Sujet Précédent Sujet Suivant

Win32genmalicious

Fermé
febutox Messages postés 7 Date d'inscription jeudi 11 juin 2015 Statut Membre Dernière intervention 14 juin 2015 - 11 juin 2015 à 18:55
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 - 16 juin 2015 à 21:01
Bonjour,
J'ai il y a 5 jours de cela téléchargé involontairement le virus Win32 genmaliciousA-RGV, j'avais réussis en en supprimer un bonne partie je crois et a le bloquer durant les quelques jours précédent mais il s'avère impossible de le supprimer totalement, j'ai télécharger adwcleaner qui a fait un très bon travail en supprimant de nombreux fichiers infectés mais pas suffisamment, même résultat avec l'analyse avast.
Il rend mon ordi incroyablement lent et le rend totalement fou (des pub qui s'ouvrent, des alertes avasts, des dossiers qui se télécharge...) quand j'ouvre chrome (j'ai finalement réussis a désinstaller browse qu'il avait télécharger par la même occasion).

Quelqu'un peut il s'il vous plait m'aider a supprimer ce virus ?

8 réponses

Réponse 1 / 8
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 627
11 juin 2015 à 18:56
Salut,

Suis ce tutoriel FRST: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/
(et bien prendre le temps de lire afin d'appliquer correctement - tout y est expliqué).
Télécharge et lance le scan FRST, cela va générer trois rapports FRST :
  • FRST.txt
  • Shortcut.txt
  • Additionnal.txt


Envoie, comme expliqué, ces trois rapports sur le site http://pjjoint.malekal.com et en retour donne les trois liens pjjoint qui mènent à ses rapports ici dans une nouvelle réponse afin que l'on puisse les consulter.


0
Réponse 2 / 8
febutox Messages postés 7 Date d'inscription jeudi 11 juin 2015 Statut Membre Dernière intervention 14 juin 2015 1
12 juin 2015 à 17:57
Je te remercie de ta réponse et du temps que tu prend pour mon problème

voila les trois liens demandés :

FRST : https://pjjoint.malekal.com/files.php?id=20150612_v11q11k12z14b8

Additionnal : https://pjjoint.malekal.com/files.php?id=20150612_u10h7l10y12u10

Shortcut : https://pjjoint.malekal.com/files.php?id=20150612_n10w5k5v5g15
0
Réponse 3 / 8
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 627
12 juin 2015 à 21:18
Désinstalle PC Mechanic



Voici la correction à effectuer avec FRST.
Tu peux t'inspirer de cette note explicative avec des captures d'écran pour t'aider: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/#fix

Ouvre le bloc-notes : Touche Windows + R, dans le champs executer, tape notepad et OK.
Copie/colle dedans ce qui suit :


