Fast Start / Search Protect

Résolu/Fermé
Bradoso - 24 déc. 2014 à 14:22
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 - 29 déc. 2014 à 16:17
Bonjour,
J'ai un problème avec Fast Start et autres Search Protect que je n'arrive pas à enlever malgré l'utilisation de adwcleaner. Si quelqu'un pouvait m'aider. Merci d'avance
A voir également:

7 réponses

Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 656
Modifié par Malekal_morte- le 24/12/2014 à 14:24
Salut,

Tu as installé des adwares et programmes parasites sur ton PC.
Voici la procédure à suivre pour les supprimer :

Commence par ceci :

Donne le rapport AdwCleaner.

Like the angel you are, you laugh creating a lightness in my chest,
Your eyes they penetrate me,
(Your answer's always 'maybe')
That's when I got up and left
0
# AdwCleaner v4.106 - Rapport créé le 24/12/2014 à 15:12:30
# Mis à jour le 21/12/2014 par Xplode
# Database : 2014-12-21.4 [Live]
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : Baptiste - BAPTISTE-HP
# Exécuté depuis : C:\Users\TEMP\Downloads\adwcleaner_4.106.exe
# Option : Scanner

***** [ Services ] *****

Service Présent : IePluginServices
Service Présent : WindowsMangerProtect

***** [ Fichiers / Dossiers ] *****

Dossier Présent : C:\Program Files (x86)\SupTab
Dossier Présent : C:\ProgramData\IePluginServices
Dossier Présent : C:\ProgramData\WindowsMangerProtect
Dossier Présent : C:\Users\TEMP\AppData\Roaming\Mozilla\Firefox\Profiles\wcj4m04p.default\Extensions\***@***
Fichier Présent : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\omiga-plus.xml

***** [ Tâches planifiées ] *****


***** [ Raccourcis ] *****


***** [ Registre ] *****

Clé Présente : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Clé Présente : HKCU\Software\Mozilla\Extends
Clé Présente : HKCU\Software\SupHpUISoft
Clé Présente : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Clé Présente : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Clé Présente : [x64] HKCU\Software\SupHpUISoft
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Clé Présente : HKLM\SOFTWARE\omiga-plusSoftware
Clé Présente : HKLM\SOFTWARE\SupDp
Clé Présente : HKLM\SOFTWARE\SupTab
Clé Présente : HKLM\SOFTWARE\supWindowsMangerProtect
Clé Présente : HKLM\SOFTWARE\supWPM
Clé Présente : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Clé Présente : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Clé Présente : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Donnée Présente : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command [(Default)] - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://isearch.omiga-plus.com/?type=sc&ts=1419426764&from=ill&uid=WDCXWD6400BPVT-60HXZT1_WD-WXK1A613368733687
Donnée Présente : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [(Default)] - C:\Program Files (x86)\Internet Explorer\iexplore.exe hxxp://isearch.omiga-plus.com/?type=sc&ts=1419426764&from=ill&uid=WDCXWD6400BPVT-60HXZT1_WD-WXK1A613368733687
Valeur Présente : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [***@***]

***** [ Navigateurs ] *****

-\\ Internet Explorer v11.0.9600.17496

Paramètre Présent : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://isearch.omiga-plus.com/?type=hp&ts=1419426764&from=ill&uid=WDCXWD6400BPVT-60HXZT1_WD-WXK1A613368733687
Paramètre Présent : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://isearch.omiga-plus.com/?type=hp&ts=1419426764&from=ill&uid=WDCXWD6400BPVT-60HXZT1_WD-WXK1A613368733687
Paramètre Présent : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1419426764&from=ill&uid=WDCXWD6400BPVT-60HXZT1_WD-WXK1A613368733687&q={searchTerms}
Paramètre Présent : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://isearch.omiga-plus.com/?type=hp&ts=1419426764&from=ill&uid=WDCXWD6400BPVT-60HXZT1_WD-WXK1A613368733687
Paramètre Présent : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://isearch.omiga-plus.com/?type=hp&ts=1419426764&from=ill&uid=WDCXWD6400BPVT-60HXZT1_WD-WXK1A613368733687
Paramètre Présent : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1419426764&from=ill&uid=WDCXWD6400BPVT-60HXZT1_WD-WXK1A613368733687&q={searchTerms}
Paramètre Présent : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1419426764&from=ill&uid=WDCXWD6400BPVT-60HXZT1_WD-WXK1A613368733687&q={searchTerms}
Paramètre Présent : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://isearch.omiga-plus.com/?type=hp&ts=1419426764&from=ill&uid=WDCXWD6400BPVT-60HXZT1_WD-WXK1A613368733687
Paramètre Présent : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://isearch.omiga-plus.com/?type=hp&ts=1419426764&from=ill&uid=WDCXWD6400BPVT-60HXZT1_WD-WXK1A613368733687
Paramètre Présent : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1419426764&from=ill&uid=WDCXWD6400BPVT-60HXZT1_WD-WXK1A613368733687&q={searchTerms}

