Sujet Précédent Sujet Suivant

Virus!

Résolu/Fermé
lillou65 - Modifié par lillou65 le 21/07/2015 à 12:40
 lillou65 - 22 juil. 2015 à 09:57
Bonjour,

Voilà j'ai un ordinateur acer aspire 5732Z windows 7 qui est remplit de virus ( du moins j'ai l'impression...) je souhaite savoir comment procéder pour supprimer tous les virus et retrouver un ordinateur qui fonctionne correctement?
L'ordinateur n'arrive plus à se connecter à internet mais j'ai un mac avec lequel je peux télécharger des logiciels afin de réparer l'acer.

Merci d'avance.

8 réponses

Réponse 1 / 8
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 656
21 juil. 2015 à 12:51
Salut,



Suis le tutoriel FRST.
(et bien prendre le temps de lire afin d'appliquer correctement - tout y est expliqué).
Télécharge et lance le scan FRST, cela va générer trois rapports FRST :
  • FRST.txt
  • Shortcut.txt
  • Additionnal.txt


Envoie, comme expliqué, ces trois rapports sur le site http://pjjoint.malekal.com et en retour donne les trois liens pjjoint qui mènent à ses rapports ici dans une nouvelle réponse afin que l'on puisse les consulter.

0
Réponse 2 / 8
lillou65
Modifié par lillou65 le 21/07/2015 à 13:51
Merci pour ta réponse si rapide je suis entrain de faire le scan dès que c'est prêt je te fais signe.
0
Réponse 3 / 8
lillou65
Modifié par lillou65 le 21/07/2015 à 13:57
Voici les 3 rapports:

FRST: http://pjjoint.malekal.com/files.php?id=FRST_20150721_l11c11l9s5u14
Additionnal: http://pjjoint.malekal.com/files.php?id=20150721_o6j11l15h13b10
Shortcut: http://pjjoint.malekal.com/files.php?id=20150721_z6f8l13e10j10

Voilà j'attends avec impatience vos réponses.
0
Réponse 4 / 8
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 656
21 juil. 2015 à 14:43
Vache y a du monde dans le PC =)


Voici la correction à effectuer avec FRST.
Tu peux t'inspirer de cette note explicative avec des captures d'écran pour t'aider: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/#fix

Ouvre le bloc-notes : Touche Windows + R, dans le champs executer, tape notepad et OK.
Copie/colle dedans ce qui suit :

