PC virusé je ne m'en sors pas, help !
Résolu/Fermé
elsuf
Messages postés
3
Date d'inscription
dimanche 10 mai 2015
Statut
Membre
Dernière intervention
10 mai 2015
-
10 mai 2015 à 12:07
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 - 10 mai 2015 à 20:52
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 - 10 mai 2015 à 20:52
A voir également:
- PC virusé je ne m'en sors pas, help !
- Mon pc s'allume mais ne démarre pas windows 10 - Guide
- Benchmark pc - Guide
- Reinitialiser pc - Guide
- Pc lent - Guide
- Whatsapp pc - Télécharger - Messagerie
6 réponses
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 628
10 mai 2015 à 12:14
10 mai 2015 à 12:14
Salut,
Suis ce tutoriel FRST: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/
(et bien prendre le temps de lire afin d'appliquer correctement - tout y est expliqué).
Télécharge et lance le scan FRST, cela va générer trois rapports FRST :
Envoie, comme expliqué, ces trois rapports sur le site http://pjjoint.malekal.com et en retour donne les trois liens pjjoint qui mènent à ses rapports ici dans une nouvelle réponse afin que l'on puisse les consulter.
Suis ce tutoriel FRST: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/
(et bien prendre le temps de lire afin d'appliquer correctement - tout y est expliqué).
Télécharge et lance le scan FRST, cela va générer trois rapports FRST :
- FRST.txt
- Shortcut.txt
- Additionnal.txt
Envoie, comme expliqué, ces trois rapports sur le site http://pjjoint.malekal.com et en retour donne les trois liens pjjoint qui mènent à ses rapports ici dans une nouvelle réponse afin que l'on puisse les consulter.
elsuf
Messages postés
3
Date d'inscription
dimanche 10 mai 2015
Statut
Membre
Dernière intervention
10 mai 2015
10 mai 2015 à 12:57
10 mai 2015 à 12:57
Bonjour,
Merci pour la rapidité de ta réponse, voici les trois rapports demandés :
https://pjjoint.malekal.com/files.php?id=20150510_w13m8k14o13r6
https://pjjoint.malekal.com/files.php?id=FRST_20150510_c11v11d7g13k9
https://pjjoint.malekal.com/files.php?id=20150510_m10v13p13w7y7
Merci pour la rapidité de ta réponse, voici les trois rapports demandés :
https://pjjoint.malekal.com/files.php?id=20150510_w13m8k14o13r6
https://pjjoint.malekal.com/files.php?id=FRST_20150510_c11v11d7g13k9
https://pjjoint.malekal.com/files.php?id=20150510_m10v13p13w7y7
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 628
10 mai 2015 à 13:38
10 mai 2015 à 13:38
Voici la correction à effectuer avec FRST.
Tu peux t'inspirer de cette note explicative avec des captures d'écran pour t'aider: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/#fix
Ouvre le bloc-notes : Touche Windows + R, dans le champs executer, tape notepad et OK.
Copie/colle dedans ce qui suit :
HKLM\...\Run: [fst_fr_397] => [X]
HKLM\...\Run: [fst_fr_398] => [X]
HKLM\...\Run: [fst_fr_405] => [X]
HKLM\...\Run: [mbot_fr_590] => [X]
HKLM\...\Run: [gmsd_fr_416] => [X]
HKLM\...\Run: [gmsd_fr_433] => [X]
HKLM\...\Run: [gmsd_fr_486] => [X]
HKLM\...\Run: [gmsd_fr_495] => [X]
HKLM\...\Run: [gmsd_fr_517] => [X]
HKLM\...\Run: [gmsd_fr_520] => [X]
FF Extension: I - Cinema - C:\Users\elsuf et rouf\AppData\Roaming\Mozilla\Firefox\Profiles\7h533ect.default-1429636306396\Extensions\MGKN37049485@ACPSC11936960.com [2015-05-10]
S2 insvc_1.10.0.14; C:\Program Files\Infonaut_1.10.0.14\Service\insvc.exe [X]
S2 juboloso; C:\Users\elsuf et rouf\AppData\Roaming\CFC48600-1430660949-1013-B01A-C39E29C34EA2\nsoD2D.tmp [X]
S2 pylizyku; C:\Users\elsuf et rouf\AppData\Roaming\CFC48600-1430660949-1013-B01A-C39E29C34EA2\jnsyEB79.tmp [X]
S2 vylonomo; C:\Users\elsuf et rouf\AppData\Roaming\CFC48600-1428932942-1013-B01A-C39E29C34EA2\nsc2A1B.tmp [X]
S2 xogusefu; C:\Users\elsuf et rouf\AppData\Roaming\CFC48600-1428932942-1013-B01A-C39E29C34EA2\jnsoAD17.tmp [X]
R1 innfd_1_10_0_14; C:\Windows\System32\drivers\innfd_1_10_0_14.sys [52720 2015-04-10] (Infonaut)
2015-05-09 11:43 - 2015-05-09 11:43 - 00613255 _____ (CMI Limited) C:\Users\elsuf et rouf\AppData\Local\nse494E.tmp
2015-05-09 11:42 - 2015-05-10 11:48 - 00001028 _____ () C:\Windows\Tasks\CH9LNxta1twV.job
2015-05-09 11:01 - 2015-05-09 11:01 - 00613255 _____ (CMI Limited) C:\Users\elsuf et rouf\AppData\Local\nsg14B3.tmp
2015-05-09 10:59 - 2015-05-10 11:48 - 00001032 _____ () C:\Windows\Tasks\mFOVoJWM2b5X8b.job
2015-05-09 08:36 - 2015-05-10 11:48 - 00001022 _____ () C:\Windows\Tasks\eOJ1pUo2v.job
2015-05-07 01:20 - 2015-05-07 01:20 - 00000000 ____D () C:\Users\elsuf et rouf\AppData\Local\ZombieNews
2015-05-07 01:19 - 2015-05-07 01:19 - 00000000 ____D () C:\ProgramData\ZombieNews
2015-05-07 01:05 - 2015-05-10 11:48 - 00001026 _____ () C:\Windows\Tasks\d33uBBg7Tqj.job
2015-05-06 18:33 - 2015-05-06 18:33 - 00000000 ____D () C:\Windows\system32\Flash
2015-05-06 18:31 - 2015-05-06 18:31 - 00613255 _____ (CMI Limited) C:\Users\elsuf et rouf\AppData\Local\nsu3D5E.tmp
2015-05-03 15:53 - 2015-05-03 16:44 - 00000000 ____D () C:\Users\elsuf et rouf\AppData\Local\CFC48600-1430668431-1013-B01A-C39E29C34EA2
2015-05-03 15:52 - 2015-05-10 11:39 - 00000004 _____ () C:\Windows\system32\029B560A371F4E00AB32838EBC01B9E7
2015-05-03 15:50 - 2015-05-03 15:51 - 00000000 ____D () C:\Users\elsuf et rouf\AppData\Local\CFC48600-1430668258-1013-B01A-C39E29C34EA2
2015-04-20 16:05 - 2015-04-20 16:05 - 01246720 _____ () C:\Users\elsuf et rouf\AppData\Roaming\mFOVoJWM2b5X8b.exe
2015-04-20 16:05 - 2015-04-20 16:05 - 01246720 _____ () C:\Users\elsuf et rouf\AppData\Roaming\eOJ1pUo2v.exe
2015-04-20 16:05 - 2015-04-20 16:05 - 01246720 _____ () C:\Users\elsuf et rouf\AppData\Roaming\d33uBBg7Tqj.exe
2015-04-20 16:05 - 2015-04-20 16:05 - 01246720 _____ () C:\Users\elsuf et rouf\AppData\Roaming\CH9LNxta1twV.exe
2015-04-15 10:27 - 2015-04-15 10:27 - 00000000 ____D () C:\ProgramData\The AdBlocker
2015-04-15 10:06 - 2015-04-15 10:06 - 00000000 ____D () C:\Program Files\ProcessModule
2015-04-14 18:28 - 2015-04-14 18:28 - 00004387 _____ () C:\Users\elsuf et rouf\AppData\Roaming\mFOVoJWM2b5X8b
2015-04-14 18:28 - 2015-04-14 18:28 - 00004387 _____ () C:\Users\elsuf et rouf\AppData\Roaming\eOJ1pUo2v
2015-04-14 18:28 - 2015-04-14 18:28 - 00004387 _____ () C:\Users\elsuf et rouf\AppData\Roaming\d33uBBg7Tqj
2015-04-14 18:28 - 2015-04-14 18:28 - 00004387 _____ () C:\Users\elsuf et rouf\AppData\Roaming\CH9LNxta1twV
2015-04-13 20:47 - 2015-04-13 20:47 - 00613255 _____ (CMI Limited) C:\Users\elsuf et rouf\AppData\Local\nsd5F82.tmp
2015-04-13 17:04 - 2015-04-13 17:04 - 00628688 _____ (CMI Limited) C:\Users\elsuf et rouf\AppData\Local\nsvEC32.tmp
2015-04-13 15:54 - 2015-04-13 16:00 - 00000000 ____D () C:\Users\elsuf et rouf\AppData\Local\CFC48600-1428940452-1013-B01A-C39E29C34EA2
2015-04-13 15:47 - 2015-04-13 15:47 - 00000000 ____D () C:\ProgramData\dd260b3663ea45b0871b6ee4108ab44b
2015-04-13 15:47 - 2015-04-13 15:47 - 00000000 ____D () C:\ProgramData\55b013472cad4f98807ec39918cdbd6f
2015-04-13 15:45 - 2015-04-14 01:50 - 00000000 ____D () C:\Program Files\Software
2015-04-10 21:56 - 2015-04-10 21:56 - 00052720 _____ (Infonaut) C:\Windows\system32\Drivers\innfd_1_10_0_14.sys
2015-04-10 22:37 - 2014-12-01 20:36 - 00000000 ____D () C:\ProgramData\23405448
Task: {34E1F2D2-ADBA-4B3A-AC5A-70AD176FF46D} - System32\Tasks\PC-Doctor\Scheduled Maintenance => C:\Program Files\PC-Doctor 5 for Windows\RunProfiler.exe [2008-03-13] (PC-Doctor, Inc.)
