Problème ad by deals
nanou2974
Messages postés
5
Date d'inscription
Statut
Membre
Dernière intervention
-
Malekal_morte- Messages postés 180304 Date d'inscription Statut Modérateur, Contributeur sécurité Dernière intervention -
Malekal_morte- Messages postés 180304 Date d'inscription Statut Modérateur, Contributeur sécurité Dernière intervention -
Bonjour,
Je ne parviens pas à supprimer les fenetres publicitaires qui s'afficent lorsque je navigue sur internet.? Elles proviennent de ad by deals ainsi que de edeals pop.
En regardant dans c:programmes je me rends compte que j'ai aussi un programme accelerer pc, je ne parviens pas non lus à le désinstaller.
Pouvez vous m'aider?
J'ai déja téléchargé adw cleaners et voici le lien du rapport
https://pjjoint.malekal.com/files.php?id=20150122_j11o11u8d8l7
merci d'avance
Je ne parviens pas à supprimer les fenetres publicitaires qui s'afficent lorsque je navigue sur internet.? Elles proviennent de ad by deals ainsi que de edeals pop.
En regardant dans c:programmes je me rends compte que j'ai aussi un programme accelerer pc, je ne parviens pas non lus à le désinstaller.
Pouvez vous m'aider?
J'ai déja téléchargé adw cleaners et voici le lien du rapport
https://pjjoint.malekal.com/files.php?id=20150122_j11o11u8d8l7
merci d'avance
A voir également:
- Problème ad by deals
- La shoes by avis - Forum Consommation & Internet
- Photos liked by ne fonctionne plus ✓ - Forum Facebook
- ".Ms-ad" ✓ - Forum Windows
- Ad aware - Télécharger - Sécurité
- Ads by cooking - Forum Virus
7 réponses
Salut,
Suis ce tutoriel FRST: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/
Cela va générer trois rapports FRST :
* FRST.txt
* Shortcut.txt
* Additionnal.txt
Envoie comme expliqué, ces trois rapports sur le site pjjoint et donne les trois liens pjjoint de ces rapports afin qu'ils puissent être consultés.
Suis ce tutoriel FRST: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/
Cela va générer trois rapports FRST :
* FRST.txt
* Shortcut.txt
* Additionnal.txt
Envoie comme expliqué, ces trois rapports sur le site pjjoint et donne les trois liens pjjoint de ces rapports afin qu'ils puissent être consultés.
Voila, j'ai fini par y arriver. Désolée hein mais nous n'avons pas le meme niveau en informatique ;-)
https://pjjoint.malekal.com/files.php?id=FRST_20150122_w12v10h12p10p10
https://pjjoint.malekal.com/files.php?id=20150122_y14w1415f15w12
https://pjjoint.malekal.com/files.php?id=20150122_c9y10h9v14l7
https://pjjoint.malekal.com/files.php?id=FRST_20150122_w12v10h12p10p10
https://pjjoint.malekal.com/files.php?id=20150122_y14w1415f15w12
https://pjjoint.malekal.com/files.php?id=20150122_c9y10h9v14l7
Note la procédure pour supprimer les proxys : https://forum.malekal.com/viewtopic.php?t=47404&start=
Voici la correction à effectuer avec FRST.
Tu peux t'inspirer de cette note explicative avec des captures d'écran pour t'aider: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/#fix
Ouvre le bloc-notes : Touche Windows + R, dans le champs executer, tape notepad et OK.
