Problème ad by deals
Fermé
nanou2974
Messages postés
5
Date d'inscription
jeudi 22 janvier 2015
Statut
Membre
Dernière intervention
22 janvier 2015
-
22 janv. 2015 à 12:43
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 - 22 janv. 2015 à 16:33
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 - 22 janv. 2015 à 16:33
A voir également:
- Problème ad by deals
- Shop deals - Guide
- Youtube ad blocker - Guide
- Ads by cooking ✓ - Forum Virus
- ".Ms-ad" ✓ - Forum Windows
- Home by me - Télécharger - 3D
7 réponses
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 651
22 janv. 2015 à 12:43
22 janv. 2015 à 12:43
Salut,
Suis ce tutoriel FRST: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/
Cela va générer trois rapports FRST :
* FRST.txt
* Shortcut.txt
* Additionnal.txt
Envoie comme expliqué, ces trois rapports sur le site pjjoint et donne les trois liens pjjoint de ces rapports afin qu'ils puissent être consultés.
Suis ce tutoriel FRST: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/
Cela va générer trois rapports FRST :
* FRST.txt
* Shortcut.txt
* Additionnal.txt
Envoie comme expliqué, ces trois rapports sur le site pjjoint et donne les trois liens pjjoint de ces rapports afin qu'ils puissent être consultés.
nanou2974
Messages postés
5
Date d'inscription
jeudi 22 janvier 2015
Statut
Membre
Dernière intervention
22 janvier 2015
22 janv. 2015 à 13:53
22 janv. 2015 à 13:53
Mon pc indique pour type: pc a base x86 je ne peux donc pas exécuter farbar!
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 651
22 janv. 2015 à 14:42
22 janv. 2015 à 14:42
Prends la bonne version..
nanou2974
Messages postés
5
Date d'inscription
jeudi 22 janvier 2015
Statut
Membre
Dernière intervention
22 janvier 2015
22 janv. 2015 à 15:28
22 janv. 2015 à 15:28
Voila, j'ai fini par y arriver. Désolée hein mais nous n'avons pas le meme niveau en informatique ;-)
https://pjjoint.malekal.com/files.php?id=FRST_20150122_w12v10h12p10p10
https://pjjoint.malekal.com/files.php?id=20150122_y14w1415f15w12
https://pjjoint.malekal.com/files.php?id=20150122_c9y10h9v14l7
https://pjjoint.malekal.com/files.php?id=FRST_20150122_w12v10h12p10p10
https://pjjoint.malekal.com/files.php?id=20150122_y14w1415f15w12
https://pjjoint.malekal.com/files.php?id=20150122_c9y10h9v14l7
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 651
Modifié par Malekal_morte- le 22/01/2015 à 16:06
Modifié par Malekal_morte- le 22/01/2015 à 16:06
Note la procédure pour supprimer les proxys : https://forum.malekal.com/viewtopic.php?t=47404&start=
Voici la correction à effectuer avec FRST.
Tu peux t'inspirer de cette note explicative avec des captures d'écran pour t'aider: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/#fix
Ouvre le bloc-notes : Touche Windows + R, dans le champs executer, tape notepad et OK.
