - 0000000 _____ () C:\Users\yannick\AppData\Local\{F98802DB-0856-4AD6-82DF-1C5270AEAD99}
Task: {09AE1EF6-29E9-43D1-A64A-75FB3947F7C7} - System32\Tasks\fres3005 => C:\PROGRA~2\HIGHLI~1\fres3005.exe
Task: {1235751C-975E-40ED-9DD4-ED887B29EC16} - System32\Tasks\EG => C:\Users\yannick\AppData\Roaming\EG.exe <==== ATTENTION
Task: {1C51CC08-4D8D-4509-BEB0-96D0634064BC} - System32\Tasks\gAH8TLj2e => C:\Users\yannick\AppData\Roaming\gAH8TLj2e.exe <==== ATTENTION
Task: {3FB8BAA8-A19D-4E2E-A79C-5D600AA981D5} - System32\Tasks\trik3004 => C:\PROGRA~2\TabNav\trik3004.exe
Task: {42E5C519-1703-4629-8F9F-47EE1C6B67CC} - System32\Tasks\RAQMHE => C:\Users\yannick\AppData\Roaming\RAQMHE.exe <==== ATTENTION
Task: {4BBC57C9-7ED7-456C-940D-7A2BCFF53083} - System32\Tasks\CJQGB => C:\Users\yannick\AppData\Roaming\CJQGB.exe <==== ATTENTION
Task: {4D480FEB-A575-4F6E-A0E3-A59F982D528D} - System32\Tasks\{FB48739B-A4C0-4476-BBB0-C9B5F98FF66A} => Chrome.exe
Task: {625FFD6A-1F76-4048-9A1C-8FC77F949766} - System32\Tasks\OWARI => C:\Users\yannick\AppData\Roaming\OWARI.exe <==== ATTENTION
Task: {66C41A3A-C099-4758-AA57-3A768A3932CF} - System32\Tasks\WRGIVFX => C:\ProgramData\fb09e4f57f204a6d9999b18999c04a8c\fb09e4f57f204a6d9999b18999c04a8c.exe [2015-03-29] ()
Task: {735F21EB-E7F6-4C34-9A0C-4910EC7DDD16} - System32\Tasks\{C23AA679-5D6E-409D-AAC9-C98E031A8E6C} => Chrome.exe
Task: {792D8ACC-7E3D-46F1-A3E7-60FC3E3A5A79} - \WindApp Update No Task File <==== ATTENTION
Task: {79466BBB-B810-4103-AD12-B47F0DF439F6} - System32\Tasks\{D1F4D8CF-F52E-41E6-A3CE-BDDA528ACFBC} => Chrome.exe
Task: {7AC75E36-9A25-4B02-82DF-20E40AD30296} - System32\Tasks\AYVUGWMK => C:\Users\yannick\AppData\Roaming\AYVUGWMK.exe <==== ATTENTION
Task: {7B681D98-0AC8-4A50-9C80-A00F2D25F8EA} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {86ABD885-7A38-4C81-8669-84BD3C9B0D64} - \1037d394-e837-4431-9304-d99f7ada6218-1-6 No Task File <==== ATTENTION
Task: {87A71ECD-544D-422C-90C8-F061816CEAB9} - System32\Tasks\PC => C:\Users\yannick\AppData\Roaming\PC.exe <==== ATTENTION
Task: {932500C7-3903-4FF9-9B44-6664DFC4ED5C} - \Selection Tools Update No Task File <==== ATTENTION
Task: {97AAE191-6995-4011-92F8-A1F80201E249} - \SPBIW_UpdateTask_Time_313738333137313834322d552d373234572d5a32455b2a No Task File <==== ATTENTION
Task: {C93B9F88-4EE2-41BF-A7A7-4101C6D3FC00} - System32\Tasks\MV => C:\Users\yannick\AppData\Roaming\MV.exe <==== ATTENTION
Task: {DC04772D-D933-486F-BFA0-01C6361FDC9E} - System32\Tasks\6Shcsw5XFdPDM57WuOALTn => C:\Users\yannick\AppData\Roaming\6Shcsw5XFdPDM57WuOALTn.exe <==== ATTENTION
Task: {E8CBB5F2-DAAC-4A62-A0A8-75E449FFC97E} - System32\Tasks\QJNFZ => C:\Users\yannick\AppData\Roaming\QJNFZ.exe <==== ATTENTION
Task: {EB96A45A-DF76-4488-AE88-653307B432A9} - System32\Tasks\iren3006 => C:\PROGRA~2\HIGHLI~1\iren3006.exe <==== ATTENTION
Task: {F680D7FC-01D1-4321-B80C-FDD2D6DFC1DC} - System32\Tasks\MAQTEL => C:\Users\yannick\AppData\Roaming\MAQTEL.exe <==== ATTENTION
Task: C:\windows\Tasks\6Shcsw5XFdPDM57WuOALTn.job => C:\Users\yannick\AppData\Roaming\6Shcsw5XFdPDM57WuOALTn.exe <==== ATTENTION
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\AYVUGWMK.job => C:\Users\yannick\AppData\Roaming\AYVUGWMK.exe <==== ATTENTION
Task: C:\windows\Tasks\CJQGB.job => C:\Users\yannick\AppData\Roaming\CJQGB.exe <==== ATTENTION
Task: C:\windows\Tasks\EG.job => C:\Users\yannick\AppData\Roaming\EG.exe <==== ATTENTION
Task: C:\windows\Tasks\gAH8TLj2e.job => C:\Users\yannick\AppData\Roaming\gAH8TLj2e.exe <==== ATTENTION
Task: C:\windows\Tasks\MAQTEL.job => C:\Users\yannick\AppData\Roaming\MAQTEL.exe <==== ATTENTION
Task: C:\windows\Tasks\MV.job => C:\Users\yannick\AppData\Roaming\MV.exe <==== ATTENTION
Task: C:\windows\Tasks\OWARI.job => C:\Users\yannick\AppData\Roaming\OWARI.exe <==== ATTENTION
Task: C:\windows\Tasks\PC.job => C:\Users\yannick\AppData\Roaming\PC.exe <==== ATTENTION
Task: C:\windows\Tasks\Periodic Synchronize Task.job => c:\programdata\{2a389fa6-e1d1-9461-2a38-89fa6e1d7e9b}\hqghumeaylnlf.exe
Task: C:\windows\Tasks\QJNFZ.job => C:\Users\yannick\AppData\Roaming\QJNFZ.exe <==== ATTENTION
Task: C:\windows\Tasks\RAQMHE.job => C:\Users\yannick\AppData\Roaming\RAQMHE.exe <==== ATTENTION
Task: C:\windows\Tasks\SoftwareUpdateTaskMachineCore.job => C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe <==== ATTENTION
cmd: netsh winsock reset

