Sujet Précédent Sujet Suivant

Commet supprimer CrossBrowse ?

Fermé
MYDBBRMB Messages postés 1 Date d'inscription mercredi 5 août 2015 Statut Membre Dernière intervention 5 août 2015 - 5 août 2015 à 14:20
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 - 6 août 2015 à 08:29
Bonjour à tous,

Alors voilà, j'ai accidentiellemet télécharger un logiciel particulièrement gênant, "CrossBrowse", j'aimerais vraiment m'en débarasser, j'ai besoin de votre aide.

J'ai déjà réalisé une partie de la prossedure pour la suppression, j'ai les trois rapports donnés par FRST

FRST.txt : https://pjjoint.malekal.com/files.php?id=20150805_o78s15f11e13

Addition.txt : https://pjjoint.malekal.com/files.php?id=20150805_q7m10x5z6b15

Shortcut.txt : https://pjjoint.malekal.com/files.php?id=20150805_u9q7v8l9v13

Que dois-je faire ensuite ?
Je m'excuse pour la rédaction, c'est la première fois que je poste sur ce genre de forum.
Merci :)
A voir également:

3 réponses

Réponse 1 / 3
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 659
5 août 2015 à 14:25
Salut,

Je regarde les rapports =)
0
Réponse 2 / 3
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 659
5 août 2015 à 14:34
Voici la correction à effectuer avec FRST.
Tu peux t'inspirer de cette note explicative avec des captures d'écran pour t'aider: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/#fix

Ouvre le bloc-notes : Touche Windows + R, dans le champs executer, tape notepad et OK.
Copie/colle dedans ce qui suit :