Copie/colle dedans ce qui suit :
HKLM\...\Run: [mbot_fr_71] => [X]
HKLM\...\Run: [eDealPop] => C:\Program Files\eDealPop\eDealPop.exe [6144 2014-12-03] ()
HKLM\...\AppCertDlls: [x64] -> c:\program files\settings manager\smdmf\x64\sysapcrt.dll
AppInit_DLLs: C:\Users\Theoyann\AppData\Local\Linkey\IEEXTE~1\iedll.dll => C:\Users\Theoyann\AppData\Local\Linkey\IEEXTE~1\iedll.dll File Not Found
ProxyEnable: [S-1-5-21-1344679419-1875830687-3369350827-1045] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-21-1344679419-1875830687-3369350827-1045] => http=127.0.0.1:12028 [Attention - Possible Proxy Malicieux]
CHR HKLM\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - No Path
CHR HKLM\...\Chrome\Extension: [fpmeembnagmagppkgghhfjfdfajdfcah] - C:\Users\Theoyann\AppData\Local\Linkey\ChromeExtension\ChromeExtension.crx [Not Found]
R2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [715656 2014-09-08] (Cherished Technololgy LIMITED)
R2 keyboardurlmonTask; C:\WINDOWS\system32\keyboardurlmonTask\keyboardurlmonTask.exe [83456 2015-01-16] () [File not signed]
R2 mysqlmemdiagRec; C:\WINDOWS\system32\mysqlmemdiagRec\mysqlmemdiagRec.exe [68608 2014-12-11] () [File not signed]
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [528896 2014-09-08] (Fuyu LIMITED) [File not signed]
R2 appcompilerUI.exe; C:\Users\Theoyann\AppData\Local\appcompilerUI\appcompilerUI.exe [X]
S2 Update Yawtix; C:\Program Files\Yawtix\updateYawtix.exe [X]
R1 {16d667ee-6782-4b21-81df-8ded8ebc3868}Gw; C:\WINDOWS\System32\drivers\{16d667ee-6782-4b21-81df-8ded8ebc3868}Gw.sys [52408 2014-09-05] (StdLib)
2015-01-22 12:23 - 2015-01-22 12:23 - 00000000 ____D () C:\Users\Fredfred\AppData\Local\ZombieInvasion
2015-01-19 10:28 - 2015-01-22 11:50 - 00000000 ____D () C:\Program Files\eDealPop
2015-01-19 10:28 - 2015-01-19 10:28 - 00000000 ____D () C:\Users\Fredfred\AppData\Local\rasmbmgrmsctfmonitorProvider
2015-01-17 10:10 - 2015-01-17 10:10 - 00000000 ____D () C:\WINDOWS\system32\keyboardurlmonTask
2015-01-22 11:52 - 2014-09-08 16:42 - 00000000 ____D () C:\ProgramData\IePluginServices
2015-01-22 11:50 - 2014-09-08 16:41 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
Une fois, le texte coller dans le bloc-note.
Menu Fichier puis Enregistrer sous.
A gauche, place toi sur le bureau.
Dans le champs en bas, nom du fichier mets : fixlist.txt
Clic sur Enregistrer - cela va créer un fichier fixlist.txt sur le bureau.
Relance FRST et clic sur le bouton Fix
Selon comment un redémarrage est nécessaire (pas obligatoire).
Un fichier texte apparaît, copie/colle le contenu ici dans un nouveau message.
Redémarre l'ordinateur
Si internet ne fonctionne plus, suis la procédure notée pour supprimer les proxys.
Désinstalle McAfee Security Scan
Like the angel you are, you laugh creating a lightness in my chest,
Your eyes they penetrate me,
(Your answer's always 'maybe')
That's when I got up and left
Voici la correction à effectuer avec FRST.
Tu peux t'inspirer de cette note explicative avec des captures d'écran pour t'aider: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/#fix
Ouvre le bloc-notes : Touche Windows + R, dans le champs executer, tape notepad et OK.
