Comment supprimer ADS by Cloudscout (besoin du script !)
Fermé
iSpeeX
Messages postés
3
Date d'inscription
samedi 27 juin 2015
Statut
Membre
Dernière intervention
27 juin 2015
-
27 juin 2015 à 22:36
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 - 27 juin 2015 à 23:18
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 - 27 juin 2015 à 23:18
A voir également:
- Comment supprimer ADS by Cloudscout (besoin du script !)
- Script vidéo youtube - Guide
- Comment supprimer une page sur word - Guide
- Supprimer compte instagram - Guide
- Supprimer pub youtube - Accueil - Streaming
- Impossible de supprimer un fichier - Guide
3 réponses
Utilisateur anonyme
Modifié par Bl@ck_LiGHT le 27/06/2015 à 22:40
Modifié par Bl@ck_LiGHT le 27/06/2015 à 22:40
Bonjour iSpeeX
Nous allons regarder cela de plus près.
Le rapport de ZHPDiag doit être posté en lien, il est trop long pour tenir dans une réponse.
ZHPDiag(de Nicolas coolman)
ZHPDiag : https://nicolascoolman.eu
Pour poster le rapport en lien dans ta réponse utilise cet hébergeur de fichiers : http://www.cjoint.com/
.::Helper en désinfection PC::.
Nous allons regarder cela de plus près.
Le rapport de ZHPDiag doit être posté en lien, il est trop long pour tenir dans une réponse.
ZHPDiag(de Nicolas coolman)
ZHPDiag : https://nicolascoolman.eu
- Pour Vista Windows 7 et Windows 8 clic droit sur le fichier téléchargé et Exécuter en tant qu'administrateur
- Deux icônes seront crées sur le bureau lors de son installation ZHPDiag et ZHPFix
- Lance ZHPDiag en double cliquant sur son icône présente sur le bureau
- Pour Vista Windows 7 et Windows 8 clic droit sur le raccourci de ZHPDiag et Exécuter en tant qu'administrateur
- Clique sur Complet
- Laisse le scan se dérouler.
- Le scan terminé le rapport sera automatiquement sauvegardé sur le bureau sous ce nom ZHPDiag.txt
- Sinon le rapport se trouvera aussi ici ==> c:\ZHP\ZHPDiag.txt
Pour poster le rapport en lien dans ta réponse utilise cet hébergeur de fichiers : http://www.cjoint.com/
.::Helper en désinfection PC::.
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 663
Modifié par Malekal_morte- le 27/06/2015 à 22:44
Modifié par Malekal_morte- le 27/06/2015 à 22:44
Salut,
Tu as mis un mot de passe sur les rapports, donc on ne peut pas les lire.
Sinon ceci devrait faire l'affaire comme sur les autres sujets résolus :
Remets/vérifie que tous les serveurs de noms (DNS) sont automatiques : https://forum.malekal.com/viewtopic.php?t=48312&start=
PUIS ensuite vide le cache DNS et internet.
Les 3 étapes sont importantes et à faire sinon les pubs vont continuer.
Like the angel you are, you laugh creating a lightness in my chest,
Your eyes they penetrate me,
(Your answer's always 'maybe')
That's when I got up and left
Tu as mis un mot de passe sur les rapports, donc on ne peut pas les lire.
Sinon ceci devrait faire l'affaire comme sur les autres sujets résolus :
Remets/vérifie que tous les serveurs de noms (DNS) sont automatiques : https://forum.malekal.com/viewtopic.php?t=48312&start=
PUIS ensuite vide le cache DNS et internet.
Les 3 étapes sont importantes et à faire sinon les pubs vont continuer.
Like the angel you are, you laugh creating a lightness in my chest,
Your eyes they penetrate me,
(Your answer's always 'maybe')
That's when I got up and left
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 663
27 juin 2015 à 22:51
27 juin 2015 à 22:51
Le mot de passe a été envoyé en PM.
Voici la correction à effectuer avec FRST.
Tu peux t'inspirer de cette note explicative avec des captures d'écran pour t'aider: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/#fix
Ouvre le bloc-notes : Touche Windows + R, dans le champs executer, tape notepad et OK.