HKLM\...\Run: [shopperz02082015] => C:\Program Files\shopperz02082015\Fecaqv.exe
HKLM\...\Run: [prtstart] => C:\Program Files\shopperz02082015\dr_inst.exe url=aHR0cDovL2Nkcy5zNm01bTlkNy5od2Nkbi5uZXQvYWRkb24vcHIvMDIwODIwMTUvcHJjMzIuZXhl lpath=QzpcUHJvZ3JhbSBGaWxlc1xzaG9wcGVyejAyMDgyMDE1XHByYy5leGU= time=1 cl= (the data entry has 12 more characters).
HKU\S-1-5-21-4079570187-3039266239-2706027145-1000\...\Run: [Yahoo! Search] => C:\Users\test\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrlte.exe
HKU\S-1-5-21-4079570187-3039266239-2706027145-1000\...\Run: [GoogleChromeAutoLaunch_A8136496FC762738E48003004D0B5366] => C:\Program Files\Crossbrowse\Crossbrowse\Application\crossbrowse.exe --no-startup-window
Task: C:\Windows\Tasks\HealthTech.job => c:\programdata\{269a867f-723a-8e0c-269a-a867f72319fd}\flirt4free credit generator.exe <==== ATTENTION
Task: C:\Windows\Tasks\HVUFJ1.job => C:\ProgramData\TomorrowGames\TomorrowGames.exe <==== ATTENTION
Task: C:\Windows\Tasks\UKSFHENSCAPJTMYG.job => C:\ProgramData\Service1104\Service1104.exe <==== ATTENTION
Task: {10C58FDA-75A8-47E0-BE51-E1928A399C39} - System32\Tasks\UKSFHENSCAPJTMYG => C:\ProgramData\Service1104\Service1104.exe [2015-06-28] () <==== ATTENTION
Task: {40C59D04-873E-45D2-9C47-090291DB6143} - System32\Tasks\Amonligsassuo => C:\ProgramData\Amonligsassuo\1.0.4.1\hlesievi.exe [2015-08-04] ()
Task: {6D0753BF-4197-407B-B5AD-AEDE899F09C5} - \Ehcks No Task File <==== ATTENTION
Task: {84292214-F45C-4E1E-A1C2-75BA744BB69A} - System32\Tasks\bvxvyxvec => C:\Users\test\AppData\Local\bvxvyxvec\bvxvyxvec.exe [2015-08-03] () <==== ATTENTION
Task: {B1407B1C-99A0-4204-88C6-B60D3E03A83B} - System32\Tasks\HVUFJ1 => C:\ProgramData\TomorrowGames\TomorrowGames.exe <==== ATTENTION
Task: {B268D9C4-E80F-46ED-A195-6C1D37D3DBAA} - System32\Tasks\Icoefsuneig => C:\ProgramData\Icoefsuneig\1.0.4.1\pnahrese.exe [2015-08-04] ()
Task: {FEEA024F-1D0D-4AD7-BD97-5FE7D36C3164} - System32\Tasks\HealthTech => c:\programdata\{269a867f-723a-8e0c-269a-a867f72319fd}\flirt4free credit generator.exe <==== ATTENTION
BHO: shopperz02082015 -> {d8139727-0c0e-430a-a25b-d1fa4e9d4a75} -> C:\Program Files\shopperz02082015\Dpewom.dll No File
R2 FahwLudsaj; C:\Program Files\shopperz02082015\ByodtuCifnyw.exe [171848 2015-07-29] ()
R3 Shjencueit; C:\Program Files\shopperz02082015\Shjencueit.exe [2024776 2015-07-29] ()
R2 shopperz02082015 Updater; C:\Program Files\shopperz02082015\Yyedfmef.exe [174968 2015-08-02] ()
R2 lowoduze; C:\Program Files\016278DE-1438700210-CB11-B242-D37A753DC66F\knswF73.tmpfs [X]
2015-08-04 22:48 - 2015-08-04 23:10 - 00000000 ____D C:\ProgramData\ZWinManProZ
2015-08-04 22:02 - 2015-08-04 23:10 - 00000000 ____D C:\ProgramData\pWinManProp
2015-08-04 21:19 - 2015-08-04 21:19 - 00000000 ____D C:\ProgramData\Amonligsassuo
2015-08-04 21:14 - 2015-08-04 23:10 - 00000000 ____D C:\ProgramData\ZombieNews
2015-08-04 21:14 - 2015-08-04 21:14 - 00000000 ____D C:\Users\test\AppData\Local\ZombieNews
2015-08-04 21:14 - 2015-08-04 21:14 - 00000000 ____D C:\Users\test\AppData\Local\bvxvyxvec
2015-08-04 20:51 - 2015-08-04 20:51 - 00000000 ____D C:\Program Files\f7c68196-79d2-40bd-92ee-a4e8b6aa1065
