Faux Adobe flash player
Résolu/Fermé
Ayane57
Messages postés
19
Date d'inscription
dimanche 28 juin 2015
Statut
Membre
Dernière intervention
20 juillet 2015
-
Modifié par baladur13 le 28/06/2015 à 19:00
Ayane57 Messages postés 19 Date d'inscription dimanche 28 juin 2015 Statut Membre Dernière intervention 20 juillet 2015 - 28 juin 2015 à 23:20
Ayane57 Messages postés 19 Date d'inscription dimanche 28 juin 2015 Statut Membre Dernière intervention 20 juillet 2015 - 28 juin 2015 à 23:20
A voir également:
- Faux Adobe flash player
- Adobe shockwave player - Télécharger - Divers Web & Internet
- Adobe acrobat - Guide
- Adobe flash player 2023 - Télécharger - Divers Web & Internet
- Flash drive tester - Télécharger - Divers Utilitaires
- Télécharger adobe reader 9.1 français gratuit - Télécharger - PDF
6 réponses
Utilisateur anonyme
Modifié par HOMBOURGEOIS le 28/06/2015 à 17:54
Modifié par HOMBOURGEOIS le 28/06/2015 à 17:54
Pas bonjour non plus !!!!
tu clic sur le lien en bleu de TON MESSAGE pour avoir le VRAI Flash Player..........
tu clic sur le lien en bleu de TON MESSAGE pour avoir le VRAI Flash Player..........
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 661
28 juin 2015 à 18:48
28 juin 2015 à 18:48
Salut,
Tu as installé des adwares et programmes parasites sur ton PC qui ouvrent des publicités et ralentissent l'ordinateur et les navigateurs WEB.
Voici la procédure à suivre pour les supprimer :
Commence par ceci :
Suis le tutorial AdwCleaner https://www.malekal.com/adwcleaner-supprimer-virus-adwares-pup/?t=33839&start= ( d'Xplode )
Télécharge le sur ton bureau ou dossier de téléchargement.
Lance AdwCleaner, clique sur [Scanner].
L'analyse peux durer plusieurs minutes, patiente.
Une fois le scan terminé, ne décoche rien, clique sur [Nettoyer]
Une fois le nettoyage terminé, un rapport s'ouvrira. Copie/colle le contenu du rapport dans ta prochaine réponse par un copier/coller.
Si cela ne fonctionne pas, utilise le site http://pjjoint.malekal.com pour héberger le rapport, donne le lien du rapport dans un nouveau message.
Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt
puis :
Suis ce tutoriel FRST: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/
(et bien prendre le temps de lire afin d'appliquer correctement - tout y est expliqué).
Télécharge et lance le scan FRST, cela va générer trois rapports FRST :
Envoie, comme expliqué, ces trois rapports sur le site http://pjjoint.malekal.com et en retour donne les trois liens pjjoint qui mènent à ses rapports ici dans une nouvelle réponse afin que l'on puisse les consulter.
Tu as installé des adwares et programmes parasites sur ton PC qui ouvrent des publicités et ralentissent l'ordinateur et les navigateurs WEB.
Voici la procédure à suivre pour les supprimer :
Commence par ceci :
Suis le tutorial AdwCleaner https://www.malekal.com/adwcleaner-supprimer-virus-adwares-pup/?t=33839&start= ( d'Xplode )
Télécharge le sur ton bureau ou dossier de téléchargement.
Lance AdwCleaner, clique sur [Scanner].
L'analyse peux durer plusieurs minutes, patiente.
Une fois le scan terminé, ne décoche rien, clique sur [Nettoyer]
Une fois le nettoyage terminé, un rapport s'ouvrira. Copie/colle le contenu du rapport dans ta prochaine réponse par un copier/coller.
Si cela ne fonctionne pas, utilise le site http://pjjoint.malekal.com pour héberger le rapport, donne le lien du rapport dans un nouveau message.
Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt
puis :
Suis ce tutoriel FRST: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/
(et bien prendre le temps de lire afin d'appliquer correctement - tout y est expliqué).
Télécharge et lance le scan FRST, cela va générer trois rapports FRST :
- FRST.txt
- Shortcut.txt
- Additionnal.txt
Envoie, comme expliqué, ces trois rapports sur le site http://pjjoint.malekal.com et en retour donne les trois liens pjjoint qui mènent à ses rapports ici dans une nouvelle réponse afin que l'on puisse les consulter.
Ayane57
Messages postés
19
Date d'inscription
dimanche 28 juin 2015
Statut
Membre
Dernière intervention
20 juillet 2015
28 juin 2015 à 18:57
28 juin 2015 à 18:57
# AdwCleaner v4.207 - Rapport créé le 28/06/2015 à 18:54:06
# Mis à jour le 21/06/2015 par Xplode
# Base de données : 2015-06-21.1 [Locale]
# Système d'exploitation : Windows 8.1 (x64)
# Nom d'utilisateur : Gaëlle - ORDI-DE-GAËLLE
# Exécuté depuis : C:\Users\Gaëlle\Downloads\adwcleaner_4.207.exe
# Option : Nettoyer
Dossier Supprimé : C:\Users\Gaëlle\AppData\Local\34444335-1425673717-3031-5348-A01D48E633F8
Donnée Supprimée : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - hxxp=127.0.0.1:55911;hxxps=127.0.0.1:55911
Donnée Supprimée : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyEnable] - 1
Donnée Supprimée : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>
-\\ Internet Explorer v11.0.9600.17840
-\\ Google Chrome v43.0.2357.124
AdwCleaner[R2].txt - [24713 octets] - [28/06/2015 17:57:44]
AdwCleaner[R3].txt - [1605 octets] - [28/06/2015 18:51:23]
AdwCleaner[S2].txt - [20914 octets] - [28/06/2015 18:11:21]
AdwCleaner[S3].txt - [1302 octets] - [28/06/2015 18:54:06]
########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1362 octets] ##########
# Mis à jour le 21/06/2015 par Xplode
# Base de données : 2015-06-21.1 [Locale]
# Système d'exploitation : Windows 8.1 (x64)
# Nom d'utilisateur : Gaëlle - ORDI-DE-GAËLLE
# Exécuté depuis : C:\Users\Gaëlle\Downloads\adwcleaner_4.207.exe
# Option : Nettoyer
- [ Services ] *****
- [ Fichiers / Dossiers ] *****
Dossier Supprimé : C:\Users\Gaëlle\AppData\Local\34444335-1425673717-3031-5348-A01D48E633F8
- [ Tâches planifiées ] *****
- [ Raccourcis ] *****
- [ Registre ] *****
Donnée Supprimée : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - hxxp=127.0.0.1:55911;hxxps=127.0.0.1:55911
Donnée Supprimée : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyEnable] - 1
Donnée Supprimée : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>
- [ Navigateurs ] *****
-\\ Internet Explorer v11.0.9600.17840
-\\ Google Chrome v43.0.2357.124
AdwCleaner[R2].txt - [24713 octets] - [28/06/2015 17:57:44]
AdwCleaner[R3].txt - [1605 octets] - [28/06/2015 18:51:23]
AdwCleaner[S2].txt - [20914 octets] - [28/06/2015 18:11:21]
AdwCleaner[S3].txt - [1302 octets] - [28/06/2015 18:54:06]
########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1362 octets] ##########
Ayane57
Messages postés
19
Date d'inscription
dimanche 28 juin 2015
Statut
Membre
Dernière intervention
20 juillet 2015
28 juin 2015 à 19:46
28 juin 2015 à 19:46
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 661
28 juin 2015 à 20:17
28 juin 2015 à 20:17
Voici la correction à effectuer avec FRST.
Tu peux t'inspirer de cette note explicative avec des captures d'écran pour t'aider: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/#fix
Ouvre le bloc-notes : Touche Windows + R, dans le champs executer, tape notepad et OK.
