Probleme virus check.exe
Fermé
Ishak10
Messages postés
7
Date d'inscription
vendredi 24 juillet 2015
Statut
Membre
Dernière intervention
4 juillet 2018
-
24 juil. 2015 à 18:53
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 - 24 juil. 2015 à 20:51
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 - 24 juil. 2015 à 20:51
A voir également:
- Probleme virus check.exe
- Youtu.be virus - Accueil - Guide virus
- Svchost.exe virus - Guide
- Faux message virus ordinateur - Accueil - Arnaque
- Virus mcafee - Accueil - Piratage
- Tinyurl.com virus - Forum Virus
2 réponses
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 661
24 juil. 2015 à 20:43
24 juil. 2015 à 20:43
Salut,
Je regarde les rapports.
Je regarde les rapports.
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 661
24 juil. 2015 à 20:51
24 juil. 2015 à 20:51
Envoie C:\Program Files\Checker\packages\4029320f-2c75-41d6-85fa-698b75fb782a\checker.exe
et
C:\Program Files\Checker\check.exe
sur http://upload.malekal.com
puis :
Voici la correction à effectuer avec FRST.
Tu peux t'inspirer de cette note explicative avec des captures d'écran pour t'aider: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/#fix
Ouvre le bloc-notes : Touche Windows + R, dans le champs executer, tape notepad et OK.
Copie/colle dedans ce qui suit :
HKU\S-1-5-21-2248201396-260109138-1090150843-1000\...\Run: [apphide] => C:\Program Files (x86)\baidu\baidu.exe [61440 2015-06-20] ()
AppInit_DLLs: C:\ProgramData\ExtTag\kiytgs4e.dll => C:\ProgramData\ExtTag\kiytgs4e.dll File not found
AppInit_DLLs-x32: C:\ProgramData\ExtTag\5ekuq3iw.dll => C:\ProgramData\ExtTag\5ekuq3iw.dll File not found
R2 Checker; C:\Program Files\Checker\check.exe [376832 2015-07-20] () [File not signed]
R2 ExtTag; C:\ProgramData\ExtTag\ExtTag [X]
S2 zejytose; C:\Program Files (x86)\4C4C4544-1437444209-3910-8042-B4C04F515831\jnsj1C46.tmp [X]
2015-07-21 22:45 - 2015-07-21 22:45 - 00000000 ____D C:\Users\Mes Documents\AppData\Roaming\DriverTurbo
2015-07-23 13:35 - 2015-07-23 13:49 - 00654032 _____ ( ) C:\Users\Mes Documents\Downloads\Linkury%20SmartBar.exe
2015-07-21 13:29 - 2015-07-21 13:29 - 00000000 ____D C:\ProgramData\b85b74100003412
2015-07-21 13:17 - 2015-07-21 13:16 - 00613255 _____ (CMI Limited) C:\Users\Mes Documents\AppData\Local\nso3496.tmp
2015-07-21 12:53 - 2015-07-21 12:54 - 00000000 ____D C:\Users\Mes Documents\AppData\Local\Chromium
2015-07-21 12:49 - 2015-07-21 12:49 - 00000000 ____D C:\Users\Mes Documents\AppData\Roaming\PriceFountain
2015-07-21 12:44 - 2015-07-21 12:44 - 00613255 _____ (CMI Limited) C:\Users\Mes Documents\AppData\Local\nsm24AB.tmp
2015-07-21 03:29 - 2015-07-21 03:29 - 00000000 ____D C:\Users\Mes Documents\Documents\Ishak
2015-07-21 03:28 - 2015-07-22 16:57 - 00000000 ____D C:\Users\Mes Documents\ishak
2015-07-21 03:27 - 2015-07-21 13:32 - 00000000 ____D C:\Users\Mes Documents\AppData\Local\Unity
2015-07-21 03:27 - 2015-07-21 03:28 - 00000000 ____D C:\Users\Mes Documents\AppData\Local\SysassistByHotWheel
2015-07-21 03:26 - 2015-07-21 03:26 - 00000000 ____D C:\Users\Public\QiYi