Une fois, le texte coller dans le bloc-note.
Menu Fichier puis Enregistrer sous.
A gauche, place toi sur le bureau.
Dans le champs en bas, nom du fichier mets : fixlist.txt
Clic sur Enregistrer - cela va créer un fichier fixlist.txt sur le bureau.

Relance FRST et clic sur le bouton Fix
Selon comment un redémarrage est nécessaire (pas obligatoire).
Un fichier texte apparaît, copie/colle le contenu ici dans un nouveau message.

Redémarre l'ordinateur

puis réinitialise tes navigateurs:
==================================
Réinitialise tes navigateurs et ou manuellement reparamètre tes navigateurs WEB (page de démarrage, moteur de recherche etc) mais aussi supprimer/désactiver les extensions inutiles/parasites :

Firefox : https://www.malekal.com/reparer-firefox/?t=36057&start=
Google Chrome : https://www.malekal.com/reparer-google-chrome/?t=35837&start=
Internet Explorer et modules complémentaires / moteurs de recherche : https://forum.malekal.com/viewtopic.php?t=41399&start=

~~

Désinstalle Microsoft Security Essential - puis
installe Avast! : https://www.malekal.com/tutoriel-antivirus-avast/
(Surtout active les détections LPIs pour détecter les programmes parasites et publicitaires)

nanoq44
24 mai 2015 à 13:49

Merci pour cette rapidité .. surtout un dimanche :)

J'ai fait jouer le script par FRST. Voici le texte renvoyé dans le fichier Fixlog.txt

Fix result of Farbar Recovery Scan Tool (x64) Version: 22-05-2015 01
Ran by yannick at 2015-05-24 13:40:14 Run:1
Running from C:\Users\yannick\Desktop
Loaded Profiles: yannick (Available Profiles: yannick)
Boot Mode: Normal
==============================================

fixlist content:

HKLM-x32\...\RunOnce: [upgmsd_fr_552.exe] => C:\Users\yannick\AppData\Local\gmsd_fr_552\upgmsd_fr_552.exe [3296200 2015-05-18] ()

Winsock: Catalog9-x64 01 C:\windows\system32\abengine64.dll File Not ' & & '

Winsock: Catalog9-x64 02 C:\windows\system32\abengine64.dll File Not ' & & '

Winsock: Catalog9-x64 03 C:\windows\system32\abengine64.dll File Not ' & & '

Winsock: Catalog9-x64 04 C:\windows\system32\abengine64.dll File Not ' & & '

Winsock: Catalog9-x64 16 C:\windows\system32\abengine64.dll File Not ' & & '

R2 SG_Service; C:\ProgramData\RbtProt\sgsrv.exe [180224 2007-04-04] () []

