Virus Chrome snapdo.com

Aide à la désinfection pour supprimer les virus, adwares, ransomwares, trojans.

Modérateurs : Mods Windows, Helper

anna0073

Virus Chrome snapdo.com

par anna0073 »

Bonjour
J'ai accédé au tutoriel du FRST https://www.malekal.com/tutoriel-farbar ... tool-frst/ POUR générer les 3 rapports (FRST - SHORTCUT- ADDITION )
qui se trouve sur ces lien

http://pjjoint.malekal.com/files.php?id ... f7n11y6j12
http://pjjoint.malekal.com/files.php?id ... 5g6c6h11m7
http://pjjoint.malekal.com/files.php?id ... 3d13e13x11

Je voudrais avoir le fichier fix.txt pour supprimer le virus au de chrome merci
Haut
Malekal_morte
Messages : 114087
Inscription : 10 sept. 2005 13:57

Re: Virus Chrome snapdo.com

par Malekal_morte »

Voici la correction à effectuer avec FRST. Tu peux t'aider de cette note explicative avec des captures d'écran.

Ouvre le bloc-notes : Touche Windows + R,
Dans le champs "Exécuter", saisir notepad et OK.
Copie/Colle dedans ce qui suit :

Code : Tout sélectionner

CreateRestorePoint:
CloseProcesses:
CHR Extension: (Sci-Hub) - C:\Users\Hayouta\Downloads\Sci-Hub [2016-11-06] [UpdateUrl: hxxp://31.184.194.81/update] <==== ATTENTION 
CHR Profile: C:\Users\Hayouta\AppData\Local\Google\Chrome\User Data\prerlasehasaghtplehotion [2017-05-15] <==== ATTENTION 
Task: {0E7F47BD-FA36-4A00-B993-A41A764A76F6} - System32\Tasks\psv_Geofan => cmd.exe /c regedit.exe /s "C:\ProgramData\Affenpinscher\Anair.reg" & del "C:\ProgramData\Affenpinscher\Anair.reg" & SCHTASKS /Delete /TN "psv_Geofan" /F <==== ATTENTION
Task: {18AA3344-4F0B-4C03-BF36-69A3BA4E87C7} - System32\Tasks\psv_SaltZoolex => cmd.exe /c regedit.exe /s "C:\ProgramData\Affenpinscher\InNix.reg" & del "C:\ProgramData\Affenpinscher\InNix.reg" & SCHTASKS /Delete /TN "psv_SaltZoolex" /F <==== ATTENTION
Task: {1ECB969A-0906-46CA-971B-4129B8423020} - System32\Tasks\psv_Toughair => cmd.exe /c regedit.exe /s "C:\ProgramData\Affenpinscher\ZamLam.reg" & del "C:\ProgramData\Affenpinscher\ZamLam.reg" & SCHTASKS /Delete /TN "psv_Toughair" /F <==== ATTENTION
Task: {2148EB1F-B816-4569-8C81-19B41ECBA540} - System32\Tasks\psv_GeoSildax => cmd.exe /c regedit.exe /s "C:\ProgramData\Affenpinscher\Ventoflex.reg" & del "C:\ProgramData\Affenpinscher\Ventoflex.reg" & SCHTASKS /Delete /TN "psv_GeoSildax" /F <==== ATTENTION
Task: {29465D2F-8FB0-4518-9701-B5EF28E70A54} - System32\Tasks\psv_Trisphase => cmd.exe /c regedit.exe /s "C:\ProgramData\Affenpinscher\Singletam.reg" & del "C:\ProgramData\Affenpinscher\Singletam.reg" & SCHTASKS /Delete /TN "psv_Trisphase" /F <==== ATTENTION