Copie/colle dedans ce qui suit :
HKLM\...\Run: [3D BubbleSound] => C:\Program Files\BubbleSound\3D BubbleSound.exe
HKLM-x32\...\Run: [fst_fr_260] => [X]
HKLM-x32\...\Run: [gmsd_fr_222] => [X]
HKLM-x32\...\Run: [gmsd_fr_223] => [X]
HKLM-x32\...\Run: [gmsd_fr_281] => [X]
HKLM-x32\...\Run: [gmsd_fr_286] => [X]
HKU\S-1-5-21-1157967581-465240069-248814341-1002\...\Run: [GoogleChromeAutoLaunch_89DCA7CA2EE6AB4F01F2CD9F002CB475] => C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe --no-startup-window
AppInit_DLLs-x32: c:\users\gaëlle\appdata\local\ap\mtresources\btmn.dll => c:\users\gaëlle\appdata\local\ap\mtresources\btmn.dll File not found
Startup: C:\Users\Gaëlle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\setup.lnk [2015-02-18]
ShortcutTarget: setup.lnk -> C:\ProgramData\{f680bb08-c025-69f3-f680-0bb08c02ec23}\setup.exe (No File)
HKU\S-1-5-21-1157967581-465240069-248814341-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled
ProxyServer: [.DEFAULT] => http=127.0.0.1:55911;https=127.0.0.1:55911 [Attention - Possible Proxy Malicieux]
R2 bohosuky; C:\Users\Gaëlle\AppData\Roaming\34444335-1425669790-3031-5348-A01D48E633F8\jnsaAFD3.tmp [194048 2015-03-06] () [File not signed]
R2 myah; c:\windows\myah.exe [408576 2015-06-26] () [File not signed]
R2 voxilyni; C:\Users\Gaëlle\AppData\Roaming\34444335-1424209650-3031-5348-A01D48E633F8\nsf6EE8.tmp [223744 2015-02-18] () [File not signed]
2015-06-28 19:23 - 2015-06-28 19:23 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (27).website
2015-06-28 18:50 - 2015-06-28 18:50 - 02244096 _____ C:\Users\Gaëlle\Downloads\adwcleaner_4.207.exe
2015-06-28 18:38 - 2015-06-28 18:38 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (26).website
2015-06-28 17:56 - 2015-06-28 17:57 - 02244096 _____ C:\Users\Gaëlle\Downloads\AdwCleaner-4.207.exe
2015-06-28 17:55 - 2015-06-28 17:56 - 18411184 _____ (Adobe Systems Incorporated) C:\Users\Gaëlle\Downloads\install_flash_player (4).exe
2015-06-28 17:42 - 2015-06-28 17:42 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (25).website
2015-06-28 16:42 - 2015-06-28 16:42 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (24).website
2015-06-28 15:03 - 2015-06-28 15:03 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (23).website
2015-06-28 15:00 - 2015-06-28 15:00 - 18411184 _____ (Adobe Systems Incorporated) C:\Users\Gaëlle\Downloads\install_flash_player (3).exe
2015-06-28 14:59 - 2015-06-28 14:59 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (22).website
2015-06-28 14:21 - 2015-06-28 14:21 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (21).website
2015-06-27 22:35 - 2015-06-27 22:35 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (20).website
2015-06-27 19:02 - 2015-06-27 19:02 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (19).website
2015-06-27 13:32 - 2015-06-27 13:32 - 00562272 _____ (Oracle Corporation) C:\Users\Gaëlle\Downloads\chromeinstall-8u45.exe
2015-06-26 21:22 - 2015-06-26 21:22 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (18).website
2015-06-26 21:21 - 2015-06-26 21:22 - 18411184 _____ (Adobe Systems Incorporated) C:\Users\Gaëlle\Downloads\install_flash_player (2).exe
2015-06-26 21:20 - 2015-06-26 21:20 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (17).website
2015-06-26 20:22 - 2015-06-26 20:22 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (16).website
2015-06-26 20:22 - 2015-06-26 20:22 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (15).website
2015-06-26 20:20 - 2015-06-26 20:20 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (14).website
2015-06-26 20:19 - 2015-06-26 20:19 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (13).website
2015-06-26 20:19 - 2015-06-26 20:19 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (12).website
2015-06-26 20:18 - 2015-06-26 20:18 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (11).website
2015-06-26 20:18 - 2015-06-26 20:18 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (10).website
2015-06-26 20:15 - 2015-06-26 20:15 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (9).website
2015-06-26 20:15 - 2015-06-26 20:15 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (8).website
2015-06-26 20:14 - 2015-06-26 20:14 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (7).website
2015-06-26 20:06 - 2015-06-26 20:06 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (6).website
2015-06-26 17:34 - 2015-06-26 17:34 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (5).website
2015-06-26 17:34 - 2015-06-26 17:34 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (4).website
2015-06-26 16:26 - 2015-06-26 16:26 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (3).website
2015-06-26 16:22 - 2015-06-26 16:24 - 18411184 _____ (Adobe Systems Incorporated) C:\Users\Gaëlle\Downloads\install_flash_player (1).exe
2015-06-26 16:22 - 2015-06-26 16:22 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (2).website
2015-06-26 16:17 - 2015-06-26 16:17 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (1).website
2015-06-26 12:03 - 2015-06-26 12:04 - 18411184 _____ (Adobe Systems Incorporated) C:\Users\Gaëlle\Downloads\install_flash_player.exe
2015-06-26 12:02 - 2015-06-26 12:02 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup .website
2015-06-26 11:39 - 2015-06-26 11:39 - 00001032 _____ C:\Windows\Tasks\2V4M6AT8RsORJ.job
2015-06-26 11:39 - 2015-06-26 11:39 - 00000000 ____D C:\Users\Gaëlle\AppData\Local\com
2015-06-26 11:38 - 2015-06-26 11:38 - 00001056 _____ C:\Windows\Tasks\cA5Wk0OqyfTlmeAqjL789bE7H.job
2015-06-26 11:34 - 2015-06-26 11:34 - 00001024 _____ C:\Windows\Tasks\cuhk5SJ0s.job
2015-06-26 11:32 - 2015-06-26 11:32 - 00631808 _____ C:\Windows\yah.dat
2015-06-26 11:31 - 2015-06-26 11:32 - 00408576 _____ C:\Windows\myah.exe
2015-06-26 11:31 - 2015-06-26 11:31 - 00417792 _____ C:\Windows\yah.exe
2015-06-26 11:11 - 2015-06-26 11:11 - 00001024 _____ C:\Windows\Tasks\PjEnVpeTX.job
2015-06-10 19:28 - 2015-06-10 19:28 - 00000000 _____ C:\Users\Gaëlle\AppData\Local\Temp.dat
2015-06-10 19:18 - 2015-06-28 14:11 - 00000024 _____ C:\Users\Gaëlle\AppData\Roaming\appdataFr25.bin
2015-06-10 18:55 - 2015-06-28 18:55 - 00000384 _____ C:\Windows\Tasks\BugBreaker.job
2015-06-10 18:55 - 2015-06-10 18:55 - 00003272 _____ C:\Windows\System32\Tasks\BugBreaker
R2 yah; c:\windows\yah.exe [417792 2015-06-26] () [File not signed]
R2 zugowexi; C:\Users\Gaëlle\AppData\Roaming\34444335-1425669790-3031-5348-A01D48E633F8\nsjB6DA.tmp [140800 2015-03-08] () [File not signed]
2015-06-13 10:07 - 2015-02-17 22:47 - 00000000 ____D C:\Users\Gaëlle\AppData\Roaming\34444335-1424209650-3031-5348-A01D48E633F8
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Gaëlle\AppData\Roaming\2V4M6AT8RsORJ
2015-04-20 16:05 - 2015-04-20 16:05 - 1579520 _____ () C:\Users\Gaëlle\AppData\Roaming\2V4M6AT8RsORJ.exe
2015-06-10 19:18 - 2015-06-28 14:11 - 0000024 _____ () C:\Users\Gaëlle\AppData\Roaming\appdataFr25.bin
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Gaëlle\AppData\Roaming\cA5Wk0OqyfTlmeAqjL789bE7H
2015-04-20 16:05 - 2015-04-20 16:05 - 1579520 _____ () C:\Users\Gaëlle\AppData\Roaming\cA5Wk0OqyfTlmeAqjL789bE7H.exe
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Gaëlle\AppData\Roaming\cuhk5SJ0s
2015-04-20 16:05 - 2015-04-20 16:05 - 1579520 _____ () C:\Users\Gaëlle\AppData\Roaming\cuhk5SJ0s.exe
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Gaëlle\AppData\Roaming\PjEnVpeTX
2015-04-20 16:05 - 2015-04-20 16:05 - 1579520 _____ () C:\Users\Gaëlle\AppData\Roaming\PjEnVpeTX.exe
2015-03-06 21:53 - 2015-03-06 21:52 - 0613255 _____ (CMI Limited) C:\Users\Gaëlle\AppData\Local\nst5C96.tmp
2015-02-17 23:29 - 2015-02-17 23:29 - 0613057 _____ (CMI Limited) C:\Users\Gaëlle\AppData\Local\nst70FD.tmp
2014-08-30 11:37 - 2014-09-20 18:09 - 0000003 _____ () C:\Users\Gaëlle\AppData\Local\proxy.log
Task: C:\Windows\Tasks\2V4M6AT8RsORJ.job => C:\Users\Gaýÿlle\AppData\Roaming\2V4M6AT8RsORJ.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\BugBreaker.job => c:\programdata\{af2375e8-dd4e-acec-af23-375e8dd4d7a3}\304289954930156690e.exe <==== ATTENTION
Task: C:\Windows\Tasks\cA5Wk0OqyfTlmeAqjL789bE7H.job => C:\Users\Gaýÿlle\AppData\Roaming\cA5Wk0OqyfTlmeAqjL789bE7H.exe <==== ATTENTION
Task: C:\Windows\Tasks\cuhk5SJ0s.job => C:\Users\Gaýÿlle\AppData\Roaming\cuhk5SJ0s.exe <==== ATTENTION
Task: C:\Windows\Tasks\PjEnVpeTX.job => C:\Users\Gaýÿlle\AppData\Roaming\PjEnVpeTX.exe <==== ATTENTION
Task: {519ECFDC-38B7-42CD-8A4D-DCDFF9F31B90} - System32\Tasks\BugBreaker => c:\programdata\{af2375e8-dd4e-acec-af23-375e8dd4d7a3}\304289954930156690e.exe <==== ATTENTION
Task: {8186F189-87E2-468F-A91E-4928041522A9} - System32\Tasks\{C2D5B3BD-792B-4EF5-A08C-44BA94E6D386} => pcalua.exe -a C:\Users\Gaëlle\AppData\Roaming\istartsurf\UninstallManager.exe -c -ptid=tugs
Task: {A59F373B-714A-440D-AEF2-AFC490B53B33} - System32\Tasks\BrowserSafeguard => C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe <==== ATTENTION
2015-06-26 11:31 - 2015-06-26 11:32 - 00408576 _____ () c:\windows\myah.exe
2015-06-26 11:31 - 2015-06-26 11:31 - 00417792 _____ () c:\windows\yah.exe
Une fois, le texte coller dans le bloc-note.
