Sujet Précédent Sujet Suivant

PC infecté par une clé USB : $RECYCLEBIN\Vlc.rar et Adobe.rar

Résolu/Fermé
BRODAC Messages postés 6 Date d'inscription mardi 19 mai 2015 Statut Membre Dernière intervention 20 mai 2015 - 19 mai 2015 à 20:23
 Perri - 16 nov. 2016 à 13:07
Bonsoir à tous
Suite à l'utilisation d'une clé USB mon pc a été infecté et au démarrage deux messages d'erreurs s'affichent et me disent:
1/impossible de trouver le fichier script D:\$RECYCLEBIN\Vlc.rar
2/impossible de trouver le fichier script D:\$RECYCLEBIN\Adobe.rar
Je ne sais pas vraiment quoi faire.
J'ai voulu tenter un tuto mais par prudence j'ai préféré vous en parler
A voir également:

8 réponses

Réponse 1 / 8
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 656
19 mai 2015 à 21:09
Salut,

Suis ce tutoriel FRST: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/
(et bien prendre le temps de lire afin d'appliquer correctement - tout y est expliqué).
Télécharge et lance le scan FRST, cela va générer trois rapports FRST :
  • FRST.txt
  • Shortcut.txt
  • Additionnal.txt


Envoie, comme expliqué, ces trois rapports sur le site http://pjjoint.malekal.com et en retour donne les trois liens pjjoint qui mènent à ses rapports ici dans une nouvelle réponse afin que l'on puisse les consulter.


0
Perri
16 nov. 2016 à 13:07
Salut Malekal_morte-, même problème pour moi, peux-tu m'aider (je prie pour que ce compte soit encore actif ...)
0
Réponse 2 / 8
BRODAC Messages postés 6 Date d'inscription mardi 19 mai 2015 Statut Membre Dernière intervention 20 mai 2015
19 mai 2015 à 21:20
En réalité j'ai suivi une de vos explications sur le problème et j'ai déja fait le scan de frst. Maitenant je les ai envoyer et voisi les liens:
https://pjjoint.malekal.com/files.php?id=20150519_v10n9w12m8l11
https://pjjoint.malekal.com/files.php?id=20150519_x5w11v8k8l7
https://pjjoint.malekal.com/files.php?id=20150519_d13s8m12l14v7
0
Réponse 3 / 8
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 656
19 mai 2015 à 21:35
Désinstalle :
Dll-Files Fixer
Smileys We Love Toolbar for IE
WonderShare.



Voici la correction à effectuer avec FRST.
Tu peux t'inspirer de cette note explicative avec des captures d'écran pour t'aider: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/#fix

Ouvre le bloc-notes : Touche Windows + R, dans le champs executer, tape notepad et OK.
Copie/colle dedans ce qui suit :


Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\C-cleaner.lnk [2015-05-11]
Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\VideoLAN.lnk [2015-05-11]
CHR Extension: (No Name) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgkkmcknielgdhebimdnfahpipajcpjn [2015-05-15]
2015-05-19 17:17 - 2015-05-19 17:17 - 00003014 _____ () C:\WINDOWS\System32\Tasks\DLL-Files.Com Fixer_Updates
2015-05-19 17:17 - 2015-05-19 17:17 - 00003000 _____ () C:\WINDOWS\System32\Tasks\DLL-Files.Com Fixer_MONTHLY
2015-05-19 17:17 - 2015-05-19 17:17 - 00000302 _____ () C:\WINDOWS\Tasks\DLL-Files.Com Fixer_Updates.job
2015-05-19 17:17 - 2015-05-19 17:17 - 00000286 _____ () C:\WINDOWS\Tasks\DLL-Files.Com Fixer_MONTHLY.job
2015-05-19 17:17 - 2015-05-19 17:17 - 00000000 ____D () C:\Users\user\AppData\Roaming\dll-files.com
2015-05-19 17:17 - 2015-05-19 17:34 - 00001110 _____ () C:\Users\Public\Desktop\Dll-Files Fixer.lnk
2015-05-19 17:56 - 2015-04-02 20:56 - 00001310 _____ () C:\WINDOWS\Tasks\dress4u_notification_service.job
2015-05-17 20:11 - 2014-09-15 17:40 - 00000000 ____D () C:\Users\user\Documents\Youcam
2015-05-17 15:01 - 2014-10-25 12:34 - 00000290 _____ () C:\WINDOWS\Tasks\RegClean Pro_DEFAULT.job
2015-05-16 08:10 - 2015-04-02 20:56 - 00000000 ____D () C:\Program Files (x86)\dress4u
Task: {0D19ABC0-036B-4932-A252-8A656D5AFA1C} - System32\Tasks\{C2A2FE58-26C2-415E-9E6C-A4B71EFD3DD6} => pcalua.exe -a C:\Users\user\AppData\Roaming\webssearches\UninstallManager.exe -c -ptid=scl <==== ATTENTION
Task: {10F001B8-E047-4437-9E84-CC325C7D18A7} - System32\Tasks\HostSecure2 => C:\Program
Task: {1768A903-CDEC-4CF1-983E-9D7E85EAF4FA} - \e5267ec8-be49-4aef-baa2-c44e80b55b5c-5 No Task File <==== ATTENTION
Task: {1B248587-983E-4020-B12D-A32B2D521FD2} - System32\Tasks\7f654964-c5d7-447f-9618-16c65ad26641-1 => C:\Program Files (x86)\Radio Canyon\Radio Canyon-codedownloader.exe <==== ATTENTION
Task: {2212CC4D-328A-414C-AFCA-1F7326369C23} - System32\Tasks\RegClean Pro_UPDATES => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: {2BF48DE9-E8BF-4D30-AC19-95EC5DD1F285} - System32\Tasks\24seven_savings_notification_service => C:\Program Files (x86)\24Seven savings\24seven_savings_notification_service.exe [2015-04-02] (FileProperties_CompanyName) <==== ATTENTION
Task: {316E8668-41B3-4A50-99B3-0B88BD2809F7} - \24seven_savings_updating_service No Task File <==== ATTENTION
Task: {3B2EEA54-62AF-4BFB-A837-4CDCAA704830} - System32\Tasks\Advanced System Protector => C:\Program Files (x86)\RegClean Pro\SystweakASP.exe <==== ATTENTION
Task: {4971F222-1967-4EB6-941C-7AE7A6A4D1F8} - \Installer_ytd No Task File <==== ATTENTION
Task: {4E48ECF2-088C-4FBA-9A7D-E50D654F6755} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2014-09-15] ()
Task: {5C18E13A-4CFF-40E0-AEE0-1896C605265D} - \dress4u_updating_service No Task File <==== ATTENTION
Task: {646B4D95-6A77-4278-B783-B4BCD3F2C794} - System32\Tasks\SecureHost => C:\Program
Task: {66B680BA-1DE8-489D-B77E-1D66B9A29ECC} - System32\Tasks\{D05C31C9-7332-42EE-941A-BB8DB6D75646} => pcalua.exe -a "C:\Windows\San Andreas Mod Installer\uninstall.exe" -c "/U:C:\Program Files (x86)\San Andreas Mod Installer\Uninstall\uninstall.xml"
Task: {722525D4-5A3B-449F-8084-6898CD5A5EB2} - System32\Tasks\RegClean Pro => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: {8F28128B-232B-4028-80D5-AFAA360ADE00} - \e5267ec8-be49-4aef-baa2-c44e80b55b5c-1 No Task File <==== ATTENTION
Task: {8FA96C03-8151-43B5-870B-F8954B43CF61} - \7f654964-c5d7-447f-9618-16c65ad26641-4 No Task File <==== ATTENTION
Task: {94F20600-64AB-49E3-BCB7-5D15EFE44DCA} - System32\Tasks\{80B390C2-E8EA-464E-839C-65E617002147} => pcalua.exe -a C:\Users\user\AppData\Roaming\mystartsearch\UninstallManager.exe -c -ptid=smt
Task: {A4A0F8E9-D55A-4953-8F56-55996060BCF7} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-11-22] (globalUpdate) <==== ATTENTION
Task: {A4EB1FD8-3897-48B2-BE53-DA6118141A20} - \7f654964-c5d7-447f-9618-16c65ad26641-11 No Task File <==== ATTENTION
Task: {B714B321-2A88-4469-83B3-303825159318} - \e5267ec8-be49-4aef-baa2-c44e80b55b5c-4 No Task File <==== ATTENTION
Task: {B90889AD-37D4-423B-BAF4-12E5018BA789} - System32\Tasks\dress4u_notification_service => C:\Program Files (x86)\dress4u\dress4u_notification_service.exe <==== ATTENTION
Task: {C05F8B8C-2B89-4327-AA50-C5A129CD76C0} - \e5267ec8-be49-4aef-baa2-c44e80b55b5c-11 No Task File <==== ATTENTION
Task: {C440E4C8-264F-4FE0-B65E-B58BA09AD6A0} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
Task: {C58B0219-F1AD-4B36-9ED6-C8600AE70DBB} - System32\Tasks\DLL-Files.Com Fixer_MONTHLY => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2014-06-10] (Dll-FIles.Com)
