Xxx-dangerous
Fermé
Ayden
-
14 mai 2015 à 15:44
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 - 14 mai 2015 à 17:36
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 - 14 mai 2015 à 17:36
A voir également:
- Xxx-dangerous
- Waptrick xxx - Télécharger - Divers TV & Vidéo
- Adresse Ip 169.X.X.X Mac et Netgear - Forum Réseau
- Rappeur dangerous réussir mourir - Forum Réseaux sociaux
- Xnxx .xxx ✓ - Forum Google Chrome
- Xxx vdeo - Forum Cinéma / Télé
4 réponses
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 660
14 mai 2015 à 15:45
14 mai 2015 à 15:45
Salut,
Je regarde les rapports =)
Je regarde les rapports =)
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 660
14 mai 2015 à 15:50
14 mai 2015 à 15:50
Beaucoup de merdouilles.
Voici la correction à effectuer avec FRST.
Tu peux t'inspirer de cette note explicative avec des captures d'écran pour t'aider: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/#fix
Ouvre le bloc-notes : Touche Windows + R, dans le champs executer, tape notepad et OK.
Copie/colle dedans ce qui suit :
CustomCLSID: HKU\S-1-5-21-3425417458-3132993604-2327969851-1000_Classes\CLSID\{56FDF344-FD6D-11d0-958A-006097C9A090}\InprocServer32 -> C:\Users\AydenFr\AppData\Roaming\lection\gendaqof.dll No File <==== ATTENTION
HKLM\...\Run: [Windesk Winsearch] => C:\Program Files (x86)\WindeskWinsearch\Windesk Winsearch.exe
AppInit_DLLs-x32: C:\ProgramData\LolliScan\LolliScan32.dll => "C:\ProgramData\LolliScan\LolliScan32.dll" File Not Found
AppInit_DLLs-x32: C:/PROGRA~3/{61EC8~1/193~1.1/rata.dll => C:\ProgramData\{61EC892F-316E-58A9-80E8-282B506AFBA5}\1.9.3.1\rata.dll [1010688 2015-04-04] ()
HKLM-x32\...\Run: [MovieDea] => C:\Program Files (x86)\MovieDea\MovieDea.exe [3183616 2015-04-22] (MovieDea)
S2 cysofehu; No ImagePath
S2 kohugiro; No ImagePath
S2 nikeqide; No ImagePath
S2 nykelozy; No ImagePath
S2 tepecoky; No ImagePath
S2 toqomepu; No ImagePath
S2 xyhigysy; No ImagePath
2015-05-13 18:17 - 2015-05-14 15:23 - 00001000 _____ () C:\Windows\Tasks\G4hsJAkRiq.job
2015-05-13 18:17 - 2015-05-13 18:17 - 00004034 _____ () C:\Windows\System32\Tasks\G4hsJAkRiq
2015-05-13 18:16 - 2015-05-14 13:57 - 00000000 ____D () C:\Program Files (x86)\bd41c615-25b0-4c6d-8aea-bb307eef87c6
2015-05-13 18:15 - 2015-05-13 18:15 - 00613255 _____ (CMI Limited) C:\Users\AydenFr\AppData\Local\nsjE83E.tmp
2015-05-13 17:31 - 2015-05-13 17:31 - 00613255 _____ (CMI Limited) C:\Users\AydenFr\AppData\Local\nso4C8B.tmp
2015-05-13 17:19 - 2015-05-13 17:19 - 00613255 _____ (CMI Limited) C:\Users\AydenFr\AppData\Local\nsu764C.tmp
2015-05-13 17:18 - 2015-05-13 17:18 - 00000000 ____D () C:\Users\AydenFr\Documents\Optimizer Pro
2015-05-13 17:18 - 2015-05-13 17:18 - 00000000 ____D () C:\Users\AydenFr\AppData\Roaming\Optimizer Pro
2015-05-13 17:18 - 2015-05-13 17:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2
2015-05-13 17:14 - 2015-05-13 17:42 - 00000000 ____D () C:\Program Files (x86)\PCP
2015-05-13 17:11 - 2015-05-14 15:23 - 00000334 _____ () C:\Windows\Tasks\EDPLQYG1.job
