Enlever pubs "by SASA"

Aide à la désinfection pour supprimer les virus, adwares, ransomwares, trojans.

Modérateurs : Mods Windows, Helper

mahmut6047

Enlever pubs "by SASA"

par mahmut6047 »

bonsoire j'ai eu un probleme avec les pubs de " SASA" et j'ai suivit toutes vos étapes du forum et j'attend votre réponse (le script) pour continuer les étapes donc je vous envoie les 3 fichiers et éspére avoir une réponse :
(FRST ,addition,shortcut)

http://pjjoint.malekal.com/files.php?id ... 2j6m13e6n8

http://pjjoint.malekal.com/files.php?id ... c6u5l10o15

http://pjjoint.malekal.com/files.php?id ... v7e13h6w12

svp j'attend une réponse de votre part cordialement
Malekal_morte
Messages : 112133
Inscription : 10 sept. 2005 13:57

Re: Enlever pubs "by SASA"

par Malekal_morte »

Salut,

Beaucoup de choses.




Voici la correction à  effectuer avec FRST.
Tu peux t'inspirer de cette note explicative avec des captures d'écran pour t'aider: https://www.malekal.com/tutorial-farbar ... -frst/#fix

Ouvre le bloc-notes : Touche Windows + R, dans le champs executer, tape notepad et OK.
Copie/colle dedans ce qui suit :