Task: {D8463B69-08D8-4A59-9402-D0E5BDD34072} - System32\Tasks\DLL-Files.Com Fixer_Updates => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2014-06-10] (Dll-FIles.Com)
Task: {DAE85597-8E91-4F3A-839E-F5FC61ADEA3C} - \e5267ec8-be49-4aef-baa2-c44e80b55b5c-5_user No Task File <==== ATTENTION
Task: {E047BCD1-7AA1-47BB-8058-28A8F86C7798} - System32\Tasks\RDReminder => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2014-06-10] (Dll-FIles.Com)
Task: {E1FC6C40-2EFC-4684-BB6C-C17F4B0A739A} - System32\Tasks\ReimageUpdater => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe <==== ATTENTION
Task: {E5794911-8604-4A00-9AF6-50A7E2048957} - System32\Tasks\RegClean Pro_DEFAULT => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: {E8CF4F78-4AD6-4A78-8368-6A26A519B8AC} - \e5267ec8-be49-4aef-baa2-c44e80b55b5c-2 No Task File <==== ATTENTION
Task: {FE16C24C-83C6-4BAE-8C2F-36BF80F1D2AC} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-11-22] (globalUpdate) <==== ATTENTION
Task: C:\WINDOWS\Tasks\24seven_savings_notification_service.job => C:\Program Files (x86)\24Seven savings\24seven_savings_notification_service.exeë/url='http:/cdn.selectbestopt.com/notf_sys/index.html' /crregname='24Seven savings' /appid='73143' /srcid='2913' /bic='b73a03625f0f165cf03444b926e3f3df' /verifier='48a0e1fa52541784ec089ecf13a5c7df' /installerversion='1.50.3.10' /statsdomain='http:/stats.buildomserv.com/data.gif?' /errorsdomain='http:/stats.buildomserv.com/data.gif?' /monetizationdomain='http:/logs.buildomserv.com/monetization.gif <==== ATTENTION
Task: C:\WINDOWS\Tasks\24seven_savings_updating_service.job => C:\Program Files (x86)\24Seven savings\24seven_savings_updating_service.exe° /campid=2913 /verid=1 /url=http:/cdn.buildomserv.com/txt/@CAMPID@/@VER@/file.txt /appid=73143 /taskname=24seven_savings_updating_service /funurl=http:/stats.buildomserv.com <==== ATTENTION
Task: C:\WINDOWS\Tasks\7f654964-c5d7-447f-9618-16c65ad26641-1.job => C:\Program Files (x86)\Radio Canyon\Radio Canyon-codedownloader.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\7f654964-c5d7-447f-9618-16c65ad26641-11.job => C:\Program Files (x86)\Radio Canyon\7f654964-c5d7-447f-9618-16c65ad26641-11.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\7f654964-c5d7-447f-9618-16c65ad26641-4.job => C:\Program Files (x86)\Radio Canyon\7f654964-c5d7-447f-9618-16c65ad26641-4.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\DLL-Files.Com Fixer_MONTHLY.job => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
Task: C:\WINDOWS\Tasks\DLL-Files.Com Fixer_Updates.job => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
Task: C:\WINDOWS\Tasks\dress4u_notification_service.job => C:\Program Files (x86)\dress4u\dress4u_notification_service.exeã/url='http:/cdn.selectbestopt.com/notf_sys/index.html' /crregname='dress4u' /appid='73143' /srcid='2913' /bic='b73a03625f0f165cf03444b926e3f3df' /verifier='48a0e1fa52541784ec089ecf13a5c7df' /installerversion='1.50.3.10' /statsdomain='http:/stats.buildomserv.com/data.gif?' /errorsdomain='http:/stats.buildomserv.com/data.gif?' /monetizationdomain='http:/logs.buildomserv.com/monetization.gif <==== ATTENTION
Task: C:\WINDOWS\Tasks\dress4u_updating_service.job => C:\Program Files (x86)\dress4u\dress4u_updating_service.exe¨ /campid=2913 /verid=1 /url=http:/cdn.buildomserv.com/txt/@CAMPID@/@VER@/file.txt /appid=73143 /taskname=dress4u_updating_service /funurl=http:/stats.buildomserv.com <==== ATTENTION
Task: C:\WINDOWS\Tasks\e5267ec8-be49-4aef-baa2-c44e80b55b5c-1.job => C:\Program Files (x86)\SavePass 1.1\SavePass 1.1-codedownloader.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\e5267ec8-be49-4aef-baa2-c44e80b55b5c-11.job => C:\Program Files (x86)\SavePass 1.1\e5267ec8-be49-4aef-baa2-c44e80b55b5c-11.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\e5267ec8-be49-4aef-baa2-c44e80b55b5c-2.job => C:\Program Files (x86)\SavePass 1.1\e5267ec8-be49-4aef-baa2-c44e80b55b5c-2.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\e5267ec8-be49-4aef-baa2-c44e80b55b5c-4.job => C:\Program Files (x86)\SavePass 1.1\e5267ec8-be49-4aef-baa2-c44e80b55b5c-4.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\e5267ec8-be49-4aef-baa2-c44e80b55b5c-5.job => C:\Program Files (x86)\SavePass 1.1\e5267ec8-be49-4aef-baa2-c44e80b55b5c-5.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\e5267ec8-be49-4aef-baa2-c44e80b55b5c-5_user.job => C:\Program Files (x86)\SavePass 1.1\e5267ec8-be49-4aef-baa2-c44e80b55b5c-5.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\RegClean Pro_DEFAULT.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\RegClean Pro_UPDATES.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\RHkCJgJsE7ROGeZd5Flh.job => C:\WINDOWS\system32\config\systemprofile\AppData\Roaming\RHkCJgJsE7ROGeZd5Flh.exe <==== ATTENTION


