Utilisation de Malwarebytes, puis plus de connexion.
Fermé
OliDolly
Messages postés
7
Date d'inscription
mercredi 4 mars 2015
Statut
Membre
Dernière intervention
4 mars 2015
-
4 mars 2015 à 11:13
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 - 4 mars 2015 à 18:10
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 - 4 mars 2015 à 18:10
A voir également:
- Utilisation de Malwarebytes, puis plus de connexion.
- Notice d'utilisation - Guide
- Télécharger malwarebytes - Télécharger - Antivirus & Antimalwares
- Gmail connexion - Guide
- Hotmail connexion - Guide
- Utilisation chromecast - Guide
11 réponses
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 628
4 mars 2015 à 11:20
4 mars 2015 à 11:20
Salut,
Réinitialise tes navigateurs et ou manuellement reparamètre tes navigateurs WEB (page de démarrage, moteur de recherche etc) mais aussi supprimer/désactiver les extensions inutiles/parasites :
puis :
Suis ce tutoriel FRST: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/
Télécharge et lance le scan FRST, cela va générer trois rapports FRST :
Envoie comme expliqué, ces trois rapports sur le site http://pjjoint.malekal.com et donne les trois liens pjjoint de ces rapports afin qu'ils puissent être consultés.
Réinitialise tes navigateurs et ou manuellement reparamètre tes navigateurs WEB (page de démarrage, moteur de recherche etc) mais aussi supprimer/désactiver les extensions inutiles/parasites :
- Firefox : https://www.malekal.com/reparer-firefox/?t=36057&start=
- Google Chrome : https://www.malekal.com/reparer-google-chrome/?t=35837&start=
- Internet Explorer et modules complémentaires / moteurs de recherche : https://forum.malekal.com/viewtopic.php?t=41399&start=
puis :
Suis ce tutoriel FRST: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/
Télécharge et lance le scan FRST, cela va générer trois rapports FRST :
- FRST.txt
- Shortcut.txt
- Additionnal.txt
Envoie comme expliqué, ces trois rapports sur le site http://pjjoint.malekal.com et donne les trois liens pjjoint de ces rapports afin qu'ils puissent être consultés.
OliDolly
Messages postés
7
Date d'inscription
mercredi 4 mars 2015
Statut
Membre
Dernière intervention
4 mars 2015
4 mars 2015 à 11:56
4 mars 2015 à 11:56
OliDolly
Messages postés
7
Date d'inscription
mercredi 4 mars 2015
Statut
Membre
Dernière intervention
4 mars 2015
4 mars 2015 à 13:01
4 mars 2015 à 13:01
Est-ce que les liens sont bons?
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 628
4 mars 2015 à 13:08
4 mars 2015 à 13:08
Voici la correction à effectuer avec FRST.
Tu peux t'inspirer de cette note explicative avec des captures d'écran pour t'aider: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/#fix
Ouvre le bloc-notes : Touche Windows + R, dans le champs executer, tape notepad et OK.
Copie/colle dans le bloc ce qui suit :
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:50544;https=127.0.0.1:50544 [Attention - Possible Proxy Malicieux]
Winsock: Catalog9 01 C:\Windows\system32\Gambali.dll File Not found ()
Winsock: Catalog9 02 C:\Windows\system32\Gambali.dll File Not found ()
Winsock: Catalog9 03 C:\Windows\system32\Gambali.dll File Not found ()
Winsock: Catalog9 04 C:\Windows\system32\Gambali.dll File Not found ()
Winsock: Catalog9 16 C:\Windows\system32\Gambali.dll File Not found ()
Winsock: Catalog9-x64 01 C:\Windows\system32\Gambali64.dll File Not found ()
Winsock: Catalog9-x64 02 C:\Windows\system32\Gambali64.dll File Not found ()
Winsock: Catalog9-x64 03 C:\Windows\system32\Gambali64.dll File Not found ()
Winsock: Catalog9-x64 04 C:\Windows\system32\Gambali64.dll File Not found ()
Winsock: Catalog9-x64 16 C:\Windows\system32\Gambali64.dll File Not found ()
CHR Extension: (HD Cinema Plus 1.8V01.03) - C:\Users\Oli\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni [2015-03-01]
R2 tykeziro; C:\Users\Oli\AppData\Local\2B9679F9-1424804800-E011-A243-B870F49AD63D\snsx51D3.tmp [179200 2015-02-24] () [File not signed]
R2 wonykuri; C:\Users\Oli\AppData\Roaming\2B9679F9-1424804738-E011-A243-B870F49AD63D\jnssBF33.tmp [95232 2015-02-24] () [File not signed]
R2 biwejizu; C:\Users\Oli\AppData\Roaming\2B9679F9-1424804738-E011-A243-B870F49AD63D\nsh8336.tmpfs [X]
R2 FGmwfUCKPNU; C:\ProgramData\nxVmHjykH\FGmwfUCKPNU.exe [2733032 2015-03-03] (Time Lapse Solutions)
S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [14872 2014-01-07] ()
2015-03-03 19:49 - 2015-03-03 19:49 - 00000000 ____D () C:\ProgramData\2355320829
2015-03-03 16:24 - 2015-03-03 16:24 - 01940912 _____ (HQ-Video2.5dV16.11) C:\Users\Oli\AppData\Roaming\DTQXTXS.exe
2015-03-03 15:52 - 2015-03-03 15:52 - 01526232 _____ (HD PlusV01.03) C:\Users\Oli\AppData\Roaming\FB.exe
2015-03-03 15:52 - 2015-03-03 15:52 - 01466800 _____ (HQ-Video2.5dV16.11) C:\Users\Oli\AppData\Roaming\LCIVXJP.exe
2015-03-03 15:50 - 2015-03-03 15:50 - 02020824 _____ (HD PlusV01.03) C:\Users\Oli\AppData\Roaming\KDPUMLQ.exe
2015-03-03 10:57 - 2015-03-03 10:57 - 00003092 _____ () C:\Windows\System32\Tasks\{0AF584BF-79BC-44B0-9EB8-69F36AC33838}
2015-03-03 10:49 - 2015-03-03 10:49 - 00003158 _____ () C:\Windows\System32\Tasks\SmileFiles Installer Starter
2015-03-02 16:28 - 2015-03-03 10:50 - 00000000 ____D () C:\ProgramData\{60a09273-172a-068d-60a0-0927317249cc}
2015-03-01 20:37 - 2015-03-03 10:48 - 00000004 _____ () C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-03-01 19:37 - 2015-03-04 10:43 - 00000000 ____D () C:\Program Files (x86)\HD Cinema Plus 1.8V01.03
2015-03-01 19:37 - 2015-03-03 16:24 - 00000000 ____D () C:\Program Files (x86)\d5b865c2-51f0-4923-aa65-d73193d90cf7
2015-03-01 19:37 - 2015-03-03 10:48 - 00001676 _____ () C:\Windows\Tasks\KDPUMLQ.job
2015-03-01 19:37 - 2015-03-03 10:48 - 00001322 _____ () C:\Windows\Tasks\FB.job
2015-03-01 19:37 - 2015-03-01 19:37 - 00004692 _____ () C:\Windows\System32\Tasks\KDPUMLQ
2015-03-01 19:37 - 2015-03-01 19:37 - 00004338 _____ () C:\Windows\System32\Tasks\FB
2015-03-01 19:36 - 2015-03-02 16:26 - 00000000 ____D () C:\ProgramData\nxVmHjykH
2015-03-01 16:22 - 2015-03-01 16:22 - 00003544 _____ () C:\Windows\System32\Tasks\JTKYQJY
2015-02-24 22:40 - 2015-03-03 15:52 - 00000000 ____D () C:\Program Files (x86)\c2a69466-1b6a-479d-a186-8814fde96b52
2015-02-24 22:12 - 2015-02-24 22:12 - 02126848 _____ () C:\Users\Oli\Downloads\adwcleaner_4.111.exe
2015-02-24 21:31 - 2015-02-24 21:31 - 00613057 _____ (CMI Limited) C:\Users\Oli\AppData\Local\nsj46AC.tmp
2015-02-24 21:11 - 2015-03-03 16:24 - 00000000 ____D () C:\Program Files (x86)\I - Cinema
2015-02-24 21:11 - 2015-03-03 15:51 - 00000000 ____D () C:\Program Files (x86)\7088dbc2-d073-4f5e-abb2-a5ff1bace0d9
2015-02-24 20:22 - 2015-02-24 20:21 - 00613057 _____ (CMI Limited) C:\Users\Oli\AppData\Local\nsfF972.tmp
2015-02-24 20:20 - 2015-02-24 20:19 - 00613057 _____ (CMI Limited) C:\Users\Oli\AppData\Local\nsuFCAD.tmp
2015-02-24 20:17 - 2015-02-24 20:55 - 00000000 ____D () C:\ProgramData\{a33bce7e-784a-9741-a33b-bce7e78439f9}
2015-02-24 20:16 - 2015-02-24 20:16 - 00628496 _____ (CMI Limited) C:\Users\Oli\AppData\Local\nsd3890.tmp
2015-02-24 19:06 - 2015-03-04 10:03 - 00000000 ____D () C:\Users\Oli\AppData\Local\2B9679F9-1424804800-E011-A243-B870F49AD63D
2015-02-24 19:05 - 2015-02-24 20:19 - 00000000 ____D () C:\Users\Oli\AppData\Roaming\2B9679F9-1424804738-E011-A243-B870F49AD63D
2015-02-23 18:15 - 2015-03-03 15:52 - 00000000 ____D () C:\Users\Oli\AppData\Roaming\R4TwfmI
2015-02-23 18:15 - 2015-03-03 15:50 - 00000000 ____D () C:\Users\Oli\AppData\Roaming\IOt0Awb
2015-02-23 18:15 - 2015-02-23 18:15 - 00003276 _____ () C:\Windows\System32\Tasks\CyNwEd5X6xsoKla
2015-02-23 18:15 - 2015-02-23 18:15 - 00003236 _____ () C:\Windows\System32\Tasks\9zIPDbDP5Qfmo85
2015-02-22 19:05 - 2015-03-03 15:50 - 00000000 ____D () C:\Program Files (x86)\047fc8e8-b161-46e0-95f7-114842b19d33
2015-02-21 19:06 - 2015-03-03 15:51 - 00000000 ____D () C:\Program Files (x86)\f9481e41-3246-487b-ad8a-f8aa6e65596b
2015-02-20 19:04 - 2015-03-03 16:24 - 00000000 ____D () C:\Program Files (x86)\93dabc92-2c3c-49f6-b30b-6fb9e1094381
2015-02-19 19:10 - 2015-03-03 16:24 - 00000000 ____D () C:\Program Files (x86)\5c61a21a-ba41-40bb-a6dc-33bff59a4a59
2015-03-03 16:24 - 2014-11-25 11:00 - 00000000 ____D () C:\Users\Oli\AppData\Roaming\KJRY19c
2015-03-03 16:24 - 2014-11-16 14:48 - 00000000 ____D () C:\Program Files (x86)\43993b2b-300c-487d-a590-37050322df99
2015-03-03 16:24 - 2014-09-03 06:27 - 00000000 ____D () C:\Program Files (x86)\B021CBBD-E38E-4F8C-8E93-6624B0597A23