HKLM\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe [1953792 2014-05-16] ()
HKLM\...\Run: [mbot_fr_475] => [X]
KLM\...\Run: [gmsd_fr_346] => [X]
KLM\...\Run: [gmsd_fr_426] => [X]
HKLM\...\Run: [YTDownloader] => C:\Program Files\YTDownloader\YTDownloader.exe /boot
HKLM\...\Run: [SmartWeb] => C:\Users\Admin Parents\AppData\Local\SmartWeb\SmartWebHelper.exe [270368 2015-02-17] (SoftBrain Technologies Ltd.)
HKLM\...\Run: [gmsd_fr_005010034] => [X]
HKLM\...\Run: [gmsd_en_027010034] => [X]
HKLM\...\Run: [3D BubbleSound] => C:\Program Files\BubbleSound\3D BubbleSound.exe
Startup: C:\Users\Admin Parents\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Activation Lock Remover v1.09.lnk [2015-04-12]
ShortcutTarget: Activation Lock Remover v1.09.lnk -> C:\ProgramData\{19f01e29-70f7-685c-19f0-01e2970f78a5}\Activation Lock Remover v1.09.exe (No File)
Startup: C:\Users\Admin Parents\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OptimizerPro1.lnk [2015-03-14]
ShortcutTarget: OptimizerPro1.lnk -> C:\ProgramData\{809cf240-0d6a-2eae-809c-cf2400d6c900}\OptimizerPro1.exe (No File)
Startup: C:\Users\Admin Parents\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SmartWeb.lnk [2015-07-18]
ShortcutTarget: SmartWeb.lnk -> C:\Users\Admin Parents\AppData\Local\SmartWeb\SmartWebHelper.exe (SoftBrain Technologies Ltd.)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TestAdmin.lnk [2013-04-08]
ShortcutTarget: TestAdmin.lnk -> C:\Windows\System32\sysprep\TestAdmin.bat ()
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TestAdmin.lnk [2013-04-08]
ShortcutTarget: TestAdmin.lnk -> C:\Windows\System32\sysprep\TestAdmin.bat ()
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled
ProxyServer: [.DEFAULT] => http=127.0.0.1:58016;https=127.0.0.1:58016 [Attention - Possible Proxy Malicieux]
ProxyEnable: [S-1-5-21-1944450459-2939700069-3603948675-1001] => Internet Explorer proxy is enabled
ProxyServer: [S-1-5-21-1944450459-2939700069-3603948675-1001] => http=127.0.0.1:9880
C:\Windows\System32\sysprep
R2 UpdateCheck; C:\Program Files\Coupoon\UpdateCheck.exe [53040 2015-07-18] ()
S2 WikiBrowserUpdateService; C:\Users\Admin Parents\AppData\Local\WikiUpdate.exe [372224 2015-07-15] () [File not signed]
S4 Enlightened Congregation; C:\Users\Admin Parents\AppData\Roaming\Enlightened Congregation\Enlightened Congregation.exe [X]
S2 fytucuxu; C:\Program Files\50949336-1437172795-DF11-B826-00266C7DCC08\knsu286B.tmpfs [X]
S2 vicoqudu; C:\Program Files\50949336-1437172795-DF11-B826-00266C7DCC08\hnsk6093.tmp [X]
S2 WinFixRealTimeProtector; C:\Program Files\WinFix\WinFix Protector\WinFixGuard.exe [X]
S2 zejytose; C:\Program Files\50949336-1437172795-DF11-B826-00266C7DCC08\jnsp4850.tmp [X]
S2 CoupoonService; C:\Program Files\coupoon\iiwjljrnpc.exe [151864 2015-04-03] ()
R2 Kijouldermindinialono; C:\Program Files\Kijouldermindinialono\Kijouldermindinialono.exe [281088 2015-06-16] () [File not signed] <==== ATTENTION
R2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [771968 2015-07-18] (Enigma Software Group USA, LLC.)
15-07-18 16:25 - 2015-07-18 16:25 - 03237248 _____ (Enigma Software Group USA, LLC.) C:\Users\Admin Parents\Downloads\SpyHunter-Installer.exe
2015-07-18 16:24 - 2015-07-18 16:24 - 00613255 _____ (CMI Limited) C:\Users\Admin Parents\AppData\Local\nsn9036.tmp
2015-07-18 16:21 - 2015-07-18 16:21 - 00000000 _____ C:\dummy.htm
2015-07-18 12:23 - 2015-07-18 12:23 - 00000000 ____D C:\Program Files\predm
2015-07-18 02:12 - 2015-07-19 21:51 - 00001038 _____ C:\Windows\Tasks\AKmaMeeZaGC6mSLSg.job
2015-07-18 02:08 - 2015-07-19 16:26 - 00000364 _____ C:\Windows\Tasks\APSnotifierPP2.job
2015-07-18 02:08 - 2015-07-18 17:46 - 00000364 _____ C:\Windows\Tasks\APSnotifierPP3.job
2015-07-18 02:07 - 2015-07-18 16:46 - 00000366 _____ C:\Windows\Tasks\APSnotifierPP1.job
2015-07-18 02:04 - 2015-07-18 02:04 - 00613255 _____ (CMI Limited) C:\Users\Admin Parents\AppData\Local\nsjF23C.tmp
2015-07-18 01:40 - 2015-07-18 01:40 - 00000008 _____ C:\END
2015-07-18 01:23 - 2015-07-18 01:24 - 00089365 _____ C:\ProgramData\o0vfJeD6.dat
2015-07-18 01:23 - 2015-07-18 01:23 - 00000000 ____D C:\Users\Admin Parents\AppData\Local\Storm_Warnings,_LLC
2015-07-18 01:22 - 2015-07-18 01:22 - 00613255 _____ (CMI Limited) C:\Users\Admin Parents\AppData\Local\nsa37F1.tmp