Menu Fichier puis Enregistrer sous.
A gauche, place toi sur le bureau.
Dans le champs en bas, nom du fichier mets : fixlist.txt
Clic sur Enregistrer - cela va créer un fichier fixlist.txt sur le bureau.
Relance FRST et clic sur le bouton Fix
Selon comment un redémarrage est nécessaire (pas obligatoire).
Un fichier texte apparaà®t, copie/colle le contenu ici dans un nouveau message.
Redémarre l'ordinateur
puis réinitialise tes navigateurs:
==================================
Réinitialise tes navigateurs et ou manuellement reparamètre tes navigateurs WEB (page de démarrage, moteur de recherche etc) mais aussi supprimer/désactiver les extensions inutiles/parasites :
et enfin :
Installe Avast! : https://www.malekal.com/tutoriel-antivirus-avast/
Surtout active les détections LPIs.
Tu peux t'inspirer de cette note explicative avec des captures d'écran pour t'aider: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/#fix
Ouvre le bloc-notes : Touche Windows + R, dans le champs executer, tape notepad et OK.
Copie/colle dedans ce qui suit :
HKLM\...\Run: [3D BubbleSound] => C:\Program Files\BubbleSound\3D BubbleSound.exe
HKLM-x32\...\Run: [fst_fr_260] => [X]
HKLM-x32\...\Run: [gmsd_fr_222] => [X]
HKLM-x32\...\Run: [gmsd_fr_223] => [X]
HKLM-x32\...\Run: [gmsd_fr_281] => [X]
HKLM-x32\...\Run: [gmsd_fr_286] => [X]
HKU\S-1-5-21-1157967581-465240069-248814341-1002\...\Run: [GoogleChromeAutoLaunch_89DCA7CA2EE6AB4F01F2CD9F002CB475] => C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe --no-startup-window
AppInit_DLLs-x32: c:\users\gaëlle\appdata\local\ap\mtresources\btmn.dll => c:\users\gaëlle\appdata\local\ap\mtresources\btmn.dll File not found
Startup: C:\Users\Gaëlle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\setup.lnk [2015-02-18]
ShortcutTarget: setup.lnk -> C:\ProgramData\{f680bb08-c025-69f3-f680-0bb08c02ec23}\setup.exe (No File)
HKU\S-1-5-21-1157967581-465240069-248814341-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled
ProxyServer: [.DEFAULT] => http=127.0.0.1:55911;https=127.0.0.1:55911 [Attention - Possible Proxy Malicieux]
R2 bohosuky; C:\Users\Gaëlle\AppData\Roaming\34444335-1425669790-3031-5348-A01D48E633F8\jnsaAFD3.tmp [194048 2015-03-06] () [File not signed]
R2 myah; c:\windows\myah.exe [408576 2015-06-26] () [File not signed]
R2 voxilyni; C:\Users\Gaëlle\AppData\Roaming\34444335-1424209650-3031-5348-A01D48E633F8\nsf6EE8.tmp [223744 2015-02-18] () [File not signed]
2015-06-28 19:23 - 2015-06-28 19:23 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (27).website
2015-06-28 18:50 - 2015-06-28 18:50 - 02244096 _____ C:\Users\Gaëlle\Downloads\adwcleaner_4.207.exe
2015-06-28 18:38 - 2015-06-28 18:38 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (26).website
2015-06-28 17:56 - 2015-06-28 17:57 - 02244096 _____ C:\Users\Gaëlle\Downloads\AdwCleaner-4.207.exe
2015-06-28 17:55 - 2015-06-28 17:56 - 18411184 _____ (Adobe Systems Incorporated) C:\Users\Gaëlle\Downloads\install_flash_player (4).exe
2015-06-28 17:42 - 2015-06-28 17:42 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (25).website
2015-06-28 16:42 - 2015-06-28 16:42 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (24).website
2015-06-28 15:03 - 2015-06-28 15:03 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (23).website
2015-06-28 15:00 - 2015-06-28 15:00 - 18411184 _____ (Adobe Systems Incorporated) C:\Users\Gaëlle\Downloads\install_flash_player (3).exe
2015-06-28 14:59 - 2015-06-28 14:59 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (22).website
2015-06-28 14:21 - 2015-06-28 14:21 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (21).website
2015-06-27 22:35 - 2015-06-27 22:35 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (20).website
2015-06-27 19:02 - 2015-06-27 19:02 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (19).website
2015-06-27 13:32 - 2015-06-27 13:32 - 00562272 _____ (Oracle Corporation) C:\Users\Gaëlle\Downloads\chromeinstall-8u45.exe
2015-06-26 21:22 - 2015-06-26 21:22 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (18).website
2015-06-26 21:21 - 2015-06-26 21:22 - 18411184 _____ (Adobe Systems Incorporated) C:\Users\Gaëlle\Downloads\install_flash_player (2).exe
2015-06-26 21:20 - 2015-06-26 21:20 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (17).website
2015-06-26 20:22 - 2015-06-26 20:22 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (16).website
2015-06-26 20:22 - 2015-06-26 20:22 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (15).website
2015-06-26 20:20 - 2015-06-26 20:20 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (14).website
2015-06-26 20:19 - 2015-06-26 20:19 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (13).website
2015-06-26 20:19 - 2015-06-26 20:19 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (12).website
2015-06-26 20:18 - 2015-06-26 20:18 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (11).website
2015-06-26 20:18 - 2015-06-26 20:18 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (10).website
2015-06-26 20:15 - 2015-06-26 20:15 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (9).website
2015-06-26 20:15 - 2015-06-26 20:15 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (8).website
2015-06-26 20:14 - 2015-06-26 20:14 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (7).website
2015-06-26 20:06 - 2015-06-26 20:06 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (6).website
2015-06-26 17:34 - 2015-06-26 17:34 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (5).website
2015-06-26 17:34 - 2015-06-26 17:34 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (4).website
2015-06-26 16:26 - 2015-06-26 16:26 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (3).website
2015-06-26 16:22 - 2015-06-26 16:24 - 18411184 _____ (Adobe Systems Incorporated) C:\Users\Gaëlle\Downloads\install_flash_player (1).exe
2015-06-26 16:22 - 2015-06-26 16:22 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (2).website
2015-06-26 16:17 - 2015-06-26 16:17 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (1).website
2015-06-26 12:03 - 2015-06-26 12:04 - 18411184 _____ (Adobe Systems Incorporated) C:\Users\Gaëlle\Downloads\install_flash_player.exe
2015-06-26 12:02 - 2015-06-26 12:02 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup .website
2015-06-26 11:39 - 2015-06-26 11:39 - 00001032 _____ C:\Windows\Tasks\2V4M6AT8RsORJ.job
2015-06-26 11:39 - 2015-06-26 11:39 - 00000000 ____D C:\Users\Gaëlle\AppData\Local\com
2015-06-26 11:38 - 2015-06-26 11:38 - 00001056 _____ C:\Windows\Tasks\cA5Wk0OqyfTlmeAqjL789bE7H.job
2015-06-26 11:34 - 2015-06-26 11:34 - 00001024 _____ C:\Windows\Tasks\cuhk5SJ0s.job
2015-06-26 11:32 - 2015-06-26 11:32 - 00631808 _____ C:\Windows\yah.dat
2015-06-26 11:31 - 2015-06-26 11:32 - 00408576 _____ C:\Windows\myah.exe
2015-06-26 11:31 - 2015-06-26 11:31 - 00417792 _____ C:\Windows\yah.exe
2015-06-26 11:11 - 2015-06-26 11:11 - 00001024 _____ C:\Windows\Tasks\PjEnVpeTX.job
2015-06-10 19:28 - 2015-06-10 19:28 - 00000000 _____ C:\Users\Gaëlle\AppData\Local\Temp.dat
2015-06-10 19:18 - 2015-06-28 14:11 - 00000024 _____ C:\Users\Gaëlle\AppData\Roaming\appdataFr25.bin
2015-06-10 18:55 - 2015-06-28 18:55 - 00000384 _____ C:\Windows\Tasks\BugBreaker.job
2015-06-10 18:55 - 2015-06-10 18:55 - 00003272 _____ C:\Windows\System32\Tasks\BugBreaker
R2 yah; c:\windows\yah.exe [417792 2015-06-26] () [File not signed]
R2 zugowexi; C:\Users\Gaëlle\AppData\Roaming\34444335-1425669790-3031-5348-A01D48E633F8\nsjB6DA.tmp [140800 2015-03-08] () [File not signed]
2015-06-13 10:07 - 2015-02-17 22:47 - 00000000 ____D C:\Users\Gaëlle\AppData\Roaming\34444335-1424209650-3031-5348-A01D48E633F8
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Gaëlle\AppData\Roaming\2V4M6AT8RsORJ
2015-04-20 16:05 - 2015-04-20 16:05 - 1579520 _____ () C:\Users\Gaëlle\AppData\Roaming\2V4M6AT8RsORJ.exe
2015-06-10 19:18 - 2015-06-28 14:11 - 0000024 _____ () C:\Users\Gaëlle\AppData\Roaming\appdataFr25.bin