Une fois, le texte coller dans le bloc-note.
Menu Fichier puis Enregistrer sous.
A gauche, place toi sur le bureau.
Dans le champs en bas, nom du fichier mets : fixlist.txt
Clic sur Enregistrer - cela va créer un fichier fixlist.txt sur le bureau.

Relance FRST et clic sur le bouton Fix
Selon comment un redémarrage est nécessaire (pas obligatoire).
Un fichier texte apparaît, copie/colle le contenu ici dans un nouveau message.

Redémarre l'ordinateur


puis réinitialise tes navigateurs:
==================================
Réinitialise tes navigateurs et ou manuellement reparamètre tes navigateurs WEB (page de démarrage, moteur de recherche etc) mais aussi supprimer/désactiver les extensions inutiles/parasites :


0
Réponse 4 / 8
BRODAC Messages postés 6 Date d'inscription mardi 19 mai 2015 Statut Membre Dernière intervention 20 mai 2015
19 mai 2015 à 22:29
voici le fichier qui a été généré:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 19-05-2015
Ran by user at 2015-05-19 21:27:24 Run:1
Running from C:\Users\user\Desktop
Loaded Profiles: user (Available profiles: user)
Boot Mode: Normal
==============================================

Content of fixlist:

Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\C-cleaner.lnk [2015-05-11]
Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\VideoLAN.lnk [2015-05-11]
CHR Extension: (No Name) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgkkmcknielgdhebimdnfahpipajcpjn [2015-05-15]
2015-05-19 17:17 - 2015-05-19 17:17 - 00003014 _____ () C:\WINDOWS\System32\Tasks\DLL-Files.Com Fixer_Updates
2015-05-19 17:17 - 2015-05-19 17:17 - 00003000 _____ () C:\WINDOWS\System32\Tasks\DLL-Files.Com Fixer_MONTHLY
2015-05-19 17:17 - 2015-05-19 17:17 - 00000302 _____ () C:\WINDOWS\Tasks\DLL-Files.Com Fixer_Updates.job
2015-05-19 17:17 - 2015-05-19 17:17 - 00000286 _____ () C:\WINDOWS\Tasks\DLL-Files.Com Fixer_MONTHLY.job
2015-05-19 17:17 - 2015-05-19 17:17 - 00000000 ____D () C:\Users\user\AppData\Roaming\dll-files.com
2015-05-19 17:17 - 2015-05-19 17:34 - 00001110 _____ () C:\Users\Public\Desktop\Dll-Files Fixer.lnk
2015-05-19 17:56 - 2015-04-02 20:56 - 00001310 _____ () C:\WINDOWS\Tasks\dress4u_notification_service.job
2015-05-17 20:11 - 2014-09-15 17:40 - 00000000 ____D () C:\Users\user\Documents\Youcam
2015-05-17 15:01 - 2014-10-25 12:34 - 00000290 _____ () C:\WINDOWS\Tasks\RegClean Pro_DEFAULT.job
2015-05-16 08:10 - 2015-04-02 20:56 - 00000000 ____D () C:\Program Files (x86)\dress4u
Task: {0D19ABC0-036B-4932-A252-8A656D5AFA1C} - System32\Tasks\{C2A2FE58-26C2-415E-9E6C-A4B71EFD3DD6} => pcalua.exe -a C:\Users\user\AppData\Roaming\webssearches\UninstallManager.exe -c -ptid=scl <==== ATTENTION
Task: {10F001B8-E047-4437-9E84-CC325C7D18A7} - System32\Tasks\HostSecure2 => C:\Program
Task: {1768A903-CDEC-4CF1-983E-9D7E85EAF4FA} - \e5267ec8-be49-4aef-baa2-c44e80b55b5c-5 No Task File <==== ATTENTION
Task: {1B248587-983E-4020-B12D-A32B2D521FD2} - System32\Tasks\7f654964-c5d7-447f-9618-16c65ad26641-1 => C:\Program Files (x86)\Radio Canyon\Radio Canyon-codedownloader.exe <==== ATTENTION
Task: {2212CC4D-328A-414C-AFCA-1F7326369C23} - System32\Tasks\RegClean Pro_UPDATES => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: {2BF48DE9-E8BF-4D30-AC19-95EC5DD1F285} - System32\Tasks\24seven_savings_notification_service => C:\Program Files (x86)\24Seven savings\24seven_savings_notification_service.exe [2015-04-02] (FileProperties_CompanyName) <==== ATTENTION
Task: {316E8668-41B3-4A50-99B3-0B88BD2809F7} - \24seven_savings_updating_service No Task File <==== ATTENTION
Task: {3B2EEA54-62AF-4BFB-A837-4CDCAA704830} - System32\Tasks\Advanced System Protector => C:\Program Files (x86)\RegClean Pro\SystweakASP.exe <==== ATTENTION
Task: {4971F222-1967-4EB6-941C-7AE7A6A4D1F8} - \Installer_ytd No Task File <==== ATTENTION
Task: {4E48ECF2-088C-4FBA-9A7D-E50D654F6755} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2014-09-15] ()
Task: {5C18E13A-4CFF-40E0-AEE0-1896C605265D} - \dress4u_updating_service No Task File <==== ATTENTION
Task: {646B4D95-6A77-4278-B783-B4BCD3F2C794} - System32\Tasks\SecureHost => C:\Program
Task: {66B680BA-1DE8-489D-B77E-1D66B9A29ECC} - System32\Tasks\{D05C31C9-7332-42EE-941A-BB8DB6D75646} => pcalua.exe -a "C:\Windows\San Andreas Mod Installer\uninstall.exe" -c "/U:C:\Program Files (x86)\San Andreas Mod Installer\Uninstall\uninstall.xml"
Task: {722525D4-5A3B-449F-8084-6898CD5A5EB2} - System32\Tasks\RegClean Pro => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: {8F28128B-232B-4028-80D5-AFAA360ADE00} - \e5267ec8-be49-4aef-baa2-c44e80b55b5c-1 No Task File <==== ATTENTION
Task: {8FA96C03-8151-43B5-870B-F8954B43CF61} - \7f654964-c5d7-447f-9618-16c65ad26641-4 No Task File <==== ATTENTION
Task: {94F20600-64AB-49E3-BCB7-5D15EFE44DCA} - System32\Tasks\{80B390C2-E8EA-464E-839C-65E617002147} => pcalua.exe -a C:\Users\user\AppData\Roaming\mystartsearch\UninstallManager.exe -c -ptid=smt
Task: {A4A0F8E9-D55A-4953-8F56-55996060BCF7} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-11-22] (globalUpdate) <==== ATTENTION
Task: {A4EB1FD8-3897-48B2-BE53-DA6118141A20} - \7f654964-c5d7-447f-9618-16c65ad26641-11 No Task File <==== ATTENTION
Task: {B714B321-2A88-4469-83B3-303825159318} - \e5267ec8-be49-4aef-baa2-c44e80b55b5c-4 No Task File <==== ATTENTION