-\\ Mozilla Firefox v34.0 (x86 fr)

[wcj4m04p.default] - Ligne Trouvée : user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");
[wcj4m04p.default] - Ligne Trouvée : user_pref("browser.search.selectedEngine", "omiga-plus");
[wcj4m04p.default] - Ligne Trouvée : user_pref("browser.startup.homepage", "hxxp://isearch.omiga-plus.com/?type=hp&ts=1419426764&from=ill&uid=WDCXWD6400BPVT-60HXZT1_WD-WXK1A613368733687");
[wcj4m04p.default] - Ligne Trouvée : user_pref("extensions.quick_start.enable_search1", false);
[wcj4m04p.default] - Ligne Trouvée : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);

*************************

AdwCleaner[R0].txt - [11243 octets] - [01/08/2014 22:48:23]
AdwCleaner[R10].txt - [14012 octets] - [04/12/2014 00:40:54]
AdwCleaner[R11].txt - [2133 octets] - [07/12/2014 15:28:30]
AdwCleaner[R12].txt - [2943 octets] - [09/12/2014 00:32:28]
AdwCleaner[R13].txt - [2377 octets] - [11/12/2014 23:47:59]
AdwCleaner[R14].txt - [7801 octets] - [24/12/2014 00:05:30]
AdwCleaner[R15].txt - [7921 octets] - [24/12/2014 01:57:33]
AdwCleaner[R16].txt - [8043 octets] - [24/12/2014 13:55:06]
AdwCleaner[R17].txt - [6261 octets] - [24/12/2014 15:12:30]
AdwCleaner[R1].txt - [10339 octets] - [12/09/2014 19:44:53]
AdwCleaner[R2].txt - [12304 octets] - [16/09/2014 13:57:15]
AdwCleaner[R3].txt - [18108 octets] - [16/09/2014 16:30:48]
AdwCleaner[R4].txt - [55923 octets] - [02/10/2014 06:46:33]
AdwCleaner[R5].txt - [3940 octets] - [11/10/2014 01:08:29]
AdwCleaner[R6].txt - [6971 octets] - [25/10/2014 10:16:00]
AdwCleaner[R7].txt - [8097 octets] - [10/11/2014 11:52:03]
AdwCleaner[R8].txt - [19078 octets] - [14/11/2014 20:41:06]
AdwCleaner[R9].txt - [3493 octets] - [30/11/2014 17:41:02]
AdwCleaner[S0].txt - [7012 octets] - [01/08/2014 22:49:45]
AdwCleaner[S10].txt - [12480 octets] - [04/12/2014 00:42:15]
AdwCleaner[S11].txt - [2196 octets] - [07/12/2014 15:49:43]
AdwCleaner[S12].txt - [3012 octets] - [09/12/2014 00:34:13]
AdwCleaner[S13].txt - [2440 octets] - [11/12/2014 23:49:36]
AdwCleaner[S14].txt - [6814 octets] - [24/12/2014 00:07:31]
AdwCleaner[S15].txt - [6936 octets] - [24/12/2014 02:01:44]
AdwCleaner[S16].txt - [7058 octets] - [24/12/2014 13:56:31]
AdwCleaner[S1].txt - [4514 octets] - [12/09/2014 19:50:10]
AdwCleaner[S2].txt - [11972 octets] - [16/09/2014 13:59:39]
AdwCleaner[S3].txt - [6903 octets] - [16/09/2014 16:31:58]
AdwCleaner[S4].txt - [15220 octets] - [02/10/2014 06:49:01]
AdwCleaner[S5].txt - [3739 octets] - [11/10/2014 01:09:56]
AdwCleaner[S6].txt - [7063 octets] - [25/10/2014 10:26:44]
AdwCleaner[S7].txt - [8193 octets] - [10/11/2014 12:05:30]
AdwCleaner[S8].txt - [17279 octets] - [14/11/2014 20:43:45]
AdwCleaner[S9].txt - [2057 octets] - [30/11/2014 17:42:51]

########## EOF - C:\AdwCleaner\AdwCleaner[R17].txt - [7898 octets] ##########
0
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 656
24 déc. 2014 à 15:31
voici la suite :


Suis ce tutorial : https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/
Cela va générer deux rapports FRST.
Envoie comme expliqué, ces deux rapports sur le site http://pjjoint.malekal.com et donne les trois liens pjjoint de ces rapports afin qu'ils puissent être consultés.