2015-08-04 20:50 - 2015-08-04 21:20 - 00000004 _____ C:\Windows\system32\029B560A371F4E00AB32838EBC01B9E7
2015-08-04 20:38 - 2015-08-04 23:24 - 00000000 ____D C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-08-04 20:11 - 2015-08-04 20:11 - 02248704 _____ C:\Users\test\Downloads\AdwCleaner-4.208.exe
2015-08-04 19:58 - 2015-08-04 23:24 - 00000000 ____D C:\AdwCleaner
2015-08-04 19:24 - 2015-08-04 23:10 - 00000000 ____D C:\ProgramData\qLAoraQS
2015-08-04 19:04 - 2015-08-05 13:22 - 00004736 _____ C:\Windows\system32\Shjencueit.ini
2015-08-04 19:04 - 2015-08-05 13:22 - 00002448 _____ C:\Windows\system32\ShjencueitOff.ini
2015-08-04 19:04 - 2015-08-04 19:13 - 00000000 ____D C:\ProgramData\abc
2015-08-04 19:04 - 2015-07-29 14:20 - 00283464 _____ C:\Windows\system32\Shjencueit.dll
2015-08-04 19:03 - 2015-08-04 23:10 - 00000000 ____D C:\ProgramData\eWinManProe
2015-08-04 19:03 - 2015-08-04 23:04 - 00000000 ____D C:\Program Files\shopperz02082015
2015-08-04 19:03 - 2015-08-04 19:03 - 00000045 _____ C:\user.js
2015-08-04 19:03 - 2015-08-04 19:03 - 00000000 ____D C:\Windows\system32\lonr
2015-08-04 17:57 - 2015-08-04 17:57 - 00000024 _____ C:\Users\test\AppData\Roaming\appdataFr25.bin
2015-08-04 17:50 - 2015-08-05 13:22 - 00000340 ____H C:\Windows\Tasks\UKSFHENSCAPJTMYG.job
2015-08-04 17:49 - 2015-08-05 13:22 - 00000352 _____ C:\Windows\Tasks\HVUFJ1.job
2015-08-04 17:49 - 2015-08-04 17:49 - 00000000 ____D C:\ProgramData\Service1104
2015-08-04 17:48 - 2015-08-04 23:10 - 00000000 ____D C:\ProgramData\lWinManProl
2015-08-04 17:48 - 2015-08-04 17:48 - 00225792 _____ C:\Windows\system32\807.exe
2015-08-04 17:48 - 2015-08-04 17:48 - 00225792 _____ C:\Windows\system32\202aa53.exe
2015-08-04 17:48 - 2015-08-04 17:48 - 00000000 ____D C:\ProgramData\19a87fa1ec024bbcbb41931263354405
2015-08-04 17:47 - 2015-08-04 17:47 - 00000000 ____D C:\Users\test\AppData\Local\CrashRpt
2015-08-04 17:47 - 2015-08-04 17:47 - 00000000 _____ C:\Windows\system32\Number of results
2015-08-04 17:22 - 2015-08-04 17:22 - 00000902 _____ C:\Windows\system32\${LOGFILE}
2015-08-04 17:05 - 2015-08-04 17:05 - 00000000 ____D C:\ProgramData\Icoefsuneig
2015-08-04 17:04 - 2015-08-04 17:04 - 00000000 ____D C:\Program Files\Opera
2015-08-04 17:03 - 2015-08-04 23:10 - 00000000 ____D C:\ProgramData\HWinManProH
2015-08-04 17:03 - 2015-08-04 21:13 - 00000000 ____D C:\Program Files\Software
2015-08-04 17:03 - 2015-08-04 17:47 - 00000000 _____ C:\dummy.htm
2015-08-04 17:03 - 2015-08-04 17:03 - 00000000 _____ C:\Windows\prleth.sys
2015-08-04 17:03 - 2015-08-04 17:03 - 00000000 _____ C:\Windows\hgfs.sys
2015-08-04 16:57 - 2013-12-22 22:18 - 00001711 _____ C:\Windows\system32\Drivers\etc\hp.bak
2015-08-04 16:56 - 2015-08-04 23:12 - 00000000 ____D C:\Program Files\016278DE-1438700210-CB11-B242-D37A753DC66F
2015-08-04 16:52 - 2015-08-04 23:24 - 00001158 _____ C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-08-04 16:48 - 2015-08-04 17:05 - 00000000 ____D C:\Users\test\AppData\Local\{FF60C93C-DBC8-A584-B650-806C92387CF4}
2015-08-04 16:34 - 2015-08-04 22:34 - 00000366 _____ C:\Windows\Tasks\HealthTech.job