Task: {B90889AD-37D4-423B-BAF4-12E5018BA789} - System32\Tasks\dress4u_notification_service => C:\Program Files (x86)\dress4u\dress4u_notification_service.exe <==== ATTENTION
Task: {C05F8B8C-2B89-4327-AA50-C5A129CD76C0} - \e5267ec8-be49-4aef-baa2-c44e80b55b5c-11 No Task File <==== ATTENTION
Task: {C440E4C8-264F-4FE0-B65E-B58BA09AD6A0} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
Task: {C58B0219-F1AD-4B36-9ED6-C8600AE70DBB} - System32\Tasks\DLL-Files.Com Fixer_MONTHLY => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2014-06-10] (Dll-FIles.Com)
Task: {D8463B69-08D8-4A59-9402-D0E5BDD34072} - System32\Tasks\DLL-Files.Com Fixer_Updates => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2014-06-10] (Dll-FIles.Com)
Task: {DAE85597-8E91-4F3A-839E-F5FC61ADEA3C} - \e5267ec8-be49-4aef-baa2-c44e80b55b5c-5_user No Task File <==== ATTENTION
Task: {E047BCD1-7AA1-47BB-8058-28A8F86C7798} - System32\Tasks\RDReminder => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2014-06-10] (Dll-FIles.Com)
Task: {E1FC6C40-2EFC-4684-BB6C-C17F4B0A739A} - System32\Tasks\ReimageUpdater => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe <==== ATTENTION
Task: {E5794911-8604-4A00-9AF6-50A7E2048957} - System32\Tasks\RegClean Pro_DEFAULT => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: {E8CF4F78-4AD6-4A78-8368-6A26A519B8AC} - \e5267ec8-be49-4aef-baa2-c44e80b55b5c-2 No Task File <==== ATTENTION
Task: {FE16C24C-83C6-4BAE-8C2F-36BF80F1D2AC} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-11-22] (globalUpdate) <==== ATTENTION
Task: C:\WINDOWS\Tasks\24seven_savings_notification_service.job => C:\Program Files (x86)\24Seven savings\24seven_savings_notification_service.exeë/url='http:/cdn.selectbestopt.com/notf_sys/index.html' /crregname='24Seven savings' /appid='73143' /srcid='2913' /bic='b73a03625f0f165cf03444b926e3f3df' /verifier='48a0e1fa52541784ec089ecf13a5c7df' /installerversion='1.50.3.10' /statsdomain='http:/stats.buildomserv.com/data.gif?' /errorsdomain='http:/stats.buildomserv.com/data.gif?' /monetizationdomain='http:/logs.buildomserv.com/monetization.gif <==== ATTENTION
Task: C:\WINDOWS\Tasks\24seven_savings_updating_service.job => C:\Program Files (x86)\24Seven savings\24seven_savings_updating_service.exe° /campid=2913 /verid=1 /url=http:/cdn.buildomserv.com/txt/@CAMPID@/@VER@/file.txt /appid=73143 /taskname=24seven_savings_updating_service /funurl=http:/stats.buildomserv.com <==== ATTENTION
Task: C:\WINDOWS\Tasks\7f654964-c5d7-447f-9618-16c65ad26641-1.job => C:\Program Files (x86)\Radio Canyon\Radio Canyon-codedownloader.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\7f654964-c5d7-447f-9618-16c65ad26641-11.job => C:\Program Files (x86)\Radio Canyon\7f654964-c5d7-447f-9618-16c65ad26641-11.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\7f654964-c5d7-447f-9618-16c65ad26641-4.job => C:\Program Files (x86)\Radio Canyon\7f654964-c5d7-447f-9618-16c65ad26641-4.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\DLL-Files.Com Fixer_MONTHLY.job => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
Task: C:\WINDOWS\Tasks\DLL-Files.Com Fixer_Updates.job => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
Task: C:\WINDOWS\Tasks\dress4u_notification_service.job => C:\Program Files (x86)\dress4u\dress4u_notification_service.exeã/url='http:/cdn.selectbestopt.com/notf_sys/index.html' /crregname='dress4u' /appid='73143' /srcid='2913' /bic='b73a03625f0f165cf03444b926e3f3df' /verifier='48a0e1fa52541784ec089ecf13a5c7df' /installerversion='1.50.3.10' /statsdomain='http:/stats.buildomserv.com/data.gif?' /errorsdomain='http:/stats.buildomserv.com/data.gif?' /monetizationdomain='http:/logs.buildomserv.com/monetization.gif <==== ATTENTION
Task: C:\WINDOWS\Tasks\dress4u_updating_service.job => C:\Program Files (x86)\dress4u\dress4u_updating_service.exe¨ /campid=2913 /verid=1 /url=http:/cdn.buildomserv.com/txt/@CAMPID@/@VER@/file.txt /appid=73143 /taskname=dress4u_updating_service /funurl=http:/stats.buildomserv.com <==== ATTENTION
Task: C:\WINDOWS\Tasks\e5267ec8-be49-4aef-baa2-c44e80b55b5c-1.job => C:\Program Files (x86)\SavePass 1.1\SavePass 1.1-codedownloader.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\e5267ec8-be49-4aef-baa2-c44e80b55b5c-11.job => C:\Program Files (x86)\SavePass 1.1\e5267ec8-be49-4aef-baa2-c44e80b55b5c-11.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\e5267ec8-be49-4aef-baa2-c44e80b55b5c-2.job => C:\Program Files (x86)\SavePass 1.1\e5267ec8-be49-4aef-baa2-c44e80b55b5c-2.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\e5267ec8-be49-4aef-baa2-c44e80b55b5c-4.job => C:\Program Files (x86)\SavePass 1.1\e5267ec8-be49-4aef-baa2-c44e80b55b5c-4.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\e5267ec8-be49-4aef-baa2-c44e80b55b5c-5.job => C:\Program Files (x86)\SavePass 1.1\e5267ec8-be49-4aef-baa2-c44e80b55b5c-5.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\e5267ec8-be49-4aef-baa2-c44e80b55b5c-5_user.job => C:\Program Files (x86)\SavePass 1.1\e5267ec8-be49-4aef-baa2-c44e80b55b5c-5.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\RegClean Pro_DEFAULT.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\RegClean Pro_UPDATES.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\RHkCJgJsE7ROGeZd5Flh.job => C:\WINDOWS\system32\config\systemprofile\AppData\Roaming\RHkCJgJsE7ROGeZd5Flh.exe <==== ATTENTION