Copie/colle dedans ce qui suit :
HKLM\...\Run: [shopperz] => C:\Program Files\shopperz\Ynauoihe.exe
HKLM\...\Run: [shopperz64] => C:\Program Files\shopperz\Ynauoihe64.exe
HKLM-x32\...\Run: [SmartWeb] => C:\Users\DOMZEN06\AppData\Local\SmartWeb\SmartWebHelper.exe
HKLM-x32\...\Run: [gmsd_fr_005010014] => [X]
FF Extension: No Name - C:\Users\DOMZEN06\AppData\Roaming\Mozilla\Firefox\Profiles\vjwejrec.default-1416659744052\extensions\39ffxtbr@www.mapsgalaxy.com [not found]
FF Extension: No Name - C:\Users\DOMZEN06\AppData\Roaming\Mozilla\Firefox\Profiles\vjwejrec.default-1416659744052\extensions\arthurj8283@gmail.com [not found]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [not found]
2015-06-27 21:57 - 2015-06-27 21:57 - 00000000 ____D C:\Users\DOMZEN06\Documents\Optimizer Pro
2015-06-27 21:52 - 2015-06-27 21:52 - 00000000 ____D C:\Program Files (x86)\predm
2015-06-22 00:00 - 2015-06-22 00:00 - 00613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nscBF4B.tmp
2015-06-21 23:59 - 2015-06-21 23:59 - 00003634 _____ C:\Windows\System32\Tasks\Ioect
2015-06-21 23:59 - 2015-06-18 12:08 - 00061336 _____ (Cherimoya Ltd) C:\Windows\system32\Drivers\cherimoya.sys
2015-06-21 19:46 - 2015-06-21 19:46 - 00613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nsyD45.tmp
2015-06-21 19:28 - 2015-06-21 19:28 - 00000000 ____D C:\ProgramData\IHProtectUpDate
2015-06-21 19:28 - 2015-06-21 19:27 - 00613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nsr8300.tmp
2015-06-21 19:27 - 2015-06-26 22:34 - 00004044 _____ C:\Windows\System32\Tasks\SmartWeb Upgrade Trigger Task
2015-06-21 19:27 - 2015-06-26 22:12 - 00000000 ____D C:\Program Files (x86)\MiuiTab
2015-06-21 17:26 - 2015-06-21 17:26 - 00613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nst8A28.tmp
2015-06-21 17:19 - 2015-06-21 17:24 - 00000000 ____D C:\Users\DOMZEN06\AppData\Local\gmsd_fr_002020008
2015-06-21 17:10 - 2015-06-21 17:10 - 00613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nsn533A.tmp
2015-06-20 02:04 - 2015-06-20 02:04 - 00000000 ____D C:\ProgramData\{09b9b015-1280-f39d-09b9-9b015128c054}
2015-06-20 01:59 - 2015-06-20 01:59 - 00000000 ____D C:\Users\DOMZEN06\AppData\Roaming\288F1C80-1434758374-81E1-23A3-10BF4814D716
2015-06-20 01:49 - 2015-06-20 01:49 - 00613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nscCF13.tmp
2015-06-19 23:55 - 2015-06-19 23:55 - 00613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nsp496A.tmp
2015-06-19 23:46 - 2015-06-20 01:58 - 00000000 ____D C:\Users\DOMZEN06\AppData\Local\gmsd_fr_005010007
2015-06-19 19:26 - 2015-06-19 19:26 - 00613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nsiBFE4.tmp
2015-06-18 22:20 - 2015-06-18 22:20 - 00613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nsy5F8C.tmp
2015-06-16 21:04 - 2015-06-16 21:04 - 00613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nsc126B.tmp
2015-06-16 21:03 - 2015-06-16 21:03 - 00000000 _____ C:\Windows\prleth.sys
2015-06-16 21:03 - 2015-06-16 21:03 - 00000000 _____ C:\Windows\hgfs.sys
2015-06-16 20:34 - 2015-06-26 22:20 - 00000000 ____D C:\Users\DOMZEN06\AppData\Local\288F1C80-1434486863-81E1-23A3-10BF4814D716
2015-06-16 20:32 - 2015-06-26 22:17 - 00000000 ____D C:\Users\DOMZEN06\AppData\Local\288F1C80-1434486726-81E1-23A3-10BF4814D716
2015-06-16 20:32 - 2015-06-16 23:10 - 00000000 ____D C:\Program Files (x86)\CutterGeneration
2015-06-16 20:31 - 2015-06-26 22:13 - 00000000 ____D C:\Users\DOMZEN06\AppData\Roaming\288F1C80-1434479479-81E1-23A3-10BF4814D716
2015-06-16 20:31 - 2015-06-16 20:42 - 00000000 ____D C:\ProgramData\{8cbfc9a0-0e4b-60d0-8cbf-fc9a00e42680}
2015-06-16 20:31 - 2015-06-16 20:32 - 00000000 ____D C:\ProgramData\8244572019325762438
2015-06-16 20:31 - 2015-06-16 20:31 - 00000000 ____D C:\ProgramData\hidkddeihdbjgnlpfjjdbcehbjhpifll
2015-06-10 16:36 - 2015-04-11 05:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-06-10 00:13 - 2015-06-16 20:42 - 00000000 ____D C:\Users\DOMZEN06\AppData\Local\25955
2015-06-09 23:46 - 2015-06-16 20:31 - 00000000 ___HD C:\ProgramData\joy
2015-06-08 16:54 - 2015-06-08 16:54 - 00000000 ____D C:\Users\DOMZEN06\AppData\Roaming\Yahoo!
2015-06-08 16:54 - 2015-06-08 16:54 - 00000000 ____D C:\ProgramData\Yahoo!