2015-05-13 17:11 - 2015-05-13 23:11 - 00000000 ____D () C:\ProgramData\18b7a06c9f5a43a4b293b8ab47ed27ff
2015-05-13 17:11 - 2015-05-13 17:11 - 00003570 _____ () C:\Windows\System32\Tasks\RAFZERK
2015-05-13 17:11 - 2015-05-13 17:11 - 00003278 _____ () C:\Windows\System32\Tasks\GlobalUpdate-owy5y2nxogs1btd
2015-05-13 17:11 - 2015-05-13 17:11 - 00002856 _____ () C:\Windows\System32\Tasks\EDPLQYG1
2015-05-13 17:11 - 2015-05-13 17:11 - 00000000 ____D () C:\Users\AydenFr\AppData\Roaming\owy5y2nxogs1btd
2015-05-13 17:11 - 2015-05-13 17:11 - 00000000 ____D () C:\ProgramData\7c0535b143fc4671b6ebd202fbffe066
2015-05-13 17:02 - 2015-05-14 15:23 - 00001014 _____ () C:\Windows\Tasks\ylKknnRdIKWIUAoPt.job
2015-05-13 17:02 - 2015-05-13 17:02 - 00004048 _____ () C:\Windows\System32\Tasks\ylKknnRdIKWIUAoPt
2015-05-13 17:01 - 2015-05-14 13:57 - 00000000 ____D () C:\Program Files (x86)\12db6f96-6dea-46db-a2e6-2105dd9b2691
2015-05-07 14:27 - 2015-05-13 17:17 - 00000000 ____D () C:\ProgramData\11718342954912009311
2015-04-19 14:20 - 2015-04-19 14:20 - 00005872 _____ () C:\Users\AydenFr\AppData\Roaming\ylKknnRdIKWIUAoPt
2015-04-19 14:20 - 2015-04-19 14:20 - 00005872 _____ () C:\Users\AydenFr\AppData\Roaming\G4hsJAkRiq
Task: C:\Windows\Tasks\ylKknnRdIKWIUAoPt.job => C:\Users\AydenFr\AppData\Roaming\ylKknnRdIKWIUAoPt.exe <==== ATTENTION
Task: {27D66014-78DC-456F-88E1-62B02A317846} - System32\Tasks\G4hsJAkRiq => C:\Users\AydenFr\AppData\Roaming\G4hsJAkRiq.exe <==== ATTENTION
Task: {27FAE3EB-DD4D-462D-8B34-2CE63CF7C57B} - System32\Tasks\ylKknnRdIKWIUAoPt => C:\Users\AydenFr\AppData\Roaming\ylKknnRdIKWIUAoPt.exe <==== ATTENTION
Task: C:\Windows\Tasks\EDPLQYG1.job => C:\ProgramData\LolliScan\LolliScan.exe
Task: C:\Windows\Tasks\G4hsJAkRiq.job => C:\Users\AydenFr\AppData\Roaming\G4hsJAkRiq.exe <==== ATTENTION
Une fois, le texte coller dans le bloc-note.
Menu Fichier puis Enregistrer sous.
A gauche, place toi sur le bureau.
Dans le champs en bas, nom du fichier mets : fixlist.txt
Clic sur Enregistrer - cela va créer un fichier fixlist.txt sur le bureau.
Relance FRST et clic sur le bouton Fix
Selon comment un redémarrage est nécessaire (pas obligatoire).
Un fichier texte apparaît, copie/colle le contenu ici dans un nouveau message.
Redémarre l'ordinateur
puis réinitialise tes navigateurs:
==================================
Réinitialise tes navigateurs et ou manuellement reparamètre tes navigateurs WEB (page de démarrage, moteur de recherche etc) mais aussi supprimer/désactiver les extensions inutiles/parasites :
~~
Désinstalle Microsoft Security Essentials.
installe Avast! : https://www.malekal.com/tutoriel-antivirus-avast/
(Surtout active les détections LPIs pour détecter les programmes parasites et publicitaires)
Voici la correction à effectuer avec FRST.
Tu peux t'inspirer de cette note explicative avec des captures d'écran pour t'aider: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/#fix
Ouvre le bloc-notes : Touche Windows + R, dans le champs executer, tape notepad et OK.