R2 sijypolo; C:\Users\yannick\AppData\Roaming\908EDA80-1427658385-81E2-3434-4C72B96F2E98\nszF802.tmp [124416 2015-05-10] () []

R2 sojihemu; C:\Users\yannick\AppData\Roaming\908EDA80-1431266383-81E2-3434-4C72B96F2E98\jnsb70EC.tmp [348672 2015-05-10] () []

S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [112080 2011-02-10] (Toshiba Europe GmbH)

R2 tobereze; C:\Users\yannick\AppData\Roaming\908EDA80-1427658385-81E2-3434-4C72B96F2E98\jnsh5EC2.tmp [173568 2015-03-29] () []

S2 23cb3056; C:\windows\system32\rundll32.exe c:\Program Files (x86)\Optimizer Pro 3.93\OptProMon.dll,ENT <==== ATTENTION

R2 bybuxino; C:\Users\yannick\AppData\Local\908EDA80-1431273777-81E2-3434-4C72B96F2E98\cnsn3401.tmp [206336 2015-05-10] () []

S1 innfd_1_10_0_13; system32\drivers\innfd_1_10_0_13.sys [X]

2015-05-23 12:33 - 2015-05-23 12:33 - 00000000 ____D () C:\ProgramData\{2a389fa6-e1d1-9461-2a38-89fa6e1d7e9b}

2015-05-23 12:30 - 2015-05-23 12:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossbrowse

2015-05-23 12:22 - 2015-05-24 11:28 - 00015226 _____ () C:\windows\PFRO.log

2015-05-23 12:22 - 2015-05-24 11:28 - 00000948 _____ () C:\windows\setupact.log

2015-05-23 12:22 - 2015-05-23 12:22 - 00000000 _____ () C:\windows\setuperr.log

2015-05-23 12:20 - 2015-05-24 11:39 - 00034689 _____ () C:\windows\WindowsUpdate.log

2015-05-19 22:59 - 2015-05-19 22:59 - 00000000 ____D () C:\Program Files (x86)\Edu App

2015-05-19 22:58 - 2015-05-19 22:58 - 00000916 _____ () C:\windows\Tasks\SoftwareUpdateTaskMachineCore.job

2015-05-19 22:58 - 2015-05-19 22:58 - 00000000 _____ () C:\windows\SysWOW64\Number of results

2015-05-19 22:57 - 2015-05-24 11:32 - 00000000 ____D () C:\Users\yannick\AppData\Local\gmsd_fr_552

2015-05-19 22:57 - 2015-05-23 12:15 - 00000000 ____D () C:\Users\yannick\AppData\Local\SmartWeb

2015-05-19 22:57 - 2015-05-19 22:58 - 00000000 ____D () C:\Program Files (x86)\gmsd_fr_552

2015-05-10 16:20 - 2015-05-10 16:19 - 00613255 _____ (CMI Limited) C:\Users\yannick\AppData\Local\nsd4F80.tmp

2015-05-10 16:17 - 2015-05-19 22:25 - 00000998 _____ () C:\windows\Tasks\gAH8TLj2e.job

2015-05-10 16:17 - 2015-05-10 16:17 - 00004036 _____ () C:\windows\System32\Tasks\gAH8TLj2e

2015-05-10 16:03 - 2015-05-10 16:08 - 00000000 ____D () C:\Users\yannick\AppData\Local\908EDA80-1431273797-81E2-3434-4C72B96F2E98

2015-05-10 16:02 - 2015-05-10 16:03 - 00000000 ____D () C:\Users\yannick\AppData\Local\908EDA80-1431273777-81E2-3434-4C72B96F2E98

2015-05-10 15:59 - 2015-05-10 16:16 - 00000000 ____D () C:\Users\yannick\AppData\Roaming\908EDA80-1431266383-81E2-3434-4C72B96F2E98

2015-05-09 22:01 - 2015-05-10 18:23 - 00000000 ____D () C:\Users\yannick\AppData\Roaming\Store

2015-05-09 22:00 - 2015-05-10 13:54 - 00001024 _____ () C:\windows\Tasks\6Shcsw5XFdPDM57WuOALTn.job

2015-05-09 22:00 - 2015-05-09 22:00 - 00004062 _____ () C:\windows\System32\Tasks\6Shcsw5XFdPDM57WuOALTn

2015-04-28 13:21 - 2015-04-28 13:21 - 00003094 _____ () C:\windows\System32\Tasks\iren3006

2015-05-19 22:25 - 2015-03-29 22:24 - 00001344 _____ () C:\windows\Tasks\CJQGB.job

2015-05-10 18:31 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\Speech

2015-05-10 18:16 - 2015-03-29 22:34 - 00000004 _____ () C:\windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7