Copie/colle dedans ce qui suit :
HKLM\...\Run: [mbot_fr_71] => [X]
HKLM\...\Run: [eDealPop] => C:\Program Files\eDealPop\eDealPop.exe [6144 2014-12-03] ()
HKLM\...\AppCertDlls: [x64] -> c:\program files\settings manager\smdmf\x64\sysapcrt.dll
AppInit_DLLs: C:\Users\Theoyann\AppData\Local\Linkey\IEEXTE~1\iedll.dll => C:\Users\Theoyann\AppData\Local\Linkey\IEEXTE~1\iedll.dll File Not Found
ProxyEnable: [S-1-5-21-1344679419-1875830687-3369350827-1045] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-21-1344679419-1875830687-3369350827-1045] => http=127.0.0.1:12028 [Attention - Possible Proxy Malicieux]
CHR HKLM\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - No Path
CHR HKLM\...\Chrome\Extension: [fpmeembnagmagppkgghhfjfdfajdfcah] - C:\Users\Theoyann\AppData\Local\Linkey\ChromeExtension\ChromeExtension.crx [Not Found]
R2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [715656 2014-09-08] (Cherished Technololgy LIMITED)
R2 keyboardurlmonTask; C:\WINDOWS\system32\keyboardurlmonTask\keyboardurlmonTask.exe [83456 2015-01-16] () [File not signed]
R2 mysqlmemdiagRec; C:\WINDOWS\system32\mysqlmemdiagRec\mysqlmemdiagRec.exe [68608 2014-12-11] () [File not signed]
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [528896 2014-09-08] (Fuyu LIMITED) [File not signed]
R2 appcompilerUI.exe; C:\Users\Theoyann\AppData\Local\appcompilerUI\appcompilerUI.exe [X]
S2 Update Yawtix; C:\Program Files\Yawtix\updateYawtix.exe [X]
R1 {16d667ee-6782-4b21-81df-8ded8ebc3868}Gw; C:\WINDOWS\System32\drivers\{16d667ee-6782-4b21-81df-8ded8ebc3868}Gw.sys [52408 2014-09-05] (StdLib)
2015-01-22 12:23 - 2015-01-22 12:23 - 00000000 ____D () C:\Users\Fredfred\AppData\Local\ZombieInvasion
2015-01-19 10:28 - 2015-01-22 11:50 - 00000000 ____D () C:\Program Files\eDealPop
2015-01-19 10:28 - 2015-01-19 10:28 - 00000000 ____D () C:\Users\Fredfred\AppData\Local\rasmbmgrmsctfmonitorProvider
2015-01-17 10:10 - 2015-01-17 10:10 - 00000000 ____D () C:\WINDOWS\system32\keyboardurlmonTask
2015-01-22 11:52 - 2014-09-08 16:42 - 00000000 ____D () C:\ProgramData\IePluginServices
2015-01-22 11:50 - 2014-09-08 16:41 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
Une fois, le texte coller dans le bloc-note.
Menu Fichier puis Enregistrer sous.
A gauche, place toi sur le bureau.
Dans le champs en bas, nom du fichier mets : fixlist.txt
Clic sur Enregistrer - cela va créer un fichier fixlist.txt sur le bureau.
Relance FRST et clic sur le bouton Fix
Selon comment un redémarrage est nécessaire (pas obligatoire).
Un fichier texte apparaît, copie/colle le contenu ici dans un nouveau message.
Redémarre l'ordinateur
Si internet ne fonctionne plus, suis la procédure notée pour supprimer les proxys.
Désinstalle McAfee Security Scan
Like the angel you are, you laugh creating a lightness in my chest,
Your eyes they penetrate me,
(Your answer's always 'maybe')
That's when I got up and left
Voici la correction à effectuer avec FRST.
Tu peux t'inspirer de cette note explicative avec des captures d'écran pour t'aider: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/#fix
Ouvre le bloc-notes : Touche Windows + R, dans le champs executer, tape notepad et OK.