Task: {36FB238F-C939-48AC-826D-05B49AA33EA8} - System32\Tasks\CH9LNxta1twV => C:\Users\elsuf et rouf\AppData\Roaming\CH9LNxta1twV.exe [2015-04-20] () <==== ATTENTION
Task: {40D511CB-D757-481A-A11B-A805866F25CB} - System32\Tasks\eOJ1pUo2v => C:\Users\elsuf et rouf\AppData\Roaming\eOJ1pUo2v.exe [2015-04-20] () <==== ATTENTION
Task: {41B8C1E2-D0AC-411F-AE76-759C7127D298} - System32\Tasks\SpyHunter3 => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter3.exe
Task: {4E2EEFA4-B3F6-4142-99A3-1649F2243ACE} - System32\Tasks\PC-Doctor\Scheduled Maintenance Swap => C:\Program Files\PC-Doctor 5 for Windows\task_swap.exe [2008-03-13] (PC-Doctor, Inc.)
Task: {5E367F69-5A71-4F3D-B44E-9FD78C4EACF0} - System32\Tasks\{EBAF8D6E-3619-4B3D-BBCD-FFBA13E54DE0} => pcalua.exe -a E:\installer.exe -d E:\
Task: {740F5C1B-3D71-4DC0-91B6-EDDDC934FCA7} - System32\Tasks\amiupdaterExi => C:\Users\ELSUFE~1\AppData\Local\Temp\amiupdater160.exe <==== ATTENTION
Task: {957A35DE-3E09-4DEE-9E56-AEA0A0F55327} - System32\Tasks\CS => C:\Program Files\CS\cs.exe
Task: {A09DC90F-DEFD-48B0-93B2-63037B3F32F0} - System32\Tasks\PenWes => C:\Program Files\PenWes\penwes.exe <==== ATTENTION
Task: {B2CFA407-A3FA-41DD-9B8B-43F86659B7AF} - System32\Tasks\PRJUI => C:\ProgramData\55b013472cad4f98807ec39918cdbd6f\55b013472cad4f98807ec39918cdbd6f.exe [2015-04-12] ()
Task: {BA09C263-AB1F-481E-903A-8B1DC3F77475} - System32\Tasks\d33uBBg7Tqj => C:\Users\elsuf et rouf\AppData\Roaming\d33uBBg7Tqj.exe [2015-04-20] () <==== ATTENTION
Task: {D0AB4F7E-FF11-4020-8F58-6348EB3B5E92} - System32\Tasks\mFOVoJWM2b5X8b => C:\Users\elsuf et rouf\AppData\Roaming\mFOVoJWM2b5X8b.exe [2015-04-20] () <==== ATTENTION
Task: C:\Windows\Tasks\CH9LNxta1twV.job => C:\Users\elsuf et rouf\AppData\Roaming\CH9LNxta1twV.exe <==== ATTENTION
Task: C:\Windows\Tasks\CS.job => C:\Program Files\CS\cs.exe
Task: C:\Windows\Tasks\d33uBBg7Tqj.job => C:\Users\elsuf et rouf\AppData\Roaming\d33uBBg7Tqj.exe <==== ATTENTION
Task: C:\Windows\Tasks\eOJ1pUo2v.job => C:\Users\elsuf et rouf\AppData\Roaming\eOJ1pUo2v.exe <==== ATTENTION
Task: C:\Windows\Tasks\mFOVoJWM2b5X8b.job => C:\Users\elsuf et rouf\AppData\Roaming\mFOVoJWM2b5X8b.exe <==== ATTENTION
Une fois, le texte coller dans le bloc-note.
Menu Fichier puis Enregistrer sous.
A gauche, place toi sur le bureau.
Dans le champs en bas, nom du fichier mets : fixlist.txt
Clic sur Enregistrer - cela va créer un fichier fixlist.txt sur le bureau.
Relance FRST et clic sur le bouton Fix
Selon comment un redémarrage est nécessaire (pas obligatoire).
Un fichier texte apparaît, copie/colle le contenu ici dans un nouveau message.
Redémarre l'ordinateur
puis réinitialise tes navigateurs:
==================================
Réinitialise tes navigateurs et ou manuellement reparamètre tes navigateurs WEB (page de démarrage, moteur de recherche etc) mais aussi supprimer/désactiver les extensions inutiles/parasites :
~~~
Désinstalle Microsoft Security Essentials.
installe Avast! : https://www.malekal.com/tutoriel-antivirus-avast/
(Surtout active les détections LPIs pour détecter les programmes parasites et publicitaires)
Tu peux t'inspirer de cette note explicative avec des captures d'écran pour t'aider: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/#fix
Ouvre le bloc-notes : Touche Windows + R, dans le champs executer, tape notepad et OK.