2015-03-03 15:51 - 2014-09-04 10:56 - 00000000 ____D () C:\Users\Oli\AppData\Local\22664
2015-03-03 16:24 - 2015-03-03 16:24 - 1940912 _____ (HQ-Video2.5dV16.11) C:\Users\Oli\AppData\Roaming\DTQXTXS.exe
2015-01-25 17:12 - 2015-01-25 17:12 - 0002086 _____ () C:\Users\Oli\AppData\Roaming\FB
2015-03-03 15:52 - 2015-03-03 15:52 - 1526232 _____ (HD PlusV01.03) C:\Users\Oli\AppData\Roaming\FB.exe
2015-01-25 17:12 - 2015-01-25 17:12 - 0001248 _____ () C:\Users\Oli\AppData\Roaming\KDPUMLQ
2015-03-03 15:50 - 2015-03-03 15:50 - 2020824 _____ (HD PlusV01.03) C:\Users\Oli\AppData\Roaming\KDPUMLQ.exe
2015-03-03 15:52 - 2015-03-03 15:52 - 1466800 _____ (HQ-Video2.5dV16.11) C:\Users\Oli\AppData\Roaming\LCIVXJP.exe
2014-08-13 08:27 - 2015-03-03 00:36 - 0000163 _____ () C:\Users\Oli\AppData\Roaming\WB.CFG
2014-12-02 00:51 - 2014-12-17 00:51 - 0000001 _____ () C:\Users\Oli\AppData\Local\DSI.DAT
2014-12-02 00:51 - 2014-12-02 00:51 - 0022528 _____ () C:\Users\Oli\AppData\Local\dsisetup1319875942.exe
2014-12-17 00:51 - 2014-12-17 00:51 - 0022528 _____ () C:\Users\Oli\AppData\Local\dsisetup3365318462.exe
2014-07-23 13:18 - 2014-07-23 13:19 - 0013611 _____ () C:\Users\Oli\AppData\Local\HWVendorDetection.log
2014-11-16 15:27 - 2014-11-16 15:27 - 0301608 _____ (VuuPC Limited) C:\Users\Oli\AppData\Local\nsb7BD6.tmp
2015-02-24 20:16 - 2015-02-24 20:16 - 0628496 _____ (CMI Limited) C:\Users\Oli\AppData\Local\nsd3890.tmp
2015-02-24 20:22 - 2015-02-24 20:21 - 0613057 _____ (CMI Limited) C:\Users\Oli\AppData\Local\nsfF972.tmp
2015-02-24 21:31 - 2015-02-24 21:31 - 0613057 _____ (CMI Limited) C:\Users\Oli\AppData\Local\nsj46AC.tmp
2015-02-24 20:20 - 2015-02-24 20:19 - 0613057 _____ (CMI Limited) C:\Users\Oli\AppData\Local\nsuFCAD.tmp
Task: {15BDB628-6EF7-4DAC-87E6-F8317FE4242D} - System32\Tasks\0N4MiYvo6QHGpaH => C:\Users\Oli\AppData\Roaming\KJRY19c\6Dtt1HA.exe [2015-03-03] ( )
Task: {23D14766-0B3B-42F1-981F-9CA237339904} - System32\Tasks\{5370B10B-4901-4612-A3EC-4589CA59E1EE} => pcalua.exe -a "E:\Disque dur\Setup.exe" -d "E:\Disque dur"
Task: {318021EE-6DA9-4892-9569-855DF922FE68} - System32\Tasks\WIN-GGfIfEGCfEGbGffIfCfEGC => C:\Users\Oli\AppData\Roaming\~iyocxsp.exe
Task: {32A6558D-E1F7-4677-8C30-57E51BAE2B55} - System32\Tasks\DriverToolkit Autorun => C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe
Task: {47B6CA99-E94F-409A-9F25-CCEF24550C65} - System32\Tasks\{0AF584BF-79BC-44B0-9EB8-69F36AC33838} => pcalua.exe -a C:\ProgramData\ZombieNews\uninstall.exe -c /kb=y /ic=1
Task: {4B6E22ED-BE00-473A-9C92-C899905C079D} - System32\Tasks\SmileFiles Installer Starter => C:\Users\Oli\AppData\Local\Temp\SmileFilesGKCksZTDRP.exe [2015-03-01] (http://smile-files.com) <==== ATTENTION
Task: {53955A18-6AC3-46FB-83B2-E3643B0E9DB8} - System32\Tasks\9zIPDbDP5Qfmo85 => C:\Users\Oli\AppData\Roaming\IOt0Awb\vniOzMe.exe [2015-02-23] ( )
Task: {550A53C2-B699-428A-8415-441EB397FF1D} - System32\Tasks\Taplika => C:\Users\Oli\AppData\Roaming\Taplika\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {58691C1D-B4A9-4D0F-B0D4-921C06B601C1} - System32\Tasks\{42E3957A-D7E6-4AA5-92E4-162E474C1BD0} => pcalua.exe -a C:\Users\Oli\AppData\Roaming\istartsurf\UninstallManager.exe -c -ptid=ill
Task: {5F3C4BFB-16F7-461B-BEDF-158B71AA6376} - System32\Tasks\JTKYQJY => C:\ProgramData\4a47be4976c74e29b94eec00fb9877ad\4a47be4976c74e29b94eec00fb9877ad.exe
Task: {60389F9D-FCE9-4067-B1B6-C403A62C3D89} - System32\Tasks\WIN-fdfEfEfAfC => C:\Users\Oli\AppData\Roaming\~ilckxhd.exe
Task: {69E8EDB5-41A6-4643-BD1A-4EBB8CF71A67} - System32\Tasks\WIN-fIGbfFfEGCfFGEGbfCfE => C:\Users\Oli\AppData\Roaming\~tcvtqdq.exe
Task: {7FD09B23-4F17-469D-B61E-051B37A70C2B} - System32\Tasks\WIN-statsSystem => C:\Users\Oli\AppData\Local\Microsoft\WinU\~soffssx.exe
Task: {9D3AC9EF-FD9A-4E59-BA9A-AF2566F1CA0D} - System32\Tasks\{7677CC53-42B0-4550-8D37-BDE371786F5B} => pcalua.exe -a C:\PROGRA~2\SearchProtect\Main\bin\uninstall.exe -c /S <==== ATTENTION
Task: {A66428A4-80E8-4BF7-A453-9AF570DE36FA} - System32\Tasks\WIN-statsAdmin => C:\Users\Oli\AppData\Local\Microsoft\WinU\~rcefysx.exe <==== ATTENTION
Task: {AC07ACBD-F33E-4E2B-A45D-0DEEEC166A96} - System32\Tasks\KDPUMLQ => C:\Users\Oli\AppData\Roaming\KDPUMLQ.exe [2015-03-03] (HD PlusV01.03) <==== ATTENTION
Task: {AE6CF129-85E0-4FF0-89F5-6B40010DE854} - System32\Tasks\CyNwEd5X6xsoKla => C:\Users\Oli\AppData\Roaming\R4TwfmI\4a6uDmY.exe [2015-03-03] ( )
Task: {E5FC3E79-2DA8-4F91-9C54-CAAB2DC17EC9} - System32\Tasks\FB => C:\Users\Oli\AppData\Roaming\FB.exe [2015-03-03] (HD PlusV01.03) <==== ATTENTION
Task: C:\Windows\Tasks\DriverToolkit Autorun.job => C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe
Task: C:\Windows\Tasks\FB.job => C:\Users\Oli\AppData\Roaming\FB.exe <==== ATTENTION
Task: C:\Windows\Tasks\KDPUMLQ.job => C:\Users\Oli\AppData\Roaming\KDPUMLQ.exe <==== ATTENTION
Task: C:\Windows\Tasks\Taplika.job => C:\Users\Oli\AppData\Roaming\Taplika\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
cmd: netsh winsock reset
Une fois, le texte coller dans le bloc-note.
Menu Fichier puis Enregistrer sous.
A gauche, place toi sur le bureau.
Dans le champs en bas, nom du fichier mets : fixlist.txt
Clic sur Enregistrer - cela va créer un fichier fixlist.txt sur le bureau.
Relance FRST et clic sur le bouton Fix
Selon comment un redémarrage est nécessaire (pas obligatoire).
Un fichier texte apparaît, copie/colle le contenu ici dans un nouveau message.
Redémarre l'ordinateur
puis réinitialise tes navigateurs:
==================================
Réinitialise tes navigateurs et ou manuellement reparamètre tes navigateurs WEB (page de démarrage, moteur de recherche etc) mais aussi supprimer/désactiver les extensions inutiles/parasites :
Tu peux t'inspirer de cette note explicative avec des captures d'écran pour t'aider: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/#fix
Ouvre le bloc-notes : Touche Windows + R, dans le champs executer, tape notepad et OK.
Copie/colle dans le bloc ce qui suit :
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:50544;https=127.0.0.1:50544 [Attention - Possible Proxy Malicieux]
Winsock: Catalog9 01 C:\Windows\system32\Gambali.dll File Not found ()
Winsock: Catalog9 02 C:\Windows\system32\Gambali.dll File Not found ()
Winsock: Catalog9 03 C:\Windows\system32\Gambali.dll File Not found ()
Winsock: Catalog9 04 C:\Windows\system32\Gambali.dll File Not found ()
Winsock: Catalog9 16 C:\Windows\system32\Gambali.dll File Not found ()
Winsock: Catalog9-x64 01 C:\Windows\system32\Gambali64.dll File Not found ()
Winsock: Catalog9-x64 02 C:\Windows\system32\Gambali64.dll File Not found ()
Winsock: Catalog9-x64 03 C:\Windows\system32\Gambali64.dll File Not found ()
Winsock: Catalog9-x64 04 C:\Windows\system32\Gambali64.dll File Not found ()
Winsock: Catalog9-x64 16 C:\Windows\system32\Gambali64.dll File Not found ()
CHR Extension: (HD Cinema Plus 1.8V01.03) - C:\Users\Oli\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni [2015-03-01]
R2 tykeziro; C:\Users\Oli\AppData\Local\2B9679F9-1424804800-E011-A243-B870F49AD63D\snsx51D3.tmp [179200 2015-02-24] () [File not signed]
R2 wonykuri; C:\Users\Oli\AppData\Roaming\2B9679F9-1424804738-E011-A243-B870F49AD63D\jnssBF33.tmp [95232 2015-02-24] () [File not signed]
R2 biwejizu; C:\Users\Oli\AppData\Roaming\2B9679F9-1424804738-E011-A243-B870F49AD63D\nsh8336.tmpfs [X]
R2 FGmwfUCKPNU; C:\ProgramData\nxVmHjykH\FGmwfUCKPNU.exe [2733032 2015-03-03] (Time Lapse Solutions)
S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [14872 2014-01-07] ()
2015-03-03 19:49 - 2015-03-03 19:49 - 00000000 ____D () C:\ProgramData\2355320829
2015-03-03 16:24 - 2015-03-03 16:24 - 01940912 _____ (HQ-Video2.5dV16.11) C:\Users\Oli\AppData\Roaming\DTQXTXS.exe
2015-03-03 15:52 - 2015-03-03 15:52 - 01526232 _____ (HD PlusV01.03) C:\Users\Oli\AppData\Roaming\FB.exe
2015-03-03 15:52 - 2015-03-03 15:52 - 01466800 _____ (HQ-Video2.5dV16.11) C:\Users\Oli\AppData\Roaming\LCIVXJP.exe
2015-03-03 15:50 - 2015-03-03 15:50 - 02020824 _____ (HD PlusV01.03) C:\Users\Oli\AppData\Roaming\KDPUMLQ.exe
2015-03-03 10:57 - 2015-03-03 10:57 - 00003092 _____ () C:\Windows\System32\Tasks\{0AF584BF-79BC-44B0-9EB8-69F36AC33838}
2015-03-03 10:49 - 2015-03-03 10:49 - 00003158 _____ () C:\Windows\System32\Tasks\SmileFiles Installer Starter
2015-03-02 16:28 - 2015-03-03 10:50 - 00000000 ____D () C:\ProgramData\{60a09273-172a-068d-60a0-0927317249cc}
2015-03-01 20:37 - 2015-03-03 10:48 - 00000004 _____ () C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-03-01 19:37 - 2015-03-04 10:43 - 00000000 ____D () C:\Program Files (x86)\HD Cinema Plus 1.8V01.03