2015-05-10 17:58 - 2015-03-29 21:56 - 00001344 _____ () C:\windows\Tasks\OWARI.job

2015-05-10 17:55 - 2015-03-29 21:46 - 00000000 ____D () C:\Users\yannick\AppData\Roaming\908EDA80-1427658385-81E2-3434-4C72B96F2E98

2015-05-10 13:54 - 2015-04-11 22:04 - 00001344 _____ () C:\windows\Tasks\QJNFZ.job

2015-05-10 13:54 - 2015-03-29 22:25 - 00001346 _____ () C:\windows\Tasks\RAQMHE.job

2015-05-10 13:54 - 2015-03-29 22:09 - 00001338 _____ () C:\windows\Tasks\EG.job

2015-05-10 13:54 - 2015-03-29 22:08 - 00001694 _____ () C:\windows\Tasks\AYVUGWMK.job

2015-05-10 13:54 - 2015-03-29 22:07 - 00001346 _____ () C:\windows\Tasks\MAQTEL.job

2015-05-10 13:54 - 2015-03-29 22:07 - 00001338 _____ () C:\windows\Tasks\PC.job

2015-05-10 13:54 - 2015-03-29 21:56 - 00001338 _____ () C:\windows\Tasks\MV.job

2015-04-14 18:28 - 2015-04-14 18:28 - 0004387 _____ () C:\Users\yannick\AppData\Roaming\6Shcsw5XFdPDM57WuOALTn

2015-03-26 21:14 - 2015-03-26 21:14 - 0005542 _____ () C:\Users\yannick\AppData\Roaming\AYVUGWMK

2015-03-26 21:14 - 2015-03-26 21:14 - 0005542 _____ () C:\Users\yannick\AppData\Roaming\CJQGB

2015-03-26 21:14 - 2015-03-26 21:14 - 0004185 _____ () C:\Users\yannick\AppData\Roaming\EG

2015-04-14 18:28 - 2015-04-14 18:28 - 0004387 _____ () C:\Users\yannick\AppData\Roaming\gAH8TLj2e

2015-03-26 21:14 - 2015-03-26 21:14 - 0005542 _____ () C:\Users\yannick\AppData\Roaming\MAQTEL

2015-03-26 21:14 - 2015-03-26 21:14 - 0004185 _____ () C:\Users\yannick\AppData\Roaming\MV

2015-03-26 21:14 - 2015-03-26 21:14 - 0005542 _____ () C:\Users\yannick\AppData\Roaming\OWARI

2015-03-26 21:14 - 2015-03-26 21:14 - 0004185 _____ () C:\Users\yannick\AppData\Roaming\PC

2015-03-09 23:30 - 2015-03-09 23:30 - 0005487 _____ () C:\Users\yannick\AppData\Roaming\QJNFZ

2015-03-26 21:14 - 2015-03-26 21:14 - 0004185 _____ () C:\Users\yannick\AppData\Roaming\RAQMHE

2015-03-29 15:25 - 2015-03-29 15:25 - 0000000 ____H () C:\Users\yannick\AppData\Local\BIT6F8F.tmp

2015-05-10 16:20 - 2015-05-10 16:19 - 0613255 _____ (CMI Limited) C:\Users\yannick\AppData\Local\nsd4F80.tmp

2015-03-29 22:28 - 2015-03-29 22:28 - 0613255 _____ (CMI Limited) C:\Users\yannick\AppData\Local\nsm40E2.tmp

2015-03-29 21:53 - 2015-03-29 21:53 - 0260876 _____ (VuuPC Limited) C:\Users\yannick\AppData\Local\nso395F.tmp

2015-03-29 15:25 - 2015-03-29 15:25 - 0000000 _____ () C:\Users\yannick\AppData\Local\{F98802DB-0856-4AD6-82DF-1C5270AEAD99}

Task: {09AE1EF6-29E9-43D1-A64A-75FB3947F7C7} - System32\Tasks\fres3005 => C:\PROGRA~2\HIGHLI~1\fres3005.exe

Task: {1235751C-975E-40ED-9DD4-ED887B29EC16} - System32\Tasks\EG => C:\Users\yannick\AppData\Roaming\EG.exe <==== ATTENTION

Task: {1C51CC08-4D8D-4509-BEB0-96D0634064BC} - System32\Tasks\gAH8TLj2e => C:\Users\yannick\AppData\Roaming\gAH8TLj2e.exe <==== ATTENTION

Task: {3FB8BAA8-A19D-4E2E-A79C-5D600AA981D5} - System32\Tasks\trik3004 => C:\PROGRA~2\TabNav\trik3004.exe

Task: {42E5C519-1703-4629-8F9F-47EE1C6B67CC} - System32\Tasks\RAQMHE => C:\Users\yannick\AppData\Roaming\RAQMHE.exe <==== ATTENTION