Copie/colle dedans ce qui suit :
HKLM\...\Run: [mbot_fr_71] => [X]
HKLM\...\Run: [eDealPop] => C:\Program Files\eDealPop\eDealPop.exe [6144 2014-12-03] ()
HKLM\...\AppCertDlls: [x64] -> c:\program files\settings manager\smdmf\x64\sysapcrt.dll
AppInit_DLLs: C:\Users\Theoyann\AppData\Local\Linkey\IEEXTE~1\iedll.dll => C:\Users\Theoyann\AppData\Local\Linkey\IEEXTE~1\iedll.dll File Not Found
ProxyEnable: [S-1-5-21-1344679419-1875830687-3369350827-1045] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-21-1344679419-1875830687-3369350827-1045] => http=127.0.0.1:12028 [Attention - Possible Proxy Malicieux]
CHR HKLM\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - No Path
CHR HKLM\...\Chrome\Extension: [fpmeembnagmagppkgghhfjfdfajdfcah] - C:\Users\Theoyann\AppData\Local\Linkey\ChromeExtension\ChromeExtension.crx [Not Found]
R2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [715656 2014-09-08] (Cherished Technololgy LIMITED)
R2 keyboardurlmonTask; C:\WINDOWS\system32\keyboardurlmonTask\keyboardurlmonTask.exe [83456 2015-01-16] () [File not signed]
R2 mysqlmemdiagRec; C:\WINDOWS\system32\mysqlmemdiagRec\mysqlmemdiagRec.exe [68608 2014-12-11] () [File not signed]
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [528896 2014-09-08] (Fuyu LIMITED) [File not signed]
R2 appcompilerUI.exe; C:\Users\Theoyann\AppData\Local\appcompilerUI\appcompilerUI.exe [X]
S2 Update Yawtix; C:\Program Files\Yawtix\updateYawtix.exe [X]
R1 {16d667ee-6782-4b21-81df-8ded8ebc3868}Gw; C:\WINDOWS\System32\drivers\{16d667ee-6782-4b21-81df-8ded8ebc3868}Gw.sys [52408 2014-09-05] (StdLib)
2015-01-22 12:23 - 2015-01-22 12:23 - 00000000 ____D () C:\Users\Fredfred\AppData\Local\ZombieInvasion
2015-01-19 10:28 - 2015-01-22 11:50 - 00000000 ____D () C:\Program Files\eDealPop
2015-01-19 10:28 - 2015-01-19 10:28 - 00000000 ____D () C:\Users\Fredfred\AppData\Local\rasmbmgrmsctfmonitorProvider
2015-01-17 10:10 - 2015-01-17 10:10 - 00000000 ____D () C:\WINDOWS\system32\keyboardurlmonTask
2015-01-22 11:52 - 2014-09-08 16:42 - 00000000 ____D () C:\ProgramData\IePluginServices
2015-01-22 11:50 - 2014-09-08 16:41 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
Une fois, le texte coller dans le bloc-note.
Menu Fichier puis Enregistrer sous.
A gauche, place toi sur le bureau.
Dans le champs en bas, nom du fichier mets : fixlist.txt
Clic sur Enregistrer - cela va créer un fichier fixlist.txt sur le bureau.
Relance FRST et clic sur le bouton Fix
Selon comment un redémarrage est nécessaire (pas obligatoire).
Un fichier texte apparaît, copie/colle le contenu ici dans un nouveau message.
Redémarre l'ordinateur
Si internet ne fonctionne plus, suis la procédure notée pour supprimer les proxys.
Désinstalle McAfee Security Scan
Like the angel you are, you laugh creating a lightness in my chest,
Your eyes they penetrate me,
(Your answer's always 'maybe')
That's when I got up and left
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
nanou2974
Messages postés
5
Date d'inscription
jeudi 22 janvier 2015
Statut
Membre
Dernière intervention
22 janvier 2015
22 janv. 2015 à 16:29
22 janv. 2015 à 16:29
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 19-01-2015
Ran by Fredfred at 2015-01-22 16:16:15 Run:1
Running from C:\Users\Fredfred\Desktop
Loaded Profiles: Theoyann & Fredfred & UpdatusUser (Available profiles: Theoyann & Fredfred & Fred & UpdatusUser)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
HKLM\...\Run: [mbot_fr_71] => [X]
HKLM\...\Run: [eDealPop] => C:\Program Files\eDealPop\eDealPop.exe [6144 2014-12-03] ()
HKLM\...\AppCertDlls: [x64] -> c:\program files\settings manager\smdmf\x64\sysapcrt.dll
AppInit_DLLs: C:\Users\Theoyann\AppData\Local\Linkey\IEEXTE~1\iedll.dll => C:\Users\Theoyann\AppData\Local\Linkey\IEEXTE~1\iedll.dll File Not Found
ProxyEnable: [S-1-5-21-1344679419-1875830687-3369350827-1045] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-21-1344679419-1875830687-3369350827-1045] => http=127.0.0.1:12028 [Attention - Possible Proxy Malicieux]