2015-07-21 03:26 - 2015-07-21 03:26 - 00000000 ____D C:\Users\Mes Documents\AppData\Roaming\LightningDownloader
2015-07-21 03:26 - 2015-07-21 03:26 - 00000000 ____D C:\Users\Mes Documents\AppData\Roaming\IQIYI Video
2015-07-21 03:24 - 2015-07-22 17:05 - 00000000 ____D C:\Program Files (x86)\baidu
2015-07-21 03:24 - 2015-07-21 03:24 - 00000000 ____D C:\Users\Mes Documents\AppData\Local\Geckofx
2015-07-21 03:22 - 2015-07-21 18:12 - 00000000 ____D C:\Program Files\Compliant Host Controller
2015-07-21 03:22 - 2015-07-21 03:22 - 00000000 ____D C:\ProgramData\ToolGets
2015-07-21 03:20 - 2015-07-24 10:41 - 00001052 _____ C:\Windows\Tasks\R0D7OhvBOhpCQ5BMCH1dCgZ1.job
2015-07-21 03:20 - 2015-07-24 10:41 - 00001030 _____ C:\Windows\Tasks\xIc9fDdbc8Ioo.job
2015-07-21 03:20 - 2015-07-21 03:20 - 00004108 _____ C:\Windows\System32\Tasks\R0D7OhvBOhpCQ5BMCH1dCgZ1
2015-07-21 03:20 - 2015-07-21 03:20 - 00004086 _____ C:\Windows\System32\Tasks\xIc9fDdbc8Ioo
2015-07-21 03:17 - 2015-07-21 19:43 - 00000000 ____D C:\Program Files (x86)\Image Downloader
2015-07-21 03:17 - 2015-07-21 03:17 - 00000000 ____D C:\Users\Mes Documents\AppData\Local\Crossbrowse
2015-07-21 03:15 - 2015-07-21 03:17 - 00000000 ____D C:\ProgramData\17506852126693704871
2015-07-21 03:14 - 2015-07-21 03:14 - 00613255 _____ (CMI Limited) C:\Users\Mes Documents\AppData\Local\nscB51D.tmp
2015-07-21 03:14 - 2015-07-21 03:14 - 00000000 __SHD C:\Users\Mes Documents\AppData\Roaming\AnyProtectEx
2015-07-21 03:12 - 2015-07-24 10:41 - 00000366 _____ C:\Windows\Tasks\EasyProgress.job
2015-07-21 03:05 - 2015-07-24 14:22 - 00001048 _____ C:\Windows\Tasks\cf1GPNxnMOsePNoUqe9ZOG.job
2015-07-21 03:05 - 2015-07-24 12:24 - 00001022 _____ C:\Windows\Tasks\yO3y6s4qf.job
2015-07-21 03:05 - 2015-07-21 03:05 - 00004104 _____ C:\Windows\System32\Tasks\cf1GPNxnMOsePNoUqe9ZOG
2015-07-21 03:05 - 2015-07-21 03:05 - 00004078 _____ C:\Windows\System32\Tasks\yO3y6s4qf
2015-07-21 03:04 - 2015-07-21 19:41 - 00000000 ____D C:\Users\Mes Documents\AppData\Local\4C4C4544-1437447856-3910-8042-B4C04F515831
2015-07-21 03:03 - 2015-07-21 12:41 - 00000000 ____D C:\Program Files\Checker
2015-07-21 03:03 - 2014-04-18 20:14 - 00002461 _____ C:\Windows\system32\Drivers\etc\hp.bak
2015-07-21 02:51 - 2015-07-21 03:13 - 00000000 ____D C:\Users\Mes Documents\AppData\Roaming\Solvusoft
2015-07-21 02:30 - 2015-07-21 02:30 - 00177210 _____ C:\Users\Mes Documents\Documents\cc_20150721_023018.reg
2015-07-21 02:08 - 2015-07-21 19:15 - 00000000 ____D C:\Users\Mes Documents\AppData\Local\28359
2015-07-21 01:48 - 2015-07-23 13:16 - 00000000 ____D C:\Users\Mes Documents\AppData\Roaming\uTorrent
2015-07-21 01:46 - 2015-07-21 01:47 - 01742928 _____ (BitTorrent Inc.) C:\Users\Mes Documents\Downloads\uTorrent_3-4-2-build-38913.exe
2015-07-21 01:43 - 2015-07-21 13:44 - 00000000 ____D C:\Program Files (x86)\8f7c661b-cac3-4083-b69c-1847ac7e309a
2015-07-21 01:43 - 2015-07-21 13:38 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-07-21 01:43 - 2015-07-21 01:43 - 00000000 ____D C:\Users\Mes Documents\AppData\Local\globalUpdate