HKLM-x32\...\Run: [gmsd_gb_400] => [X]
HKLM-x32\...\Run: [SmartWeb] => C:\Users\tristan\AppData\Local\SmartWeb\SmartWebHelper.exe [270368 2015-02-17] (SoftBrain Technologies Ltd.)
HKLM-x32\...\Run: [gmsd_gb_415] => [X]
HKU\S-1-5-21-2830974330-3213038589-3334289725-1001\...\Run: [GoogleChromeAutoLaunch_D8D77B87963F80C1473F0A195EEE261F] => C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe --no-startup-window
Startup: C:\Users\tristan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\crossbrowse.lnk [2015-06-08]
ShortcutTarget: crossbrowse.lnk -> C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe (No File)
Startup: C:\Users\tristan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SmartWeb.lnk [2015-06-08]
ShortcutTarget: SmartWeb.lnk -> C:\Users\tristan\AppData\Local\SmartWeb\SmartWebHelper.exe (SoftBrain Technologies Ltd.)
CHR Extension: (johdeoloijidhejmalfkpchbihbiamph) - C:\Users\tristan\AppData\Local\Google\Chrome\User Data\Default\Extensions\johdeoloijidhejmalfkpchbihbiamph [2015-06-12]
R2 kysykiti; C:\Users\tristan\AppData\Local\0C3A8D97-1433776418-E211-9E12-2089841A8360\snsoF872.tmp [147456 2015-06-08] () [File not signed]
R2 lxqvbcbiws32; C:\Program Files\015\lxqvbcbiws32.exe [622392 2015-04-07] ()
S4 xoperoze; C:\Users\tristan\AppData\Roaming\0C3A8D97-1433768944-E211-9E12-2089841A8360\jnsa3879.tmp [219136 2015-06-11] () [File not signed]
R2 zedepory; C:\Users\tristan\AppData\Roaming\0C3A8D97-1433768944-E211-9E12-2089841A8360\hnsn57EA.tmp [166912 2015-06-08] () [File not signed]
S2 Update Hatchiho; C:\Program Files (x86)\Hatchiho\updateHatchiho.exe [X]
S2 Util Hatchiho; C:\Program Files (x86)\Hatchiho\bin\utilHatchiho.exe [X]
R2 xexojiro; C:\Users\tristan\AppData\Roaming\0C3A8D97-1433768944-E211-9E12-2089841A8360\nsyF3C9.tmpfs [X]
R1 {13cb33a3-9c32-487e-92e6-95ade4c01500}Gw64; C:\Windows\System32\drivers\{13cb33a3-9c32-487e-92e6-95ade4c01500}Gw64.sys [48776 2015-06-07] (StdLib)
S1 cherimoya; system32\drivers\cherimoya.sys [X]
S1 innfd_1_10_0_14; system32\drivers\innfd_1_10_0_14.sys [X]
2015-06-09 23:32 - 2015-06-12 02:16 - 00000000 ____D C:\Users\tristan\AppData\Roaming\wp_update
2015-06-09 17:32 - 2015-06-09 17:32 - 00931408 _____ (Google Inc.) C:\Users\tristan\Downloads\ChromeSetup(1).exe
2015-06-09 17:31 - 2015-06-09 17:31 - 00931408 _____ (Google Inc.) C:\Users\tristan\Downloads\ChromeSetup.exe
2015-06-08 18:30 - 2015-06-08 18:30 - 02231296 _____ C:\Users\tristan\Downloads\adwcleaner_4.206.exe
2015-06-08 18:15 - 2015-06-08 18:15 - 00628688 _____ (CMI Limited) C:\Users\tristan\AppData\Local\nsl922A.tmp
2015-06-08 16:29 - 2015-06-08 19:00 - 00000004 _____ C:\WINDOWS\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-06-08 15:29 - 2015-06-08 15:29 - 00003784 _____ C:\WINDOWS\System32\Tasks\WebBarUpdateTask
2015-06-08 15:29 - 2015-06-08 15:29 - 00003262 _____ C:\WINDOWS\System32\Tasks\WebBarLaunchTask
2015-06-08 15:28 - 2015-06-07 17:50 - 00048776 _____ (StdLib) C:\WINDOWS\system32\Drivers\{13cb33a3-9c32-487e-92e6-95ade4c01500}Gw64.sys
2015-06-08 15:27 - 2015-06-12 15:27 - 00001080 _____ C:\WINDOWS\Tasks\Crossbrowse.job
2015-06-08 15:27 - 2015-06-08 15:27 - 00004086 _____ C:\WINDOWS\System32\Tasks\Crossbrowse
2015-06-08 15:27 - 2015-06-08 15:27 - 00000000 ____D C:\Users\tristan\AppData\Local\Crossbrowse
2015-06-08 15:27 - 2015-06-08 15:27 - 00000000 ____D C:\Users\Mickeal\AppData\Local\Crossbrowse
2015-06-08 15:27 - 2015-06-08 15:27 - 00000000 ____D C:\Users\Default\AppData\Local\Crossbrowse
2015-06-08 15:27 - 2015-06-08 15:27 - 00000000 ____D C:\Users\Default User\AppData\Local\Crossbrowse
2015-06-08 15:27 - 2015-06-08 15:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossbrowse
2015-06-08 15:24 - 2015-06-08 15:25 - 00000000 ____D C:\Users\tristan\AppData\Local\SmartWeb
2015-06-08 15:24 - 2015-06-08 15:24 - 00004044 _____ C:\WINDOWS\System32\Tasks\SmartWeb Upgrade Trigger Task
2015-06-08 15:13 - 2015-06-12 01:02 - 00000000 ____D C:\Users\tristan\AppData\Local\0C3A8D97-1433776418-E211-9E12-2089841A8360
2015-06-08 15:09 - 2015-06-11 16:12 - 00000000 ____D C:\Users\tristan\AppData\Roaming\0C3A8D97-1433768947-E211-9E12-2089841A8360
2015-06-08 15:09 - 2015-06-08 20:41 - 00000000 ____D C:\Users\tristan\AppData\Roaming\0C3A8D97-1433768944-E211-9E12-2089841A8360
2015-06-08 15:09 - 2013-08-22 15:25 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hp.bak
2015-06-08 15:08 - 2015-06-08 19:34 - 00000000 ____D C:\Program Files\shopperz
2015-06-08 15:04 - 2015-06-08 15:04 - 03109248 _____ (Enigma Software Group USA, LLC.) C:\Users\tristan\Downloads\SpyHunter-Installer.exe
2015-06-08 15:00 - 2015-06-08 15:00 - 00000000 ____D C:\ProgramData\424a35c60000319c
2015-06-08 14:56 - 2015-06-08 14:56 - 00002078 _____ C:\Users\tristan\Desktop\Continue GamesDesktop Uninstaller.lnk
2015-06-08 14:21 - 2015-06-12 17:20 - 00000000 ____D C:\WINDOWS\SysWOW64\First Verify
2015-06-08 04:52 - 2015-06-12 04:52 - 00000364 _____ C:\WINDOWS\Tasks\Bidaily Synchronize Task[74c7].job
2015-06-08 04:52 - 2015-06-12 04:52 - 00000364 _____ C:\WINDOWS\Tasks\Bidaily Synchronize Task[3c32].job
2015-06-08 04:52 - 2015-06-08 16:52 - 00000000 ____D C:\ProgramData\{f9cac697-f207-3402-f9ca-ac697f201a5f}
2015-06-08 04:52 - 2015-06-08 16:52 - 00000000 ____D C:\ProgramData\{1249f7b8-06b7-ef5c-1249-9f7b806bdee0}
2015-06-08 04:52 - 2015-06-08 15:24 - 00000000 ____D C:\ProgramData\FlashBeat
2015-06-08 04:52 - 2015-06-08 04:52 - 00000000 ____D C:\Program Files\13
2015-06-08 04:52 - 2015-06-08 04:52 - 00000000 ____D C:\Program Files\015
C:\Windows\Temp\uo124.exe
Task: {0DE73DFE-4A44-4739-8448-919D8AF54DF4} - \dc57f25d-c836-4a31-92d0-fbcb80314db7-3 No Task File <==== ATTENTION
Task: {0FAFF6BB-4933-4E64-9D7A-266F965E5763} - \dc57f25d-c836-4a31-92d0-fbcb80314db7-7 No Task File <==== ATTENTION
Task: {10A9B107-7F95-48A7-8B45-848148A63223} - System32\Tasks\Crossbrowse => C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe <==== ATTENTION
Task: {1BE6599C-1477-48C2-829B-751DE8599A7C} - \DealPly No Task File <==== ATTENTION
Task: {29EB5ED7-3167-4420-A940-7656F5A61CCB} - \dc57f25d-c836-4a31-92d0-fbcb80314db7-1-7 No Task File <==== ATTENTION
Task: {2F0A1F43-C327-4164-84B4-4819F993821A} - \dc57f25d-c836-4a31-92d0-fbcb80314db7-5_user No Task File <==== ATTENTION
Task: {2F182271-B656-4BEA-B0E4-8ABB7C799F07} - System32\Tasks\WebBarLaunchTask => C:\Program Files\WebBar\wbsvc.exe
Task: {2F20DB9E-9D53-4CE5-86F3-41F750058468} - System32\Tasks\PC-Mechanic Startup => C:\Program Files (x86)\Uniblue\PC-Mechanic\pc-mechanic.exe
Task: {3C2A18ED-AF8D-4160-8751-3387D619DD92} - System32\Tasks\Bidaily Synchronize Task[74c7] => c:\programdata\{1249f7b8-06b7-ef5c-1249-9f7b806bdee0}\hqghumeaylnlf.exe [2014-06-08] (Super PC Tools Ltd) <==== ATTENTION
Task: {41525B6C-6FA1-4A7C-92D1-E013787FD21C} - \dc57f25d-c836-4a31-92d0-fbcb80314db7-4 No Task File <==== ATTENTION
Task: {46F50328-F420-44FA-B237-240A5F6CBEA8} - \globalUpdateUpdateTaskMachineCore No Task File <==== ATTENTION
Task: {471ADCE0-FAC1-43F2-8A3C-AECD1640C6D0} - \dc57f25d-c836-4a31-92d0-fbcb80314db7-6 No Task File <==== ATTENTION
Task: {4D482348-C942-41B2-BE58-166F0A3946BD} - System32\Tasks\MakeMarkerFile => %ProgramData%\MakeMarkerFile.exe
Task: {4F3AC4D2-720E-491F-80AD-1483114C4DCB} - \dc57f25d-c836-4a31-92d0-fbcb80314db7-1-6 No Task File <==== ATTENTION
Task: {5475F3A5-F071-450A-A0CB-E4AE189DF968} - System32\Tasks\wp_update => C:\Users\tristan\AppData\Roaming\~ujoznqt.exe [2014-04-07] () <==== ATTENTION
Task: {69E07F46-10E7-4C8F-8B1A-FCE0AB921EAF} - System32\Tasks\PC-Mechanic Subscription => C:\Program Files (x86)\Uniblue\PC-Mechanic\pc-mechanic.exe
Task: {75421ECD-6220-4F7F-926B-4AB239E5A569} - System32\Tasks\PC-Mechanic Maintenance => C:\Program Files (x86)\Uniblue\PC-Mechanic\pc-mechanic.exe
Task: {81BA49E6-3D17-46F4-9113-5E6648DB59A2} - \dc57f25d-c836-4a31-92d0-fbcb80314db7-10_user No Task File <==== ATTENTION
Task: {9E36E1A8-82E2-4EAE-BBB4-B98316A17B04} - \globalUpdateUpdateTaskMachineUA No Task File <==== ATTENTION
Task: {AE2684C9-A9BE-4D6A-86F8-3C535B49D87F} - System32\Tasks\SmartWeb Upgrade Trigger Task => C:\Users\tristan\AppData\Local\SmartWeb\SmartWebHelper.exe [2015-02-17] (SoftBrain Technologies Ltd.) <==== ATTENTION
Task: {B00F8EBD-E4B3-4F0E-A2BF-669CD0F2AFED} - \dc57f25d-c836-4a31-92d0-fbcb80314db7-5 No Task File <==== ATTENTION
Task: {C2E25587-239D-4428-A55D-C5C3727BF22C} - System32\Tasks\WebBarUpdateTask => C:\Program Files\WebBar\wbsvc.exe
Task: {D54775A5-70D6-436D-9FA1-CFF57C65F735} - System32\Tasks\Bidaily Synchronize Task[3c32] => c:\programdata\{f9cac697-f207-3402-f9ca-ac697f201a5f}\hqghumeaylnlf.exe [2014-06-08] (PC Utilities Software Limited) <==== ATTENTION
Task: C:\WINDOWS\Tasks\Bidaily Synchronize Task[3c32].job => c:\programdata\{f9cac697-f207-3402-f9ca-ac697f201a5f}\hqghumeaylnlf.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Bidaily Synchronize Task[74c7].job => c:\programdata\{1249f7b8-06b7-ef5c-1249-9f7b806bdee0}\hqghumeaylnlf.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Crossbrowse.job => C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe <==== ATTENTION