Task: {4BBC57C9-7ED7-456C-940D-7A2BCFF53083} - System32\Tasks\CJQGB => C:\Users\yannick\AppData\Roaming\CJQGB.exe <==== ATTENTION

Task: {4D480FEB-A575-4F6E-A0E3-A59F982D528D} - System32\Tasks\{FB48739B-A4C0-4476-BBB0-C9B5F98FF66A} => Chrome.exe

Task: {625FFD6A-1F76-4048-9A1C-8FC77F949766} - System32\Tasks\OWARI => C:\Users\yannick\AppData\Roaming\OWARI.exe <==== ATTENTION

Task: {66C41A3A-C099-4758-AA57-3A768A3932CF} - System32\Tasks\WRGIVFX => C:\ProgramData\fb09e4f57f204a6d9999b18999c04a8c\fb09e4f57f204a6d9999b18999c04a8c.exe [2015-03-29] ()

Task: {735F21EB-E7F6-4C34-9A0C-4910EC7DDD16} - System32\Tasks\{C23AA679-5D6E-409D-AAC9-C98E031A8E6C} => Chrome.exe

Task: {792D8ACC-7E3D-46F1-A3E7-60FC3E3A5A79} - \WindApp Update No Task File <==== ATTENTION

Task: {79466BBB-B810-4103-AD12-B47F0DF439F6} - System32\Tasks\{D1F4D8CF-F52E-41E6-A3CE-BDDA528ACFBC} => Chrome.exe

Task: {7AC75E36-9A25-4B02-82DF-20E40AD30296} - System32\Tasks\AYVUGWMK => C:\Users\yannick\AppData\Roaming\AYVUGWMK.exe <==== ATTENTION

Task: {7B681D98-0AC8-4A50-9C80-A00F2D25F8EA} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)

Task: {86ABD885-7A38-4C81-8669-84BD3C9B0D64} - \1037d394-e837-4431-9304-d99f7ada6218-1-6 No Task File <==== ATTENTION

Task: {87A71ECD-544D-422C-90C8-F061816CEAB9} - System32\Tasks\PC => C:\Users\yannick\AppData\Roaming\PC.exe <==== ATTENTION

Task: {932500C7-3903-4FF9-9B44-6664DFC4ED5C} - \Selection Tools Update No Task File <==== ATTENTION

Task: {97AAE191-6995-4011-92F8-A1F80201E249} - \SPBIW_UpdateTask_Time_313738333137313834322d552d373234572d5a32455b2a No Task File <==== ATTENTION

Task: {C93B9F88-4EE2-41BF-A7A7-4101C6D3FC00} - System32\Tasks\MV => C:\Users\yannick\AppData\Roaming\MV.exe <==== ATTENTION

Task: {DC04772D-D933-486F-BFA0-01C6361FDC9E} - System32\Tasks\6Shcsw5XFdPDM57WuOALTn => C:\Users\yannick\AppData\Roaming\6Shcsw5XFdPDM57WuOALTn.exe <==== ATTENTION

Task: {E8CBB5F2-DAAC-4A62-A0A8-75E449FFC97E} - System32\Tasks\QJNFZ => C:\Users\yannick\AppData\Roaming\QJNFZ.exe <==== ATTENTION

Task: {EB96A45A-DF76-4488-AE88-653307B432A9} - System32\Tasks\iren3006 => C:\PROGRA~2\HIGHLI~1\iren3006.exe <==== ATTENTION

Task: {F680D7FC-01D1-4321-B80C-FDD2D6DFC1DC} - System32\Tasks\MAQTEL => C:\Users\yannick\AppData\Roaming\MAQTEL.exe <==== ATTENTION

Task: C:\windows\Tasks\6Shcsw5XFdPDM57WuOALTn.job => C:\Users\yannick\AppData\Roaming\6Shcsw5XFdPDM57WuOALTn.exe <==== ATTENTION

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\windows\Tasks\AYVUGWMK.job => C:\Users\yannick\AppData\Roaming\AYVUGWMK.exe <==== ATTENTION

Task: C:\windows\Tasks\CJQGB.job => C:\Users\yannick\AppData\Roaming\CJQGB.exe <==== ATTENTION

Task: C:\windows\Tasks\EG.job => C:\Users\yannick\AppData\Roaming\EG.exe <==== ATTENTION

Task: C:\windows\Tasks\gAH8TLj2e.job => C:\Users\yannick\AppData\Roaming\gAH8TLj2e.exe <==== ATTENTION

Task: C:\windows\Tasks\MAQTEL.job => C:\Users\yannick\AppData\Roaming\MAQTEL.exe <==== ATTENTION