2015-06-08 14:55 - 2015-06-08 19:42 - 00000112 _____ C:\ProgramData\8A51J0f.dat
2015-06-08 13:11 - 2015-06-08 20:51 - 00000000 ____D C:\ProgramData\abc
2015-06-08 13:09 - 2015-06-08 13:09 - 00000000 _____ C:\Windows\SysWOW64\Number of results
2015-06-08 13:06 - 2015-06-21 16:42 - 00003164 _____ C:\Windows\System32\Tasks\{8CC7942C-F2B7-4222-B53E-46E448F310BC}
2015-06-08 12:27 - 2015-06-27 18:55 - 00045056 _____ C:\Windows\SysWOW64\acovcnt.exe
2015-06-08 12:13 - 2015-06-24 19:39 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-06-08 12:10 - 2009-06-10 23:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hp.bak
2015-06-08 12:09 - 2015-06-26 22:20 - 00000000 ____D C:\Users\DOMZEN06\AppData\Roaming\288F1C80-1433758165-81E1-23A3-10BF4814D716
2015-06-08 12:09 - 2015-06-08 12:09 - 00631296 _____ C:\Windows\joy.dat
012-07-21 21:54 - 2015-06-27 18:55 - 0000387 _____ () C:\Users\DOMZEN06\AppData\Roaming\sp_data.sys
2015-06-16 21:04 - 2015-06-16 21:04 - 0613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nsc126B.tmp
2015-06-22 00:00 - 2015-06-22 00:00 - 0613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nscBF4B.tmp
2015-06-20 01:49 - 2015-06-20 01:49 - 0613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nscCF13.tmp
2015-06-19 19:26 - 2015-06-19 19:26 - 0613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nsiBFE4.tmp
2015-06-21 17:10 - 2015-06-21 17:10 - 0613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nsn533A.tmp
2015-06-19 23:55 - 2015-06-19 23:55 - 0613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nsp496A.tmp
2015-06-21 19:28 - 2015-06-21 19:27 - 0613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nsr8300.tmp
2015-06-21 17:26 - 2015-06-21 17:26 - 0613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nst8A28.tmp
2015-06-18 22:20 - 2015-06-18 22:20 - 0613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nsy5F8C.tmp
2015-06-21 19:46 - 2015-06-21 19:46 - 0613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nsyD45.tmp
Task: {132AD632-F2D5-4FB4-909A-4336B64DB55A} - System32\Tasks\{8CC7942C-F2B7-4222-B53E-46E448F310BC} => pcalua.exe -a C:\Users\DOMZEN06\AppData\Roaming\mystartsearch\UninstallManager.exe -c -ptid=cmi
Task: {2F960467-696E-4862-9C99-A034311AF72D} - \SpyHunter4Startup No Task File <==== ATTENTION
Task: {68A61DE0-9708-45DC-A9AE-61CB27E94BCF} - System32\Tasks\WebInternetSecurity Update Task => C:\Program Files (x86)\Webinternetsecurity\uninstall.webinternetsecurity.exe <==== ATTENTION
Task: {7D6F95F8-77E8-48E1-B2C9-099E924610F1} - \iren3006 No Task File <==== ATTENTION
Task: {CB1CEABD-887C-4929-9743-28147AD2D8AE} - System32\Tasks\Ioect => C:\Program Files\shopperz\Ewvdwdoae.bat <==== ATTENTION
Task: {F5574861-E994-4C87-956E-76CCABD0C6DC} - System32\Tasks\SmartWeb Upgrade Trigger Task => C:\Users\DOMZEN06\AppData\Local\SmartWeb\SmartWebHelper.exe <==== ATTENTION
Une fois, le texte coller dans le bloc-note.
Menu Fichier puis Enregistrer sous.
A gauche, place toi sur le bureau.
Dans le champs en bas, nom du fichier mets : fixlist.txt
Clic sur Enregistrer - cela va créer un fichier fixlist.txt sur le bureau.
Relance FRST et clic sur le bouton Fix
Selon comment un redémarrage est nécessaire (pas obligatoire).
Un fichier texte apparaà®t, copie/colle le contenu ici dans un nouveau message.
Redémarre l'ordinateur
puis réinitialise tes navigateurs:
==================================
Réinitialise tes navigateurs et ou manuellement reparamètre tes navigateurs WEB (page de démarrage, moteur de recherche etc) mais aussi supprimer/désactiver les extensions inutiles/parasites :
puis suivre la procédure des resets DNS.
~~
Côté antivirus, désinstalle SuperAntispyware.
Aussi ton Norton a l'air pas à jour, si tu ne l'as pas acheté ou ne compte pas l'acheté.
Désinstalle le et Installe Avast! : https://www.malekal.com/tutoriel-antivirus-avast/
Surtout active les détections LPIs.
Voici la correction à effectuer avec FRST.
Tu peux t'inspirer de cette note explicative avec des captures d'écran pour t'aider: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/#fix
Ouvre le bloc-notes : Touche Windows + R, dans le champs executer, tape notepad et OK.
