Logiciels et pubs intempestives !!
Fireslide0
-
Fireslide0 -
Fireslide0 -
Bonjour !!
En cherchant a telécharger un pdf jai eux un virus qui m'instale sans cesse des logiciels qui reviennent non stop meme apres clean. (adw cleaner, anti malware, ccleaner, 2 anti virus different, should i remove it)
Je ne trouve aucunes solutions pour l'instant.
Voici le rapport adw cleaner :
[URL=http://www.hostingpics.net/viewer.php?id=807267AdwCleanerC8.png][IMG]http://img15.hostingpics.net/thumbs/mini_807267AdwCleanerC8.png[/IMG][/URL]
Merci d'avance pour votre aide !
En cherchant a telécharger un pdf jai eux un virus qui m'instale sans cesse des logiciels qui reviennent non stop meme apres clean. (adw cleaner, anti malware, ccleaner, 2 anti virus different, should i remove it)
Je ne trouve aucunes solutions pour l'instant.
Voici le rapport adw cleaner :
[URL=http://www.hostingpics.net/viewer.php?id=807267AdwCleanerC8.png][IMG]http://img15.hostingpics.net/thumbs/mini_807267AdwCleanerC8.png[/IMG][/URL]
Merci d'avance pour votre aide !
A voir également:
- Logiciels et pubs intempestives !!
- Bloquer les pubs youtube - Accueil - Streaming
- Logiciels sauvegarde - Guide
- Supprimer les pubs - Guide
- Télécharger logiciels gratuits pour pc - Télécharger - Montage photo
- Télécharger logiciels gratuits comment ça marche - Télécharger - Traitement de texte
5 réponses
Salut,
Suis le tutoriel FRST https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/
Cela va générer trois rapports FRST :
Envoie comme expliqué, ces trois rapports sur le site pjjoint et donne les trois liens pjjoint de ces rapports afin qu'ils puissent être consultés.
--
Suis le tutoriel FRST https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/
Cela va générer trois rapports FRST :
- FRST.txt
- Shortcut.txt
- Additionnal.txt
Envoie comme expliqué, ces trois rapports sur le site pjjoint et donne les trois liens pjjoint de ces rapports afin qu'ils puissent être consultés.
--
Voici la correction à effectuer avec FRST.
Tu peux t'inspirer de cette note explicative avec des captures d'écran pour t'aider: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/#fix
Ouvre le bloc-notes : Touche Windows + R, dans le champs executer, tape notepad et OK.
Copie/colle dedans ce qui suit :
HKLM\...\Run: [shopperz12082015] => C:\Program Files\shopperz12082015\Tuejet.exe [433528 2015-08-12] ()
HKLM\...\Run: [shopperz1208201564] => C:\Program Files\shopperz12082015\Tuejet64.exe [464760 2015-08-12] ()
HKU\S-1-5-21-1856635847-1340888399-366113939-1000\...\Run: [apphide] => C:\Program Files (x86)\baidu\pps.exe [77824 2015-08-12] ()
BHO: shopperz12082015 -> {3ea54411-9f2a-4a18-a93a-84312350f7c1} -> C:\Program Files\shopperz12082015\Meieiwb64.dll [2015-08-12] ()
BHO-x32: shopperz12082015 -> {3ea54411-9f2a-4a18-a93a-84312350f7c1} -> C:\Program Files\shopperz12082015\Meieiwb.dll [2015-08-12] ()
R2 ElejooLyunp; C:\Program Files\shopperz12082015\LuacRouct.exe [171848 2015-08-12] ()
R2 jBjEDJiiV; C:\ProgramData\ONbhmmsBEU\jBjEDJiiV.exe [2731488 2015-08-15] (Unique Solutions)
R2 shopperz12082015 Updater; C:\Program Files\shopperz12082015\Ideie.exe [174968 2015-08-12] ()
R2 supykopu; C:\Program Files (x86)\529F7180-1439644939-11DD-8DC8-E03F4946A8FB\knsg2773.tmp [749568 2015-08-16] () [File not signed]
R3 Uiviuuj; C:\Program Files\shopperz12082015\Uiviuuj.exe [2043720 2015-08-12] ()
2015-08-16 15:39 - 2015-08-16 15:54 - 00000000 ____D C:\Users\Fireslide\AppData\Local\DesktopSearch
2015-08-15 21:26 - 2015-08-16 15:36 - 00004720 _____ C:\Windows\SysWOW64\Uiviuuj.ini
2015-08-15 21:26 - 2015-08-16 15:36 - 00002432 _____ C:\Windows\SysWOW64\UiviuujOff.ini
2015-08-15 21:26 - 2015-08-16 15:36 - 00002432 _____ C:\Windows\system32\UiviuujOff.ini
2015-08-15 21:26 - 2015-08-15 21:29 - 00000000 ____D C:\Program Files\shopperz12082015
2015-08-15 21:26 - 2015-08-15 21:27 - 00000000 ____D C:\ProgramData\5WinManPro5
2015-08-15 21:26 - 2015-08-15 21:26 - 00003652 _____ C:\Windows\System32\Tasks\Jarmeee
2015-08-15 21:26 - 2015-08-15 21:26 - 00000000 ____D C:\Windows\system32\pyv
2015-08-15 21:26 - 2015-08-12 10:45 - 00353608 _____ C:\Windows\system32\Uiviuuj64.dll
2015-08-15 21:26 - 2015-08-12 10:45 - 00283464 _____ C:\Windows\SysWOW64\Uiviuuj.dll
2015-08-15 21:26 - 2015-06-18 12:08 - 00061336 _____ (Cherimoya Ltd) C:\Windows\system32\Drivers\cherimoya.sys
2015-08-15 20:54 - 2015-08-15 20:54 - 00011606 _____ C:\AdwCleaner[C8].txt
2015-08-15 20:53 - 2015-08-15 20:54 - 00013807 _____ C:\AdwCleaner[S8].txt
2015-08-15 20:52 - 2015-08-15 20:52 - 01563648 _____ C:\Users\Fireslide\Downloads\adwcleaner_5.000 (1).exe