2015-07-18 01:22 - 2015-07-18 01:22 - 00000000 __SHD C:\Users\Admin Parents\AppData\Roaming\AnyProtectEx
2015-07-18 01:19 - 2015-07-18 01:19 - 00000000 ____D C:\Users\TEMP.WIN-DVPU1U02ABV\AppData\Local\Crossbrowse
2015-07-18 01:19 - 2015-07-18 01:19 - 00000000 ____D C:\Users\Invité\AppData\Local\Crossbrowse
2015-07-18 01:19 - 2015-07-18 01:19 - 00000000 ____D C:\Users\Collégien\AppData\Local\Crossbrowse
2015-07-18 01:19 - 2015-07-18 01:19 - 00000000 ____D C:\Users\Administrateur\AppData\Local\Crossbrowse
2015-07-18 01:19 - 2015-07-18 01:19 - 00000000 ____D C:\Users\Admin Parents\AppData\Local\Crossbrowse
2015-07-18 01:18 - 2015-07-18 12:17 - 00004728 _____ C:\Windows\system32\Cofvopjy.ini
2015-07-18 01:18 - 2015-07-18 12:17 - 00002448 _____ C:\Windows\system32\CofvopjyOff.ini
2015-07-18 01:18 - 2015-07-18 01:23 - 00000000 ____D C:\ProgramData\abc
2015-07-18 01:18 - 2015-07-13 13:13 - 00279040 _____ C:\Windows\system32\Cofvopjy.dll
2015-07-18 01:17 - 2015-07-18 12:23 - 00000000 ____D C:\Program Files\Coupoon
2015-07-18 01:16 - 2015-07-18 01:16 - 00000000 ____D C:\Users\Admin Parents\AppData\Roaming\mystartsearch
2015-07-18 01:16 - 2015-07-18 01:16 - 00000000 ____D C:\Users\Admin Parents\AppData\Local\SmartWeb
2015-07-18 00:41 - 2015-07-18 00:41 - 00000000 ____D C:\Users\Admin Parents\AppData\Local\50949336-1437180065-DF11-B826-00266C7DCC08
2015-07-18 00:40 - 2015-06-09 18:41 - 00000897 _____ C:\Windows\system32\Drivers\etc\hp.bak
2015-07-17 23:33 - 2015-07-17 23:33 - 02497552 _____ C:\Users\Admin Parents\Downloads\Wolfteam_AR_Downloader (2).exe
2015-07-17 01:52 - 2015-07-17 01:52 - 02497552 _____ C:\Users\Admin Parents\Downloads\Wolfteam_AR_Downloader (1).exe
2015-07-17 01:48 - 2015-07-17 23:32 - 1403463334 _____ C:\Users\Admin Parents\Downloads\wolfteamarabic.exe
2015-07-17 01:47 - 2015-07-17 01:47 - 00013774 _____ C:\Users\Admin Parents\Downloads\wolfteamarabic.exe.torrent
2015-07-17 01:45 - 2015-07-17 01:46 - 02497552 _____ C:\Users\Admin Parents\Downloads\Wolfteam_AR_Downloader.exe
2015-07-17 01:20 - 2015-07-17 01:20 - 00000000 ____D C:\Users\Admin Parents\Downloads\Cities - Skylines v1.1.1c [MULTi7]
2015-07-17 01:19 - 2015-07-17 01:19 - 00013868 _____ C:\Users\Admin Parents\Downloads\Cities_Skylines_v1_1_1c_[MULTi7]_x-demonoid.pw-x.TORRENT
2015-07-17 01:05 - 2015-07-17 01:10 - 00000000 ____D C:\Users\Admin Parents\AppData\Local\BrowserHelper
2015-07-17 01:05 - 2015-07-17 01:05 - 00000000 ____D C:\ProgramData\EpicScale
2015-07-17 01:01 - 2015-07-17 01:01 - 00000000 ____D C:\Users\Admin Parents\AppData\Local\Boxore
2015-07-17 01:00 - 2015-07-17 01:00 - 00000000 __SHD C:\Program Files\Kijouldermindinialono
2015-07-17 00:58 - 2015-07-17 01:00 - 00000000 ____D C:\Users\Admin Parents\AppData\Local\WikiBrowser
2015-07-17 00:53 - 2015-07-17 00:53 - 00000000 ____D C:\ProgramData\WindowsMangerProtect
2015-07-17 00:53 - 2015-07-17 00:53 - 00000000 ____D C:\ProgramData\IHProtectUpDate
2015-07-17 00:53 - 2015-07-17 00:53 - 00000000 _____ C:\Windows\prleth.sys
2015-07-17 00:53 - 2015-07-17 00:53 - 00000000 _____ C:\Windows\hgfs.sys
2015-07-17 00:52 - 2015-07-17 00:55 - 00000000 ____D C:\Users\Admin Parents\AppData\Roaming\oursurfing
S1 cherimoya; system32\drivers\cherimoya.sys [X]
S1 gmihhyyp; \??\C:\Windows\system32\drivers\gmihhyyp.sys [X]
S3 RSUSBSTOR; System32\Drivers\RtsUStor.sys [X]
S1 scfd_1_10_0_16; system32\drivers\scfd_1_10_0_16.sys [X]
S1 wsafd_1_10_0_19; system32\drivers\wsafd_1_10_0_19.sys [X]
S1 wsfd_1_10_0_17; system32\drivers\wsfd_1_10_0_17.sys [X]
S1 wsfd_1_10_0_19; system32\drivers\wsfd_1_10_0_19.sys [X]
S1 wsfd_vt_1_10_0_20; system32\drivers\wsfd_vt_1_10_0_20.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
S3 xspirit; \??\C:\Windows\xspirit.sys [X]
2015-07-15 15:21 - 2015-07-15 15:21 - 00372224 _____ C:\Users\Admin Parents\AppData\Local\WikiUpdate.exe
2015-07-01 03:40 - 2015-07-01 03:40 - 00000000 ____D C:\Users\Admin Parents\AppData\Roaming\50949336-1435714805-DF11-B826-00266C7DCC08
2015-07-01 01:50 - 2015-07-01 01:51 - 00000106 _____ C:\Users\Admin Parents\.sutmp
2015-07-01 01:41 - 2015-07-01 01:41 - 00000000 ____D C:\Users\Admin Parents\Tracing
2015-06-27 02:52 - 2015-07-19 21:52 - 00000024 _____ C:\Users\Admin Parents\AppData\Roaming\appdataFr25.bin