2015-03-01 19:37 - 2015-03-03 16:24 - 00000000 ____D () C:\Program Files (x86)\d5b865c2-51f0-4923-aa65-d73193d90cf7
2015-03-01 19:37 - 2015-03-03 10:48 - 00001676 _____ () C:\Windows\Tasks\KDPUMLQ.job
2015-03-01 19:37 - 2015-03-03 10:48 - 00001322 _____ () C:\Windows\Tasks\FB.job
2015-03-01 19:37 - 2015-03-01 19:37 - 00004692 _____ () C:\Windows\System32\Tasks\KDPUMLQ
2015-03-01 19:37 - 2015-03-01 19:37 - 00004338 _____ () C:\Windows\System32\Tasks\FB
2015-03-01 19:36 - 2015-03-02 16:26 - 00000000 ____D () C:\ProgramData\nxVmHjykH
2015-03-01 16:22 - 2015-03-01 16:22 - 00003544 _____ () C:\Windows\System32\Tasks\JTKYQJY
2015-02-24 22:40 - 2015-03-03 15:52 - 00000000 ____D () C:\Program Files (x86)\c2a69466-1b6a-479d-a186-8814fde96b52
2015-02-24 22:12 - 2015-02-24 22:12 - 02126848 _____ () C:\Users\Oli\Downloads\adwcleaner_4.111.exe
2015-02-24 21:31 - 2015-02-24 21:31 - 00613057 _____ (CMI Limited) C:\Users\Oli\AppData\Local\nsj46AC.tmp
2015-02-24 21:11 - 2015-03-03 16:24 - 00000000 ____D () C:\Program Files (x86)\I - Cinema
2015-02-24 21:11 - 2015-03-03 15:51 - 00000000 ____D () C:\Program Files (x86)\7088dbc2-d073-4f5e-abb2-a5ff1bace0d9
2015-02-24 20:22 - 2015-02-24 20:21 - 00613057 _____ (CMI Limited) C:\Users\Oli\AppData\Local\nsfF972.tmp
2015-02-24 20:20 - 2015-02-24 20:19 - 00613057 _____ (CMI Limited) C:\Users\Oli\AppData\Local\nsuFCAD.tmp
2015-02-24 20:17 - 2015-02-24 20:55 - 00000000 ____D () C:\ProgramData\{a33bce7e-784a-9741-a33b-bce7e78439f9}
2015-02-24 20:16 - 2015-02-24 20:16 - 00628496 _____ (CMI Limited) C:\Users\Oli\AppData\Local\nsd3890.tmp
2015-02-24 19:06 - 2015-03-04 10:03 - 00000000 ____D () C:\Users\Oli\AppData\Local\2B9679F9-1424804800-E011-A243-B870F49AD63D
2015-02-24 19:05 - 2015-02-24 20:19 - 00000000 ____D () C:\Users\Oli\AppData\Roaming\2B9679F9-1424804738-E011-A243-B870F49AD63D
2015-02-23 18:15 - 2015-03-03 15:52 - 00000000 ____D () C:\Users\Oli\AppData\Roaming\R4TwfmI
2015-02-23 18:15 - 2015-03-03 15:50 - 00000000 ____D () C:\Users\Oli\AppData\Roaming\IOt0Awb
2015-02-23 18:15 - 2015-02-23 18:15 - 00003276 _____ () C:\Windows\System32\Tasks\CyNwEd5X6xsoKla
2015-02-23 18:15 - 2015-02-23 18:15 - 00003236 _____ () C:\Windows\System32\Tasks\9zIPDbDP5Qfmo85
2015-02-22 19:05 - 2015-03-03 15:50 - 00000000 ____D () C:\Program Files (x86)\047fc8e8-b161-46e0-95f7-114842b19d33
2015-02-21 19:06 - 2015-03-03 15:51 - 00000000 ____D () C:\Program Files (x86)\f9481e41-3246-487b-ad8a-f8aa6e65596b
2015-02-20 19:04 - 2015-03-03 16:24 - 00000000 ____D () C:\Program Files (x86)\93dabc92-2c3c-49f6-b30b-6fb9e1094381
2015-02-19 19:10 - 2015-03-03 16:24 - 00000000 ____D () C:\Program Files (x86)\5c61a21a-ba41-40bb-a6dc-33bff59a4a59
2015-03-03 16:24 - 2014-11-25 11:00 - 00000000 ____D () C:\Users\Oli\AppData\Roaming\KJRY19c
2015-03-03 16:24 - 2014-11-16 14:48 - 00000000 ____D () C:\Program Files (x86)\43993b2b-300c-487d-a590-37050322df99
2015-03-03 16:24 - 2014-09-03 06:27 - 00000000 ____D () C:\Program Files (x86)\B021CBBD-E38E-4F8C-8E93-6624B0597A23
2015-03-03 15:51 - 2014-09-04 10:56 - 00000000 ____D () C:\Users\Oli\AppData\Local\22664
2015-03-03 16:24 - 2015-03-03 16:24 - 1940912 _____ (HQ-Video2.5dV16.11) C:\Users\Oli\AppData\Roaming\DTQXTXS.exe
2015-01-25 17:12 - 2015-01-25 17:12 - 0002086 _____ () C:\Users\Oli\AppData\Roaming\FB
2015-03-03 15:52 - 2015-03-03 15:52 - 1526232 _____ (HD PlusV01.03) C:\Users\Oli\AppData\Roaming\FB.exe
2015-01-25 17:12 - 2015-01-25 17:12 - 0001248 _____ () C:\Users\Oli\AppData\Roaming\KDPUMLQ
2015-03-03 15:50 - 2015-03-03 15:50 - 2020824 _____ (HD PlusV01.03) C:\Users\Oli\AppData\Roaming\KDPUMLQ.exe
2015-03-03 15:52 - 2015-03-03 15:52 - 1466800 _____ (HQ-Video2.5dV16.11) C:\Users\Oli\AppData\Roaming\LCIVXJP.exe
2014-08-13 08:27 - 2015-03-03 00:36 - 0000163 _____ () C:\Users\Oli\AppData\Roaming\WB.CFG
2014-12-02 00:51 - 2014-12-17 00:51 - 0000001 _____ () C:\Users\Oli\AppData\Local\DSI.DAT
2014-12-02 00:51 - 2014-12-02 00:51 - 0022528 _____ () C:\Users\Oli\AppData\Local\dsisetup1319875942.exe
2014-12-17 00:51 - 2014-12-17 00:51 - 0022528 _____ () C:\Users\Oli\AppData\Local\dsisetup3365318462.exe
2014-07-23 13:18 - 2014-07-23 13:19 - 0013611 _____ () C:\Users\Oli\AppData\Local\HWVendorDetection.log
2014-11-16 15:27 - 2014-11-16 15:27 - 0301608 _____ (VuuPC Limited) C:\Users\Oli\AppData\Local\nsb7BD6.tmp
2015-02-24 20:16 - 2015-02-24 20:16 - 0628496 _____ (CMI Limited) C:\Users\Oli\AppData\Local\nsd3890.tmp
2015-02-24 20:22 - 2015-02-24 20:21 - 0613057 _____ (CMI Limited) C:\Users\Oli\AppData\Local\nsfF972.tmp
2015-02-24 21:31 - 2015-02-24 21:31 - 0613057 _____ (CMI Limited) C:\Users\Oli\AppData\Local\nsj46AC.tmp
2015-02-24 20:20 - 2015-02-24 20:19 - 0613057 _____ (CMI Limited) C:\Users\Oli\AppData\Local\nsuFCAD.tmp
Task: {15BDB628-6EF7-4DAC-87E6-F8317FE4242D} - System32\Tasks\0N4MiYvo6QHGpaH => C:\Users\Oli\AppData\Roaming\KJRY19c\6Dtt1HA.exe [2015-03-03] ( )
Task: {23D14766-0B3B-42F1-981F-9CA237339904} - System32\Tasks\{5370B10B-4901-4612-A3EC-4589CA59E1EE} => pcalua.exe -a "E:\Disque dur\Setup.exe" -d "E:\Disque dur"
Task: {318021EE-6DA9-4892-9569-855DF922FE68} - System32\Tasks\WIN-GGfIfEGCfEGbGffIfCfEGC => C:\Users\Oli\AppData\Roaming\~iyocxsp.exe
Task: {32A6558D-E1F7-4677-8C30-57E51BAE2B55} - System32\Tasks\DriverToolkit Autorun => C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe
Task: {47B6CA99-E94F-409A-9F25-CCEF24550C65} - System32\Tasks\{0AF584BF-79BC-44B0-9EB8-69F36AC33838} => pcalua.exe -a C:\ProgramData\ZombieNews\uninstall.exe -c /kb=y /ic=1
Task: {4B6E22ED-BE00-473A-9C92-C899905C079D} - System32\Tasks\SmileFiles Installer Starter => C:\Users\Oli\AppData\Local\Temp\SmileFilesGKCksZTDRP.exe [2015-03-01] (http://smile-files.com) <==== ATTENTION
Task: {53955A18-6AC3-46FB-83B2-E3643B0E9DB8} - System32\Tasks\9zIPDbDP5Qfmo85 => C:\Users\Oli\AppData\Roaming\IOt0Awb\vniOzMe.exe [2015-02-23] ( )
Task: {550A53C2-B699-428A-8415-441EB397FF1D} - System32\Tasks\Taplika => C:\Users\Oli\AppData\Roaming\Taplika\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {58691C1D-B4A9-4D0F-B0D4-921C06B601C1} - System32\Tasks\{42E3957A-D7E6-4AA5-92E4-162E474C1BD0} => pcalua.exe -a C:\Users\Oli\AppData\Roaming\istartsurf\UninstallManager.exe -c -ptid=ill
Task: {5F3C4BFB-16F7-461B-BEDF-158B71AA6376} - System32\Tasks\JTKYQJY => C:\ProgramData\4a47be4976c74e29b94eec00fb9877ad\4a47be4976c74e29b94eec00fb9877ad.exe
Task: {60389F9D-FCE9-4067-B1B6-C403A62C3D89} - System32\Tasks\WIN-fdfEfEfAfC => C:\Users\Oli\AppData\Roaming\~ilckxhd.exe
Task: {69E8EDB5-41A6-4643-BD1A-4EBB8CF71A67} - System32\Tasks\WIN-fIGbfFfEGCfFGEGbfCfE => C:\Users\Oli\AppData\Roaming\~tcvtqdq.exe
Task: {7FD09B23-4F17-469D-B61E-051B37A70C2B} - System32\Tasks\WIN-statsSystem => C:\Users\Oli\AppData\Local\Microsoft\WinU\~soffssx.exe
Task: {9D3AC9EF-FD9A-4E59-BA9A-AF2566F1CA0D} - System32\Tasks\{7677CC53-42B0-4550-8D37-BDE371786F5B} => pcalua.exe -a C:\PROGRA~2\SearchProtect\Main\bin\uninstall.exe -c /S <==== ATTENTION
Task: {A66428A4-80E8-4BF7-A453-9AF570DE36FA} - System32\Tasks\WIN-statsAdmin => C:\Users\Oli\AppData\Local\Microsoft\WinU\~rcefysx.exe <==== ATTENTION
Task: {AC07ACBD-F33E-4E2B-A45D-0DEEEC166A96} - System32\Tasks\KDPUMLQ => C:\Users\Oli\AppData\Roaming\KDPUMLQ.exe [2015-03-03] (HD PlusV01.03) <==== ATTENTION
Task: {AE6CF129-85E0-4FF0-89F5-6B40010DE854} - System32\Tasks\CyNwEd5X6xsoKla => C:\Users\Oli\AppData\Roaming\R4TwfmI\4a6uDmY.exe [2015-03-03] ( )
Task: {E5FC3E79-2DA8-4F91-9C54-CAAB2DC17EC9} - System32\Tasks\FB => C:\Users\Oli\AppData\Roaming\FB.exe [2015-03-03] (HD PlusV01.03) <==== ATTENTION
Task: C:\Windows\Tasks\DriverToolkit Autorun.job => C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe
Task: C:\Windows\Tasks\FB.job => C:\Users\Oli\AppData\Roaming\FB.exe <==== ATTENTION
Task: C:\Windows\Tasks\KDPUMLQ.job => C:\Users\Oli\AppData\Roaming\KDPUMLQ.exe <==== ATTENTION
Task: C:\Windows\Tasks\Taplika.job => C:\Users\Oli\AppData\Roaming\Taplika\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
cmd: netsh winsock reset
Une fois, le texte coller dans le bloc-note.
Menu Fichier puis Enregistrer sous.
A gauche, place toi sur le bureau.
Dans le champs en bas, nom du fichier mets : fixlist.txt
Clic sur Enregistrer - cela va créer un fichier fixlist.txt sur le bureau.
Relance FRST et clic sur le bouton Fix
Selon comment un redémarrage est nécessaire (pas obligatoire).
Un fichier texte apparaît, copie/colle le contenu ici dans un nouveau message.