2015-08-15 20:47 - 2015-08-15 20:48 - 00000376 _____ C:\Windows\Tasks\APSnotifierPP2.job
2015-08-15 20:45 - 2015-08-15 20:46 - 157569304 _____ (AVG Technologies) C:\Users\Fireslide\Downloads\Unconfirmed 144995.crdownload
2015-08-15 20:44 - 2015-08-15 20:44 - 00613255 _____ (CMI Limited) C:\Users\Fireslide\AppData\Local\nsx57C8.tmp
2015-08-15 20:41 - 2015-08-15 20:42 - 00000000 ____D C:\ProgramData\pWinManProp
2015-08-15 20:07 - 2015-08-15 20:08 - 00004261 _____ C:\AdwCleaner[C7].txt
2015-08-15 20:07 - 2015-08-15 20:07 - 00003841 _____ C:\AdwCleaner[S7].txt
2015-08-15 17:53 - 2015-08-15 17:53 - 00613255 _____ (CMI Limited) C:\Users\Fireslide\AppData\Local\nsz4ADB.tmp
2015-08-15 16:25 - 2015-08-15 16:25 - 00931408 _____ (Google Inc.) C:\Users\Fireslide\Downloads\ChromeSetup.exe
2015-08-15 16:25 - 2015-08-15 16:25 - 00000000 ____D C:\ProgramData\Rosotlefi
2015-08-15 16:22 - 2015-08-16 15:36 - 00001030 _____ C:\Windows\Tasks\iEZTx99QpwcGLr0utp5aj.job
2015-08-15 16:22 - 2015-08-16 15:36 - 00001004 _____ C:\Windows\Tasks\yELyvzNu.job
2015-08-15 16:22 - 2015-08-15 16:22 - 00004072 _____ C:\Windows\System32\Tasks\iEZTx99QpwcGLr0utp5aj
2015-08-15 16:22 - 2015-08-15 16:22 - 00004046 _____ C:\Windows\System32\Tasks\yELyvzNu
2015-08-15 16:18 - 2015-08-15 16:19 - 00062104 _____ C:\AdwCleaner[C6].txt
2015-08-15 16:08 - 2015-08-15 16:08 - 00060425 _____ C:\AdwCleaner[S6].txt
2015-08-15 15:59 - 2015-08-15 15:59 - 00000000 ____D C:\Users\Public\QiYi
2015-08-15 15:58 - 2015-08-15 15:58 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-08-15 15:54 - 2015-08-15 15:54 - 00000000 ____D C:\Program Files (x86)\baidu
2015-08-15 15:38 - 2015-08-16 15:39 - 00001014 _____ C:\Windows\Tasks\8owGM3pStCtC7.job
2015-08-15 15:38 - 2015-08-16 15:38 - 00001040 _____ C:\Windows\Tasks\VJnVssET35CA5WaYL6CDqnXcIJ.job
2015-08-15 15:38 - 2015-08-15 15:39 - 00004082 _____ C:\Windows\System32\Tasks\VJnVssET35CA5WaYL6CDqnXcIJ
2015-08-15 15:38 - 2015-08-15 15:39 - 00004056 _____ C:\Windows\System32\Tasks\8owGM3pStCtC7
2015-08-15 15:37 - 2015-08-15 20:06 - 00000000 ____D C:\Program Files (x86)\a92c4850-6fe2-4a59-b48c-a98cc9887120
2015-08-15 15:33 - 2015-08-15 15:33 - 00000000 _____ C:\Windows\prleth.sys
2015-08-15 15:33 - 2015-08-15 15:33 - 00000000 _____ C:\Windows\hgfs.sys
2015-08-15 15:32 - 2015-08-15 20:06 - 00000000 ____D C:\Program Files (x86)\0fbddb10-1b8a-43a6-825a-a4822c5d4b34
2015-08-15 15:32 - 2015-08-15 20:06 - 00000000 ____D C:\Program Files (x86)\02c3a71d-57e0-485c-be0e-ad2830231d0f
2015-08-15 15:31 - 2015-08-15 15:34 - 00000434 _____ C:\task.vbs
2015-08-15 15:31 - 2015-08-15 15:31 - 00000000 ____D C:\Users\Fireslide\AppData\Local\CrashRpt
2015-08-15 15:31 - 2015-08-15 15:31 - 00000000 _____ C:\dummy.htm
2015-08-15 15:22 - 2015-08-16 08:56 - 00000000 ____D C:\Program Files (x86)\529F7180-1439644939-11DD-8DC8-E03F4946A8FB
2015-08-15 15:22 - 2015-03-28 22:48 - 00001449 _____ C:\Windows\system32\Drivers\etc\hp.bak
2015-08-15 15:03 - 2015-08-15 15:03 - 00000000 ____D C:\ProgramData\ONbhmmsBEU
2015-08-15 15:00 - 2015-08-16 15:36 - 00001036 _____ C:\Windows\Tasks\qyUOqo9CHBP7tFQgz8EkOcOM.job
2015-08-15 15:00 - 2015-08-16 15:36 - 00001034 _____ C:\Windows\Tasks\wBF63xYlOqdX0UmSZzIZdUE.job
2015-08-15 15:00 - 2015-08-15 15:00 - 00004078 _____ C:\Windows\System32\Tasks\qyUOqo9CHBP7tFQgz8EkOcOM
2015-08-15 15:00 - 2015-08-15 15:00 - 00004076 _____ C:\Windows\System32\Tasks\wBF63xYlOqdX0UmSZzIZdUE
2015-08-15 14:59 - 2015-08-15 20:06 - 00000000 ____D C:\Program Files (x86)\4bf1c321-7f88-48a4-8de1-1f952a248f56
2015-08-15 14:58 - 2015-08-16 15:36 - 00000350 ____H C:\Windows\Tasks\DLSEGTLMVQQRXXJW.job
2015-08-15 14:58 - 2015-08-15 20:08 - 00000000 ____D C:\Users\Fireslide\AppData\Local\DiagnosticPolicy
2015-08-15 14:58 - 2015-08-15 20:06 - 00000000 ____D C:\ProgramData\LitVuyrd
2015-08-15 14:58 - 2015-08-15 14:58 - 00003392 _____ C:\Windows\System32\Tasks\DLSEGTLMVQQRXXJW
2015-08-15 14:58 - 2015-08-15 14:58 - 00000000 ____D C:\ProgramData\Service1198
2015-08-15 14:58 - 2015-08-15 14:58 - 00000000 ____D C:\ProgramData\7c0535b143fc4671b6ebd202fbffe066
2015-08-15 14:57 - 2015-08-15 14:59 - 00000000 ____D C:\Users\Fireslide\AppData\Local\Opera Software
2015-08-15 14:57 - 2015-08-15 14:58 - 00000000 ____D C:\Program Files (x86)\Software
2015-04-14 18:28 - 2015-04-14 18:28 - 0004387 _____ () C:\Users\Fireslide\AppData\Roaming\8owGM3pStCtC7
2015-04-14 18:28 - 2015-04-14 18:28 - 0004387 _____ () C:\Users\Fireslide\AppData\Roaming\iEZTx99QpwcGLr0utp5aj
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Fireslide\AppData\Roaming\qyUOqo9CHBP7tFQgz8EkOcOM
