Bonjour, mon pc est infecté par un minerd.exe, pas moyen de m'en débarrasser après divers scans Malwarebytes et autre Ccleaner. J'ai aussi supprimé la plupart des spywares je pense, mais minerd revient toujours et me pompe 98% de mon CPU :'( et c'est de plus en plus fréquent, maintenant il se lance toutes les 5 min...
Voici le lien de mon rapport OTL, merci pour votre aide!
http://pjjoint.malekal.com/files.php?id ... 2b14p12k15
[RESOLU] Encore minerd.exe......
Modérateurs : Mods Windows, Helper
[RESOLU] Encore minerd.exe......
Dernière modification par GIJoel le 27 févr. 2015 21:13, modifié 1 fois.
- Messages : 31840
- Inscription : 28 févr. 2008 13:58
- Localisation : Breizhilienne
Re: Encore minerd.exe......
➫ relançe OTL , Copies et colles le contenue de cette citation ci dessous (en commençant bien à :OTL , les : inclus devant OTL jusqu'à [emptytemp] inclus) dans la partie inférieure d'OTL sous "Personalisation"
et cette fois ci clic CORRECTION
et cette fois ci clic CORRECTION
» Un rapport texte apparrait au redemarrage du pc, poste le:OTL
[2015/02/27 11:00:00 | 000,002,649 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Power Start.lnk
[2015/02/27 11:00:00 | 000,002,625 | ---- | M] () -- C:\Users\Public\Desktop\TowerFall Ascension.lnk
[2015/02/27 11:00:00 | 000,002,555 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Windows Explorer.lnk
[2015/02/27 11:00:00 | 000,002,555 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Win_Login.lnk
[2014/12/04 22:01:58 | 000,000,000 | ---D | C] -- C:\Users\Jojo\AppData\Roaming\BrawlhallaAir
[2014/12/01 11:24:03 | 000,000,000 | ---D | C] -- C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
[2014/10/25 09:02:29 | 000,000,000 | ---D | C] -- C:\Users\Jojo\AppData\Roaming\eCyber
[2014/09/11 02:15:22 | 000,000,000 | ---D | C] -- C:\ProgramData\PrinnceCoupon
[2014/08/29 09:48:00 | 000,000,000 | ---D | C] -- C:\Users\Jojo\AppData\Roaming\Probit Software
[2014/08/28 20:45:14 | 000,000,000 | ---D | C] -- C:\Users\Jojo\AppData\Roaming\ap_logs
[2014/08/28 20:44:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AnyProtectEx
[2014/08/28 19:35:51 | 000,000,000 | ---D | C] -- C:\Users\Jojo\AppData\Local\globalUpdate
[2014/08/28 19:35:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\globalUpdate
[2014/08/28 19:34:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Easy Speed Check
[2014/08/22 07:24:25 | 000,000,000 | ---D | C] -- C:\ProgramData\9459640ad56cab72
:files
C:\Windows\Windows Explorer.exe
C:\Windows\tasks\APSnotifierPP*.job
:commands
[emptytemp]
Avec Gnu_Linux t'as un Noyau ... avec Ѡindows t'as que les pépins
https://helicium.altervista.org/
Supprimer les "virus" gratuitement http://www.supprimer-trojan.com/
Un p'tit Don à Angélique
Merci.
https://helicium.altervista.org/
Supprimer les "virus" gratuitement http://www.supprimer-trojan.com/
Un p'tit Don à Angélique
Merci.Re: Encore minerd.exe......
Merci beaucoup angelique, tu as sauvé ma journée mon pc a l'air de tourner normalement maintenant (:
Le rapport:
All processes killed
========== OTL ==========
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Power Start.lnk moved successfully.
C:\Users\Public\Desktop\TowerFall Ascension.lnk moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Windows Explorer.lnk moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Win_Login.lnk moved successfully.
C:\Users\Jojo\AppData\Roaming\BrawlhallaAir\Local Store\#SharedObjects folder moved successfully.
C:\Users\Jojo\AppData\Roaming\BrawlhallaAir\Local Store folder moved successfully.
C:\Users\Jojo\AppData\Roaming\BrawlhallaAir\#airversion folder moved successfully.
C:\Users\Jojo\AppData\Roaming\BrawlhallaAir folder moved successfully.
C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7\x64\x64 folder moved successfully.
C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7\x64 folder moved successfully.
C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7 folder moved successfully.
C:\Users\Jojo\AppData\Roaming\eCyber\log folder moved successfully.
C:\Users\Jojo\AppData\Roaming\eCyber folder moved successfully.
C:\ProgramData\PrinnceCoupon folder moved successfully.
C:\Users\Jojo\AppData\Roaming\Probit Software folder moved successfully.
C:\Users\Jojo\AppData\Roaming\ap_logs folder moved successfully.
C:\Program Files (x86)\AnyProtectEx folder moved successfully.
C:\Users\Jojo\AppData\Local\globalUpdate\CrashReports folder moved successfully.
C:\Users\Jojo\AppData\Local\globalUpdate folder moved successfully.
C:\Program Files (x86)\globalUpdate\CrashReports folder moved successfully.
C:\Program Files (x86)\globalUpdate folder moved successfully.
C:\Program Files (x86)\Easy Speed Check folder moved successfully.
C:\ProgramData\9459640ad56cab72 folder moved successfully.
========== FILES ==========
C:\Windows\Windows Explorer.exe moved successfully.
C:\Windows\tasks\APSnotifierPP1.job moved successfully.
C:\Windows\tasks\APSnotifierPP2.job moved successfully.