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Gaëlle\AppData\Roaming\cA5Wk0OqyfTlmeAqjL789bE7H
2015-04-20 16:05 - 2015-04-20 16:05 - 1579520 _____ () C:\Users\Gaëlle\AppData\Roaming\cA5Wk0OqyfTlmeAqjL789bE7H.exe
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Gaëlle\AppData\Roaming\cuhk5SJ0s
2015-04-20 16:05 - 2015-04-20 16:05 - 1579520 _____ () C:\Users\Gaëlle\AppData\Roaming\cuhk5SJ0s.exe
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Gaëlle\AppData\Roaming\PjEnVpeTX
2015-04-20 16:05 - 2015-04-20 16:05 - 1579520 _____ () C:\Users\Gaëlle\AppData\Roaming\PjEnVpeTX.exe
2015-03-06 21:53 - 2015-03-06 21:52 - 0613255 _____ (CMI Limited) C:\Users\Gaëlle\AppData\Local\nst5C96.tmp
2015-02-17 23:29 - 2015-02-17 23:29 - 0613057 _____ (CMI Limited) C:\Users\Gaëlle\AppData\Local\nst70FD.tmp
2014-08-30 11:37 - 2014-09-20 18:09 - 0000003 _____ () C:\Users\Gaëlle\AppData\Local\proxy.log
Task: C:\Windows\Tasks\2V4M6AT8RsORJ.job => C:\Users\Gaýÿlle\AppData\Roaming\2V4M6AT8RsORJ.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\BugBreaker.job => c:\programdata\{af2375e8-dd4e-acec-af23-375e8dd4d7a3}\304289954930156690e.exe <==== ATTENTION
Task: C:\Windows\Tasks\cA5Wk0OqyfTlmeAqjL789bE7H.job => C:\Users\Gaýÿlle\AppData\Roaming\cA5Wk0OqyfTlmeAqjL789bE7H.exe <==== ATTENTION
Task: C:\Windows\Tasks\cuhk5SJ0s.job => C:\Users\Gaýÿlle\AppData\Roaming\cuhk5SJ0s.exe <==== ATTENTION
Task: C:\Windows\Tasks\PjEnVpeTX.job => C:\Users\Gaýÿlle\AppData\Roaming\PjEnVpeTX.exe <==== ATTENTION
Task: {519ECFDC-38B7-42CD-8A4D-DCDFF9F31B90} - System32\Tasks\BugBreaker => c:\programdata\{af2375e8-dd4e-acec-af23-375e8dd4d7a3}\304289954930156690e.exe <==== ATTENTION
Task: {8186F189-87E2-468F-A91E-4928041522A9} - System32\Tasks\{C2D5B3BD-792B-4EF5-A08C-44BA94E6D386} => pcalua.exe -a C:\Users\Gaëlle\AppData\Roaming\istartsurf\UninstallManager.exe -c -ptid=tugs
Task: {A59F373B-714A-440D-AEF2-AFC490B53B33} - System32\Tasks\BrowserSafeguard => C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe <==== ATTENTION
2015-06-26 11:31 - 2015-06-26 11:32 - 00408576 _____ () c:\windows\myah.exe
2015-06-26 11:31 - 2015-06-26 11:31 - 00417792 _____ () c:\windows\yah.exe
Une fois, le texte coller dans le bloc-note.
Menu Fichier puis Enregistrer sous.
A gauche, place toi sur le bureau.
Dans le champs en bas, nom du fichier mets : fixlist.txt
Clic sur Enregistrer - cela va créer un fichier fixlist.txt sur le bureau.
Relance FRST et clic sur le bouton Fix
Selon comment un redémarrage est nécessaire (pas obligatoire).
Un fichier texte apparaà®t, copie/colle le contenu ici dans un nouveau message.
Redémarre l'ordinateur
puis réinitialise tes navigateurs:
==================================
Réinitialise tes navigateurs et ou manuellement reparamètre tes navigateurs WEB (page de démarrage, moteur de recherche etc) mais aussi supprimer/désactiver les extensions inutiles/parasites :
- Internet Explorer et modules complémentaires / moteurs de recherche : https://forum.malekal.com/viewtopic.php?t=41399&start=
- Firefox : https://www.malekal.com/reparer-firefox/?t=36057&start=
- Google Chrome : https://www.malekal.com/reparer-google-chrome/?t=35837&start=
et enfin :
Installe Avast! : https://www.malekal.com/tutoriel-antivirus-avast/
Surtout active les détections LPIs.
Ayane57
Messages postés
19
Date d'inscription
dimanche 28 juin 2015
Statut
Membre
Dernière intervention
20 juillet 2015
28 juin 2015 à 20:27
28 juin 2015 à 20:27
Fix result of Farbar Recovery Scan Tool (x64) Version:28-06-2015
Ran by Gaëlle at 2015-06-28 20:22:28 Run:1
Running from C:\Users\Gaëlle\Desktop
Loaded Profiles: Gaëlle (Available Profiles: Gaëlle)
Boot Mode: Normal
==============================================
fixlist content:
HKLM\...\Run: [3D BubbleSound] => C:\Program Files\BubbleSound\3D BubbleSound.exe
HKLM-x32\...\Run: [fst_fr_260] => [X]
HKLM-x32\...\Run: [gmsd_fr_222] => [X]
HKLM-x32\...\Run: [gmsd_fr_223] => [X]
HKLM-x32\...\Run: [gmsd_fr_281] => [X]
HKLM-x32\...\Run: [gmsd_fr_286] => [X]
HKU\S-1-5-21-1157967581-465240069-248814341-1002\...\Run: [GoogleChromeAutoLaunch_89DCA7CA2EE6AB4F01F2CD9F002CB475] => C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe --no-startup-window
AppInit_DLLs-x32: c:\users\gaëlle\appdata\local\ap\mtresources\btmn.dll => c:\users\gaëlle\appdata\local\ap\mtresources\btmn.dll File not found
Startup: C:\Users\Gaëlle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\setup.lnk [2015-02-18]
ShortcutTarget: setup.lnk -> C:\ProgramData\{f680bb08-c025-69f3-f680-0bb08c02ec23}\setup.exe (No File)
HKU\S-1-5-21-1157967581-465240069-248814341-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled
ProxyServer: [.DEFAULT] => http=127.0.0.1:55911;https=127.0.0.1:55911 [Attention - Possible Proxy Malicieux]
R2 bohosuky; C:\Users\Gaëlle\AppData\Roaming\34444335-1425669790-3031-5348-A01D48E633F8\jnsaAFD3.tmp [194048 2015-03-06] () [File not signed]
R2 myah; c:\windows\myah.exe [408576 2015-06-26] () [File not signed]
R2 voxilyni; C:\Users\Gaëlle\AppData\Roaming\34444335-1424209650-3031-5348-A01D48E633F8\nsf6EE8.tmp [223744 2015-02-18] () [File not signed]
2015-06-28 19:23 - 2015-06-28 19:23 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (27).website
2015-06-28 18:50 - 2015-06-28 18:50 - 02244096 _____ C:\Users\Gaëlle\Downloads\adwcleaner_4.207.exe
2015-06-28 18:38 - 2015-06-28 18:38 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (26).website
2015-06-28 17:56 - 2015-06-28 17:57 - 02244096 _____ C:\Users\Gaëlle\Downloads\AdwCleaner-4.207.exe
2015-06-28 17:55 - 2015-06-28 17:56 - 18411184 _____ (Adobe Systems Incorporated) C:\Users\Gaëlle\Downloads\install_flash_player (4).exe
2015-06-28 17:42 - 2015-06-28 17:42 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (25).website
2015-06-28 16:42 - 2015-06-28 16:42 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (24).website
2015-06-28 15:03 - 2015-06-28 15:03 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (23).website
2015-06-28 15:00 - 2015-06-28 15:00 - 18411184 _____ (Adobe Systems Incorporated) C:\Users\Gaëlle\Downloads\install_flash_player (3).exe
2015-06-28 14:59 - 2015-06-28 14:59 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (22).website
2015-06-28 14:21 - 2015-06-28 14:21 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (21).website
2015-06-27 22:35 - 2015-06-27 22:35 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (20).website
2015-06-27 19:02 - 2015-06-27 19:02 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (19).website
2015-06-27 13:32 - 2015-06-27 13:32 - 00562272 _____ (Oracle Corporation) C:\Users\Gaëlle\Downloads\chromeinstall-8u45.exe
2015-06-26 21:22 - 2015-06-26 21:22 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (18).website
2015-06-26 21:21 - 2015-06-26 21:22 - 18411184 _____ (Adobe Systems Incorporated) C:\Users\Gaëlle\Downloads\install_flash_player (2).exe
2015-06-26 21:20 - 2015-06-26 21:20 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (17).website
2015-06-26 20:22 - 2015-06-26 20:22 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (16).website
2015-06-26 20:22 - 2015-06-26 20:22 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (15).website
2015-06-26 20:20 - 2015-06-26 20:20 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (14).website
2015-06-26 20:19 - 2015-06-26 20:19 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (13).website
2015-06-26 20:19 - 2015-06-26 20:19 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (12).website
2015-06-26 20:18 - 2015-06-26 20:18 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (11).website
2015-06-26 20:18 - 2015-06-26 20:18 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (10).website
2015-06-26 20:15 - 2015-06-26 20:15 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (9).website
2015-06-26 20:15 - 2015-06-26 20:15 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (8).website
2015-06-26 20:14 - 2015-06-26 20:14 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (7).website