2015-06-27 02:52 - 2015-07-17 22:50 - 00000370 _____ C:\Windows\Tasks\CandyShopper.job
2015-06-27 02:52 - 2015-06-27 17:00 - 00000000 ____D C:\ProgramData\{c03378bf-ed4a-d375-c033-378bfed4e2ff}
2015-06-21 15:13 - 2015-06-21 15:17 - 00000072 _____ C:\Windows\winfix.ini
2015-06-21 15:13 - 2015-06-21 15:16 - 00000056 _____ C:\Windows\Reimage.ini
2015-07-18 12:45 - 2015-04-12 19:52 - 00000000 ____D C:\Program Files\60dd878b-dcba-4fc6-9b6a-6ea64f9e757b
2015-07-18 02:11 - 2015-05-28 21:14 - 00000000 ____D C:\Program Files\globalUpdate
2015-06-27 19:12 - 2015-04-04 22:21 - 00000000 ____D C:\ProgramData\10222758127049123686
2015-06-27 02:56 - 2015-02-24 20:19 - 00000000 ____D C:\Users\Admin Parents\AppData\Roaming\ahelper
Task: {01787802-5A3D-491E-8006-251F37276DA9} - System32\Tasks\SMupdate1 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update1 <==== ATTENTION
Task: {0457DFBC-DD21-4483-AFF0-B4B48E0C36AC} - System32\Tasks\Run_Bobby_Browser => C:\Users\Admin Parents\AppData\Local\BoBrowser\Application\bobrowser.exe [2014-11-19] (The BoBrowser Authors) <==== ATTENTION
Task: {098F8EF6-322F-4FAA-92FC-F39731E71D0C} - System32\Tasks\APSnotifierPP2 => C:\Program Files\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {1139E038-18EC-48E9-A058-9C6D3372FD78} - System32\Tasks\WinFixUpdater => C:\Program Files\WinFix\WinFix Protector\WinFixGuard.exe <==== ATTENTION
Task: {483ABFCB-ACE2-4BA3-9E76-E9B9E88F837A} - System32\Tasks\temp_ce5f7475-c682-4973-95d7-178feeba4355-6 => C:\Program Files\Lights Cinema 1.3betaV12.04\ce5f7475-c682-4973-95d7-178feeba4355-6.exe <==== ATTENTION
Task: {51B1F569-805E-44CC-A59E-E362DD4F1AF0} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [2015-07-18] (Enigma Software Group USA, LLC.)
Task: {62293DEE-70E6-4B08-BD8F-048B3302F8B0} - System32\Tasks\CandyShopper => c:\programdata\{c03378bf-ed4a-d375-c033-378bfed4e2ff}\3245202681097921753c.exe [2014-06-27] () <==== ATTENTION
Task: {6A5A285F-E49D-4CEE-9681-E78D533757EE} - System32\Tasks\SmartWeb Upgrade Trigger Task => C:\Users\Admin Parents\AppData\Local\SmartWeb\SmartWebHelper.exe [2015-02-17] (SoftBrain Technologies Ltd.) <==== ATTENTION
Task: {75147C39-6F76-42A4-837E-69B986406F3D} - System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update2 <==== ATTENTION
Task: {7C37E08F-EE59-42E3-9108-A98858E81B61} - System32\Tasks\At1 => icacls <==== ATTENTION
Task: {84031BE4-7DB0-4A75-B91B-49673ECF8C21} - System32\Tasks\AKmaMeeZaGC6mSLSg => C:\Users\Admin Parents\AppData\Roaming\AKmaMeeZaGC6mSLSg.exe [2015-04-20] () <==== ATTENTION
Task: {8E559446-B0F0-458D-9F41-0A31D912EE4B} - System32\Tasks\APSnotifierPP1 => C:\Program Files\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {B0F41B51-FCD1-485C-9149-A38AFCD65EE4} - System32\Tasks\Bidaily Synchronize Task[3c32] => c:\programdata\{146a0112-3487-4691-146a-a01123480448}\hqghumeaylnlf.exe [2014-05-28] (PC Utilities Software Limited) <==== ATTENTION
Task: {D36DA4B8-E341-4A6B-8FA3-9929F19C9BAA} - System32\Tasks\{856E00F0-E33A-461E-B1AD-918EC8F92D5D} => pcalua.exe -a C:\ProgramData\BreakingNewsAlert\uninstall.exe -c /kb=y /ic=1
Task: {DF551375-145D-48BF-806C-7C55A4D1EBE5} - System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update3 <==== ATTENTION
Task: {E4BF0689-1B8A-4D78-A69E-201F4ABC928D} - System32\Tasks\APSnotifierPP3 => C:\Program Files\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\AKmaMeeZaGC6mSLSg.job => C:\Users\Admin Parents\AppData\Roaming\AKmaMeeZaGC6mSLSg.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\Bidaily Synchronize Task[3c32].job => c:\programdata\{146a0112-3487-4691-146a-a01123480448}\hqghumeaylnlf.exe <==== ATTENTION
Task: C:\Windows\Tasks\CandyShopper.job => c:\programdata\{c03378bf-ed4a-d375-c033-378bfed4e2ff}\3245202681097921753c.exe <==== ATTENTION
Task: C:\Windows\Tasks\temp_2cc7fe73-1ae2-45bf-9800-c83d7270a4bd-1-6.job => 0x000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 <==== ATTENTION
Task: C:\Windows\Tasks\temp_8813832d-c4a3-48ed-80a8-39ac9c1da16a-6.job => C:\Program Files\iWebar\8813832d-c4a3-48ed-80a8-39ac9c1da16a-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\temp_ce5f7475-c682-4973-95d7-178feeba4355-1-6.job => 0x00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 <==== ATTENTION