CHR HKLM\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - No Path
CHR HKLM\...\Chrome\Extension: [fpmeembnagmagppkgghhfjfdfajdfcah] - C:\Users\Theoyann\AppData\Local\Linkey\ChromeExtension\ChromeExtension.crx [Not Found]
R2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [715656 2014-09-08] (Cherished Technololgy LIMITED)
R2 keyboardurlmonTask; C:\WINDOWS\system32\keyboardurlmonTask\keyboardurlmonTask.exe [83456 2015-01-16] () [File not signed]
R2 mysqlmemdiagRec; C:\WINDOWS\system32\mysqlmemdiagRec\mysqlmemdiagRec.exe [68608 2014-12-11] () [File not signed]
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [528896 2014-09-08] (Fuyu LIMITED) [File not signed]
R2 appcompilerUI.exe; C:\Users\Theoyann\AppData\Local\appcompilerUI\appcompilerUI.exe [X]
S2 Update Yawtix; C:\Program Files\Yawtix\updateYawtix.exe [X]
R1 {16d667ee-6782-4b21-81df-8ded8ebc3868}Gw; C:\WINDOWS\System32\drivers\{16d667ee-6782-4b21-81df-8ded8ebc3868}Gw.sys [52408 2014-09-05] (StdLib)
2015-01-22 12:23 - 2015-01-22 12:23 - 00000000 ____D () C:\Users\Fredfred\AppData\Local\ZombieInvasion
2015-01-19 10:28 - 2015-01-22 11:50 - 00000000 ____D () C:\Program Files\eDealPop
2015-01-19 10:28 - 2015-01-19 10:28 - 00000000 ____D () C:\Users\Fredfred\AppData\Local\rasmbmgrmsctfmonitorProvider
2015-01-17 10:10 - 2015-01-17 10:10 - 00000000 ____D () C:\WINDOWS\system32\keyboardurlmonTask
2015-01-22 11:52 - 2014-09-08 16:42 - 00000000 ____D () C:\ProgramData\IePluginServices
2015-01-22 11:50 - 2014-09-08 16:41 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
*****************
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\mbot_fr_71 => Value could not be deleted.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\eDealPop => Value could not be deleted.
HKLM\System\CurrentControlSet\Control\Session Manager\AppCertDlls\\x64 => Value could not be deleted.
"C:\Users\Theoyann\AppData\Local\Linkey\IEEXTE~1\iedll.dll" => Error removing Value Data.
HKU\S-1-5-21-1344679419-1875830687-3369350827-1045\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value deleted successfully.
HKU\S-1-5-21-1344679419-1875830687-3369350827-1045\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value deleted successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh => Key could not be deleted. Access denied.
HKLM\SOFTWARE\Google\Chrome\Extensions\fpmeembnagmagppkgghhfjfdfajdfcah => Key could not be deleted. Access denied.
IePluginServices => Unable to stop service
IePluginServices => Error deleting Service
keyboardurlmonTask => Unable to stop service
keyboardurlmonTask => Error deleting Service
mysqlmemdiagRec => Unable to stop service
mysqlmemdiagRec => Error deleting Service
WindowsMangerProtect => Unable to stop service
WindowsMangerProtect => Error deleting Service
appcompilerUI.exe => Unable to stop service
appcompilerUI.exe => Error deleting Service
Update Yawtix => Error deleting Service
{16d667ee-6782-4b21-81df-8ded8ebc3868}Gw => Unable to stop service
{16d667ee-6782-4b21-81df-8ded8ebc3868}Gw => Error deleting Service
C:\Users\Fredfred\AppData\Local\ZombieInvasion => Moved successfully.
"C:\Program Files\eDealPop" directory move:
Could not move "C:\Program Files\eDealPop\eDealPop.exe" => Scheduled to move on reboot.
Could not move "C:\Program Files\eDealPop\msvcp100.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\eDealPop\msvcr100.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\eDealPop\unins000.exe" => Scheduled to move on reboot.
Could not move "C:\Program Files\eDealPop" directory. => Scheduled to move on reboot.
"C:\Users\Fredfred\AppData\Local\rasmbmgrmsctfmonitorProvider" directory move:
Could not move "C:\Users\Fredfred\AppData\Local\rasmbmgrmsctfmonitorProvider" directory. => Scheduled to move on reboot.
"C:\WINDOWS\system32\keyboardurlmonTask" directory move:
Could not move "C:\WINDOWS\system32\keyboardurlmonTask\keyboardurlmonTask.exe" => Scheduled to move on reboot.