2015-06-26 20:06 - 2015-06-26 20:06 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (6).website
2015-06-26 17:34 - 2015-06-26 17:34 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (5).website
2015-06-26 17:34 - 2015-06-26 17:34 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (4).website
2015-06-26 16:26 - 2015-06-26 16:26 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (3).website
2015-06-26 16:22 - 2015-06-26 16:24 - 18411184 _____ (Adobe Systems Incorporated) C:\Users\Gaëlle\Downloads\install_flash_player (1).exe
2015-06-26 16:22 - 2015-06-26 16:22 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (2).website
2015-06-26 16:17 - 2015-06-26 16:17 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (1).website
2015-06-26 12:03 - 2015-06-26 12:04 - 18411184 _____ (Adobe Systems Incorporated) C:\Users\Gaëlle\Downloads\install_flash_player.exe
2015-06-26 12:02 - 2015-06-26 12:02 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup .website
2015-06-26 11:39 - 2015-06-26 11:39 - 00001032 _____ C:\Windows\Tasks\2V4M6AT8RsORJ.job
2015-06-26 11:39 - 2015-06-26 11:39 - 00000000 ____D C:\Users\Gaëlle\AppData\Local\com
2015-06-26 11:38 - 2015-06-26 11:38 - 00001056 _____ C:\Windows\Tasks\cA5Wk0OqyfTlmeAqjL789bE7H.job
2015-06-26 11:34 - 2015-06-26 11:34 - 00001024 _____ C:\Windows\Tasks\cuhk5SJ0s.job
2015-06-26 11:32 - 2015-06-26 11:32 - 00631808 _____ C:\Windows\yah.dat
2015-06-26 11:31 - 2015-06-26 11:32 - 00408576 _____ C:\Windows\myah.exe
2015-06-26 11:31 - 2015-06-26 11:31 - 00417792 _____ C:\Windows\yah.exe
2015-06-26 11:11 - 2015-06-26 11:11 - 00001024 _____ C:\Windows\Tasks\PjEnVpeTX.job
2015-06-10 19:28 - 2015-06-10 19:28 - 00000000 _____ C:\Users\Gaëlle\AppData\Local\Temp.dat
2015-06-10 19:18 - 2015-06-28 14:11 - 00000024 _____ C:\Users\Gaëlle\AppData\Roaming\appdataFr25.bin
2015-06-10 18:55 - 2015-06-28 18:55 - 00000384 _____ C:\Windows\Tasks\BugBreaker.job
2015-06-10 18:55 - 2015-06-10 18:55 - 00003272 _____ C:\Windows\System32\Tasks\BugBreaker
R2 yah; c:\windows\yah.exe [417792 2015-06-26] () [File not signed]
R2 zugowexi; C:\Users\Gaëlle\AppData\Roaming\34444335-1425669790-3031-5348-A01D48E633F8\nsjB6DA.tmp [140800 2015-03-08] () [File not signed]
2015-06-13 10:07 - 2015-02-17 22:47 - 00000000 ____D C:\Users\Gaëlle\AppData\Roaming\34444335-1424209650-3031-5348-A01D48E633F8
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Gaëlle\AppData\Roaming\2V4M6AT8RsORJ
2015-04-20 16:05 - 2015-04-20 16:05 - 1579520 _____ () C:\Users\Gaëlle\AppData\Roaming\2V4M6AT8RsORJ.exe
2015-06-10 19:18 - 2015-06-28 14:11 - 0000024 _____ () C:\Users\Gaëlle\AppData\Roaming\appdataFr25.bin
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Gaëlle\AppData\Roaming\cA5Wk0OqyfTlmeAqjL789bE7H
2015-04-20 16:05 - 2015-04-20 16:05 - 1579520 _____ () C:\Users\Gaëlle\AppData\Roaming\cA5Wk0OqyfTlmeAqjL789bE7H.exe
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Gaëlle\AppData\Roaming\cuhk5SJ0s
2015-04-20 16:05 - 2015-04-20 16:05 - 1579520 _____ () C:\Users\Gaëlle\AppData\Roaming\cuhk5SJ0s.exe
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Gaëlle\AppData\Roaming\PjEnVpeTX
2015-04-20 16:05 - 2015-04-20 16:05 - 1579520 _____ () C:\Users\Gaëlle\AppData\Roaming\PjEnVpeTX.exe
2015-03-06 21:53 - 2015-03-06 21:52 - 0613255 _____ (CMI Limited) C:\Users\Gaëlle\AppData\Local\nst5C96.tmp
2015-02-17 23:29 - 2015-02-17 23:29 - 0613057 _____ (CMI Limited) C:\Users\Gaëlle\AppData\Local\nst70FD.tmp
2014-08-30 11:37 - 2014-09-20 18:09 - 0000003 _____ () C:\Users\Gaëlle\AppData\Local\proxy.log
Task: C:\Windows\Tasks\2V4M6AT8RsORJ.job => C:\Users\Gaýÿlle\AppData\Roaming\2V4M6AT8RsORJ.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\BugBreaker.job => c:\programdata\{af2375e8-dd4e-acec-af23-375e8dd4d7a3}\304289954930156690e.exe <==== ATTENTION
Task: C:\Windows\Tasks\cA5Wk0OqyfTlmeAqjL789bE7H.job => C:\Users\Gaýÿlle\AppData\Roaming\cA5Wk0OqyfTlmeAqjL789bE7H.exe <==== ATTENTION
Task: C:\Windows\Tasks\cuhk5SJ0s.job => C:\Users\Gaýÿlle\AppData\Roaming\cuhk5SJ0s.exe <==== ATTENTION
Task: C:\Windows\Tasks\PjEnVpeTX.job => C:\Users\Gaýÿlle\AppData\Roaming\PjEnVpeTX.exe <==== ATTENTION
Task: {519ECFDC-38B7-42CD-8A4D-DCDFF9F31B90} - System32\Tasks\BugBreaker => c:\programdata\{af2375e8-dd4e-acec-af23-375e8dd4d7a3}\304289954930156690e.exe <==== ATTENTION
Task: {8186F189-87E2-468F-A91E-4928041522A9} - System32\Tasks\{C2D5B3BD-792B-4EF5-A08C-44BA94E6D386} => pcalua.exe -a C:\Users\Gaëlle\AppData\Roaming\istartsurf\UninstallManager.exe -c -ptid=tugs
Task: {A59F373B-714A-440D-AEF2-AFC490B53B33} - System32\Tasks\BrowserSafeguard => C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe <==== ATTENTION
2015-06-26 11:31 - 2015-06-26 11:32 - 00408576 _____ () c:\windows\myah.exe
2015-06-26 11:31 - 2015-06-26 11:31 - 00417792 _____ () c:\windows\yah.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\3D BubbleSound => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\fst_fr_260 => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\gmsd_fr_222 => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\gmsd_fr_223 => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\gmsd_fr_281 => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\gmsd_fr_286 => value removed successfully
HKU\S-1-5-21-1157967581-465240069-248814341-1002\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_89DCA7CA2EE6AB4F01F2CD9F002CB475 => value removed successfully
"c:\users\gaëlle\appdata\local\ap\mtresources\btmn.dll" => value data removed successfully.
C:\Users\Gaëlle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\setup.lnk => moved successfully.
C:\ProgramData\{f680bb08-c025-69f3-f680-0bb08c02ec23}\setup.exe not found.
"HKU\S-1-5-21-1157967581-465240069-248814341-1002\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value removed successfully
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value removed successfully
bohosuky => Unable to stop service.
bohosuky => Service removed successfully
myah => Unable to stop service.
myah => Service removed successfully
voxilyni => Unable to stop service.
voxilyni => Service removed successfully
"C:\Users\Gaëlle\Downloads\Setup (27).website" => File/Folder not found.
C:\Users\Gaëlle\Downloads\adwcleaner_4.207.exe => moved successfully.
"C:\Users\Gaëlle\Downloads\Setup (26).website" => File/Folder not found.
"C:\Users\Gaëlle\Downloads\AdwCleaner-4.207.exe" => File/Folder not found.
"C:\Users\Gaëlle\Downloads\install_flash_player (4).exe" => File/Folder not found.
"C:\Users\Gaëlle\Downloads\Setup (25).website" => File/Folder not found.
"C:\Users\Gaëlle\Downloads\Setup (24).website" => File/Folder not found.
"C:\Users\Gaëlle\Downloads\Setup (23).website" => File/Folder not found.
"C:\Users\Gaëlle\Downloads\install_flash_player (3).exe" => File/Folder not found.
"C:\Users\Gaëlle\Downloads\Setup (22).website" => File/Folder not found.
"C:\Users\Gaëlle\Downloads\Setup (21).website" => File/Folder not found.
"C:\Users\Gaëlle\Downloads\Setup (20).website" => File/Folder not found.
"C:\Users\Gaëlle\Downloads\Setup (19).website" => File/Folder not found.
C:\Users\Gaëlle\Downloads\chromeinstall-8u45.exe => moved successfully.
"C:\Users\Gaëlle\Downloads\Setup (18).website" => File/Folder not found.
"C:\Users\Gaëlle\Downloads\install_flash_player (2).exe" => File/Folder not found.
"C:\Users\Gaëlle\Downloads\Setup (17).website" => File/Folder not found.
"C:\Users\Gaëlle\Downloads\Setup (16).website" => File/Folder not found.
"C:\Users\Gaëlle\Downloads\Setup (15).website" => File/Folder not found.
"C:\Users\Gaëlle\Downloads\Setup (14).website" => File/Folder not found.
"C:\Users\Gaëlle\Downloads\Setup (13).website" => File/Folder not found.
"C:\Users\Gaëlle\Downloads\Setup (12).website" => File/Folder not found.
"C:\Users\Gaëlle\Downloads\Setup (11).website" => File/Folder not found.
"C:\Users\Gaëlle\Downloads\Setup (10).website" => File/Folder not found.
"C:\Users\Gaëlle\Downloads\Setup (9).website" => File/Folder not found.