Copie/colle dedans ce qui suit :
CustomCLSID: HKU\S-1-5-21-3425417458-3132993604-2327969851-1000_Classes\CLSID\{56FDF344-FD6D-11d0-958A-006097C9A090}\InprocServer32 -> C:\Users\AydenFr\AppData\Roaming\lection\gendaqof.dll No File <==== ATTENTION
HKLM\...\Run: [Windesk Winsearch] => C:\Program Files (x86)\WindeskWinsearch\Windesk Winsearch.exe
AppInit_DLLs-x32: C:\ProgramData\LolliScan\LolliScan32.dll => "C:\ProgramData\LolliScan\LolliScan32.dll" File Not Found
AppInit_DLLs-x32: C:/PROGRA~3/{61EC8~1/193~1.1/rata.dll => C:\ProgramData\{61EC892F-316E-58A9-80E8-282B506AFBA5}\1.9.3.1\rata.dll [1010688 2015-04-04] ()
HKLM-x32\...\Run: [MovieDea] => C:\Program Files (x86)\MovieDea\MovieDea.exe [3183616 2015-04-22] (MovieDea)
S2 cysofehu; No ImagePath
S2 kohugiro; No ImagePath
S2 nikeqide; No ImagePath
S2 nykelozy; No ImagePath
S2 tepecoky; No ImagePath
S2 toqomepu; No ImagePath
S2 xyhigysy; No ImagePath
2015-05-13 18:17 - 2015-05-14 15:23 - 00001000 _____ () C:\Windows\Tasks\G4hsJAkRiq.job
2015-05-13 18:17 - 2015-05-13 18:17 - 00004034 _____ () C:\Windows\System32\Tasks\G4hsJAkRiq
2015-05-13 18:16 - 2015-05-14 13:57 - 00000000 ____D () C:\Program Files (x86)\bd41c615-25b0-4c6d-8aea-bb307eef87c6
2015-05-13 18:15 - 2015-05-13 18:15 - 00613255 _____ (CMI Limited) C:\Users\AydenFr\AppData\Local\nsjE83E.tmp
2015-05-13 17:31 - 2015-05-13 17:31 - 00613255 _____ (CMI Limited) C:\Users\AydenFr\AppData\Local\nso4C8B.tmp
2015-05-13 17:19 - 2015-05-13 17:19 - 00613255 _____ (CMI Limited) C:\Users\AydenFr\AppData\Local\nsu764C.tmp
2015-05-13 17:18 - 2015-05-13 17:18 - 00000000 ____D () C:\Users\AydenFr\Documents\Optimizer Pro
2015-05-13 17:18 - 2015-05-13 17:18 - 00000000 ____D () C:\Users\AydenFr\AppData\Roaming\Optimizer Pro
2015-05-13 17:18 - 2015-05-13 17:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2
2015-05-13 17:14 - 2015-05-13 17:42 - 00000000 ____D () C:\Program Files (x86)\PCP
2015-05-13 17:11 - 2015-05-14 15:23 - 00000334 _____ () C:\Windows\Tasks\EDPLQYG1.job
2015-05-13 17:11 - 2015-05-13 23:11 - 00000000 ____D () C:\ProgramData\18b7a06c9f5a43a4b293b8ab47ed27ff
2015-05-13 17:11 - 2015-05-13 17:11 - 00003570 _____ () C:\Windows\System32\Tasks\RAFZERK
2015-05-13 17:11 - 2015-05-13 17:11 - 00003278 _____ () C:\Windows\System32\Tasks\GlobalUpdate-owy5y2nxogs1btd
2015-05-13 17:11 - 2015-05-13 17:11 - 00002856 _____ () C:\Windows\System32\Tasks\EDPLQYG1
2015-05-13 17:11 - 2015-05-13 17:11 - 00000000 ____D () C:\Users\AydenFr\AppData\Roaming\owy5y2nxogs1btd
2015-05-13 17:11 - 2015-05-13 17:11 - 00000000 ____D () C:\ProgramData\7c0535b143fc4671b6ebd202fbffe066
2015-05-13 17:02 - 2015-05-14 15:23 - 00001014 _____ () C:\Windows\Tasks\ylKknnRdIKWIUAoPt.job
2015-05-13 17:02 - 2015-05-13 17:02 - 00004048 _____ () C:\Windows\System32\Tasks\ylKknnRdIKWIUAoPt
2015-05-13 17:01 - 2015-05-14 13:57 - 00000000 ____D () C:\Program Files (x86)\12db6f96-6dea-46db-a2e6-2105dd9b2691
2015-05-07 14:27 - 2015-05-13 17:17 - 00000000 ____D () C:\ProgramData\11718342954912009311
2015-04-19 14:20 - 2015-04-19 14:20 - 00005872 _____ () C:\Users\AydenFr\AppData\Roaming\ylKknnRdIKWIUAoPt
2015-04-19 14:20 - 2015-04-19 14:20 - 00005872 _____ () C:\Users\AydenFr\AppData\Roaming\G4hsJAkRiq
Task: C:\Windows\Tasks\ylKknnRdIKWIUAoPt.job => C:\Users\AydenFr\AppData\Roaming\ylKknnRdIKWIUAoPt.exe <==== ATTENTION
Task: {27D66014-78DC-456F-88E1-62B02A317846} - System32\Tasks\G4hsJAkRiq => C:\Users\AydenFr\AppData\Roaming\G4hsJAkRiq.exe <==== ATTENTION
Task: {27FAE3EB-DD4D-462D-8B34-2CE63CF7C57B} - System32\Tasks\ylKknnRdIKWIUAoPt => C:\Users\AydenFr\AppData\Roaming\ylKknnRdIKWIUAoPt.exe <==== ATTENTION
Task: C:\Windows\Tasks\EDPLQYG1.job => C:\ProgramData\LolliScan\LolliScan.exe
Task: C:\Windows\Tasks\G4hsJAkRiq.job => C:\Users\AydenFr\AppData\Roaming\G4hsJAkRiq.exe <==== ATTENTION
Une fois, le texte coller dans le bloc-note.