Task: {2B6A3B5A-A90A-4A81-953F-C2D7F173A1C4} - System32\Tasks\psv_Lothome => cmd.exe /c regedit.exe /s "C:\ProgramData\Affenpinscher\Truelam.reg" & del "C:\ProgramData\Affenpinscher\Truelam.reg" & SCHTASKS /Delete /TN "psv_Lothome" /F <==== ATTENTION
Task: {2C91A770-F87F-4061-BB38-7D8A1B924DC4} - System32\Tasks\psv_Joyzimtrax => cmd.exe /c regedit.exe /s "C:\ProgramData\Affenpinscher\AlphaSillam.reg" & del "C:\ProgramData\Affenpinscher\AlphaSillam.reg" & SCHTASKS /Delete /TN "psv_Joyzimtrax" /F <==== ATTENTION
Task: {315F5635-39FB-425F-9582-B4C0212B3CD7} - System32\Tasks\psv_Hotdom => cmd.exe /c regedit.exe /s "C:\ProgramData\Affenpinscher\Keystring.reg" & del "C:\ProgramData\Affenpinscher\Keystring.reg" & SCHTASKS /Delete /TN "psv_Hotdom" /F <==== ATTENTION
Task: {40911CC3-156B-4DE3-A1E4-2C1CB509E29D} - System32\Tasks\psv_X-kix => cmd.exe /c regedit.exe /s "C:\ProgramData\Affenpinscher\Drip-Ron.reg" & del "C:\ProgramData\Affenpinscher\Drip-Ron.reg" & SCHTASKS /Delete /TN "psv_X-kix" /F <==== ATTENTION
Task: {43DE14BD-4594-4C76-9ED8-F1A6A813F9B1} - System32\Tasks\psv_Hotdubtouch => cmd.exe /c regedit.exe /s "C:\ProgramData\Affenpinscher\Matfresh.reg" & del "C:\ProgramData\Affenpinscher\Matfresh.reg" & SCHTASKS /Delete /TN "psv_Hotdubtouch" /F <==== ATTENTION
Task: {46EB3C03-5B23-4E40-A523-F6D7FCBB2079} - System32\Tasks\psv_Freshlab => cmd.exe /c regedit.exe /s "C:\ProgramData\Affenpinscher\Nam-Dox.reg" & del "C:\ProgramData\Affenpinscher\Nam-Dox.reg" & SCHTASKS /Delete /TN "psv_Freshlab" /F <==== ATTENTION
Task: {4834998A-6A3F-4036-9CB3-85FEC0583F39} - System32\Tasks\psv_Subin => cmd.exe /c regedit.exe /s "C:\ProgramData\Affenpinscher\Vaiatech.reg" & del "C:\ProgramData\Affenpinscher\Vaiatech.reg" & SCHTASKS /Delete /TN "psv_Subin" /F <==== ATTENTION
Task: {4D2C9593-6C09-4A44-8113-B1948D246A3A} - System32\Tasks\psv_Zotzoohold => cmd.exe /c regedit.exe /s "C:\ProgramData\Affenpinscher\Zoo-Bam.reg" & del "C:\ProgramData\Affenpinscher\Zoo-Bam.reg" & SCHTASKS /Delete /TN "psv_Zotzoohold" /F <==== ATTENTION
Task: {4E0442B1-E3A7-4C23-9CA3-EE396B34BA70} - System32\Tasks\4qeibczp => C:\Program Files\Common Files\ol0o4i1z\e2505ywtybis5.exe [2016-08-17] () <==== ATTENTION
Task: {52F77ACE-3BB2-48BB-A2D7-ED1B8E1C8673} - System32\Tasks\psv_Sunhome => cmd.exe /c regedit.exe /s "C:\ProgramData\Affenpinscher\Kon-Ity.reg" & del "C:\ProgramData\Affenpinscher\Kon-Ity.reg" & SCHTASKS /Delete /TN "psv_Sunhome" /F <==== ATTENTION
Task: {56B2C1B8-AE53-46A3-9934-1AB833B804EC} - System32\Tasks\psv_Warmtraxjob => cmd.exe /c regedit.exe /s "C:\ProgramData\Affenpinscher\X-Flex.reg" & del "C:\ProgramData\Affenpinscher\X-Flex.reg" & SCHTASKS /Delete /TN "psv_Warmtraxjob" /F <==== ATTENTION