HKLM\...\Run: [3D BubbleSound] => C:\Program Files\BubbleSound\3D BubbleSound.exe
HKLM-x32\...\Run: [gmsd_fr_002020029] => [X]
HKLM-x32\...\Run: [gmsd_fr_005010036] => [X]
HKLM-x32\...\Run: [mwyyntm1ndi1zdz] => C:\Program Files (x86)\Smwyyntm1ndi1zdz\mmjmmzh2yxnibdd.exe [2422784 2015-07-21] ()
HKLM-x32\...\Run: [rec_fr_52] => [X]
AppInit_DLLs-x32: c:\programdata\flashbeat\flashbeat32.dll => c:\programdata\flashbeat\flashbeat32.dll File not found
Startup: C:\Users\Mac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\bm.lnk [2015-07-10]
ShortcutTarget: bm.lnk -> C:\Users\Mac\AppData\Local\mlbmvtgtyulibjd\mnbmbzhwyv9idtd.exe (PU-App)
Startup: C:\Users\Mac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\loons.lnk [2015-07-10]
ShortcutTarget: loons.lnk -> C:\Users\Mac\AppData\Local\mkxmbzhvyw5iczc\mkxmbzhvyw5iczc.exe ()
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:54121;https=127.0.0.1:54121 [Attention - Possible Proxy Malicieux]
S2 vicoqudu; C:\Users\Mac\AppData\Roaming\37636663-1436803051-6463-6338-0026221F7C1B\hnsaFFC3.tmp [165376 2015-07-13] () [File not signed]
S2 zejytose; C:\Users\Mac\AppData\Roaming\37636663-1436803051-6463-6338-0026221F7C1B\jnsqE4B3.tmp [199168 2015-07-13] () [File not signed]
S2 mitodeci; C:\Users\Mac\AppData\Roaming\37636663-1436803051-6463-6338-0026221F7C1B\knsq9D61.tmpfs [X]
R4 wsafd_1_10_0_19; system32\drivers\wsafd_1_10_0_19.sys [X]
R1 mmjmmzh2yxnibdd; C:\Windows\System32\drivers\mmjmmzh2yxnibdd.sys [64344 2015-07-21] (Windows (R) Win 7 DDK provider)
2015-07-21 12:04 - 2015-07-21 12:04 - 00000000 ____D C:\ProgramData\ZombieNews
2015-07-21 12:04 - 2015-07-21 12:04 - 00000000 ____D C:\Program Files (x86)\Product Deals
2015-07-21 09:57 - 2015-07-21 09:57 - 00000000 ____D C:\Program Files (x86)\Exploremedia
2015-07-21 09:26 - 2015-07-21 09:26 - 00000000 ____D C:\Users\Mac\AppData\Local\BreakingNewsAlert
2015-07-21 09:17 - 2015-07-21 09:16 - 00613255 _____ (CMI Limited) C:\Users\Mac\AppData\Local\nsp194F.tmp
2015-07-21 09:16 - 2015-07-21 09:16 - 00000000 ____D C:\Users\Mac\AppData\Local\Crossbrowse
2015-07-21 09:15 - 2015-07-21 09:15 - 00004040 _____ C:\Windows\System32\Tasks\PostPoneInstall
2015-07-21 09:15 - 2015-07-21 09:15 - 00003140 _____ C:\Windows\System32\Tasks\Run_Bobby_Browser
2015-07-21 09:13 - 2015-07-21 09:52 - 00000000 ____D C:\Users\Mac\AppData\Local\BoBrowser
2015-07-21 09:07 - 2015-07-21 09:15 - 00008617 _____ C:\claraInstaller.txt
2015-07-21 08:57 - 2015-07-21 09:01 - 00000000 ____D C:\Program Files (x86)\Smwyyntm1ndi1zdz
2015-07-21 08:50 - 2015-07-21 08:50 - 00000000 ____D C:\Program Files (x86)\predm
2015-07-21 08:49 - 2015-07-21 09:43 - 00000376 _____ C:\Windows\Tasks\APSnotifierPP3.job
2015-07-21 08:49 - 2015-07-21 09:19 - 00002822 _____ C:\Windows\System32\Tasks\APSnotifierPP3
2015-07-21 08:48 - 2015-07-21 09:43 - 00000376 _____ C:\Windows\Tasks\APSnotifierPP2.job
2015-07-21 08:48 - 2015-07-21 09:39 - 00000378 _____ C:\Windows\Tasks\APSnotifierPP1.job
2015-07-21 08:48 - 2015-07-21 09:19 - 00002824 _____ C:\Windows\System32\Tasks\APSnotifierPP1
2015-07-21 08:48 - 2015-07-21 09:19 - 00002822 _____ C:\Windows\System32\Tasks\APSnotifierPP2
2015-07-21 08:48 - 2015-07-21 08:48 - 00000000 ____D C:\Windows\SysWOW64\Flash
2015-07-21 08:46 - 2015-07-21 08:45 - 00613255 _____ (CMI Limited) C:\Users\Mac\AppData\Local\nsoC9A6.tmp
2015-07-21 08:45 - 2015-07-21 08:45 - 00000000 __SHD C:\Users\Mac\AppData\Roaming\AnyProtectEx
2015-07-21 08:42 - 2015-07-21 11:12 - 00001000 _____ C:\Windows\Tasks\hTBLisOwnnITzuWscF.job
2015-07-21 08:42 - 2015-07-21 08:42 - 00004018 _____ C:\Windows\System32\Tasks\hTBLisOwnnITzuWscF
2015-07-21 08:34 - 2015-07-21 08:34 - 00000000 ____D C:\Program Files (x86)\SystemHelp
2015-07-21 08:33 - 2015-07-21 08:33 - 00000000 ____D C:\Program Files (x86)\Appspector
2015-07-21 08:31 - 2015-07-21 13:48 - 00000000 ____D C:\Program Files (x86)\youtubeadblocker
2015-07-21 08:30 - 2015-07-21 09:48 - 00000000 ____D C:\Program Files (x86)\PriiceoLess
2015-07-21 08:28 - 2015-07-21 08:28 - 00003084 _____ C:\Windows\System32\Tasks\sab3009
2015-07-21 08:27 - 2015-07-21 11:12 - 00000000 ____D C:\Program Files (x86)\FastSearch
2015-07-21 08:27 - 2015-07-21 08:27 - 00000000 ____D C:\ProgramData\hjfhmnjaegkfmlclognehfilmknmajdk
2015-07-21 08:26 - 2015-07-21 09:43 - 00000332 _____ C:\Windows\Tasks\DatabasePlus.job
2015-07-21 08:26 - 2015-07-21 08:26 - 00003240 _____ C:\Windows\System32\Tasks\DatabasePlus
2015-07-21 08:25 - 2015-07-21 12:13 - 00000000 ____D C:\Users\Mac\AppData\Local\SmartWeb
2015-07-21 08:25 - 2015-07-21 11:45 - 00004022 _____ C:\Windows\System32\Tasks\SmartWeb Upgrade Trigger Task
2015-07-21 06:37 - 2015-07-21 06:37 - 00064344 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\mmjmmzh2yxnibdd.sys
2015-07-13 18:06 - 2015-07-21 12:06 - 00000336 _____ C:\Windows\Tasks\Bidaily Synchronize Task[8da6].job
2015-07-13 18:06 - 2015-07-13 18:06 - 00003244 _____ C:\Windows\System32\Tasks\Bidaily Synchronize Task[8da6]
2015-07-13 18:05 - 2015-07-21 12:28 - 00000000 ____D C:\ProgramData\{e932f536-cb09-1452-e932-2f536cb0d4db}
2015-07-13 18:02 - 2015-07-13 18:02 - 00000000 ____D C:\Users\Mac\AppData\Local\Boxore
2015-07-13 17:58 - 2015-07-21 08:27 - 00000000 ____D C:\Users\Mac\AppData\Local\37636663-1436810321-6463-6338-0026221F7C1B
2015-07-13 17:58 - 2009-06-10 23:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hp.bak
2015-07-13 17:57 - 2015-07-21 09:25 - 00000000 ____D C:\Program Files (x86)\GUPlayer
2015-07-13 17:57 - 2015-07-13 17:58 - 00000000 ____D C:\Users\Mac\AppData\Roaming\37636663-1436803051-6463-6338-0026221F7C1B
2015-07-13 17:56 - 2015-07-21 09:26 - 00000000 ____D C:\Program Files\WebBar
2015-07-13 17:56 - 2015-07-21 09:02 - 00000000 ____D C:\Program Files (x86)\Software
2015-07-13 17:10 - 2015-07-13 17:10 - 00020936 _____ C:\Users\Mac\Documents\sauvegarde.reg
2015-07-12 14:17 - 2015-07-12 14:17 - 00000000 ____D C:\Users\Mac\AppData\Local\speed browser
2015-07-11 11:14 - 2015-07-21 08:29 - 00003470 _____ C:\Windows\System32\Tasks\Usirkaauruuit
2015-07-11 11:14 - 2015-07-11 11:14 - 00000000 ____D C:\ProgramData\Usirkaauruuit
2015-07-10 21:08 - 2015-07-10 21:08 - 00000000 ____D C:\Users\Mac\SupTab
2015-07-10 20:53 - 2015-07-10 20:53 - 00000000 ____D C:\Users\Mac\AppData\Local\mkxmbzhvyw5iczc
2015-07-10 20:52 - 2015-07-10 20:52 - 00000000 ____D C:\Users\Mac\AppData\Local\mlbmvtgtyulibjd
2015-07-06 21:50 - 2015-07-21 11:12 - 00000996 _____ C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2015-07-06 21:50 - 2015-07-21 09:44 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-07-06 21:50 - 2015-07-21 09:12 - 00000000 ____D C:\Users\Mac\AppData\Roaming\WTools
2015-07-06 21:50 - 2015-07-21 08:46 - 00001000 _____ C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2015-07-06 21:50 - 2015-07-21 08:41 - 00003998 _____ C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
2015-07-06 21:50 - 2015-07-21 08:41 - 00003744 _____ C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
2015-07-06 21:50 - 2015-07-06 21:50 - 00003246 _____ C:\Windows\System32\Tasks\GlobalUpdate-mmzmyzhxywtibtd
2015-07-06 21:50 - 2015-07-06 21:50 - 00000000 ____D C:\Users\Mac\AppData\Roaming\mmzmyzhxywtibtd
2015-07-06 21:50 - 2015-07-06 21:50 - 00000000 ____D C:\Users\Mac\AppData\Local\globalUpdate
2015-07-06 21:50 - 2015-07-06 21:50 - 00000000 ____D C:\Program Files (x86)\globalUpdate
2015-07-06 21:49 - 2015-07-21 09:43 - 00000000 ____D C:\Program Files (x86)\version89IneedSpeed
2015-07-06 21:49 - 2015-07-21 09:30 - 00000290 __RSH C:\ProgramData\ntuser.pol
2015-07-06 21:49 - 2015-07-21 09:28 - 00000000 ____D C:\Users\Mac\AppData\Roaming\Store
2015-07-06 21:49 - 2015-07-21 08:23 - 00002056 _____ C:\Windows\patsearch.bin
2015-07-06 21:49 - 2015-07-06 21:51 - 00000965 _____ C:\Windows\SysWOW64\${LOGFILE}
2015-07-06 21:49 - 2015-07-06 21:50 - 00000078 _____ C:\Users\Mac\AppData\Roaming\Selection Tools.installation.log
2015-07-06 21:49 - 2015-07-06 21:49 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_webTinstMKTN84_01009.Wdf
2015-07-06 21:48 - 2015-07-21 08:28 - 00000000 ____D C:\Program Files (x86)\MiuiTab
2015-07-06 21:48 - 2015-07-06 21:49 - 00000078 _____ C:\Users\Mac\AppData\Roaming\WindApp.installation.log
2015-07-06 21:47 - 2015-07-21 12:52 - 00000338 ____H C:\Windows\Tasks\JTYVBOFSMIWFRIMR.job
2015-07-06 21:47 - 2015-07-21 11:12 - 00000326 _____ C:\Windows\Tasks\MSUIY1.job
2015-07-06 21:47 - 2015-07-06 21:51 - 00000000 ____D C:\Users\Mac\AppData\Roaming\Nosibay
2015-07-06 21:47 - 2015-07-06 21:48 - 00005699 _____ C:\Users\Mac\AppData\Roaming\Bubble Dock.installation.log
2015-07-06 21:47 - 2015-07-06 21:47 - 00003368 _____ C:\Windows\System32\Tasks\JTYVBOFSMIWFRIMR
2015-07-06 21:47 - 2015-07-06 21:47 - 00002848 _____ C:\Windows\System32\Tasks\MSUIY1
2015-07-06 21:47 - 2015-07-06 21:47 - 00000097 _____ C:\Users\Mac\AppData\Roaming\WindApp.boostrap.log
2015-07-06 21:47 - 2015-07-06 21:47 - 00000000 ____D C:\Users\Mac\AppData\Roaming\oursurfing
2015-07-06 21:47 - 2015-07-06 21:47 - 00000000 ____D C:\ProgramData\Service1291
2015-07-06 21:47 - 2015-07-06 21:47 - 00000000 ____D C:\ProgramData\28341ff220e0446c9fff27c4493d622e
2015-07-06 21:46 - 2015-07-21 09:36 - 00000000 ____D C:\Program Files (x86)\LuckyTab
2015-07-06 21:46 - 2015-07-06 21:50 - 00001247 _____ C:\Users\Mac\AppData\Roaming\Bubble Dock.boostrap.log
2015-07-06 21:46 - 2015-07-06 21:46 - 00000000 ____D C:\Program Files (x86)\Nginx
HKLM-x32\...\Run: [Nginx] => C:\Program Files (x86)\Nginx\shortcut.lnk [1773 2015-07-06] ()
2015-07-03 23:16 - 2015-07-04 11:25 - 00000000 ____D C:\Program Files (x86)\System Optimizer
2015-07-06 21:46 - 2015-07-06 21:50 - 0001247 _____ () C:\Users\Mac\AppData\Roaming\Bubble Dock.boostrap.log
2015-07-06 21:47 - 2015-07-06 21:48 - 0005699 _____ () C:\Users\Mac\AppData\Roaming\Bubble Dock.installation.log
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Mac\AppData\Roaming\hTBLisOwnnITzuWscF
2015-04-20 16:05 - 2015-04-20 16:05 - 1579520 _____ () C:\Users\Mac\AppData\Roaming\hTBLisOwnnITzuWscF.exe
2015-07-06 21:49 - 2015-07-06 21:50 - 0000078 _____ () C:\Users\Mac\AppData\Roaming\Selection Tools.installation.log
2015-07-06 21:47 - 2015-07-06 21:47 - 0000097 _____ () C:\Users\Mac\AppData\Roaming\WindApp.boostrap.log
2015-07-06 21:48 - 2015-07-06 21:49 - 0000078 _____ () C:\Users\Mac\AppData\Roaming\WindApp.installation.log
2015-07-21 08:46 - 2015-07-21 08:45 - 0613255 _____ (CMI Limited) C:\Users\Mac\AppData\Local\nsoC9A6.tmp
2015-07-21 09:17 - 2015-07-21 09:16 - 0613255 _____ (CMI Limited) C:\Users\Mac\AppData\Local\nsp194F.tmp
2015-07-05 12:06 - 2015-07-05 12:06 - 0000000 _____ () C:\ProgramData\211148173
Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\Bidaily Synchronize Task[8da6].job => c:\programdata\{e932f536-cb09-1452-e932-2f536cb0d4db}\hqghumeaylnlf.exe <==== ATTENTION
Task: C:\Windows\Tasks\DatabasePlus.job => c:\programdata\{8b3cd097-3cca-ff86-8b3c-cd0973cc425c}\nsh53fb.tmp.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\hTBLisOwnnITzuWscF.job => C:\Users\Mac\AppData\Roaming\hTBLisOwnnITzuWscF.exe <==== ATTENTION
Task: C:\Windows\Tasks\JTYVBOFSMIWFRIMR.job => C:\ProgramData\Service1291\Service1291.exe <==== ATTENTION
Task: C:\Windows\Tasks\MSUIY1.job => C:\ProgramData\FlashBeat\FlashBeat.exe <==== ATTENTION
Task: {092D8066-9161-4DB0-A008-7FBCF2E4BA9D} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [2015-07-21] (globalUpdate) <==== ATTENTION
Task: {158ED52D-8A4E-4CA8-A319-052BA9840AE1} - System32\Tasks\Usirkaauruuit => C:\ProgramData\Usirkaauruuit\1.0.4.1\lekikiox.exe [2015-07-11] ()
Task: {3196414E-AA95-48E6-B2B8-598DD4D68141} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {3F5E0341-F882-40CB-846A-7F9984246A80} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {4D831D80-CBB7-4C67-BEDE-1A874A5E118E} - System32\Tasks\sab3009 => C:\Program Files (x86)\FastSearch\sab3009.exe [2015-07-14] ()
Task: {540E8A74-CE83-45A1-871C-F80D67393210} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {571B4E6D-5F29-4A48-A8BC-44B3220ACB0C} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [2015-07-21] (globalUpdate) <==== ATTENTION
Task: {5BB7F016-594C-44A2-9020-5D2D84B6964C} - System32\Tasks\Bidaily Synchronize Task[8da6] => c:\programdata\{e932f536-cb09-1452-e932-2f536cb0d4db}\hqghumeaylnlf.exe [2014-07-13] (PC Utilities Software Limited) <==== ATTENTION
Task: {64B0BFFF-F6C8-4B46-9527-FF34DBCF6581} - System32\Tasks\SmartWeb Upgrade Trigger Task => C:\Users\Mac\AppData\Local\SmartWeb\SmartWebHelper.exe <==== ATTENTION
Task: {6B45E0DA-3C4C-4E5C-B8F4-756CB0E2A61F} - System32\Tasks\PostPoneInstall => C:\Users\Mac\AppData\Local\Temp\ce98ac2e-20c0-4a93-86f6-bdb3e61caf55.exe <==== ATTENTION
Task: {7AC6AC8A-9396-4E02-810F-D7D275B8EFAD} - System32\Tasks\MSUIY1 => C:\ProgramData\FlashBeat\FlashBeat.exe <==== ATTENTION
Task: {8111979F-50F6-462A-A3B9-EBE2A593AE2C} - System32\Tasks\GlobalUpdate-mmzmyzhxywtibtd => C:\Users\Mac\AppData\Roaming\mmzmyzhxywtibtd\mmzmyzhxywtibtd.exe [2015-07-06] () <==== ATTENTION
Task: {908EB0DD-B52A-4299-8D59-35E69E84A8A1} - System32\Tasks\DatabasePlus => c:\programdata\{8b3cd097-3cca-ff86-8b3c-cd0973cc425c}\nsh53fb.tmp.exe <==== ATTENTION
Task: {B4244E9C-FEE1-4391-9E7D-52B4BF2BDDCA} - System32\Tasks\Run_Bobby_Browser => C:\Users\Mac\AppData\Local\BoBrowser\Application\bobrowser.exe <==== ATTENTION
Task: {D1B5EB26-279C-4FC4-B53A-DB2F6841C0C4} - System32\Tasks\hTBLisOwnnITzuWscF => C:\Users\Mac\AppData\Roaming\hTBLisOwnnITzuWscF.exe [2015-04-20] () <==== ATTENTION
Task: {E4C8EA6D-1ADB-43B7-8711-273D65DB9637} - System32\Tasks\JTYVBOFSMIWFRIMR => C:\ProgramData\Service1291\Service1291.exe [2015-06-28] () <==== ATTENTION
Task: {F0065AF7-5600-4FD6-9830-7D52E68A47BD} - System32\Tasks\{19B442F6-9127-4322-B088-342FAE5F3BBA} => pcalua.exe -a C:\Users\Mac\AppData\Roaming\oursurfing\UninstallManager.exe -c -ptid=exp