"C:\Users\Gaëlle\Downloads\Setup (8).website" => File/Folder not found.
"C:\Users\Gaëlle\Downloads\Setup (7).website" => File/Folder not found.
"C:\Users\Gaëlle\Downloads\Setup (6).website" => File/Folder not found.
"C:\Users\Gaëlle\Downloads\Setup (5).website" => File/Folder not found.
"C:\Users\Gaëlle\Downloads\Setup (4).website" => File/Folder not found.
"C:\Users\Gaëlle\Downloads\Setup (3).website" => File/Folder not found.
"C:\Users\Gaëlle\Downloads\install_flash_player (1).exe" => File/Folder not found.
"C:\Users\Gaëlle\Downloads\Setup (2).website" => File/Folder not found.
"C:\Users\Gaëlle\Downloads\Setup (1).website" => File/Folder not found.
C:\Users\Gaëlle\Downloads\install_flash_player.exe => moved successfully.
"C:\Users\Gaëlle\Downloads\Setup .website" => File/Folder not found.
C:\Windows\Tasks\2V4M6AT8RsORJ.job => moved successfully.
C:\Users\Gaëlle\AppData\Local\com => moved successfully.
C:\Windows\Tasks\cA5Wk0OqyfTlmeAqjL789bE7H.job => moved successfully.
C:\Windows\Tasks\cuhk5SJ0s.job => moved successfully.
C:\Windows\yah.dat => moved successfully.
C:\Windows\myah.exe => moved successfully.
C:\Windows\yah.exe => moved successfully.
C:\Windows\Tasks\PjEnVpeTX.job => moved successfully.
C:\Users\Gaëlle\AppData\Local\Temp.dat => moved successfully.
C:\Users\Gaëlle\AppData\Roaming\appdataFr25.bin => moved successfully.
C:\Windows\Tasks\BugBreaker.job => moved successfully.
C:\Windows\System32\Tasks\BugBreaker => moved successfully.
yah => Service removed successfully
zugowexi => Unable to stop service.
zugowexi => Service removed successfully
C:\Users\Gaëlle\AppData\Roaming\34444335-1424209650-3031-5348-A01D48E633F8 => moved successfully.
C:\Users\Gaëlle\AppData\Roaming\2V4M6AT8RsORJ => moved successfully.
C:\Users\Gaëlle\AppData\Roaming\2V4M6AT8RsORJ.exe => moved successfully.
"C:\Users\Gaëlle\AppData\Roaming\appdataFr25.bin" => File/Folder not found.
C:\Users\Gaëlle\AppData\Roaming\cA5Wk0OqyfTlmeAqjL789bE7H => moved successfully.
C:\Users\Gaëlle\AppData\Roaming\cA5Wk0OqyfTlmeAqjL789bE7H.exe => moved successfully.
C:\Users\Gaëlle\AppData\Roaming\cuhk5SJ0s => moved successfully.
C:\Users\Gaëlle\AppData\Roaming\cuhk5SJ0s.exe => moved successfully.
C:\Users\Gaëlle\AppData\Roaming\PjEnVpeTX => moved successfully.
C:\Users\Gaëlle\AppData\Roaming\PjEnVpeTX.exe => moved successfully.
C:\Users\Gaëlle\AppData\Local\nst5C96.tmp => moved successfully.
C:\Users\Gaëlle\AppData\Local\nst70FD.tmp => moved successfully.
C:\Users\Gaëlle\AppData\Local\proxy.log => moved successfully.
C:\Windows\Tasks\2V4M6AT8RsORJ.job not found.
C:\Windows\Tasks\Adobe Flash Player Updater.job => moved successfully.
C:\Windows\Tasks\BugBreaker.job not found.
C:\Windows\Tasks\cA5Wk0OqyfTlmeAqjL789bE7H.job not found.
C:\Windows\Tasks\cuhk5SJ0s.job not found.
C:\Windows\Tasks\PjEnVpeTX.job not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{519ECFDC-38B7-42CD-8A4D-DCDFF9F31B90}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{519ECFDC-38B7-42CD-8A4D-DCDFF9F31B90}" => key removed successfully
C:\Windows\System32\Tasks\BugBreaker not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BugBreaker" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8186F189-87E2-468F-A91E-4928041522A9}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8186F189-87E2-468F-A91E-4928041522A9}" => key removed successfully
C:\Windows\System32\Tasks\{C2D5B3BD-792B-4EF5-A08C-44BA94E6D386} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C2D5B3BD-792B-4EF5-A08C-44BA94E6D386}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{A59F373B-714A-440D-AEF2-AFC490B53B33}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A59F373B-714A-440D-AEF2-AFC490B53B33}" => key removed successfully
C:\Windows\System32\Tasks\BrowserSafeguard => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BrowserSafeguard" => key removed successfully
"c:\windows\myah.exe" => File/Folder not found.
"c:\windows\yah.exe" => File/Folder not found.
The system needed a reboot..
Ran by Gaëlle at 2015-06-28 20:22:28 Run:1
Running from C:\Users\Gaëlle\Desktop
Loaded Profiles: Gaëlle (Available Profiles: Gaëlle)
Boot Mode: Normal
==============================================
fixlist content:
HKLM\...\Run: [3D BubbleSound] => C:\Program Files\BubbleSound\3D BubbleSound.exe
HKLM-x32\...\Run: [fst_fr_260] => [X]
HKLM-x32\...\Run: [gmsd_fr_222] => [X]
HKLM-x32\...\Run: [gmsd_fr_223] => [X]
HKLM-x32\...\Run: [gmsd_fr_281] => [X]
HKLM-x32\...\Run: [gmsd_fr_286] => [X]
HKU\S-1-5-21-1157967581-465240069-248814341-1002\...\Run: [GoogleChromeAutoLaunch_89DCA7CA2EE6AB4F01F2CD9F002CB475] => C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe --no-startup-window
AppInit_DLLs-x32: c:\users\gaëlle\appdata\local\ap\mtresources\btmn.dll => c:\users\gaëlle\appdata\local\ap\mtresources\btmn.dll File not found
Startup: C:\Users\Gaëlle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\setup.lnk [2015-02-18]
ShortcutTarget: setup.lnk -> C:\ProgramData\{f680bb08-c025-69f3-f680-0bb08c02ec23}\setup.exe (No File)
HKU\S-1-5-21-1157967581-465240069-248814341-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled
ProxyServer: [.DEFAULT] => http=127.0.0.1:55911;https=127.0.0.1:55911 [Attention - Possible Proxy Malicieux]
R2 bohosuky; C:\Users\Gaëlle\AppData\Roaming\34444335-1425669790-3031-5348-A01D48E633F8\jnsaAFD3.tmp [194048 2015-03-06] () [File not signed]
R2 myah; c:\windows\myah.exe [408576 2015-06-26] () [File not signed]
R2 voxilyni; C:\Users\Gaëlle\AppData\Roaming\34444335-1424209650-3031-5348-A01D48E633F8\nsf6EE8.tmp [223744 2015-02-18] () [File not signed]
2015-06-28 19:23 - 2015-06-28 19:23 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (27).website
2015-06-28 18:50 - 2015-06-28 18:50 - 02244096 _____ C:\Users\Gaëlle\Downloads\adwcleaner_4.207.exe
2015-06-28 18:38 - 2015-06-28 18:38 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (26).website
2015-06-28 17:56 - 2015-06-28 17:57 - 02244096 _____ C:\Users\Gaëlle\Downloads\AdwCleaner-4.207.exe
2015-06-28 17:55 - 2015-06-28 17:56 - 18411184 _____ (Adobe Systems Incorporated) C:\Users\Gaëlle\Downloads\install_flash_player (4).exe
2015-06-28 17:42 - 2015-06-28 17:42 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (25).website
2015-06-28 16:42 - 2015-06-28 16:42 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (24).website
2015-06-28 15:03 - 2015-06-28 15:03 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (23).website
2015-06-28 15:00 - 2015-06-28 15:00 - 18411184 _____ (Adobe Systems Incorporated) C:\Users\Gaëlle\Downloads\install_flash_player (3).exe
2015-06-28 14:59 - 2015-06-28 14:59 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (22).website
2015-06-28 14:21 - 2015-06-28 14:21 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (21).website
2015-06-27 22:35 - 2015-06-27 22:35 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (20).website
2015-06-27 19:02 - 2015-06-27 19:02 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (19).website
2015-06-27 13:32 - 2015-06-27 13:32 - 00562272 _____ (Oracle Corporation) C:\Users\Gaëlle\Downloads\chromeinstall-8u45.exe
2015-06-26 21:22 - 2015-06-26 21:22 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (18).website
2015-06-26 21:21 - 2015-06-26 21:22 - 18411184 _____ (Adobe Systems Incorporated) C:\Users\Gaëlle\Downloads\install_flash_player (2).exe
2015-06-26 21:20 - 2015-06-26 21:20 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (17).website
2015-06-26 20:22 - 2015-06-26 20:22 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (16).website
2015-06-26 20:22 - 2015-06-26 20:22 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (15).website
2015-06-26 20:20 - 2015-06-26 20:20 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (14).website
2015-06-26 20:19 - 2015-06-26 20:19 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (13).website
2015-06-26 20:19 - 2015-06-26 20:19 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (12).website