Task: {5B622635-84EE-43E2-994A-B9F63411C803} - System32\Tasks\psv_Statcore => cmd.exe /c regedit.exe /s "C:\ProgramData\Affenpinscher\Domtech.reg" & del "C:\ProgramData\Affenpinscher\Domtech.reg" & SCHTASKS /Delete /TN "psv_Statcore" /F <==== ATTENTION
Task: {5C01DF0C-71CC-4D9F-8514-1D55274D2F63} - System32\Tasks\psv_Soldonla => cmd.exe /c regedit.exe /s "C:\ProgramData\Affenpinscher\Stattop.reg" & del "C:\ProgramData\Affenpinscher\Stattop.reg" & SCHTASKS /Delete /TN "psv_Soldonla" /F <==== ATTENTION
Task: {5F046A14-6BBF-4615-BBE4-E99BDDE5E3D7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-04-30] (Google Inc.)
Task: {6200BF62-2481-4617-91C8-5705396E6F05} - System32\Tasks\psv_Ansaoplus => cmd.exe /c regedit.exe /s "C:\ProgramData\Affenpinscher\DoubleRanex.reg" & del "C:\ProgramData\Affenpinscher\DoubleRanex.reg" & SCHTASKS /Delete /TN "psv_Ansaoplus" /F <==== ATTENTION
Task: {641C2648-1826-40BC-92F2-5C4888581A74} - System32\Tasks\psv_Jobtamlight => cmd.exe /c regedit.exe /s "C:\ProgramData\Affenpinscher\Una-Air.reg" & del "C:\ProgramData\Affenpinscher\Una-Air.reg" & SCHTASKS /Delete /TN "psv_Jobtamlight" /F <==== ATTENTION
Task: {66BE48CE-A18B-4564-92E3-4119B7B829A2} - System32\Tasks\psv_OzerApzap => cmd.exe /c regedit.exe /s "C:\ProgramData\Affenpinscher\Labeco.reg" & del "C:\ProgramData\Affenpinscher\Labeco.reg" & SCHTASKS /Delete /TN "psv_OzerApzap" /F <==== ATTENTION
Task: {66F0791B-615E-4861-BAA6-2AF801614B63} - System32\Tasks\psv_Medlax => cmd.exe /c regedit.exe /s "C:\ProgramData\Affenpinscher\Zath-Kix.reg" & del "C:\ProgramData\Affenpinscher\Zath-Kix.reg" & SCHTASKS /Delete /TN "psv_Medlax" /F <==== ATTENTION
Task: {6E9EE631-EEE9-4C77-82B6-4135C5CF4563} - System32\Tasks\psv_Strongdom => cmd.exe /c regedit.exe /s "C:\ProgramData\Affenpinscher\Greenron.reg" & del "C:\ProgramData\Affenpinscher\Greenron.reg" & SCHTASKS /Delete /TN "psv_Strongdom" /F <==== ATTENTION
Task: {7B93A0AC-ADF0-4FA7-A7E8-275DD4EB75A8} - System32\Tasks\psv_Konklab => cmd.exe /c regedit.exe /s "C:\ProgramData\Affenpinscher\Ronis.reg" & del "C:\ProgramData\Affenpinscher\Ronis.reg" & SCHTASKS /Delete /TN "psv_Konklab" /F <==== ATTENTION
Task: {92F9EFA9-6740-42D0-BC19-98F6588D7781} - System32\Tasks\psv_Strongflex => cmd.exe /c regedit.exe /s "C:\ProgramData\Affenpinscher\SilIty.reg" & del "C:\ProgramData\Affenpinscher\SilIty.reg" & SCHTASKS /Delete /TN "psv_Strongflex" /F <==== ATTENTION
Task: {962F0AF5-0BFE-4FEB-BC65-0583847C7EFE} - System32\Tasks\psv_Geolax => cmd.exe /c regedit.exe /s "C:\ProgramData\Affenpinscher\Betatouch.reg" & del "C:\ProgramData\Affenpinscher\Betatouch.reg" & SCHTASKS /Delete /TN "psv_Geolax" /F <==== ATTENTION
Task: {9D70C89C-B79E-4DD2-948D-CB1AAB119AF7} - System32\Tasks\v4dccrsj => C:\Program Files\Common Files\gf1g3o4t\894c0dokkgw30.exe [2017-05-01] () <==== ATTENTION