0
http://pjjoint.malekal.com/files.php?id=FRST_20141224_i7x10t10j8g8
http://pjjoint.malekal.com/files.php?id=20141224_l14n6y6g11q10
http://pjjoint.malekal.com/files.php?id=20141224_s13u10s12y9j8
0
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 656
24 déc. 2014 à 16:06
Désinstalle
McAfee Security Scan
et McAfee SiteAdvisor
Sert à rien... comme tu peux le voir.


Voici la correction à effectuer avec FRST.
Tu peux t'inspirer de cette note explicative avec des captures d'écran pour t'aider: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/#fix

Ouvre le bloc-notes : Touche Windows + R, dans le champs executer, tape notepad et OK.
Copie/colle dedans ce qui suit :

Task: {0E81E61B-AE75-4475-AEF4-90718FEBBED4} - System32\Tasks\WIN-fdfEfEfAfC => C:\Users\TEMP\AppData\Roaming\~nxbrruw.exe
Task: {238172D5-EB5B-427E-8DFB-68A1EE2B3F0D} - System32\Tasks\PhXBf1gm0abjFFI => C:\Users\TEMP\AppData\Roaming\rGJ5aRz\WXxXaev.exe [2014-11-22] ( )
Task: {7CCBDC61-9A52-431E-863E-81A5C77FCA1A} - System32\Tasks\TaskUserUpdate_wp => C:\Users\TEMP\AppData\Roaming\~fjkcfhv.exe
Task: {69DD0D48-B5B4-4F4F-A231-63D11DEBFCC7} - System32\Tasks\uBoYOSvRpYvktLL => C:\Users\TEMP\AppData\Roaming\YgzuSlg\z3oGVts.exe [2014-12-22] ( )
Task: {9537583E-DE76-44AB-9F66-EA5DC9E1EEFC} - System32\Tasks\z2pm6raViSbP9Tn => C:\Users\TEMP\AppData\Roaming\uFW53Pv\T1sNbpf.exe [2014-12-22] ( )
Task: {DDCF4A0D-0B5C-47F4-88D3-503A8FEFD9DA} - System32\Tasks\WIN-GGfIfEGCfEGbGffIfCfEGC => C:\Users\TEMP\AppData\Roaming\~iflltgn.exe
Task: {DF37CC6A-1DC2-4383-8E92-2D9374D43A88} - System32\Tasks\WIN-statsAdmin => C:\Users\TEMP\AppData\Local\Microsoft\WinU\~zamrbna.exe [2014-08-06] () <==== ATTENTION
2014-12-24 14:13 - 2014-12-24 14:13 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-12-24 14:13 - 2014-12-24 14:13 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-12-24 14:13 - 2014-12-24 14:13 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-12-22 13:42 - 2014-12-22 13:42 - 00003278 _____ () C:\Windows\System32\Tasks\z2pm6raViSbP9Tn
2014-12-22 13:42 - 2014-12-22 13:42 - 00003238 _____ () C:\Windows\System32\Tasks\uBoYOSvRpYvktLL
2014-12-22 13:42 - 2014-12-22 13:42 - 00000000 ____D () C:\Users\TEMP\AppData\Roaming\YgzuSlg
2014-12-22 13:42 - 2014-12-22 13:42 - 00000000 ____D () C:\Users\TEMP\AppData\Roaming\uFW53Pv
C:\Users\TEMP\AppData\Local\Microsoft\WinU
R2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [715656 2014-12-24] (Cherished Technololgy LIMITED)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [485888 2014-12-24] (Fuyu LIMITED) [File not signed]
HKU\TS_KeyLodaded\...\Run: [Kujytuo] => C:\Users\Baptiste\AppData\Roaming\kujytuo.exe [391528 2012-03-19] ()

Une fois, le texte coller dans le bloc-note.
Menu Fichier puis Enregistrer sous.
A gauche, place toi sur le bureau.
Dans le champs en bas, nom du fichier mets : fixlist.txt
Clic sur Enregistrer - cela va créer un fichier fixlist.txt sur le bureau.