Copie/colle dedans ce qui suit :
HKLM\...\Run: [mbot_fr_71] => [X]
HKLM\...\Run: [eDealPop] => C:\Program Files\eDealPop\eDealPop.exe [6144 2014-12-03] ()
HKLM\...\AppCertDlls: [x64] -> c:\program files\settings manager\smdmf\x64\sysapcrt.dll
AppInit_DLLs: C:\Users\Theoyann\AppData\Local\Linkey\IEEXTE~1\iedll.dll => C:\Users\Theoyann\AppData\Local\Linkey\IEEXTE~1\iedll.dll File Not Found
ProxyEnable: [S-1-5-21-1344679419-1875830687-3369350827-1045] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-21-1344679419-1875830687-3369350827-1045] => http=127.0.0.1:12028 [Attention - Possible Proxy Malicieux]
CHR HKLM\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - No Path
CHR HKLM\...\Chrome\Extension: [fpmeembnagmagppkgghhfjfdfajdfcah] - C:\Users\Theoyann\AppData\Local\Linkey\ChromeExtension\ChromeExtension.crx [Not Found]
R2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [715656 2014-09-08] (Cherished Technololgy LIMITED)
R2 keyboardurlmonTask; C:\WINDOWS\system32\keyboardurlmonTask\keyboardurlmonTask.exe [83456 2015-01-16] () [File not signed]
R2 mysqlmemdiagRec; C:\WINDOWS\system32\mysqlmemdiagRec\mysqlmemdiagRec.exe [68608 2014-12-11] () [File not signed]
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [528896 2014-09-08] (Fuyu LIMITED) [File not signed]
R2 appcompilerUI.exe; C:\Users\Theoyann\AppData\Local\appcompilerUI\appcompilerUI.exe [X]
S2 Update Yawtix; C:\Program Files\Yawtix\updateYawtix.exe [X]
R1 {16d667ee-6782-4b21-81df-8ded8ebc3868}Gw; C:\WINDOWS\System32\drivers\{16d667ee-6782-4b21-81df-8ded8ebc3868}Gw.sys [52408 2014-09-05] (StdLib)
2015-01-22 12:23 - 2015-01-22 12:23 - 00000000 ____D () C:\Users\Fredfred\AppData\Local\ZombieInvasion
2015-01-19 10:28 - 2015-01-22 11:50 - 00000000 ____D () C:\Program Files\eDealPop
2015-01-19 10:28 - 2015-01-19 10:28 - 00000000 ____D () C:\Users\Fredfred\AppData\Local\rasmbmgrmsctfmonitorProvider
2015-01-17 10:10 - 2015-01-17 10:10 - 00000000 ____D () C:\WINDOWS\system32\keyboardurlmonTask
2015-01-22 11:52 - 2014-09-08 16:42 - 00000000 ____D () C:\ProgramData\IePluginServices
2015-01-22 11:50 - 2014-09-08 16:41 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
Une fois, le texte coller dans le bloc-note.
Menu Fichier puis Enregistrer sous.
A gauche, place toi sur le bureau.
Dans le champs en bas, nom du fichier mets : fixlist.txt
Clic sur Enregistrer - cela va créer un fichier fixlist.txt sur le bureau.
Relance FRST et clic sur le bouton Fix
Selon comment un redémarrage est nécessaire (pas obligatoire).
Un fichier texte apparaît, copie/colle le contenu ici dans un nouveau message.
Redémarre l'ordinateur
Si internet ne fonctionne plus, suis la procédure notée pour supprimer les proxys.
Désinstalle McAfee Security Scan
Like the angel you are, you laugh creating a lightness in my chest,
Your eyes they penetrate me,
(Your answer's always 'maybe')
That's when I got up and left
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 19-01-2015
Ran by Fredfred at 2015-01-22 16:16:15 Run:1
Running from C:\Users\Fredfred\Desktop
Loaded Profiles: Theoyann & Fredfred & UpdatusUser (Available profiles: Theoyann & Fredfred & Fred & UpdatusUser)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
HKLM\...\Run: [mbot_fr_71] => [X]
HKLM\...\Run: [eDealPop] => C:\Program Files\eDealPop\eDealPop.exe [6144 2014-12-03] ()
HKLM\...\AppCertDlls: [x64] -> c:\program files\settings manager\smdmf\x64\sysapcrt.dll
AppInit_DLLs: C:\Users\Theoyann\AppData\Local\Linkey\IEEXTE~1\iedll.dll => C:\Users\Theoyann\AppData\Local\Linkey\IEEXTE~1\iedll.dll File Not Found
ProxyEnable: [S-1-5-21-1344679419-1875830687-3369350827-1045] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-21-1344679419-1875830687-3369350827-1045] => http=127.0.0.1:12028 [Attention - Possible Proxy Malicieux]