Task: {9EB3320F-D496-4710-8D5B-F4D17A3396DF} - System32\Tasks\psv_LightSing => cmd.exe /c regedit.exe /s "C:\ProgramData\Affenpinscher\Labfind.reg" & del "C:\ProgramData\Affenpinscher\Labfind.reg" & SCHTASKS /Delete /TN "psv_LightSing" /F <==== ATTENTION
Task: {A33E64A3-7372-4A12-9651-DCCE9C505175} - System32\Tasks\psv_Volron => cmd.exe /c regedit.exe /s "C:\ProgramData\Affenpinscher\Trisstock.reg" & del "C:\ProgramData\Affenpinscher\Trisstock.reg" & SCHTASKS /Delete /TN "psv_Volron" /F <==== ATTENTION
Task: {A663D9F4-3FB8-45D5-ADF9-82B2B2B75ADF} - System32\Tasks\psv_Finkix => cmd.exe /c regedit.exe /s "C:\ProgramData\Affenpinscher\Domstring.reg" & del "C:\ProgramData\Affenpinscher\Domstring.reg" & SCHTASKS /Delete /TN "psv_Finkix" /F <==== ATTENTION
Task: {AC053EDA-5114-4DD9-9BDD-4B1D14084D4C} - System32\Tasks\psv_Kinnix => cmd.exe /c regedit.exe /s "C:\ProgramData\Affenpinscher\Alphain.reg" & del "C:\ProgramData\Affenpinscher\Alphain.reg" & SCHTASKS /Delete /TN "psv_Kinnix" /F <==== ATTENTION
Task: {AD78F10B-7227-4120-B4E2-50E08DBA8FFA} - System32\Tasks\psv_Caning => cmd.exe /c regedit.exe /s "C:\ProgramData\Affenpinscher\TopLamsing.reg" & del "C:\ProgramData\Affenpinscher\TopLamsing.reg" & SCHTASKS /Delete /TN "psv_Caning" /F <==== ATTENTION
Task: {BFF64E0C-1AEC-49A5-9964-E675FC49F4F9} - System32\Tasks\psv_Vilatom => cmd.exe /c regedit.exe /s "C:\ProgramData\Affenpinscher\Physin.reg" & del "C:\ProgramData\Affenpinscher\Physin.reg" & SCHTASKS /Delete /TN "psv_Vilatom" /F <==== ATTENTION
Task: {C1FE625B-EAF5-4A50-8ACC-1D149CDE2729} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-04-30] (Google Inc.)
Task: {C3956BDA-2357-423E-B212-137C8C66202D} - System32\Tasks\psv_Quadit => cmd.exe /c regedit.exe /s "C:\ProgramData\Affenpinscher\Daltair.reg" & del "C:\ProgramData\Affenpinscher\Daltair.reg" & SCHTASKS /Delete /TN "psv_Quadit" /F <==== ATTENTION
Task: {C68683C8-ECB9-45B9-ABB0-12F960F6018C} - System32\Tasks\psv_Freshjob => cmd.exe /c regedit.exe /s "C:\ProgramData\Affenpinscher\Freshlab.reg" & del "C:\ProgramData\Affenpinscher\Freshlab.reg" & SCHTASKS /Delete /TN "psv_Freshjob" /F <==== ATTENTION
Task: {C6916FB3-CD12-40B5-97D4-1AB5F97AD2EB} - System32\Tasks\psv_Fixnix => cmd.exe /c regedit.exe /s "C:\ProgramData\Affenpinscher\Qvostock.reg" & del "C:\ProgramData\Affenpinscher\Qvostock.reg" & SCHTASKS /Delete /TN "psv_Fixnix" /F <==== ATTENTION
Task: {C8363B6F-08EC-4EEF-B38F-B8F07C6C4522} - System32\Tasks\psv_Tincore => cmd.exe /c regedit.exe /s "C:\ProgramData\Affenpinscher\StanStrong.reg" & del "C:\ProgramData\Affenpinscher\StanStrong.reg" & SCHTASKS /Delete /TN "psv_Tincore" /F <==== ATTENTION