Une fois, le texte coller dans le bloc-note.
Menu Fichier puis Enregistrer sous.
A gauche, place toi sur le bureau.F
Dans le champs en bas, nom du fichier mets : fixlist.txt
Clic sur Enregistrer - cela va créer un fichier fixlist.txt sur le bureau.

Relance FRST et clic sur le bouton Fix
Selon comment un redémarrage est nécessaire (pas obligatoire).
Un fichier texte apparaît, copie/colle le contenu ici dans un nouveau message.

Redémarre l'ordinateur


puis réinitialise tes navigateurs:
==================================
Réinitialise tes navigateurs et ou manuellement reparamètre tes navigateurs WEB (page de démarrage, moteur de recherche etc) mais aussi supprimer/désactiver les extensions inutiles/parasites :

~~

Désinstalle Spybot.
Remplace le par Malwarebyte : https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
Fais un nettoyage avec.
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 8
lillou65
21 juil. 2015 à 15:18
Voilà la suite:

Fix result of Farbar Recovery Scan Tool (x64) Version:20-07-2015
Ran by Mac at 2015-07-21 15:13:10 Run:2
Running from C:\Users\Mac\Desktop
Loaded Profiles: Mac (Available Profiles: Mac)
Boot Mode: Normal
==============================================

fixlist content:

HKLM\...\Run: [3D BubbleSound] => C:\Program Files\BubbleSound\3D BubbleSound.exe
HKLM-x32\...\Run: [gmsd_fr_002020029] => [X]
HKLM-x32\...\Run: [gmsd_fr_005010036] => [X]
HKLM-x32\...\Run: [mwyyntm1ndi1zdz] => C:\Program Files (x86)\Smwyyntm1ndi1zdz\mmjmmzh2yxnibdd.exe [2422784 2015-07-21] ()
HKLM-x32\...\Run: [rec_fr_52] => [X]
AppInit_DLLs-x32: c:\programdata\flashbeat\flashbeat32.dll => c:\programdata\flashbeat\flashbeat32.dll File not found
Startup: C:\Users\Mac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\bm.lnk [2015-07-10]
ShortcutTarget: bm.lnk -> C:\Users\Mac\AppData\Local\mlbmvtgtyulibjd\mnbmbzhwyv9idtd.exe (PU-App)
Startup: C:\Users\Mac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\loons.lnk [2015-07-10]
ShortcutTarget: loons.lnk -> C:\Users\Mac\AppData\Local\mkxmbzhvyw5iczc\mkxmbzhvyw5iczc.exe ()
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:54121;https=127.0.0.1:54121 [Attention - Possible Proxy Malicieux]
S2 vicoqudu; C:\Users\Mac\AppData\Roaming\37636663-1436803051-6463-6338-0026221F7C1B\hnsaFFC3.tmp [165376 2015-07-13] () [File not signed]
S2 zejytose; C:\Users\Mac\AppData\Roaming\37636663-1436803051-6463-6338-0026221F7C1B\jnsqE4B3.tmp [199168 2015-07-13] () [File not signed]
S2 mitodeci; C:\Users\Mac\AppData\Roaming\37636663-1436803051-6463-6338-0026221F7C1B\knsq9D61.tmpfs [X]
R4 wsafd_1_10_0_19; system32\drivers\wsafd_1_10_0_19.sys [X]
R1 mmjmmzh2yxnibdd; C:\Windows\System32\drivers\mmjmmzh2yxnibdd.sys [64344 2015-07-21] (Windows (R) Win 7 DDK provider)
2015-07-21 12:04 - 2015-07-21 12:04 - 00000000 ____D C:\ProgramData\ZombieNews
2015-07-21 12:04 - 2015-07-21 12:04 - 00000000 ____D C:\Program Files (x86)\Product Deals
2015-07-21 09:57 - 2015-07-21 09:57 - 00000000 ____D C:\Program Files (x86)\Exploremedia
2015-07-21 09:26 - 2015-07-21 09:26 - 00000000 ____D C:\Users\Mac\AppData\Local\BreakingNewsAlert
2015-07-21 09:17 - 2015-07-21 09:16 - 00613255 _____ (CMI Limited) C:\Users\Mac\AppData\Local\nsp194F.tmp
2015-07-21 09:16 - 2015-07-21 09:16 - 00000000 ____D C:\Users\Mac\AppData\Local\Crossbrowse
2015-07-21 09:15 - 2015-07-21 09:15 - 00004040 _____ C:\Windows\System32\Tasks\PostPoneInstall
2015-07-21 09:15 - 2015-07-21 09:15 - 00003140 _____ C:\Windows\System32\Tasks\Run_Bobby_Browser
2015-07-21 09:13 - 2015-07-21 09:52 - 00000000 ____D C:\Users\Mac\AppData\Local\BoBrowser
2015-07-21 09:07 - 2015-07-21 09:15 - 00008617 _____ C:\claraInstaller.txt
2015-07-21 08:57 - 2015-07-21 09:01 - 00000000 ____D C:\Program Files (x86)\Smwyyntm1ndi1zdz
2015-07-21 08:50 - 2015-07-21 08:50 - 00000000 ____D C:\Program Files (x86)\predm
2015-07-21 08:49 - 2015-07-21 09:43 - 00000376 _____ C:\Windows\Tasks\APSnotifierPP3.job
2015-07-21 08:49 - 2015-07-21 09:19 - 00002822 _____ C:\Windows\System32\Tasks\APSnotifierPP3
2015-07-21 08:48 - 2015-07-21 09:43 - 00000376 _____ C:\Windows\Tasks\APSnotifierPP2.job
2015-07-21 08:48 - 2015-07-21 09:39 - 00000378 _____ C:\Windows\Tasks\APSnotifierPP1.job
2015-07-21 08:48 - 2015-07-21 09:19 - 00002824 _____ C:\Windows\System32\Tasks\APSnotifierPP1
2015-07-21 08:48 - 2015-07-21 09:19 - 00002822 _____ C:\Windows\System32\Tasks\APSnotifierPP2
2015-07-21 08:48 - 2015-07-21 08:48 - 00000000 ____D C:\Windows\SysWOW64\Flash
2015-07-21 08:46 - 2015-07-21 08:45 - 00613255 _____ (CMI Limited) C:\Users\Mac\AppData\Local\nsoC9A6.tmp
2015-07-21 08:45 - 2015-07-21 08:45 - 00000000 __SHD C:\Users\Mac\AppData\Roaming\AnyProtectEx
2015-07-21 08:42 - 2015-07-21 11:12 - 00001000 _____ C:\Windows\Tasks\hTBLisOwnnITzuWscF.job
2015-07-21 08:42 - 2015-07-21 08:42 - 00004018 _____ C:\Windows\System32\Tasks\hTBLisOwnnITzuWscF
2015-07-21 08:34 - 2015-07-21 08:34 - 00000000 ____D C:\Program Files (x86)\SystemHelp
2015-07-21 08:33 - 2015-07-21 08:33 - 00000000 ____D C:\Program Files (x86)\Appspector
2015-07-21 08:31 - 2015-07-21 13:48 - 00000000 ____D C:\Program Files (x86)\youtubeadblocker
2015-07-21 08:30 - 2015-07-21 09:48 - 00000000 ____D C:\Program Files (x86)\PriiceoLess
2015-07-21 08:28 - 2015-07-21 08:28 - 00003084 _____ C:\Windows\System32\Tasks\sab3009
2015-07-21 08:27 - 2015-07-21 11:12 - 00000000 ____D C:\Program Files (x86)\FastSearch
2015-07-21 08:27 - 2015-07-21 08:27 - 00000000 ____D C:\ProgramData\hjfhmnjaegkfmlclognehfilmknmajdk
2015-07-21 08:26 - 2015-07-21 09:43 - 00000332 _____ C:\Windows\Tasks\DatabasePlus.job
2015-07-21 08:26 - 2015-07-21 08:26 - 00003240 _____ C:\Windows\System32\Tasks\DatabasePlus
2015-07-21 08:25 - 2015-07-21 12:13 - 00000000 ____D C:\Users\Mac\AppData\Local\SmartWeb
2015-07-21 08:25 - 2015-07-21 11:45 - 00004022 _____ C:\Windows\System32\Tasks\SmartWeb Upgrade Trigger Task
2015-07-21 06:37 - 2015-07-21 06:37 - 00064344 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\mmjmmzh2yxnibdd.sys
2015-07-13 18:06 - 2015-07-21 12:06 - 00000336 _____ C:\Windows\Tasks\Bidaily Synchronize Task[8da6].job
2015-07-13 18:06 - 2015-07-13 18:06 - 00003244 _____ C:\Windows\System32\Tasks\Bidaily Synchronize Task[8da6]
2015-07-13 18:05 - 2015-07-21 12:28 - 00000000 ____D C:\ProgramData\{e932f536-cb09-1452-e932-2f536cb0d4db}
2015-07-13 18:02 - 2015-07-13 18:02 - 00000000 ____D C:\Users\Mac\AppData\Local\Boxore
2015-07-13 17:58 - 2015-07-21 08:27 - 00000000 ____D C:\Users\Mac\AppData\Local\37636663-1436810321-6463-6338-0026221F7C1B
2015-07-13 17:58 - 2009-06-10 23:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hp.bak
2015-07-13 17:57 - 2015-07-21 09:25 - 00000000 ____D C:\Program Files (x86)\GUPlayer
2015-07-13 17:57 - 2015-07-13 17:58 - 00000000 ____D C:\Users\Mac\AppData\Roaming\37636663-1436803051-6463-6338-0026221F7C1B
2015-07-13 17:56 - 2015-07-21 09:26 - 00000000 ____D C:\Program Files\WebBar
2015-07-13 17:56 - 2015-07-21 09:02 - 00000000 ____D C:\Program Files (x86)\Software
2015-07-13 17:10 - 2015-07-13 17:10 - 00020936 _____ C:\Users\Mac\Documents\sauvegarde.reg
2015-07-12 14:17 - 2015-07-12 14:17 - 00000000 ____D C:\Users\Mac\AppData\Local\speed browser
2015-07-11 11:14 - 2015-07-21 08:29 - 00003470 _____ C:\Windows\System32\Tasks\Usirkaauruuit
2015-07-11 11:14 - 2015-07-11 11:14 - 00000000 ____D C:\ProgramData\Usirkaauruuit
2015-07-10 21:08 - 2015-07-10 21:08 - 00000000 ____D C:\Users\Mac\SupTab
2015-07-10 20:53 - 2015-07-10 20:53 - 00000000 ____D C:\Users\Mac\AppData\Local\mkxmbzhvyw5iczc
2015-07-10 20:52 - 2015-07-10 20:52 - 00000000 ____D C:\Users\Mac\AppData\Local\mlbmvtgtyulibjd
2015-07-06 21:50 - 2015-07-21 11:12 - 00000996 _____ C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2015-07-06 21:50 - 2015-07-21 09:44 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-07-06 21:50 - 2015-07-21 09:12 - 00000000 ____D C:\Users\Mac\AppData\Roaming\WTools
2015-07-06 21:50 - 2015-07-21 08:46 - 00001000 _____ C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2015-07-06 21:50 - 2015-07-21 08:41 - 00003998 _____ C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
