Supprimer Istartsurf et Remote desktop access [Résolu/Fermé]

Signaler
Messages postés
6
Date d'inscription
vendredi 27 février 2015
Statut
Membre
Dernière intervention
2 mars 2015
-
Messages postés
180265
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
26 mars 2021
-
Bonjour,
J'ai bien lu les réponse et j'aurais aussi besoin d'aide à ce sujet.
Voici les liens vers les ficiers des scans :

https://pjjoint.malekal.com/files.php?id=20150227_z9b14t8i14p12

https://pjjoint.malekal.com/files.php?id=20150227_e14j11f14b11j9
https://pjjoint.malekal.com/files.php?id=20150227_p5x5b8l10w8
https://pjjoint.malekal.com/files.php?id=20150227_h6j14h10l13y5

Merci à l'avance pour votre aide


3 réponses

Messages postés
180265
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
26 mars 2021
23 726
salut

ok je regarde.

--
Messages postés
180265
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
26 mars 2021
23 726
Voici la correction à effectuer avec FRST.
Tu peux t'inspirer de cette note explicative avec des captures d'écran pour t'aider: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/#fix

Ouvre le bloc-notes : Touche Windows + R, dans le champs executer, tape notepad et OK.
Copie/colle dedans ce qui suit :

2015-02-20 22:14 - 2015-02-23 19:48 - 00000000 ____D () C:\Users\Client\AppData\Local\C4DDD480-1424470493-81E1-2121-5404A6475795
2015-02-20 22:13 - 2015-02-23 19:48 - 00000000 ____D () C:\Users\Client\AppData\Roaming\C4DDD480-1424470381-81E1-2121-5404A6475795
2015-02-20 18:19 - 2015-02-23 19:48 - 00000000 ____D () C:\Users\Client\AppData\Roaming\qtXOq5H
2015-02-20 18:19 - 2015-02-23 19:48 - 00000000 ____D () C:\Users\Client\AppData\Roaming\OE5tl5J
2015-02-20 18:19 - 2015-02-20 18:19 - 00003282 _____ () C:\Windows\System32\Tasks\Bu6WD2zw1CS03DM
2015-02-20 18:19 - 2015-02-20 18:19 - 00003242 _____ () C:\Windows\System32\Tasks\hPLY1oB8oSN3wT1
2015-02-22 21:32 - 2015-02-23 19:48 - 00000000 ____D () C:\Users\Client\AppData\Roaming\C4DDD480-1424640721-81E1-2121-5404A6475795
2015-02-22 21:03 - 2015-02-23 19:48 - 00000000 ____D () C:\Users\Client\AppData\Roaming\C4DDD480-1424639019-81E1-2121-5404A6475795
2015-02-21 17:55 - 2015-02-23 19:48 - 00000000 ____D () C:\Program Files (x86)\f9481e41-3246-487b-ad8a-f8aa6e65596b
2015-02-23 23:17 - 2015-02-23 23:17 - 00000000 ____D () C:\Users\Client\AppData\Local\{A7A68837-4D5E-4682-90DB-486062BD55EC}
2015-02-23 20:10 - 2015-02-23 20:10 - 00000000 ____D () C:\Users\Client\AppData\Roaming\C4DDD480-1424722227-81E1-2121-5404A6475795
2015-02-23 20:03 - 2015-02-23 20:03 - 00002043 _____ () C:\Users\Client\Desktop\JRT.txt
2015-02-23 19:33 - 2015-02-23 19:33 - 00003160 _____ () C:\Windows\System32\Tasks\{E0D834E4-C9F8-4D6F-9A67-DEEC4A4F2298}
2015-02-26 21:52 - 2015-02-27 13:40 - 00000004 _____ () C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-02-26 14:05 - 2015-02-26 14:06 - 00000000 ____D () C:\Program Files (x86)\0879450e-1e34-468f-8d6a-7de7914c138a