2014-04-17 23:27 - 2014-04-17 23:27 - 0014294 _____ () C:\Users\Mes Documents\AppData\Roaming\addonVont.zip
2015-04-19 13:20 - 2015-04-19 13:20 - 0005872 _____ () C:\Users\Mes Documents\AppData\Roaming\cf1GPNxnMOsePNoUqe9ZOG
2015-04-20 15:05 - 2015-04-20 15:05 - 1579520 _____ () C:\Users\Mes Documents\AppData\Roaming\cf1GPNxnMOsePNoUqe9ZOG.exe
2015-04-19 13:20 - 2015-04-19 13:20 - 0005872 _____ () C:\Users\Mes Documents\AppData\Roaming\R0D7OhvBOhpCQ5BMCH1dCgZ1
2015-04-20 15:05 - 2015-04-20 15:05 - 1579520 _____ () C:\Users\Mes Documents\AppData\Roaming\R0D7OhvBOhpCQ5BMCH1dCgZ1.exe
2014-08-28 16:46 - 2014-08-28 16:46 - 0000268 ___RH () C:\Users\Mes Documents\AppData\Roaming\Rule Actions
2014-08-28 16:47 - 2014-08-28 16:47 - 0000268 ___RH () C:\Users\Mes Documents\AppData\Roaming\Sample Delay
2014-08-28 16:46 - 2014-08-28 16:46 - 0000268 ___RH () C:\Users\Mes Documents\AppData\Roaming\Sampler
2015-07-21 15:49 - 2015-07-21 15:49 - 0000044 _____ () C:\Users\Mes Documents\AppData\Roaming\WB.CFG
2015-04-14 17:28 - 2015-04-14 17:28 - 0004387 _____ () C:\Users\Mes Documents\AppData\Roaming\xIc9fDdbc8Ioo
2015-04-20 15:05 - 2015-04-20 15:05 - 1246720 _____ () C:\Users\Mes Documents\AppData\Roaming\xIc9fDdbc8Ioo.exe
2015-04-14 17:28 - 2015-04-14 17:28 - 0004387 _____ () C:\Users\Mes Documents\AppData\Roaming\yO3y6s4qf
2015-04-20 15:05 - 2015-04-20 15:05 - 1246720 _____ () C:\Users\Mes Documents\AppData\Roaming\yO3y6s4qf.exe
2014-08-25 17:43 - 2014-10-04 02:10 - 0005120 _____ () C:\Users\Mes Documents\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-22 19:58 - 2014-04-22 19:58 - 0000101 _____ () C:\Users\Mes Documents\AppData\Local\fusioncache.dat
2015-07-21 03:14 - 2015-07-21 03:14 - 0613255 _____ (CMI Limited) C:\Users\Mes Documents\AppData\Local\nscB51D.tmp
2015-07-21 12:44 - 2015-07-21 12:44 - 0613255 _____ (CMI Limited) C:\Users\Mes Documents\AppData\Local\nsm24AB.tmp
2015-07-21 13:17 - 2015-07-21 13:16 - 0613255 _____ (CMI Limited) C:\Users\Mes Documents\AppData\Local\nso3496.tmp
Task: {14951316-0E67-467C-A9E0-D764ECD414AA} - System32\Tasks\{7C85EA58-1D37-45BA-9F46-F89D5E49EF9D} => pcalua.exe -a "C:\Users\Mes Documents\AppData\Roaming\istartsurf\UninstallManager.exe" -c -ptid=ima
Task: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} - \Microsoft\Windows\WindowsBackup\ConfigNotification No Task File <==== ATTENTION
Task: {3364AC63-D2E8-4229-9666-A6430EFD0AC2} - System32\Tasks\yO3y6s4qf => C:\Users\Mes Documents\AppData\Roaming\yO3y6s4qf.exe [2015-04-20] () <==== ATTENTION
Task: {456454A9-DF53-4BDA-8E54-474DABEB3B0C} - System32\Tasks\{B32172BB-946D-4612-80B2-F6E7A92FD55D} => pcalua.exe -a "C:\Program Files (x86)\Picexa\uninstall.exe"
Task: {735BDB29-FBDA-4621-A1ED-F1B9627F5D49} - System32\Tasks\R0D7OhvBOhpCQ5BMCH1dCgZ1 => C:\Users\Mes Documents\AppData\Roaming\R0D7OhvBOhpCQ5BMCH1dCgZ1.exe [2015-04-20] () <==== ATTENTION
Task: {A1E462BE-C1F8-4E87-B589-9DC253539DB8} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline No Task File <==== ATTENTION