Menu Fichier puis Enregistrer sous.
A gauche, place toi sur le bureau.
Dans le champs en bas, nom du fichier mets : fixlist.txt
Clic sur Enregistrer - cela va créer un fichier fixlist.txt sur le bureau.
Relance FRST et clic sur le bouton Fix
Selon comment un redémarrage est nécessaire (pas obligatoire).
Un fichier texte apparaît, copie/colle le contenu ici dans un nouveau message.
Redémarre l'ordinateur
puis réinitialise tes navigateurs:
==================================
Réinitialise tes navigateurs et ou manuellement reparamètre tes navigateurs WEB (page de démarrage, moteur de recherche etc) mais aussi supprimer/désactiver les extensions inutiles/parasites :
- Firefox : https://www.malekal.com/reparer-firefox/?t=36057&start=
- Google Chrome : https://www.malekal.com/reparer-google-chrome/?t=35837&start=
- Internet Explorer et modules complémentaires / moteurs de recherche : https://forum.malekal.com/viewtopic.php?t=41399&start=
~~
Désinstalle Microsoft Security Essentials.
installe Avast! : https://www.malekal.com/tutoriel-antivirus-avast/
(Surtout active les détections LPIs pour détecter les programmes parasites et publicitaires)
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 14-05-2015 01
Ran by AydenFr at 2015-05-14 15:51:48 Run:1
Running from C:\Users\AydenFr\Downloads
Loaded Profiles: AydenFr (Available profiles: AydenFr)
Boot Mode: Normal
==============================================
Content of fixlist:
CustomCLSID: HKU\S-1-5-21-3425417458-3132993604-2327969851-1000_Classes\CLSID\{56FDF344-FD6D-11d0-958A-006097C9A090}\InprocServer32 -> C:\Users\AydenFr\AppData\Roaming\lection\gendaqof.dll No File <==== ATTENTION
HKLM\...\Run: [Windesk Winsearch] => C:\Program Files (x86)\WindeskWinsearch\Windesk Winsearch.exe
AppInit_DLLs-x32: C:\ProgramData\LolliScan\LolliScan32.dll => "C:\ProgramData\LolliScan\LolliScan32.dll" File Not Found
AppInit_DLLs-x32: C:/PROGRA~3/{61EC8~1/193~1.1/rata.dll => C:\ProgramData\{61EC892F-316E-58A9-80E8-282B506AFBA5}\1.9.3.1\rata.dll [1010688 2015-04-04] ()
HKLM-x32\...\Run: [MovieDea] => C:\Program Files (x86)\MovieDea\MovieDea.exe [3183616 2015-04-22] (MovieDea)
S2 cysofehu; No ImagePath
S2 kohugiro; No ImagePath
S2 nikeqide; No ImagePath
S2 nykelozy; No ImagePath
S2 tepecoky; No ImagePath
S2 toqomepu; No ImagePath
S2 xyhigysy; No ImagePath
2015-05-13 18:17 - 2015-05-14 15:23 - 00001000 _____ () C:\Windows\Tasks\G4hsJAkRiq.job
2015-05-13 18:17 - 2015-05-13 18:17 - 00004034 _____ () C:\Windows\System32\Tasks\G4hsJAkRiq
2015-05-13 18:16 - 2015-05-14 13:57 - 00000000 ____D () C:\Program Files (x86)\bd41c615-25b0-4c6d-8aea-bb307eef87c6
2015-05-13 18:15 - 2015-05-13 18:15 - 00613255 _____ (CMI Limited) C:\Users\AydenFr\AppData\Local\nsjE83E.tmp
2015-05-13 17:31 - 2015-05-13 17:31 - 00613255 _____ (CMI Limited) C:\Users\AydenFr\AppData\Local\nso4C8B.tmp
2015-05-13 17:19 - 2015-05-13 17:19 - 00613255 _____ (CMI Limited) C:\Users\AydenFr\AppData\Local\nsu764C.tmp
2015-05-13 17:18 - 2015-05-13 17:18 - 00000000 ____D () C:\Users\AydenFr\Documents\Optimizer Pro
2015-05-13 17:18 - 2015-05-13 17:18 - 00000000 ____D () C:\Users\AydenFr\AppData\Roaming\Optimizer Pro
2015-05-13 17:18 - 2015-05-13 17:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2
2015-05-13 17:14 - 2015-05-13 17:42 - 00000000 ____D () C:\Program Files (x86)\PCP