CHR HKLM\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - No Path
CHR HKLM\...\Chrome\Extension: [fpmeembnagmagppkgghhfjfdfajdfcah] - C:\Users\Theoyann\AppData\Local\Linkey\ChromeExtension\ChromeExtension.crx [Not Found]
R2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [715656 2014-09-08] (Cherished Technololgy LIMITED)
R2 keyboardurlmonTask; C:\WINDOWS\system32\keyboardurlmonTask\keyboardurlmonTask.exe [83456 2015-01-16] () [File not signed]
R2 mysqlmemdiagRec; C:\WINDOWS\system32\mysqlmemdiagRec\mysqlmemdiagRec.exe [68608 2014-12-11] () [File not signed]
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [528896 2014-09-08] (Fuyu LIMITED) [File not signed]
R2 appcompilerUI.exe; C:\Users\Theoyann\AppData\Local\appcompilerUI\appcompilerUI.exe [X]
S2 Update Yawtix; C:\Program Files\Yawtix\updateYawtix.exe [X]
R1 {16d667ee-6782-4b21-81df-8ded8ebc3868}Gw; C:\WINDOWS\System32\drivers\{16d667ee-6782-4b21-81df-8ded8ebc3868}Gw.sys [52408 2014-09-05] (StdLib)
2015-01-22 12:23 - 2015-01-22 12:23 - 00000000 ____D () C:\Users\Fredfred\AppData\Local\ZombieInvasion
2015-01-19 10:28 - 2015-01-22 11:50 - 00000000 ____D () C:\Program Files\eDealPop
2015-01-19 10:28 - 2015-01-19 10:28 - 00000000 ____D () C:\Users\Fredfred\AppData\Local\rasmbmgrmsctfmonitorProvider
2015-01-17 10:10 - 2015-01-17 10:10 - 00000000 ____D () C:\WINDOWS\system32\keyboardurlmonTask
2015-01-22 11:52 - 2014-09-08 16:42 - 00000000 ____D () C:\ProgramData\IePluginServices
2015-01-22 11:50 - 2014-09-08 16:41 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
*****************
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\mbot_fr_71 => Value could not be deleted.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\eDealPop => Value could not be deleted.
HKLM\System\CurrentControlSet\Control\Session Manager\AppCertDlls\\x64 => Value could not be deleted.
"C:\Users\Theoyann\AppData\Local\Linkey\IEEXTE~1\iedll.dll" => Error removing Value Data.
HKU\S-1-5-21-1344679419-1875830687-3369350827-1045\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value deleted successfully.
HKU\S-1-5-21-1344679419-1875830687-3369350827-1045\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value deleted successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh => Key could not be deleted. Access denied.
HKLM\SOFTWARE\Google\Chrome\Extensions\fpmeembnagmagppkgghhfjfdfajdfcah => Key could not be deleted. Access denied.
IePluginServices => Unable to stop service
IePluginServices => Error deleting Service
keyboardurlmonTask => Unable to stop service
keyboardurlmonTask => Error deleting Service
mysqlmemdiagRec => Unable to stop service
mysqlmemdiagRec => Error deleting Service
WindowsMangerProtect => Unable to stop service
WindowsMangerProtect => Error deleting Service
appcompilerUI.exe => Unable to stop service
appcompilerUI.exe => Error deleting Service
Update Yawtix => Error deleting Service
{16d667ee-6782-4b21-81df-8ded8ebc3868}Gw => Unable to stop service
{16d667ee-6782-4b21-81df-8ded8ebc3868}Gw => Error deleting Service
C:\Users\Fredfred\AppData\Local\ZombieInvasion => Moved successfully.
"C:\Program Files\eDealPop" directory move:
Could not move "C:\Program Files\eDealPop\eDealPop.exe" => Scheduled to move on reboot.
Could not move "C:\Program Files\eDealPop\msvcp100.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\eDealPop\msvcr100.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\eDealPop\unins000.exe" => Scheduled to move on reboot.
Could not move "C:\Program Files\eDealPop" directory. => Scheduled to move on reboot.
"C:\Users\Fredfred\AppData\Local\rasmbmgrmsctfmonitorProvider" directory move:
Could not move "C:\Users\Fredfred\AppData\Local\rasmbmgrmsctfmonitorProvider" directory. => Scheduled to move on reboot.