Copie/colle dedans ce qui suit :
HKLM\...\Run: [shopperz] => C:\Program Files\shopperz\Ynauoihe.exe
HKLM\...\Run: [shopperz64] => C:\Program Files\shopperz\Ynauoihe64.exe
HKLM-x32\...\Run: [SmartWeb] => C:\Users\DOMZEN06\AppData\Local\SmartWeb\SmartWebHelper.exe
HKLM-x32\...\Run: [gmsd_fr_005010014] => [X]
FF Extension: No Name - C:\Users\DOMZEN06\AppData\Roaming\Mozilla\Firefox\Profiles\vjwejrec.default-1416659744052\extensions\39ffxtbr@www.mapsgalaxy.com [not found]
FF Extension: No Name - C:\Users\DOMZEN06\AppData\Roaming\Mozilla\Firefox\Profiles\vjwejrec.default-1416659744052\extensions\arthurj8283@gmail.com [not found]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [not found]
2015-06-27 21:57 - 2015-06-27 21:57 - 00000000 ____D C:\Users\DOMZEN06\Documents\Optimizer Pro
2015-06-27 21:52 - 2015-06-27 21:52 - 00000000 ____D C:\Program Files (x86)\predm
2015-06-22 00:00 - 2015-06-22 00:00 - 00613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nscBF4B.tmp
2015-06-21 23:59 - 2015-06-21 23:59 - 00003634 _____ C:\Windows\System32\Tasks\Ioect
2015-06-21 23:59 - 2015-06-18 12:08 - 00061336 _____ (Cherimoya Ltd) C:\Windows\system32\Drivers\cherimoya.sys
2015-06-21 19:46 - 2015-06-21 19:46 - 00613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nsyD45.tmp
2015-06-21 19:28 - 2015-06-21 19:28 - 00000000 ____D C:\ProgramData\IHProtectUpDate
2015-06-21 19:28 - 2015-06-21 19:27 - 00613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nsr8300.tmp
2015-06-21 19:27 - 2015-06-26 22:34 - 00004044 _____ C:\Windows\System32\Tasks\SmartWeb Upgrade Trigger Task
2015-06-21 19:27 - 2015-06-26 22:12 - 00000000 ____D C:\Program Files (x86)\MiuiTab
2015-06-21 17:26 - 2015-06-21 17:26 - 00613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nst8A28.tmp
2015-06-21 17:19 - 2015-06-21 17:24 - 00000000 ____D C:\Users\DOMZEN06\AppData\Local\gmsd_fr_002020008
2015-06-21 17:10 - 2015-06-21 17:10 - 00613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nsn533A.tmp
2015-06-20 02:04 - 2015-06-20 02:04 - 00000000 ____D C:\ProgramData\{09b9b015-1280-f39d-09b9-9b015128c054}
2015-06-20 01:59 - 2015-06-20 01:59 - 00000000 ____D C:\Users\DOMZEN06\AppData\Roaming\288F1C80-1434758374-81E1-23A3-10BF4814D716
2015-06-20 01:49 - 2015-06-20 01:49 - 00613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nscCF13.tmp
2015-06-19 23:55 - 2015-06-19 23:55 - 00613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nsp496A.tmp
2015-06-19 23:46 - 2015-06-20 01:58 - 00000000 ____D C:\Users\DOMZEN06\AppData\Local\gmsd_fr_005010007
2015-06-19 19:26 - 2015-06-19 19:26 - 00613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nsiBFE4.tmp
2015-06-18 22:20 - 2015-06-18 22:20 - 00613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nsy5F8C.tmp
2015-06-16 21:04 - 2015-06-16 21:04 - 00613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nsc126B.tmp
2015-06-16 21:03 - 2015-06-16 21:03 - 00000000 _____ C:\Windows\prleth.sys
2015-06-16 21:03 - 2015-06-16 21:03 - 00000000 _____ C:\Windows\hgfs.sys
2015-06-16 20:34 - 2015-06-26 22:20 - 00000000 ____D C:\Users\DOMZEN06\AppData\Local\288F1C80-1434486863-81E1-23A3-10BF4814D716
2015-06-16 20:32 - 2015-06-26 22:17 - 00000000 ____D C:\Users\DOMZEN06\AppData\Local\288F1C80-1434486726-81E1-23A3-10BF4814D716
2015-06-16 20:32 - 2015-06-16 23:10 - 00000000 ____D C:\Program Files (x86)\CutterGeneration
2015-06-16 20:31 - 2015-06-26 22:13 - 00000000 ____D C:\Users\DOMZEN06\AppData\Roaming\288F1C80-1434479479-81E1-23A3-10BF4814D716
2015-06-16 20:31 - 2015-06-16 20:42 - 00000000 ____D C:\ProgramData\{8cbfc9a0-0e4b-60d0-8cbf-fc9a00e42680}
2015-06-16 20:31 - 2015-06-16 20:32 - 00000000 ____D C:\ProgramData\8244572019325762438
2015-06-16 20:31 - 2015-06-16 20:31 - 00000000 ____D C:\ProgramData\hidkddeihdbjgnlpfjjdbcehbjhpifll
2015-06-10 16:36 - 2015-04-11 05:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-06-10 00:13 - 2015-06-16 20:42 - 00000000 ____D C:\Users\DOMZEN06\AppData\Local\25955
2015-06-09 23:46 - 2015-06-16 20:31 - 00000000 ___HD C:\ProgramData\joy
2015-06-08 16:54 - 2015-06-08 16:54 - 00000000 ____D C:\Users\DOMZEN06\AppData\Roaming\Yahoo!