Redémarre l'ordinateur
puis réinitialise tes navigateurs:
==================================
Réinitialise tes navigateurs et ou manuellement reparamètre tes navigateurs WEB (page de démarrage, moteur de recherche etc) mais aussi supprimer/désactiver les extensions inutiles/parasites :
- Firefox : https://www.malekal.com/reparer-firefox/?t=36057&start=
- Google Chrome : https://www.malekal.com/reparer-google-chrome/?t=35837&start=
- Internet Explorer et modules complémentaires / moteurs de recherche : https://forum.malekal.com/viewtopic.php?t=41399&start=
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
OliDolly
Messages postés
7
Date d'inscription
mercredi 4 mars 2015
Statut
Membre
Dernière intervention
4 mars 2015
4 mars 2015 à 13:13
4 mars 2015 à 13:13
MERCI. j'essaie de suite
OliDolly
Messages postés
7
Date d'inscription
mercredi 4 mars 2015
Statut
Membre
Dernière intervention
4 mars 2015
4 mars 2015 à 13:39
4 mars 2015 à 13:39
Voilà le message texte: ( j'ai du le copier coller dans bloc note afin de le faire transparaître sur le 2ème ordinateur, un message m'a dit que certains caractère pouvaient être absent ou modifié, j'espère que ça ne gênera pas)
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-03-2015
Ran by Oli at 2015-03-04 13:26:41 Run:1
Running from C:\Users\Oli\Desktop
Loaded Profiles: Oli (Available profiles: Oli)
Boot Mode: Normal
==============================================
Content of fixlist:
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:50544;https=127.0.0.1:50544 [Attention - Possible Proxy Malicieux]
Winsock: Catalog9 01 C:\Windows\system32\Gambali.dll File Not found ()
Winsock: Catalog9 02 C:\Windows\system32\Gambali.dll File Not found ()
Winsock: Catalog9 03 C:\Windows\system32\Gambali.dll File Not found ()
Winsock: Catalog9 04 C:\Windows\system32\Gambali.dll File Not found ()
Winsock: Catalog9 16 C:\Windows\system32\Gambali.dll File Not found ()
Winsock: Catalog9-x64 01 C:\Windows\system32\Gambali64.dll File Not found ()
Winsock: Catalog9-x64 02 C:\Windows\system32\Gambali64.dll File Not found ()
Winsock: Catalog9-x64 03 C:\Windows\system32\Gambali64.dll File Not found ()
Winsock: Catalog9-x64 04 C:\Windows\system32\Gambali64.dll File Not found ()
Winsock: Catalog9-x64 16 C:\Windows\system32\Gambali64.dll File Not found ()
CHR Extension: (HD Cinema Plus 1.8V01.03) - C:\Users\Oli\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni [2015-03-01]
R2 tykeziro; C:\Users\Oli\AppData\Local\2B9679F9-1424804800-E011-A243-B870F49AD63D\snsx51D3.tmp [179200 2015-02-24] () [File not signed]
R2 wonykuri; C:\Users\Oli\AppData\Roaming\2B9679F9-1424804738-E011-A243-B870F49AD63D\jnssBF33.tmp [95232 2015-02-24] () [File not signed]
R2 biwejizu; C:\Users\Oli\AppData\Roaming\2B9679F9-1424804738-E011-A243-B870F49AD63D\nsh8336.tmpfs [X]
R2 FGmwfUCKPNU; C:\ProgramData\nxVmHjykH\FGmwfUCKPNU.exe [2733032 2015-03-03] (Time Lapse Solutions)
S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [14872 2014-01-07] ()
2015-03-03 19:49 - 2015-03-03 19:49 - 00000000 ____D () C:\ProgramData\2355320829
2015-03-03 16:24 - 2015-03-03 16:24 - 01940912 _____ (HQ-Video2.5dV16.11) C:\Users\Oli\AppData\Roaming\DTQXTXS.exe
2015-03-03 15:52 - 2015-03-03 15:52 - 01526232 _____ (HD PlusV01.03) C:\Users\Oli\AppData\Roaming\FB.exe
2015-03-03 15:52 - 2015-03-03 15:52 - 01466800 _____ (HQ-Video2.5dV16.11) C:\Users\Oli\AppData\Roaming\LCIVXJP.exe
2015-03-03 15:50 - 2015-03-03 15:50 - 02020824 _____ (HD PlusV01.03) C:\Users\Oli\AppData\Roaming\KDPUMLQ.exe
2015-03-03 10:57 - 2015-03-03 10:57 - 00003092 _____ () C:\Windows\System32\Tasks\{0AF584BF-79BC-44B0-9EB8-69F36AC33838}
2015-03-03 10:49 - 2015-03-03 10:49 - 00003158 _____ () C:\Windows\System32\Tasks\SmileFiles Installer Starter
2015-03-02 16:28 - 2015-03-03 10:50 - 00000000 ____D () C:\ProgramData\{60a09273-172a-068d-60a0-0927317249cc}
2015-03-01 20:37 - 2015-03-03 10:48 - 00000004 _____ () C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-03-01 19:37 - 2015-03-04 10:43 - 00000000 ____D () C:\Program Files (x86)\HD Cinema Plus 1.8V01.03
2015-03-01 19:37 - 2015-03-03 16:24 - 00000000 ____D () C:\Program Files (x86)\d5b865c2-51f0-4923-aa65-d73193d90cf7
2015-03-01 19:37 - 2015-03-03 10:48 - 00001676 _____ () C:\Windows\Tasks\KDPUMLQ.job
2015-03-01 19:37 - 2015-03-03 10:48 - 00001322 _____ () C:\Windows\Tasks\FB.job
2015-03-01 19:37 - 2015-03-01 19:37 - 00004692 _____ () C:\Windows\System32\Tasks\KDPUMLQ
2015-03-01 19:37 - 2015-03-01 19:37 - 00004338 _____ () C:\Windows\System32\Tasks\FB
2015-03-01 19:36 - 2015-03-02 16:26 - 00000000 ____D () C:\ProgramData\nxVmHjykH
2015-03-01 16:22 - 2015-03-01 16:22 - 00003544 _____ () C:\Windows\System32\Tasks\JTKYQJY
2015-02-24 22:40 - 2015-03-03 15:52 - 00000000 ____D () C:\Program Files (x86)\c2a69466-1b6a-479d-a186-8814fde96b52
2015-02-24 22:12 - 2015-02-24 22:12 - 02126848 _____ () C:\Users\Oli\Downloads\adwcleaner_4.111.exe
2015-02-24 21:31 - 2015-02-24 21:31 - 00613057 _____ (CMI Limited) C:\Users\Oli\AppData\Local\nsj46AC.tmp
2015-02-24 21:11 - 2015-03-03 16:24 - 00000000 ____D () C:\Program Files (x86)\I - Cinema
2015-02-24 21:11 - 2015-03-03 15:51 - 00000000 ____D () C:\Program Files (x86)\7088dbc2-d073-4f5e-abb2-a5ff1bace0d9
2015-02-24 20:22 - 2015-02-24 20:21 - 00613057 _____ (CMI Limited) C:\Users\Oli\AppData\Local\nsfF972.tmp
2015-02-24 20:20 - 2015-02-24 20:19 - 00613057 _____ (CMI Limited) C:\Users\Oli\AppData\Local\nsuFCAD.tmp
2015-02-24 20:17 - 2015-02-24 20:55 - 00000000 ____D () C:\ProgramData\{a33bce7e-784a-9741-a33b-bce7e78439f9}
2015-02-24 20:16 - 2015-02-24 20:16 - 00628496 _____ (CMI Limited) C:\Users\Oli\AppData\Local\nsd3890.tmp
2015-02-24 19:06 - 2015-03-04 10:03 - 00000000 ____D () C:\Users\Oli\AppData\Local\2B9679F9-1424804800-E011-A243-B870F49AD63D
2015-02-24 19:05 - 2015-02-24 20:19 - 00000000 ____D () C:\Users\Oli\AppData\Roaming\2B9679F9-1424804738-E011-A243-B870F49AD63D
2015-02-23 18:15 - 2015-03-03 15:52 - 00000000 ____D () C:\Users\Oli\AppData\Roaming\R4TwfmI
2015-02-23 18:15 - 2015-03-03 15:50 - 00000000 ____D () C:\Users\Oli\AppData\Roaming\IOt0Awb
2015-02-23 18:15 - 2015-02-23 18:15 - 00003276 _____ () C:\Windows\System32\Tasks\CyNwEd5X6xsoKla
2015-02-23 18:15 - 2015-02-23 18:15 - 00003236 _____ () C:\Windows\System32\Tasks\9zIPDbDP5Qfmo85
2015-02-22 19:05 - 2015-03-03 15:50 - 00000000 ____D () C:\Program Files (x86)\047fc8e8-b161-46e0-95f7-114842b19d33
2015-02-21 19:06 - 2015-03-03 15:51 - 00000000 ____D () C:\Program Files (x86)\f9481e41-3246-487b-ad8a-f8aa6e65596b
2015-02-20 19:04 - 2015-03-03 16:24 - 00000000 ____D () C:\Program Files (x86)\93dabc92-2c3c-49f6-b30b-6fb9e1094381
2015-02-19 19:10 - 2015-03-03 16:24 - 00000000 ____D () C:\Program Files (x86)\5c61a21a-ba41-40bb-a6dc-33bff59a4a59
2015-03-03 16:24 - 2014-11-25 11:00 - 00000000 ____D () C:\Users\Oli\AppData\Roaming\KJRY19c
2015-03-03 16:24 - 2014-11-16 14:48 - 00000000 ____D () C:\Program Files (x86)\43993b2b-300c-487d-a590-37050322df99
2015-03-03 16:24 - 2014-09-03 06:27 - 00000000 ____D () C:\Program Files (x86)\B021CBBD-E38E-4F8C-8E93-6624B0597A23
2015-03-03 15:51 - 2014-09-04 10:56 - 00000000 ____D () C:\Users\Oli\AppData\Local\22664
2015-03-03 16:24 - 2015-03-03 16:24 - 1940912 _____ (HQ-Video2.5dV16.11) C:\Users\Oli\AppData\Roaming\DTQXTXS.exe
2015-01-25 17:12 - 2015-01-25 17:12 - 0002086 _____ () C:\Users\Oli\AppData\Roaming\FB
2015-03-03 15:52 - 2015-03-03 15:52 - 1526232 _____ (HD PlusV01.03) C:\Users\Oli\AppData\Roaming\FB.exe
2015-01-25 17:12 - 2015-01-25 17:12 - 0001248 _____ () C:\Users\Oli\AppData\Roaming\KDPUMLQ
2015-03-03 15:50 - 2015-03-03 15:50 - 2020824 _____ (HD PlusV01.03) C:\Users\Oli\AppData\Roaming\KDPUMLQ.exe
2015-03-03 15:52 - 2015-03-03 15:52 - 1466800 _____ (HQ-Video2.5dV16.11) C:\Users\Oli\AppData\Roaming\LCIVXJP.exe
2014-08-13 08:27 - 2015-03-03 00:36 - 0000163 _____ () C:\Users\Oli\AppData\Roaming\WB.CFG
2014-12-02 00:51 - 2014-12-17 00:51 - 0000001 _____ () C:\Users\Oli\AppData\Local\DSI.DAT
2014-12-02 00:51 - 2014-12-02 00:51 - 0022528 _____ () C:\Users\Oli\AppData\Local\dsisetup1319875942.exe
2014-12-17 00:51 - 2014-12-17 00:51 - 0022528 _____ () C:\Users\Oli\AppData\Local\dsisetup3365318462.exe
2014-07-23 13:18 - 2014-07-23 13:19 - 0013611 _____ () C:\Users\Oli\AppData\Local\HWVendorDetection.log
2014-11-16 15:27 - 2014-11-16 15:27 - 0301608 _____ (VuuPC Limited) C:\Users\Oli\AppData\Local\nsb7BD6.tmp
2015-02-24 20:16 - 2015-02-24 20:16 - 0628496 _____ (CMI Limited) C:\Users\Oli\AppData\Local\nsd3890.tmp
2015-02-24 20:22 - 2015-02-24 20:21 - 0613057 _____ (CMI Limited) C:\Users\Oli\AppData\Local\nsfF972.tmp
2015-02-24 21:31 - 2015-02-24 21:31 - 0613057 _____ (CMI Limited) C:\Users\Oli\AppData\Local\nsj46AC.tmp
2015-02-24 20:20 - 2015-02-24 20:19 - 0613057 _____ (CMI Limited) C:\Users\Oli\AppData\Local\nsuFCAD.tmp
Task: {15BDB628-6EF7-4DAC-87E6-F8317FE4242D} - System32\Tasks\0N4MiYvo6QHGpaH => C:\Users\Oli\AppData\Roaming\KJRY19c\6Dtt1HA.exe [2015-03-03] ( )
Task: {23D14766-0B3B-42F1-981F-9CA237339904} - System32\Tasks\{5370B10B-4901-4612-A3EC-4589CA59E1EE} => pcalua.exe -a "E:\Disque dur\Setup.exe" -d "E:\Disque dur"
Task: {318021EE-6DA9-4892-9569-855DF922FE68} - System32\Tasks\WIN-GGfIfEGCfEGbGffIfCfEGC => C:\Users\Oli\AppData\Roaming\~iyocxsp.exe
Task: {32A6558D-E1F7-4677-8C30-57E51BAE2B55} - System32\Tasks\DriverToolkit Autorun => C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe
Task: {47B6CA99-E94F-409A-9F25-CCEF24550C65} - System32\Tasks\{0AF584BF-79BC-44B0-9EB8-69F36AC33838} => pcalua.exe -a C:\ProgramData\ZombieNews\uninstall.exe -c /kb=y /ic=1
Task: {4B6E22ED-BE00-473A-9C92-C899905C079D} - System32\Tasks\SmileFiles Installer Starter => C:\Users\Oli\AppData\Local\Temp\SmileFilesGKCksZTDRP.exe [2015-03-01] (http://smile-files.com) <==== ATTENTION
Task: {53955A18-6AC3-46FB-83B2-E3643B0E9DB8} - System32\Tasks\9zIPDbDP5Qfmo85 => C:\Users\Oli\AppData\Roaming\IOt0Awb\vniOzMe.exe [2015-02-23] ( )
Task: {550A53C2-B699-428A-8415-441EB397FF1D} - System32\Tasks\Taplika => C:\Users\Oli\AppData\Roaming\Taplika\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {58691C1D-B4A9-4D0F-B0D4-921C06B601C1} - System32\Tasks\{42E3957A-D7E6-4AA5-92E4-162E474C1BD0} => pcalua.exe -a C:\Users\Oli\AppData\Roaming\istartsurf\UninstallManager.exe -c -ptid=ill
Task: {5F3C4BFB-16F7-461B-BEDF-158B71AA6376} - System32\Tasks\JTKYQJY => C:\ProgramData\4a47be4976c74e29b94eec00fb9877ad\4a47be4976c74e29b94eec00fb9877ad.exe
Task: {60389F9D-FCE9-4067-B1B6-C403A62C3D89} - System32\Tasks\WIN-fdfEfEfAfC => C:\Users\Oli\AppData\Roaming\~ilckxhd.exe
Task: {69E8EDB5-41A6-4643-BD1A-4EBB8CF71A67} - System32\Tasks\WIN-fIGbfFfEGCfFGEGbfCfE => C:\Users\Oli\AppData\Roaming\~tcvtqdq.exe
Task: {7FD09B23-4F17-469D-B61E-051B37A70C2B} - System32\Tasks\WIN-statsSystem => C:\Users\Oli\AppData\Local\Microsoft\WinU\~soffssx.exe
Task: {9D3AC9EF-FD9A-4E59-BA9A-AF2566F1CA0D} - System32\Tasks\{7677CC53-42B0-4550-8D37-BDE371786F5B} => pcalua.exe -a C:\PROGRA~2\SearchProtect\Main\bin\uninstall.exe -c /S <==== ATTENTION
Task: {A66428A4-80E8-4BF7-A453-9AF570DE36FA} - System32\Tasks\WIN-statsAdmin => C:\Users\Oli\AppData\Local\Microsoft\WinU\~rcefysx.exe <==== ATTENTION
Task: {AC07ACBD-F33E-4E2B-A45D-0DEEEC166A96} - System32\Tasks\KDPUMLQ => C:\Users\Oli\AppData\Roaming\KDPUMLQ.exe [2015-03-03] (HD PlusV01.03) <==== ATTENTION
Task: {AE6CF129-85E0-4FF0-89F5-6B40010DE854} - System32\Tasks\CyNwEd5X6xsoKla => C:\Users\Oli\AppData\Roaming\R4TwfmI\4a6uDmY.exe [2015-03-03] ( )
Task: {E5FC3E79-2DA8-4F91-9C54-CAAB2DC17EC9} - System32\Tasks\FB => C:\Users\Oli\AppData\Roaming\FB.exe [2015-03-03] (HD PlusV01.03) <==== ATTENTION
Task: C:\Windows\Tasks\DriverToolkit Autorun.job => C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe
Task: C:\Windows\Tasks\FB.job => C:\Users\Oli\AppData\Roaming\FB.exe <==== ATTENTION
Task: C:\Windows\Tasks\KDPUMLQ.job => C:\Users\Oli\AppData\Roaming\KDPUMLQ.exe <==== ATTENTION
Task: C:\Windows\Tasks\Taplika.job => C:\Users\Oli\AppData\Roaming\Taplika\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
cmd: netsh winsock reset
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value deleted successfully.