Copie/colle dedans ce qui suit :
HKLM\...\Run: [fst_fr_397] => [X]
HKLM\...\Run: [fst_fr_398] => [X]
HKLM\...\Run: [fst_fr_405] => [X]
HKLM\...\Run: [mbot_fr_590] => [X]
HKLM\...\Run: [gmsd_fr_416] => [X]
HKLM\...\Run: [gmsd_fr_433] => [X]
HKLM\...\Run: [gmsd_fr_486] => [X]
HKLM\...\Run: [gmsd_fr_495] => [X]
HKLM\...\Run: [gmsd_fr_517] => [X]
HKLM\...\Run: [gmsd_fr_520] => [X]
FF Extension: I - Cinema - C:\Users\elsuf et rouf\AppData\Roaming\Mozilla\Firefox\Profiles\7h533ect.default-1429636306396\Extensions\MGKN37049485@ACPSC11936960.com [2015-05-10]
S2 insvc_1.10.0.14; C:\Program Files\Infonaut_1.10.0.14\Service\insvc.exe [X]
S2 juboloso; C:\Users\elsuf et rouf\AppData\Roaming\CFC48600-1430660949-1013-B01A-C39E29C34EA2\nsoD2D.tmp [X]
S2 pylizyku; C:\Users\elsuf et rouf\AppData\Roaming\CFC48600-1430660949-1013-B01A-C39E29C34EA2\jnsyEB79.tmp [X]
S2 vylonomo; C:\Users\elsuf et rouf\AppData\Roaming\CFC48600-1428932942-1013-B01A-C39E29C34EA2\nsc2A1B.tmp [X]
S2 xogusefu; C:\Users\elsuf et rouf\AppData\Roaming\CFC48600-1428932942-1013-B01A-C39E29C34EA2\jnsoAD17.tmp [X]
R1 innfd_1_10_0_14; C:\Windows\System32\drivers\innfd_1_10_0_14.sys [52720 2015-04-10] (Infonaut)
2015-05-09 11:43 - 2015-05-09 11:43 - 00613255 _____ (CMI Limited) C:\Users\elsuf et rouf\AppData\Local\nse494E.tmp
2015-05-09 11:42 - 2015-05-10 11:48 - 00001028 _____ () C:\Windows\Tasks\CH9LNxta1twV.job
2015-05-09 11:01 - 2015-05-09 11:01 - 00613255 _____ (CMI Limited) C:\Users\elsuf et rouf\AppData\Local\nsg14B3.tmp
2015-05-09 10:59 - 2015-05-10 11:48 - 00001032 _____ () C:\Windows\Tasks\mFOVoJWM2b5X8b.job
2015-05-09 08:36 - 2015-05-10 11:48 - 00001022 _____ () C:\Windows\Tasks\eOJ1pUo2v.job
2015-05-07 01:20 - 2015-05-07 01:20 - 00000000 ____D () C:\Users\elsuf et rouf\AppData\Local\ZombieNews
2015-05-07 01:19 - 2015-05-07 01:19 - 00000000 ____D () C:\ProgramData\ZombieNews
2015-05-07 01:05 - 2015-05-10 11:48 - 00001026 _____ () C:\Windows\Tasks\d33uBBg7Tqj.job
2015-05-06 18:33 - 2015-05-06 18:33 - 00000000 ____D () C:\Windows\system32\Flash
2015-05-06 18:31 - 2015-05-06 18:31 - 00613255 _____ (CMI Limited) C:\Users\elsuf et rouf\AppData\Local\nsu3D5E.tmp
2015-05-03 15:53 - 2015-05-03 16:44 - 00000000 ____D () C:\Users\elsuf et rouf\AppData\Local\CFC48600-1430668431-1013-B01A-C39E29C34EA2
2015-05-03 15:52 - 2015-05-10 11:39 - 00000004 _____ () C:\Windows\system32\029B560A371F4E00AB32838EBC01B9E7
2015-05-03 15:50 - 2015-05-03 15:51 - 00000000 ____D () C:\Users\elsuf et rouf\AppData\Local\CFC48600-1430668258-1013-B01A-C39E29C34EA2
2015-04-20 16:05 - 2015-04-20 16:05 - 01246720 _____ () C:\Users\elsuf et rouf\AppData\Roaming\mFOVoJWM2b5X8b.exe
2015-04-20 16:05 - 2015-04-20 16:05 - 01246720 _____ () C:\Users\elsuf et rouf\AppData\Roaming\eOJ1pUo2v.exe
2015-04-20 16:05 - 2015-04-20 16:05 - 01246720 _____ () C:\Users\elsuf et rouf\AppData\Roaming\d33uBBg7Tqj.exe
2015-04-20 16:05 - 2015-04-20 16:05 - 01246720 _____ () C:\Users\elsuf et rouf\AppData\Roaming\CH9LNxta1twV.exe
2015-04-15 10:27 - 2015-04-15 10:27 - 00000000 ____D () C:\ProgramData\The AdBlocker
2015-04-15 10:06 - 2015-04-15 10:06 - 00000000 ____D () C:\Program Files\ProcessModule
2015-04-14 18:28 - 2015-04-14 18:28 - 00004387 _____ () C:\Users\elsuf et rouf\AppData\Roaming\mFOVoJWM2b5X8b
2015-04-14 18:28 - 2015-04-14 18:28 - 00004387 _____ () C:\Users\elsuf et rouf\AppData\Roaming\eOJ1pUo2v
2015-04-14 18:28 - 2015-04-14 18:28 - 00004387 _____ () C:\Users\elsuf et rouf\AppData\Roaming\d33uBBg7Tqj
2015-04-14 18:28 - 2015-04-14 18:28 - 00004387 _____ () C:\Users\elsuf et rouf\AppData\Roaming\CH9LNxta1twV
2015-04-13 20:47 - 2015-04-13 20:47 - 00613255 _____ (CMI Limited) C:\Users\elsuf et rouf\AppData\Local\nsd5F82.tmp
2015-04-13 17:04 - 2015-04-13 17:04 - 00628688 _____ (CMI Limited) C:\Users\elsuf et rouf\AppData\Local\nsvEC32.tmp
2015-04-13 15:54 - 2015-04-13 16:00 - 00000000 ____D () C:\Users\elsuf et rouf\AppData\Local\CFC48600-1428940452-1013-B01A-C39E29C34EA2
2015-04-13 15:47 - 2015-04-13 15:47 - 00000000 ____D () C:\ProgramData\dd260b3663ea45b0871b6ee4108ab44b
2015-04-13 15:47 - 2015-04-13 15:47 - 00000000 ____D () C:\ProgramData\55b013472cad4f98807ec39918cdbd6f
2015-04-13 15:45 - 2015-04-14 01:50 - 00000000 ____D () C:\Program Files\Software
2015-04-10 21:56 - 2015-04-10 21:56 - 00052720 _____ (Infonaut) C:\Windows\system32\Drivers\innfd_1_10_0_14.sys
2015-04-10 22:37 - 2014-12-01 20:36 - 00000000 ____D () C:\ProgramData\23405448
Task: {34E1F2D2-ADBA-4B3A-AC5A-70AD176FF46D} - System32\Tasks\PC-Doctor\Scheduled Maintenance => C:\Program Files\PC-Doctor 5 for Windows\RunProfiler.exe [2008-03-13] (PC-Doctor, Inc.)
Task: {36FB238F-C939-48AC-826D-05B49AA33EA8} - System32\Tasks\CH9LNxta1twV => C:\Users\elsuf et rouf\AppData\Roaming\CH9LNxta1twV.exe [2015-04-20] () <==== ATTENTION
Task: {40D511CB-D757-481A-A11B-A805866F25CB} - System32\Tasks\eOJ1pUo2v => C:\Users\elsuf et rouf\AppData\Roaming\eOJ1pUo2v.exe [2015-04-20] () <==== ATTENTION
Task: {41B8C1E2-D0AC-411F-AE76-759C7127D298} - System32\Tasks\SpyHunter3 => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter3.exe
Task: {4E2EEFA4-B3F6-4142-99A3-1649F2243ACE} - System32\Tasks\PC-Doctor\Scheduled Maintenance Swap => C:\Program Files\PC-Doctor 5 for Windows\task_swap.exe [2008-03-13] (PC-Doctor, Inc.)
Task: {5E367F69-5A71-4F3D-B44E-9FD78C4EACF0} - System32\Tasks\{EBAF8D6E-3619-4B3D-BBCD-FFBA13E54DE0} => pcalua.exe -a E:\installer.exe -d E:\
Task: {740F5C1B-3D71-4DC0-91B6-EDDDC934FCA7} - System32\Tasks\amiupdaterExi => C:\Users\ELSUFE~1\AppData\Local\Temp\amiupdater160.exe <==== ATTENTION
Task: {957A35DE-3E09-4DEE-9E56-AEA0A0F55327} - System32\Tasks\CS => C:\Program Files\CS\cs.exe
Task: {A09DC90F-DEFD-48B0-93B2-63037B3F32F0} - System32\Tasks\PenWes => C:\Program Files\PenWes\penwes.exe <==== ATTENTION
Task: {B2CFA407-A3FA-41DD-9B8B-43F86659B7AF} - System32\Tasks\PRJUI => C:\ProgramData\55b013472cad4f98807ec39918cdbd6f\55b013472cad4f98807ec39918cdbd6f.exe [2015-04-12] ()
Task: {BA09C263-AB1F-481E-903A-8B1DC3F77475} - System32\Tasks\d33uBBg7Tqj => C:\Users\elsuf et rouf\AppData\Roaming\d33uBBg7Tqj.exe [2015-04-20] () <==== ATTENTION
Task: {D0AB4F7E-FF11-4020-8F58-6348EB3B5E92} - System32\Tasks\mFOVoJWM2b5X8b => C:\Users\elsuf et rouf\AppData\Roaming\mFOVoJWM2b5X8b.exe [2015-04-20] () <==== ATTENTION
Task: C:\Windows\Tasks\CH9LNxta1twV.job => C:\Users\elsuf et rouf\AppData\Roaming\CH9LNxta1twV.exe <==== ATTENTION
Task: C:\Windows\Tasks\CS.job => C:\Program Files\CS\cs.exe
Task: C:\Windows\Tasks\d33uBBg7Tqj.job => C:\Users\elsuf et rouf\AppData\Roaming\d33uBBg7Tqj.exe <==== ATTENTION
Task: C:\Windows\Tasks\eOJ1pUo2v.job => C:\Users\elsuf et rouf\AppData\Roaming\eOJ1pUo2v.exe <==== ATTENTION
Task: C:\Windows\Tasks\mFOVoJWM2b5X8b.job => C:\Users\elsuf et rouf\AppData\Roaming\mFOVoJWM2b5X8b.exe <==== ATTENTION
Une fois, le texte coller dans le bloc-note.