2015-05-13 17:11 - 2015-05-14 15:23 - 00000334 _____ () C:\Windows\Tasks\EDPLQYG1.job
2015-05-13 17:11 - 2015-05-13 23:11 - 00000000 ____D () C:\ProgramData\18b7a06c9f5a43a4b293b8ab47ed27ff
2015-05-13 17:11 - 2015-05-13 17:11 - 00003570 _____ () C:\Windows\System32\Tasks\RAFZERK
2015-05-13 17:11 - 2015-05-13 17:11 - 00003278 _____ () C:\Windows\System32\Tasks\GlobalUpdate-owy5y2nxogs1btd
2015-05-13 17:11 - 2015-05-13 17:11 - 00002856 _____ () C:\Windows\System32\Tasks\EDPLQYG1
2015-05-13 17:11 - 2015-05-13 17:11 - 00000000 ____D () C:\Users\AydenFr\AppData\Roaming\owy5y2nxogs1btd
2015-05-13 17:11 - 2015-05-13 17:11 - 00000000 ____D () C:\ProgramData\7c0535b143fc4671b6ebd202fbffe066
2015-05-13 17:02 - 2015-05-14 15:23 - 00001014 _____ () C:\Windows\Tasks\ylKknnRdIKWIUAoPt.job
2015-05-13 17:02 - 2015-05-13 17:02 - 00004048 _____ () C:\Windows\System32\Tasks\ylKknnRdIKWIUAoPt
2015-05-13 17:01 - 2015-05-14 13:57 - 00000000 ____D () C:\Program Files (x86)\12db6f96-6dea-46db-a2e6-2105dd9b2691
2015-05-07 14:27 - 2015-05-13 17:17 - 00000000 ____D () C:\ProgramData\11718342954912009311
2015-04-19 14:20 - 2015-04-19 14:20 - 00005872 _____ () C:\Users\AydenFr\AppData\Roaming\ylKknnRdIKWIUAoPt
2015-04-19 14:20 - 2015-04-19 14:20 - 00005872 _____ () C:\Users\AydenFr\AppData\Roaming\G4hsJAkRiq
Task: C:\Windows\Tasks\ylKknnRdIKWIUAoPt.job => C:\Users\AydenFr\AppData\Roaming\ylKknnRdIKWIUAoPt.exe <==== ATTENTION
Task: {27D66014-78DC-456F-88E1-62B02A317846} - System32\Tasks\G4hsJAkRiq => C:\Users\AydenFr\AppData\Roaming\G4hsJAkRiq.exe <==== ATTENTION
Task: {27FAE3EB-DD4D-462D-8B34-2CE63CF7C57B} - System32\Tasks\ylKknnRdIKWIUAoPt => C:\Users\AydenFr\AppData\Roaming\ylKknnRdIKWIUAoPt.exe <==== ATTENTION
Task: C:\Windows\Tasks\EDPLQYG1.job => C:\ProgramData\LolliScan\LolliScan.exe
Task: C:\Windows\Tasks\G4hsJAkRiq.job => C:\Users\AydenFr\AppData\Roaming\G4hsJAkRiq.exe <==== ATTENTION
"HKU\S-1-5-21-3425417458-3132993604-2327969851-1000_Classes\CLSID\{56FDF344-FD6D-11d0-958A-006097C9A090}" => Key deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Windesk Winsearch => value deleted successfully.
"C:\ProgramData\LolliScan\LolliScan32.dll" => Value Data removed successfully.
"C:/PROGRA~3/{61EC8~1/193~1.1/rata.dll" => Value Data removed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\MovieDea => value deleted successfully.
cysofehu => Service deleted successfully.
kohugiro => Service deleted successfully.
nikeqide => Service deleted successfully.
nykelozy => Service deleted successfully.
tepecoky => Service deleted successfully.
toqomepu => Service deleted successfully.
xyhigysy => Service deleted successfully.
C:\Windows\Tasks\G4hsJAkRiq.job => Moved successfully.
C:\Windows\System32\Tasks\G4hsJAkRiq => Moved successfully.
"C:\Program Files (x86)\bd41c615-25b0-4c6d-8aea-bb307eef87c6" => File/Directory not found.
C:\Users\AydenFr\AppData\Local\nsjE83E.tmp => Moved successfully.
C:\Users\AydenFr\AppData\Local\nso4C8B.tmp => Moved successfully.
C:\Users\AydenFr\AppData\Local\nsu764C.tmp => Moved successfully.
C:\Users\AydenFr\Documents\Optimizer Pro => Moved successfully.
C:\Users\AydenFr\AppData\Roaming\Optimizer Pro => Moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2 => Moved successfully.
C:\Program Files (x86)\PCP => Moved successfully.
C:\Windows\Tasks\EDPLQYG1.job => Moved successfully.