Relance FRST et clic sur le bouton Fix
Selon comment un redémarrage est nécessaire (pas obligatoire).
Un fichier texte apparaît, copie/colle le contenu ici dans un nouveau message.

Redémarre l'ordinateur


puis réinitialise tes navigateurs:
==================================
Réinitialise tes navigateurs et ou manuellement reparamètre tes navigateurs WEB (page de démarrage, moteur de recherche etc) mais aussi supprimer/désactiver les extensions inutiles/parasites :

puis :


Installe Avast! : https://www.malekal.com/tutoriel-antivirus-avast/
Désactive Windows Defender : https://forum.malekal.com/viewtopic.php?t=52282&start=
et Surtout active les détections LPIs.


0
MYDBBRMB
Modifié par MYDBBRMB le 5/08/2015 à 15:59
Re-bonjour :)
Merci beaucoup pour votre aide !
Voici le conteu du fichier texte :

Fix result of Farbar Recovery Scan Tool (x86) Version:02-08-2015 01
Ran by test (2015-08-05 15:47:30) Run:1
Running from C:\Users\test\Desktop
Loaded Profiles: test (Available Profiles: test)
Boot Mode: Normal

==============================================

fixlist content:

HKLM\...\Run: [shopperz02082015] => C:\Program Files\shopperz02082015\Fecaqv.exe
HKLM\...\Run: [prtstart] => C:\Program Files\shopperz02082015\dr_inst.exe url=aHR0cDovL2Nkcy5zNm01bTlkNy5od2Nkbi5uZXQvYWRkb24vcHIvMDIwODIwMTUvcHJjMzIuZXhl lpath=QzpcUHJvZ3JhbSBGaWxlc1xzaG9wcGVyejAyMDgyMDE1XHByYy5leGU= time=1 cl= (the data entry has 12 more characters).
HKU\S-1-5-21-4079570187-3039266239-2706027145-1000\...\Run: [Yahoo! Search] => C:\Users\test\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrlte.exe
HKU\S-1-5-21-4079570187-3039266239-2706027145-1000\...\Run: [GoogleChromeAutoLaunch_A8136496FC762738E48003004D0B5366] => C:\Program Files\Crossbrowse\Crossbrowse\Application\crossbrowse.exe --no-startup-window
Task: C:\Windows\Tasks\HealthTech.job => c:\programdata\{269a867f-723a-8e0c-269a-a867f72319fd}\flirt4free credit generator.exe <==== ATTENTION
Task: C:\Windows\Tasks\HVUFJ1.job => C:\ProgramData\TomorrowGames\TomorrowGames.exe <==== ATTENTION
Task: C:\Windows\Tasks\UKSFHENSCAPJTMYG.job => C:\ProgramData\Service1104\Service1104.exe <==== ATTENTION
Task: {10C58FDA-75A8-47E0-BE51-E1928A399C39} - System32\Tasks\UKSFHENSCAPJTMYG => C:\ProgramData\Service1104\Service1104.exe [2015-06-28] () <==== ATTENTION
Task: {40C59D04-873E-45D2-9C47-090291DB6143} - System32\Tasks\Amonligsassuo => C:\ProgramData\Amonligsassuo\1.0.4.1\hlesievi.exe [2015-08-04] ()