Winsock: Catalog entry 000000000001 => Deleted successfully.
Winsock: Catalog entry 000000000002 => Deleted successfully.
Winsock: Catalog entry 000000000003 => Deleted successfully.
Winsock: Catalog entry 000000000004 => Deleted successfully.
Winsock: Catalog entry 000000000016 => Deleted successfully.
Winsock: Catalog entry 000000000001 => Deleted successfully.
Winsock: Catalog entry 000000000002 => Deleted successfully.
Winsock: Catalog entry 000000000003 => Deleted successfully.
Winsock: Catalog entry 000000000004 => Deleted successfully.
Winsock: Catalog entry 000000000016 => Deleted successfully.
C:\Users\Oli\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni => Moved successfully.
tykeziro => Service stopped successfully.
tykeziro => Service deleted successfully.
wonykuri => Service stopped successfully.
wonykuri => Service deleted successfully.
biwejizu => Service stopped successfully.
biwejizu => Service deleted successfully.
FGmwfUCKPNU => Unable to stop service
FGmwfUCKPNU => Service deleted successfully.
esgiguard => Service deleted successfully.
C:\ProgramData\2355320829 => Moved successfully.
C:\Users\Oli\AppData\Roaming\DTQXTXS.exe => Moved successfully.
C:\Users\Oli\AppData\Roaming\FB.exe => Moved successfully.
C:\Users\Oli\AppData\Roaming\LCIVXJP.exe => Moved successfully.
C:\Users\Oli\AppData\Roaming\KDPUMLQ.exe => Moved successfully.
C:\Windows\System32\Tasks\{0AF584BF-79BC-44B0-9EB8-69F36AC33838} => Moved successfully.
C:\Windows\System32\Tasks\SmileFiles Installer Starter => Moved successfully.
"C:\ProgramData\{60a09273-172a-068d-60a0-0927317249cc}" directory move:
C:\ProgramData\{60a09273-172a-068d-60a0-0927317249cc}\23423fc1a94ef66d => Moved successfully.
Could not move "C:\ProgramData\{60a09273-172a-068d-60a0-0927317249cc}\eebf99948e9a11b9" => Scheduled to move on reboot.
C:\ProgramData\{60a09273-172a-068d-60a0-0927317249cc}\Setup_152757.dat => Moved successfully.
C:\ProgramData\{60a09273-172a-068d-60a0-0927317249cc}\Setup_152757.exe => Moved successfully.
Could not move "C:\ProgramData\{60a09273-172a-068d-60a0-0927317249cc}" directory. => Scheduled to move on reboot.
C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7 => Moved successfully.
C:\Program Files (x86)\HD Cinema Plus 1.8V01.03 => Moved successfully.
C:\Program Files (x86)\d5b865c2-51f0-4923-aa65-d73193d90cf7 => Moved successfully.
C:\Windows\Tasks\KDPUMLQ.job => Moved successfully.
C:\Windows\Tasks\FB.job => Moved successfully.
C:\Windows\System32\Tasks\KDPUMLQ => Moved successfully.
C:\Windows\System32\Tasks\FB => Moved successfully.
"C:\ProgramData\nxVmHjykH" directory move:
Could not move "C:\ProgramData\nxVmHjykH\FGmwfUCKPNU.dat" => Scheduled to move on reboot.
C:\ProgramData\nxVmHjykH\FGmwfUCKPNU.exe => Moved successfully.
C:\ProgramData\nxVmHjykH\FGmwfUCKPNU.exe.config => Moved successfully.
Could not move "C:\ProgramData\nxVmHjykH\info.dat" => Scheduled to move on reboot.
C:\ProgramData\nxVmHjykH\dat\GsffPjuem.dll => Moved successfully.
C:\ProgramData\nxVmHjykH\dat\MidSINF.exe => Moved successfully.
C:\ProgramData\nxVmHjykH\dat\MidSINF.exe.config => Moved successfully.
C:\ProgramData\nxVmHjykH\dat\ojIcms.dll => Moved successfully.
C:\ProgramData\nxVmHjykH\dat\PfYclq.exe => Moved successfully.
C:\ProgramData\nxVmHjykH\dat\PfYclq.exe.config => Moved successfully.
Could not move "C:\ProgramData\nxVmHjykH" directory. => Scheduled to move on reboot.
C:\Windows\System32\Tasks\JTKYQJY => Moved successfully.
C:\Program Files (x86)\c2a69466-1b6a-479d-a186-8814fde96b52 => Moved successfully.
C:\Users\Oli\Downloads\adwcleaner_4.111.exe => Moved successfully.
C:\Users\Oli\AppData\Local\nsj46AC.tmp => Moved successfully.
C:\Program Files (x86)\I - Cinema => Moved successfully.
C:\Program Files (x86)\7088dbc2-d073-4f5e-abb2-a5ff1bace0d9 => Moved successfully.
C:\Users\Oli\AppData\Local\nsfF972.tmp => Moved successfully.
C:\Users\Oli\AppData\Local\nsuFCAD.tmp => Moved successfully.
"C:\ProgramData\{a33bce7e-784a-9741-a33b-bce7e78439f9}" directory move:
Could not move "C:\ProgramData\{a33bce7e-784a-9741-a33b-bce7e78439f9}\4a20b683773adc85" => Scheduled to move on reboot.
C:\ProgramData\{a33bce7e-784a-9741-a33b-bce7e78439f9}\87dd10d650ee3b51 => Moved successfully.
C:\ProgramData\{a33bce7e-784a-9741-a33b-bce7e78439f9}\superpc_soft_partner.dat => Moved successfully.
C:\ProgramData\{a33bce7e-784a-9741-a33b-bce7e78439f9}\superpc_soft_partner.exe => Moved successfully.
Could not move "C:\ProgramData\{a33bce7e-784a-9741-a33b-bce7e78439f9}" directory. => Scheduled to move on reboot.
C:\Users\Oli\AppData\Local\nsd3890.tmp => Moved successfully.
C:\Users\Oli\AppData\Local\2B9679F9-1424804800-E011-A243-B870F49AD63D => Moved successfully.
C:\Users\Oli\AppData\Roaming\2B9679F9-1424804738-E011-A243-B870F49AD63D => Moved successfully.
C:\Users\Oli\AppData\Roaming\R4TwfmI => Moved successfully.
C:\Users\Oli\AppData\Roaming\IOt0Awb => Moved successfully.
C:\Windows\System32\Tasks\CyNwEd5X6xsoKla => Moved successfully.
C:\Windows\System32\Tasks\9zIPDbDP5Qfmo85 => Moved successfully.
C:\Program Files (x86)\047fc8e8-b161-46e0-95f7-114842b19d33 => Moved successfully.
C:\Program Files (x86)\f9481e41-3246-487b-ad8a-f8aa6e65596b => Moved successfully.
C:\Program Files (x86)\93dabc92-2c3c-49f6-b30b-6fb9e1094381 => Moved successfully.
C:\Program Files (x86)\5c61a21a-ba41-40bb-a6dc-33bff59a4a59 => Moved successfully.
C:\Users\Oli\AppData\Roaming\KJRY19c => Moved successfully.
C:\Program Files (x86)\43993b2b-300c-487d-a590-37050322df99 => Moved successfully.
C:\Program Files (x86)\B021CBBD-E38E-4F8C-8E93-6624B0597A23 => Moved successfully.
C:\Users\Oli\AppData\Local\22664 => Moved successfully.
"C:\Users\Oli\AppData\Roaming\DTQXTXS.exe" => File/Directory not found.
C:\Users\Oli\AppData\Roaming\FB => Moved successfully.
"C:\Users\Oli\AppData\Roaming\FB.exe" => File/Directory not found.
C:\Users\Oli\AppData\Roaming\KDPUMLQ => Moved successfully.
"C:\Users\Oli\AppData\Roaming\KDPUMLQ.exe" => File/Directory not found.
"C:\Users\Oli\AppData\Roaming\LCIVXJP.exe" => File/Directory not found.
C:\Users\Oli\AppData\Roaming\WB.CFG => Moved successfully.
C:\Users\Oli\AppData\Local\DSI.DAT => Moved successfully.
C:\Users\Oli\AppData\Local\dsisetup1319875942.exe => Moved successfully.
C:\Users\Oli\AppData\Local\dsisetup3365318462.exe => Moved successfully.
C:\Users\Oli\AppData\Local\HWVendorDetection.log => Moved successfully.
C:\Users\Oli\AppData\Local\nsb7BD6.tmp => Moved successfully.
"C:\Users\Oli\AppData\Local\nsd3890.tmp" => File/Directory not found.
"C:\Users\Oli\AppData\Local\nsfF972.tmp" => File/Directory not found.
"C:\Users\Oli\AppData\Local\nsj46AC.tmp" => File/Directory not found.
"C:\Users\Oli\AppData\Local\nsuFCAD.tmp" => File/Directory not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{15BDB628-6EF7-4DAC-87E6-F8317FE4242D}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{15BDB628-6EF7-4DAC-87E6-F8317FE4242D}" => Key deleted successfully.
C:\Windows\System32\Tasks\0N4MiYvo6QHGpaH => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\0N4MiYvo6QHGpaH" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{23D14766-0B3B-42F1-981F-9CA237339904}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{23D14766-0B3B-42F1-981F-9CA237339904}" => Key deleted successfully.
C:\Windows\System32\Tasks\{5370B10B-4901-4612-A3EC-4589CA59E1EE} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{5370B10B-4901-4612-A3EC-4589CA59E1EE}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{318021EE-6DA9-4892-9569-855DF922FE68}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{318021EE-6DA9-4892-9569-855DF922FE68}" => Key deleted successfully.
C:\Windows\System32\Tasks\WIN-GGfIfEGCfEGbGffIfCfEGC => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WIN-GGfIfEGCfEGbGffIfCfEGC" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{32A6558D-E1F7-4677-8C30-57E51BAE2B55}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{32A6558D-E1F7-4677-8C30-57E51BAE2B55}" => Key deleted successfully.
C:\Windows\System32\Tasks\DriverToolkit Autorun => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DriverToolkit Autorun" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{47B6CA99-E94F-409A-9F25-CCEF24550C65}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{47B6CA99-E94F-409A-9F25-CCEF24550C65}" => Key deleted successfully.
C:\Windows\System32\Tasks\{0AF584BF-79BC-44B0-9EB8-69F36AC33838} not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{0AF584BF-79BC-44B0-9EB8-69F36AC33838}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4B6E22ED-BE00-473A-9C92-C899905C079D}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4B6E22ED-BE00-473A-9C92-C899905C079D}" => Key deleted successfully.