Task: {CAA6B7E1-22C4-4965-B752-AB76A44860ED} - System32\Tasks\psv_BioDoncom => cmd.exe /c regedit.exe /s "C:\ProgramData\Affenpinscher\Dalt-Air.reg" & del "C:\ProgramData\Affenpinscher\Dalt-Air.reg" & SCHTASKS /Delete /TN "psv_BioDoncom" /F <==== ATTENTION
Task: {CDA549C7-D8AE-4DC0-941B-1D42EF68BE2C} - System32\Tasks\psv_SoftTam => cmd.exe /c regedit.exe /s "C:\ProgramData\Affenpinscher\Zoomdonbam.reg" & del "C:\ProgramData\Affenpinscher\Zoomdonbam.reg" & SCHTASKS /Delete /TN "psv_SoftTam" /F <==== ATTENTION
Task: {D0B4B9DB-27D1-4A5A-BCE4-3DF3BEBA41C3} - System32\Tasks\psv_StrongSunfax => cmd.exe /c regedit.exe /s "C:\ProgramData\Affenpinscher\K-Nix.reg" & del "C:\ProgramData\Affenpinscher\K-Nix.reg" & SCHTASKS /Delete /TN "psv_StrongSunfax" /F <==== ATTENTION
Task: {D1E36BAD-A234-4F75-8A5A-404F9BB134C5} - System32\Tasks\psv_Mathkix => cmd.exe /c regedit.exe /s "C:\ProgramData\Affenpinscher\Key-Fax.reg" & del "C:\ProgramData\Affenpinscher\Key-Fax.reg" & SCHTASKS /Delete /TN "psv_Mathkix" /F <==== ATTENTION
Task: {E05A6EA8-0F2D-4648-B918-E24BBDA48890} - System32\Tasks\psv_Ranlax => cmd.exe /c regedit.exe /s "C:\ProgramData\Affenpinscher\Canstrong.reg" & del "C:\ProgramData\Affenpinscher\Canstrong.reg" & SCHTASKS /Delete /TN "psv_Ranlax" /F <==== ATTENTION
Task: {E25700A6-133B-4A7A-896E-A74C34FE4D4B} - System32\Tasks\psv_Itnimfind => cmd.exe /c regedit.exe /s "C:\ProgramData\Affenpinscher\UniDubity.reg" & del "C:\ProgramData\Affenpinscher\UniDubity.reg" & SCHTASKS /Delete /TN "psv_Itnimfind" /F <==== ATTENTION
Task: {E8F6CE83-9C8E-401F-BD1F-7E5FD21C5A5C} - System32\Tasks\psv_Zumnix => cmd.exe /c regedit.exe /s "C:\ProgramData\Affenpinscher\Move-Tom.reg" & del "C:\ProgramData\Affenpinscher\Move-Tom.reg" & SCHTASKS /Delete /TN "psv_Zumnix" /F <==== ATTENTION
Task: {E97B3E59-433E-406C-BC40-EAEC482E9BDC} - System32\Tasks\psv_Phystip => cmd.exe /c regedit.exe /s "C:\ProgramData\Affenpinscher\ZathNix.reg" & del "C:\ProgramData\Affenpinscher\ZathNix.reg" & SCHTASKS /Delete /TN "psv_Phystip" /F <==== ATTENTION
Task: {F775588D-8C40-436C-8454-ED88E343CE94} - System32\Tasks\psv_Zen-Ing => cmd.exe /c regedit.exe /s "C:\ProgramData\Affenpinscher\Hotcore.reg" & del "C:\ProgramData\Affenpinscher\Hotcore.reg" & SCHTASKS /Delete /TN "psv_Zen-Ing" /F <==== ATTENTION
Task: {F9AB90B8-CCAB-4CE7-9781-1CB4CE4B8394} - System32\Tasks\psv_Scot-Top => cmd.exe /c regedit.exe /s "C:\ProgramData\Affenpinscher\Dongtouch.reg" & del "C:\ProgramData\Affenpinscher\Dongtouch.reg" & SCHTASKS /Delete /TN "psv_Scot-Top" /F <==== ATTENTION
Task: {FCA081A3-790A-4D6A-9B6F-A41B593C01BA} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_25_0_0_171_pepper.exe [2017-05-10] (Adobe Systems Incorporated)