Une fois, le texte coller dans le bloc-note.
Menu Fichier puis Enregistrer sous.
A gauche, place toi sur le bureau.F
Dans le champs en bas, nom du fichier mets : fixlist.txt
Clic sur Enregistrer - cela va créer un fichier fixlist.txt sur le bureau.

Relance FRST et clic sur le bouton Fix
Selon comment un redémarrage est nécessaire (pas obligatoire).
Un fichier texte apparaît, copie/colle le contenu ici dans un nouveau message.

Redémarre l'ordinateur


puis réinitialise tes navigateurs:
==================================
Réinitialise tes navigateurs et ou manuellement reparamètre tes navigateurs WEB (page de démarrage, moteur de recherche etc) mais aussi supprimer/désactiver les extensions inutiles/parasites :
* Internet Explorer et modules complémentaires / moteurs de recherche : http://forum.malekal.com/
* Firefox : http://forum.malekal.com/firefox-extens ... 36057.html
* Google Chrome : http://forum.malekal.com/google-chrome- ... 35837.html
Première règle élémentaire de sécurité : on réfléchit puis on clic et pas l'inverse - Les fichiers/programmes c'est comme les bonbons, quand ça vient d'un inconnu, on n'accepte pas !
Comment protéger son PC des virus
Windows 11 : Compatibilité, Configuration minimale requise, télécharger ISO et installer Windows 11

Comment demander de l'aide sur le forum
Partagez malekal.com : n'hésitez pas à partager les articles qui vous plaisent sur la page Facebook du site.
  • Sujets similaires
    Réponses
    Vues
    Dernier message

Revenir à « Supprimer/Desinfecter les virus (Trojan, Adwares, Ransomwares, Backdoor, Spywares) »