C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\C-cleaner.lnk => Moved successfully.
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\VideoLAN.lnk => Moved successfully.
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgkkmcknielgdhebimdnfahpipajcpjn => Moved successfully.
"C:\WINDOWS\System32\Tasks\DLL-Files.Com Fixer_Updates" => File/Directory not found.
"C:\WINDOWS\System32\Tasks\DLL-Files.Com Fixer_MONTHLY" => File/Directory not found.
"C:\WINDOWS\Tasks\DLL-Files.Com Fixer_Updates.job" => File/Directory not found.
"C:\WINDOWS\Tasks\DLL-Files.Com Fixer_MONTHLY.job" => File/Directory not found.
"C:\Users\user\AppData\Roaming\dll-files.com" => File/Directory not found.
"C:\Users\Public\Desktop\Dll-Files Fixer.lnk" => File/Directory not found.
C:\WINDOWS\Tasks\dress4u_notification_service.job => Moved successfully.
C:\Users\user\Documents\Youcam => Moved successfully.
C:\WINDOWS\Tasks\RegClean Pro_DEFAULT.job => Moved successfully.
C:\Program Files (x86)\dress4u => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0D19ABC0-036B-4932-A252-8A656D5AFA1C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0D19ABC0-036B-4932-A252-8A656D5AFA1C}" => Key deleted successfully.
C:\Windows\System32\Tasks\{C2A2FE58-26C2-415E-9E6C-A4B71EFD3DD6} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C2A2FE58-26C2-415E-9E6C-A4B71EFD3DD6}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{10F001B8-E047-4437-9E84-CC325C7D18A7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{10F001B8-E047-4437-9E84-CC325C7D18A7}" => Key deleted successfully.
C:\Windows\System32\Tasks\HostSecure2 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HostSecure2" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1768A903-CDEC-4CF1-983E-9D7E85EAF4FA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1768A903-CDEC-4CF1-983E-9D7E85EAF4FA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\e5267ec8-be49-4aef-baa2-c44e80b55b5c-5" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1B248587-983E-4020-B12D-A32B2D521FD2}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1B248587-983E-4020-B12D-A32B2D521FD2}" => Key deleted successfully.
C:\Windows\System32\Tasks\7f654964-c5d7-447f-9618-16c65ad26641-1 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\7f654964-c5d7-447f-9618-16c65ad26641-1" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2212CC4D-328A-414C-AFCA-1F7326369C23}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2212CC4D-328A-414C-AFCA-1F7326369C23}" => Key deleted successfully.
C:\Windows\System32\Tasks\RegClean Pro_UPDATES => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RegClean Pro_UPDATES" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2BF48DE9-E8BF-4D30-AC19-95EC5DD1F285}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2BF48DE9-E8BF-4D30-AC19-95EC5DD1F285}" => Key deleted successfully.
C:\Windows\System32\Tasks\24seven_savings_notification_service => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\24seven_savings_notification_service" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{316E8668-41B3-4A50-99B3-0B88BD2809F7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{316E8668-41B3-4A50-99B3-0B88BD2809F7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\24seven_savings_updating_service" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3B2EEA54-62AF-4BFB-A837-4CDCAA704830}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3B2EEA54-62AF-4BFB-A837-4CDCAA704830}" => Key deleted successfully.
C:\Windows\System32\Tasks\Advanced System Protector => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Advanced System Protector" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4971F222-1967-4EB6-941C-7AE7A6A4D1F8}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4971F222-1967-4EB6-941C-7AE7A6A4D1F8}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Installer_ytd" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{4E48ECF2-088C-4FBA-9A7D-E50D654F6755}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4E48ECF2-088C-4FBA-9A7D-E50D654F6755}" => Key deleted successfully.
C:\Windows\System32\Tasks\AutoKMS => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5C18E13A-4CFF-40E0-AEE0-1896C605265D}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5C18E13A-4CFF-40E0-AEE0-1896C605265D}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\dress4u_updating_service" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{646B4D95-6A77-4278-B783-B4BCD3F2C794}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{646B4D95-6A77-4278-B783-B4BCD3F2C794}" => Key deleted successfully.
C:\Windows\System32\Tasks\SecureHost => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SecureHost" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{66B680BA-1DE8-489D-B77E-1D66B9A29ECC}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{66B680BA-1DE8-489D-B77E-1D66B9A29ECC}" => Key deleted successfully.
C:\Windows\System32\Tasks\{D05C31C9-7332-42EE-941A-BB8DB6D75646} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D05C31C9-7332-42EE-941A-BB8DB6D75646}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{722525D4-5A3B-449F-8084-6898CD5A5EB2}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{722525D4-5A3B-449F-8084-6898CD5A5EB2}" => Key deleted successfully.
C:\Windows\System32\Tasks\RegClean Pro => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RegClean Pro" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8F28128B-232B-4028-80D5-AFAA360ADE00}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8F28128B-232B-4028-80D5-AFAA360ADE00}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\e5267ec8-be49-4aef-baa2-c44e80b55b5c-1" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8FA96C03-8151-43B5-870B-F8954B43CF61}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8FA96C03-8151-43B5-870B-F8954B43CF61}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\7f654964-c5d7-447f-9618-16c65ad26641-4" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{94F20600-64AB-49E3-BCB7-5D15EFE44DCA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{94F20600-64AB-49E3-BCB7-5D15EFE44DCA}" => Key deleted successfully.
C:\Windows\System32\Tasks\{80B390C2-E8EA-464E-839C-65E617002147} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{80B390C2-E8EA-464E-839C-65E617002147}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A4A0F8E9-D55A-4953-8F56-55996060BCF7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A4A0F8E9-D55A-4953-8F56-55996060BCF7}" => Key deleted successfully.
C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineCore" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A4EB1FD8-3897-48B2-BE53-DA6118141A20}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A4EB1FD8-3897-48B2-BE53-DA6118141A20}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\7f654964-c5d7-447f-9618-16c65ad26641-11" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B714B321-2A88-4469-83B3-303825159318}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B714B321-2A88-4469-83B3-303825159318}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\e5267ec8-be49-4aef-baa2-c44e80b55b5c-4" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B90889AD-37D4-423B-BAF4-12E5018BA789}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B90889AD-37D4-423B-BAF4-12E5018BA789}" => Key deleted successfully.
C:\Windows\System32\Tasks\dress4u_notification_service => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\dress4u_notification_service" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C05F8B8C-2B89-4327-AA50-C5A129CD76C0}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C05F8B8C-2B89-4327-AA50-C5A129CD76C0}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\e5267ec8-be49-4aef-baa2-c44e80b55b5c-11" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C440E4C8-264F-4FE0-B65E-B58BA09AD6A0}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C440E4C8-264F-4FE0-B65E-B58BA09AD6A0}" => Key deleted successfully.
C:\Windows\System32\Tasks\LaunchSignup => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LaunchSignup" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C58B0219-F1AD-4B36-9ED6-C8600AE70DBB} => Key not found.
C:\Windows\System32\Tasks\DLL-Files.Com Fixer_MONTHLY not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DLL-Files.Com Fixer_MONTHLY => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D8463B69-08D8-4A59-9402-D0E5BDD34072} => Key not found.
C:\Windows\System32\Tasks\DLL-Files.Com Fixer_Updates not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DLL-Files.Com Fixer_Updates => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DAE85597-8E91-4F3A-839E-F5FC61ADEA3C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DAE85597-8E91-4F3A-839E-F5FC61ADEA3C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\e5267ec8-be49-4aef-baa2-c44e80b55b5c-5_user" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E047BCD1-7AA1-47BB-8058-28A8F86C7798} => Key not found.
C:\Windows\System32\Tasks\RDReminder not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RDReminder => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E1FC6C40-2EFC-4684-BB6C-C17F4B0A739A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E1FC6C40-2EFC-4684-BB6C-C17F4B0A739A}" => Key deleted successfully.
C:\Windows\System32\Tasks\ReimageUpdater => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ReimageUpdater" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E5794911-8604-4A00-9AF6-50A7E2048957}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E5794911-8604-4A00-9AF6-50A7E2048957}" => Key deleted successfully.
C:\Windows\System32\Tasks\RegClean Pro_DEFAULT => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RegClean Pro_DEFAULT" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E8CF4F78-4AD6-4A78-8368-6A26A519B8AC}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E8CF4F78-4AD6-4A78-8368-6A26A519B8AC}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\e5267ec8-be49-4aef-baa2-c44e80b55b5c-2" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FE16C24C-83C6-4BAE-8C2F-36BF80F1D2AC}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FE16C24C-83C6-4BAE-8C2F-36BF80F1D2AC}" => Key deleted successfully.
C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineUA" => Key deleted successfully.
C:\WINDOWS\Tasks\24seven_savings_notification_service.job => Moved successfully.
C:\WINDOWS\Tasks\24seven_savings_updating_service.job => Moved successfully.
C:\WINDOWS\Tasks\7f654964-c5d7-447f-9618-16c65ad26641-1.job => Moved successfully.
C:\WINDOWS\Tasks\7f654964-c5d7-447f-9618-16c65ad26641-11.job => Moved successfully.
C:\WINDOWS\Tasks\7f654964-c5d7-447f-9618-16c65ad26641-4.job => Moved successfully.
C:\WINDOWS\Tasks\DLL-Files.Com Fixer_MONTHLY.job not found.
C:\WINDOWS\Tasks\DLL-Files.Com Fixer_Updates.job not found.
C:\WINDOWS\Tasks\dress4u_notification_service.job not found.
C:\WINDOWS\Tasks\dress4u_updating_service.job => Moved successfully.
C:\WINDOWS\Tasks\e5267ec8-be49-4aef-baa2-c44e80b55b5c-1.job => Moved successfully.
C:\WINDOWS\Tasks\e5267ec8-be49-4aef-baa2-c44e80b55b5c-11.job => Moved successfully.
C:\WINDOWS\Tasks\e5267ec8-be49-4aef-baa2-c44e80b55b5c-2.job => Moved successfully.
C:\WINDOWS\Tasks\e5267ec8-be49-4aef-baa2-c44e80b55b5c-4.job => Moved successfully.
C:\WINDOWS\Tasks\e5267ec8-be49-4aef-baa2-c44e80b55b5c-5.job => Moved successfully.
C:\WINDOWS\Tasks\e5267ec8-be49-4aef-baa2-c44e80b55b5c-5_user.job => Moved successfully.
C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job => Moved successfully.
C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job => Moved successfully.
C:\WINDOWS\Tasks\RegClean Pro_DEFAULT.job not found.
C:\WINDOWS\Tasks\RegClean Pro_UPDATES.job => Moved successfully.
C:\WINDOWS\Tasks\RHkCJgJsE7ROGeZd5Flh.job => Moved successfully.