Une fois, le texte coller dans le bloc-note.
Menu Fichier puis Enregistrer sous.
A gauche, place toi sur le bureau.
Dans le champs en bas, nom du fichier mets : fixlist.txt
Clic sur Enregistrer - cela va créer un fichier fixlist.txt sur le bureau.

Relance FRST et clic sur le bouton Fix
Selon comment un redémarrage est nécessaire (pas obligatoire).
Un fichier texte apparaît, copie/colle le contenu ici dans un nouveau message.

Redémarre l'ordinateur



puis réinitialise tes navigateurs:
==================================
Réinitialise tes navigateurs et ou manuellement reparamètre tes navigateurs WEB (page de démarrage, moteur de recherche etc) mais aussi supprimer/désactiver les extensions inutiles/parasites :

0
Réponse 4 / 8
febutox Messages postés 7 Date d'inscription jeudi 11 juin 2015 Statut Membre Dernière intervention 14 juin 2015 1
14 juin 2015 à 19:01
J'ai 3 questions suite a cette reponse :

- J'ai fait ce que tu m'as dit une premeirre foi mais ai fermer le rapport final par mégarde. Impossible de le retrouver sur mon ordi, cela changera t-il quoi que ce soit de le refaire une seconde foi et vous envoyer le second rapport ?

- Savez vous comment réinitialiser les navigateur ? :s

- J'ai sur google chrome de nombreuses pages en favoris que j'utilise pour mon travail et dont je ne saurai me souvenir sans ces dossier, le fait de réinitialiser les navigateur vas il supprimer ces favoris ? si oui ai-je une solution pour les sauvegarder ?

Merci
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 8
febutox Messages postés 7 Date d'inscription jeudi 11 juin 2015 Statut Membre Dernière intervention 14 juin 2015 1
14 juin 2015 à 19:05
Autant pour moi pour la première question je viens de le retrouver !

Voila le rapport que vous m'avez demander :

Fix result of Farbar Recovery Scan Tool (x64) Version:08-06-2015
Ran by tristan at 2015-06-13 16:00:20 Run:1
Running from C:\Users\tristan\Desktop\FRST analyse
Loaded Profiles: tristan (Available Profiles: tristan & Mickeal)
Boot Mode: Normal
==============================================

fixlist content:

HKLM-x32\...\Run: [gmsd_gb_400] => [X]
HKLM-x32\...\Run: [SmartWeb] => C:\Users\tristan\AppData\Local\SmartWeb\SmartWebHelper.exe [270368 2015-02-17] (SoftBrain Technologies Ltd.)
HKLM-x32\...\Run: [gmsd_gb_415] => [X]
HKU\S-1-5-21-2830974330-3213038589-3334289725-1001\...\Run: [GoogleChromeAutoLaunch_D8D77B87963F80C1473F0A195EEE261F] => C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe --no-startup-window
Startup: C:\Users\tristan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\crossbrowse.lnk [2015-06-08]
ShortcutTarget: crossbrowse.lnk -> C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe (No File)
Startup: C:\Users\tristan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SmartWeb.lnk [2015-06-08]
ShortcutTarget: SmartWeb.lnk -> C:\Users\tristan\AppData\Local\SmartWeb\SmartWebHelper.exe (SoftBrain Technologies Ltd.)
CHR Extension: (johdeoloijidhejmalfkpchbihbiamph) - C:\Users\tristan\AppData\Local\Google\Chrome\User Data\Default\Extensions\johdeoloijidhejmalfkpchbihbiamph [2015-06-12]
R2 kysykiti; C:\Users\tristan\AppData\Local\0C3A8D97-1433776418-E211-9E12-2089841A8360\snsoF872.tmp [147456 2015-06-08] () [File not signed]
R2 lxqvbcbiws32; C:\Program Files\015\lxqvbcbiws32.exe [622392 2015-04-07] ()
S4 xoperoze; C:\Users\tristan\AppData\Roaming\0C3A8D97-1433768944-E211-9E12-2089841A8360\jnsa3879.tmp [219136 2015-06-11] () [File not signed]
R2 zedepory; C:\Users\tristan\AppData\Roaming\0C3A8D97-1433768944-E211-9E12-2089841A8360\hnsn57EA.tmp [166912 2015-06-08] () [File not signed]
S2 Update Hatchiho; C:\Program Files (x86)\Hatchiho\updateHatchiho.exe [X]
S2 Util Hatchiho; C:\Program Files (x86)\Hatchiho\bin\utilHatchiho.exe [X]
R2 xexojiro; C:\Users\tristan\AppData\Roaming\0C3A8D97-1433768944-E211-9E12-2089841A8360\nsyF3C9.tmpfs [X]
R1 {13cb33a3-9c32-487e-92e6-95ade4c01500}Gw64; C:\Windows\System32\drivers\{13cb33a3-9c32-487e-92e6-95ade4c01500}Gw64.sys [48776 2015-06-07] (StdLib)
S1 cherimoya; system32\drivers\cherimoya.sys [X]
S1 innfd_1_10_0_14; system32\drivers\innfd_1_10_0_14.sys [X]
2015-06-09 23:32 - 2015-06-12 02:16 - 00000000 ____D C:\Users\tristan\AppData\Roaming\wp_update
2015-06-09 17:32 - 2015-06-09 17:32 - 00931408 _____ (Google Inc.) C:\Users\tristan\Downloads\ChromeSetup(1).exe
2015-06-09 17:31 - 2015-06-09 17:31 - 00931408 _____ (Google Inc.) C:\Users\tristan\Downloads\ChromeSetup.exe
2015-06-08 18:30 - 2015-06-08 18:30 - 02231296 _____ C:\Users\tristan\Downloads\adwcleaner_4.206.exe
2015-06-08 18:15 - 2015-06-08 18:15 - 00628688 _____ (CMI Limited) C:\Users\tristan\AppData\Local\nsl922A.tmp
2015-06-08 16:29 - 2015-06-08 19:00 - 00000004 _____ C:\WINDOWS\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-06-08 15:29 - 2015-06-08 15:29 - 00003784 _____ C:\WINDOWS\System32\Tasks\WebBarUpdateTask
2015-06-08 15:29 - 2015-06-08 15:29 - 00003262 _____ C:\WINDOWS\System32\Tasks\WebBarLaunchTask
2015-06-08 15:28 - 2015-06-07 17:50 - 00048776 _____ (StdLib) C:\WINDOWS\system32\Drivers\{13cb33a3-9c32-487e-92e6-95ade4c01500}Gw64.sys
2015-06-08 15:27 - 2015-06-12 15:27 - 00001080 _____ C:\WINDOWS\Tasks\Crossbrowse.job
2015-06-08 15:27 - 2015-06-08 15:27 - 00004086 _____ C:\WINDOWS\System32\Tasks\Crossbrowse
2015-06-08 15:27 - 2015-06-08 15:27 - 00000000 ____D C:\Users\tristan\AppData\Local\Crossbrowse
2015-06-08 15:27 - 2015-06-08 15:27 - 00000000 ____D C:\Users\Mickeal\AppData\Local\Crossbrowse
2015-06-08 15:27 - 2015-06-08 15:27 - 00000000 ____D C:\Users\Default\AppData\Local\Crossbrowse
2015-06-08 15:27 - 2015-06-08 15:27 - 00000000 ____D C:\Users\Default User\AppData\Local\Crossbrowse
2015-06-08 15:27 - 2015-06-08 15:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossbrowse
2015-06-08 15:24 - 2015-06-08 15:25 - 00000000 ____D C:\Users\tristan\AppData\Local\SmartWeb
2015-06-08 15:24 - 2015-06-08 15:24 - 00004044 _____ C:\WINDOWS\System32\Tasks\SmartWeb Upgrade Trigger Task
2015-06-08 15:13 - 2015-06-12 01:02 - 00000000 ____D C:\Users\tristan\AppData\Local\0C3A8D97-1433776418-E211-9E12-2089841A8360
2015-06-08 15:09 - 2015-06-11 16:12 - 00000000 ____D C:\Users\tristan\AppData\Roaming\0C3A8D97-1433768947-E211-9E12-2089841A8360
2015-06-08 15:09 - 2015-06-08 20:41 - 00000000 ____D C:\Users\tristan\AppData\Roaming\0C3A8D97-1433768944-E211-9E12-2089841A8360
2015-06-08 15:09 - 2013-08-22 15:25 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hp.bak
2015-06-08 15:08 - 2015-06-08 19:34 - 00000000 ____D C:\Program Files\shopperz
2015-06-08 15:04 - 2015-06-08 15:04 - 03109248 _____ (Enigma Software Group USA, LLC.) C:\Users\tristan\Downloads\SpyHunter-Installer.exe