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Fireslide\AppData\Roaming\VJnVssET35CA5WaYL6CDqnXcIJ
2015-04-14 18:28 - 2015-04-14 18:28 - 0004387 _____ () C:\Users\Fireslide\AppData\Roaming\wBF63xYlOqdX0UmSZzIZdUE
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Fireslide\AppData\Roaming\yELyvzNu
2015-08-15 20:44 - 2015-08-15 20:44 - 0613255 _____ (CMI Limited) C:\Users\Fireslide\AppData\Local\nsx57C8.tmp
2015-08-15 17:53 - 2015-08-15 17:53 - 0613255 _____ (CMI Limited) C:\Users\Fireslide\AppData\Local\nsz4ADB.tmp
Task: C:\Windows\Tasks\8owGM3pStCtC7.job => C:\Users\Fireslide\AppData\Roaming\8owGM3pStCtC7.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\DLSEGTLMVQQRXXJW.job => C:\ProgramData\Service1198\Service1198.exe <==== ATTENTION
Task: C:\Windows\Tasks\iEZTx99QpwcGLr0utp5aj.job => C:\Users\Fireslide\AppData\Roaming\iEZTx99QpwcGLr0utp5aj.exe <==== ATTENTION
Task: C:\Windows\Tasks\qyUOqo9CHBP7tFQgz8EkOcOM.job => C:\Users\Fireslide\AppData\Roaming\qyUOqo9CHBP7tFQgz8EkOcOM.exe <==== ATTENTION
Task: C:\Windows\Tasks\VJnVssET35CA5WaYL6CDqnXcIJ.job => C:\Users\Fireslide\AppData\Roaming\VJnVssET35CA5WaYL6CDqnXcIJ.exe <==== ATTENTION
Task: C:\Windows\Tasks\wBF63xYlOqdX0UmSZzIZdUE.job => C:\Users\Fireslide\AppData\Roaming\wBF63xYlOqdX0UmSZzIZdUE.exe <==== ATTENTION
Task: C:\Windows\Tasks\yELyvzNu.job => C:\Users\Fireslide\AppData\Roaming\yELyvzNu.exe <==== ATTENTION
Task: {0A9810B3-C70B-4118-B371-B61A2550359E} - \d628d253-1d5a-4d55-af6c-03fe72333b07-1 -> No File <==== ATTENTION
Task: {0BBF4833-D2D9-4A3B-94A4-F584B0189407} - System32\Tasks\qyUOqo9CHBP7tFQgz8EkOcOM => C:\Users\Fireslide\AppData\Roaming\qyUOqo9CHBP7tFQgz8EkOcOM.exe <==== ATTENTION
Task: {25DAE5F0-491B-45C4-807E-0DBA9EF54072} - \d628d253-1d5a-4d55-af6c-03fe72333b07-6 -> No File <==== ATTENTION
Task: {351EF5F3-A4B7-4E1F-899C-3A9EEA0D67B8} - System32\Tasks\yELyvzNu => C:\Users\Fireslide\AppData\Roaming\yELyvzNu.exe <==== ATTENTION
Task: {73B41DBE-CA3B-4648-979D-2671BEB5B09F} - System32\Tasks\8owGM3pStCtC7 => C:\Users\Fireslide\AppData\Roaming\8owGM3pStCtC7.exe <==== ATTENTION
Task: {76873702-7DBF-4A1D-A837-FEAF134B5289} - System32\Tasks\DLSEGTLMVQQRXXJW => C:\ProgramData\Service1198\Service1198.exe [2015-08-09] () <==== ATTENTION
Task: {7D43AF59-0CA9-42EE-A45D-FCE92D3B0A1B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: {7D9C507D-B5CA-4C57-BBC4-C7843170D8C8} - System32\Tasks\iEZTx99QpwcGLr0utp5aj => C:\Users\Fireslide\AppData\Roaming\iEZTx99QpwcGLr0utp5aj.exe <==== ATTENTION
Task: {889464B6-C5EB-4FBC-BA5A-07565CA405DA} - \d628d253-1d5a-4d55-af6c-03fe72333b07-5 -> No File <==== ATTENTION
Task: {8F69F668-F8C5-41B7-AA18-C86FEB8CF8B9} - System32\Tasks\Rosotlefi => C:\ProgramData\Rosotlefi\1.0.4.1\huifbsot.exe [2015-08-15] ()
Task: {9FEC446F-B3CC-450A-A995-83B33DB59E51} - System32\Tasks\Jarmeee => C:\Program Files\shopperz12082015\Hvnkaufcv.bat [2015-08-12] () <==== ATTENTION
Task: {AA9937C6-C9A2-4CA1-A8FB-C06501B7DB37} - System32\Tasks\VJnVssET35CA5WaYL6CDqnXcIJ => C:\Users\Fireslide\AppData\Roaming\VJnVssET35CA5WaYL6CDqnXcIJ.exe <==== ATTENTION
Task: {AABB558F-9E68-4C0A-8242-8D1C51BD1AAA} - \d628d253-1d5a-4d55-af6c-03fe72333b07-4 -> No File <==== ATTENTION
Task: {B96F708C-F9D4-496C-9645-246F287B4485} - \d628d253-1d5a-4d55-af6c-03fe72333b07-11 -> No File <==== ATTENTION
Task: {CA509D60-8D15-4283-B617-056AA1496C33} - \d628d253-1d5a-4d55-af6c-03fe72333b07-3 -> No File <==== ATTENTION
Task: {D1E20EF2-1EF3-4EC1-A62B-D0E4FA964BDD} - \d628d253-1d5a-4d55-af6c-03fe72333b07-2 -> No File <==== ATTENTION
Task: {E61F1D8B-7463-4EC7-BE53-1672DC781AFA} - \d628d253-1d5a-4d55-af6c-03fe72333b07-5_user -> No File <==== ATTENTION
Task: {E65EDE29-F41B-437D-870C-3223E1946B39} - System32\Tasks\wBF63xYlOqdX0UmSZzIZdUE => C:\Users\Fireslide\AppData\Roaming\wBF63xYlOqdX0UmSZzIZdUE.exe <==== ATTENTION
Task: {F7ED9D9A-9A34-449B-9354-F220BF2F61CF} - \d628d253-1d5a-4d55-af6c-03fe72333b07-7 -> No File <==== ATTENTION
Relance FRST et clic sur le bouton Corriger / Fix
Selon comment un redémarrage est nécessaire (pas obligatoire).
Un fichier texte apparaît, copie/colle le contenu ici dans un nouveau message.
Redémarre l'ordinateur
puis réinitialise tes navigateurs:
==================================
Réinitialise tes navigateurs et ou manuellement reparamètre tes navigateurs WEB (page de démarrage, moteur de recherche etc) mais aussi supprimer/désactiver les extensions inutiles/parasites :
Tu peux t'inspirer de cette note explicative avec des captures d'écran pour t'aider: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/#fix
Ouvre le bloc-notes : Touche Windows + R, dans le champs executer, tape notepad et OK.