Task: {A478A251-DDEC-4EEF-ABAD-A637A0E92B26} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {A737353F-EF87-4DEE-B48E-0430A28886E8} - System32\Tasks\Opera N Sunday => C:\Program Files (x86)\Opera\launcher.exe [2015-07-10] (Opera Software)
Task: {AACEB2B2-390E-4196-AFB8-7629DB1F4FE8} - \AutoKMS No Task File <==== ATTENTION
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - \Microsoft\Windows\Application Experience\AitAgent No Task File <==== ATTENTION
Task: {BB3D7544-EC60-467C-ABB1-B2EECBA0D975} - System32\Tasks\Update Java => C:\Program Files\Checker\packages\4029320f-2c75-41d6-85fa-698b75fb782a\checker.exe [2015-07-21] ()
Task: {BBFC24CC-1677-4A34-8F17-2A2612CD8D72} - System32\Tasks\xIc9fDdbc8Ioo => C:\Users\Mes Documents\AppData\Roaming\xIc9fDdbc8Ioo.exe [2015-04-20] () <==== ATTENTION
Task: {C2DE6A32-0F7D-435A-9B05-5AAC4EA83B43} - \EasyProgress No Task File <==== ATTENTION
Task: {CEE64558-E1A7-4D9D-80A7-2001912BE5B5} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector No Task File <==== ATTENTION
Task: {D4A34243-B9E1-4015-9599-D1709378F602} - System32\Tasks\{E59F34AB-4574-4284-85F9-B71651B52E6A} => pcalua.exe -a "C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe" -c -bootremove -uninst:RelevantKnowledge
Task: {E1EBCFFA-D2C7-4A4F-9470-0746337E9C51} - System32\Tasks\cf1GPNxnMOsePNoUqe9ZOG => C:\Users\Mes Documents\AppData\Roaming\cf1GPNxnMOsePNoUqe9ZOG.exe [2015-04-20] () <==== ATTENTION
Task: {E4DA4819-55B6-4ADD-8CC6-FBFC530904F9} - System32\Tasks\{ED7912F4-CF0C-40EF-9148-C6F243699834} => pcalua.exe -a "C:\Program Files (x86)\SupTab\uninstall.exe" -d "C:\Program Files (x86)\SupTab"
Task: {EACA24FF-236C-401D-A1E7-B3D5267B8A50} - \Microsoft\Windows\RAC\RacTask No Task File <==== ATTENTION
Task: {EFCEC871-33E6-4136-B862-BA7A62DAE840} - System32\Tasks\Install Google Chrome => C:\Program Files\Checker\packages\4029320f-2c75-41d6-85fa-698b75fb782a\checker.exe [2015-07-21] ()
Task: {FA2BC0A6-8D4B-458A-85C8-2B8C72487513} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector No Task File <==== ATTENTION
Task: {FA892B54-9F39-4262-B845-E2B1A0F793F9} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask No Task File <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\cf1GPNxnMOsePNoUqe9ZOG.job => C:\Users\Mes Documents\AppData\Roaming\cf1GPNxnMOsePNoUqe9ZOG.exe <==== ATTENTION
Task: C:\Windows\Tasks\EasyProgress.job => c:\programdata\{5b86362c-599c-4720-5b86-6362c599d8b1}\firmware installer.exe <==== ATTENTION
Task: C:\Windows\Tasks\R0D7OhvBOhpCQ5BMCH1dCgZ1.job => C:\Users\Mes Documents\AppData\Roaming\R0D7OhvBOhpCQ5BMCH1dCgZ1.exe <==== ATTENTION
Task: C:\Windows\Tasks\xIc9fDdbc8Ioo.job => C:\Users\Mes Documents\AppData\Roaming\xIc9fDdbc8Ioo.exe <==== ATTENTION
Task: C:\Windows\Tasks\yO3y6s4qf.job => C:\Users\Mes Documents\AppData\Roaming\yO3y6s4qf.exe <==== ATTENTION
Une fois, le texte coller dans le bloc-note.
Menu Fichier puis Enregistrer sous.
A gauche, place toi sur le bureau.
Dans le champs en bas, nom du fichier mets : fixlist.txt
Clic sur Enregistrer - cela va créer un fichier fixlist.txt sur le bureau.
Relance FRST et clic sur le bouton Fix
Selon comment un redémarrage est nécessaire (pas obligatoire).