C:\Windows\System32\Tasks\SmileFiles Installer Starter not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SmileFiles Installer Starter" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{53955A18-6AC3-46FB-83B2-E3643B0E9DB8}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{53955A18-6AC3-46FB-83B2-E3643B0E9DB8}" => Key deleted successfully.
C:\Windows\System32\Tasks\9zIPDbDP5Qfmo85 not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\9zIPDbDP5Qfmo85" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{550A53C2-B699-428A-8415-441EB397FF1D}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{550A53C2-B699-428A-8415-441EB397FF1D}" => Key deleted successfully.
C:\Windows\System32\Tasks\Taplika => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Taplika" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{58691C1D-B4A9-4D0F-B0D4-921C06B601C1}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{58691C1D-B4A9-4D0F-B0D4-921C06B601C1}" => Key deleted successfully.
C:\Windows\System32\Tasks\{42E3957A-D7E6-4AA5-92E4-162E474C1BD0} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{42E3957A-D7E6-4AA5-92E4-162E474C1BD0}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5F3C4BFB-16F7-461B-BEDF-158B71AA6376}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5F3C4BFB-16F7-461B-BEDF-158B71AA6376}" => Key deleted successfully.
C:\Windows\System32\Tasks\JTKYQJY not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\JTKYQJY" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{60389F9D-FCE9-4067-B1B6-C403A62C3D89}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{60389F9D-FCE9-4067-B1B6-C403A62C3D89}" => Key deleted successfully.
C:\Windows\System32\Tasks\WIN-fdfEfEfAfC => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WIN-fdfEfEfAfC" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{69E8EDB5-41A6-4643-BD1A-4EBB8CF71A67}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{69E8EDB5-41A6-4643-BD1A-4EBB8CF71A67}" => Key deleted successfully.
C:\Windows\System32\Tasks\WIN-fIGbfFfEGCfFGEGbfCfE => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WIN-fIGbfFfEGCfFGEGbfCfE" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7FD09B23-4F17-469D-B61E-051B37A70C2B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7FD09B23-4F17-469D-B61E-051B37A70C2B}" => Key deleted successfully.
C:\Windows\System32\Tasks\WIN-statsSystem => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WIN-statsSystem" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9D3AC9EF-FD9A-4E59-BA9A-AF2566F1CA0D}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9D3AC9EF-FD9A-4E59-BA9A-AF2566F1CA0D}" => Key deleted successfully.
C:\Windows\System32\Tasks\{7677CC53-42B0-4550-8D37-BDE371786F5B} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7677CC53-42B0-4550-8D37-BDE371786F5B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A66428A4-80E8-4BF7-A453-9AF570DE36FA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A66428A4-80E8-4BF7-A453-9AF570DE36FA}" => Key deleted successfully.
C:\Windows\System32\Tasks\WIN-statsAdmin => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WIN-statsAdmin" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AC07ACBD-F33E-4E2B-A45D-0DEEEC166A96}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AC07ACBD-F33E-4E2B-A45D-0DEEEC166A96}" => Key deleted successfully.
C:\Windows\System32\Tasks\KDPUMLQ not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\KDPUMLQ" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AE6CF129-85E0-4FF0-89F5-6B40010DE854}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AE6CF129-85E0-4FF0-89F5-6B40010DE854}" => Key deleted successfully.
C:\Windows\System32\Tasks\CyNwEd5X6xsoKla not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CyNwEd5X6xsoKla" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E5FC3E79-2DA8-4F91-9C54-CAAB2DC17EC9}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E5FC3E79-2DA8-4F91-9C54-CAAB2DC17EC9}" => Key deleted successfully.
C:\Windows\System32\Tasks\FB not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FB" => Key deleted successfully.
C:\Windows\Tasks\DriverToolkit Autorun.job => Moved successfully.
C:\Windows\Tasks\FB.job not found.
C:\Windows\Tasks\KDPUMLQ.job not found.
C:\Windows\Tasks\Taplika.job => Moved successfully.
========= netsh winsock reset =========
Le d?marrage de la fonction d'initialisation InitHelperDll dans NSHHTTP.DLL a ?chou??;
code d'erreur?: 10107
Le catalogue Winsock a ?t? r?initialis? correctement.
Vous devez red?marrer l'ordinateur afin de finaliser la r?initialisation.
========= End of CMD: =========
C:\ProgramData\{60a09273-172a-068d-60a0-0927317249cc} => Is moved successfully.
C:\ProgramData\nxVmHjykH\FGmwfUCKPNU.dat => Is moved successfully.
C:\ProgramData\nxVmHjykH\info.dat => Is moved successfully.
C:\ProgramData\nxVmHjykH => Is moved successfully.
C:\ProgramData\{a33bce7e-784a-9741-a33b-bce7e78439f9}\4a20b683773adc85 => Is moved successfully.
C:\ProgramData\{a33bce7e-784a-9741-a33b-bce7e78439f9} => Is moved successfully.
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-03-2015
Ran by Oli at 2015-03-04 13:26:41 Run:1
Running from C:\Users\Oli\Desktop
Loaded Profiles: Oli (Available profiles: Oli)
Boot Mode: Normal
==============================================
Content of fixlist:
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:50544;https=127.0.0.1:50544 [Attention - Possible Proxy Malicieux]
Winsock: Catalog9 01 C:\Windows\system32\Gambali.dll File Not found ()
Winsock: Catalog9 02 C:\Windows\system32\Gambali.dll File Not found ()
Winsock: Catalog9 03 C:\Windows\system32\Gambali.dll File Not found ()
Winsock: Catalog9 04 C:\Windows\system32\Gambali.dll File Not found ()
Winsock: Catalog9 16 C:\Windows\system32\Gambali.dll File Not found ()
Winsock: Catalog9-x64 01 C:\Windows\system32\Gambali64.dll File Not found ()
Winsock: Catalog9-x64 02 C:\Windows\system32\Gambali64.dll File Not found ()
Winsock: Catalog9-x64 03 C:\Windows\system32\Gambali64.dll File Not found ()
Winsock: Catalog9-x64 04 C:\Windows\system32\Gambali64.dll File Not found ()
Winsock: Catalog9-x64 16 C:\Windows\system32\Gambali64.dll File Not found ()
CHR Extension: (HD Cinema Plus 1.8V01.03) - C:\Users\Oli\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni [2015-03-01]
R2 tykeziro; C:\Users\Oli\AppData\Local\2B9679F9-1424804800-E011-A243-B870F49AD63D\snsx51D3.tmp [179200 2015-02-24] () [File not signed]
R2 wonykuri; C:\Users\Oli\AppData\Roaming\2B9679F9-1424804738-E011-A243-B870F49AD63D\jnssBF33.tmp [95232 2015-02-24] () [File not signed]
R2 biwejizu; C:\Users\Oli\AppData\Roaming\2B9679F9-1424804738-E011-A243-B870F49AD63D\nsh8336.tmpfs [X]
R2 FGmwfUCKPNU; C:\ProgramData\nxVmHjykH\FGmwfUCKPNU.exe [2733032 2015-03-03] (Time Lapse Solutions)
S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [14872 2014-01-07] ()
2015-03-03 19:49 - 2015-03-03 19:49 - 00000000 ____D () C:\ProgramData\2355320829
2015-03-03 16:24 - 2015-03-03 16:24 - 01940912 _____ (HQ-Video2.5dV16.11) C:\Users\Oli\AppData\Roaming\DTQXTXS.exe
2015-03-03 15:52 - 2015-03-03 15:52 - 01526232 _____ (HD PlusV01.03) C:\Users\Oli\AppData\Roaming\FB.exe
2015-03-03 15:52 - 2015-03-03 15:52 - 01466800 _____ (HQ-Video2.5dV16.11) C:\Users\Oli\AppData\Roaming\LCIVXJP.exe
2015-03-03 15:50 - 2015-03-03 15:50 - 02020824 _____ (HD PlusV01.03) C:\Users\Oli\AppData\Roaming\KDPUMLQ.exe
2015-03-03 10:57 - 2015-03-03 10:57 - 00003092 _____ () C:\Windows\System32\Tasks\{0AF584BF-79BC-44B0-9EB8-69F36AC33838}
2015-03-03 10:49 - 2015-03-03 10:49 - 00003158 _____ () C:\Windows\System32\Tasks\SmileFiles Installer Starter
2015-03-02 16:28 - 2015-03-03 10:50 - 00000000 ____D () C:\ProgramData\{60a09273-172a-068d-60a0-0927317249cc}
2015-03-01 20:37 - 2015-03-03 10:48 - 00000004 _____ () C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-03-01 19:37 - 2015-03-04 10:43 - 00000000 ____D () C:\Program Files (x86)\HD Cinema Plus 1.8V01.03
2015-03-01 19:37 - 2015-03-03 16:24 - 00000000 ____D () C:\Program Files (x86)\d5b865c2-51f0-4923-aa65-d73193d90cf7
2015-03-01 19:37 - 2015-03-03 10:48 - 00001676 _____ () C:\Windows\Tasks\KDPUMLQ.job
2015-03-01 19:37 - 2015-03-03 10:48 - 00001322 _____ () C:\Windows\Tasks\FB.job
2015-03-01 19:37 - 2015-03-01 19:37 - 00004692 _____ () C:\Windows\System32\Tasks\KDPUMLQ
2015-03-01 19:37 - 2015-03-01 19:37 - 00004338 _____ () C:\Windows\System32\Tasks\FB
2015-03-01 19:36 - 2015-03-02 16:26 - 00000000 ____D () C:\ProgramData\nxVmHjykH
2015-03-01 16:22 - 2015-03-01 16:22 - 00003544 _____ () C:\Windows\System32\Tasks\JTKYQJY
2015-02-24 22:40 - 2015-03-03 15:52 - 00000000 ____D () C:\Program Files (x86)\c2a69466-1b6a-479d-a186-8814fde96b52
2015-02-24 22:12 - 2015-02-24 22:12 - 02126848 _____ () C:\Users\Oli\Downloads\adwcleaner_4.111.exe
2015-02-24 21:31 - 2015-02-24 21:31 - 00613057 _____ (CMI Limited) C:\Users\Oli\AppData\Local\nsj46AC.tmp
2015-02-24 21:11 - 2015-03-03 16:24 - 00000000 ____D () C:\Program Files (x86)\I - Cinema
2015-02-24 21:11 - 2015-03-03 15:51 - 00000000 ____D () C:\Program Files (x86)\7088dbc2-d073-4f5e-abb2-a5ff1bace0d9
2015-02-24 20:22 - 2015-02-24 20:21 - 00613057 _____ (CMI Limited) C:\Users\Oli\AppData\Local\nsfF972.tmp
2015-02-24 20:20 - 2015-02-24 20:19 - 00613057 _____ (CMI Limited) C:\Users\Oli\AppData\Local\nsuFCAD.tmp
2015-02-24 20:17 - 2015-02-24 20:55 - 00000000 ____D () C:\ProgramData\{a33bce7e-784a-9741-a33b-bce7e78439f9}
2015-02-24 20:16 - 2015-02-24 20:16 - 00628496 _____ (CMI Limited) C:\Users\Oli\AppData\Local\nsd3890.tmp
2015-02-24 19:06 - 2015-03-04 10:03 - 00000000 ____D () C:\Users\Oli\AppData\Local\2B9679F9-1424804800-E011-A243-B870F49AD63D
2015-02-24 19:05 - 2015-02-24 20:19 - 00000000 ____D () C:\Users\Oli\AppData\Roaming\2B9679F9-1424804738-E011-A243-B870F49AD63D
2015-02-23 18:15 - 2015-03-03 15:52 - 00000000 ____D () C:\Users\Oli\AppData\Roaming\R4TwfmI
2015-02-23 18:15 - 2015-03-03 15:50 - 00000000 ____D () C:\Users\Oli\AppData\Roaming\IOt0Awb