Copie/colle dedans ce qui suit :
HKLM\...\Run: [shopperz12082015] => C:\Program Files\shopperz12082015\Tuejet.exe [433528 2015-08-12] ()
HKLM\...\Run: [shopperz1208201564] => C:\Program Files\shopperz12082015\Tuejet64.exe [464760 2015-08-12] ()
HKU\S-1-5-21-1856635847-1340888399-366113939-1000\...\Run: [apphide] => C:\Program Files (x86)\baidu\pps.exe [77824 2015-08-12] ()
BHO: shopperz12082015 -> {3ea54411-9f2a-4a18-a93a-84312350f7c1} -> C:\Program Files\shopperz12082015\Meieiwb64.dll [2015-08-12] ()
BHO-x32: shopperz12082015 -> {3ea54411-9f2a-4a18-a93a-84312350f7c1} -> C:\Program Files\shopperz12082015\Meieiwb.dll [2015-08-12] ()
R2 ElejooLyunp; C:\Program Files\shopperz12082015\LuacRouct.exe [171848 2015-08-12] ()
R2 jBjEDJiiV; C:\ProgramData\ONbhmmsBEU\jBjEDJiiV.exe [2731488 2015-08-15] (Unique Solutions)
R2 shopperz12082015 Updater; C:\Program Files\shopperz12082015\Ideie.exe [174968 2015-08-12] ()
R2 supykopu; C:\Program Files (x86)\529F7180-1439644939-11DD-8DC8-E03F4946A8FB\knsg2773.tmp [749568 2015-08-16] () [File not signed]
R3 Uiviuuj; C:\Program Files\shopperz12082015\Uiviuuj.exe [2043720 2015-08-12] ()
2015-08-16 15:39 - 2015-08-16 15:54 - 00000000 ____D C:\Users\Fireslide\AppData\Local\DesktopSearch
2015-08-15 21:26 - 2015-08-16 15:36 - 00004720 _____ C:\Windows\SysWOW64\Uiviuuj.ini
2015-08-15 21:26 - 2015-08-16 15:36 - 00002432 _____ C:\Windows\SysWOW64\UiviuujOff.ini
2015-08-15 21:26 - 2015-08-16 15:36 - 00002432 _____ C:\Windows\system32\UiviuujOff.ini
2015-08-15 21:26 - 2015-08-15 21:29 - 00000000 ____D C:\Program Files\shopperz12082015
2015-08-15 21:26 - 2015-08-15 21:27 - 00000000 ____D C:\ProgramData\5WinManPro5
2015-08-15 21:26 - 2015-08-15 21:26 - 00003652 _____ C:\Windows\System32\Tasks\Jarmeee
2015-08-15 21:26 - 2015-08-15 21:26 - 00000000 ____D C:\Windows\system32\pyv
2015-08-15 21:26 - 2015-08-12 10:45 - 00353608 _____ C:\Windows\system32\Uiviuuj64.dll
2015-08-15 21:26 - 2015-08-12 10:45 - 00283464 _____ C:\Windows\SysWOW64\Uiviuuj.dll
2015-08-15 21:26 - 2015-06-18 12:08 - 00061336 _____ (Cherimoya Ltd) C:\Windows\system32\Drivers\cherimoya.sys
2015-08-15 20:54 - 2015-08-15 20:54 - 00011606 _____ C:\AdwCleaner[C8].txt
2015-08-15 20:53 - 2015-08-15 20:54 - 00013807 _____ C:\AdwCleaner[S8].txt
2015-08-15 20:52 - 2015-08-15 20:52 - 01563648 _____ C:\Users\Fireslide\Downloads\adwcleaner_5.000 (1).exe
2015-08-15 20:47 - 2015-08-15 20:48 - 00000376 _____ C:\Windows\Tasks\APSnotifierPP2.job
2015-08-15 20:45 - 2015-08-15 20:46 - 157569304 _____ (AVG Technologies) C:\Users\Fireslide\Downloads\Unconfirmed 144995.crdownload
2015-08-15 20:44 - 2015-08-15 20:44 - 00613255 _____ (CMI Limited) C:\Users\Fireslide\AppData\Local\nsx57C8.tmp
2015-08-15 20:41 - 2015-08-15 20:42 - 00000000 ____D C:\ProgramData\pWinManProp
2015-08-15 20:07 - 2015-08-15 20:08 - 00004261 _____ C:\AdwCleaner[C7].txt
2015-08-15 20:07 - 2015-08-15 20:07 - 00003841 _____ C:\AdwCleaner[S7].txt
2015-08-15 17:53 - 2015-08-15 17:53 - 00613255 _____ (CMI Limited) C:\Users\Fireslide\AppData\Local\nsz4ADB.tmp
2015-08-15 16:25 - 2015-08-15 16:25 - 00931408 _____ (Google Inc.) C:\Users\Fireslide\Downloads\ChromeSetup.exe
2015-08-15 16:25 - 2015-08-15 16:25 - 00000000 ____D C:\ProgramData\Rosotlefi
2015-08-15 16:22 - 2015-08-16 15:36 - 00001030 _____ C:\Windows\Tasks\iEZTx99QpwcGLr0utp5aj.job
2015-08-15 16:22 - 2015-08-16 15:36 - 00001004 _____ C:\Windows\Tasks\yELyvzNu.job
2015-08-15 16:22 - 2015-08-15 16:22 - 00004072 _____ C:\Windows\System32\Tasks\iEZTx99QpwcGLr0utp5aj
2015-08-15 16:22 - 2015-08-15 16:22 - 00004046 _____ C:\Windows\System32\Tasks\yELyvzNu
2015-08-15 16:18 - 2015-08-15 16:19 - 00062104 _____ C:\AdwCleaner[C6].txt
2015-08-15 16:08 - 2015-08-15 16:08 - 00060425 _____ C:\AdwCleaner[S6].txt
2015-08-15 15:59 - 2015-08-15 15:59 - 00000000 ____D C:\Users\Public\QiYi
2015-08-15 15:58 - 2015-08-15 15:58 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-08-15 15:54 - 2015-08-15 15:54 - 00000000 ____D C:\Program Files (x86)\baidu
2015-08-15 15:38 - 2015-08-16 15:39 - 00001014 _____ C:\Windows\Tasks\8owGM3pStCtC7.job
2015-08-15 15:38 - 2015-08-16 15:38 - 00001040 _____ C:\Windows\Tasks\VJnVssET35CA5WaYL6CDqnXcIJ.job
2015-08-15 15:38 - 2015-08-15 15:39 - 00004082 _____ C:\Windows\System32\Tasks\VJnVssET35CA5WaYL6CDqnXcIJ
2015-08-15 15:38 - 2015-08-15 15:39 - 00004056 _____ C:\Windows\System32\Tasks\8owGM3pStCtC7
2015-08-15 15:37 - 2015-08-15 20:06 - 00000000 ____D C:\Program Files (x86)\a92c4850-6fe2-4a59-b48c-a98cc9887120
2015-08-15 15:33 - 2015-08-15 15:33 - 00000000 _____ C:\Windows\prleth.sys
2015-08-15 15:33 - 2015-08-15 15:33 - 00000000 _____ C:\Windows\hgfs.sys
2015-08-15 15:32 - 2015-08-15 20:06 - 00000000 ____D C:\Program Files (x86)\0fbddb10-1b8a-43a6-825a-a4822c5d4b34
2015-08-15 15:32 - 2015-08-15 20:06 - 00000000 ____D C:\Program Files (x86)\02c3a71d-57e0-485c-be0e-ad2830231d0f
2015-08-15 15:31 - 2015-08-15 15:34 - 00000434 _____ C:\task.vbs
2015-08-15 15:31 - 2015-08-15 15:31 - 00000000 ____D C:\Users\Fireslide\AppData\Local\CrashRpt
2015-08-15 15:31 - 2015-08-15 15:31 - 00000000 _____ C:\dummy.htm
2015-08-15 15:22 - 2015-08-16 08:56 - 00000000 ____D C:\Program Files (x86)\529F7180-1439644939-11DD-8DC8-E03F4946A8FB
2015-08-15 15:22 - 2015-03-28 22:48 - 00001449 _____ C:\Windows\system32\Drivers\etc\hp.bak
2015-08-15 15:03 - 2015-08-15 15:03 - 00000000 ____D C:\ProgramData\ONbhmmsBEU
2015-08-15 15:00 - 2015-08-16 15:36 - 00001036 _____ C:\Windows\Tasks\qyUOqo9CHBP7tFQgz8EkOcOM.job