Menu Fichier puis Enregistrer sous.
A gauche, place toi sur le bureau.
Dans le champs en bas, nom du fichier mets : fixlist.txt
Clic sur Enregistrer - cela va créer un fichier fixlist.txt sur le bureau.
Relance FRST et clic sur le bouton Fix
Selon comment un redémarrage est nécessaire (pas obligatoire).
Un fichier texte apparaît, copie/colle le contenu ici dans un nouveau message.
Redémarre l'ordinateur
puis réinitialise tes navigateurs:
==================================
Réinitialise tes navigateurs et ou manuellement reparamètre tes navigateurs WEB (page de démarrage, moteur de recherche etc) mais aussi supprimer/désactiver les extensions inutiles/parasites :
- Firefox : https://www.malekal.com/reparer-firefox/?t=36057&start=
- Google Chrome : https://www.malekal.com/reparer-google-chrome/?t=35837&start=
- Internet Explorer et modules complémentaires / moteurs de recherche : https://forum.malekal.com/viewtopic.php?t=41399&start=
~~~
Désinstalle Microsoft Security Essentials.
installe Avast! : https://www.malekal.com/tutoriel-antivirus-avast/
(Surtout active les détections LPIs pour détecter les programmes parasites et publicitaires)
Voici le nouveau rapport :
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 09-05-2015
Ran by elsuf et rouf at 2015-05-10 13:42:07 Run:1
Running from C:\Users\elsuf et rouf\Desktop
Loaded Profiles: elsuf et rouf (Available profiles: elsuf et rouf)
Boot Mode: Normal
==============================================
Content of fixlist:
HKLM\...\Run: [fst_fr_397] => [X]
HKLM\...\Run: [fst_fr_398] => [X]
HKLM\...\Run: [fst_fr_405] => [X]
HKLM\...\Run: [mbot_fr_590] => [X]
HKLM\...\Run: [gmsd_fr_416] => [X]
HKLM\...\Run: [gmsd_fr_433] => [X]
HKLM\...\Run: [gmsd_fr_486] => [X]
HKLM\...\Run: [gmsd_fr_495] => [X]
HKLM\...\Run: [gmsd_fr_517] => [X]
HKLM\...\Run: [gmsd_fr_520] => [X]
FF Extension: I - Cinema - C:\Users\elsuf et rouf\AppData\Roaming\Mozilla\Firefox\Profiles\7h533ect.default-1429636306396\Extensions\***@*** [2015-05-10]
S2 insvc_1.10.0.14; C:\Program Files\Infonaut_1.10.0.14\Service\insvc.exe [X]
S2 juboloso; C:\Users\elsuf et rouf\AppData\Roaming\CFC48600-1430660949-1013-B01A-C39E29C34EA2\nsoD2D.tmp [X]
S2 pylizyku; C:\Users\elsuf et rouf\AppData\Roaming\CFC48600-1430660949-1013-B01A-C39E29C34EA2\jnsyEB79.tmp [X]
S2 vylonomo; C:\Users\elsuf et rouf\AppData\Roaming\CFC48600-1428932942-1013-B01A-C39E29C34EA2\nsc2A1B.tmp [X]
S2 xogusefu; C:\Users\elsuf et rouf\AppData\Roaming\CFC48600-1428932942-1013-B01A-C39E29C34EA2\jnsoAD17.tmp [X]
R1 innfd_1_10_0_14; C:\Windows\System32\drivers\innfd_1_10_0_14.sys [52720 2015-04-10] (Infonaut)
2015-05-09 11:43 - 2015-05-09 11:43 - 00613255 _____ (CMI Limited) C:\Users\elsuf et rouf\AppData\Local\nse494E.tmp
2015-05-09 11:42 - 2015-05-10 11:48 - 00001028 _____ () C:\Windows\Tasks\CH9LNxta1twV.job
2015-05-09 11:01 - 2015-05-09 11:01 - 00613255 _____ (CMI Limited) C:\Users\elsuf et rouf\AppData\Local\nsg14B3.tmp
2015-05-09 10:59 - 2015-05-10 11:48 - 00001032 _____ () C:\Windows\Tasks\mFOVoJWM2b5X8b.job
2015-05-09 08:36 - 2015-05-10 11:48 - 00001022 _____ () C:\Windows\Tasks\eOJ1pUo2v.job
2015-05-07 01:20 - 2015-05-07 01:20 - 00000000 ____D () C:\Users\elsuf et rouf\AppData\Local\ZombieNews
2015-05-07 01:19 - 2015-05-07 01:19 - 00000000 ____D () C:\ProgramData\ZombieNews
2015-05-07 01:05 - 2015-05-10 11:48 - 00001026 _____ () C:\Windows\Tasks\d33uBBg7Tqj.job
2015-05-06 18:33 - 2015-05-06 18:33 - 00000000 ____D () C:\Windows\system32\Flash
2015-05-06 18:31 - 2015-05-06 18:31 - 00613255 _____ (CMI Limited) C:\Users\elsuf et rouf\AppData\Local\nsu3D5E.tmp
2015-05-03 15:53 - 2015-05-03 16:44 - 00000000 ____D () C:\Users\elsuf et rouf\AppData\Local\CFC48600-1430668431-1013-B01A-C39E29C34EA2
2015-05-03 15:52 - 2015-05-10 11:39 - 00000004 _____ () C:\Windows\system32\029B560A371F4E00AB32838EBC01B9E7
2015-05-03 15:50 - 2015-05-03 15:51 - 00000000 ____D () C:\Users\elsuf et rouf\AppData\Local\CFC48600-1430668258-1013-B01A-C39E29C34EA2
2015-04-20 16:05 - 2015-04-20 16:05 - 01246720 _____ () C:\Users\elsuf et rouf\AppData\Roaming\mFOVoJWM2b5X8b.exe
2015-04-20 16:05 - 2015-04-20 16:05 - 01246720 _____ () C:\Users\elsuf et rouf\AppData\Roaming\eOJ1pUo2v.exe
2015-04-20 16:05 - 2015-04-20 16:05 - 01246720 _____ () C:\Users\elsuf et rouf\AppData\Roaming\d33uBBg7Tqj.exe
2015-04-20 16:05 - 2015-04-20 16:05 - 01246720 _____ () C:\Users\elsuf et rouf\AppData\Roaming\CH9LNxta1twV.exe
2015-04-15 10:27 - 2015-04-15 10:27 - 00000000 ____D () C:\ProgramData\The AdBlocker
2015-04-15 10:06 - 2015-04-15 10:06 - 00000000 ____D () C:\Program Files\ProcessModule
2015-04-14 18:28 - 2015-04-14 18:28 - 00004387 _____ () C:\Users\elsuf et rouf\AppData\Roaming\mFOVoJWM2b5X8b
2015-04-14 18:28 - 2015-04-14 18:28 - 00004387 _____ () C:\Users\elsuf et rouf\AppData\Roaming\eOJ1pUo2v
2015-04-14 18:28 - 2015-04-14 18:28 - 00004387 _____ () C:\Users\elsuf et rouf\AppData\Roaming\d33uBBg7Tqj
2015-04-14 18:28 - 2015-04-14 18:28 - 00004387 _____ () C:\Users\elsuf et rouf\AppData\Roaming\CH9LNxta1twV
2015-04-13 20:47 - 2015-04-13 20:47 - 00613255 _____ (CMI Limited) C:\Users\elsuf et rouf\AppData\Local\nsd5F82.tmp
2015-04-13 17:04 - 2015-04-13 17:04 - 00628688 _____ (CMI Limited) C:\Users\elsuf et rouf\AppData\Local\nsvEC32.tmp
2015-04-13 15:54 - 2015-04-13 16:00 - 00000000 ____D () C:\Users\elsuf et rouf\AppData\Local\CFC48600-1428940452-1013-B01A-C39E29C34EA2
2015-04-13 15:47 - 2015-04-13 15:47 - 00000000 ____D () C:\ProgramData\dd260b3663ea45b0871b6ee4108ab44b
2015-04-13 15:47 - 2015-04-13 15:47 - 00000000 ____D () C:\ProgramData\55b013472cad4f98807ec39918cdbd6f
2015-04-13 15:45 - 2015-04-14 01:50 - 00000000 ____D () C:\Program Files\Software
2015-04-10 21:56 - 2015-04-10 21:56 - 00052720 _____ (Infonaut) C:\Windows\system32\Drivers\innfd_1_10_0_14.sys
2015-04-10 22:37 - 2014-12-01 20:36 - 00000000 ____D () C:\ProgramData\23405448
Task: {34E1F2D2-ADBA-4B3A-AC5A-70AD176FF46D} - System32\Tasks\PC-Doctor\Scheduled Maintenance => C:\Program Files\PC-Doctor 5 for Windows\RunProfiler.exe [2008-03-13] (PC-Doctor, Inc.)