C:\ProgramData\18b7a06c9f5a43a4b293b8ab47ed27ff => Moved successfully.
C:\Windows\System32\Tasks\RAFZERK => Moved successfully.
C:\Windows\System32\Tasks\GlobalUpdate-owy5y2nxogs1btd => Moved successfully.
C:\Windows\System32\Tasks\EDPLQYG1 => Moved successfully.
"C:\Users\AydenFr\AppData\Roaming\owy5y2nxogs1btd" directory move:
Could not move "C:\Users\AydenFr\AppData\Roaming\owy5y2nxogs1btd" directory. => Scheduled to move on reboot.
C:\ProgramData\7c0535b143fc4671b6ebd202fbffe066 => Moved successfully.
C:\Windows\Tasks\ylKknnRdIKWIUAoPt.job => Moved successfully.
C:\Windows\System32\Tasks\ylKknnRdIKWIUAoPt => Moved successfully.
"C:\Program Files (x86)\12db6f96-6dea-46db-a2e6-2105dd9b2691" => File/Directory not found.
C:\ProgramData\11718342954912009311 => Moved successfully.
C:\Users\AydenFr\AppData\Roaming\ylKknnRdIKWIUAoPt => Moved successfully.
C:\Users\AydenFr\AppData\Roaming\G4hsJAkRiq => Moved successfully.
C:\Windows\Tasks\ylKknnRdIKWIUAoPt.job not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{27D66014-78DC-456F-88E1-62B02A317846}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{27D66014-78DC-456F-88E1-62B02A317846}" => Key deleted successfully.
C:\Windows\System32\Tasks\G4hsJAkRiq not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\G4hsJAkRiq" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{27FAE3EB-DD4D-462D-8B34-2CE63CF7C57B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{27FAE3EB-DD4D-462D-8B34-2CE63CF7C57B}" => Key deleted successfully.
C:\Windows\System32\Tasks\ylKknnRdIKWIUAoPt not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ylKknnRdIKWIUAoPt" => Key deleted successfully.
C:\Windows\Tasks\EDPLQYG1.job not found.
C:\Windows\Tasks\G4hsJAkRiq.job not found.
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-05-14 15:53:58)<=
C:\Users\AydenFr\AppData\Roaming\owy5y2nxogs1btd => Is moved successfully.
Ran by AydenFr at 2015-05-14 15:51:48 Run:1
Running from C:\Users\AydenFr\Downloads
Loaded Profiles: AydenFr (Available profiles: AydenFr)
Boot Mode: Normal
==============================================
Content of fixlist:
CustomCLSID: HKU\S-1-5-21-3425417458-3132993604-2327969851-1000_Classes\CLSID\{56FDF344-FD6D-11d0-958A-006097C9A090}\InprocServer32 -> C:\Users\AydenFr\AppData\Roaming\lection\gendaqof.dll No File <==== ATTENTION
HKLM\...\Run: [Windesk Winsearch] => C:\Program Files (x86)\WindeskWinsearch\Windesk Winsearch.exe
AppInit_DLLs-x32: C:\ProgramData\LolliScan\LolliScan32.dll => "C:\ProgramData\LolliScan\LolliScan32.dll" File Not Found
AppInit_DLLs-x32: C:/PROGRA~3/{61EC8~1/193~1.1/rata.dll => C:\ProgramData\{61EC892F-316E-58A9-80E8-282B506AFBA5}\1.9.3.1\rata.dll [1010688 2015-04-04] ()
HKLM-x32\...\Run: [MovieDea] => C:\Program Files (x86)\MovieDea\MovieDea.exe [3183616 2015-04-22] (MovieDea)
S2 cysofehu; No ImagePath
S2 kohugiro; No ImagePath
S2 nikeqide; No ImagePath
S2 nykelozy; No ImagePath
S2 tepecoky; No ImagePath
S2 toqomepu; No ImagePath
S2 xyhigysy; No ImagePath
2015-05-13 18:17 - 2015-05-14 15:23 - 00001000 _____ () C:\Windows\Tasks\G4hsJAkRiq.job
2015-05-13 18:17 - 2015-05-13 18:17 - 00004034 _____ () C:\Windows\System32\Tasks\G4hsJAkRiq
2015-05-13 18:16 - 2015-05-14 13:57 - 00000000 ____D () C:\Program Files (x86)\bd41c615-25b0-4c6d-8aea-bb307eef87c6
2015-05-13 18:15 - 2015-05-13 18:15 - 00613255 _____ (CMI Limited) C:\Users\AydenFr\AppData\Local\nsjE83E.tmp