Task: C:\windows\Tasks\MV.job => C:\Users\yannick\AppData\Roaming\MV.exe <==== ATTENTION

Task: C:\windows\Tasks\OWARI.job => C:\Users\yannick\AppData\Roaming\OWARI.exe <==== ATTENTION

Task: C:\windows\Tasks\PC.job => C:\Users\yannick\AppData\Roaming\PC.exe <==== ATTENTION

Task: C:\windows\Tasks\Periodic Synchronize Task.job => c:\programdata\{2a389fa6-e1d1-9461-2a38-89fa6e1d7e9b}\hqghumeaylnlf.exe

Task: C:\windows\Tasks\QJNFZ.job => C:\Users\yannick\AppData\Roaming\QJNFZ.exe <==== ATTENTION

Task: C:\windows\Tasks\RAQMHE.job => C:\Users\yannick\AppData\Roaming\RAQMHE.exe <==== ATTENTION

Task: C:\windows\Tasks\SoftwareUpdateTaskMachineCore.job => C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe <==== ATTENTION

cmd: netsh winsock reset

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\\upgmsd_fr_552.exe => value Removed successfully
Winsock: Catalog entry 000000000001 => Removed successfully
Winsock: Catalog entry 000000000002 => Removed successfully
Winsock: Catalog entry 000000000003 => Removed successfully
Winsock: Catalog entry 000000000004 => Removed successfully
Winsock: Catalog entry 000000000016 => Removed successfully
SG_Service => Unable to stop service
SG_Service => Service Removed successfully
sijypolo => Service stopped successfully.
sijypolo => Service Removed successfully
sojihemu => Service stopped successfully.
sojihemu => Service Removed successfully
TemproMonitoringService => Service Removed successfully
tobereze => Service stopped successfully.
tobereze => Service Removed successfully
23cb3056 => Service Removed successfully
bybuxino => Service stopped successfully.
bybuxino => Service Removed successfully
innfd_1_10_0_13 => Service Removed successfully
C:\ProgramData\{2a389fa6-e1d1-9461-2a38-89fa6e1d7e9b} => Moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossbrowse => Moved successfully.
C:\windows\PFRO.log => Moved successfully.
C:\windows\setupact.log => Moved successfully.
C:\windows\setuperr.log => Moved successfully.
C:\windows\WindowsUpdate.log => Moved successfully.
C:\Program Files (x86)\Edu App => Moved successfully.
C:\windows\Tasks\SoftwareUpdateTaskMachineCore.job => Moved successfully.
C:\windows\SysWOW64\Number of results => Moved successfully.
C:\Users\yannick\AppData\Local\gmsd_fr_552 => Moved successfully.
C:\Users\yannick\AppData\Local\SmartWeb => Moved successfully.
C:\Program Files (x86)\gmsd_fr_552 => Moved successfully.
C:\Users\yannick\AppData\Local\nsd4F80.tmp => Moved successfully.
C:\windows\Tasks\gAH8TLj2e.job => Moved successfully.
C:\windows\System32\Tasks\gAH8TLj2e => Moved successfully.
C:\Users\yannick\AppData\Local\908EDA80-1431273797-81E2-3434-4C72B96F2E98 => Moved successfully.
C:\Users\yannick\AppData\Local\908EDA80-1431273777-81E2-3434-4C72B96F2E98 => Moved successfully.
C:\Users\yannick\AppData\Roaming\908EDA80-1431266383-81E2-3434-4C72B96F2E98 => Moved successfully.
C:\Users\yannick\AppData\Roaming\Store => Moved successfully.
C:\windows\Tasks\6Shcsw5XFdPDM57WuOALTn.job => Moved successfully.
C:\windows\System32\Tasks\6Shcsw5XFdPDM57WuOALTn => Moved successfully.
C:\windows\System32\Tasks\iren3006 => Moved successfully.
C:\windows\Tasks\CJQGB.job => Moved successfully.
C:\windows\Speech => Moved successfully.
C:\windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7 => Moved successfully.
C:\windows\Tasks\OWARI.job => Moved successfully.
C:\Users\yannick\AppData\Roaming\908EDA80-1427658385-81E2-3434-4C72B96F2E98 => Moved successfully.
C:\windows\Tasks\QJNFZ.job => Moved successfully.
C:\windows\Tasks\RAQMHE.job => Moved successfully.
C:\windows\Tasks\EG.job => Moved successfully.
C:\windows\Tasks\AYVUGWMK.job => Moved successfully.
C:\windows\Tasks\MAQTEL.job => Moved successfully.
C:\windows\Tasks\PC.job => Moved successfully.
C:\windows\Tasks\MV.job => Moved successfully.
C:\Users\yannick\AppData\Roaming\6Shcsw5XFdPDM57WuOALTn => Moved successfully.
C:\Users\yannick\AppData\Roaming\AYVUGWMK => Moved successfully.
C:\Users\yannick\AppData\Roaming\CJQGB => Moved successfully.
C:\Users\yannick\AppData\Roaming\EG => Moved successfully.
C:\Users\yannick\AppData\Roaming\gAH8TLj2e => Moved successfully.
C:\Users\yannick\AppData\Roaming\MAQTEL => Moved successfully.
C:\Users\yannick\AppData\Roaming\MV => Moved successfully.
C:\Users\yannick\AppData\Roaming\OWARI => Moved successfully.
C:\Users\yannick\AppData\Roaming\PC => Moved successfully.
C:\Users\yannick\AppData\Roaming\QJNFZ => Moved successfully.
C:\Users\yannick\AppData\Roaming\RAQMHE => Moved successfully.
C:\Users\yannick\AppData\Local\BIT6F8F.tmp => Moved successfully.
"C:\Users\yannick\AppData\Local\nsd4F80.tmp" => File/Folder not found.
C:\Users\yannick\AppData\Local\nsm40E2.tmp => Moved successfully.
C:\Users\yannick\AppData\Local\nso395F.tmp => Moved successfully.
C:\Users\yannick\AppData\Local\{F98802DB-0856-4AD6-82DF-1C5270AEAD99} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{09AE1EF6-29E9-43D1-A64A-75FB3947F7C7}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09AE1EF6-29E9-43D1-A64A-75FB3947F7C7}" => key Removed successfully
C:\Windows\System32\Tasks\fres3005 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\fres3005" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1235751C-975E-40ED-9DD4-ED887B29EC16}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1235751C-975E-40ED-9DD4-ED887B29EC16}" => key Removed successfully
C:\Windows\System32\Tasks\EG => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EG" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1C51CC08-4D8D-4509-BEB0-96D0634064BC}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1C51CC08-4D8D-4509-BEB0-96D0634064BC}" => key Removed successfully
C:\Windows\System32\Tasks\gAH8TLj2e not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\gAH8TLj2e" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3FB8BAA8-A19D-4E2E-A79C-5D600AA981D5}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3FB8BAA8-A19D-4E2E-A79C-5D600AA981D5}" => key Removed successfully
C:\Windows\System32\Tasks\trik3004 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\trik3004" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{42E5C519-1703-4629-8F9F-47EE1C6B67CC}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{42E5C519-1703-4629-8F9F-47EE1C6B67CC}" => key Removed successfully