2015-06-08 16:54 - 2015-06-08 16:54 - 00000000 ____D C:\ProgramData\Yahoo!
2015-06-08 14:55 - 2015-06-08 19:42 - 00000112 _____ C:\ProgramData\8A51J0f.dat
2015-06-08 13:11 - 2015-06-08 20:51 - 00000000 ____D C:\ProgramData\abc
2015-06-08 13:09 - 2015-06-08 13:09 - 00000000 _____ C:\Windows\SysWOW64\Number of results
2015-06-08 13:06 - 2015-06-21 16:42 - 00003164 _____ C:\Windows\System32\Tasks\{8CC7942C-F2B7-4222-B53E-46E448F310BC}
2015-06-08 12:27 - 2015-06-27 18:55 - 00045056 _____ C:\Windows\SysWOW64\acovcnt.exe
2015-06-08 12:13 - 2015-06-24 19:39 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-06-08 12:10 - 2009-06-10 23:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hp.bak
2015-06-08 12:09 - 2015-06-26 22:20 - 00000000 ____D C:\Users\DOMZEN06\AppData\Roaming\288F1C80-1433758165-81E1-23A3-10BF4814D716
2015-06-08 12:09 - 2015-06-08 12:09 - 00631296 _____ C:\Windows\joy.dat
012-07-21 21:54 - 2015-06-27 18:55 - 0000387 _____ () C:\Users\DOMZEN06\AppData\Roaming\sp_data.sys
2015-06-16 21:04 - 2015-06-16 21:04 - 0613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nsc126B.tmp
2015-06-22 00:00 - 2015-06-22 00:00 - 0613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nscBF4B.tmp
2015-06-20 01:49 - 2015-06-20 01:49 - 0613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nscCF13.tmp
2015-06-19 19:26 - 2015-06-19 19:26 - 0613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nsiBFE4.tmp
2015-06-21 17:10 - 2015-06-21 17:10 - 0613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nsn533A.tmp
2015-06-19 23:55 - 2015-06-19 23:55 - 0613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nsp496A.tmp
2015-06-21 19:28 - 2015-06-21 19:27 - 0613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nsr8300.tmp
2015-06-21 17:26 - 2015-06-21 17:26 - 0613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nst8A28.tmp
2015-06-18 22:20 - 2015-06-18 22:20 - 0613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nsy5F8C.tmp
2015-06-21 19:46 - 2015-06-21 19:46 - 0613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nsyD45.tmp
Task: {132AD632-F2D5-4FB4-909A-4336B64DB55A} - System32\Tasks\{8CC7942C-F2B7-4222-B53E-46E448F310BC} => pcalua.exe -a C:\Users\DOMZEN06\AppData\Roaming\mystartsearch\UninstallManager.exe -c -ptid=cmi
Task: {2F960467-696E-4862-9C99-A034311AF72D} - \SpyHunter4Startup No Task File <==== ATTENTION
Task: {68A61DE0-9708-45DC-A9AE-61CB27E94BCF} - System32\Tasks\WebInternetSecurity Update Task => C:\Program Files (x86)\Webinternetsecurity\uninstall.webinternetsecurity.exe <==== ATTENTION
Task: {7D6F95F8-77E8-48E1-B2C9-099E924610F1} - \iren3006 No Task File <==== ATTENTION
Task: {CB1CEABD-887C-4929-9743-28147AD2D8AE} - System32\Tasks\Ioect => C:\Program Files\shopperz\Ewvdwdoae.bat <==== ATTENTION
Task: {F5574861-E994-4C87-956E-76CCABD0C6DC} - System32\Tasks\SmartWeb Upgrade Trigger Task => C:\Users\DOMZEN06\AppData\Local\SmartWeb\SmartWebHelper.exe <==== ATTENTION
Une fois, le texte coller dans le bloc-note.
Menu Fichier puis Enregistrer sous.
A gauche, place toi sur le bureau.
Dans le champs en bas, nom du fichier mets : fixlist.txt
Clic sur Enregistrer - cela va créer un fichier fixlist.txt sur le bureau.
Relance FRST et clic sur le bouton Fix
Selon comment un redémarrage est nécessaire (pas obligatoire).
Un fichier texte apparaà®t, copie/colle le contenu ici dans un nouveau message.