2015-02-23 18:15 - 2015-02-23 18:15 - 00003276 _____ () C:\Windows\System32\Tasks\CyNwEd5X6xsoKla
2015-02-23 18:15 - 2015-02-23 18:15 - 00003236 _____ () C:\Windows\System32\Tasks\9zIPDbDP5Qfmo85
2015-02-22 19:05 - 2015-03-03 15:50 - 00000000 ____D () C:\Program Files (x86)\047fc8e8-b161-46e0-95f7-114842b19d33
2015-02-21 19:06 - 2015-03-03 15:51 - 00000000 ____D () C:\Program Files (x86)\f9481e41-3246-487b-ad8a-f8aa6e65596b
2015-02-20 19:04 - 2015-03-03 16:24 - 00000000 ____D () C:\Program Files (x86)\93dabc92-2c3c-49f6-b30b-6fb9e1094381
2015-02-19 19:10 - 2015-03-03 16:24 - 00000000 ____D () C:\Program Files (x86)\5c61a21a-ba41-40bb-a6dc-33bff59a4a59
2015-03-03 16:24 - 2014-11-25 11:00 - 00000000 ____D () C:\Users\Oli\AppData\Roaming\KJRY19c
2015-03-03 16:24 - 2014-11-16 14:48 - 00000000 ____D () C:\Program Files (x86)\43993b2b-300c-487d-a590-37050322df99
2015-03-03 16:24 - 2014-09-03 06:27 - 00000000 ____D () C:\Program Files (x86)\B021CBBD-E38E-4F8C-8E93-6624B0597A23
2015-03-03 15:51 - 2014-09-04 10:56 - 00000000 ____D () C:\Users\Oli\AppData\Local\22664
2015-03-03 16:24 - 2015-03-03 16:24 - 1940912 _____ (HQ-Video2.5dV16.11) C:\Users\Oli\AppData\Roaming\DTQXTXS.exe
2015-01-25 17:12 - 2015-01-25 17:12 - 0002086 _____ () C:\Users\Oli\AppData\Roaming\FB
2015-03-03 15:52 - 2015-03-03 15:52 - 1526232 _____ (HD PlusV01.03) C:\Users\Oli\AppData\Roaming\FB.exe
2015-01-25 17:12 - 2015-01-25 17:12 - 0001248 _____ () C:\Users\Oli\AppData\Roaming\KDPUMLQ
2015-03-03 15:50 - 2015-03-03 15:50 - 2020824 _____ (HD PlusV01.03) C:\Users\Oli\AppData\Roaming\KDPUMLQ.exe
2015-03-03 15:52 - 2015-03-03 15:52 - 1466800 _____ (HQ-Video2.5dV16.11) C:\Users\Oli\AppData\Roaming\LCIVXJP.exe
2014-08-13 08:27 - 2015-03-03 00:36 - 0000163 _____ () C:\Users\Oli\AppData\Roaming\WB.CFG
2014-12-02 00:51 - 2014-12-17 00:51 - 0000001 _____ () C:\Users\Oli\AppData\Local\DSI.DAT
2014-12-02 00:51 - 2014-12-02 00:51 - 0022528 _____ () C:\Users\Oli\AppData\Local\dsisetup1319875942.exe
2014-12-17 00:51 - 2014-12-17 00:51 - 0022528 _____ () C:\Users\Oli\AppData\Local\dsisetup3365318462.exe
2014-07-23 13:18 - 2014-07-23 13:19 - 0013611 _____ () C:\Users\Oli\AppData\Local\HWVendorDetection.log
2014-11-16 15:27 - 2014-11-16 15:27 - 0301608 _____ (VuuPC Limited) C:\Users\Oli\AppData\Local\nsb7BD6.tmp
2015-02-24 20:16 - 2015-02-24 20:16 - 0628496 _____ (CMI Limited) C:\Users\Oli\AppData\Local\nsd3890.tmp
2015-02-24 20:22 - 2015-02-24 20:21 - 0613057 _____ (CMI Limited) C:\Users\Oli\AppData\Local\nsfF972.tmp
2015-02-24 21:31 - 2015-02-24 21:31 - 0613057 _____ (CMI Limited) C:\Users\Oli\AppData\Local\nsj46AC.tmp
2015-02-24 20:20 - 2015-02-24 20:19 - 0613057 _____ (CMI Limited) C:\Users\Oli\AppData\Local\nsuFCAD.tmp
Task: {15BDB628-6EF7-4DAC-87E6-F8317FE4242D} - System32\Tasks\0N4MiYvo6QHGpaH => C:\Users\Oli\AppData\Roaming\KJRY19c\6Dtt1HA.exe [2015-03-03] ( )
Task: {23D14766-0B3B-42F1-981F-9CA237339904} - System32\Tasks\{5370B10B-4901-4612-A3EC-4589CA59E1EE} => pcalua.exe -a "E:\Disque dur\Setup.exe" -d "E:\Disque dur"
Task: {318021EE-6DA9-4892-9569-855DF922FE68} - System32\Tasks\WIN-GGfIfEGCfEGbGffIfCfEGC => C:\Users\Oli\AppData\Roaming\~iyocxsp.exe
Task: {32A6558D-E1F7-4677-8C30-57E51BAE2B55} - System32\Tasks\DriverToolkit Autorun => C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe
Task: {47B6CA99-E94F-409A-9F25-CCEF24550C65} - System32\Tasks\{0AF584BF-79BC-44B0-9EB8-69F36AC33838} => pcalua.exe -a C:\ProgramData\ZombieNews\uninstall.exe -c /kb=y /ic=1
Task: {4B6E22ED-BE00-473A-9C92-C899905C079D} - System32\Tasks\SmileFiles Installer Starter => C:\Users\Oli\AppData\Local\Temp\SmileFilesGKCksZTDRP.exe [2015-03-01] (http://smile-files.com) <==== ATTENTION
Task: {53955A18-6AC3-46FB-83B2-E3643B0E9DB8} - System32\Tasks\9zIPDbDP5Qfmo85 => C:\Users\Oli\AppData\Roaming\IOt0Awb\vniOzMe.exe [2015-02-23] ( )
Task: {550A53C2-B699-428A-8415-441EB397FF1D} - System32\Tasks\Taplika => C:\Users\Oli\AppData\Roaming\Taplika\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {58691C1D-B4A9-4D0F-B0D4-921C06B601C1} - System32\Tasks\{42E3957A-D7E6-4AA5-92E4-162E474C1BD0} => pcalua.exe -a C:\Users\Oli\AppData\Roaming\istartsurf\UninstallManager.exe -c -ptid=ill
Task: {5F3C4BFB-16F7-461B-BEDF-158B71AA6376} - System32\Tasks\JTKYQJY => C:\ProgramData\4a47be4976c74e29b94eec00fb9877ad\4a47be4976c74e29b94eec00fb9877ad.exe
Task: {60389F9D-FCE9-4067-B1B6-C403A62C3D89} - System32\Tasks\WIN-fdfEfEfAfC => C:\Users\Oli\AppData\Roaming\~ilckxhd.exe
Task: {69E8EDB5-41A6-4643-BD1A-4EBB8CF71A67} - System32\Tasks\WIN-fIGbfFfEGCfFGEGbfCfE => C:\Users\Oli\AppData\Roaming\~tcvtqdq.exe
Task: {7FD09B23-4F17-469D-B61E-051B37A70C2B} - System32\Tasks\WIN-statsSystem => C:\Users\Oli\AppData\Local\Microsoft\WinU\~soffssx.exe
Task: {9D3AC9EF-FD9A-4E59-BA9A-AF2566F1CA0D} - System32\Tasks\{7677CC53-42B0-4550-8D37-BDE371786F5B} => pcalua.exe -a C:\PROGRA~2\SearchProtect\Main\bin\uninstall.exe -c /S <==== ATTENTION
Task: {A66428A4-80E8-4BF7-A453-9AF570DE36FA} - System32\Tasks\WIN-statsAdmin => C:\Users\Oli\AppData\Local\Microsoft\WinU\~rcefysx.exe <==== ATTENTION
Task: {AC07ACBD-F33E-4E2B-A45D-0DEEEC166A96} - System32\Tasks\KDPUMLQ => C:\Users\Oli\AppData\Roaming\KDPUMLQ.exe [2015-03-03] (HD PlusV01.03) <==== ATTENTION
Task: {AE6CF129-85E0-4FF0-89F5-6B40010DE854} - System32\Tasks\CyNwEd5X6xsoKla => C:\Users\Oli\AppData\Roaming\R4TwfmI\4a6uDmY.exe [2015-03-03] ( )
Task: {E5FC3E79-2DA8-4F91-9C54-CAAB2DC17EC9} - System32\Tasks\FB => C:\Users\Oli\AppData\Roaming\FB.exe [2015-03-03] (HD PlusV01.03) <==== ATTENTION
Task: C:\Windows\Tasks\DriverToolkit Autorun.job => C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe
Task: C:\Windows\Tasks\FB.job => C:\Users\Oli\AppData\Roaming\FB.exe <==== ATTENTION
Task: C:\Windows\Tasks\KDPUMLQ.job => C:\Users\Oli\AppData\Roaming\KDPUMLQ.exe <==== ATTENTION
Task: C:\Windows\Tasks\Taplika.job => C:\Users\Oli\AppData\Roaming\Taplika\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
cmd: netsh winsock reset
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value deleted successfully.
Winsock: Catalog entry 000000000001 => Deleted successfully.
Winsock: Catalog entry 000000000002 => Deleted successfully.
Winsock: Catalog entry 000000000003 => Deleted successfully.
Winsock: Catalog entry 000000000004 => Deleted successfully.
Winsock: Catalog entry 000000000016 => Deleted successfully.
Winsock: Catalog entry 000000000001 => Deleted successfully.
Winsock: Catalog entry 000000000002 => Deleted successfully.
Winsock: Catalog entry 000000000003 => Deleted successfully.
Winsock: Catalog entry 000000000004 => Deleted successfully.
Winsock: Catalog entry 000000000016 => Deleted successfully.
C:\Users\Oli\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni => Moved successfully.
tykeziro => Service stopped successfully.
tykeziro => Service deleted successfully.
wonykuri => Service stopped successfully.
wonykuri => Service deleted successfully.
biwejizu => Service stopped successfully.
biwejizu => Service deleted successfully.
FGmwfUCKPNU => Unable to stop service
FGmwfUCKPNU => Service deleted successfully.
esgiguard => Service deleted successfully.
C:\ProgramData\2355320829 => Moved successfully.
C:\Users\Oli\AppData\Roaming\DTQXTXS.exe => Moved successfully.
C:\Users\Oli\AppData\Roaming\FB.exe => Moved successfully.
C:\Users\Oli\AppData\Roaming\LCIVXJP.exe => Moved successfully.
C:\Users\Oli\AppData\Roaming\KDPUMLQ.exe => Moved successfully.
C:\Windows\System32\Tasks\{0AF584BF-79BC-44B0-9EB8-69F36AC33838} => Moved successfully.
C:\Windows\System32\Tasks\SmileFiles Installer Starter => Moved successfully.
"C:\ProgramData\{60a09273-172a-068d-60a0-0927317249cc}" directory move:
C:\ProgramData\{60a09273-172a-068d-60a0-0927317249cc}\23423fc1a94ef66d => Moved successfully.
Could not move "C:\ProgramData\{60a09273-172a-068d-60a0-0927317249cc}\eebf99948e9a11b9" => Scheduled to move on reboot.
C:\ProgramData\{60a09273-172a-068d-60a0-0927317249cc}\Setup_152757.dat => Moved successfully.
C:\ProgramData\{60a09273-172a-068d-60a0-0927317249cc}\Setup_152757.exe => Moved successfully.
Could not move "C:\ProgramData\{60a09273-172a-068d-60a0-0927317249cc}" directory. => Scheduled to move on reboot.
C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7 => Moved successfully.
C:\Program Files (x86)\HD Cinema Plus 1.8V01.03 => Moved successfully.
C:\Program Files (x86)\d5b865c2-51f0-4923-aa65-d73193d90cf7 => Moved successfully.
C:\Windows\Tasks\KDPUMLQ.job => Moved successfully.
C:\Windows\Tasks\FB.job => Moved successfully.
C:\Windows\System32\Tasks\KDPUMLQ => Moved successfully.
C:\Windows\System32\Tasks\FB => Moved successfully.
"C:\ProgramData\nxVmHjykH" directory move:
Could not move "C:\ProgramData\nxVmHjykH\FGmwfUCKPNU.dat" => Scheduled to move on reboot.
C:\ProgramData\nxVmHjykH\FGmwfUCKPNU.exe => Moved successfully.
C:\ProgramData\nxVmHjykH\FGmwfUCKPNU.exe.config => Moved successfully.
Could not move "C:\ProgramData\nxVmHjykH\info.dat" => Scheduled to move on reboot.
C:\ProgramData\nxVmHjykH\dat\GsffPjuem.dll => Moved successfully.
C:\ProgramData\nxVmHjykH\dat\MidSINF.exe => Moved successfully.
C:\ProgramData\nxVmHjykH\dat\MidSINF.exe.config => Moved successfully.
C:\ProgramData\nxVmHjykH\dat\ojIcms.dll => Moved successfully.
C:\ProgramData\nxVmHjykH\dat\PfYclq.exe => Moved successfully.
C:\ProgramData\nxVmHjykH\dat\PfYclq.exe.config => Moved successfully.
Could not move "C:\ProgramData\nxVmHjykH" directory. => Scheduled to move on reboot.
C:\Windows\System32\Tasks\JTKYQJY => Moved successfully.
C:\Program Files (x86)\c2a69466-1b6a-479d-a186-8814fde96b52 => Moved successfully.
C:\Users\Oli\Downloads\adwcleaner_4.111.exe => Moved successfully.
C:\Users\Oli\AppData\Local\nsj46AC.tmp => Moved successfully.
C:\Program Files (x86)\I - Cinema => Moved successfully.
C:\Program Files (x86)\7088dbc2-d073-4f5e-abb2-a5ff1bace0d9 => Moved successfully.
C:\Users\Oli\AppData\Local\nsfF972.tmp => Moved successfully.
C:\Users\Oli\AppData\Local\nsuFCAD.tmp => Moved successfully.