"C:\WINDOWS\system32\keyboardurlmonTask" directory move:
Could not move "C:\WINDOWS\system32\keyboardurlmonTask\keyboardurlmonTask.exe" => Scheduled to move on reboot.
Could not move "C:\WINDOWS\system32\keyboardurlmonTask\msvcp100.dll" => Scheduled to move on reboot.
Could not move "C:\WINDOWS\system32\keyboardurlmonTask\msvcr100.dll" => Scheduled to move on reboot.
Could not move "C:\WINDOWS\system32\keyboardurlmonTask\QtCore4.dll" => Scheduled to move on reboot.
Could not move "C:\WINDOWS\system32\keyboardurlmonTask\QtNetwork4.dll" => Scheduled to move on reboot.
Could not move "C:\WINDOWS\system32\keyboardurlmonTask" directory. => Scheduled to move on reboot.
"C:\ProgramData\IePluginServices" directory move:
Could not move "C:\ProgramData\IePluginServices\PluginService.exe" => Scheduled to move on reboot.
Could not move "C:\ProgramData\IePluginServices\update\conf" => Scheduled to move on reboot.
Could not move "C:\ProgramData\IePluginServices" directory. => Scheduled to move on reboot.
"C:\ProgramData\WindowsMangerProtect" directory move:
Could not move "C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe" => Scheduled to move on reboot.
Could not move "C:\ProgramData\WindowsMangerProtect\update\conf" => Scheduled to move on reboot.
Could not move "C:\ProgramData\WindowsMangerProtect\update\update.exe" => Scheduled to move on reboot.
Could not move "C:\ProgramData\WindowsMangerProtect" directory. => Scheduled to move on reboot.
=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2015-01-22 16:24:29)<=
==> ATTENTION: System is not rebooted.
"C:\Program Files\eDealPop\eDealPop.exe" => File could not move.
"C:\Program Files\eDealPop\msvcp100.dll" => File could not move.
"C:\Program Files\eDealPop\msvcr100.dll" => File could not move.
"C:\Program Files\eDealPop\unins000.exe" => File could not move.
"C:\Program Files\eDealPop" => Directory could not move.
"C:\Users\Fredfred\AppData\Local\rasmbmgrmsctfmonitorProvider" => Directory could not move.
"C:\WINDOWS\system32\keyboardurlmonTask\keyboardurlmonTask.exe" => File could not move.
"C:\WINDOWS\system32\keyboardurlmonTask\msvcp100.dll" => File could not move.
"C:\WINDOWS\system32\keyboardurlmonTask\msvcr100.dll" => File could not move.
"C:\WINDOWS\system32\keyboardurlmonTask\QtCore4.dll" => File could not move.
"C:\WINDOWS\system32\keyboardurlmonTask\QtNetwork4.dll" => File could not move.
"C:\WINDOWS\system32\keyboardurlmonTask" => Directory could not move.
"C:\ProgramData\IePluginServices\PluginService.exe" => File could not move.
"C:\ProgramData\IePluginServices\update\conf" => File could not move.
"C:\ProgramData\IePluginServices" => Directory could not move.
"C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe" => File could not move.
"C:\ProgramData\WindowsMangerProtect\update\conf" => File could not move.
"C:\ProgramData\WindowsMangerProtect\update\update.exe" => File could not move.
"C:\ProgramData\WindowsMangerProtect" => Directory could not move.