Redémarre l'ordinateur
puis réinitialise tes navigateurs:
==================================
Réinitialise tes navigateurs et ou manuellement reparamètre tes navigateurs WEB (page de démarrage, moteur de recherche etc) mais aussi supprimer/désactiver les extensions inutiles/parasites :
- Internet Explorer et modules complémentaires / moteurs de recherche : https://forum.malekal.com/viewtopic.php?t=41399&start=
- Firefox : https://www.malekal.com/reparer-firefox/?t=36057&start=
- Google Chrome : https://www.malekal.com/reparer-google-chrome/?t=35837&start=
puis suivre la procédure des resets DNS.
~~
Côté antivirus, désinstalle SuperAntispyware.
Aussi ton Norton a l'air pas à jour, si tu ne l'as pas acheté ou ne compte pas l'acheté.
Désinstalle le et Installe Avast! : https://www.malekal.com/tutoriel-antivirus-avast/
Surtout active les détections LPIs.
iSpeeX
Messages postés
3
Date d'inscription
samedi 27 juin 2015
Statut
Membre
Dernière intervention
27 juin 2015
27 juin 2015 à 23:13
27 juin 2015 à 23:13
Le fix est fait, le log est posté ensuite, j'ai réinitialiser les DNS ainsi que mes navigateurs. Norton et compagnie sont en cours de désinstallation et je vais installer Avira plutôt que Avast (je préfère). C'est quoi les LPIs ?
Encore MERCI POUR TOUT ! Vous êtes vraiment très gentil et très rapide, merci énormément !
Encore MERCI POUR TOUT ! Vous êtes vraiment très gentil et très rapide, merci énormément !
iSpeeX
Messages postés
3
Date d'inscription
samedi 27 juin 2015
Statut
Membre
Dernière intervention
27 juin 2015
27 juin 2015 à 23:10
27 juin 2015 à 23:10
Voici le FIXLOG :
Fix result of Farbar Recovery Scan Tool (x64) Version:24-06-2015
Ran by DOMZEN06 at 2015-06-27 22:55:48 Run:1
Running from C:\Users\DOMZEN06\Desktop
Loaded Profiles: UpdatusUser & DOMZEN06 & DefaultAppPool (Available Profiles: UpdatusUser & DOMZEN06 & DefaultAppPool)
Boot Mode: Normal
==============================================
fixlist content:
HKLM\...\Run: [shopperz] => C:\Program Files\shopperz\Ynauoihe.exe
HKLM\...\Run: [shopperz64] => C:\Program Files\shopperz\Ynauoihe64.exe
HKLM-x32\...\Run: [SmartWeb] => C:\Users\DOMZEN06\AppData\Local\SmartWeb\SmartWebHelper.exe
HKLM-x32\...\Run: [gmsd_fr_005010014] => [X]
FF Extension: No Name - C:\Users\DOMZEN06\AppData\Roaming\Mozilla\Firefox\Profiles\vjwejrec.default-1416659744052\extensions\39ffxtbr@www.mapsgalaxy.com [not found]
FF Extension: No Name - C:\Users\DOMZEN06\AppData\Roaming\Mozilla\Firefox\Profiles\vjwejrec.default-1416659744052\extensions\arthurj8283@gmail.com [not found]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [not found]
2015-06-27 21:57 - 2015-06-27 21:57 - 00000000 ____D C:\Users\DOMZEN06\Documents\Optimizer Pro
2015-06-27 21:52 - 2015-06-27 21:52 - 00000000 ____D C:\Program Files (x86)\predm
2015-06-22 00:00 - 2015-06-22 00:00 - 00613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nscBF4B.tmp
2015-06-21 23:59 - 2015-06-21 23:59 - 00003634 _____ C:\Windows\System32\Tasks\Ioect
2015-06-21 23:59 - 2015-06-18 12:08 - 00061336 _____ (Cherimoya Ltd) C:\Windows\system32\Drivers\cherimoya.sys
2015-06-21 19:46 - 2015-06-21 19:46 - 00613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nsyD45.tmp
2015-06-21 19:28 - 2015-06-21 19:28 - 00000000 ____D C:\ProgramData\IHProtectUpDate
2015-06-21 19:28 - 2015-06-21 19:27 - 00613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nsr8300.tmp
2015-06-21 19:27 - 2015-06-26 22:34 - 00004044 _____ C:\Windows\System32\Tasks\SmartWeb Upgrade Trigger Task
2015-06-21 19:27 - 2015-06-26 22:12 - 00000000 ____D C:\Program Files (x86)\MiuiTab
2015-06-21 17:26 - 2015-06-21 17:26 - 00613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nst8A28.tmp
2015-06-21 17:19 - 2015-06-21 17:24 - 00000000 ____D C:\Users\DOMZEN06\AppData\Local\gmsd_fr_002020008
2015-06-21 17:10 - 2015-06-21 17:10 - 00613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nsn533A.tmp