Task: {36FB238F-C939-48AC-826D-05B49AA33EA8} - System32\Tasks\CH9LNxta1twV => C:\Users\elsuf et rouf\AppData\Roaming\CH9LNxta1twV.exe [2015-04-20] () <==== ATTENTION
Task: {40D511CB-D757-481A-A11B-A805866F25CB} - System32\Tasks\eOJ1pUo2v => C:\Users\elsuf et rouf\AppData\Roaming\eOJ1pUo2v.exe [2015-04-20] () <==== ATTENTION
Task: {41B8C1E2-D0AC-411F-AE76-759C7127D298} - System32\Tasks\SpyHunter3 => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter3.exe
Task: {4E2EEFA4-B3F6-4142-99A3-1649F2243ACE} - System32\Tasks\PC-Doctor\Scheduled Maintenance Swap => C:\Program Files\PC-Doctor 5 for Windows\task_swap.exe [2008-03-13] (PC-Doctor, Inc.)
Task: {5E367F69-5A71-4F3D-B44E-9FD78C4EACF0} - System32\Tasks\{EBAF8D6E-3619-4B3D-BBCD-FFBA13E54DE0} => pcalua.exe -a E:\installer.exe -d E:\
Task: {740F5C1B-3D71-4DC0-91B6-EDDDC934FCA7} - System32\Tasks\amiupdaterExi => C:\Users\ELSUFE~1\AppData\Local\Temp\amiupdater160.exe <==== ATTENTION
Task: {957A35DE-3E09-4DEE-9E56-AEA0A0F55327} - System32\Tasks\CS => C:\Program Files\CS\cs.exe
Task: {A09DC90F-DEFD-48B0-93B2-63037B3F32F0} - System32\Tasks\PenWes => C:\Program Files\PenWes\penwes.exe <==== ATTENTION
Task: {B2CFA407-A3FA-41DD-9B8B-43F86659B7AF} - System32\Tasks\PRJUI => C:\ProgramData\55b013472cad4f98807ec39918cdbd6f\55b013472cad4f98807ec39918cdbd6f.exe [2015-04-12] ()
Task: {BA09C263-AB1F-481E-903A-8B1DC3F77475} - System32\Tasks\d33uBBg7Tqj => C:\Users\elsuf et rouf\AppData\Roaming\d33uBBg7Tqj.exe [2015-04-20] () <==== ATTENTION
Task: {D0AB4F7E-FF11-4020-8F58-6348EB3B5E92} - System32\Tasks\mFOVoJWM2b5X8b => C:\Users\elsuf et rouf\AppData\Roaming\mFOVoJWM2b5X8b.exe [2015-04-20] () <==== ATTENTION
Task: C:\Windows\Tasks\CH9LNxta1twV.job => C:\Users\elsuf et rouf\AppData\Roaming\CH9LNxta1twV.exe <==== ATTENTION
Task: C:\Windows\Tasks\CS.job => C:\Program Files\CS\cs.exe
Task: C:\Windows\Tasks\d33uBBg7Tqj.job => C:\Users\elsuf et rouf\AppData\Roaming\d33uBBg7Tqj.exe <==== ATTENTION
Task: C:\Windows\Tasks\eOJ1pUo2v.job => C:\Users\elsuf et rouf\AppData\Roaming\eOJ1pUo2v.exe <==== ATTENTION
Task: C:\Windows\Tasks\mFOVoJWM2b5X8b.job => C:\Users\elsuf et rouf\AppData\Roaming\mFOVoJWM2b5X8b.exe <==== ATTENTION
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\fst_fr_397 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\fst_fr_398 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\fst_fr_405 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\mbot_fr_590 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\gmsd_fr_416 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\gmsd_fr_433 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\gmsd_fr_486 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\gmsd_fr_495 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\gmsd_fr_517 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\gmsd_fr_520 => value deleted successfully.
C:\Users\elsuf et rouf\AppData\Roaming\Mozilla\Firefox\Profiles\7h533ect.default-1429636306396\Extensions\***@*** => Moved successfully.
insvc_1.10.0.14 => Service deleted successfully.
juboloso => Service deleted successfully.
pylizyku => Service deleted successfully.
vylonomo => Service deleted successfully.
xogusefu => Service deleted successfully.
innfd_1_10_0_14 => Unable to stop service
innfd_1_10_0_14 => Service deleted successfully.
C:\Users\elsuf et rouf\AppData\Local\nse494E.tmp => Moved successfully.
C:\Windows\Tasks\CH9LNxta1twV.job => Moved successfully.
C:\Users\elsuf et rouf\AppData\Local\nsg14B3.tmp => Moved successfully.
C:\Windows\Tasks\mFOVoJWM2b5X8b.job => Moved successfully.
C:\Windows\Tasks\eOJ1pUo2v.job => Moved successfully.
C:\Users\elsuf et rouf\AppData\Local\ZombieNews => Moved successfully.
C:\ProgramData\ZombieNews => Moved successfully.
C:\Windows\Tasks\d33uBBg7Tqj.job => Moved successfully.
C:\Windows\system32\Flash => Moved successfully.
C:\Users\elsuf et rouf\AppData\Local\nsu3D5E.tmp => Moved successfully.
C:\Users\elsuf et rouf\AppData\Local\CFC48600-1430668431-1013-B01A-C39E29C34EA2 => Moved successfully.
C:\Windows\system32\029B560A371F4E00AB32838EBC01B9E7 => Moved successfully.
C:\Users\elsuf et rouf\AppData\Local\CFC48600-1430668258-1013-B01A-C39E29C34EA2 => Moved successfully.
C:\Users\elsuf et rouf\AppData\Roaming\mFOVoJWM2b5X8b.exe => Moved successfully.
C:\Users\elsuf et rouf\AppData\Roaming\eOJ1pUo2v.exe => Moved successfully.
C:\Users\elsuf et rouf\AppData\Roaming\d33uBBg7Tqj.exe => Moved successfully.
C:\Users\elsuf et rouf\AppData\Roaming\CH9LNxta1twV.exe => Moved successfully.
C:\ProgramData\The AdBlocker => Moved successfully.
C:\Program Files\ProcessModule => Moved successfully.
C:\Users\elsuf et rouf\AppData\Roaming\mFOVoJWM2b5X8b => Moved successfully.
C:\Users\elsuf et rouf\AppData\Roaming\eOJ1pUo2v => Moved successfully.
C:\Users\elsuf et rouf\AppData\Roaming\d33uBBg7Tqj => Moved successfully.
C:\Users\elsuf et rouf\AppData\Roaming\CH9LNxta1twV => Moved successfully.
C:\Users\elsuf et rouf\AppData\Local\nsd5F82.tmp => Moved successfully.
C:\Users\elsuf et rouf\AppData\Local\nsvEC32.tmp => Moved successfully.