Un fichier texte apparaît, copie/colle le contenu ici dans un nouveau message.
Redémarre l'ordinateur
puis réinitialise tes navigateurs:
==================================
Réinitialise tes navigateurs et ou manuellement reparamètre tes navigateurs WEB (page de démarrage, moteur de recherche etc) mais aussi supprimer/désactiver les extensions inutiles/parasites :
et
C:\Program Files\Checker\check.exe
sur http://upload.malekal.com
puis :
Voici la correction à effectuer avec FRST.
Tu peux t'inspirer de cette note explicative avec des captures d'écran pour t'aider: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/#fix
Ouvre le bloc-notes : Touche Windows + R, dans le champs executer, tape notepad et OK.
Copie/colle dedans ce qui suit :
HKU\S-1-5-21-2248201396-260109138-1090150843-1000\...\Run: [apphide] => C:\Program Files (x86)\baidu\baidu.exe [61440 2015-06-20] ()
AppInit_DLLs: C:\ProgramData\ExtTag\kiytgs4e.dll => C:\ProgramData\ExtTag\kiytgs4e.dll File not found
AppInit_DLLs-x32: C:\ProgramData\ExtTag\5ekuq3iw.dll => C:\ProgramData\ExtTag\5ekuq3iw.dll File not found
R2 Checker; C:\Program Files\Checker\check.exe [376832 2015-07-20] () [File not signed]
R2 ExtTag; C:\ProgramData\ExtTag\ExtTag [X]
S2 zejytose; C:\Program Files (x86)\4C4C4544-1437444209-3910-8042-B4C04F515831\jnsj1C46.tmp [X]
2015-07-21 22:45 - 2015-07-21 22:45 - 00000000 ____D C:\Users\Mes Documents\AppData\Roaming\DriverTurbo
2015-07-23 13:35 - 2015-07-23 13:49 - 00654032 _____ ( ) C:\Users\Mes Documents\Downloads\Linkury%20SmartBar.exe
2015-07-21 13:29 - 2015-07-21 13:29 - 00000000 ____D C:\ProgramData\b85b74100003412
2015-07-21 13:17 - 2015-07-21 13:16 - 00613255 _____ (CMI Limited) C:\Users\Mes Documents\AppData\Local\nso3496.tmp
2015-07-21 12:53 - 2015-07-21 12:54 - 00000000 ____D C:\Users\Mes Documents\AppData\Local\Chromium
2015-07-21 12:49 - 2015-07-21 12:49 - 00000000 ____D C:\Users\Mes Documents\AppData\Roaming\PriceFountain
2015-07-21 12:44 - 2015-07-21 12:44 - 00613255 _____ (CMI Limited) C:\Users\Mes Documents\AppData\Local\nsm24AB.tmp
2015-07-21 03:29 - 2015-07-21 03:29 - 00000000 ____D C:\Users\Mes Documents\Documents\Ishak
2015-07-21 03:28 - 2015-07-22 16:57 - 00000000 ____D C:\Users\Mes Documents\ishak
2015-07-21 03:27 - 2015-07-21 13:32 - 00000000 ____D C:\Users\Mes Documents\AppData\Local\Unity
2015-07-21 03:27 - 2015-07-21 03:28 - 00000000 ____D C:\Users\Mes Documents\AppData\Local\SysassistByHotWheel
2015-07-21 03:26 - 2015-07-21 03:26 - 00000000 ____D C:\Users\Public\QiYi
2015-07-21 03:26 - 2015-07-21 03:26 - 00000000 ____D C:\Users\Mes Documents\AppData\Roaming\LightningDownloader
2015-07-21 03:26 - 2015-07-21 03:26 - 00000000 ____D C:\Users\Mes Documents\AppData\Roaming\IQIYI Video
2015-07-21 03:24 - 2015-07-22 17:05 - 00000000 ____D C:\Program Files (x86)\baidu
2015-07-21 03:24 - 2015-07-21 03:24 - 00000000 ____D C:\Users\Mes Documents\AppData\Local\Geckofx
2015-07-21 03:22 - 2015-07-21 18:12 - 00000000 ____D C:\Program Files\Compliant Host Controller
2015-07-21 03:22 - 2015-07-21 03:22 - 00000000 ____D C:\ProgramData\ToolGets