Task: {6D0753BF-4197-407B-B5AD-AEDE899F09C5} - \Ehcks No Task File <==== ATTENTION
Task: {84292214-F45C-4E1E-A1C2-75BA744BB69A} - System32\Tasks\bvxvyxvec => C:\Users\test\AppData\Local\bvxvyxvec\bvxvyxvec.exe [2015-08-03] () <==== ATTENTION
Task: {B1407B1C-99A0-4204-88C6-B60D3E03A83B} - System32\Tasks\HVUFJ1 => C:\ProgramData\TomorrowGames\TomorrowGames.exe <==== ATTENTION
Task: {B268D9C4-E80F-46ED-A195-6C1D37D3DBAA} - System32\Tasks\Icoefsuneig => C:\ProgramData\Icoefsuneig\1.0.4.1\pnahrese.exe [2015-08-04] ()
Task: {FEEA024F-1D0D-4AD7-BD97-5FE7D36C3164} - System32\Tasks\HealthTech => c:\programdata\{269a867f-723a-8e0c-269a-a867f72319fd}\flirt4free credit generator.exe <==== ATTENTION
BHO: shopperz02082015 -> {d8139727-0c0e-430a-a25b-d1fa4e9d4a75} -> C:\Program Files\shopperz02082015\Dpewom.dll No File
R2 FahwLudsaj; C:\Program Files\shopperz02082015\ByodtuCifnyw.exe [171848 2015-07-29] ()
R3 Shjencueit; C:\Program Files\shopperz02082015\Shjencueit.exe [2024776 2015-07-29] ()
R2 shopperz02082015 Updater; C:\Program Files\shopperz02082015\Yyedfmef.exe [174968 2015-08-02] ()
R2 lowoduze; C:\Program Files\016278DE-1438700210-CB11-B242-D37A753DC66F\knswF73.tmpfs [X]
2015-08-04 22:48 - 2015-08-04 23:10 - 00000000 ____D C:\ProgramData\ZWinManProZ
2015-08-04 22:02 - 2015-08-04 23:10 - 00000000 ____D C:\ProgramData\pWinManProp
2015-08-04 21:19 - 2015-08-04 21:19 - 00000000 ____D C:\ProgramData\Amonligsassuo
2015-08-04 21:14 - 2015-08-04 23:10 - 00000000 ____D C:\ProgramData\ZombieNews
2015-08-04 21:14 - 2015-08-04 21:14 - 00000000 ____D C:\Users\test\AppData\Local\ZombieNews
2015-08-04 21:14 - 2015-08-04 21:14 - 00000000 ____D C:\Users\test\AppData\Local\bvxvyxvec
2015-08-04 20:51 - 2015-08-04 20:51 - 00000000 ____D C:\Program Files\f7c68196-79d2-40bd-92ee-a4e8b6aa1065
2015-08-04 20:50 - 2015-08-04 21:20 - 00000004 _____ C:\Windows\system32\029B560A371F4E00AB32838EBC01B9E7
2015-08-04 20:38 - 2015-08-04 23:24 - 00000000 ____D C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-08-04 20:11 - 2015-08-04 20:11 - 02248704 _____ C:\Users\test\Downloads\AdwCleaner-4.208.exe
2015-08-04 19:58 - 2015-08-04 23:24 - 00000000 ____D C:\AdwCleaner
2015-08-04 19:24 - 2015-08-04 23:10 - 00000000 ____D C:\ProgramData\qLAoraQS
2015-08-04 19:04 - 2015-08-05 13:22 - 00004736 _____ C:\Windows\system32\Shjencueit.ini
2015-08-04 19:04 - 2015-08-05 13:22 - 00002448 _____ C:\Windows\system32\ShjencueitOff.ini