C:\Users\elsuf et rouf\AppData\Local\CFC48600-1428940452-1013-B01A-C39E29C34EA2 => Moved successfully.
C:\ProgramData\dd260b3663ea45b0871b6ee4108ab44b => Moved successfully.
C:\ProgramData\55b013472cad4f98807ec39918cdbd6f => Moved successfully.
C:\Program Files\Software => Moved successfully.
C:\Windows\system32\Drivers\innfd_1_10_0_14.sys => Moved successfully.
C:\ProgramData\23405448 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{34E1F2D2-ADBA-4B3A-AC5A-70AD176FF46D}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{34E1F2D2-ADBA-4B3A-AC5A-70AD176FF46D}" => Key deleted successfully.
C:\Windows\System32\Tasks\PC-Doctor\Scheduled Maintenance => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PC-Doctor\Scheduled Maintenance" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{36FB238F-C939-48AC-826D-05B49AA33EA8}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{36FB238F-C939-48AC-826D-05B49AA33EA8}" => Key deleted successfully.
C:\Windows\System32\Tasks\CH9LNxta1twV => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CH9LNxta1twV" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{40D511CB-D757-481A-A11B-A805866F25CB}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{40D511CB-D757-481A-A11B-A805866F25CB}" => Key deleted successfully.
C:\Windows\System32\Tasks\eOJ1pUo2v => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\eOJ1pUo2v" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{41B8C1E2-D0AC-411F-AE76-759C7127D298}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{41B8C1E2-D0AC-411F-AE76-759C7127D298}" => Key deleted successfully.
C:\Windows\System32\Tasks\SpyHunter3 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SpyHunter3" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4E2EEFA4-B3F6-4142-99A3-1649F2243ACE}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4E2EEFA4-B3F6-4142-99A3-1649F2243ACE}" => Key deleted successfully.
C:\Windows\System32\Tasks\PC-Doctor\Scheduled Maintenance Swap => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PC-Doctor\Scheduled Maintenance Swap" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5E367F69-5A71-4F3D-B44E-9FD78C4EACF0}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5E367F69-5A71-4F3D-B44E-9FD78C4EACF0}" => Key deleted successfully.
C:\Windows\System32\Tasks\{EBAF8D6E-3619-4B3D-BBCD-FFBA13E54DE0} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{EBAF8D6E-3619-4B3D-BBCD-FFBA13E54DE0}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{740F5C1B-3D71-4DC0-91B6-EDDDC934FCA7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{740F5C1B-3D71-4DC0-91B6-EDDDC934FCA7}" => Key deleted successfully.
C:\Windows\System32\Tasks\amiupdaterExi => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\amiupdaterExi" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{957A35DE-3E09-4DEE-9E56-AEA0A0F55327}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{957A35DE-3E09-4DEE-9E56-AEA0A0F55327}" => Key deleted successfully.
C:\Windows\System32\Tasks\CS => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CS" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A09DC90F-DEFD-48B0-93B2-63037B3F32F0}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A09DC90F-DEFD-48B0-93B2-63037B3F32F0}" => Key deleted successfully.
C:\Windows\System32\Tasks\PenWes => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PenWes" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B2CFA407-A3FA-41DD-9B8B-43F86659B7AF}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B2CFA407-A3FA-41DD-9B8B-43F86659B7AF}" => Key deleted successfully.
C:\Windows\System32\Tasks\PRJUI => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PRJUI" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{BA09C263-AB1F-481E-903A-8B1DC3F77475}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BA09C263-AB1F-481E-903A-8B1DC3F77475}" => Key deleted successfully.
C:\Windows\System32\Tasks\d33uBBg7Tqj => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\d33uBBg7Tqj" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D0AB4F7E-FF11-4020-8F58-6348EB3B5E92}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D0AB4F7E-FF11-4020-8F58-6348EB3B5E92}" => Key deleted successfully.
C:\Windows\System32\Tasks\mFOVoJWM2b5X8b => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\mFOVoJWM2b5X8b" => Key deleted successfully.
C:\Windows\Tasks\CH9LNxta1twV.job not found.
C:\Windows\Tasks\CS.job => Moved successfully.
C:\Windows\Tasks\d33uBBg7Tqj.job not found.
C:\Windows\Tasks\eOJ1pUo2v.job not found.
C:\Windows\Tasks\mFOVoJWM2b5X8b.job not found.
The system needed a reboot.
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 09-05-2015
Ran by elsuf et rouf at 2015-05-10 13:42:07 Run:1
Running from C:\Users\elsuf et rouf\Desktop
Loaded Profiles: elsuf et rouf (Available profiles: elsuf et rouf)
Boot Mode: Normal
==============================================
Content of fixlist:
HKLM\...\Run: [fst_fr_397] => [X]
HKLM\...\Run: [fst_fr_398] => [X]
HKLM\...\Run: [fst_fr_405] => [X]
HKLM\...\Run: [mbot_fr_590] => [X]
HKLM\...\Run: [gmsd_fr_416] => [X]
HKLM\...\Run: [gmsd_fr_433] => [X]
HKLM\...\Run: [gmsd_fr_486] => [X]
HKLM\...\Run: [gmsd_fr_495] => [X]
HKLM\...\Run: [gmsd_fr_517] => [X]
HKLM\...\Run: [gmsd_fr_520] => [X]
FF Extension: I - Cinema - C:\Users\elsuf et rouf\AppData\Roaming\Mozilla\Firefox\Profiles\7h533ect.default-1429636306396\Extensions\***@*** [2015-05-10]
S2 insvc_1.10.0.14; C:\Program Files\Infonaut_1.10.0.14\Service\insvc.exe [X]
S2 juboloso; C:\Users\elsuf et rouf\AppData\Roaming\CFC48600-1430660949-1013-B01A-C39E29C34EA2\nsoD2D.tmp [X]
S2 pylizyku; C:\Users\elsuf et rouf\AppData\Roaming\CFC48600-1430660949-1013-B01A-C39E29C34EA2\jnsyEB79.tmp [X]
S2 vylonomo; C:\Users\elsuf et rouf\AppData\Roaming\CFC48600-1428932942-1013-B01A-C39E29C34EA2\nsc2A1B.tmp [X]
S2 xogusefu; C:\Users\elsuf et rouf\AppData\Roaming\CFC48600-1428932942-1013-B01A-C39E29C34EA2\jnsoAD17.tmp [X]
R1 innfd_1_10_0_14; C:\Windows\System32\drivers\innfd_1_10_0_14.sys [52720 2015-04-10] (Infonaut)
2015-05-09 11:43 - 2015-05-09 11:43 - 00613255 _____ (CMI Limited) C:\Users\elsuf et rouf\AppData\Local\nse494E.tmp
2015-05-09 11:42 - 2015-05-10 11:48 - 00001028 _____ () C:\Windows\Tasks\CH9LNxta1twV.job
2015-05-09 11:01 - 2015-05-09 11:01 - 00613255 _____ (CMI Limited) C:\Users\elsuf et rouf\AppData\Local\nsg14B3.tmp
2015-05-09 10:59 - 2015-05-10 11:48 - 00001032 _____ () C:\Windows\Tasks\mFOVoJWM2b5X8b.job
2015-05-09 08:36 - 2015-05-10 11:48 - 00001022 _____ () C:\Windows\Tasks\eOJ1pUo2v.job