2015-06-20 02:04 - 2015-06-20 02:04 - 00000000 ____D C:\ProgramData\{09b9b015-1280-f39d-09b9-9b015128c054}
2015-06-20 01:59 - 2015-06-20 01:59 - 00000000 ____D C:\Users\DOMZEN06\AppData\Roaming\288F1C80-1434758374-81E1-23A3-10BF4814D716
2015-06-20 01:49 - 2015-06-20 01:49 - 00613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nscCF13.tmp
2015-06-19 23:55 - 2015-06-19 23:55 - 00613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nsp496A.tmp
2015-06-19 23:46 - 2015-06-20 01:58 - 00000000 ____D C:\Users\DOMZEN06\AppData\Local\gmsd_fr_005010007
2015-06-19 19:26 - 2015-06-19 19:26 - 00613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nsiBFE4.tmp
2015-06-18 22:20 - 2015-06-18 22:20 - 00613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nsy5F8C.tmp
2015-06-16 21:04 - 2015-06-16 21:04 - 00613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nsc126B.tmp
2015-06-16 21:03 - 2015-06-16 21:03 - 00000000 _____ C:\Windows\prleth.sys
2015-06-16 21:03 - 2015-06-16 21:03 - 00000000 _____ C:\Windows\hgfs.sys
2015-06-16 20:34 - 2015-06-26 22:20 - 00000000 ____D C:\Users\DOMZEN06\AppData\Local\288F1C80-1434486863-81E1-23A3-10BF4814D716
2015-06-16 20:32 - 2015-06-26 22:17 - 00000000 ____D C:\Users\DOMZEN06\AppData\Local\288F1C80-1434486726-81E1-23A3-10BF4814D716
2015-06-16 20:32 - 2015-06-16 23:10 - 00000000 ____D C:\Program Files (x86)\CutterGeneration
2015-06-16 20:31 - 2015-06-26 22:13 - 00000000 ____D C:\Users\DOMZEN06\AppData\Roaming\288F1C80-1434479479-81E1-23A3-10BF4814D716
2015-06-16 20:31 - 2015-06-16 20:42 - 00000000 ____D C:\ProgramData\{8cbfc9a0-0e4b-60d0-8cbf-fc9a00e42680}
2015-06-16 20:31 - 2015-06-16 20:32 - 00000000 ____D C:\ProgramData\8244572019325762438
2015-06-16 20:31 - 2015-06-16 20:31 - 00000000 ____D C:\ProgramData\hidkddeihdbjgnlpfjjdbcehbjhpifll
2015-06-10 16:36 - 2015-04-11 05:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-06-10 00:13 - 2015-06-16 20:42 - 00000000 ____D C:\Users\DOMZEN06\AppData\Local\25955
2015-06-09 23:46 - 2015-06-16 20:31 - 00000000 ___HD C:\ProgramData\joy
2015-06-08 16:54 - 2015-06-08 16:54 - 00000000 ____D C:\Users\DOMZEN06\AppData\Roaming\Yahoo!
2015-06-08 16:54 - 2015-06-08 16:54 - 00000000 ____D C:\ProgramData\Yahoo!
2015-06-08 14:55 - 2015-06-08 19:42 - 00000112 _____ C:\ProgramData\8A51J0f.dat
2015-06-08 13:11 - 2015-06-08 20:51 - 00000000 ____D C:\ProgramData\abc
2015-06-08 13:09 - 2015-06-08 13:09 - 00000000 _____ C:\Windows\SysWOW64\Number of results
2015-06-08 13:06 - 2015-06-21 16:42 - 00003164 _____ C:\Windows\System32\Tasks\{8CC7942C-F2B7-4222-B53E-46E448F310BC}
2015-06-08 12:27 - 2015-06-27 18:55 - 00045056 _____ C:\Windows\SysWOW64\acovcnt.exe
2015-06-08 12:13 - 2015-06-24 19:39 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-06-08 12:10 - 2009-06-10 23:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hp.bak
2015-06-08 12:09 - 2015-06-26 22:20 - 00000000 ____D C:\Users\DOMZEN06\AppData\Roaming\288F1C80-1433758165-81E1-23A3-10BF4814D716
2015-06-08 12:09 - 2015-06-08 12:09 - 00631296 _____ C:\Windows\joy.dat
012-07-21 21:54 - 2015-06-27 18:55 - 0000387 _____ () C:\Users\DOMZEN06\AppData\Roaming\sp_data.sys
2015-06-16 21:04 - 2015-06-16 21:04 - 0613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nsc126B.tmp
2015-06-22 00:00 - 2015-06-22 00:00 - 0613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nscBF4B.tmp
2015-06-20 01:49 - 2015-06-20 01:49 - 0613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nscCF13.tmp
2015-06-19 19:26 - 2015-06-19 19:26 - 0613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nsiBFE4.tmp
2015-06-21 17:10 - 2015-06-21 17:10 - 0613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nsn533A.tmp
2015-06-19 23:55 - 2015-06-19 23:55 - 0613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nsp496A.tmp