"C:\ProgramData\{a33bce7e-784a-9741-a33b-bce7e78439f9}" directory move:
Could not move "C:\ProgramData\{a33bce7e-784a-9741-a33b-bce7e78439f9}\4a20b683773adc85" => Scheduled to move on reboot.
C:\ProgramData\{a33bce7e-784a-9741-a33b-bce7e78439f9}\87dd10d650ee3b51 => Moved successfully.
C:\ProgramData\{a33bce7e-784a-9741-a33b-bce7e78439f9}\superpc_soft_partner.dat => Moved successfully.
C:\ProgramData\{a33bce7e-784a-9741-a33b-bce7e78439f9}\superpc_soft_partner.exe => Moved successfully.
Could not move "C:\ProgramData\{a33bce7e-784a-9741-a33b-bce7e78439f9}" directory. => Scheduled to move on reboot.
C:\Users\Oli\AppData\Local\nsd3890.tmp => Moved successfully.
C:\Users\Oli\AppData\Local\2B9679F9-1424804800-E011-A243-B870F49AD63D => Moved successfully.
C:\Users\Oli\AppData\Roaming\2B9679F9-1424804738-E011-A243-B870F49AD63D => Moved successfully.
C:\Users\Oli\AppData\Roaming\R4TwfmI => Moved successfully.
C:\Users\Oli\AppData\Roaming\IOt0Awb => Moved successfully.
C:\Windows\System32\Tasks\CyNwEd5X6xsoKla => Moved successfully.
C:\Windows\System32\Tasks\9zIPDbDP5Qfmo85 => Moved successfully.
C:\Program Files (x86)\047fc8e8-b161-46e0-95f7-114842b19d33 => Moved successfully.
C:\Program Files (x86)\f9481e41-3246-487b-ad8a-f8aa6e65596b => Moved successfully.
C:\Program Files (x86)\93dabc92-2c3c-49f6-b30b-6fb9e1094381 => Moved successfully.
C:\Program Files (x86)\5c61a21a-ba41-40bb-a6dc-33bff59a4a59 => Moved successfully.
C:\Users\Oli\AppData\Roaming\KJRY19c => Moved successfully.
C:\Program Files (x86)\43993b2b-300c-487d-a590-37050322df99 => Moved successfully.
C:\Program Files (x86)\B021CBBD-E38E-4F8C-8E93-6624B0597A23 => Moved successfully.
C:\Users\Oli\AppData\Local\22664 => Moved successfully.
"C:\Users\Oli\AppData\Roaming\DTQXTXS.exe" => File/Directory not found.
C:\Users\Oli\AppData\Roaming\FB => Moved successfully.
"C:\Users\Oli\AppData\Roaming\FB.exe" => File/Directory not found.
C:\Users\Oli\AppData\Roaming\KDPUMLQ => Moved successfully.
"C:\Users\Oli\AppData\Roaming\KDPUMLQ.exe" => File/Directory not found.
"C:\Users\Oli\AppData\Roaming\LCIVXJP.exe" => File/Directory not found.
C:\Users\Oli\AppData\Roaming\WB.CFG => Moved successfully.
C:\Users\Oli\AppData\Local\DSI.DAT => Moved successfully.
C:\Users\Oli\AppData\Local\dsisetup1319875942.exe => Moved successfully.
C:\Users\Oli\AppData\Local\dsisetup3365318462.exe => Moved successfully.
C:\Users\Oli\AppData\Local\HWVendorDetection.log => Moved successfully.
C:\Users\Oli\AppData\Local\nsb7BD6.tmp => Moved successfully.
"C:\Users\Oli\AppData\Local\nsd3890.tmp" => File/Directory not found.
"C:\Users\Oli\AppData\Local\nsfF972.tmp" => File/Directory not found.
"C:\Users\Oli\AppData\Local\nsj46AC.tmp" => File/Directory not found.
"C:\Users\Oli\AppData\Local\nsuFCAD.tmp" => File/Directory not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{15BDB628-6EF7-4DAC-87E6-F8317FE4242D}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{15BDB628-6EF7-4DAC-87E6-F8317FE4242D}" => Key deleted successfully.
C:\Windows\System32\Tasks\0N4MiYvo6QHGpaH => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\0N4MiYvo6QHGpaH" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{23D14766-0B3B-42F1-981F-9CA237339904}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{23D14766-0B3B-42F1-981F-9CA237339904}" => Key deleted successfully.
C:\Windows\System32\Tasks\{5370B10B-4901-4612-A3EC-4589CA59E1EE} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{5370B10B-4901-4612-A3EC-4589CA59E1EE}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{318021EE-6DA9-4892-9569-855DF922FE68}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{318021EE-6DA9-4892-9569-855DF922FE68}" => Key deleted successfully.
C:\Windows\System32\Tasks\WIN-GGfIfEGCfEGbGffIfCfEGC => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WIN-GGfIfEGCfEGbGffIfCfEGC" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{32A6558D-E1F7-4677-8C30-57E51BAE2B55}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{32A6558D-E1F7-4677-8C30-57E51BAE2B55}" => Key deleted successfully.
C:\Windows\System32\Tasks\DriverToolkit Autorun => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DriverToolkit Autorun" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{47B6CA99-E94F-409A-9F25-CCEF24550C65}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{47B6CA99-E94F-409A-9F25-CCEF24550C65}" => Key deleted successfully.
C:\Windows\System32\Tasks\{0AF584BF-79BC-44B0-9EB8-69F36AC33838} not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{0AF584BF-79BC-44B0-9EB8-69F36AC33838}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4B6E22ED-BE00-473A-9C92-C899905C079D}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4B6E22ED-BE00-473A-9C92-C899905C079D}" => Key deleted successfully.
C:\Windows\System32\Tasks\SmileFiles Installer Starter not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SmileFiles Installer Starter" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{53955A18-6AC3-46FB-83B2-E3643B0E9DB8}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{53955A18-6AC3-46FB-83B2-E3643B0E9DB8}" => Key deleted successfully.
C:\Windows\System32\Tasks\9zIPDbDP5Qfmo85 not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\9zIPDbDP5Qfmo85" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{550A53C2-B699-428A-8415-441EB397FF1D}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{550A53C2-B699-428A-8415-441EB397FF1D}" => Key deleted successfully.
C:\Windows\System32\Tasks\Taplika => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Taplika" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{58691C1D-B4A9-4D0F-B0D4-921C06B601C1}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{58691C1D-B4A9-4D0F-B0D4-921C06B601C1}" => Key deleted successfully.
C:\Windows\System32\Tasks\{42E3957A-D7E6-4AA5-92E4-162E474C1BD0} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{42E3957A-D7E6-4AA5-92E4-162E474C1BD0}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5F3C4BFB-16F7-461B-BEDF-158B71AA6376}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5F3C4BFB-16F7-461B-BEDF-158B71AA6376}" => Key deleted successfully.
C:\Windows\System32\Tasks\JTKYQJY not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\JTKYQJY" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{60389F9D-FCE9-4067-B1B6-C403A62C3D89}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{60389F9D-FCE9-4067-B1B6-C403A62C3D89}" => Key deleted successfully.
C:\Windows\System32\Tasks\WIN-fdfEfEfAfC => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WIN-fdfEfEfAfC" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{69E8EDB5-41A6-4643-BD1A-4EBB8CF71A67}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{69E8EDB5-41A6-4643-BD1A-4EBB8CF71A67}" => Key deleted successfully.
C:\Windows\System32\Tasks\WIN-fIGbfFfEGCfFGEGbfCfE => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WIN-fIGbfFfEGCfFGEGbfCfE" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7FD09B23-4F17-469D-B61E-051B37A70C2B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7FD09B23-4F17-469D-B61E-051B37A70C2B}" => Key deleted successfully.
C:\Windows\System32\Tasks\WIN-statsSystem => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WIN-statsSystem" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9D3AC9EF-FD9A-4E59-BA9A-AF2566F1CA0D}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9D3AC9EF-FD9A-4E59-BA9A-AF2566F1CA0D}" => Key deleted successfully.
C:\Windows\System32\Tasks\{7677CC53-42B0-4550-8D37-BDE371786F5B} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7677CC53-42B0-4550-8D37-BDE371786F5B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A66428A4-80E8-4BF7-A453-9AF570DE36FA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A66428A4-80E8-4BF7-A453-9AF570DE36FA}" => Key deleted successfully.
C:\Windows\System32\Tasks\WIN-statsAdmin => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WIN-statsAdmin" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AC07ACBD-F33E-4E2B-A45D-0DEEEC166A96}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AC07ACBD-F33E-4E2B-A45D-0DEEEC166A96}" => Key deleted successfully.
C:\Windows\System32\Tasks\KDPUMLQ not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\KDPUMLQ" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AE6CF129-85E0-4FF0-89F5-6B40010DE854}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AE6CF129-85E0-4FF0-89F5-6B40010DE854}" => Key deleted successfully.
C:\Windows\System32\Tasks\CyNwEd5X6xsoKla not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CyNwEd5X6xsoKla" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E5FC3E79-2DA8-4F91-9C54-CAAB2DC17EC9}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E5FC3E79-2DA8-4F91-9C54-CAAB2DC17EC9}" => Key deleted successfully.
C:\Windows\System32\Tasks\FB not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FB" => Key deleted successfully.
C:\Windows\Tasks\DriverToolkit Autorun.job => Moved successfully.
C:\Windows\Tasks\FB.job not found.
C:\Windows\Tasks\KDPUMLQ.job not found.
C:\Windows\Tasks\Taplika.job => Moved successfully.
========= netsh winsock reset =========
Le d?marrage de la fonction d'initialisation InitHelperDll dans NSHHTTP.DLL a ?chou??;
code d'erreur?: 10107
Le catalogue Winsock a ?t? r?initialis? correctement.
Vous devez red?marrer l'ordinateur afin de finaliser la r?initialisation.
========= End of CMD: =========
> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2015-03-04 13:31:43)<
C:\ProgramData\{60a09273-172a-068d-60a0-0927317249cc}\eebf99948e9a11b9 => Is moved successfully.C:\ProgramData\{60a09273-172a-068d-60a0-0927317249cc} => Is moved successfully.
C:\ProgramData\nxVmHjykH\FGmwfUCKPNU.dat => Is moved successfully.
C:\ProgramData\nxVmHjykH\info.dat => Is moved successfully.
C:\ProgramData\nxVmHjykH => Is moved successfully.
C:\ProgramData\{a33bce7e-784a-9741-a33b-bce7e78439f9}\4a20b683773adc85 => Is moved successfully.
C:\ProgramData\{a33bce7e-784a-9741-a33b-bce7e78439f9} => Is moved successfully.
End of Fixlog 13:31:43
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 628
4 mars 2015 à 13:47
4 mars 2015 à 13:47
ok, voici la suite :
Scan Malwarebytes (temps : environ 40min de scan):
==================================================
Télécharge et installe Malwarebyte : https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
Mets le à jour puis lance un examen.
A la fin du scan, clic sur "Mettre tout en quarantaine" en bas à gauche.
Redémarre l'ordinateur si besoin.
Après redémarrage, relance Malwarebytes.
Vas chercher le rapport dans l'onglet Historique.
A gauche Journal des examens.
Doube-clic sur l'examen dans la liste.
Puis en bas Copier dans le presse papier
Vas sur http://pjjoint.malekal.com et en bas, clic droit / coller pour coller le rapport du scan Malwarebytes.
Clic sur envoyer.
Dans un nouveau message ici en réponse, donne le lien pjjoint afin de pouvoir consulter le rapport.
Scan Malwarebytes (temps : environ 40min de scan):
==================================================
Télécharge et installe Malwarebyte : https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
Mets le à jour puis lance un examen.
A la fin du scan, clic sur "Mettre tout en quarantaine" en bas à gauche.
Redémarre l'ordinateur si besoin.
Après redémarrage, relance Malwarebytes.
Vas chercher le rapport dans l'onglet Historique.
A gauche Journal des examens.
Doube-clic sur l'examen dans la liste.
Puis en bas Copier dans le presse papier
Vas sur http://pjjoint.malekal.com et en bas, clic droit / coller pour coller le rapport du scan Malwarebytes.
Clic sur envoyer.
Dans un nouveau message ici en réponse, donne le lien pjjoint afin de pouvoir consulter le rapport.
OliDolly
Messages postés
7
Date d'inscription
mercredi 4 mars 2015
Statut
Membre
Dernière intervention
4 mars 2015
4 mars 2015 à 13:53
4 mars 2015 à 13:53
J'ai juste un petit soucis, dois-je réinitialiser obligatoirement mes navigateurs?
OliDolly
Messages postés
7
Date d'inscription
mercredi 4 mars 2015
Statut
Membre
Dernière intervention
4 mars 2015
4 mars 2015 à 14:41
4 mars 2015 à 14:41
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 628
4 mars 2015 à 18:10
4 mars 2015 à 18:10
Plus de soucis?