Relance FRST et clic sur le bouton Fix
Selon comment un redémarrage est nécessaire (pas obligatoire).
Un fichier texte apparaît, copie/colle le contenu ici dans un nouveau message.


Refais un nettoyage AdwCleaner.

0
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 24-12-2014
Ran by Baptiste at 2014-12-24 16:47:18 Run:1
Running from C:\Users\TEMP\Desktop
Loaded Profile: Baptiste (Available profiles: Baptiste)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Task: {0E81E61B-AE75-4475-AEF4-90718FEBBED4} - System32\Tasks\WIN-fdfEfEfAfC => C:\Users\TEMP\AppData\Roaming\~nxbrruw.exe
Task: {238172D5-EB5B-427E-8DFB-68A1EE2B3F0D} - System32\Tasks\PhXBf1gm0abjFFI => C:\Users\TEMP\AppData\Roaming\rGJ5aRz\WXxXaev.exe [2014-11-22] ( )
Task: {7CCBDC61-9A52-431E-863E-81A5C77FCA1A} - System32\Tasks\TaskUserUpdate_wp => C:\Users\TEMP\AppData\Roaming\~fjkcfhv.exe
Task: {69DD0D48-B5B4-4F4F-A231-63D11DEBFCC7} - System32\Tasks\uBoYOSvRpYvktLL => C:\Users\TEMP\AppData\Roaming\YgzuSlg\z3oGVts.exe [2014-12-22] ( )
Task: {9537583E-DE76-44AB-9F66-EA5DC9E1EEFC} - System32\Tasks\z2pm6raViSbP9Tn => C:\Users\TEMP\AppData\Roaming\uFW53Pv\T1sNbpf.exe [2014-12-22] ( )
Task: {DDCF4A0D-0B5C-47F4-88D3-503A8FEFD9DA} - System32\Tasks\WIN-GGfIfEGCfEGbGffIfCfEGC => C:\Users\TEMP\AppData\Roaming\~iflltgn.exe
Task: {DF37CC6A-1DC2-4383-8E92-2D9374D43A88} - System32\Tasks\WIN-statsAdmin => C:\Users\TEMP\AppData\Local\Microsoft\WinU\~zamrbna.exe [2014-08-06] () <==== ATTENTION
2014-12-24 14:13 - 2014-12-24 14:13 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-12-24 14:13 - 2014-12-24 14:13 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-12-24 14:13 - 2014-12-24 14:13 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-12-22 13:42 - 2014-12-22 13:42 - 00003278 _____ () C:\Windows\System32\Tasks\z2pm6raViSbP9Tn
2014-12-22 13:42 - 2014-12-22 13:42 - 00003238 _____ () C:\Windows\System32\Tasks\uBoYOSvRpYvktLL
2014-12-22 13:42 - 2014-12-22 13:42 - 00000000 ____D () C:\Users\TEMP\AppData\Roaming\YgzuSlg
2014-12-22 13:42 - 2014-12-22 13:42 - 00000000 ____D () C:\Users\TEMP\AppData\Roaming\uFW53Pv
C:\Users\TEMP\AppData\Local\Microsoft\WinU
R2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [715656 2014-12-24] (Cherished Technololgy LIMITED)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [485888 2014-12-24] (Fuyu LIMITED) [File not signed]
HKU\TS_KeyLodaded\...\Run: [Kujytuo] => C:\Users\Baptiste\AppData\Roaming\kujytuo.exe [391528 2012-03-19] ()
*****************