2015-07-06 21:50 - 2015-07-21 08:41 - 00003744 _____ C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
2015-07-06 21:50 - 2015-07-06 21:50 - 00003246 _____ C:\Windows\System32\Tasks\GlobalUpdate-mmzmyzhxywtibtd
2015-07-06 21:50 - 2015-07-06 21:50 - 00000000 ____D C:\Users\Mac\AppData\Roaming\mmzmyzhxywtibtd
2015-07-06 21:50 - 2015-07-06 21:50 - 00000000 ____D C:\Users\Mac\AppData\Local\globalUpdate
2015-07-06 21:50 - 2015-07-06 21:50 - 00000000 ____D C:\Program Files (x86)\globalUpdate
2015-07-06 21:49 - 2015-07-21 09:43 - 00000000 ____D C:\Program Files (x86)\version89IneedSpeed
2015-07-06 21:49 - 2015-07-21 09:30 - 00000290 __RSH C:\ProgramData\ntuser.pol
2015-07-06 21:49 - 2015-07-21 09:28 - 00000000 ____D C:\Users\Mac\AppData\Roaming\Store
2015-07-06 21:49 - 2015-07-21 08:23 - 00002056 _____ C:\Windows\patsearch.bin
2015-07-06 21:49 - 2015-07-06 21:51 - 00000965 _____ C:\Windows\SysWOW64\${LOGFILE}
2015-07-06 21:49 - 2015-07-06 21:50 - 00000078 _____ C:\Users\Mac\AppData\Roaming\Selection Tools.installation.log
2015-07-06 21:49 - 2015-07-06 21:49 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_webTinstMKTN84_01009.Wdf
2015-07-06 21:48 - 2015-07-21 08:28 - 00000000 ____D C:\Program Files (x86)\MiuiTab
2015-07-06 21:48 - 2015-07-06 21:49 - 00000078 _____ C:\Users\Mac\AppData\Roaming\WindApp.installation.log
2015-07-06 21:47 - 2015-07-21 12:52 - 00000338 ____H C:\Windows\Tasks\JTYVBOFSMIWFRIMR.job
2015-07-06 21:47 - 2015-07-21 11:12 - 00000326 _____ C:\Windows\Tasks\MSUIY1.job
2015-07-06 21:47 - 2015-07-06 21:51 - 00000000 ____D C:\Users\Mac\AppData\Roaming\Nosibay
2015-07-06 21:47 - 2015-07-06 21:48 - 00005699 _____ C:\Users\Mac\AppData\Roaming\Bubble Dock.installation.log
2015-07-06 21:47 - 2015-07-06 21:47 - 00003368 _____ C:\Windows\System32\Tasks\JTYVBOFSMIWFRIMR
2015-07-06 21:47 - 2015-07-06 21:47 - 00002848 _____ C:\Windows\System32\Tasks\MSUIY1
2015-07-06 21:47 - 2015-07-06 21:47 - 00000097 _____ C:\Users\Mac\AppData\Roaming\WindApp.boostrap.log
2015-07-06 21:47 - 2015-07-06 21:47 - 00000000 ____D C:\Users\Mac\AppData\Roaming\oursurfing
2015-07-06 21:47 - 2015-07-06 21:47 - 00000000 ____D C:\ProgramData\Service1291
2015-07-06 21:47 - 2015-07-06 21:47 - 00000000 ____D C:\ProgramData\28341ff220e0446c9fff27c4493d622e
2015-07-06 21:46 - 2015-07-21 09:36 - 00000000 ____D C:\Program Files (x86)\LuckyTab
2015-07-06 21:46 - 2015-07-06 21:50 - 00001247 _____ C:\Users\Mac\AppData\Roaming\Bubble Dock.boostrap.log
2015-07-06 21:46 - 2015-07-06 21:46 - 00000000 ____D C:\Program Files (x86)\Nginx
HKLM-x32\...\Run: [Nginx] => C:\Program Files (x86)\Nginx\shortcut.lnk [1773 2015-07-06] ()
2015-07-03 23:16 - 2015-07-04 11:25 - 00000000 ____D C:\Program Files (x86)\System Optimizer
2015-07-06 21:46 - 2015-07-06 21:50 - 0001247 _____ () C:\Users\Mac\AppData\Roaming\Bubble Dock.boostrap.log
2015-07-06 21:47 - 2015-07-06 21:48 - 0005699 _____ () C:\Users\Mac\AppData\Roaming\Bubble Dock.installation.log
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Mac\AppData\Roaming\hTBLisOwnnITzuWscF
2015-04-20 16:05 - 2015-04-20 16:05 - 1579520 _____ () C:\Users\Mac\AppData\Roaming\hTBLisOwnnITzuWscF.exe
2015-07-06 21:49 - 2015-07-06 21:50 - 0000078 _____ () C:\Users\Mac\AppData\Roaming\Selection Tools.installation.log
2015-07-06 21:47 - 2015-07-06 21:47 - 0000097 _____ () C:\Users\Mac\AppData\Roaming\WindApp.boostrap.log
2015-07-06 21:48 - 2015-07-06 21:49 - 0000078 _____ () C:\Users\Mac\AppData\Roaming\WindApp.installation.log
2015-07-21 08:46 - 2015-07-21 08:45 - 0613255 _____ (CMI Limited) C:\Users\Mac\AppData\Local\nsoC9A6.tmp
2015-07-21 09:17 - 2015-07-21 09:16 - 0613255 _____ (CMI Limited) C:\Users\Mac\AppData\Local\nsp194F.tmp
2015-07-05 12:06 - 2015-07-05 12:06 - 0000000 _____ () C:\ProgramData\211148173
Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\Bidaily Synchronize Task[8da6].job => c:\programdata\{e932f536-cb09-1452-e932-2f536cb0d4db}\hqghumeaylnlf.exe <==== ATTENTION
Task: C:\Windows\Tasks\DatabasePlus.job => c:\programdata\{8b3cd097-3cca-ff86-8b3c-cd0973cc425c}\nsh53fb.tmp.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\hTBLisOwnnITzuWscF.job => C:\Users\Mac\AppData\Roaming\hTBLisOwnnITzuWscF.exe <==== ATTENTION
Task: C:\Windows\Tasks\JTYVBOFSMIWFRIMR.job => C:\ProgramData\Service1291\Service1291.exe <==== ATTENTION
Task: C:\Windows\Tasks\MSUIY1.job => C:\ProgramData\FlashBeat\FlashBeat.exe <==== ATTENTION
Task: {092D8066-9161-4DB0-A008-7FBCF2E4BA9D} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [2015-07-21] (globalUpdate) <==== ATTENTION
Task: {158ED52D-8A4E-4CA8-A319-052BA9840AE1} - System32\Tasks\Usirkaauruuit => C:\ProgramData\Usirkaauruuit\1.0.4.1\lekikiox.exe [2015-07-11] ()
Task: {3196414E-AA95-48E6-B2B8-598DD4D68141} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {3F5E0341-F882-40CB-846A-7F9984246A80} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {4D831D80-CBB7-4C67-BEDE-1A874A5E118E} - System32\Tasks\sab3009 => C:\Program Files (x86)\FastSearch\sab3009.exe [2015-07-14] ()
Task: {540E8A74-CE83-45A1-871C-F80D67393210} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {571B4E6D-5F29-4A48-A8BC-44B3220ACB0C} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [2015-07-21] (globalUpdate) <==== ATTENTION
Task: {5BB7F016-594C-44A2-9020-5D2D84B6964C} - System32\Tasks\Bidaily Synchronize Task[8da6] => c:\programdata\{e932f536-cb09-1452-e932-2f536cb0d4db}\hqghumeaylnlf.exe [2014-07-13] (PC Utilities Software Limited) <==== ATTENTION
Task: {64B0BFFF-F6C8-4B46-9527-FF34DBCF6581} - System32\Tasks\SmartWeb Upgrade Trigger Task => C:\Users\Mac\AppData\Local\SmartWeb\SmartWebHelper.exe <==== ATTENTION
Task: {6B45E0DA-3C4C-4E5C-B8F4-756CB0E2A61F} - System32\Tasks\PostPoneInstall => C:\Users\Mac\AppData\Local\Temp\ce98ac2e-20c0-4a93-86f6-bdb3e61caf55.exe <==== ATTENTION
Task: {7AC6AC8A-9396-4E02-810F-D7D275B8EFAD} - System32\Tasks\MSUIY1 => C:\ProgramData\FlashBeat\FlashBeat.exe <==== ATTENTION
Task: {8111979F-50F6-462A-A3B9-EBE2A593AE2C} - System32\Tasks\GlobalUpdate-mmzmyzhxywtibtd => C:\Users\Mac\AppData\Roaming\mmzmyzhxywtibtd\mmzmyzhxywtibtd.exe [2015-07-06] () <==== ATTENTION
Task: {908EB0DD-B52A-4299-8D59-35E69E84A8A1} - System32\Tasks\DatabasePlus => c:\programdata\{8b3cd097-3cca-ff86-8b3c-cd0973cc425c}\nsh53fb.tmp.exe <==== ATTENTION
Task: {B4244E9C-FEE1-4391-9E7D-52B4BF2BDDCA} - System32\Tasks\Run_Bobby_Browser => C:\Users\Mac\AppData\Local\BoBrowser\Application\bobrowser.exe <==== ATTENTION
Task: {D1B5EB26-279C-4FC4-B53A-DB2F6841C0C4} - System32\Tasks\hTBLisOwnnITzuWscF => C:\Users\Mac\AppData\Roaming\hTBLisOwnnITzuWscF.exe [2015-04-20] () <==== ATTENTION
Task: {E4C8EA6D-1ADB-43B7-8711-273D65DB9637} - System32\Tasks\JTYVBOFSMIWFRIMR => C:\ProgramData\Service1291\Service1291.exe [2015-06-28] () <==== ATTENTION
Task: {F0065AF7-5600-4FD6-9830-7D52E68A47BD} - System32\Tasks\{19B442F6-9127-4322-B088-342FAE5F3BBA} => pcalua.exe -a C:\Users\Mac\AppData\Roaming\oursurfing\UninstallManager.exe -c -ptid=exp


HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\3D BubbleSound => value not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\gmsd_fr_002020029 => value not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\gmsd_fr_005010036 => value not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\mwyyntm1ndi1zdz => value not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\rec_fr_52 => value not found.
"c:\programdata\flashbeat\flashbeat32.dll" => value data not found.
C:\Users\Mac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\bm.lnk not found.
C:\Users\Mac\AppData\Local\mlbmvtgtyulibjd\mnbmbzhwyv9idtd.exe not found.
C:\Users\Mac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\loons.lnk not found.
C:\Users\Mac\AppData\Local\mkxmbzhvyw5iczc\mkxmbzhvyw5iczc.exe not found.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value not found.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value not found.
vicoqudu => Service not found.
zejytose => Service not found.
mitodeci => Service not found.
wsafd_1_10_0_19 => Service not found.
mmjmmzh2yxnibdd => Service not found.
"C:\ProgramData\ZombieNews" => File/Folder not found.
"C:\Program Files (x86)\Product Deals" => File/Folder not found.
"C:\Program Files (x86)\Exploremedia" => File/Folder not found.
"C:\Users\Mac\AppData\Local\BreakingNewsAlert" => File/Folder not found.
"C:\Users\Mac\AppData\Local\nsp194F.tmp" => File/Folder not found.
"C:\Users\Mac\AppData\Local\Crossbrowse" => File/Folder not found.
"C:\Windows\System32\Tasks\PostPoneInstall" => File/Folder not found.
"C:\Windows\System32\Tasks\Run_Bobby_Browser" => File/Folder not found.
"C:\Users\Mac\AppData\Local\BoBrowser" => File/Folder not found.
"C:\claraInstaller.txt" => File/Folder not found.
"C:\Program Files (x86)\Smwyyntm1ndi1zdz" => File/Folder not found.
"C:\Program Files (x86)\predm" => File/Folder not found.
"C:\Windows\Tasks\APSnotifierPP3.job" => File/Folder not found.
"C:\Windows\System32\Tasks\APSnotifierPP3" => File/Folder not found.
"C:\Windows\Tasks\APSnotifierPP2.job" => File/Folder not found.
"C:\Windows\Tasks\APSnotifierPP1.job" => File/Folder not found.
"C:\Windows\System32\Tasks\APSnotifierPP1" => File/Folder not found.
"C:\Windows\System32\Tasks\APSnotifierPP2" => File/Folder not found.
"C:\Windows\SysWOW64\Flash" => File/Folder not found.
"C:\Users\Mac\AppData\Local\nsoC9A6.tmp" => File/Folder not found.
"C:\Users\Mac\AppData\Roaming\AnyProtectEx" => File/Folder not found.
"C:\Windows\Tasks\hTBLisOwnnITzuWscF.job" => File/Folder not found.
"C:\Windows\System32\Tasks\hTBLisOwnnITzuWscF" => File/Folder not found.
"C:\Program Files (x86)\SystemHelp" => File/Folder not found.
"C:\Program Files (x86)\Appspector" => File/Folder not found.
"C:\Program Files (x86)\youtubeadblocker" => File/Folder not found.
"C:\Program Files (x86)\PriiceoLess" => File/Folder not found.
"C:\Windows\System32\Tasks\sab3009" => File/Folder not found.
"C:\Program Files (x86)\FastSearch" => File/Folder not found.
"C:\ProgramData\hjfhmnjaegkfmlclognehfilmknmajdk" => File/Folder not found.
"C:\Windows\Tasks\DatabasePlus.job" => File/Folder not found.
"C:\Windows\System32\Tasks\DatabasePlus" => File/Folder not found.
"C:\Users\Mac\AppData\Local\SmartWeb" => File/Folder not found.
"C:\Windows\System32\Tasks\SmartWeb Upgrade Trigger Task" => File/Folder not found.
"C:\Windows\system32\Drivers\mmjmmzh2yxnibdd.sys" => File/Folder not found.
"C:\Windows\Tasks\Bidaily Synchronize Task[8da6].job" => File/Folder not found.
"C:\Windows\System32\Tasks\Bidaily Synchronize Task[8da6]" => File/Folder not found.
C:\ProgramData\{e932f536-cb09-1452-e932-2f536cb0d4db} => moved successfully.
C:\Users\Mac\AppData\Local\Boxore => moved successfully.
C:\Users\Mac\AppData\Local\37636663-1436810321-6463-6338-0026221F7C1B => moved successfully.
C:\Windows\system32\Drivers\etc\hp.bak => moved successfully.
C:\Program Files (x86)\GUPlayer => moved successfully.
C:\Users\Mac\AppData\Roaming\37636663-1436803051-6463-6338-0026221F7C1B => moved successfully.
C:\Program Files\WebBar => moved successfully.
C:\Program Files (x86)\Software => moved successfully.
C:\Users\Mac\Documents\sauvegarde.reg => moved successfully.
C:\Users\Mac\AppData\Local\speed browser => moved successfully.
C:\Windows\System32\Tasks\Usirkaauruuit => moved successfully.
C:\ProgramData\Usirkaauruuit => moved successfully.
C:\Users\Mac\SupTab => moved successfully.
C:\Users\Mac\AppData\Local\mkxmbzhvyw5iczc => moved successfully.
C:\Users\Mac\AppData\Local\mlbmvtgtyulibjd => moved successfully.
"C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job" => File/Folder not found.
C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7 => moved successfully.
C:\Users\Mac\AppData\Roaming\WTools => moved successfully.
"C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job" => File/Folder not found.
"C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA" => File/Folder not found.
"C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore" => File/Folder not found.
C:\Windows\System32\Tasks\GlobalUpdate-mmzmyzhxywtibtd => moved successfully.