==== End of Fixlog 16:24:30 ====
Ran by Fredfred at 2015-01-22 16:16:15 Run:1
Running from C:\Users\Fredfred\Desktop
Loaded Profiles: Theoyann & Fredfred & UpdatusUser (Available profiles: Theoyann & Fredfred & Fred & UpdatusUser)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
HKLM\...\Run: [mbot_fr_71] => [X]
HKLM\...\Run: [eDealPop] => C:\Program Files\eDealPop\eDealPop.exe [6144 2014-12-03] ()
HKLM\...\AppCertDlls: [x64] -> c:\program files\settings manager\smdmf\x64\sysapcrt.dll
AppInit_DLLs: C:\Users\Theoyann\AppData\Local\Linkey\IEEXTE~1\iedll.dll => C:\Users\Theoyann\AppData\Local\Linkey\IEEXTE~1\iedll.dll File Not Found
ProxyEnable: [S-1-5-21-1344679419-1875830687-3369350827-1045] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-21-1344679419-1875830687-3369350827-1045] => http=127.0.0.1:12028 [Attention - Possible Proxy Malicieux]
CHR HKLM\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - No Path
CHR HKLM\...\Chrome\Extension: [fpmeembnagmagppkgghhfjfdfajdfcah] - C:\Users\Theoyann\AppData\Local\Linkey\ChromeExtension\ChromeExtension.crx [Not Found]
R2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [715656 2014-09-08] (Cherished Technololgy LIMITED)
R2 keyboardurlmonTask; C:\WINDOWS\system32\keyboardurlmonTask\keyboardurlmonTask.exe [83456 2015-01-16] () [File not signed]
R2 mysqlmemdiagRec; C:\WINDOWS\system32\mysqlmemdiagRec\mysqlmemdiagRec.exe [68608 2014-12-11] () [File not signed]
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [528896 2014-09-08] (Fuyu LIMITED) [File not signed]
R2 appcompilerUI.exe; C:\Users\Theoyann\AppData\Local\appcompilerUI\appcompilerUI.exe [X]
S2 Update Yawtix; C:\Program Files\Yawtix\updateYawtix.exe [X]
R1 {16d667ee-6782-4b21-81df-8ded8ebc3868}Gw; C:\WINDOWS\System32\drivers\{16d667ee-6782-4b21-81df-8ded8ebc3868}Gw.sys [52408 2014-09-05] (StdLib)
2015-01-22 12:23 - 2015-01-22 12:23 - 00000000 ____D () C:\Users\Fredfred\AppData\Local\ZombieInvasion
2015-01-19 10:28 - 2015-01-22 11:50 - 00000000 ____D () C:\Program Files\eDealPop
2015-01-19 10:28 - 2015-01-19 10:28 - 00000000 ____D () C:\Users\Fredfred\AppData\Local\rasmbmgrmsctfmonitorProvider
2015-01-17 10:10 - 2015-01-17 10:10 - 00000000 ____D () C:\WINDOWS\system32\keyboardurlmonTask
2015-01-22 11:52 - 2014-09-08 16:42 - 00000000 ____D () C:\ProgramData\IePluginServices
2015-01-22 11:50 - 2014-09-08 16:41 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
*****************
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\mbot_fr_71 => Value could not be deleted.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\eDealPop => Value could not be deleted.
HKLM\System\CurrentControlSet\Control\Session Manager\AppCertDlls\\x64 => Value could not be deleted.
"C:\Users\Theoyann\AppData\Local\Linkey\IEEXTE~1\iedll.dll" => Error removing Value Data.
HKU\S-1-5-21-1344679419-1875830687-3369350827-1045\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value deleted successfully.
HKU\S-1-5-21-1344679419-1875830687-3369350827-1045\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value deleted successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh => Key could not be deleted. Access denied.
HKLM\SOFTWARE\Google\Chrome\Extensions\fpmeembnagmagppkgghhfjfdfajdfcah => Key could not be deleted. Access denied.
IePluginServices => Unable to stop service
IePluginServices => Error deleting Service
keyboardurlmonTask => Unable to stop service
keyboardurlmonTask => Error deleting Service
mysqlmemdiagRec => Unable to stop service
mysqlmemdiagRec => Error deleting Service
WindowsMangerProtect => Unable to stop service
WindowsMangerProtect => Error deleting Service
appcompilerUI.exe => Unable to stop service
appcompilerUI.exe => Error deleting Service
Update Yawtix => Error deleting Service
{16d667ee-6782-4b21-81df-8ded8ebc3868}Gw => Unable to stop service
{16d667ee-6782-4b21-81df-8ded8ebc3868}Gw => Error deleting Service
C:\Users\Fredfred\AppData\Local\ZombieInvasion => Moved successfully.