2015-05-13 17:31 - 2015-05-13 17:31 - 00613255 _____ (CMI Limited) C:\Users\AydenFr\AppData\Local\nso4C8B.tmp
2015-05-13 17:19 - 2015-05-13 17:19 - 00613255 _____ (CMI Limited) C:\Users\AydenFr\AppData\Local\nsu764C.tmp
2015-05-13 17:18 - 2015-05-13 17:18 - 00000000 ____D () C:\Users\AydenFr\Documents\Optimizer Pro
2015-05-13 17:18 - 2015-05-13 17:18 - 00000000 ____D () C:\Users\AydenFr\AppData\Roaming\Optimizer Pro
2015-05-13 17:18 - 2015-05-13 17:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2
2015-05-13 17:14 - 2015-05-13 17:42 - 00000000 ____D () C:\Program Files (x86)\PCP
2015-05-13 17:11 - 2015-05-14 15:23 - 00000334 _____ () C:\Windows\Tasks\EDPLQYG1.job
2015-05-13 17:11 - 2015-05-13 23:11 - 00000000 ____D () C:\ProgramData\18b7a06c9f5a43a4b293b8ab47ed27ff
2015-05-13 17:11 - 2015-05-13 17:11 - 00003570 _____ () C:\Windows\System32\Tasks\RAFZERK
2015-05-13 17:11 - 2015-05-13 17:11 - 00003278 _____ () C:\Windows\System32\Tasks\GlobalUpdate-owy5y2nxogs1btd
2015-05-13 17:11 - 2015-05-13 17:11 - 00002856 _____ () C:\Windows\System32\Tasks\EDPLQYG1
2015-05-13 17:11 - 2015-05-13 17:11 - 00000000 ____D () C:\Users\AydenFr\AppData\Roaming\owy5y2nxogs1btd
2015-05-13 17:11 - 2015-05-13 17:11 - 00000000 ____D () C:\ProgramData\7c0535b143fc4671b6ebd202fbffe066
2015-05-13 17:02 - 2015-05-14 15:23 - 00001014 _____ () C:\Windows\Tasks\ylKknnRdIKWIUAoPt.job
2015-05-13 17:02 - 2015-05-13 17:02 - 00004048 _____ () C:\Windows\System32\Tasks\ylKknnRdIKWIUAoPt
2015-05-13 17:01 - 2015-05-14 13:57 - 00000000 ____D () C:\Program Files (x86)\12db6f96-6dea-46db-a2e6-2105dd9b2691
2015-05-07 14:27 - 2015-05-13 17:17 - 00000000 ____D () C:\ProgramData\11718342954912009311
2015-04-19 14:20 - 2015-04-19 14:20 - 00005872 _____ () C:\Users\AydenFr\AppData\Roaming\ylKknnRdIKWIUAoPt
2015-04-19 14:20 - 2015-04-19 14:20 - 00005872 _____ () C:\Users\AydenFr\AppData\Roaming\G4hsJAkRiq
Task: C:\Windows\Tasks\ylKknnRdIKWIUAoPt.job => C:\Users\AydenFr\AppData\Roaming\ylKknnRdIKWIUAoPt.exe <==== ATTENTION
Task: {27D66014-78DC-456F-88E1-62B02A317846} - System32\Tasks\G4hsJAkRiq => C:\Users\AydenFr\AppData\Roaming\G4hsJAkRiq.exe <==== ATTENTION
Task: {27FAE3EB-DD4D-462D-8B34-2CE63CF7C57B} - System32\Tasks\ylKknnRdIKWIUAoPt => C:\Users\AydenFr\AppData\Roaming\ylKknnRdIKWIUAoPt.exe <==== ATTENTION
Task: C:\Windows\Tasks\EDPLQYG1.job => C:\ProgramData\LolliScan\LolliScan.exe
Task: C:\Windows\Tasks\G4hsJAkRiq.job => C:\Users\AydenFr\AppData\Roaming\G4hsJAkRiq.exe <==== ATTENTION
"HKU\S-1-5-21-3425417458-3132993604-2327969851-1000_Classes\CLSID\{56FDF344-FD6D-11d0-958A-006097C9A090}" => Key deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Windesk Winsearch => value deleted successfully.
"C:\ProgramData\LolliScan\LolliScan32.dll" => Value Data removed successfully.
"C:/PROGRA~3/{61EC8~1/193~1.1/rata.dll" => Value Data removed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\MovieDea => value deleted successfully.
cysofehu => Service deleted successfully.
kohugiro => Service deleted successfully.
nikeqide => Service deleted successfully.
nykelozy => Service deleted successfully.
tepecoky => Service deleted successfully.
toqomepu => Service deleted successfully.
xyhigysy => Service deleted successfully.
C:\Windows\Tasks\G4hsJAkRiq.job => Moved successfully.
C:\Windows\System32\Tasks\G4hsJAkRiq => Moved successfully.