2015-08-04 19:04 - 2015-08-04 19:13 - 00000000 ____D C:\ProgramData\abc
2015-08-04 19:04 - 2015-07-29 14:20 - 00283464 _____ C:\Windows\system32\Shjencueit.dll
2015-08-04 19:03 - 2015-08-04 23:10 - 00000000 ____D C:\ProgramData\eWinManProe
2015-08-04 19:03 - 2015-08-04 23:04 - 00000000 ____D C:\Program Files\shopperz02082015
2015-08-04 19:03 - 2015-08-04 19:03 - 00000045 _____ C:\user.js
2015-08-04 19:03 - 2015-08-04 19:03 - 00000000 ____D C:\Windows\system32\lonr
2015-08-04 17:57 - 2015-08-04 17:57 - 00000024 _____ C:\Users\test\AppData\Roaming\appdataFr25.bin
2015-08-04 17:50 - 2015-08-05 13:22 - 00000340 ____H C:\Windows\Tasks\UKSFHENSCAPJTMYG.job
2015-08-04 17:49 - 2015-08-05 13:22 - 00000352 _____ C:\Windows\Tasks\HVUFJ1.job
2015-08-04 17:49 - 2015-08-04 17:49 - 00000000 ____D C:\ProgramData\Service1104
2015-08-04 17:48 - 2015-08-04 23:10 - 00000000 ____D C:\ProgramData\lWinManProl
2015-08-04 17:48 - 2015-08-04 17:48 - 00225792 _____ C:\Windows\system32\807.exe
2015-08-04 17:48 - 2015-08-04 17:48 - 00225792 _____ C:\Windows\system32\202aa53.exe
2015-08-04 17:48 - 2015-08-04 17:48 - 00000000 ____D C:\ProgramData\19a87fa1ec024bbcbb41931263354405
2015-08-04 17:47 - 2015-08-04 17:47 - 00000000 ____D C:\Users\test\AppData\Local\CrashRpt
2015-08-04 17:47 - 2015-08-04 17:47 - 00000000 _____ C:\Windows\system32\Number of results
2015-08-04 17:22 - 2015-08-04 17:22 - 00000902 _____ C:\Windows\system32\${LOGFILE}
2015-08-04 17:05 - 2015-08-04 17:05 - 00000000 ____D C:\ProgramData\Icoefsuneig
2015-08-04 17:04 - 2015-08-04 17:04 - 00000000 ____D C:\Program Files\Opera
2015-08-04 17:03 - 2015-08-04 23:10 - 00000000 ____D C:\ProgramData\HWinManProH
2015-08-04 17:03 - 2015-08-04 21:13 - 00000000 ____D C:\Program Files\Software
2015-08-04 17:03 - 2015-08-04 17:47 - 00000000 _____ C:\dummy.htm
2015-08-04 17:03 - 2015-08-04 17:03 - 00000000 _____ C:\Windows\prleth.sys
2015-08-04 17:03 - 2015-08-04 17:03 - 00000000 _____ C:\Windows\hgfs.sys
2015-08-04 16:57 - 2013-12-22 22:18 - 00001711 _____ C:\Windows\system32\Drivers\etc\hp.bak
2015-08-04 16:56 - 2015-08-04 23:12 - 00000000 ____D C:\Program Files\016278DE-1438700210-CB11-B242-D37A753DC66F
2015-08-04 16:52 - 2015-08-04 23:24 - 00001158 _____ C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-08-04 16:48 - 2015-08-04 17:05 - 00000000 ____D C:\Users\test\AppData\Local\{FF60C93C-DBC8-A584-B650-806C92387CF4}
2015-08-04 16:34 - 2015-08-04 22:34 - 00000366 _____ C:\Windows\Tasks\HealthTech.job


HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\shopperz02082015 => value removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\prtstart => value removed successfully.
HKU\S-1-5-21-4079570187-3039266239-2706027145-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Yahoo! Search => value removed successfully.
HKU\S-1-5-21-4079570187-3039266239-2706027145-1000\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_A8136496FC762738E48003004D0B5366 => value removed successfully.
C:\Windows\Tasks\HealthTech.job => moved successfully.
C:\Windows\Tasks\HVUFJ1.job => moved successfully.
C:\Windows\Tasks\UKSFHENSCAPJTMYG.job => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{10C58FDA-75A8-47E0-BE51-E1928A399C39}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{10C58FDA-75A8-47E0-BE51-E1928A399C39}" => key removed successfully.
C:\Windows\System32\Tasks\UKSFHENSCAPJTMYG => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UKSFHENSCAPJTMYG" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{40C59D04-873E-45D2-9C47-090291DB6143}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{40C59D04-873E-45D2-9C47-090291DB6143}" => key removed successfully.
C:\Windows\System32\Tasks\Amonligsassuo => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Amonligsassuo" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6D0753BF-4197-407B-B5AD-AEDE899F09C5}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6D0753BF-4197-407B-B5AD-AEDE899F09C5}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Ehcks" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{84292214-F45C-4E1E-A1C2-75BA744BB69A}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{84292214-F45C-4E1E-A1C2-75BA744BB69A}" => key removed successfully.
C:\Windows\System32\Tasks\bvxvyxvec => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\bvxvyxvec" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B1407B1C-99A0-4204-88C6-B60D3E03A83B}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B1407B1C-99A0-4204-88C6-B60D3E03A83B}" => key removed successfully.
C:\Windows\System32\Tasks\HVUFJ1 => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HVUFJ1" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{B268D9C4-E80F-46ED-A195-6C1D37D3DBAA}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B268D9C4-E80F-46ED-A195-6C1D37D3DBAA}" => key removed successfully.
C:\Windows\System32\Tasks\Icoefsuneig => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Icoefsuneig" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FEEA024F-1D0D-4AD7-BD97-5FE7D36C3164}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FEEA024F-1D0D-4AD7-BD97-5FE7D36C3164}" => key removed successfully.
C:\Windows\System32\Tasks\HealthTech => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HealthTech" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d8139727-0c0e-430a-a25b-d1fa4e9d4a75}" => key removed successfully.
"HKCR\CLSID\{d8139727-0c0e-430a-a25b-d1fa4e9d4a75}" => key removed successfully.
FahwLudsaj => Unable to stop service.
FahwLudsaj => service removed successfully.
Shjencueit => Service stopped successfully.
Shjencueit => service removed successfully.
shopperz02082015 Updater => Service stopped successfully.
shopperz02082015 Updater => service removed successfully.
lowoduze => Service stopped successfully.
lowoduze => service removed successfully.
C:\ProgramData\ZWinManProZ => moved successfully.
C:\ProgramData\pWinManProp => moved successfully.
C:\ProgramData\Amonligsassuo => moved successfully.
C:\ProgramData\ZombieNews => moved successfully.
C:\Users\test\AppData\Local\ZombieNews => moved successfully.
C:\Users\test\AppData\Local\bvxvyxvec => moved successfully.
C:\Program Files\f7c68196-79d2-40bd-92ee-a4e8b6aa1065 => moved successfully.
C:\Windows\system32\029B560A371F4E00AB32838EBC01B9E7 => moved successfully.
C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome => moved successfully.
C:\Users\test\Downloads\AdwCleaner-4.208.exe => moved successfully.
C:\AdwCleaner => moved successfully.
C:\ProgramData\qLAoraQS => moved successfully.
C:\Windows\system32\Shjencueit.ini => moved successfully.
C:\Windows\system32\ShjencueitOff.ini => moved successfully.
C:\ProgramData\abc => moved successfully.
C:\Windows\system32\Shjencueit.dll => moved successfully.
C:\ProgramData\eWinManProe => moved successfully.
C:\Program Files\shopperz02082015 => moved successfully.
C:\user.js => moved successfully.
C:\Windows\system32\lonr => moved successfully.
C:\Users\test\AppData\Roaming\appdataFr25.bin => moved successfully.
"C:\Windows\Tasks\UKSFHENSCAPJTMYG.job" => File/Folder not found.
"C:\Windows\Tasks\HVUFJ1.job" => File/Folder not found.
C:\ProgramData\Service1104 => moved successfully.
C:\ProgramData\lWinManProl => moved successfully.
C:\Windows\system32\807.exe => moved successfully.
C:\Windows\system32\202aa53.exe => moved successfully.
C:\ProgramData\19a87fa1ec024bbcbb41931263354405 => moved successfully.
C:\Users\test\AppData\Local\CrashRpt => moved successfully.
C:\Windows\system32\Number of results => moved successfully.
C:\Windows\system32\${LOGFILE} => moved successfully.
C:\ProgramData\Icoefsuneig => moved successfully.
C:\Program Files\Opera => moved successfully.
C:\ProgramData\HWinManProH => moved successfully.
C:\Program Files\Software => moved successfully.
C:\dummy.htm => moved successfully.
C:\Windows\prleth.sys => moved successfully.
C:\Windows\hgfs.sys => moved successfully.
C:\Windows\system32\Drivers\etc\hp.bak => moved successfully.
C:\Program Files\016278DE-1438700210-CB11-B242-D37A753DC66F => moved successfully.
C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk => moved successfully.
C:\Users\test\AppData\Local\{FF60C93C-DBC8-A584-B650-806C92387CF4} => moved successfully.
"C:\Windows\Tasks\HealthTech.job" => File/Folder not found.


The system needed a reboot.

End of Fixlog 15:47:43

0
Réponse 3 / 3
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 659
5 août 2015 à 16:56
fais le reste et vois ce qu'il reste comme problème.
0
MYDBBRMB
5 août 2015 à 18:21
Le seul problème c'est que shopperz est toujours installé sur mon ordinateur..
0
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 659
6 août 2015 à 08:29
il ne doit plus être présent que dans la liste des programmes.
Tu peux faire du ménage comme expliqué sur cette FAQ : https://forum.malekal.com/viewtopic.php?t=44630&start=
0