2015-06-26 20:18 - 2015-06-26 20:18 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (11).website
2015-06-26 20:18 - 2015-06-26 20:18 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (10).website
2015-06-26 20:15 - 2015-06-26 20:15 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (9).website
2015-06-26 20:15 - 2015-06-26 20:15 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (8).website
2015-06-26 20:14 - 2015-06-26 20:14 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (7).website
2015-06-26 20:06 - 2015-06-26 20:06 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (6).website
2015-06-26 17:34 - 2015-06-26 17:34 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (5).website
2015-06-26 17:34 - 2015-06-26 17:34 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (4).website
2015-06-26 16:26 - 2015-06-26 16:26 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (3).website
2015-06-26 16:22 - 2015-06-26 16:24 - 18411184 _____ (Adobe Systems Incorporated) C:\Users\Gaëlle\Downloads\install_flash_player (1).exe
2015-06-26 16:22 - 2015-06-26 16:22 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (2).website
2015-06-26 16:17 - 2015-06-26 16:17 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup (1).website
2015-06-26 12:03 - 2015-06-26 12:04 - 18411184 _____ (Adobe Systems Incorporated) C:\Users\Gaëlle\Downloads\install_flash_player.exe
2015-06-26 12:02 - 2015-06-26 12:02 - 00000706 _____ C:\Users\Gaëlle\Downloads\Setup .website
2015-06-26 11:39 - 2015-06-26 11:39 - 00001032 _____ C:\Windows\Tasks\2V4M6AT8RsORJ.job
2015-06-26 11:39 - 2015-06-26 11:39 - 00000000 ____D C:\Users\Gaëlle\AppData\Local\com
2015-06-26 11:38 - 2015-06-26 11:38 - 00001056 _____ C:\Windows\Tasks\cA5Wk0OqyfTlmeAqjL789bE7H.job
2015-06-26 11:34 - 2015-06-26 11:34 - 00001024 _____ C:\Windows\Tasks\cuhk5SJ0s.job
2015-06-26 11:32 - 2015-06-26 11:32 - 00631808 _____ C:\Windows\yah.dat
2015-06-26 11:31 - 2015-06-26 11:32 - 00408576 _____ C:\Windows\myah.exe
2015-06-26 11:31 - 2015-06-26 11:31 - 00417792 _____ C:\Windows\yah.exe
2015-06-26 11:11 - 2015-06-26 11:11 - 00001024 _____ C:\Windows\Tasks\PjEnVpeTX.job
2015-06-10 19:28 - 2015-06-10 19:28 - 00000000 _____ C:\Users\Gaëlle\AppData\Local\Temp.dat
2015-06-10 19:18 - 2015-06-28 14:11 - 00000024 _____ C:\Users\Gaëlle\AppData\Roaming\appdataFr25.bin
2015-06-10 18:55 - 2015-06-28 18:55 - 00000384 _____ C:\Windows\Tasks\BugBreaker.job
2015-06-10 18:55 - 2015-06-10 18:55 - 00003272 _____ C:\Windows\System32\Tasks\BugBreaker
R2 yah; c:\windows\yah.exe [417792 2015-06-26] () [File not signed]
R2 zugowexi; C:\Users\Gaëlle\AppData\Roaming\34444335-1425669790-3031-5348-A01D48E633F8\nsjB6DA.tmp [140800 2015-03-08] () [File not signed]
2015-06-13 10:07 - 2015-02-17 22:47 - 00000000 ____D C:\Users\Gaëlle\AppData\Roaming\34444335-1424209650-3031-5348-A01D48E633F8
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Gaëlle\AppData\Roaming\2V4M6AT8RsORJ
2015-04-20 16:05 - 2015-04-20 16:05 - 1579520 _____ () C:\Users\Gaëlle\AppData\Roaming\2V4M6AT8RsORJ.exe
2015-06-10 19:18 - 2015-06-28 14:11 - 0000024 _____ () C:\Users\Gaëlle\AppData\Roaming\appdataFr25.bin
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Gaëlle\AppData\Roaming\cA5Wk0OqyfTlmeAqjL789bE7H
2015-04-20 16:05 - 2015-04-20 16:05 - 1579520 _____ () C:\Users\Gaëlle\AppData\Roaming\cA5Wk0OqyfTlmeAqjL789bE7H.exe
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Gaëlle\AppData\Roaming\cuhk5SJ0s
2015-04-20 16:05 - 2015-04-20 16:05 - 1579520 _____ () C:\Users\Gaëlle\AppData\Roaming\cuhk5SJ0s.exe
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Gaëlle\AppData\Roaming\PjEnVpeTX
2015-04-20 16:05 - 2015-04-20 16:05 - 1579520 _____ () C:\Users\Gaëlle\AppData\Roaming\PjEnVpeTX.exe
2015-03-06 21:53 - 2015-03-06 21:52 - 0613255 _____ (CMI Limited) C:\Users\Gaëlle\AppData\Local\nst5C96.tmp
2015-02-17 23:29 - 2015-02-17 23:29 - 0613057 _____ (CMI Limited) C:\Users\Gaëlle\AppData\Local\nst70FD.tmp
2014-08-30 11:37 - 2014-09-20 18:09 - 0000003 _____ () C:\Users\Gaëlle\AppData\Local\proxy.log
Task: C:\Windows\Tasks\2V4M6AT8RsORJ.job => C:\Users\Gaýÿlle\AppData\Roaming\2V4M6AT8RsORJ.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\BugBreaker.job => c:\programdata\{af2375e8-dd4e-acec-af23-375e8dd4d7a3}\304289954930156690e.exe <==== ATTENTION
Task: C:\Windows\Tasks\cA5Wk0OqyfTlmeAqjL789bE7H.job => C:\Users\Gaýÿlle\AppData\Roaming\cA5Wk0OqyfTlmeAqjL789bE7H.exe <==== ATTENTION
Task: C:\Windows\Tasks\cuhk5SJ0s.job => C:\Users\Gaýÿlle\AppData\Roaming\cuhk5SJ0s.exe <==== ATTENTION
Task: C:\Windows\Tasks\PjEnVpeTX.job => C:\Users\Gaýÿlle\AppData\Roaming\PjEnVpeTX.exe <==== ATTENTION
Task: {519ECFDC-38B7-42CD-8A4D-DCDFF9F31B90} - System32\Tasks\BugBreaker => c:\programdata\{af2375e8-dd4e-acec-af23-375e8dd4d7a3}\304289954930156690e.exe <==== ATTENTION
Task: {8186F189-87E2-468F-A91E-4928041522A9} - System32\Tasks\{C2D5B3BD-792B-4EF5-A08C-44BA94E6D386} => pcalua.exe -a C:\Users\Gaëlle\AppData\Roaming\istartsurf\UninstallManager.exe -c -ptid=tugs
Task: {A59F373B-714A-440D-AEF2-AFC490B53B33} - System32\Tasks\BrowserSafeguard => C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe <==== ATTENTION
2015-06-26 11:31 - 2015-06-26 11:32 - 00408576 _____ () c:\windows\myah.exe
2015-06-26 11:31 - 2015-06-26 11:31 - 00417792 _____ () c:\windows\yah.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\3D BubbleSound => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\fst_fr_260 => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\gmsd_fr_222 => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\gmsd_fr_223 => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\gmsd_fr_281 => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\gmsd_fr_286 => value removed successfully
HKU\S-1-5-21-1157967581-465240069-248814341-1002\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_89DCA7CA2EE6AB4F01F2CD9F002CB475 => value removed successfully
"c:\users\gaëlle\appdata\local\ap\mtresources\btmn.dll" => value data removed successfully.
C:\Users\Gaëlle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\setup.lnk => moved successfully.
C:\ProgramData\{f680bb08-c025-69f3-f680-0bb08c02ec23}\setup.exe not found.
"HKU\S-1-5-21-1157967581-465240069-248814341-1002\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value removed successfully
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value removed successfully
bohosuky => Unable to stop service.
bohosuky => Service removed successfully
myah => Unable to stop service.
myah => Service removed successfully
voxilyni => Unable to stop service.
voxilyni => Service removed successfully
"C:\Users\Gaëlle\Downloads\Setup (27).website" => File/Folder not found.
C:\Users\Gaëlle\Downloads\adwcleaner_4.207.exe => moved successfully.
"C:\Users\Gaëlle\Downloads\Setup (26).website" => File/Folder not found.
"C:\Users\Gaëlle\Downloads\AdwCleaner-4.207.exe" => File/Folder not found.
"C:\Users\Gaëlle\Downloads\install_flash_player (4).exe" => File/Folder not found.
"C:\Users\Gaëlle\Downloads\Setup (25).website" => File/Folder not found.
"C:\Users\Gaëlle\Downloads\Setup (24).website" => File/Folder not found.
"C:\Users\Gaëlle\Downloads\Setup (23).website" => File/Folder not found.
"C:\Users\Gaëlle\Downloads\install_flash_player (3).exe" => File/Folder not found.
"C:\Users\Gaëlle\Downloads\Setup (22).website" => File/Folder not found.
"C:\Users\Gaëlle\Downloads\Setup (21).website" => File/Folder not found.
"C:\Users\Gaëlle\Downloads\Setup (20).website" => File/Folder not found.
"C:\Users\Gaëlle\Downloads\Setup (19).website" => File/Folder not found.
C:\Users\Gaëlle\Downloads\chromeinstall-8u45.exe => moved successfully.
"C:\Users\Gaëlle\Downloads\Setup (18).website" => File/Folder not found.
"C:\Users\Gaëlle\Downloads\install_flash_player (2).exe" => File/Folder not found.
"C:\Users\Gaëlle\Downloads\Setup (17).website" => File/Folder not found.