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0E81E61B-AE75-4475-AEF4-90718FEBBED4}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0E81E61B-AE75-4475-AEF4-90718FEBBED4}" => Key deleted successfully.
C:\Windows\System32\Tasks\WIN-fdfEfEfAfC => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WIN-fdfEfEfAfC" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{238172D5-EB5B-427E-8DFB-68A1EE2B3F0D}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{238172D5-EB5B-427E-8DFB-68A1EE2B3F0D}" => Key deleted successfully.
C:\Windows\System32\Tasks\PhXBf1gm0abjFFI => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PhXBf1gm0abjFFI" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7CCBDC61-9A52-431E-863E-81A5C77FCA1A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7CCBDC61-9A52-431E-863E-81A5C77FCA1A}" => Key deleted successfully.
C:\Windows\System32\Tasks\TaskUserUpdate_wp => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\TaskUserUpdate_wp" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{69DD0D48-B5B4-4F4F-A231-63D11DEBFCC7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{69DD0D48-B5B4-4F4F-A231-63D11DEBFCC7}" => Key deleted successfully.
C:\Windows\System32\Tasks\uBoYOSvRpYvktLL => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\uBoYOSvRpYvktLL" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9537583E-DE76-44AB-9F66-EA5DC9E1EEFC}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9537583E-DE76-44AB-9F66-EA5DC9E1EEFC}" => Key deleted successfully.
C:\Windows\System32\Tasks\z2pm6raViSbP9Tn => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\z2pm6raViSbP9Tn" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DDCF4A0D-0B5C-47F4-88D3-503A8FEFD9DA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DDCF4A0D-0B5C-47F4-88D3-503A8FEFD9DA}" => Key deleted successfully.
C:\Windows\System32\Tasks\WIN-GGfIfEGCfEGbGffIfCfEGC => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WIN-GGfIfEGCfEGbGffIfCfEGC" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DF37CC6A-1DC2-4383-8E92-2D9374D43A88}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DF37CC6A-1DC2-4383-8E92-2D9374D43A88}" => Key deleted successfully.
C:\Windows\System32\Tasks\WIN-statsAdmin => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WIN-statsAdmin" => Key deleted successfully.
C:\ProgramData\WindowsMangerProtect => Moved successfully.
C:\ProgramData\IePluginServices => Moved successfully.

"C:\Program Files (x86)\SupTab" directory move:

C:\Program Files (x86)\SupTab\DpInterface32.dll => Moved successfully.
C:\Program Files (x86)\SupTab\DpInterface64.dll => Moved successfully.
C:\Program Files (x86)\SupTab\HpUI.exe => Moved successfully.
C:\Program Files (x86)\SupTab\ient.json => Moved successfully.
C:\Program Files (x86)\SupTab\install.data => Moved successfully.
C:\Program Files (x86)\SupTab\Loader32.exe => Moved successfully.
C:\Program Files (x86)\SupTab\Loader64.exe => Moved successfully.
C:\Program Files (x86)\SupTab\msvcp110.dll => Moved successfully.
C:\Program Files (x86)\SupTab\msvcr110.dll => Moved successfully.
C:\Program Files (x86)\SupTab\RSHP.exe => Moved successfully.
C:\Program Files (x86)\SupTab\SearchProtect32.dll => Moved successfully.
C:\Program Files (x86)\SupTab\SearchProtect64.dll => Moved successfully.
C:\Program Files (x86)\SupTab\SupIePluginServiceUpdate.exe => Moved successfully.
C:\Program Files (x86)\SupTab\SupTab.dll => Moved successfully.
C:\Program Files (x86)\SupTab\uninstall.exe => Moved successfully.
C:\Program Files (x86)\SupTab\WindowsSupportDll32.dll => Moved successfully.
C:\Program Files (x86)\SupTab\WindowsSupportDll64.dll => Moved successfully.
C:\Program Files (x86)\SupTab\web\data.html => Moved successfully.
C:\Program Files (x86)\SupTab\web\indexIE.html => Moved successfully.
C:\Program Files (x86)\SupTab\web\indexIE8.html => Moved successfully.
C:\Program Files (x86)\SupTab\web\main.css => Moved successfully.
C:\Program Files (x86)\SupTab\web\ver.txt => Moved successfully.
C:\Program Files (x86)\SupTab\web\_locales\zh-TW\messages.json => Moved successfully.
C:\Program Files (x86)\SupTab\web\_locales\zh-CN\messages.json => Moved successfully.
C:\Program Files (x86)\SupTab\web\_locales\vi-VI\messages.json => Moved successfully.
C:\Program Files (x86)\SupTab\web\_locales\tr-TR\messages.json => Moved successfully.
C:\Program Files (x86)\SupTab\web\_locales\ru-MO\messages.json => Moved successfully.
C:\Program Files (x86)\SupTab\web\_locales\ru\messages.json => Moved successfully.
C:\Program Files (x86)\SupTab\web\_locales\pt-BR\messages.json => Moved successfully.
C:\Program Files (x86)\SupTab\web\_locales\pt\messages.json => Moved successfully.
C:\Program Files (x86)\SupTab\web\_locales\pl\messages.json => Moved successfully.
C:\Program Files (x86)\SupTab\web\_locales\it-IT\messages.json => Moved successfully.
C:\Program Files (x86)\SupTab\web\_locales\it-CH\messages.json => Moved successfully.
C:\Program Files (x86)\SupTab\web\_locales\fr-LU\messages.json => Moved successfully.
C:\Program Files (x86)\SupTab\web\_locales\fr-FR\messages.json => Moved successfully.
C:\Program Files (x86)\SupTab\web\_locales\fr-CH\messages.json => Moved successfully.
C:\Program Files (x86)\SupTab\web\_locales\fr-CA\messages.json => Moved successfully.
C:\Program Files (x86)\SupTab\web\_locales\fr-BE\messages.json => Moved successfully.
C:\Program Files (x86)\SupTab\web\_locales\es-ES\messages.json => Moved successfully.
C:\Program Files (x86)\SupTab\web\_locales\es-419\messages.json => Moved successfully.
C:\Program Files (x86)\SupTab\web\_locales\en-US\messages.json => Moved successfully.
C:\Program Files (x86)\SupTab\web\js\common.js => Moved successfully.
C:\Program Files (x86)\SupTab\web\js\ga.js => Moved successfully.
C:\Program Files (x86)\SupTab\web\js\jquery-1.11.0.min.js => Moved successfully.
C:\Program Files (x86)\SupTab\web\js\jquery.autocomplete.js => Moved successfully.
C:\Program Files (x86)\SupTab\web\js\js.js => Moved successfully.
C:\Program Files (x86)\SupTab\web\js\library.js => Moved successfully.
C:\Program Files (x86)\SupTab\web\js\xagainit-ie8.js => Moved successfully.
C:\Program Files (x86)\SupTab\web\js\xagainit2.0.js => Moved successfully.
C:\Program Files (x86)\SupTab\web\img\google_trends.png => Moved successfully.
C:\Program Files (x86)\SupTab\web\img\icon128.png => Moved successfully.
C:\Program Files (x86)\SupTab\web\img\icon16.png => Moved successfully.
C:\Program Files (x86)\SupTab\web\img\icon48.png => Moved successfully.
C:\Program Files (x86)\SupTab\web\img\loading.gif => Moved successfully.
C:\Program Files (x86)\SupTab\web\img\logo32.ico => Moved successfully.
C:\Program Files (x86)\SupTab\skin\bk_shadow.png => Moved successfully.
C:\Program Files (x86)\SupTab\skin\btn.png => Moved successfully.
C:\Program Files (x86)\SupTab\skin\close.png => Moved successfully.
C:\Program Files (x86)\SupTab\skin\main.xml => Moved successfully.
C:\Program Files (x86)\SupTab\skin\main.xml.bak => Moved successfully.
C:\Program Files (x86)\SupTab\skin\image\ck_box.png => Moved successfully.
C:\Program Files (x86)\SupTab\skin\image\ck_check.png => Moved successfully.
C:\Program Files (x86)\SupTab\skin\image\radio_bk.png => Moved successfully.
C:\Program Files (x86)\SupTab\skin\image\radio_check.png => Moved successfully.
Could not move "C:\Program Files (x86)\SupTab" directory. => Scheduled to move on reboot.