2015-08-15 15:00 - 2015-08-16 15:36 - 00001034 _____ C:\Windows\Tasks\wBF63xYlOqdX0UmSZzIZdUE.job
2015-08-15 15:00 - 2015-08-15 15:00 - 00004078 _____ C:\Windows\System32\Tasks\qyUOqo9CHBP7tFQgz8EkOcOM
2015-08-15 15:00 - 2015-08-15 15:00 - 00004076 _____ C:\Windows\System32\Tasks\wBF63xYlOqdX0UmSZzIZdUE
2015-08-15 14:59 - 2015-08-15 20:06 - 00000000 ____D C:\Program Files (x86)\4bf1c321-7f88-48a4-8de1-1f952a248f56
2015-08-15 14:58 - 2015-08-16 15:36 - 00000350 ____H C:\Windows\Tasks\DLSEGTLMVQQRXXJW.job
2015-08-15 14:58 - 2015-08-15 20:08 - 00000000 ____D C:\Users\Fireslide\AppData\Local\DiagnosticPolicy
2015-08-15 14:58 - 2015-08-15 20:06 - 00000000 ____D C:\ProgramData\LitVuyrd
2015-08-15 14:58 - 2015-08-15 14:58 - 00003392 _____ C:\Windows\System32\Tasks\DLSEGTLMVQQRXXJW
2015-08-15 14:58 - 2015-08-15 14:58 - 00000000 ____D C:\ProgramData\Service1198
2015-08-15 14:58 - 2015-08-15 14:58 - 00000000 ____D C:\ProgramData\7c0535b143fc4671b6ebd202fbffe066
2015-08-15 14:57 - 2015-08-15 14:59 - 00000000 ____D C:\Users\Fireslide\AppData\Local\Opera Software
2015-08-15 14:57 - 2015-08-15 14:58 - 00000000 ____D C:\Program Files (x86)\Software
2015-04-14 18:28 - 2015-04-14 18:28 - 0004387 _____ () C:\Users\Fireslide\AppData\Roaming\8owGM3pStCtC7
2015-04-14 18:28 - 2015-04-14 18:28 - 0004387 _____ () C:\Users\Fireslide\AppData\Roaming\iEZTx99QpwcGLr0utp5aj
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Fireslide\AppData\Roaming\qyUOqo9CHBP7tFQgz8EkOcOM
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Fireslide\AppData\Roaming\VJnVssET35CA5WaYL6CDqnXcIJ
2015-04-14 18:28 - 2015-04-14 18:28 - 0004387 _____ () C:\Users\Fireslide\AppData\Roaming\wBF63xYlOqdX0UmSZzIZdUE
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Fireslide\AppData\Roaming\yELyvzNu
2015-08-15 20:44 - 2015-08-15 20:44 - 0613255 _____ (CMI Limited) C:\Users\Fireslide\AppData\Local\nsx57C8.tmp
2015-08-15 17:53 - 2015-08-15 17:53 - 0613255 _____ (CMI Limited) C:\Users\Fireslide\AppData\Local\nsz4ADB.tmp
Task: C:\Windows\Tasks\8owGM3pStCtC7.job => C:\Users\Fireslide\AppData\Roaming\8owGM3pStCtC7.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\DLSEGTLMVQQRXXJW.job => C:\ProgramData\Service1198\Service1198.exe <==== ATTENTION
Task: C:\Windows\Tasks\iEZTx99QpwcGLr0utp5aj.job => C:\Users\Fireslide\AppData\Roaming\iEZTx99QpwcGLr0utp5aj.exe <==== ATTENTION
Task: C:\Windows\Tasks\qyUOqo9CHBP7tFQgz8EkOcOM.job => C:\Users\Fireslide\AppData\Roaming\qyUOqo9CHBP7tFQgz8EkOcOM.exe <==== ATTENTION
Task: C:\Windows\Tasks\VJnVssET35CA5WaYL6CDqnXcIJ.job => C:\Users\Fireslide\AppData\Roaming\VJnVssET35CA5WaYL6CDqnXcIJ.exe <==== ATTENTION
Task: C:\Windows\Tasks\wBF63xYlOqdX0UmSZzIZdUE.job => C:\Users\Fireslide\AppData\Roaming\wBF63xYlOqdX0UmSZzIZdUE.exe <==== ATTENTION
Task: C:\Windows\Tasks\yELyvzNu.job => C:\Users\Fireslide\AppData\Roaming\yELyvzNu.exe <==== ATTENTION
Task: {0A9810B3-C70B-4118-B371-B61A2550359E} - \d628d253-1d5a-4d55-af6c-03fe72333b07-1 -> No File <==== ATTENTION
Task: {0BBF4833-D2D9-4A3B-94A4-F584B0189407} - System32\Tasks\qyUOqo9CHBP7tFQgz8EkOcOM => C:\Users\Fireslide\AppData\Roaming\qyUOqo9CHBP7tFQgz8EkOcOM.exe <==== ATTENTION
Task: {25DAE5F0-491B-45C4-807E-0DBA9EF54072} - \d628d253-1d5a-4d55-af6c-03fe72333b07-6 -> No File <==== ATTENTION
Task: {351EF5F3-A4B7-4E1F-899C-3A9EEA0D67B8} - System32\Tasks\yELyvzNu => C:\Users\Fireslide\AppData\Roaming\yELyvzNu.exe <==== ATTENTION
Task: {73B41DBE-CA3B-4648-979D-2671BEB5B09F} - System32\Tasks\8owGM3pStCtC7 => C:\Users\Fireslide\AppData\Roaming\8owGM3pStCtC7.exe <==== ATTENTION
Task: {76873702-7DBF-4A1D-A837-FEAF134B5289} - System32\Tasks\DLSEGTLMVQQRXXJW => C:\ProgramData\Service1198\Service1198.exe [2015-08-09] () <==== ATTENTION
Task: {7D43AF59-0CA9-42EE-A45D-FCE92D3B0A1B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: {7D9C507D-B5CA-4C57-BBC4-C7843170D8C8} - System32\Tasks\iEZTx99QpwcGLr0utp5aj => C:\Users\Fireslide\AppData\Roaming\iEZTx99QpwcGLr0utp5aj.exe <==== ATTENTION
Task: {889464B6-C5EB-4FBC-BA5A-07565CA405DA} - \d628d253-1d5a-4d55-af6c-03fe72333b07-5 -> No File <==== ATTENTION
Task: {8F69F668-F8C5-41B7-AA18-C86FEB8CF8B9} - System32\Tasks\Rosotlefi => C:\ProgramData\Rosotlefi\1.0.4.1\huifbsot.exe [2015-08-15] ()
Task: {9FEC446F-B3CC-450A-A995-83B33DB59E51} - System32\Tasks\Jarmeee => C:\Program Files\shopperz12082015\Hvnkaufcv.bat [2015-08-12] () <==== ATTENTION
Task: {AA9937C6-C9A2-4CA1-A8FB-C06501B7DB37} - System32\Tasks\VJnVssET35CA5WaYL6CDqnXcIJ => C:\Users\Fireslide\AppData\Roaming\VJnVssET35CA5WaYL6CDqnXcIJ.exe <==== ATTENTION
Task: {AABB558F-9E68-4C0A-8242-8D1C51BD1AAA} - \d628d253-1d5a-4d55-af6c-03fe72333b07-4 -> No File <==== ATTENTION
Task: {B96F708C-F9D4-496C-9645-246F287B4485} - \d628d253-1d5a-4d55-af6c-03fe72333b07-11 -> No File <==== ATTENTION
Task: {CA509D60-8D15-4283-B617-056AA1496C33} - \d628d253-1d5a-4d55-af6c-03fe72333b07-3 -> No File <==== ATTENTION
Task: {D1E20EF2-1EF3-4EC1-A62B-D0E4FA964BDD} - \d628d253-1d5a-4d55-af6c-03fe72333b07-2 -> No File <==== ATTENTION
Task: {E61F1D8B-7463-4EC7-BE53-1672DC781AFA} - \d628d253-1d5a-4d55-af6c-03fe72333b07-5_user -> No File <==== ATTENTION
Task: {E65EDE29-F41B-437D-870C-3223E1946B39} - System32\Tasks\wBF63xYlOqdX0UmSZzIZdUE => C:\Users\Fireslide\AppData\Roaming\wBF63xYlOqdX0UmSZzIZdUE.exe <==== ATTENTION
Task: {F7ED9D9A-9A34-449B-9354-F220BF2F61CF} - \d628d253-1d5a-4d55-af6c-03fe72333b07-7 -> No File <==== ATTENTION
Relance FRST et clic sur le bouton Corriger / Fix
Selon comment un redémarrage est nécessaire (pas obligatoire).