"C:\Program Files\eDealPop" directory move:
Could not move "C:\Program Files\eDealPop\eDealPop.exe" => Scheduled to move on reboot.
Could not move "C:\Program Files\eDealPop\msvcp100.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\eDealPop\msvcr100.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\eDealPop\unins000.exe" => Scheduled to move on reboot.
Could not move "C:\Program Files\eDealPop" directory. => Scheduled to move on reboot.
"C:\Users\Fredfred\AppData\Local\rasmbmgrmsctfmonitorProvider" directory move:
Could not move "C:\Users\Fredfred\AppData\Local\rasmbmgrmsctfmonitorProvider" directory. => Scheduled to move on reboot.
"C:\WINDOWS\system32\keyboardurlmonTask" directory move:
Could not move "C:\WINDOWS\system32\keyboardurlmonTask\keyboardurlmonTask.exe" => Scheduled to move on reboot.
Could not move "C:\WINDOWS\system32\keyboardurlmonTask\msvcp100.dll" => Scheduled to move on reboot.
Could not move "C:\WINDOWS\system32\keyboardurlmonTask\msvcr100.dll" => Scheduled to move on reboot.
Could not move "C:\WINDOWS\system32\keyboardurlmonTask\QtCore4.dll" => Scheduled to move on reboot.
Could not move "C:\WINDOWS\system32\keyboardurlmonTask\QtNetwork4.dll" => Scheduled to move on reboot.
Could not move "C:\WINDOWS\system32\keyboardurlmonTask" directory. => Scheduled to move on reboot.
"C:\ProgramData\IePluginServices" directory move:
Could not move "C:\ProgramData\IePluginServices\PluginService.exe" => Scheduled to move on reboot.
Could not move "C:\ProgramData\IePluginServices\update\conf" => Scheduled to move on reboot.
Could not move "C:\ProgramData\IePluginServices" directory. => Scheduled to move on reboot.
"C:\ProgramData\WindowsMangerProtect" directory move:
Could not move "C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe" => Scheduled to move on reboot.
Could not move "C:\ProgramData\WindowsMangerProtect\update\conf" => Scheduled to move on reboot.
Could not move "C:\ProgramData\WindowsMangerProtect\update\update.exe" => Scheduled to move on reboot.
Could not move "C:\ProgramData\WindowsMangerProtect" directory. => Scheduled to move on reboot.
=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2015-01-22 16:24:29)<=
==> ATTENTION: System is not rebooted.
"C:\Program Files\eDealPop\eDealPop.exe" => File could not move.
"C:\Program Files\eDealPop\msvcp100.dll" => File could not move.
"C:\Program Files\eDealPop\msvcr100.dll" => File could not move.
"C:\Program Files\eDealPop\unins000.exe" => File could not move.
"C:\Program Files\eDealPop" => Directory could not move.
"C:\Users\Fredfred\AppData\Local\rasmbmgrmsctfmonitorProvider" => Directory could not move.
"C:\WINDOWS\system32\keyboardurlmonTask\keyboardurlmonTask.exe" => File could not move.
"C:\WINDOWS\system32\keyboardurlmonTask\msvcp100.dll" => File could not move.
"C:\WINDOWS\system32\keyboardurlmonTask\msvcr100.dll" => File could not move.
"C:\WINDOWS\system32\keyboardurlmonTask\QtCore4.dll" => File could not move.
"C:\WINDOWS\system32\keyboardurlmonTask\QtNetwork4.dll" => File could not move.
"C:\WINDOWS\system32\keyboardurlmonTask" => Directory could not move.
"C:\ProgramData\IePluginServices\PluginService.exe" => File could not move.
"C:\ProgramData\IePluginServices\update\conf" => File could not move.
"C:\ProgramData\IePluginServices" => Directory could not move.
"C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe" => File could not move.
"C:\ProgramData\WindowsMangerProtect\update\conf" => File could not move.
"C:\ProgramData\WindowsMangerProtect\update\update.exe" => File could not move.
"C:\ProgramData\WindowsMangerProtect" => Directory could not move.
==== End of Fixlog 16:24:30 ====