"C:\Users\Gaëlle\Downloads\Setup (16).website" => File/Folder not found.
"C:\Users\Gaëlle\Downloads\Setup (15).website" => File/Folder not found.
"C:\Users\Gaëlle\Downloads\Setup (14).website" => File/Folder not found.
"C:\Users\Gaëlle\Downloads\Setup (13).website" => File/Folder not found.
"C:\Users\Gaëlle\Downloads\Setup (12).website" => File/Folder not found.
"C:\Users\Gaëlle\Downloads\Setup (11).website" => File/Folder not found.
"C:\Users\Gaëlle\Downloads\Setup (10).website" => File/Folder not found.
"C:\Users\Gaëlle\Downloads\Setup (9).website" => File/Folder not found.
"C:\Users\Gaëlle\Downloads\Setup (8).website" => File/Folder not found.
"C:\Users\Gaëlle\Downloads\Setup (7).website" => File/Folder not found.
"C:\Users\Gaëlle\Downloads\Setup (6).website" => File/Folder not found.
"C:\Users\Gaëlle\Downloads\Setup (5).website" => File/Folder not found.
"C:\Users\Gaëlle\Downloads\Setup (4).website" => File/Folder not found.
"C:\Users\Gaëlle\Downloads\Setup (3).website" => File/Folder not found.
"C:\Users\Gaëlle\Downloads\install_flash_player (1).exe" => File/Folder not found.
"C:\Users\Gaëlle\Downloads\Setup (2).website" => File/Folder not found.
"C:\Users\Gaëlle\Downloads\Setup (1).website" => File/Folder not found.
C:\Users\Gaëlle\Downloads\install_flash_player.exe => moved successfully.
"C:\Users\Gaëlle\Downloads\Setup .website" => File/Folder not found.
C:\Windows\Tasks\2V4M6AT8RsORJ.job => moved successfully.
C:\Users\Gaëlle\AppData\Local\com => moved successfully.
C:\Windows\Tasks\cA5Wk0OqyfTlmeAqjL789bE7H.job => moved successfully.
C:\Windows\Tasks\cuhk5SJ0s.job => moved successfully.
C:\Windows\yah.dat => moved successfully.
C:\Windows\myah.exe => moved successfully.
C:\Windows\yah.exe => moved successfully.
C:\Windows\Tasks\PjEnVpeTX.job => moved successfully.
C:\Users\Gaëlle\AppData\Local\Temp.dat => moved successfully.
C:\Users\Gaëlle\AppData\Roaming\appdataFr25.bin => moved successfully.
C:\Windows\Tasks\BugBreaker.job => moved successfully.
C:\Windows\System32\Tasks\BugBreaker => moved successfully.
yah => Service removed successfully
zugowexi => Unable to stop service.
zugowexi => Service removed successfully
C:\Users\Gaëlle\AppData\Roaming\34444335-1424209650-3031-5348-A01D48E633F8 => moved successfully.
C:\Users\Gaëlle\AppData\Roaming\2V4M6AT8RsORJ => moved successfully.
C:\Users\Gaëlle\AppData\Roaming\2V4M6AT8RsORJ.exe => moved successfully.
"C:\Users\Gaëlle\AppData\Roaming\appdataFr25.bin" => File/Folder not found.
C:\Users\Gaëlle\AppData\Roaming\cA5Wk0OqyfTlmeAqjL789bE7H => moved successfully.
C:\Users\Gaëlle\AppData\Roaming\cA5Wk0OqyfTlmeAqjL789bE7H.exe => moved successfully.
C:\Users\Gaëlle\AppData\Roaming\cuhk5SJ0s => moved successfully.
C:\Users\Gaëlle\AppData\Roaming\cuhk5SJ0s.exe => moved successfully.
C:\Users\Gaëlle\AppData\Roaming\PjEnVpeTX => moved successfully.
C:\Users\Gaëlle\AppData\Roaming\PjEnVpeTX.exe => moved successfully.
C:\Users\Gaëlle\AppData\Local\nst5C96.tmp => moved successfully.
C:\Users\Gaëlle\AppData\Local\nst70FD.tmp => moved successfully.
C:\Users\Gaëlle\AppData\Local\proxy.log => moved successfully.
C:\Windows\Tasks\2V4M6AT8RsORJ.job not found.
C:\Windows\Tasks\Adobe Flash Player Updater.job => moved successfully.
C:\Windows\Tasks\BugBreaker.job not found.
C:\Windows\Tasks\cA5Wk0OqyfTlmeAqjL789bE7H.job not found.
C:\Windows\Tasks\cuhk5SJ0s.job not found.
C:\Windows\Tasks\PjEnVpeTX.job not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{519ECFDC-38B7-42CD-8A4D-DCDFF9F31B90}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{519ECFDC-38B7-42CD-8A4D-DCDFF9F31B90}" => key removed successfully
C:\Windows\System32\Tasks\BugBreaker not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BugBreaker" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8186F189-87E2-468F-A91E-4928041522A9}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8186F189-87E2-468F-A91E-4928041522A9}" => key removed successfully
C:\Windows\System32\Tasks\{C2D5B3BD-792B-4EF5-A08C-44BA94E6D386} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C2D5B3BD-792B-4EF5-A08C-44BA94E6D386}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{A59F373B-714A-440D-AEF2-AFC490B53B33}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A59F373B-714A-440D-AEF2-AFC490B53B33}" => key removed successfully
C:\Windows\System32\Tasks\BrowserSafeguard => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BrowserSafeguard" => key removed successfully
"c:\windows\myah.exe" => File/Folder not found.
"c:\windows\yah.exe" => File/Folder not found.
The system needed a reboot..
End of Fixlog 20:22:57
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 661
28 juin 2015 à 20:42
28 juin 2015 à 20:42
ok, voici la suite :
Malwarebytes (temps : environ 40min de scan):
==================================================
Télécharge et installe Malwarebyte : https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
Mets le à jour puis lance un examen.
A la fin du scan, clic sur "Supprimer Selection" en bas à gauche.
Redémarre l'ordinateur si besoin.
Après redémarrage, relance Malwarebytes.
Vas chercher le rapport dans l'onglet Historique.
A gauche Journal des examens.
Doube-clic sur l'examen dans la liste.
Puis en bas Copier dans le presse papier
Vas sur http://pjjoint.malekal.com et en bas, clic droit / coller pour coller le rapport du scan Malwarebytes.
Clic sur envoyer.
Dans un nouveau message ici en réponse, donne le lien pjjoint afin de pouvoir consulter le rapport.
Malwarebytes (temps : environ 40min de scan):
==================================================
Télécharge et installe Malwarebyte : https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
Mets le à jour puis lance un examen.
A la fin du scan, clic sur "Supprimer Selection" en bas à gauche.
Redémarre l'ordinateur si besoin.
Après redémarrage, relance Malwarebytes.
Vas chercher le rapport dans l'onglet Historique.
A gauche Journal des examens.
Doube-clic sur l'examen dans la liste.
Puis en bas Copier dans le presse papier
Vas sur http://pjjoint.malekal.com et en bas, clic droit / coller pour coller le rapport du scan Malwarebytes.
Clic sur envoyer.
Dans un nouveau message ici en réponse, donne le lien pjjoint afin de pouvoir consulter le rapport.
Ayane57
Messages postés
19
Date d'inscription
dimanche 28 juin 2015
Statut
Membre
Dernière intervention
20 juillet 2015
28 juin 2015 à 22:26
28 juin 2015 à 22:26
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 661
28 juin 2015 à 23:03
28 juin 2015 à 23:03
il reste quel problème ?
Ayane57
Messages postés
19
Date d'inscription
dimanche 28 juin 2015
Statut
Membre
Dernière intervention
20 juillet 2015
28 juin 2015 à 23:06
28 juin 2015 à 23:06
Je pense que c'est bon, la page "adobe flash player" n'apparaît plus. Merci beaucoup.
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 661
28 juin 2015 à 23:09
28 juin 2015 à 23:09
=))
Voila, c'est terminé, tu peux supprimer les programmes utilisés.
Quelques conseils :
Pour prévenir les sites malicieux, tu peux installer Blockulicious : https://forum.malekal.com/viewtopic.php?t=46656&start=
Pour ne plus te faire avoir.
A lire - Programmes parasites / PUPs : https://www.malekal.com/adwares-pup-protection/
(Surtout active les détections LPIs pour détecter les programmes parasites et publicitaires)
Le reste de la sécurité : http://forum.malekal.com/comment-securiser-son-ordinateur.html
Voila, c'est terminé, tu peux supprimer les programmes utilisés.
Quelques conseils :
Pour prévenir les sites malicieux, tu peux installer Blockulicious : https://forum.malekal.com/viewtopic.php?t=46656&start=
Pour ne plus te faire avoir.
A lire - Programmes parasites / PUPs : https://www.malekal.com/adwares-pup-protection/
(Surtout active les détections LPIs pour détecter les programmes parasites et publicitaires)
Le reste de la sécurité : http://forum.malekal.com/comment-securiser-son-ordinateur.html
Ayane57
Messages postés
19
Date d'inscription
dimanche 28 juin 2015
Statut
Membre
Dernière intervention
20 juillet 2015
28 juin 2015 à 23:20
28 juin 2015 à 23:20
Encore merci.
28 juin 2015 à 17:55
Je vais essayer.
Modifié par baladur13 le 28/06/2015 à 19:01
28 juin 2015 à 18:44
Je redirige vers virus/sécurité pour nettoyer ta machine
Modifié par Ayane57 le 28/06/2015 à 18:47