2015-05-07 01:20 - 2015-05-07 01:20 - 00000000 ____D () C:\Users\elsuf et rouf\AppData\Local\ZombieNews
2015-05-07 01:19 - 2015-05-07 01:19 - 00000000 ____D () C:\ProgramData\ZombieNews
2015-05-07 01:05 - 2015-05-10 11:48 - 00001026 _____ () C:\Windows\Tasks\d33uBBg7Tqj.job
2015-05-06 18:33 - 2015-05-06 18:33 - 00000000 ____D () C:\Windows\system32\Flash
2015-05-06 18:31 - 2015-05-06 18:31 - 00613255 _____ (CMI Limited) C:\Users\elsuf et rouf\AppData\Local\nsu3D5E.tmp
2015-05-03 15:53 - 2015-05-03 16:44 - 00000000 ____D () C:\Users\elsuf et rouf\AppData\Local\CFC48600-1430668431-1013-B01A-C39E29C34EA2
2015-05-03 15:52 - 2015-05-10 11:39 - 00000004 _____ () C:\Windows\system32\029B560A371F4E00AB32838EBC01B9E7
2015-05-03 15:50 - 2015-05-03 15:51 - 00000000 ____D () C:\Users\elsuf et rouf\AppData\Local\CFC48600-1430668258-1013-B01A-C39E29C34EA2
2015-04-20 16:05 - 2015-04-20 16:05 - 01246720 _____ () C:\Users\elsuf et rouf\AppData\Roaming\mFOVoJWM2b5X8b.exe
2015-04-20 16:05 - 2015-04-20 16:05 - 01246720 _____ () C:\Users\elsuf et rouf\AppData\Roaming\eOJ1pUo2v.exe
2015-04-20 16:05 - 2015-04-20 16:05 - 01246720 _____ () C:\Users\elsuf et rouf\AppData\Roaming\d33uBBg7Tqj.exe
2015-04-20 16:05 - 2015-04-20 16:05 - 01246720 _____ () C:\Users\elsuf et rouf\AppData\Roaming\CH9LNxta1twV.exe
2015-04-15 10:27 - 2015-04-15 10:27 - 00000000 ____D () C:\ProgramData\The AdBlocker
2015-04-15 10:06 - 2015-04-15 10:06 - 00000000 ____D () C:\Program Files\ProcessModule
2015-04-14 18:28 - 2015-04-14 18:28 - 00004387 _____ () C:\Users\elsuf et rouf\AppData\Roaming\mFOVoJWM2b5X8b
2015-04-14 18:28 - 2015-04-14 18:28 - 00004387 _____ () C:\Users\elsuf et rouf\AppData\Roaming\eOJ1pUo2v
2015-04-14 18:28 - 2015-04-14 18:28 - 00004387 _____ () C:\Users\elsuf et rouf\AppData\Roaming\d33uBBg7Tqj
2015-04-14 18:28 - 2015-04-14 18:28 - 00004387 _____ () C:\Users\elsuf et rouf\AppData\Roaming\CH9LNxta1twV
2015-04-13 20:47 - 2015-04-13 20:47 - 00613255 _____ (CMI Limited) C:\Users\elsuf et rouf\AppData\Local\nsd5F82.tmp
2015-04-13 17:04 - 2015-04-13 17:04 - 00628688 _____ (CMI Limited) C:\Users\elsuf et rouf\AppData\Local\nsvEC32.tmp
2015-04-13 15:54 - 2015-04-13 16:00 - 00000000 ____D () C:\Users\elsuf et rouf\AppData\Local\CFC48600-1428940452-1013-B01A-C39E29C34EA2
2015-04-13 15:47 - 2015-04-13 15:47 - 00000000 ____D () C:\ProgramData\dd260b3663ea45b0871b6ee4108ab44b
2015-04-13 15:47 - 2015-04-13 15:47 - 00000000 ____D () C:\ProgramData\55b013472cad4f98807ec39918cdbd6f
2015-04-13 15:45 - 2015-04-14 01:50 - 00000000 ____D () C:\Program Files\Software
2015-04-10 21:56 - 2015-04-10 21:56 - 00052720 _____ (Infonaut) C:\Windows\system32\Drivers\innfd_1_10_0_14.sys
2015-04-10 22:37 - 2014-12-01 20:36 - 00000000 ____D () C:\ProgramData\23405448
Task: {34E1F2D2-ADBA-4B3A-AC5A-70AD176FF46D} - System32\Tasks\PC-Doctor\Scheduled Maintenance => C:\Program Files\PC-Doctor 5 for Windows\RunProfiler.exe [2008-03-13] (PC-Doctor, Inc.)
Task: {36FB238F-C939-48AC-826D-05B49AA33EA8} - System32\Tasks\CH9LNxta1twV => C:\Users\elsuf et rouf\AppData\Roaming\CH9LNxta1twV.exe [2015-04-20] () <==== ATTENTION
Task: {40D511CB-D757-481A-A11B-A805866F25CB} - System32\Tasks\eOJ1pUo2v => C:\Users\elsuf et rouf\AppData\Roaming\eOJ1pUo2v.exe [2015-04-20] () <==== ATTENTION
Task: {41B8C1E2-D0AC-411F-AE76-759C7127D298} - System32\Tasks\SpyHunter3 => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter3.exe
Task: {4E2EEFA4-B3F6-4142-99A3-1649F2243ACE} - System32\Tasks\PC-Doctor\Scheduled Maintenance Swap => C:\Program Files\PC-Doctor 5 for Windows\task_swap.exe [2008-03-13] (PC-Doctor, Inc.)
Task: {5E367F69-5A71-4F3D-B44E-9FD78C4EACF0} - System32\Tasks\{EBAF8D6E-3619-4B3D-BBCD-FFBA13E54DE0} => pcalua.exe -a E:\installer.exe -d E:\
Task: {740F5C1B-3D71-4DC0-91B6-EDDDC934FCA7} - System32\Tasks\amiupdaterExi => C:\Users\ELSUFE~1\AppData\Local\Temp\amiupdater160.exe <==== ATTENTION
Task: {957A35DE-3E09-4DEE-9E56-AEA0A0F55327} - System32\Tasks\CS => C:\Program Files\CS\cs.exe
Task: {A09DC90F-DEFD-48B0-93B2-63037B3F32F0} - System32\Tasks\PenWes => C:\Program Files\PenWes\penwes.exe <==== ATTENTION
Task: {B2CFA407-A3FA-41DD-9B8B-43F86659B7AF} - System32\Tasks\PRJUI => C:\ProgramData\55b013472cad4f98807ec39918cdbd6f\55b013472cad4f98807ec39918cdbd6f.exe [2015-04-12] ()
Task: {BA09C263-AB1F-481E-903A-8B1DC3F77475} - System32\Tasks\d33uBBg7Tqj => C:\Users\elsuf et rouf\AppData\Roaming\d33uBBg7Tqj.exe [2015-04-20] () <==== ATTENTION
Task: {D0AB4F7E-FF11-4020-8F58-6348EB3B5E92} - System32\Tasks\mFOVoJWM2b5X8b => C:\Users\elsuf et rouf\AppData\Roaming\mFOVoJWM2b5X8b.exe [2015-04-20] () <==== ATTENTION
Task: C:\Windows\Tasks\CH9LNxta1twV.job => C:\Users\elsuf et rouf\AppData\Roaming\CH9LNxta1twV.exe <==== ATTENTION
Task: C:\Windows\Tasks\CS.job => C:\Program Files\CS\cs.exe
Task: C:\Windows\Tasks\d33uBBg7Tqj.job => C:\Users\elsuf et rouf\AppData\Roaming\d33uBBg7Tqj.exe <==== ATTENTION
Task: C:\Windows\Tasks\eOJ1pUo2v.job => C:\Users\elsuf et rouf\AppData\Roaming\eOJ1pUo2v.exe <==== ATTENTION
Task: C:\Windows\Tasks\mFOVoJWM2b5X8b.job => C:\Users\elsuf et rouf\AppData\Roaming\mFOVoJWM2b5X8b.exe <==== ATTENTION
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\fst_fr_397 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\fst_fr_398 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\fst_fr_405 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\mbot_fr_590 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\gmsd_fr_416 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\gmsd_fr_433 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\gmsd_fr_486 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\gmsd_fr_495 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\gmsd_fr_517 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\gmsd_fr_520 => value deleted successfully.
C:\Users\elsuf et rouf\AppData\Roaming\Mozilla\Firefox\Profiles\7h533ect.default-1429636306396\Extensions\***@*** => Moved successfully.
insvc_1.10.0.14 => Service deleted successfully.
juboloso => Service deleted successfully.
pylizyku => Service deleted successfully.
vylonomo => Service deleted successfully.
xogusefu => Service deleted successfully.
innfd_1_10_0_14 => Unable to stop service
innfd_1_10_0_14 => Service deleted successfully.
C:\Users\elsuf et rouf\AppData\Local\nse494E.tmp => Moved successfully.
C:\Windows\Tasks\CH9LNxta1twV.job => Moved successfully.
C:\Users\elsuf et rouf\AppData\Local\nsg14B3.tmp => Moved successfully.