Un fichier texte apparaît, copie/colle le contenu ici dans un nouveau message.
Redémarre l'ordinateur
puis réinitialise tes navigateurs:
==================================
Réinitialise tes navigateurs et ou manuellement reparamètre tes navigateurs WEB (page de démarrage, moteur de recherche etc) mais aussi supprimer/désactiver les extensions inutiles/parasites :
- Internet Explorer et modules complémentaires / moteurs de recherche : https://forum.malekal.com/viewtopic.php?t=41399&start=
- Firefox : https://www.malekal.com/reparer-firefox/?t=36057&start=
- Google Chrome : https://www.malekal.com/reparer-google-chrome/?t=35837&start=
pardon voila le texte ecris :
# AdwCleaner v5.000 - Logfile created 15/08/2015 at 20:54:37
# Updated 14/08/2015 by Xplode
# Database : 2015-08-15.1 [Server]
# Operating system : Windows 7 Home Basic Service Pack 1 (x64)
# Username : Fireslide - FIRESLIDE-PC
# Running from : C:\Users\Fireslide\Downloads\adwcleaner_5.000 (1).exe
# Option : Cleaning
[-] Service Deleted : netfilter64
[-] Service Deleted : WindowsMangerProtect
[-] Service Deleted : CoupoonService64
[-] Service Deleted : UpdateCheck
[-] Service Deleted : RsMgrSvc
[-] Service Deleted : RsRavMon
[-] Folder Deleted : C:\Program Files\coupoon
[!] Folder Not Deleted : C:\Program Files\Coupoon
[-] Folder Deleted : C:\Program Files (x86)\AnyProtectEx
[-] Folder Deleted : C:\Program Files (x86)\coupoon
[-] Folder Deleted : C:\Program Files (x86)\Rising
[!] Folder Not Deleted : C:\Program Files (x86)\Coupoon
[-] Folder Deleted : C:\Program Files (x86)\gmsd_fr_005010061
[-] Folder Deleted : C:\ProgramData\Rising
[-] Folder Deleted : C:\ProgramData\abc
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GAMESDESKTOP
[-] Folder Deleted : C:\Users\Fireslide\AppData\Local\SmartWeb
[-] Folder Deleted : C:\Users\Fireslide\AppData\Local\DesktopSearch
[-] Folder Deleted : C:\Users\Fireslide\AppData\Local\gmsd_fr_005010061
[-] Folder Deleted : C:\Users\Fireslide\AppData\Roaming\AnyProtectEx
[-] Folder Deleted : C:\Users\Fireslide\AppData\Roaming\mystartsearch
[-] Folder Deleted : C:\Users\Fireslide\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
[-] Folder Deleted : C:\Users\Fireslide\AppData\Roaming\Mozilla\Firefox\Profiles\4nrb559s.default\Extensions\deskCutv2@gmail.com
[-] File Deleted : C:\END
[-] File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\mystartsearch.xml
[-] File Deleted : C:\Users\Fireslide\Desktop\AnyProtect.lnk
[-] File Deleted : C:\Windows\Sysnative\drivers\netfilter64.sys
[-] Shortcut Disinfected : C:\Users\Public\Desktop\Google Chrome.lnk
[-] Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[-] Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
[-] Shortcut Disinfected : C:\Users\Fireslide\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[-] Shortcut Disinfected : C:\Users\Fireslide\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
[-] Task Deleted : APSnotifierPP1
[-] Task Deleted : APSnotifierPP2
[-] Task Deleted : SmartWeb Upgrade Trigger Task
[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
[-] Key Deleted : HKCU\Software\Mozilla\Extends
[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Control\Class\{0014298C-A9BA-440D-AAA8-AD12C7010EE5}
[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Control\Class\{181A06EA-B82C-47DE-B851-E20FD0E1CC7D}
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [gmsd_fr_005010061]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce [upgmsd_fr_005010061.exe]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [C:\Program Files (x86)\PlusHD Cod\PlusHD Cod-nova.exe]
[-] Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [deskCutv2@gmail.com]
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{82351433-9094-11D1-A24B-00A0C932C7DF}
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\coupoon
[!] Key Not Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\Coupoon
[-] Key Deleted : HKCU\Software\AnyProtect
[-] Key Deleted : HKCU\Software\APN PIP
[-] Key Deleted : HKCU\Software\AskPartnerNetwork
[-] Key Deleted : HKCU\Software\HomeTab
[-] Key Deleted : HKCU\Software\simplytech
[!] Key Not Deleted : HKCU\Software\Simplytech\HomeTab
[-] Key Deleted : HKCU\Software\Tutorials
[-] Key Deleted : HKCU\Software\TutoTag
[-] Key Deleted : HKCU\Software\WajIEnhance
[-] Key Deleted : HKCU\Software\TNT2
[-] Key Deleted : HKCU\Software\WajIntEnhance
[-] Key Deleted : HKCU\Software\SearchProtectWS
[-] Key Deleted : HKCU\Software\Linkey
[-] Key Deleted : HKCU\Software\Kromtech
[-] Key Deleted : HKCU\Software\DAILYPCCLEAN
[-] Key Deleted : HKLM\SOFTWARE\AskPartnerNetwork
[-] Key Deleted : HKLM\SOFTWARE\Conduit
[-] Key Deleted : HKLM\SOFTWARE\Iminent
[-] Key Deleted : HKLM\SOFTWARE\SearchProtect
[-] Key Deleted : HKLM\SOFTWARE\supWindowsMangerProtect
[-] Key Deleted : HKLM\SOFTWARE\Tutorials
[-] Key Deleted : HKLM\SOFTWARE\mystartsearchSoftware
[-] Key Deleted : HKLM\SOFTWARE\GAMESDESKTOP
[-] Key Deleted : HKLM\SOFTWARE\WajIntEnhance
[-] Key Deleted : HKLM\SOFTWARE\SpeedBit
[-] Key Deleted : HKLM\SOFTWARE\coupoon
[-] Key Deleted : HKLM\SOFTWARE\AIM Toolbar
[-] Key Deleted : HKLM\SOFTWARE\searchult
[-] Key Deleted : HKLM\SOFTWARE\downchecker
[!] Key Not Deleted : HKLM\SOFTWARE\Coupoon
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AnyProtect
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mystartsearch uninstall
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FriendlyError
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\gmsd_fr_005010061_is1
[!] Key Not Deleted : [x64] HKCU\Software\AnyProtect
[!] Key Not Deleted : [x64] HKCU\Software\APN PIP
[!] Key Not Deleted : [x64] HKCU\Software\AskPartnerNetwork