2015-07-21 03:20 - 2015-07-24 10:41 - 00001052 _____ C:\Windows\Tasks\R0D7OhvBOhpCQ5BMCH1dCgZ1.job
2015-07-21 03:20 - 2015-07-24 10:41 - 00001030 _____ C:\Windows\Tasks\xIc9fDdbc8Ioo.job
2015-07-21 03:20 - 2015-07-21 03:20 - 00004108 _____ C:\Windows\System32\Tasks\R0D7OhvBOhpCQ5BMCH1dCgZ1
2015-07-21 03:20 - 2015-07-21 03:20 - 00004086 _____ C:\Windows\System32\Tasks\xIc9fDdbc8Ioo
2015-07-21 03:17 - 2015-07-21 19:43 - 00000000 ____D C:\Program Files (x86)\Image Downloader
2015-07-21 03:17 - 2015-07-21 03:17 - 00000000 ____D C:\Users\Mes Documents\AppData\Local\Crossbrowse
2015-07-21 03:15 - 2015-07-21 03:17 - 00000000 ____D C:\ProgramData\17506852126693704871
2015-07-21 03:14 - 2015-07-21 03:14 - 00613255 _____ (CMI Limited) C:\Users\Mes Documents\AppData\Local\nscB51D.tmp
2015-07-21 03:14 - 2015-07-21 03:14 - 00000000 __SHD C:\Users\Mes Documents\AppData\Roaming\AnyProtectEx
2015-07-21 03:12 - 2015-07-24 10:41 - 00000366 _____ C:\Windows\Tasks\EasyProgress.job
2015-07-21 03:05 - 2015-07-24 14:22 - 00001048 _____ C:\Windows\Tasks\cf1GPNxnMOsePNoUqe9ZOG.job
2015-07-21 03:05 - 2015-07-24 12:24 - 00001022 _____ C:\Windows\Tasks\yO3y6s4qf.job
2015-07-21 03:05 - 2015-07-21 03:05 - 00004104 _____ C:\Windows\System32\Tasks\cf1GPNxnMOsePNoUqe9ZOG
2015-07-21 03:05 - 2015-07-21 03:05 - 00004078 _____ C:\Windows\System32\Tasks\yO3y6s4qf
2015-07-21 03:04 - 2015-07-21 19:41 - 00000000 ____D C:\Users\Mes Documents\AppData\Local\4C4C4544-1437447856-3910-8042-B4C04F515831
2015-07-21 03:03 - 2015-07-21 12:41 - 00000000 ____D C:\Program Files\Checker
2015-07-21 03:03 - 2014-04-18 20:14 - 00002461 _____ C:\Windows\system32\Drivers\etc\hp.bak
2015-07-21 02:51 - 2015-07-21 03:13 - 00000000 ____D C:\Users\Mes Documents\AppData\Roaming\Solvusoft
2015-07-21 02:30 - 2015-07-21 02:30 - 00177210 _____ C:\Users\Mes Documents\Documents\cc_20150721_023018.reg
2015-07-21 02:08 - 2015-07-21 19:15 - 00000000 ____D C:\Users\Mes Documents\AppData\Local\28359
2015-07-21 01:48 - 2015-07-23 13:16 - 00000000 ____D C:\Users\Mes Documents\AppData\Roaming\uTorrent
2015-07-21 01:46 - 2015-07-21 01:47 - 01742928 _____ (BitTorrent Inc.) C:\Users\Mes Documents\Downloads\uTorrent_3-4-2-build-38913.exe
2015-07-21 01:43 - 2015-07-21 13:44 - 00000000 ____D C:\Program Files (x86)\8f7c661b-cac3-4083-b69c-1847ac7e309a
2015-07-21 01:43 - 2015-07-21 13:38 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-07-21 01:43 - 2015-07-21 01:43 - 00000000 ____D C:\Users\Mes Documents\AppData\Local\globalUpdate
2014-04-17 23:27 - 2014-04-17 23:27 - 0014294 _____ () C:\Users\Mes Documents\AppData\Roaming\addonVont.zip
2015-04-19 13:20 - 2015-04-19 13:20 - 0005872 _____ () C:\Users\Mes Documents\AppData\Roaming\cf1GPNxnMOsePNoUqe9ZOG
2015-04-20 15:05 - 2015-04-20 15:05 - 1579520 _____ () C:\Users\Mes Documents\AppData\Roaming\cf1GPNxnMOsePNoUqe9ZOG.exe
2015-04-19 13:20 - 2015-04-19 13:20 - 0005872 _____ () C:\Users\Mes Documents\AppData\Roaming\R0D7OhvBOhpCQ5BMCH1dCgZ1
2015-04-20 15:05 - 2015-04-20 15:05 - 1579520 _____ () C:\Users\Mes Documents\AppData\Roaming\R0D7OhvBOhpCQ5BMCH1dCgZ1.exe