End of Fixlog 21:27:27

0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 8
BRODAC Messages postés 6 Date d'inscription mardi 19 mai 2015 Statut Membre Dernière intervention 20 mai 2015
19 mai 2015 à 22:38
je viens juste de redemarrer et les messages d'erreurs n'aparaisssent plus. je tiens vraiment à vous remercier c'est pour moi un soulagement.

Je vais apporter les corrections suplémentaires dont vous m'avez fait part.
0
Réponse 6 / 8
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 656
19 mai 2015 à 22:47
oui,
tu avais pas mal d'adwares,

évite aussi d'installer les programmes de nettoyage etc, ça sert à rien.
A lire : Nettoyeur et Défragmenteur : ça sert à rien !

~~

Voila, c'est terminé, tu peux supprimer les programmes utilisés.

Quelques conseils :


Pour prévenir les sites malicieux, tu peux installer Blockulicious : https://forum.malekal.com/viewtopic.php?t=46656&start=


Pour ne plus te faire avoir.
A lire - Programmes parasites / PUPs : https://www.malekal.com/adwares-pup-protection/
(Surtout active les détections LPIs pour détecter les programmes parasites et publicitaires)


Le reste de la sécurité : http://forum.malekal.com/comment-securiser-son-ordinateur.html


0
BRODAC Messages postés 6 Date d'inscription mardi 19 mai 2015 Statut Membre Dernière intervention 20 mai 2015
20 mai 2015 à 21:58
Salut,
0
BRODAC Messages postés 6 Date d'inscription mardi 19 mai 2015 Statut Membre Dernière intervention 20 mai 2015
20 mai 2015 à 21:58
Salut,
0
Réponse 7 / 8
Julie
9 juin 2015 à 13:53
Bonjour,

J'ai exactement le même problème que Brodac (également suite à l'utilisation d'une clé USB). J'ai donc suivi vos conseils, et voici les liens des 3 rapports FRST :
FRST : http://pjjoint.malekal.com/files.php?id=FRST_20150609_h10l9m13i15h11
Shortcut : http://pjjoint.malekal.com/files.php?id=20150609_m9i86q11x14
Addition : http://pjjoint.malekal.com/files.php?id=20150609_k15w12j5j56

Je vous serais infiniment reconnaissante si vous pouviez me dire ce que je dois faire ensuite !