2015-06-08 15:00 - 2015-06-08 15:00 - 00000000 ____D C:\ProgramData\424a35c60000319c
2015-06-08 14:56 - 2015-06-08 14:56 - 00002078 _____ C:\Users\tristan\Desktop\Continue GamesDesktop Uninstaller.lnk
2015-06-08 14:21 - 2015-06-12 17:20 - 00000000 ____D C:\WINDOWS\SysWOW64\First Verify
2015-06-08 04:52 - 2015-06-12 04:52 - 00000364 _____ C:\WINDOWS\Tasks\Bidaily Synchronize Task[74c7].job
2015-06-08 04:52 - 2015-06-12 04:52 - 00000364 _____ C:\WINDOWS\Tasks\Bidaily Synchronize Task[3c32].job
2015-06-08 04:52 - 2015-06-08 16:52 - 00000000 ____D C:\ProgramData\{f9cac697-f207-3402-f9ca-ac697f201a5f}
2015-06-08 04:52 - 2015-06-08 16:52 - 00000000 ____D C:\ProgramData\{1249f7b8-06b7-ef5c-1249-9f7b806bdee0}
2015-06-08 04:52 - 2015-06-08 15:24 - 00000000 ____D C:\ProgramData\FlashBeat
2015-06-08 04:52 - 2015-06-08 04:52 - 00000000 ____D C:\Program Files\13
2015-06-08 04:52 - 2015-06-08 04:52 - 00000000 ____D C:\Program Files\015
C:\Windows\Temp\uo124.exe
Task: {0DE73DFE-4A44-4739-8448-919D8AF54DF4} - \dc57f25d-c836-4a31-92d0-fbcb80314db7-3 No Task File <==== ATTENTION
Task: {0FAFF6BB-4933-4E64-9D7A-266F965E5763} - \dc57f25d-c836-4a31-92d0-fbcb80314db7-7 No Task File <==== ATTENTION
Task: {10A9B107-7F95-48A7-8B45-848148A63223} - System32\Tasks\Crossbrowse => C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe <==== ATTENTION
Task: {1BE6599C-1477-48C2-829B-751DE8599A7C} - \DealPly No Task File <==== ATTENTION
Task: {29EB5ED7-3167-4420-A940-7656F5A61CCB} - \dc57f25d-c836-4a31-92d0-fbcb80314db7-1-7 No Task File <==== ATTENTION
Task: {2F0A1F43-C327-4164-84B4-4819F993821A} - \dc57f25d-c836-4a31-92d0-fbcb80314db7-5_user No Task File <==== ATTENTION
Task: {2F182271-B656-4BEA-B0E4-8ABB7C799F07} - System32\Tasks\WebBarLaunchTask => C:\Program Files\WebBar\wbsvc.exe
Task: {2F20DB9E-9D53-4CE5-86F3-41F750058468} - System32\Tasks\PC-Mechanic Startup => C:\Program Files (x86)\Uniblue\PC-Mechanic\pc-mechanic.exe
Task: {3C2A18ED-AF8D-4160-8751-3387D619DD92} - System32\Tasks\Bidaily Synchronize Task[74c7] => c:\programdata\{1249f7b8-06b7-ef5c-1249-9f7b806bdee0}\hqghumeaylnlf.exe [2014-06-08] (Super PC Tools Ltd) <==== ATTENTION
Task: {41525B6C-6FA1-4A7C-92D1-E013787FD21C} - \dc57f25d-c836-4a31-92d0-fbcb80314db7-4 No Task File <==== ATTENTION
Task: {46F50328-F420-44FA-B237-240A5F6CBEA8} - \globalUpdateUpdateTaskMachineCore No Task File <==== ATTENTION
Task: {471ADCE0-FAC1-43F2-8A3C-AECD1640C6D0} - \dc57f25d-c836-4a31-92d0-fbcb80314db7-6 No Task File <==== ATTENTION
Task: {4D482348-C942-41B2-BE58-166F0A3946BD} - System32\Tasks\MakeMarkerFile => %ProgramData%\MakeMarkerFile.exe
Task: {4F3AC4D2-720E-491F-80AD-1483114C4DCB} - \dc57f25d-c836-4a31-92d0-fbcb80314db7-1-6 No Task File <==== ATTENTION
Task: {5475F3A5-F071-450A-A0CB-E4AE189DF968} - System32\Tasks\wp_update => C:\Users\tristan\AppData\Roaming\~ujoznqt.exe [2014-04-07] () <==== ATTENTION
Task: {69E07F46-10E7-4C8F-8B1A-FCE0AB921EAF} - System32\Tasks\PC-Mechanic Subscription => C:\Program Files (x86)\Uniblue\PC-Mechanic\pc-mechanic.exe
Task: {75421ECD-6220-4F7F-926B-4AB239E5A569} - System32\Tasks\PC-Mechanic Maintenance => C:\Program Files (x86)\Uniblue\PC-Mechanic\pc-mechanic.exe
Task: {81BA49E6-3D17-46F4-9113-5E6648DB59A2} - \dc57f25d-c836-4a31-92d0-fbcb80314db7-10_user No Task File <==== ATTENTION
Task: {9E36E1A8-82E2-4EAE-BBB4-B98316A17B04} - \globalUpdateUpdateTaskMachineUA No Task File <==== ATTENTION
Task: {AE2684C9-A9BE-4D6A-86F8-3C535B49D87F} - System32\Tasks\SmartWeb Upgrade Trigger Task => C:\Users\tristan\AppData\Local\SmartWeb\SmartWebHelper.exe [2015-02-17] (SoftBrain Technologies Ltd.) <==== ATTENTION
Task: {B00F8EBD-E4B3-4F0E-A2BF-669CD0F2AFED} - \dc57f25d-c836-4a31-92d0-fbcb80314db7-5 No Task File <==== ATTENTION
Task: {C2E25587-239D-4428-A55D-C5C3727BF22C} - System32\Tasks\WebBarUpdateTask => C:\Program Files\WebBar\wbsvc.exe
Task: {D54775A5-70D6-436D-9FA1-CFF57C65F735} - System32\Tasks\Bidaily Synchronize Task[3c32] => c:\programdata\{f9cac697-f207-3402-f9ca-ac697f201a5f}\hqghumeaylnlf.exe [2014-06-08] (PC Utilities Software Limited) <==== ATTENTION
Task: C:\WINDOWS\Tasks\Bidaily Synchronize Task[3c32].job => c:\programdata\{f9cac697-f207-3402-f9ca-ac697f201a5f}\hqghumeaylnlf.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Bidaily Synchronize Task[74c7].job => c:\programdata\{1249f7b8-06b7-ef5c-1249-9f7b806bdee0}\hqghumeaylnlf.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Crossbrowse.job => C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe <==== ATTENTION


HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\gmsd_gb_400 => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SmartWeb => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\gmsd_gb_415 => value removed successfully
HKU\S-1-5-21-2830974330-3213038589-3334289725-1001\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_D8D77B87963F80C1473F0A195EEE261F => value removed successfully
C:\Users\tristan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\crossbrowse.lnk => moved successfully.
C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe not found.
C:\Users\tristan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SmartWeb.lnk => moved successfully.
C:\Users\tristan\AppData\Local\SmartWeb\SmartWebHelper.exe => moved successfully.
C:\Users\tristan\AppData\Local\Google\Chrome\User Data\Default\Extensions\johdeoloijidhejmalfkpchbihbiamph => moved successfully.
kysykiti => Service not found.
lxqvbcbiws32 => Unable to stop service.
lxqvbcbiws32 => Service removed successfully
xoperoze => Service removed successfully
zedepory => Unable to stop service.
zedepory => Service removed successfully
Update Hatchiho => Service removed successfully
Util Hatchiho => Service removed successfully
xexojiro => Unable to stop service.
xexojiro => Service removed successfully
{13cb33a3-9c32-487e-92e6-95ade4c01500}Gw64 => Unable to stop service.
{13cb33a3-9c32-487e-92e6-95ade4c01500}Gw64 => Service removed successfully
cherimoya => Service removed successfully
innfd_1_10_0_14 => Unable to stop service.
innfd_1_10_0_14 => Service removed successfully
C:\Users\tristan\AppData\Roaming\wp_update => moved successfully.
C:\Users\tristan\Downloads\ChromeSetup(1).exe => moved successfully.
C:\Users\tristan\Downloads\ChromeSetup.exe => moved successfully.
C:\Users\tristan\Downloads\adwcleaner_4.206.exe => moved successfully.
C:\Users\tristan\AppData\Local\nsl922A.tmp => moved successfully.
C:\WINDOWS\SysWOW64\029B560A371F4E00AB32838EBC01B9E7 => moved successfully.
C:\WINDOWS\System32\Tasks\WebBarUpdateTask => moved successfully.
C:\WINDOWS\System32\Tasks\WebBarLaunchTask => moved successfully.
C:\WINDOWS\system32\Drivers\{13cb33a3-9c32-487e-92e6-95ade4c01500}Gw64.sys => moved successfully.
C:\WINDOWS\Tasks\Crossbrowse.job => moved successfully.
C:\WINDOWS\System32\Tasks\Crossbrowse => moved successfully.
C:\Users\tristan\AppData\Local\Crossbrowse => moved successfully.
C:\Users\Mickeal\AppData\Local\Crossbrowse => moved successfully.
C:\Users\Default\AppData\Local\Crossbrowse => moved successfully.
"C:\Users\Default User\AppData\Local\Crossbrowse" => File/Folder not found.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossbrowse => moved successfully.