2014-08-28 16:46 - 2014-08-28 16:46 - 0000268 ___RH () C:\Users\Mes Documents\AppData\Roaming\Rule Actions
2014-08-28 16:47 - 2014-08-28 16:47 - 0000268 ___RH () C:\Users\Mes Documents\AppData\Roaming\Sample Delay
2014-08-28 16:46 - 2014-08-28 16:46 - 0000268 ___RH () C:\Users\Mes Documents\AppData\Roaming\Sampler
2015-07-21 15:49 - 2015-07-21 15:49 - 0000044 _____ () C:\Users\Mes Documents\AppData\Roaming\WB.CFG
2015-04-14 17:28 - 2015-04-14 17:28 - 0004387 _____ () C:\Users\Mes Documents\AppData\Roaming\xIc9fDdbc8Ioo
2015-04-20 15:05 - 2015-04-20 15:05 - 1246720 _____ () C:\Users\Mes Documents\AppData\Roaming\xIc9fDdbc8Ioo.exe
2015-04-14 17:28 - 2015-04-14 17:28 - 0004387 _____ () C:\Users\Mes Documents\AppData\Roaming\yO3y6s4qf
2015-04-20 15:05 - 2015-04-20 15:05 - 1246720 _____ () C:\Users\Mes Documents\AppData\Roaming\yO3y6s4qf.exe
2014-08-25 17:43 - 2014-10-04 02:10 - 0005120 _____ () C:\Users\Mes Documents\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-22 19:58 - 2014-04-22 19:58 - 0000101 _____ () C:\Users\Mes Documents\AppData\Local\fusioncache.dat
2015-07-21 03:14 - 2015-07-21 03:14 - 0613255 _____ (CMI Limited) C:\Users\Mes Documents\AppData\Local\nscB51D.tmp
2015-07-21 12:44 - 2015-07-21 12:44 - 0613255 _____ (CMI Limited) C:\Users\Mes Documents\AppData\Local\nsm24AB.tmp
2015-07-21 13:17 - 2015-07-21 13:16 - 0613255 _____ (CMI Limited) C:\Users\Mes Documents\AppData\Local\nso3496.tmp
Task: {14951316-0E67-467C-A9E0-D764ECD414AA} - System32\Tasks\{7C85EA58-1D37-45BA-9F46-F89D5E49EF9D} => pcalua.exe -a "C:\Users\Mes Documents\AppData\Roaming\istartsurf\UninstallManager.exe" -c -ptid=ima
Task: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} - \Microsoft\Windows\WindowsBackup\ConfigNotification No Task File <==== ATTENTION
Task: {3364AC63-D2E8-4229-9666-A6430EFD0AC2} - System32\Tasks\yO3y6s4qf => C:\Users\Mes Documents\AppData\Roaming\yO3y6s4qf.exe [2015-04-20] () <==== ATTENTION
Task: {456454A9-DF53-4BDA-8E54-474DABEB3B0C} - System32\Tasks\{B32172BB-946D-4612-80B2-F6E7A92FD55D} => pcalua.exe -a "C:\Program Files (x86)\Picexa\uninstall.exe"
Task: {735BDB29-FBDA-4621-A1ED-F1B9627F5D49} - System32\Tasks\R0D7OhvBOhpCQ5BMCH1dCgZ1 => C:\Users\Mes Documents\AppData\Roaming\R0D7OhvBOhpCQ5BMCH1dCgZ1.exe [2015-04-20] () <==== ATTENTION
Task: {A1E462BE-C1F8-4E87-B589-9DC253539DB8} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline No Task File <==== ATTENTION
Task: {A478A251-DDEC-4EEF-ABAD-A637A0E92B26} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {A737353F-EF87-4DEE-B48E-0430A28886E8} - System32\Tasks\Opera N Sunday => C:\Program Files (x86)\Opera\launcher.exe [2015-07-10] (Opera Software)
Task: {AACEB2B2-390E-4196-AFB8-7629DB1F4FE8} - \AutoKMS No Task File <==== ATTENTION
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - \Microsoft\Windows\Application Experience\AitAgent No Task File <==== ATTENTION
Task: {BB3D7544-EC60-467C-ABB1-B2EECBA0D975} - System32\Tasks\Update Java => C:\Program Files\Checker\packages\4029320f-2c75-41d6-85fa-698b75fb782a\checker.exe [2015-07-21] ()
Task: {BBFC24CC-1677-4A34-8F17-2A2612CD8D72} - System32\Tasks\xIc9fDdbc8Ioo => C:\Users\Mes Documents\AppData\Roaming\xIc9fDdbc8Ioo.exe [2015-04-20] () <==== ATTENTION