"C:\Users\Mac\AppData\Roaming\mmzmyzhxywtibtd" folder move:

Could not move "C:\Users\Mac\AppData\Roaming\mmzmyzhxywtibtd" folder => Scheduled to move on reboot.

C:\Users\Mac\AppData\Local\globalUpdate => moved successfully.
C:\Program Files (x86)\globalUpdate => moved successfully.
C:\Program Files (x86)\version89IneedSpeed => moved successfully.
C:\ProgramData\ntuser.pol => moved successfully.
C:\Users\Mac\AppData\Roaming\Store => moved successfully.
C:\Windows\patsearch.bin => moved successfully.
C:\Windows\SysWOW64\${LOGFILE} => moved successfully.
C:\Users\Mac\AppData\Roaming\Selection Tools.installation.log => moved successfully.
C:\Windows\system32\Drivers\Msft_Kernel_webTinstMKTN84_01009.Wdf => moved successfully.
C:\Program Files (x86)\MiuiTab => moved successfully.
C:\Users\Mac\AppData\Roaming\WindApp.installation.log => moved successfully.
C:\Windows\Tasks\JTYVBOFSMIWFRIMR.job => moved successfully.
C:\Windows\Tasks\MSUIY1.job => moved successfully.
C:\Users\Mac\AppData\Roaming\Nosibay => moved successfully.
C:\Users\Mac\AppData\Roaming\Bubble Dock.installation.log => moved successfully.
C:\Windows\System32\Tasks\JTYVBOFSMIWFRIMR => moved successfully.
C:\Windows\System32\Tasks\MSUIY1 => moved successfully.
C:\Users\Mac\AppData\Roaming\WindApp.boostrap.log => moved successfully.
C:\Users\Mac\AppData\Roaming\oursurfing => moved successfully.
C:\ProgramData\Service1291 => moved successfully.
C:\ProgramData\28341ff220e0446c9fff27c4493d622e => moved successfully.
C:\Program Files (x86)\LuckyTab => moved successfully.
C:\Users\Mac\AppData\Roaming\Bubble Dock.boostrap.log => moved successfully.

"C:\Program Files (x86)\Nginx" folder move:

Could not move "C:\Program Files (x86)\Nginx" folder => Scheduled to move on reboot.