"C:\Users\tristan\AppData\Local\SmartWeb" folder move:

Could not move "C:\Users\tristan\AppData\Local\SmartWeb" folder => Scheduled to move on reboot.

C:\WINDOWS\System32\Tasks\SmartWeb Upgrade Trigger Task => moved successfully.
C:\Users\tristan\AppData\Local\0C3A8D97-1433776418-E211-9E12-2089841A8360 => moved successfully.
C:\Users\tristan\AppData\Roaming\0C3A8D97-1433768947-E211-9E12-2089841A8360 => moved successfully.
C:\Users\tristan\AppData\Roaming\0C3A8D97-1433768944-E211-9E12-2089841A8360 => moved successfully.
C:\WINDOWS\system32\Drivers\etc\hp.bak => moved successfully.
C:\Program Files\shopperz => moved successfully.
C:\Users\tristan\Downloads\SpyHunter-Installer.exe => moved successfully.
C:\ProgramData\424a35c60000319c => moved successfully.
C:\Users\tristan\Desktop\Continue GamesDesktop Uninstaller.lnk => moved successfully.
C:\WINDOWS\SysWOW64\First Verify => moved successfully.
C:\WINDOWS\Tasks\Bidaily Synchronize Task[74c7].job => moved successfully.
C:\WINDOWS\Tasks\Bidaily Synchronize Task[3c32].job => moved successfully.
C:\ProgramData\{f9cac697-f207-3402-f9ca-ac697f201a5f} => moved successfully.
C:\ProgramData\{1249f7b8-06b7-ef5c-1249-9f7b806bdee0} => moved successfully.
C:\ProgramData\FlashBeat => moved successfully.
C:\Program Files\13 => moved successfully.
C:\Program Files\015 => moved successfully.
C:\Windows\Temp\uo124.exe => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0DE73DFE-4A44-4739-8448-919D8AF54DF4}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0DE73DFE-4A44-4739-8448-919D8AF54DF4}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\dc57f25d-c836-4a31-92d0-fbcb80314db7-3" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0FAFF6BB-4933-4E64-9D7A-266F965E5763}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0FAFF6BB-4933-4E64-9D7A-266F965E5763}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\dc57f25d-c836-4a31-92d0-fbcb80314db7-7" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{10A9B107-7F95-48A7-8B45-848148A63223}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{10A9B107-7F95-48A7-8B45-848148A63223}" => key removed successfully
C:\Windows\System32\Tasks\Crossbrowse not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Crossbrowse" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1BE6599C-1477-48C2-829B-751DE8599A7C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1BE6599C-1477-48C2-829B-751DE8599A7C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DealPly" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{29EB5ED7-3167-4420-A940-7656F5A61CCB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{29EB5ED7-3167-4420-A940-7656F5A61CCB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\dc57f25d-c836-4a31-92d0-fbcb80314db7-1-7" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2F0A1F43-C327-4164-84B4-4819F993821A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2F0A1F43-C327-4164-84B4-4819F993821A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\dc57f25d-c836-4a31-92d0-fbcb80314db7-5_user" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2F182271-B656-4BEA-B0E4-8ABB7C799F07}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2F182271-B656-4BEA-B0E4-8ABB7C799F07}" => key removed successfully
C:\Windows\System32\Tasks\WebBarLaunchTask not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WebBarLaunchTask" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2F20DB9E-9D53-4CE5-86F3-41F750058468}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2F20DB9E-9D53-4CE5-86F3-41F750058468}" => key removed successfully
C:\Windows\System32\Tasks\PC-Mechanic Startup => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PC-Mechanic Startup" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3C2A18ED-AF8D-4160-8751-3387D619DD92}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3C2A18ED-AF8D-4160-8751-3387D619DD92}" => key removed successfully
C:\Windows\System32\Tasks\Bidaily Synchronize Task[74c7] => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Bidaily Synchronize Task[74c7]" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{41525B6C-6FA1-4A7C-92D1-E013787FD21C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{41525B6C-6FA1-4A7C-92D1-E013787FD21C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\dc57f25d-c836-4a31-92d0-fbcb80314db7-4" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{46F50328-F420-44FA-B237-240A5F6CBEA8}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{46F50328-F420-44FA-B237-240A5F6CBEA8}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineCore" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{471ADCE0-FAC1-43F2-8A3C-AECD1640C6D0}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{471ADCE0-FAC1-43F2-8A3C-AECD1640C6D0}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\dc57f25d-c836-4a31-92d0-fbcb80314db7-6" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4D482348-C942-41B2-BE58-166F0A3946BD} => key not found.
C:\Windows\System32\Tasks\MakeMarkerFile not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\MakeMarkerFile => key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4F3AC4D2-720E-491F-80AD-1483114C4DCB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4F3AC4D2-720E-491F-80AD-1483114C4DCB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\dc57f25d-c836-4a31-92d0-fbcb80314db7-1-6" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5475F3A5-F071-450A-A0CB-E4AE189DF968}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5475F3A5-F071-450A-A0CB-E4AE189DF968}" => key removed successfully
C:\Windows\System32\Tasks\wp_update => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\wp_update" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{69E07F46-10E7-4C8F-8B1A-FCE0AB921EAF}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{69E07F46-10E7-4C8F-8B1A-FCE0AB921EAF}" => key removed successfully
C:\Windows\System32\Tasks\PC-Mechanic Subscription => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PC-Mechanic Subscription" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{75421ECD-6220-4F7F-926B-4AB239E5A569}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{75421ECD-6220-4F7F-926B-4AB239E5A569}" => key removed successfully
C:\Windows\System32\Tasks\PC-Mechanic Maintenance => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PC-Mechanic Maintenance" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{81BA49E6-3D17-46F4-9113-5E6648DB59A2}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{81BA49E6-3D17-46F4-9113-5E6648DB59A2}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\dc57f25d-c836-4a31-92d0-fbcb80314db7-10_user" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9E36E1A8-82E2-4EAE-BBB4-B98316A17B04}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9E36E1A8-82E2-4EAE-BBB4-B98316A17B04}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineUA" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AE2684C9-A9BE-4D6A-86F8-3C535B49D87F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AE2684C9-A9BE-4D6A-86F8-3C535B49D87F}" => key removed successfully
C:\Windows\System32\Tasks\SmartWeb Upgrade Trigger Task not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SmartWeb Upgrade Trigger Task" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B00F8EBD-E4B3-4F0E-A2BF-669CD0F2AFED}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B00F8EBD-E4B3-4F0E-A2BF-669CD0F2AFED}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\dc57f25d-c836-4a31-92d0-fbcb80314db7-5" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C2E25587-239D-4428-A55D-C5C3727BF22C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C2E25587-239D-4428-A55D-C5C3727BF22C}" => key removed successfully
C:\Windows\System32\Tasks\WebBarUpdateTask not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WebBarUpdateTask" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D54775A5-70D6-436D-9FA1-CFF57C65F735}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D54775A5-70D6-436D-9FA1-CFF57C65F735}" => key removed successfully
C:\Windows\System32\Tasks\Bidaily Synchronize Task[3c32] => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Bidaily Synchronize Task[3c32]" => key removed successfully
C:\WINDOWS\Tasks\Bidaily Synchronize Task[3c32].job not found.
C:\WINDOWS\Tasks\Bidaily Synchronize Task[74c7].job not found.
C:\WINDOWS\Tasks\Crossbrowse.job not found.