Could not move "C:\WINDOWS\system32\keyboardurlmonTask\msvcp100.dll" => Scheduled to move on reboot.
Could not move "C:\WINDOWS\system32\keyboardurlmonTask\msvcr100.dll" => Scheduled to move on reboot.
Could not move "C:\WINDOWS\system32\keyboardurlmonTask\QtCore4.dll" => Scheduled to move on reboot.
Could not move "C:\WINDOWS\system32\keyboardurlmonTask\QtNetwork4.dll" => Scheduled to move on reboot.
Could not move "C:\WINDOWS\system32\keyboardurlmonTask" directory. => Scheduled to move on reboot.
"C:\ProgramData\IePluginServices" directory move:
Could not move "C:\ProgramData\IePluginServices\PluginService.exe" => Scheduled to move on reboot.
Could not move "C:\ProgramData\IePluginServices\update\conf" => Scheduled to move on reboot.
Could not move "C:\ProgramData\IePluginServices" directory. => Scheduled to move on reboot.
"C:\ProgramData\WindowsMangerProtect" directory move:
Could not move "C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe" => Scheduled to move on reboot.
Could not move "C:\ProgramData\WindowsMangerProtect\update\conf" => Scheduled to move on reboot.
Could not move "C:\ProgramData\WindowsMangerProtect\update\update.exe" => Scheduled to move on reboot.
Could not move "C:\ProgramData\WindowsMangerProtect" directory. => Scheduled to move on reboot.
=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2015-01-22 16:24:29)<=
==> ATTENTION: System is not rebooted.
"C:\Program Files\eDealPop\eDealPop.exe" => File could not move.
"C:\Program Files\eDealPop\msvcp100.dll" => File could not move.
"C:\Program Files\eDealPop\msvcr100.dll" => File could not move.
"C:\Program Files\eDealPop\unins000.exe" => File could not move.
"C:\Program Files\eDealPop" => Directory could not move.
"C:\Users\Fredfred\AppData\Local\rasmbmgrmsctfmonitorProvider" => Directory could not move.
"C:\WINDOWS\system32\keyboardurlmonTask\keyboardurlmonTask.exe" => File could not move.
"C:\WINDOWS\system32\keyboardurlmonTask\msvcp100.dll" => File could not move.
"C:\WINDOWS\system32\keyboardurlmonTask\msvcr100.dll" => File could not move.
"C:\WINDOWS\system32\keyboardurlmonTask\QtCore4.dll" => File could not move.
"C:\WINDOWS\system32\keyboardurlmonTask\QtNetwork4.dll" => File could not move.
"C:\WINDOWS\system32\keyboardurlmonTask" => Directory could not move.
"C:\ProgramData\IePluginServices\PluginService.exe" => File could not move.
"C:\ProgramData\IePluginServices\update\conf" => File could not move.
"C:\ProgramData\IePluginServices" => Directory could not move.
"C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe" => File could not move.
"C:\ProgramData\WindowsMangerProtect\update\conf" => File could not move.
"C:\ProgramData\WindowsMangerProtect\update\update.exe" => File could not move.
"C:\ProgramData\WindowsMangerProtect" => Directory could not move.