"C:\Windows\System32\Tasks\z2pm6raViSbP9Tn" => File/Directory not found.
"C:\Windows\System32\Tasks\uBoYOSvRpYvktLL" => File/Directory not found.
C:\Users\TEMP\AppData\Roaming\YgzuSlg => Moved successfully.
C:\Users\TEMP\AppData\Roaming\uFW53Pv => Moved successfully.
C:\Users\TEMP\AppData\Local\Microsoft\WinU => Moved successfully.
IePluginServices => Service stopped successfully.
IePluginServices => Service deleted successfully.
WindowsMangerProtect => Service stopped successfully.
WindowsMangerProtect => Service deleted successfully.
HKU\TS_KeyLodaded\Software\Microsoft\Windows\CurrentVersion\Run\\Kujytuo => value deleted successfully.

=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-12-24 16:50:28)<=

C:\Program Files (x86)\SupTab => Is moved successfully.

==== End of Fixlog 16:50:28 ====
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 656
24 déc. 2014 à 17:26
ok,

Fais bien le nettoyage AdwCleaner :)
0
Merci
0
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 656
29 déc. 2014 à 16:17
De rien :)

Quelques conseils :

Installe Malwarebyte's Anti-Malware : https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
Fais des scans réguliers avec, il est efficace.


Pour prévenir les sites malicieux, tu peux installer Blockulicious : https://forum.malekal.com/viewtopic.php?t=46656&start=


Pour ne plus te faire avoir.
A lire - Programmes parasites / PUPs : https://www.malekal.com/adwares-pup-protection/

0