"C:\Program Files (x86)\bd41c615-25b0-4c6d-8aea-bb307eef87c6" => File/Directory not found.
C:\Users\AydenFr\AppData\Local\nsjE83E.tmp => Moved successfully.
C:\Users\AydenFr\AppData\Local\nso4C8B.tmp => Moved successfully.
C:\Users\AydenFr\AppData\Local\nsu764C.tmp => Moved successfully.
C:\Users\AydenFr\Documents\Optimizer Pro => Moved successfully.
C:\Users\AydenFr\AppData\Roaming\Optimizer Pro => Moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2 => Moved successfully.
C:\Program Files (x86)\PCP => Moved successfully.
C:\Windows\Tasks\EDPLQYG1.job => Moved successfully.
C:\ProgramData\18b7a06c9f5a43a4b293b8ab47ed27ff => Moved successfully.
C:\Windows\System32\Tasks\RAFZERK => Moved successfully.
C:\Windows\System32\Tasks\GlobalUpdate-owy5y2nxogs1btd => Moved successfully.
C:\Windows\System32\Tasks\EDPLQYG1 => Moved successfully.
"C:\Users\AydenFr\AppData\Roaming\owy5y2nxogs1btd" directory move:
Could not move "C:\Users\AydenFr\AppData\Roaming\owy5y2nxogs1btd" directory. => Scheduled to move on reboot.
C:\ProgramData\7c0535b143fc4671b6ebd202fbffe066 => Moved successfully.
C:\Windows\Tasks\ylKknnRdIKWIUAoPt.job => Moved successfully.
C:\Windows\System32\Tasks\ylKknnRdIKWIUAoPt => Moved successfully.
"C:\Program Files (x86)\12db6f96-6dea-46db-a2e6-2105dd9b2691" => File/Directory not found.
C:\ProgramData\11718342954912009311 => Moved successfully.
C:\Users\AydenFr\AppData\Roaming\ylKknnRdIKWIUAoPt => Moved successfully.
C:\Users\AydenFr\AppData\Roaming\G4hsJAkRiq => Moved successfully.
C:\Windows\Tasks\ylKknnRdIKWIUAoPt.job not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{27D66014-78DC-456F-88E1-62B02A317846}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{27D66014-78DC-456F-88E1-62B02A317846}" => Key deleted successfully.
C:\Windows\System32\Tasks\G4hsJAkRiq not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\G4hsJAkRiq" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{27FAE3EB-DD4D-462D-8B34-2CE63CF7C57B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{27FAE3EB-DD4D-462D-8B34-2CE63CF7C57B}" => Key deleted successfully.
C:\Windows\System32\Tasks\ylKknnRdIKWIUAoPt not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ylKknnRdIKWIUAoPt" => Key deleted successfully.
C:\Windows\Tasks\EDPLQYG1.job not found.
C:\Windows\Tasks\G4hsJAkRiq.job not found.
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-05-14 15:53:58)<=
C:\Users\AydenFr\AppData\Roaming\owy5y2nxogs1btd => Is moved successfully.
End of Fixlog 15:53:58
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 660
14 mai 2015 à 17:36
14 mai 2015 à 17:36
=)
voici la suite :
Scan Malwarebytes (temps : environ 40min de scan):
==================================================
Télécharge et installe Malwarebyte : https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
Mets le à jour puis lance un examen.
A la fin du scan, clic sur "Mettre tout en quarantaine" en bas à gauche.
Redémarre l'ordinateur si besoin.
Après redémarrage, relance Malwarebytes.
Vas chercher le rapport dans l'onglet Historique.
A gauche Journal des examens.
Doube-clic sur l'examen dans la liste.
Puis en bas Copier dans le presse papier
Vas sur http://pjjoint.malekal.com et en bas, clic droit / coller pour coller le rapport du scan Malwarebytes.
Clic sur envoyer.
Dans un nouveau message ici en réponse, donne le lien pjjoint afin de pouvoir consulter le rapport.
voici la suite :
Scan Malwarebytes (temps : environ 40min de scan):
==================================================
Télécharge et installe Malwarebyte : https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
Mets le à jour puis lance un examen.
A la fin du scan, clic sur "Mettre tout en quarantaine" en bas à gauche.
Redémarre l'ordinateur si besoin.
Après redémarrage, relance Malwarebytes.
Vas chercher le rapport dans l'onglet Historique.
A gauche Journal des examens.
Doube-clic sur l'examen dans la liste.
Puis en bas Copier dans le presse papier
Vas sur http://pjjoint.malekal.com et en bas, clic droit / coller pour coller le rapport du scan Malwarebytes.
Clic sur envoyer.
Dans un nouveau message ici en réponse, donne le lien pjjoint afin de pouvoir consulter le rapport.