==== End of Fixlog 16:24:30 ====
Ran by Fredfred at 2015-01-22 16:16:15 Run:1
Running from C:\Users\Fredfred\Desktop
Loaded Profiles: Theoyann & Fredfred & UpdatusUser (Available profiles: Theoyann & Fredfred & Fred & UpdatusUser)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
HKLM\...\Run: [mbot_fr_71] => [X]
HKLM\...\Run: [eDealPop] => C:\Program Files\eDealPop\eDealPop.exe [6144 2014-12-03] ()
HKLM\...\AppCertDlls: [x64] -> c:\program files\settings manager\smdmf\x64\sysapcrt.dll
AppInit_DLLs: C:\Users\Theoyann\AppData\Local\Linkey\IEEXTE~1\iedll.dll => C:\Users\Theoyann\AppData\Local\Linkey\IEEXTE~1\iedll.dll File Not Found
ProxyEnable: [S-1-5-21-1344679419-1875830687-3369350827-1045] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-21-1344679419-1875830687-3369350827-1045] => http=127.0.0.1:12028 [Attention - Possible Proxy Malicieux]
CHR HKLM\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - No Path
CHR HKLM\...\Chrome\Extension: [fpmeembnagmagppkgghhfjfdfajdfcah] - C:\Users\Theoyann\AppData\Local\Linkey\ChromeExtension\ChromeExtension.crx [Not Found]
R2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [715656 2014-09-08] (Cherished Technololgy LIMITED)
R2 keyboardurlmonTask; C:\WINDOWS\system32\keyboardurlmonTask\keyboardurlmonTask.exe [83456 2015-01-16] () [File not signed]
R2 mysqlmemdiagRec; C:\WINDOWS\system32\mysqlmemdiagRec\mysqlmemdiagRec.exe [68608 2014-12-11] () [File not signed]
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [528896 2014-09-08] (Fuyu LIMITED) [File not signed]
R2 appcompilerUI.exe; C:\Users\Theoyann\AppData\Local\appcompilerUI\appcompilerUI.exe [X]
S2 Update Yawtix; C:\Program Files\Yawtix\updateYawtix.exe [X]
R1 {16d667ee-6782-4b21-81df-8ded8ebc3868}Gw; C:\WINDOWS\System32\drivers\{16d667ee-6782-4b21-81df-8ded8ebc3868}Gw.sys [52408 2014-09-05] (StdLib)
2015-01-22 12:23 - 2015-01-22 12:23 - 00000000 ____D () C:\Users\Fredfred\AppData\Local\ZombieInvasion
2015-01-19 10:28 - 2015-01-22 11:50 - 00000000 ____D () C:\Program Files\eDealPop
2015-01-19 10:28 - 2015-01-19 10:28 - 00000000 ____D () C:\Users\Fredfred\AppData\Local\rasmbmgrmsctfmonitorProvider
2015-01-17 10:10 - 2015-01-17 10:10 - 00000000 ____D () C:\WINDOWS\system32\keyboardurlmonTask
2015-01-22 11:52 - 2014-09-08 16:42 - 00000000 ____D () C:\ProgramData\IePluginServices
2015-01-22 11:50 - 2014-09-08 16:41 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
*****************
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\mbot_fr_71 => Value could not be deleted.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\eDealPop => Value could not be deleted.
HKLM\System\CurrentControlSet\Control\Session Manager\AppCertDlls\\x64 => Value could not be deleted.
"C:\Users\Theoyann\AppData\Local\Linkey\IEEXTE~1\iedll.dll" => Error removing Value Data.
HKU\S-1-5-21-1344679419-1875830687-3369350827-1045\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value deleted successfully.
HKU\S-1-5-21-1344679419-1875830687-3369350827-1045\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value deleted successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh => Key could not be deleted. Access denied.
HKLM\SOFTWARE\Google\Chrome\Extensions\fpmeembnagmagppkgghhfjfdfajdfcah => Key could not be deleted. Access denied.
IePluginServices => Unable to stop service
IePluginServices => Error deleting Service
keyboardurlmonTask => Unable to stop service
keyboardurlmonTask => Error deleting Service
mysqlmemdiagRec => Unable to stop service
mysqlmemdiagRec => Error deleting Service
WindowsMangerProtect => Unable to stop service
WindowsMangerProtect => Error deleting Service
appcompilerUI.exe => Unable to stop service
appcompilerUI.exe => Error deleting Service
Update Yawtix => Error deleting Service
{16d667ee-6782-4b21-81df-8ded8ebc3868}Gw => Unable to stop service
{16d667ee-6782-4b21-81df-8ded8ebc3868}Gw => Error deleting Service
C:\Users\Fredfred\AppData\Local\ZombieInvasion => Moved successfully.
"C:\Program Files\eDealPop" directory move:
Could not move "C:\Program Files\eDealPop\eDealPop.exe" => Scheduled to move on reboot.
Could not move "C:\Program Files\eDealPop\msvcp100.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\eDealPop\msvcr100.dll" => Scheduled to move on reboot.
Could not move "C:\Program Files\eDealPop\unins000.exe" => Scheduled to move on reboot.