C:\Windows\System32\Tasks\RAQMHE => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RAQMHE" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4BBC57C9-7ED7-456C-940D-7A2BCFF53083}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4BBC57C9-7ED7-456C-940D-7A2BCFF53083}" => key Removed successfully
C:\Windows\System32\Tasks\CJQGB => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CJQGB" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4D480FEB-A575-4F6E-A0E3-A59F982D528D}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4D480FEB-A575-4F6E-A0E3-A59F982D528D}" => key Removed successfully
C:\Windows\System32\Tasks\{FB48739B-A4C0-4476-BBB0-C9B5F98FF66A} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{FB48739B-A4C0-4476-BBB0-C9B5F98FF66A}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{625FFD6A-1F76-4048-9A1C-8FC77F949766}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{625FFD6A-1F76-4048-9A1C-8FC77F949766}" => key Removed successfully
C:\Windows\System32\Tasks\OWARI => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OWARI" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{66C41A3A-C099-4758-AA57-3A768A3932CF}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{66C41A3A-C099-4758-AA57-3A768A3932CF}" => key Removed successfully
C:\Windows\System32\Tasks\WRGIVFX => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WRGIVFX" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{735F21EB-E7F6-4C34-9A0C-4910EC7DDD16}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{735F21EB-E7F6-4C34-9A0C-4910EC7DDD16}" => key Removed successfully
C:\Windows\System32\Tasks\{C23AA679-5D6E-409D-AAC9-C98E031A8E6C} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C23AA679-5D6E-409D-AAC9-C98E031A8E6C}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{792D8ACC-7E3D-46F1-A3E7-60FC3E3A5A79}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{792D8ACC-7E3D-46F1-A3E7-60FC3E3A5A79}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WindApp Update" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{79466BBB-B810-4103-AD12-B47F0DF439F6}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{79466BBB-B810-4103-AD12-B47F0DF439F6}" => key Removed successfully
C:\Windows\System32\Tasks\{D1F4D8CF-F52E-41E6-A3CE-BDDA528ACFBC} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D1F4D8CF-F52E-41E6-A3CE-BDDA528ACFBC}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7AC75E36-9A25-4B02-82DF-20E40AD30296}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7AC75E36-9A25-4B02-82DF-20E40AD30296}" => key Removed successfully
C:\Windows\System32\Tasks\AYVUGWMK => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AYVUGWMK" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7B681D98-0AC8-4A50-9C80-A00F2D25F8EA}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7B681D98-0AC8-4A50-9C80-A00F2D25F8EA}" => key Removed successfully
C:\Windows\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{86ABD885-7A38-4C81-8669-84BD3C9B0D64}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{86ABD885-7A38-4C81-8669-84BD3C9B0D64}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\1037d394-e837-4431-9304-d99f7ada6218-1-6" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{87A71ECD-544D-422C-90C8-F061816CEAB9}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{87A71ECD-544D-422C-90C8-F061816CEAB9}" => key Removed successfully
C:\Windows\System32\Tasks\PC => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PC" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{932500C7-3903-4FF9-9B44-6664DFC4ED5C}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{932500C7-3903-4FF9-9B44-6664DFC4ED5C}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Selection Tools Update" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{97AAE191-6995-4011-92F8-A1F80201E249}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{97AAE191-6995-4011-92F8-A1F80201E249}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SPBIW_UpdateTask_Time_313738333137313834322d552d373234572d5a32455b2a" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C93B9F88-4EE2-41BF-A7A7-4101C6D3FC00}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C93B9F88-4EE2-41BF-A7A7-4101C6D3FC00}" => key Removed successfully
C:\Windows\System32\Tasks\MV => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\MV" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DC04772D-D933-486F-BFA0-01C6361FDC9E}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DC04772D-D933-486F-BFA0-01C6361FDC9E}" => key Removed successfully
C:\Windows\System32\Tasks\6Shcsw5XFdPDM57WuOALTn not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\6Shcsw5XFdPDM57WuOALTn" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E8CBB5F2-DAAC-4A62-A0A8-75E449FFC97E}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E8CBB5F2-DAAC-4A62-A0A8-75E449FFC97E}" => key Removed successfully
C:\Windows\System32\Tasks\QJNFZ => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\QJNFZ" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{EB96A45A-DF76-4488-AE88-653307B432A9}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EB96A45A-DF76-4488-AE88-653307B432A9}" => key Removed successfully
C:\Windows\System32\Tasks\iren3006 not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\iren3006" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F680D7FC-01D1-4321-B80C-FDD2D6DFC1DC}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F680D7FC-01D1-4321-B80C-FDD2D6DFC1DC}" => key Removed successfully
C:\Windows\System32\Tasks\MAQTEL => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\MAQTEL" => key Removed successfully
C:\windows\Tasks\6Shcsw5XFdPDM57WuOALTn.job not found.
C:\windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\windows\Tasks\AYVUGWMK.job not found.
C:\windows\Tasks\CJQGB.job not found.
C:\windows\Tasks\EG.job not found.
C:\windows\Tasks\gAH8TLj2e.job not found.
C:\windows\Tasks\MAQTEL.job not found.
C:\windows\Tasks\MV.job not found.
C:\windows\Tasks\OWARI.job not found.
C:\windows\Tasks\PC.job not found.
C:\windows\Tasks\Periodic Synchronize Task.job => Moved successfully.
C:\windows\Tasks\QJNFZ.job not found.
C:\windows\Tasks\RAQMHE.job not found.
C:\windows\Tasks\SoftwareUpdateTaskMachineCore.job not found.