2015-02-26 13:59 - 2015-02-26 14:00 - 00000000 ____D () C:\Users\Client\AppData\Roaming\C4DDD480-1424959190-81E1-2121-5404A6475795
2015-02-25 23:52 - 2015-02-27 14:47 - 00001688 _____ () C:\Windows\Tasks\RTEFYVO.job
2015-02-25 23:52 - 2015-02-25 23:53 - 00004726 _____ () C:\Windows\System32\Tasks\RTEFYVO
2015-02-25 23:52 - 2015-02-25 23:52 - 01986000 _____ (joep) C:\Users\Client\AppData\Roaming\RTEFYVO.exe
2015-02-25 23:51 - 2015-02-25 23:51 - 00000000 ____D () C:\Users\Client\Documents\DoctorPC
2015-02-25 23:50 - 2015-02-25 23:50 - 00000000 ____D () C:\Program Files (x86)\doctorpclab.com
2015-02-25 22:28 - 2015-02-25 22:29 - 00000000 ____D () C:\Users\Client\AppData\Roaming\C4DDD480-1424903337-81E1-2121-5404A6475795
2015-02-27 14:25 - 2015-02-27 14:25 - 00000000 ____D () C:\Users\Client\AppData\Roaming\C4DDD480-1425047141-81E1-2121-5404A6475795
2015-02-20 18:19 - 2014-11-22 08:06 - 00000000 ____D () C:\Users\Client\AppData\Roaming\LDCEzjh
15-01-25 11:12 - 2015-01-25 11:12 - 0001248 _____ () C:\Users\Client\AppData\Roaming\RTEFYVO
2015-02-25 23:52 - 2015-02-25 23:52 - 1986000 _____ (joep) C:\Users\Client\AppData\Roaming\RTEFYVO.exe
Task: {00CC0F1D-445C-4905-A9C2-CC9B1D2B84D4} - System32\Tasks\{CA309212-B6BA-4874-9D68-294FB6BF3056} => Iexplore.exe http://ui.skype.com/ui/0/6.1.73.129.456/fr/abandoninstall?page=tsBing
Task: {07944E70-EFE6-451D-B582-027BDB6DC80D} - System32\Tasks\Bu6WD2zw1CS03DM => C:\Users\Client\AppData\Roaming\qtXOq5H\Jpmly2r.exe [2015-02-20] ( )
Task: {30538DE2-B84B-4C20-98E5-2CDFFF00A6FD} - System32\Tasks\9nnZNhfxPUhb2Vv => C:\Users\Client\AppData\Roaming\LDCEzjh\KGTMD1A.exe [2014-11-22] ( )
Task: {4A9FD3AF-E436-4F7A-ADC3-86FF3FD733F4} - System32\Tasks\WIN-statsAdmin => C:\Users\Client\AppData\Local\Microsoft\WinU\~nrrbyty.exe <==== ATTENTION
Task: {6A1EA2A7-4FBB-4C9E-98AF-2D22A4C0E7FA} - System32\Tasks\WIN-statsSystem => C:\Users\Client\AppData\Local\Microsoft\WinU\~mvnidiu.exe
Task: {A13B6B33-7ADA-42A6-8EEA-B8F366EB7F89} - \af4814fd-f5f3-472b-9490-3ffb9a992d6c-1-6 No Task File <==== ATTENTION
Task: {A60729F2-A69C-4FC7-9C53-5F146F9F408E} - System32\Tasks\WIN-fdfEfEfAfC => C:\Users\Client\AppData\Roaming\~eotemqj.exe
Task: {A6B89637-0EEE-4D3C-BD2F-0CFD5ED18B9F} - System32\Tasks\{F6258122-27A3-49F6-B534-6A9A455C0347} => pcalua.exe -a C:\Users\Client\AppData\Roaming\omiga-plus\UninstallManager.exe -c -ptid=ill <==== ATTENTION
Task: {CC6B5BFD-E64B-4FF5-A158-29B192D986FE} - System32\Tasks\RTEFYVO => C:\Users\Client\AppData\Roaming\RTEFYVO.exe [2015-02-25] (joep) <==== ATTENTION
Task: {D251841E-FB12-4A86-9A80-8A6B2D6FE413} - System32\Tasks\WIN-GGfIfEGCfEGbGffIfCfEGC => C:\Users\Client\AppData\Roaming\~nfnxrnc.exe
Task: {F914B082-86A2-4637-ABF8-9BBA51DB99F4} - System32\Tasks\hPLY1oB8oSN3wT1 => C:\Users\Client\AppData\Roaming\OE5tl5J\IDCiyxR.exe [2015-02-20] ( )
Task: C:\Windows\Tasks\RTEFYVO.job => C:\Users\Client\AppData\Roaming\RTEFYVO.exe <==== ATTENTION


Une fois, le texte coller dans le bloc-note.
Menu Fichier puis Enregistrer sous.
A gauche, place toi sur le bureau.