Could not move "C:\Program Files\eDealPop" directory. => Scheduled to move on reboot.
"C:\Users\Fredfred\AppData\Local\rasmbmgrmsctfmonitorProvider" directory move:
Could not move "C:\Users\Fredfred\AppData\Local\rasmbmgrmsctfmonitorProvider" directory. => Scheduled to move on reboot.
"C:\WINDOWS\system32\keyboardurlmonTask" directory move:
Could not move "C:\WINDOWS\system32\keyboardurlmonTask\keyboardurlmonTask.exe" => Scheduled to move on reboot.
Could not move "C:\WINDOWS\system32\keyboardurlmonTask\msvcp100.dll" => Scheduled to move on reboot.
Could not move "C:\WINDOWS\system32\keyboardurlmonTask\msvcr100.dll" => Scheduled to move on reboot.
Could not move "C:\WINDOWS\system32\keyboardurlmonTask\QtCore4.dll" => Scheduled to move on reboot.
Could not move "C:\WINDOWS\system32\keyboardurlmonTask\QtNetwork4.dll" => Scheduled to move on reboot.
Could not move "C:\WINDOWS\system32\keyboardurlmonTask" directory. => Scheduled to move on reboot.
"C:\ProgramData\IePluginServices" directory move:
Could not move "C:\ProgramData\IePluginServices\PluginService.exe" => Scheduled to move on reboot.
Could not move "C:\ProgramData\IePluginServices\update\conf" => Scheduled to move on reboot.
Could not move "C:\ProgramData\IePluginServices" directory. => Scheduled to move on reboot.
"C:\ProgramData\WindowsMangerProtect" directory move:
Could not move "C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe" => Scheduled to move on reboot.
Could not move "C:\ProgramData\WindowsMangerProtect\update\conf" => Scheduled to move on reboot.
Could not move "C:\ProgramData\WindowsMangerProtect\update\update.exe" => Scheduled to move on reboot.
Could not move "C:\ProgramData\WindowsMangerProtect" directory. => Scheduled to move on reboot.
=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2015-01-22 16:24:29)<=
==> ATTENTION: System is not rebooted.
"C:\Program Files\eDealPop\eDealPop.exe" => File could not move.
"C:\Program Files\eDealPop\msvcp100.dll" => File could not move.
"C:\Program Files\eDealPop\msvcr100.dll" => File could not move.
"C:\Program Files\eDealPop\unins000.exe" => File could not move.
"C:\Program Files\eDealPop" => Directory could not move.
"C:\Users\Fredfred\AppData\Local\rasmbmgrmsctfmonitorProvider" => Directory could not move.
"C:\WINDOWS\system32\keyboardurlmonTask\keyboardurlmonTask.exe" => File could not move.
"C:\WINDOWS\system32\keyboardurlmonTask\msvcp100.dll" => File could not move.
"C:\WINDOWS\system32\keyboardurlmonTask\msvcr100.dll" => File could not move.
"C:\WINDOWS\system32\keyboardurlmonTask\QtCore4.dll" => File could not move.
"C:\WINDOWS\system32\keyboardurlmonTask\QtNetwork4.dll" => File could not move.
"C:\WINDOWS\system32\keyboardurlmonTask" => Directory could not move.
"C:\ProgramData\IePluginServices\PluginService.exe" => File could not move.
"C:\ProgramData\IePluginServices\update\conf" => File could not move.
"C:\ProgramData\IePluginServices" => Directory could not move.
"C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe" => File could not move.
"C:\ProgramData\WindowsMangerProtect\update\conf" => File could not move.
"C:\ProgramData\WindowsMangerProtect\update\update.exe" => File could not move.
"C:\ProgramData\WindowsMangerProtect" => Directory could not move.
==== End of Fixlog 16:24:30 ====
nanou2974
Messages postés
5
Date d'inscription
jeudi 22 janvier 2015
Statut
Membre
Dernière intervention
22 janvier 2015
22 janv. 2015 à 16:29
22 janv. 2015 à 16:29
voila ce que ça donne
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 651
22 janv. 2015 à 16:33
22 janv. 2015 à 16:33
ok vois ce que ça donne pour les pubs edeals.