C:\Windows\Tasks\mFOVoJWM2b5X8b.job => Moved successfully.
C:\Windows\Tasks\eOJ1pUo2v.job => Moved successfully.
C:\Users\elsuf et rouf\AppData\Local\ZombieNews => Moved successfully.
C:\ProgramData\ZombieNews => Moved successfully.
C:\Windows\Tasks\d33uBBg7Tqj.job => Moved successfully.
C:\Windows\system32\Flash => Moved successfully.
C:\Users\elsuf et rouf\AppData\Local\nsu3D5E.tmp => Moved successfully.
C:\Users\elsuf et rouf\AppData\Local\CFC48600-1430668431-1013-B01A-C39E29C34EA2 => Moved successfully.
C:\Windows\system32\029B560A371F4E00AB32838EBC01B9E7 => Moved successfully.
C:\Users\elsuf et rouf\AppData\Local\CFC48600-1430668258-1013-B01A-C39E29C34EA2 => Moved successfully.
C:\Users\elsuf et rouf\AppData\Roaming\mFOVoJWM2b5X8b.exe => Moved successfully.
C:\Users\elsuf et rouf\AppData\Roaming\eOJ1pUo2v.exe => Moved successfully.
C:\Users\elsuf et rouf\AppData\Roaming\d33uBBg7Tqj.exe => Moved successfully.
C:\Users\elsuf et rouf\AppData\Roaming\CH9LNxta1twV.exe => Moved successfully.
C:\ProgramData\The AdBlocker => Moved successfully.
C:\Program Files\ProcessModule => Moved successfully.
C:\Users\elsuf et rouf\AppData\Roaming\mFOVoJWM2b5X8b => Moved successfully.
C:\Users\elsuf et rouf\AppData\Roaming\eOJ1pUo2v => Moved successfully.
C:\Users\elsuf et rouf\AppData\Roaming\d33uBBg7Tqj => Moved successfully.
C:\Users\elsuf et rouf\AppData\Roaming\CH9LNxta1twV => Moved successfully.
C:\Users\elsuf et rouf\AppData\Local\nsd5F82.tmp => Moved successfully.
C:\Users\elsuf et rouf\AppData\Local\nsvEC32.tmp => Moved successfully.
C:\Users\elsuf et rouf\AppData\Local\CFC48600-1428940452-1013-B01A-C39E29C34EA2 => Moved successfully.
C:\ProgramData\dd260b3663ea45b0871b6ee4108ab44b => Moved successfully.
C:\ProgramData\55b013472cad4f98807ec39918cdbd6f => Moved successfully.
C:\Program Files\Software => Moved successfully.
C:\Windows\system32\Drivers\innfd_1_10_0_14.sys => Moved successfully.
C:\ProgramData\23405448 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{34E1F2D2-ADBA-4B3A-AC5A-70AD176FF46D}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{34E1F2D2-ADBA-4B3A-AC5A-70AD176FF46D}" => Key deleted successfully.
C:\Windows\System32\Tasks\PC-Doctor\Scheduled Maintenance => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PC-Doctor\Scheduled Maintenance" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{36FB238F-C939-48AC-826D-05B49AA33EA8}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{36FB238F-C939-48AC-826D-05B49AA33EA8}" => Key deleted successfully.
C:\Windows\System32\Tasks\CH9LNxta1twV => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CH9LNxta1twV" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{40D511CB-D757-481A-A11B-A805866F25CB}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{40D511CB-D757-481A-A11B-A805866F25CB}" => Key deleted successfully.
C:\Windows\System32\Tasks\eOJ1pUo2v => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\eOJ1pUo2v" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{41B8C1E2-D0AC-411F-AE76-759C7127D298}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{41B8C1E2-D0AC-411F-AE76-759C7127D298}" => Key deleted successfully.
C:\Windows\System32\Tasks\SpyHunter3 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SpyHunter3" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4E2EEFA4-B3F6-4142-99A3-1649F2243ACE}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4E2EEFA4-B3F6-4142-99A3-1649F2243ACE}" => Key deleted successfully.
C:\Windows\System32\Tasks\PC-Doctor\Scheduled Maintenance Swap => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PC-Doctor\Scheduled Maintenance Swap" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5E367F69-5A71-4F3D-B44E-9FD78C4EACF0}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5E367F69-5A71-4F3D-B44E-9FD78C4EACF0}" => Key deleted successfully.
C:\Windows\System32\Tasks\{EBAF8D6E-3619-4B3D-BBCD-FFBA13E54DE0} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{EBAF8D6E-3619-4B3D-BBCD-FFBA13E54DE0}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{740F5C1B-3D71-4DC0-91B6-EDDDC934FCA7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{740F5C1B-3D71-4DC0-91B6-EDDDC934FCA7}" => Key deleted successfully.
C:\Windows\System32\Tasks\amiupdaterExi => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\amiupdaterExi" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{957A35DE-3E09-4DEE-9E56-AEA0A0F55327}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{957A35DE-3E09-4DEE-9E56-AEA0A0F55327}" => Key deleted successfully.
C:\Windows\System32\Tasks\CS => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CS" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A09DC90F-DEFD-48B0-93B2-63037B3F32F0}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A09DC90F-DEFD-48B0-93B2-63037B3F32F0}" => Key deleted successfully.
C:\Windows\System32\Tasks\PenWes => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PenWes" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B2CFA407-A3FA-41DD-9B8B-43F86659B7AF}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B2CFA407-A3FA-41DD-9B8B-43F86659B7AF}" => Key deleted successfully.
C:\Windows\System32\Tasks\PRJUI => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PRJUI" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{BA09C263-AB1F-481E-903A-8B1DC3F77475}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BA09C263-AB1F-481E-903A-8B1DC3F77475}" => Key deleted successfully.
C:\Windows\System32\Tasks\d33uBBg7Tqj => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\d33uBBg7Tqj" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D0AB4F7E-FF11-4020-8F58-6348EB3B5E92}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D0AB4F7E-FF11-4020-8F58-6348EB3B5E92}" => Key deleted successfully.
C:\Windows\System32\Tasks\mFOVoJWM2b5X8b => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\mFOVoJWM2b5X8b" => Key deleted successfully.
C:\Windows\Tasks\CH9LNxta1twV.job not found.
C:\Windows\Tasks\CS.job => Moved successfully.
C:\Windows\Tasks\d33uBBg7Tqj.job not found.
C:\Windows\Tasks\eOJ1pUo2v.job not found.
C:\Windows\Tasks\mFOVoJWM2b5X8b.job not found.
The system needed a reboot.
End of Fixlog 13:42:15
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
elsuf
Messages postés
3
Date d'inscription
dimanche 10 mai 2015
Statut
Membre
Dernière intervention
10 mai 2015
10 mai 2015 à 14:17
10 mai 2015 à 14:17
J'ai installé avast comme vous me l'avez recommandé.
Merci pour le temps que vous m'avez accordé.
Bonne continuation.
Merci pour le temps que vous m'avez accordé.
Bonne continuation.
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 628
10 mai 2015 à 20:52
10 mai 2015 à 20:52
Termine par un nettoyage Malwarebyte : https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
et ça devrait rouler =)
~~
Voila, c'est terminé, tu peux supprimer les programmes utilisés.
Quelques conseils :
Pour prévenir les sites malicieux, tu peux installer Blockulicious : https://forum.malekal.com/viewtopic.php?t=46656&start=
Pour ne plus te faire avoir.
A lire - Programmes parasites / PUPs : https://www.malekal.com/adwares-pup-protection/
(Surtout active les détections LPIs pour détecter les programmes parasites et publicitaires)
Le reste de la sécurité : http://forum.malekal.com/comment-securiser-son-ordinateur.html
et ça devrait rouler =)
~~
Voila, c'est terminé, tu peux supprimer les programmes utilisés.
Quelques conseils :
Pour prévenir les sites malicieux, tu peux installer Blockulicious : https://forum.malekal.com/viewtopic.php?t=46656&start=
Pour ne plus te faire avoir.
A lire - Programmes parasites / PUPs : https://www.malekal.com/adwares-pup-protection/
(Surtout active les détections LPIs pour détecter les programmes parasites et publicitaires)
Le reste de la sécurité : http://forum.malekal.com/comment-securiser-son-ordinateur.html