Dans le champs en bas, nom du fichier mets : fixlist.txt
Clic sur Enregistrer - cela va créer un fichier fixlist.txt sur le bureau.

Relance FRST qui doit se trouver sur le bureau et clic sur le bouton Fix
Selon comment un redémarrage est nécessaire (pas obligatoire).
Un fichier texte apparaît, copie/colle le contenu ici dans un nouveau message.

Redémarre l'ordinateur


puis réinitialise tes navigateurs:
==================================
Réinitialise tes navigateurs et ou manuellement reparamètre tes navigateurs WEB (page de démarrage, moteur de recherche etc) mais aussi supprimer/désactiver les extensions inutiles/parasites :


Désinstalle
Ad-Aware Web Companion
Lavasoft
McAfee Security Scan
Web Companion
Messages postés
6
Date d'inscription
vendredi 27 février 2015
Statut
Membre
Dernière intervention
2 mars 2015

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 25-02-2015 01
Ran by Client at 2015-02-28 17:16:13 Run:1
Running from C:\Users\Client\Desktop
Loaded Profiles: Client (Available profiles: Client & Invité)
Boot Mode: Normal
==============================================

Content of fixlist:

2015-02-20 22:14 - 2015-02-23 19:48 - 00000000 ____D () C:\Users\Client\AppData\Local\C4DDD480-1424470493-81E1-2121-5404A6475795
2015-02-20 22:13 - 2015-02-23 19:48 - 00000000 ____D () C:\Users\Client\AppData\Roaming\C4DDD480-1424470381-81E1-2121-5404A6475795
2015-02-20 18:19 - 2015-02-23 19:48 - 00000000 ____D () C:\Users\Client\AppData\Roaming\qtXOq5H
2015-02-20 18:19 - 2015-02-23 19:48 - 00000000 ____D () C:\Users\Client\AppData\Roaming\OE5tl5J
2015-02-20 18:19 - 2015-02-20 18:19 - 00003282 _____ () C:\Windows\System32\Tasks\Bu6WD2zw1CS03DM
2015-02-20 18:19 - 2015-02-20 18:19 - 00003242 _____ () C:\Windows\System32\Tasks\hPLY1oB8oSN3wT1
2015-02-22 21:32 - 2015-02-23 19:48 - 00000000 ____D () C:\Users\Client\AppData\Roaming\C4DDD480-1424640721-81E1-2121-5404A6475795
2015-02-22 21:03 - 2015-02-23 19:48 - 00000000 ____D () C:\Users\Client\AppData\Roaming\C4DDD480-1424639019-81E1-2121-5404A6475795
2015-02-21 17:55 - 2015-02-23 19:48 - 00000000 ____D () C:\Program Files (x86)\f9481e41-3246-487b-ad8a-f8aa6e65596b
2015-02-23 23:17 - 2015-02-23 23:17 - 00000000 ____D () C:\Users\Client\AppData\Local\{A7A68837-4D5E-4682-90DB-486062BD55EC}
2015-02-23 20:10 - 2015-02-23 20:10 - 00000000 ____D () C:\Users\Client\AppData\Roaming\C4DDD480-1424722227-81E1-2121-5404A6475795
2015-02-23 20:03 - 2015-02-23 20:03 - 00002043 _____ () C:\Users\Client\Desktop\JRT.txt
2015-02-23 19:33 - 2015-02-23 19:33 - 00003160 _____ () C:\Windows\System32\Tasks\{E0D834E4-C9F8-4D6F-9A67-DEEC4A4F2298}
2015-02-26 21:52 - 2015-02-27 13:40 - 00000004 _____ () C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-02-26 14:05 - 2015-02-26 14:06 - 00000000 ____D () C:\Program Files (x86)\0879450e-1e34-468f-8d6a-7de7914c138a