Task: {C2DE6A32-0F7D-435A-9B05-5AAC4EA83B43} - \EasyProgress No Task File <==== ATTENTION
Task: {CEE64558-E1A7-4D9D-80A7-2001912BE5B5} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector No Task File <==== ATTENTION
Task: {D4A34243-B9E1-4015-9599-D1709378F602} - System32\Tasks\{E59F34AB-4574-4284-85F9-B71651B52E6A} => pcalua.exe -a "C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe" -c -bootremove -uninst:RelevantKnowledge
Task: {E1EBCFFA-D2C7-4A4F-9470-0746337E9C51} - System32\Tasks\cf1GPNxnMOsePNoUqe9ZOG => C:\Users\Mes Documents\AppData\Roaming\cf1GPNxnMOsePNoUqe9ZOG.exe [2015-04-20] () <==== ATTENTION
Task: {E4DA4819-55B6-4ADD-8CC6-FBFC530904F9} - System32\Tasks\{ED7912F4-CF0C-40EF-9148-C6F243699834} => pcalua.exe -a "C:\Program Files (x86)\SupTab\uninstall.exe" -d "C:\Program Files (x86)\SupTab"
Task: {EACA24FF-236C-401D-A1E7-B3D5267B8A50} - \Microsoft\Windows\RAC\RacTask No Task File <==== ATTENTION
Task: {EFCEC871-33E6-4136-B862-BA7A62DAE840} - System32\Tasks\Install Google Chrome => C:\Program Files\Checker\packages\4029320f-2c75-41d6-85fa-698b75fb782a\checker.exe [2015-07-21] ()
Task: {FA2BC0A6-8D4B-458A-85C8-2B8C72487513} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector No Task File <==== ATTENTION
Task: {FA892B54-9F39-4262-B845-E2B1A0F793F9} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask No Task File <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\cf1GPNxnMOsePNoUqe9ZOG.job => C:\Users\Mes Documents\AppData\Roaming\cf1GPNxnMOsePNoUqe9ZOG.exe <==== ATTENTION
Task: C:\Windows\Tasks\EasyProgress.job => c:\programdata\{5b86362c-599c-4720-5b86-6362c599d8b1}\firmware installer.exe <==== ATTENTION
Task: C:\Windows\Tasks\R0D7OhvBOhpCQ5BMCH1dCgZ1.job => C:\Users\Mes Documents\AppData\Roaming\R0D7OhvBOhpCQ5BMCH1dCgZ1.exe <==== ATTENTION
Task: C:\Windows\Tasks\xIc9fDdbc8Ioo.job => C:\Users\Mes Documents\AppData\Roaming\xIc9fDdbc8Ioo.exe <==== ATTENTION
Task: C:\Windows\Tasks\yO3y6s4qf.job => C:\Users\Mes Documents\AppData\Roaming\yO3y6s4qf.exe <==== ATTENTION
Une fois, le texte coller dans le bloc-note.
Menu Fichier puis Enregistrer sous.
A gauche, place toi sur le bureau.
Dans le champs en bas, nom du fichier mets : fixlist.txt
Clic sur Enregistrer - cela va créer un fichier fixlist.txt sur le bureau.
Relance FRST et clic sur le bouton Fix
Selon comment un redémarrage est nécessaire (pas obligatoire).
Un fichier texte apparaît, copie/colle le contenu ici dans un nouveau message.
Redémarre l'ordinateur
puis réinitialise tes navigateurs:
==================================
Réinitialise tes navigateurs et ou manuellement reparamètre tes navigateurs WEB (page de démarrage, moteur de recherche etc) mais aussi supprimer/désactiver les extensions inutiles/parasites :
- Internet Explorer et modules complémentaires / moteurs de recherche : https://forum.malekal.com/viewtopic.php?t=41399&start=
- Firefox : https://www.malekal.com/reparer-firefox/?t=36057&start=
- Google Chrome : https://www.malekal.com/reparer-google-chrome/?t=35837&start=