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Nginx => value removed successfully
C:\Program Files (x86)\System Optimizer => moved successfully.
"C:\Users\Mac\AppData\Roaming\Bubble Dock.boostrap.log" => File/Folder not found.
"C:\Users\Mac\AppData\Roaming\Bubble Dock.installation.log" => File/Folder not found.
C:\Users\Mac\AppData\Roaming\hTBLisOwnnITzuWscF => moved successfully.
C:\Users\Mac\AppData\Roaming\hTBLisOwnnITzuWscF.exe => moved successfully.
"C:\Users\Mac\AppData\Roaming\Selection Tools.installation.log" => File/Folder not found.
"C:\Users\Mac\AppData\Roaming\WindApp.boostrap.log" => File/Folder not found.
"C:\Users\Mac\AppData\Roaming\WindApp.installation.log" => File/Folder not found.
"C:\Users\Mac\AppData\Local\nsoC9A6.tmp" => File/Folder not found.
"C:\Users\Mac\AppData\Local\nsp194F.tmp" => File/Folder not found.
C:\ProgramData\211148173 => moved successfully.
C:\Windows\Tasks\APSnotifierPP1.job not found.
C:\Windows\Tasks\APSnotifierPP2.job not found.
C:\Windows\Tasks\APSnotifierPP3.job not found.
C:\Windows\Tasks\Bidaily Synchronize Task[8da6].job not found.
C:\Windows\Tasks\DatabasePlus.job not found.
C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job not found.
C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job not found.
C:\Windows\Tasks\hTBLisOwnnITzuWscF.job not found.
C:\Windows\Tasks\JTYVBOFSMIWFRIMR.job not found.
C:\Windows\Tasks\MSUIY1.job not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{092D8066-9161-4DB0-A008-7FBCF2E4BA9D} => key not found.
C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineCore => key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{158ED52D-8A4E-4CA8-A319-052BA9840AE1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{158ED52D-8A4E-4CA8-A319-052BA9840AE1}" => key removed successfully
C:\Windows\System32\Tasks\Usirkaauruuit not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Usirkaauruuit" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3196414E-AA95-48E6-B2B8-598DD4D68141}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3196414E-AA95-48E6-B2B8-598DD4D68141}" => key removed successfully
C:\Windows\System32\Tasks\APSnotifierPP2 not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP2" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3F5E0341-F882-40CB-846A-7F9984246A80}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3F5E0341-F882-40CB-846A-7F9984246A80}" => key removed successfully
C:\Windows\System32\Tasks\APSnotifierPP3 not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP3" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4D831D80-CBB7-4C67-BEDE-1A874A5E118E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4D831D80-CBB7-4C67-BEDE-1A874A5E118E}" => key removed successfully
C:\Windows\System32\Tasks\sab3009 not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\sab3009" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{540E8A74-CE83-45A1-871C-F80D67393210}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{540E8A74-CE83-45A1-871C-F80D67393210}" => key removed successfully
C:\Windows\System32\Tasks\APSnotifierPP1 not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP1" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{571B4E6D-5F29-4A48-A8BC-44B3220ACB0C} => key not found.
C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineUA => key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5BB7F016-594C-44A2-9020-5D2D84B6964C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5BB7F016-594C-44A2-9020-5D2D84B6964C}" => key removed successfully
C:\Windows\System32\Tasks\Bidaily Synchronize Task[8da6] not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Bidaily Synchronize Task[8da6]" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{64B0BFFF-F6C8-4B46-9527-FF34DBCF6581}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{64B0BFFF-F6C8-4B46-9527-FF34DBCF6581}" => key removed successfully
C:\Windows\System32\Tasks\SmartWeb Upgrade Trigger Task not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SmartWeb Upgrade Trigger Task" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6B45E0DA-3C4C-4E5C-B8F4-756CB0E2A61F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6B45E0DA-3C4C-4E5C-B8F4-756CB0E2A61F}" => key removed successfully
C:\Windows\System32\Tasks\PostPoneInstall not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PostPoneInstall" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7AC6AC8A-9396-4E02-810F-D7D275B8EFAD}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7AC6AC8A-9396-4E02-810F-D7D275B8EFAD}" => key removed successfully
C:\Windows\System32\Tasks\MSUIY1 not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\MSUIY1" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8111979F-50F6-462A-A3B9-EBE2A593AE2C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8111979F-50F6-462A-A3B9-EBE2A593AE2C}" => key removed successfully
C:\Windows\System32\Tasks\GlobalUpdate-mmzmyzhxywtibtd not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GlobalUpdate-mmzmyzhxywtibtd" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{908EB0DD-B52A-4299-8D59-35E69E84A8A1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{908EB0DD-B52A-4299-8D59-35E69E84A8A1}" => key removed successfully
C:\Windows\System32\Tasks\DatabasePlus not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DatabasePlus" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B4244E9C-FEE1-4391-9E7D-52B4BF2BDDCA}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B4244E9C-FEE1-4391-9E7D-52B4BF2BDDCA}" => key removed successfully
C:\Windows\System32\Tasks\Run_Bobby_Browser not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Run_Bobby_Browser" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D1B5EB26-279C-4FC4-B53A-DB2F6841C0C4}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D1B5EB26-279C-4FC4-B53A-DB2F6841C0C4}" => key removed successfully
C:\Windows\System32\Tasks\hTBLisOwnnITzuWscF not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\hTBLisOwnnITzuWscF" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E4C8EA6D-1ADB-43B7-8711-273D65DB9637}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E4C8EA6D-1ADB-43B7-8711-273D65DB9637}" => key removed successfully
C:\Windows\System32\Tasks\JTYVBOFSMIWFRIMR not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\JTYVBOFSMIWFRIMR" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F0065AF7-5600-4FD6-9830-7D52E68A47BD}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F0065AF7-5600-4FD6-9830-7D52E68A47BD}" => key removed successfully
C:\Windows\System32\Tasks\{19B442F6-9127-4322-B088-342FAE5F3BBA} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{19B442F6-9127-4322-B088-342FAE5F3BBA}" => key removed successfully

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-07-21 15:15:09)<=

C:\Users\Mac\AppData\Roaming\mmzmyzhxywtibtd => Is moved successfully
C:\Program Files (x86)\Nginx => Is moved successfully

End of Fixlog 15:15:10

Dis moi si c'est bien ça en attendant je réinitialise le navigateur et mets malwarebyte
0
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 656
21 juil. 2015 à 15:53
yep c'est bien cela.
0
lillou65
Modifié par lillou65 le 21/07/2015 à 16:01
par contre l'analyse avec malwarebyte est un peu longue mais en même temps il y a de quoi faire!
déjà 18 objets infectés!!
0
Réponse 6 / 8
lillou65
21 juil. 2015 à 18:02
ça y est j'ai l'impression que tout va bien maintenant!
merci beaucoup
0
Réponse 7 / 8
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 656
21 juil. 2015 à 21:36
=)

refais un scan Malwarebytes prochainement,



Voila, c'est terminé, tu peux supprimer les programmes utilisés.

Quelques conseils :


Pour prévenir les sites malicieux, tu peux installer Blockulicious : https://forum.malekal.com/viewtopic.php?t=46656&start=


Pour ne plus te faire avoir.
A lire - Programmes parasites / PUPs : https://www.malekal.com/adwares-pup-protection/
(Surtout active les détections LPIs pour détecter les programmes parasites et publicitaires)


Le reste de la sécurité : http://forum.malekal.com/comment-securiser-son-ordinateur.html


0
Réponse 8 / 8
lillou65
22 juil. 2015 à 09:57
Super en tout cas merci beaucoup pour tous tes conseils!
0

Discussions similaires

Est ce que le site tlauncher est dangereux ?
caribou -
bazfile -

1 réponse
Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
4 virus en raison d’un porno ????
valou -
Bello040420 -

9 réponses
problême Opéra est ce un virus??
sand2504 -
sand2504 -

85 réponses
Virus MSN Tinyurl
djkifkif -
matt56430 -

8 réponses