2015-02-26 13:59 - 2015-02-26 14:00 - 00000000 ____D () C:\Users\Client\AppData\Roaming\C4DDD480-1424959190-81E1-2121-5404A6475795
2015-02-25 23:52 - 2015-02-27 14:47 - 00001688 _____ () C:\Windows\Tasks\RTEFYVO.job
2015-02-25 23:52 - 2015-02-25 23:53 - 00004726 _____ () C:\Windows\System32\Tasks\RTEFYVO
2015-02-25 23:52 - 2015-02-25 23:52 - 01986000 _____ (joep) C:\Users\Client\AppData\Roaming\RTEFYVO.exe
2015-02-25 23:51 - 2015-02-25 23:51 - 00000000 ____D () C:\Users\Client\Documents\DoctorPC
2015-02-25 23:50 - 2015-02-25 23:50 - 00000000 ____D () C:\Program Files (x86)\doctorpclab.com
2015-02-25 22:28 - 2015-02-25 22:29 - 00000000 ____D () C:\Users\Client\AppData\Roaming\C4DDD480-1424903337-81E1-2121-5404A6475795
2015-02-27 14:25 - 2015-02-27 14:25 - 00000000 ____D () C:\Users\Client\AppData\Roaming\C4DDD480-1425047141-81E1-2121-5404A6475795
2015-02-20 18:19 - 2014-11-22 08:06 - 00000000 ____D () C:\Users\Client\AppData\Roaming\LDCEzjh
15-01-25 11:12 - 2015-01-25 11:12 - 0001248 _____ () C:\Users\Client\AppData\Roaming\RTEFYVO
2015-02-25 23:52 - 2015-02-25 23:52 - 1986000 _____ (joep) C:\Users\Client\AppData\Roaming\RTEFYVO.exe
Task: {00CC0F1D-445C-4905-A9C2-CC9B1D2B84D4} - System32\Tasks\{CA309212-B6BA-4874-9D68-294FB6BF3056} => Iexplore.exe http://ui.skype.com/ui/0/6.1.73.129.456/fr/abandoninstall?page=tsBing
Task: {07944E70-EFE6-451D-B582-027BDB6DC80D} - System32\Tasks\Bu6WD2zw1CS03DM => C:\Users\Client\AppData\Roaming\qtXOq5H\Jpmly2r.exe [2015-02-20] ( )
Task: {30538DE2-B84B-4C20-98E5-2CDFFF00A6FD} - System32\Tasks\9nnZNhfxPUhb2Vv => C:\Users\Client\AppData\Roaming\LDCEzjh\KGTMD1A.exe [2014-11-22] ( )
Task: {4A9FD3AF-E436-4F7A-ADC3-86FF3FD733F4} - System32\Tasks\WIN-statsAdmin => C:\Users\Client\AppData\Local\Microsoft\WinU\~nrrbyty.exe <==== ATTENTION
Task: {6A1EA2A7-4FBB-4C9E-98AF-2D22A4C0E7FA} - System32\Tasks\WIN-statsSystem => C:\Users\Client\AppData\Local\Microsoft\WinU\~mvnidiu.exe
Task: {A13B6B33-7ADA-42A6-8EEA-B8F366EB7F89} - \af4814fd-f5f3-472b-9490-3ffb9a992d6c-1-6 No Task File <==== ATTENTION
Task: {A60729F2-A69C-4FC7-9C53-5F146F9F408E} - System32\Tasks\WIN-fdfEfEfAfC => C:\Users\Client\AppData\Roaming\~eotemqj.exe
Task: {A6B89637-0EEE-4D3C-BD2F-0CFD5ED18B9F} - System32\Tasks\{F6258122-27A3-49F6-B534-6A9A455C0347} => pcalua.exe -a C:\Users\Client\AppData\Roaming\omiga-plus\UninstallManager.exe -c -ptid=ill <==== ATTENTION
Task: {CC6B5BFD-E64B-4FF5-A158-29B192D986FE} - System32\Tasks\RTEFYVO => C:\Users\Client\AppData\Roaming\RTEFYVO.exe [2015-02-25] (joep) <==== ATTENTION
Task: {D251841E-FB12-4A86-9A80-8A6B2D6FE413} - System32\Tasks\WIN-GGfIfEGCfEGbGffIfCfEGC => C:\Users\Client\AppData\Roaming\~nfnxrnc.exe
Task: {F914B082-86A2-4637-ABF8-9BBA51DB99F4} - System32\Tasks\hPLY1oB8oSN3wT1 => C:\Users\Client\AppData\Roaming\OE5tl5J\IDCiyxR.exe [2015-02-20] ( )
Task: C:\Windows\Tasks\RTEFYVO.job => C:\Users\Client\AppData\Roaming\RTEFYVO.exe <==== ATTENTION