[!] Key Not Deleted : [x64] HKCU\Software\HomeTab
[!] Key Not Deleted : [x64] HKCU\Software\simplytech
[!] Key Not Deleted : [x64] HKCU\Software\Simplytech\HomeTab
[!] Key Not Deleted : [x64] HKCU\Software\Tutorials
[!] Key Not Deleted : [x64] HKCU\Software\TutoTag
[!] Key Not Deleted : [x64] HKCU\Software\WajIEnhance
[!] Key Not Deleted : [x64] HKCU\Software\TNT2
[!] Key Not Deleted : [x64] HKCU\Software\WajIntEnhance
[!] Key Not Deleted : [x64] HKCU\Software\SearchProtectWS
[!] Key Not Deleted : [x64] HKCU\Software\Linkey
[!] Key Not Deleted : [x64] HKCU\Software\Kromtech
[!] Key Not Deleted : [x64] HKCU\Software\DAILYPCCLEAN
[-] Key Deleted : [x64] HKLM\SOFTWARE\coupoon
[-] Key Deleted : [x64] HKLM\SOFTWARE\downchecker
[!] Key Not Deleted : [x64] HKLM\SOFTWARE\Coupoon
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data Restored : HKU\S-1-5-21-1856635847-1340888399-366113939-1000\Software\Microsoft\Internet Explorer\Main [Search Page]
[-] Data Restored : HKU\S-1-5-21-1856635847-1340888399-366113939-1000\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : HKU\S-1-5-21-1856635847-1340888399-366113939-1000\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data Restored : HKU\S-1-5-21-1856635847-1340888399-366113939-1000\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[!] Key Not Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] Data Restored : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Data Restored : HKLM\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command []
[-] Data Restored : HKLM\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command []
[-] [C:\Users\Fireslide\AppData\Roaming\Mozilla\Firefox\Profiles\4nrb559s.default\prefs.js] [Preference] Deleted : user_pref("browser.newtab.url", "hxxp://www.mystartsearch.com/newtab/?type=nt&ts=1439664057&z=5522fe90750e46bb856b1afg0z7cdt1qeqacctdmbo&from=cmi&uid=WDCXWD10EZEX-08M2NA0_WD-WMC3F182175321753");
[-] [C:\Users\Fireslide\AppData\Roaming\Mozilla\Firefox\Profiles\4nrb559s.default\prefs.js] [Preference] Deleted : user_pref("browser.search.defaultenginename", "mystartsearch");
[-] [C:\Users\Fireslide\AppData\Roaming\Mozilla\Firefox\Profiles\4nrb559s.default\prefs.js] [Preference] Deleted : user_pref("browser.search.selectedEngine", "mystartsearch");
[-] [C:\Users\Fireslide\AppData\Roaming\Mozilla\Firefox\Profiles\4nrb559s.default\prefs.js] [Preference] Deleted : user_pref("browser.startup.homepage", "hxxp://www.mystartsearch.com/?type=hp&ts=1439664057&z=5522fe90750e46bb856b1afg0z7cdt1qeqacctdmbo&from=cmi&uid=WDCXWD10EZEX-08M2NA0_WD-WMC3F182175321753");
:: Proxy settings cleared
:: Winsock settings cleared
C:\AdwCleaner[C6].txt - [62104 octets] - [15/08/2015 16:18:10]
C:\AdwCleaner[C7].txt - [4261 octets] - [15/08/2015 20:07:59]
C:\AdwCleaner[C8].txt - [11185 octets] - [15/08/2015 20:54:37]
C:\AdwCleaner[S6].txt - [60425 octets] - [15/08/2015 16:08:09]
C:\AdwCleaner[S7].txt - [3841 octets] - [15/08/2015 20:07:26]
C:\AdwCleaner[S8].txt - [13807 octets] - [15/08/2015 20:53:34]
########## EOF - C:\AdwCleaner[C8].txt - [11440 octets] ##########
# AdwCleaner v5.000 - Logfile created 15/08/2015 at 20:54:37
# Updated 14/08/2015 by Xplode
# Database : 2015-08-15.1 [Server]
# Operating system : Windows 7 Home Basic Service Pack 1 (x64)
# Username : Fireslide - FIRESLIDE-PC
# Running from : C:\Users\Fireslide\Downloads\adwcleaner_5.000 (1).exe
# Option : Cleaning
- [ Services ] *****
[-] Service Deleted : netfilter64
[-] Service Deleted : WindowsMangerProtect
[-] Service Deleted : CoupoonService64
[-] Service Deleted : UpdateCheck
[-] Service Deleted : RsMgrSvc
[-] Service Deleted : RsRavMon
- [ Folders ] *****
[-] Folder Deleted : C:\Program Files\coupoon
[!] Folder Not Deleted : C:\Program Files\Coupoon
[-] Folder Deleted : C:\Program Files (x86)\AnyProtectEx
[-] Folder Deleted : C:\Program Files (x86)\coupoon
[-] Folder Deleted : C:\Program Files (x86)\Rising
[!] Folder Not Deleted : C:\Program Files (x86)\Coupoon
[-] Folder Deleted : C:\Program Files (x86)\gmsd_fr_005010061
[-] Folder Deleted : C:\ProgramData\Rising
[-] Folder Deleted : C:\ProgramData\abc
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GAMESDESKTOP
[-] Folder Deleted : C:\Users\Fireslide\AppData\Local\SmartWeb
[-] Folder Deleted : C:\Users\Fireslide\AppData\Local\DesktopSearch
[-] Folder Deleted : C:\Users\Fireslide\AppData\Local\gmsd_fr_005010061
[-] Folder Deleted : C:\Users\Fireslide\AppData\Roaming\AnyProtectEx
[-] Folder Deleted : C:\Users\Fireslide\AppData\Roaming\mystartsearch
[-] Folder Deleted : C:\Users\Fireslide\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
[-] Folder Deleted : C:\Users\Fireslide\AppData\Roaming\Mozilla\Firefox\Profiles\4nrb559s.default\Extensions\deskCutv2@gmail.com
- [ Files ] *****
[-] File Deleted : C:\END
[-] File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\mystartsearch.xml
[-] File Deleted : C:\Users\Fireslide\Desktop\AnyProtect.lnk
[-] File Deleted : C:\Windows\Sysnative\drivers\netfilter64.sys
- [ Shortcuts ] *****
[-] Shortcut Disinfected : C:\Users\Public\Desktop\Google Chrome.lnk
[-] Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[-] Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
[-] Shortcut Disinfected : C:\Users\Fireslide\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[-] Shortcut Disinfected : C:\Users\Fireslide\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
- [ Scheduled tasks ] *****
[-] Task Deleted : APSnotifierPP1
[-] Task Deleted : APSnotifierPP2
[-] Task Deleted : SmartWeb Upgrade Trigger Task
- [ Registry ] *****
[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
[-] Key Deleted : HKCU\Software\Mozilla\Extends