========= netsh winsock reset =========

Le d?marrage de la fonction d'initialisation InitHelperDll dans NSHHTTP.DLL a ?chou??;
code d'erreur?: 10107

Le catalogue Winsock a ?t? r?initialis? correctement.
Vous devez red?marrer l'ordinateur afin de finaliser la r?initialisation.

========= End of CMD: =========

The system needed a reboot.

End of Fixlog 13:40:34

Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 656
24 mai 2015 à 18:52

y a du mieux ?

nanoq44
25 mai 2015 à 11:56

ma foi.. tout semble fonctionner à merveille.. Plus aucun vilains programmes ne se téléchargent tout seul.
Merci pour tout

Réponse 3 / 3

Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 656
25 mai 2015 à 14:30

=)

Voila, c'est terminé, tu peux supprimer les programmes utilisés.

Quelques conseils :

Pour prévenir les sites malicieux, tu peux installer Blockulicious : https://forum.malekal.com/viewtopic.php?t=46656&start=

Pour ne plus te faire avoir.
A lire - Programmes parasites / PUPs : https://www.malekal.com/adwares-pup-protection/
(Surtout active les détections LPIs pour détecter les programmes parasites et publicitaires)

Le reste de la sécurité : http://forum.malekal.com/comment-securiser-son-ordinateur.html

Discussions similaires

j'ai renversé de l'eau sur mon pc portable

chaima csc

Où est la touche SHIFT sur mon clavier d'ordi ?