Task: {FEE1CB87-BDD5-4672-9013-FCD896A45622} - System32\Tasks\prodlct => C:\Windows\system32\config\systemprofile\AppData\Local\Strongtax  <==== ATTENTION
 C:\Windows\system32\config\systemprofile\AppData\Local\Strongtax 
CHR HomePage: prerlasehasaghtplehotion -> hxxp://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_B2393LadXJcLO8bA4FQCln-AP7228HwJdW4dQ9-vfVO0IIYAsU7b-ncCM2rJHcUQgLXLQZwbZHD6ALll33g4Fbo-Vy_UrP5WWpwfbt2yDur2gjswGAqKhEHJarFW-FN7ohFpB6dfJwSUF7zGQXnqCkmLVp-n7l0hMwW6czxaXFwA
 2016-12-22 01:49 - 2016-12-22 01:49 - 3021706 _____ () C:\Program Files\Common Files\ff20100w.exe  
 2017-01-07 10:20 - 2017-01-07 10:20 - 2806445 _____ () C:\Program Files\Common Files\ikwys31m.exe  
 2016-12-24 18:30 - 2016-12-24 18:30 - 3021759 _____ () C:\Program Files\Common Files\m5j4cliu.exe  
 2016-12-13 22:03 - 2016-12-13 22:03 - 3020713 _____ () C:\Program Files\Common Files\nu0cbozo.exe  
 2016-12-22 01:51 - 2016-12-22 01:51 - 3021706 _____ () C:\Program Files\Common Files\qpxi255m.exe  
 2016-12-24 18:30 - 2016-12-24 18:30 - 3021759 _____ () C:\Program Files\Common Files\t31igvmc.exe  
 2016-08-17 21:02 - 2016-08-17 21:02 - 2946419 _____ () C:\Program Files\Common Files\vdmvnw1s.exe  
 2016-08-06 01:09 - 2016-08-06 01:09 - 0000000 _____ () C:\Users\Hayouta\AppData\Roaming\1.txt
Hosts:
EmptyTemp:
RemoveProxy:
Reboot:
Une fois, le texte collé dans le Bloc-notes,
Menu "Fichier" puis "Enregistrer sous",
A gauche, place toi sur le Bureau,
Dans le champs en bas, nom du fichier mets : fixlist.txt
Clique sur "Enregistrer", cela va créer fixlist.txt sur le Bureau.

Relance FRST et clique sur le bouton "Corriger / Fix"
Un redémarrage sera peut-être nécessaire ( pas obligatoire )
Un fichier texte apparait, copie/colle le contenu ici dans un nouveau message.

Redémarre l'ordinateur.
2°)
Réinitialise/Répare les navigateurs WEB concerné(s) par les problèmes :
* réparer Mozilla Firefox (premier paragraphe)
* réparer Google Chrome (premier paragraphe)
* Réinitialiser et réparer Internet Explorer
Première règle élémentaire de sécurité : on réfléchit puis on clic et pas l'inverse - Les fichiers/programmes c'est comme les bonbons, quand ça vient d'un inconnu, on n'accepte pas !
Comment protéger son PC des virus
Windows 11 : Compatibilité, Configuration minimale requise, télécharger ISO et installer Windows 11

Comment demander de l'aide sur le forum
Partagez malekal.com : n'hésitez pas à partager les articles qui vous plaisent sur la page Facebook du site.
Haut
  • Sujets similaires
    Réponses
    Vues
    Dernier message

Revenir à « Supprimer/Desinfecter les virus (Trojan, Adwares, Ransomwares, Backdoor, Spywares) »