[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Control\Class\{0014298C-A9BA-440D-AAA8-AD12C7010EE5}
[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Control\Class\{181A06EA-B82C-47DE-B851-E20FD0E1CC7D}
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [gmsd_fr_005010061]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce [upgmsd_fr_005010061.exe]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [C:\Program Files (x86)\PlusHD Cod\PlusHD Cod-nova.exe]
[-] Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [deskCutv2@gmail.com]
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{82351433-9094-11D1-A24B-00A0C932C7DF}
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\coupoon
[!] Key Not Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\Coupoon
[-] Key Deleted : HKCU\Software\AnyProtect
[-] Key Deleted : HKCU\Software\APN PIP
[-] Key Deleted : HKCU\Software\AskPartnerNetwork
[-] Key Deleted : HKCU\Software\HomeTab
[-] Key Deleted : HKCU\Software\simplytech
[!] Key Not Deleted : HKCU\Software\Simplytech\HomeTab
[-] Key Deleted : HKCU\Software\Tutorials
[-] Key Deleted : HKCU\Software\TutoTag
[-] Key Deleted : HKCU\Software\WajIEnhance
[-] Key Deleted : HKCU\Software\TNT2
[-] Key Deleted : HKCU\Software\WajIntEnhance
[-] Key Deleted : HKCU\Software\SearchProtectWS
[-] Key Deleted : HKCU\Software\Linkey
[-] Key Deleted : HKCU\Software\Kromtech
[-] Key Deleted : HKCU\Software\DAILYPCCLEAN
[-] Key Deleted : HKLM\SOFTWARE\AskPartnerNetwork
[-] Key Deleted : HKLM\SOFTWARE\Conduit
[-] Key Deleted : HKLM\SOFTWARE\Iminent
[-] Key Deleted : HKLM\SOFTWARE\SearchProtect
[-] Key Deleted : HKLM\SOFTWARE\supWindowsMangerProtect
[-] Key Deleted : HKLM\SOFTWARE\Tutorials
[-] Key Deleted : HKLM\SOFTWARE\mystartsearchSoftware
[-] Key Deleted : HKLM\SOFTWARE\GAMESDESKTOP
[-] Key Deleted : HKLM\SOFTWARE\WajIntEnhance
[-] Key Deleted : HKLM\SOFTWARE\SpeedBit
[-] Key Deleted : HKLM\SOFTWARE\coupoon
[-] Key Deleted : HKLM\SOFTWARE\AIM Toolbar
[-] Key Deleted : HKLM\SOFTWARE\searchult
[-] Key Deleted : HKLM\SOFTWARE\downchecker
[!] Key Not Deleted : HKLM\SOFTWARE\Coupoon
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AnyProtect
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mystartsearch uninstall
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FriendlyError
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\gmsd_fr_005010061_is1
[!] Key Not Deleted : [x64] HKCU\Software\AnyProtect
[!] Key Not Deleted : [x64] HKCU\Software\APN PIP
[!] Key Not Deleted : [x64] HKCU\Software\AskPartnerNetwork
[!] Key Not Deleted : [x64] HKCU\Software\HomeTab
[!] Key Not Deleted : [x64] HKCU\Software\simplytech
[!] Key Not Deleted : [x64] HKCU\Software\Simplytech\HomeTab
[!] Key Not Deleted : [x64] HKCU\Software\Tutorials
[!] Key Not Deleted : [x64] HKCU\Software\TutoTag
[!] Key Not Deleted : [x64] HKCU\Software\WajIEnhance
[!] Key Not Deleted : [x64] HKCU\Software\TNT2
[!] Key Not Deleted : [x64] HKCU\Software\WajIntEnhance
[!] Key Not Deleted : [x64] HKCU\Software\SearchProtectWS
[!] Key Not Deleted : [x64] HKCU\Software\Linkey
[!] Key Not Deleted : [x64] HKCU\Software\Kromtech
[!] Key Not Deleted : [x64] HKCU\Software\DAILYPCCLEAN
[-] Key Deleted : [x64] HKLM\SOFTWARE\coupoon
[-] Key Deleted : [x64] HKLM\SOFTWARE\downchecker
[!] Key Not Deleted : [x64] HKLM\SOFTWARE\Coupoon
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data Restored : HKU\S-1-5-21-1856635847-1340888399-366113939-1000\Software\Microsoft\Internet Explorer\Main [Search Page]
[-] Data Restored : HKU\S-1-5-21-1856635847-1340888399-366113939-1000\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : HKU\S-1-5-21-1856635847-1340888399-366113939-1000\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data Restored : HKU\S-1-5-21-1856635847-1340888399-366113939-1000\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[!] Key Not Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] Data Restored : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Data Restored : HKLM\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command []
[-] Data Restored : HKLM\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command []
- [ Web browsers ] *****
[-] [C:\Users\Fireslide\AppData\Roaming\Mozilla\Firefox\Profiles\4nrb559s.default\prefs.js] [Preference] Deleted : user_pref("browser.newtab.url", "hxxp://www.mystartsearch.com/newtab/?type=nt&ts=1439664057&z=5522fe90750e46bb856b1afg0z7cdt1qeqacctdmbo&from=cmi&uid=WDCXWD10EZEX-08M2NA0_WD-WMC3F182175321753");
[-] [C:\Users\Fireslide\AppData\Roaming\Mozilla\Firefox\Profiles\4nrb559s.default\prefs.js] [Preference] Deleted : user_pref("browser.search.defaultenginename", "mystartsearch");
[-] [C:\Users\Fireslide\AppData\Roaming\Mozilla\Firefox\Profiles\4nrb559s.default\prefs.js] [Preference] Deleted : user_pref("browser.search.selectedEngine", "mystartsearch");
[-] [C:\Users\Fireslide\AppData\Roaming\Mozilla\Firefox\Profiles\4nrb559s.default\prefs.js] [Preference] Deleted : user_pref("browser.startup.homepage", "hxxp://www.mystartsearch.com/?type=hp&ts=1439664057&z=5522fe90750e46bb856b1afg0z7cdt1qeqacctdmbo&from=cmi&uid=WDCXWD10EZEX-08M2NA0_WD-WMC3F182175321753");
:: Proxy settings cleared
:: Winsock settings cleared
C:\AdwCleaner[C6].txt - [62104 octets] - [15/08/2015 16:18:10]
C:\AdwCleaner[C7].txt - [4261 octets] - [15/08/2015 20:07:59]
C:\AdwCleaner[C8].txt - [11185 octets] - [15/08/2015 20:54:37]
C:\AdwCleaner[S6].txt - [60425 octets] - [15/08/2015 16:08:09]
C:\AdwCleaner[S7].txt - [3841 octets] - [15/08/2015 20:07:26]
C:\AdwCleaner[S8].txt - [13807 octets] - [15/08/2015 20:53:34]
########## EOF - C:\AdwCleaner[C8].txt - [11440 octets] ##########
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question