C:\Windows\tasks\APSnotifierPP3.job moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Invité
->Temp folder emptied: 49931639 bytes
->Temporary Internet Files folder emptied: 1323413 bytes
->Google Chrome cache emptied: 137655957 bytes
->Flash cache emptied: 3031 bytes
User: Jojo
->Temp folder emptied: 63798176 bytes
->Temporary Internet Files folder emptied: 500513 bytes
->Java cache emptied: 1238010 bytes
->Google Chrome cache emptied: 387633330 bytes
->Flash cache emptied: 511 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 71371909 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
RecycleBin emptied: 654520 bytes
Total Files Cleaned = 681,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 02272015_152022
Files\Folders moved on Reboot...
C:\Users\Jojo\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
Le rapport:
All processes killed
========== OTL ==========
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Power Start.lnk moved successfully.
C:\Users\Public\Desktop\TowerFall Ascension.lnk moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Windows Explorer.lnk moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Win_Login.lnk moved successfully.
C:\Users\Jojo\AppData\Roaming\BrawlhallaAir\Local Store\#SharedObjects folder moved successfully.
C:\Users\Jojo\AppData\Roaming\BrawlhallaAir\Local Store folder moved successfully.
C:\Users\Jojo\AppData\Roaming\BrawlhallaAir\#airversion folder moved successfully.
C:\Users\Jojo\AppData\Roaming\BrawlhallaAir folder moved successfully.
C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7\x64\x64 folder moved successfully.
C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7\x64 folder moved successfully.
C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7 folder moved successfully.
C:\Users\Jojo\AppData\Roaming\eCyber\log folder moved successfully.
C:\Users\Jojo\AppData\Roaming\eCyber folder moved successfully.
C:\ProgramData\PrinnceCoupon folder moved successfully.
C:\Users\Jojo\AppData\Roaming\Probit Software folder moved successfully.
C:\Users\Jojo\AppData\Roaming\ap_logs folder moved successfully.
C:\Program Files (x86)\AnyProtectEx folder moved successfully.
C:\Users\Jojo\AppData\Local\globalUpdate\CrashReports folder moved successfully.
C:\Users\Jojo\AppData\Local\globalUpdate folder moved successfully.
C:\Program Files (x86)\globalUpdate\CrashReports folder moved successfully.
C:\Program Files (x86)\globalUpdate folder moved successfully.
C:\Program Files (x86)\Easy Speed Check folder moved successfully.
C:\ProgramData\9459640ad56cab72 folder moved successfully.
========== FILES ==========
C:\Windows\Windows Explorer.exe moved successfully.
C:\Windows\tasks\APSnotifierPP1.job moved successfully.
C:\Windows\tasks\APSnotifierPP2.job moved successfully.
C:\Windows\tasks\APSnotifierPP3.job moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Invité
->Temp folder emptied: 49931639 bytes
->Temporary Internet Files folder emptied: 1323413 bytes
->Google Chrome cache emptied: 137655957 bytes
->Flash cache emptied: 3031 bytes
User: Jojo
->Temp folder emptied: 63798176 bytes
->Temporary Internet Files folder emptied: 500513 bytes
->Java cache emptied: 1238010 bytes
->Google Chrome cache emptied: 387633330 bytes
->Flash cache emptied: 511 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 71371909 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
RecycleBin emptied: 654520 bytes
Total Files Cleaned = 681,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 02272015_152022
Files\Folders moved on Reboot...
C:\Users\Jojo\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
- Messages : 31840
- Inscription : 28 févr. 2008 13:58
- Localisation : Breizhilienne
Re: Encore minerd.exe......
c'est mieux ?
Avec Gnu_Linux t'as un Noyau ... avec Ѡindows t'as que les pépins
https://helicium.altervista.org/
Supprimer les "virus" gratuitement http://www.supprimer-trojan.com/
Un p'tit Don à Angélique Merci.
https://helicium.altervista.org/
Supprimer les "virus" gratuitement http://www.supprimer-trojan.com/
Un p'tit Don à Angélique
Merci.- Messages : 31840
- Inscription : 28 févr. 2008 13:58
- Localisation : Breizhilienne
Re: [RESOLU] Encore minerd.exe......
➫ Relance OTL et clic Purge Outils
➫ Quelques conseils :
Pour prévenir les sites malicieux, tu peux installer Blockulicious : http://forum.malekal.com/blockulicious- ... 46656.html
Pour ne plus te faire avoir.
A lire - Programmes parasites / PUPs : https://www.malekal.com/adwares-pup-protection/
Avec Gnu_Linux t'as un Noyau ... avec Ѡindows t'as que les pépins
https://helicium.altervista.org/
Supprimer les "virus" gratuitement http://www.supprimer-trojan.com/
Un p'tit Don à Angélique Merci.
https://helicium.altervista.org/
Supprimer les "virus" gratuitement http://www.supprimer-trojan.com/
Un p'tit Don à Angélique
Merci.-
- Sujets similaires
- Réponses
- Vues
- Dernier message
-
- 15 Réponses
- 89 Vues
-
Dernier message par Wolfgaltier
-
-
Question Service Windows WpnUserService, SearchApp.exe et PhoneExperienceHost.exe et
par BananeEpluchée » » dans Windows : Résoudre les problèmes - 5 Réponses
- 203 Vues
-
Dernier message par BananeEpluchée
-
-
- 10 Réponses
- 552 Vues
-
Dernier message par Malekal_morte
-
- 6 Réponses
- 222 Vues
-
Dernier message par Malekal_morte
-
- 8 Réponses
- 293 Vues
-
Dernier message par croco54