C:\Users\Client\AppData\Local\C4DDD480-1424470493-81E1-2121-5404A6475795 => Moved successfully.
C:\Users\Client\AppData\Roaming\C4DDD480-1424470381-81E1-2121-5404A6475795 => Moved successfully.
C:\Users\Client\AppData\Roaming\qtXOq5H => Moved successfully.
C:\Users\Client\AppData\Roaming\OE5tl5J => Moved successfully.
"C:\Windows\System32\Tasks\Bu6WD2zw1CS03DM" => File/Directory not found.
C:\Windows\System32\Tasks\hPLY1oB8oSN3wT1 => Moved successfully.
C:\Users\Client\AppData\Roaming\C4DDD480-1424640721-81E1-2121-5404A6475795 => Moved successfully.
C:\Users\Client\AppData\Roaming\C4DDD480-1424639019-81E1-2121-5404A6475795 => Moved successfully.
C:\Program Files (x86)\f9481e41-3246-487b-ad8a-f8aa6e65596b => Moved successfully.
C:\Users\Client\AppData\Local\{A7A68837-4D5E-4682-90DB-486062BD55EC} => Moved successfully.
C:\Users\Client\AppData\Roaming\C4DDD480-1424722227-81E1-2121-5404A6475795 => Moved successfully.
"C:\Users\Client\Desktop\JRT.txt" => File/Directory not found.
C:\Windows\System32\Tasks\{E0D834E4-C9F8-4D6F-9A67-DEEC4A4F2298} => Moved successfully.
C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7 => Moved successfully.
C:\Program Files (x86)\0879450e-1e34-468f-8d6a-7de7914c138a => Moved successfully.
C:\Users\Client\AppData\Roaming\C4DDD480-1424959190-81E1-2121-5404A6475795 => Moved successfully.
"C:\Windows\Tasks\RTEFYVO.job" => File/Directory not found.
"C:\Windows\System32\Tasks\RTEFYVO" => File/Directory not found.
"C:\Users\Client\AppData\Roaming\RTEFYVO.exe" => File/Directory not found.
"C:\Users\Client\Documents\DoctorPC" => File/Directory not found.
C:\Program Files (x86)\doctorpclab.com => Moved successfully.
C:\Users\Client\AppData\Roaming\C4DDD480-1424903337-81E1-2121-5404A6475795 => Moved successfully.
C:\Users\Client\AppData\Roaming\C4DDD480-1425047141-81E1-2121-5404A6475795 => Moved successfully.
C:\Users\Client\AppData\Roaming\LDCEzjh => Moved successfully.
15-01-25 11:12 - 2015-01-25 11:12 - 0001248 _____ () C:\Users\Client\AppData\Roaming\RTEFYVO => Error: No automatic fix found for this entry.
"C:\Users\Client\AppData\Roaming\RTEFYVO.exe" => File/Directory not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{00CC0F1D-445C-4905-A9C2-CC9B1D2B84D4}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{00CC0F1D-445C-4905-A9C2-CC9B1D2B84D4}" => Key deleted successfully.
C:\Windows\System32\Tasks\{CA309212-B6BA-4874-9D68-294FB6BF3056} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{CA309212-B6BA-4874-9D68-294FB6BF3056}" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{07944E70-EFE6-451D-B582-027BDB6DC80D} => Key not found.
C:\Windows\System32\Tasks\Bu6WD2zw1CS03DM not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Bu6WD2zw1CS03DM => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{30538DE2-B84B-4C20-98E5-2CDFFF00A6FD}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{30538DE2-B84B-4C20-98E5-2CDFFF00A6FD}" => Key deleted successfully.
C:\Windows\System32\Tasks\9nnZNhfxPUhb2Vv => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\9nnZNhfxPUhb2Vv" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4A9FD3AF-E436-4F7A-ADC3-86FF3FD733F4}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4A9FD3AF-E436-4F7A-ADC3-86FF3FD733F4}" => Key deleted successfully.
C:\Windows\System32\Tasks\WIN-statsAdmin => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WIN-statsAdmin" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6A1EA2A7-4FBB-4C9E-98AF-2D22A4C0E7FA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6A1EA2A7-4FBB-4C9E-98AF-2D22A4C0E7FA}" => Key deleted successfully.
C:\Windows\System32\Tasks\WIN-statsSystem => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WIN-statsSystem" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A13B6B33-7ADA-42A6-8EEA-B8F366EB7F89}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A13B6B33-7ADA-42A6-8EEA-B8F366EB7F89}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\af4814fd-f5f3-472b-9490-3ffb9a992d6c-1-6" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A60729F2-A69C-4FC7-9C53-5F146F9F408E}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A60729F2-A69C-4FC7-9C53-5F146F9F408E}" => Key deleted successfully.
C:\Windows\System32\Tasks\WIN-fdfEfEfAfC => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WIN-fdfEfEfAfC" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A6B89637-0EEE-4D3C-BD2F-0CFD5ED18B9F}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A6B89637-0EEE-4D3C-BD2F-0CFD5ED18B9F}" => Key deleted successfully.
C:\Windows\System32\Tasks\{F6258122-27A3-49F6-B534-6A9A455C0347} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F6258122-27A3-49F6-B534-6A9A455C0347}" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CC6B5BFD-E64B-4FF5-A158-29B192D986FE} => Key not found.
C:\Windows\System32\Tasks\RTEFYVO not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RTEFYVO => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D251841E-FB12-4A86-9A80-8A6B2D6FE413}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D251841E-FB12-4A86-9A80-8A6B2D6FE413}" => Key deleted successfully.
C:\Windows\System32\Tasks\WIN-GGfIfEGCfEGbGffIfCfEGC => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WIN-GGfIfEGCfEGbGffIfCfEGC" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F914B082-86A2-4637-ABF8-9BBA51DB99F4}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F914B082-86A2-4637-ABF8-9BBA51DB99F4}" => Key deleted successfully.
C:\Windows\System32\Tasks\hPLY1oB8oSN3wT1 not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\hPLY1oB8oSN3wT1" => Key deleted successfully.
C:\Windows\Tasks\RTEFYVO.job not found.