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-06-13 16:02:37)<=

C:\Users\tristan\AppData\Local\SmartWeb => moved successfully

End of Fixlog 16:02:41

0
Réponse 6 / 8
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 627
14 juin 2015 à 19:53
ok, voici la suite :

Malwarebytes (temps : environ 40min de scan):
==================================================
Télécharge et installe Malwarebyte : https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
Mets le à jour puis lance un examen.

A la fin du scan, clic sur "Supprimer Selection" en bas à gauche.
Redémarre l'ordinateur si besoin.
Aprà¨s redémarrage, relance Malwarebytes.
Vas chercher le rapport dans l'onglet Historique.
A gauche Journal des examens.
Doube-clic sur l'examen dans la liste.
Puis en bas Copier dans le presse papier
Vas sur http://pjjoint.malekal.com et en bas, clic droit / coller pour coller le rapport du scan Malwarebytes.
Clic sur envoyer.
Dans un nouveau message ici en réponse, donne le lien pjjoint afin de pouvoir consulter le rapport.


0
Réponse 7 / 8
febutox Messages postés 7 Date d'inscription jeudi 11 juin 2015 Statut Membre Dernière intervention 14 juin 2015 1
14 juin 2015 à 22:14
J'ai deux examens dans la liste en question :

- Protection log :
https://pjjoint.malekal.com/files.php?id=20150614_y14j12v7x9e7

- Scan log :
https://pjjoint.malekal.com/files.php?id=20150614_b10v5t119t9
0
Réponse 8 / 8
febutox Messages postés 7 Date d'inscription jeudi 11 juin 2015 Statut Membre Dernière intervention 14 juin 2015 1
14 juin 2015 à 22:16
Je rajoute juste que le j'ai cliquer sur "supprimer sélection" après le scan comme vous me l'avez indiquer mais le logiciel l'a juste mis en quarantaine, doit-je insister pour tout supprimer ?
0
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 627
15 juin 2015 à 09:58
il reste quel problème ?
0
febutox
Modifié par febutox le 16/06/2015 à 20:47
La totalité :/ j'ai toujours les pubs incessante, l'alerte de virus qui reviens a l'ouverture régulière de certaines pages, c'est peut être un peu mieux au niveau rapidité mais c'est tout... :/

Merci du temps pris pour m'aider dans tout les cas ! Mais auriez vous une solution autre ? ^^
0
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 627
16 juin 2015 à 21:01
sur quel navigateur WEB ?
0