Merci d'avance
Julie
0
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 656
Modifié par Malekal_morte- le 9/06/2015 à 14:03
Salut Julie,

3 choses à faire :

Voici la correction à effectuer avec FRST.
Tu peux t'inspirer de cette note explicative avec des captures d'écran pour t'aider: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/#fix

Ouvre le bloc-notes : Touche Windows + R, dans le champs executer, tape notepad et OK.
Copie/colle dedans ce qui suit :

Startup: C:\Users\Julie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\C-cleaner.lnk [2015-06-07]
Startup: C:\Users\Julie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\VideoLAN.lnk [2015-06-07]


Une fois, le texte coller dans le bloc-note.
Menu Fichier puis Enregistrer sous.
A gauche, place toi sur le bureau.
Dans le champs en bas, nom du fichier mets : fixlist.txt
Clic sur Enregistrer - cela va créer un fichier fixlist.txt sur le bureau.

Relance FRST et clic sur le bouton Fix
Selon comment un redémarrage est nécessaire (pas obligatoire).
Un fichier texte apparaît, copie/colle le contenu ici dans un nouveau message.

Redémarre l'ordinateur

~~

Désactive les scripts VBS / WSH, comme expliqué sur le dossier : Malware VBS/WSH


~~

Désinstalle Microsoft Security Essentials.

installe Avast! : https://www.malekal.com/tutoriel-antivirus-avast/
(Surtout active les détections LPIs pour détecter les programmes parasites et publicitaires)

Scanne tes clefs USB avec.
0
Julie
9 juin 2015 à 14:16
Ouah, merci pour cette réponse super rapide, c'est magique !

Voilà le fichier texte obtenu après l'opération Fix sur FRST :

Fix result of Farbar Recovery Scan Tool (x64) Version:08-06-2015
Ran by TOSHIBA at 2015-06-09 14:14:27 Run:1
Running from C:\Users\Julie\Desktop
Loaded Profiles: TOSHIBA (Available Profiles: TOSHIBA)
Boot Mode: Normal
==============================================

fixlist content:

Startup: C:\Users\Julie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\C-cleaner.lnk [2015-06-07]
Startup: C:\Users\Julie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\VideoLAN.lnk [2015-06-07]


C:\Users\Julie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\C-cleaner.lnk => moved successfully.
C:\Users\Julie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\VideoLAN.lnk => moved successfully.

End of Fixlog 14:14:28

0
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 656
9 juin 2015 à 15:04
voilou fais le reste =)
0
Julie
9 juin 2015 à 15:11
Ayé, j'ai tout fait ! Merci mille fois !
Je suis en train de paramétrer Avast.
Est-ce que je peux supprimer les 4 fichiers text FRST, Addition, Shortcut et Fixlog ? Et supprimer aussi FRST64 ?

Vraiment merci, heureusement qu'il y a des gens comme toi qui filent un coup de main sur les forums, c'est salvateur !

Bonne jourée
Julie
0
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 656
Modifié par Malekal_morte- le 9/06/2015 à 15:14
yep =)


Le reste de la sécurité : http://forum.malekal.com/comment-securiser-son-ordinateur.html
0
Réponse 8 / 8
yac85
8 juil. 2015 à 01:16
Bonjour,

J'ai aussi le même problème et je vous serais très reconnaissant si vous pouviez me dire ce que je dois faire. J'ai suivi vos conseil et voici les liens des trois rapports :
FRST : http://pjjoint.malekal.com/files.php?id=20150708_f11y8o11u10y5

Shortcut : http://pjjoint.malekal.com/files.php?id=20150708_i9u1015p8c12

Addition : http://pjjoint.malekal.com/files.php?id=20150708_v15x7b10o9k11

Je vous remercie d'avance,

Yacine.
0
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 656
23 juil. 2015 à 07:41
Salut yac85,



Voici la correction à effectuer avec FRST.
Tu peux t'inspirer de cette note explicative avec des captures d'écran pour t'aider: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/#fix

Ouvre le bloc-notes : Touche Windows + R, dans le champs executer, tape notepad et OK.
Copie/colle dedans ce qui suit :

HKU\S-1-5-21-3685164045-1703041694-2844289967-1000\...\Run: [Chat-Landmessenger] => C:\Users\Yacine\chat-land\messenger.exe
Startup: C:\Users\Yacine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\C-cleaner.lnk [2015-06-07]
Startup: C:\Users\Yacine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\VideoLAN.lnk [2015-06-07]
2015-06-30 20:53 - 2015-06-30 20:53 - 00003234 _____ C:\Windows\System32\Tasks\ReclaimerResumeInstall_Yacine
2015-06-30 20:53 - 2015-06-30 20:53 - 00003206 _____ C:\Windows\System32\Tasks\ReclaimerResumeInstallLogin_Yacine
Task: {8A94534D-CB33-46FE-A4B6-7E36E5931D93} - System32\Tasks\Searchya => C:\Users\Yacine\AppData\Roaming\Searchya\UPDATE~1\UPDATE~1.EXE <==== ATTENTION


Une fois, le texte coller dans le bloc-note.
Menu Fichier puis Enregistrer sous.
A gauche, place toi sur le bureau.F
Dans le champs en bas, nom du fichier mets : fixlist.txt
Clic sur Enregistrer - cela va créer un fichier fixlist.txt sur le bureau.

Relance FRST et clic sur le bouton Fix
Selon comment un redémarrage est nécessaire (pas obligatoire).
Un fichier texte apparaît, copie/colle le contenu ici dans un nouveau message.

Redémarre l'ordinateur


puis réinitialise tes navigateurs:
==================================
Réinitialise tes navigateurs et ou manuellement reparamètre tes navigateurs WEB (page de démarrage, moteur de recherche etc) mais aussi supprimer/désactiver les extensions inutiles/parasites :
0