End of Fixlog 17:16:21

Messages postés
6
Date d'inscription
vendredi 27 février 2015
Statut
Membre
Dernière intervention
2 mars 2015

Voici le résultat du scan, j'ai supprimé ce que tu as suggéré mais istartsurf revient ssans cesse. Même après la réinitialisation de Chrome et le remplacement du du raccourci sur le bureau .
Je le vois encore dans le désinstall du panneau de configuration.

Toute une cochonnerie ce adware
Messages postés
180265
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
26 mars 2021
23 726
et dans les paramètres d'ouvertures de pages, tu as quoi ?
ensembles de pages avec istartsurf?
Messages postés
6
Date d'inscription
vendredi 27 février 2015
Statut
Membre
Dernière intervention
2 mars 2015

J'ai tout corrigé les paramètres et cela plusieurs fois et et ça revient sans cesse. J'ai aussi noté dans ma barre de tâches une icone identifiée Search Protect qui semble me poser problème mais je suis incapable de m'en débarrasser.
Messages postés
6
Date d'inscription
vendredi 27 février 2015
Statut
Membre
Dernière intervention
2 mars 2015

Merci de tout coeur, j'ai eu à faire quelques manipulations de plus et j'ai aussi changé mon antivirus pour Avast. J'ai exécuté une fois de plus Adwcleaner, retiré tous les modules complémentaires de Chrome, désactivé le compte invité ect. Pour le moment, tout semble rentré dans l'ordre.
MERCI
Roger
Messages postés
180265
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
26 mars 2021
23 726
=)


Voila, c'est terminé, tu peux supprimer les programmes utilisés.

Quelques conseils :



Pour prévenir les sites malicieux, tu peux installer Blockulicious : https://forum.malekal.com/viewtopic.php?t=46656&start=


Pour ne plus te faire avoir.
A lire - Programmes parasites / PUPs : https://www.malekal.com/adwares-pup-protection/


Le reste de la sécurité : http://forum.malekal.com/comment-securiser-son-ordinateur.html