2015-06-21 19:28 - 2015-06-21 19:27 - 0613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nsr8300.tmp
2015-06-21 17:26 - 2015-06-21 17:26 - 0613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nst8A28.tmp
2015-06-18 22:20 - 2015-06-18 22:20 - 0613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nsy5F8C.tmp
2015-06-21 19:46 - 2015-06-21 19:46 - 0613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nsyD45.tmp
Task: {132AD632-F2D5-4FB4-909A-4336B64DB55A} - System32\Tasks\{8CC7942C-F2B7-4222-B53E-46E448F310BC} => pcalua.exe -a C:\Users\DOMZEN06\AppData\Roaming\mystartsearch\UninstallManager.exe -c -ptid=cmi
Task: {2F960467-696E-4862-9C99-A034311AF72D} - \SpyHunter4Startup No Task File <==== ATTENTION
Task: {68A61DE0-9708-45DC-A9AE-61CB27E94BCF} - System32\Tasks\WebInternetSecurity Update Task => C:\Program Files (x86)\Webinternetsecurity\uninstall.webinternetsecurity.exe <==== ATTENTION
Task: {7D6F95F8-77E8-48E1-B2C9-099E924610F1} - \iren3006 No Task File <==== ATTENTION
Task: {CB1CEABD-887C-4929-9743-28147AD2D8AE} - System32\Tasks\Ioect => C:\Program Files\shopperz\Ewvdwdoae.bat <==== ATTENTION
Task: {F5574861-E994-4C87-956E-76CCABD0C6DC} - System32\Tasks\SmartWeb Upgrade Trigger Task => C:\Users\DOMZEN06\AppData\Local\SmartWeb\SmartWebHelper.exe <==== ATTENTION
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\shopperz => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\shopperz64 => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SmartWeb => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\gmsd_fr_005010014 => value removed successfully
C:\Users\DOMZEN06\AppData\Roaming\Mozilla\Firefox\Profiles\vjwejrec.default-1416659744052\extensions\39ffxtbr@www.mapsgalaxy.com not found.
C:\Users\DOMZEN06\AppData\Roaming\Mozilla\Firefox\Profiles\vjwejrec.default-1416659744052\extensions\arthurj8283@gmail.com not found.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} not found.
"C:\Users\DOMZEN06\Documents\Optimizer Pro" => File/Folder not found.
C:\Program Files (x86)\predm => moved successfully.
C:\Users\DOMZEN06\AppData\Local\nscBF4B.tmp => moved successfully.
C:\Windows\System32\Tasks\Ioect => moved successfully.
C:\Windows\system32\Drivers\cherimoya.sys => moved successfully.
C:\Users\DOMZEN06\AppData\Local\nsyD45.tmp => moved successfully.
C:\ProgramData\IHProtectUpDate => moved successfully.
C:\Users\DOMZEN06\AppData\Local\nsr8300.tmp => moved successfully.
C:\Windows\System32\Tasks\SmartWeb Upgrade Trigger Task => moved successfully.
C:\Program Files (x86)\MiuiTab => moved successfully.
C:\Users\DOMZEN06\AppData\Local\nst8A28.tmp => moved successfully.
C:\Users\DOMZEN06\AppData\Local\gmsd_fr_002020008 => moved successfully.
C:\Users\DOMZEN06\AppData\Local\nsn533A.tmp => moved successfully.
C:\ProgramData\{09b9b015-1280-f39d-09b9-9b015128c054} => moved successfully.
C:\Users\DOMZEN06\AppData\Roaming\288F1C80-1434758374-81E1-23A3-10BF4814D716 => moved successfully.
C:\Users\DOMZEN06\AppData\Local\nscCF13.tmp => moved successfully.
C:\Users\DOMZEN06\AppData\Local\nsp496A.tmp => moved successfully.
C:\Users\DOMZEN06\AppData\Local\gmsd_fr_005010007 => moved successfully.
C:\Users\DOMZEN06\AppData\Local\nsiBFE4.tmp => moved successfully.
C:\Users\DOMZEN06\AppData\Local\nsy5F8C.tmp => moved successfully.
C:\Users\DOMZEN06\AppData\Local\nsc126B.tmp => moved successfully.
C:\Windows\prleth.sys => moved successfully.
C:\Windows\hgfs.sys => moved successfully.
C:\Users\DOMZEN06\AppData\Local\288F1C80-1434486863-81E1-23A3-10BF4814D716 => moved successfully.
C:\Users\DOMZEN06\AppData\Local\288F1C80-1434486726-81E1-23A3-10BF4814D716 => moved successfully.
C:\Program Files (x86)\CutterGeneration => moved successfully.
C:\Users\DOMZEN06\AppData\Roaming\288F1C80-1434479479-81E1-23A3-10BF4814D716 => moved successfully.
C:\ProgramData\{8cbfc9a0-0e4b-60d0-8cbf-fc9a00e42680} => moved successfully.
C:\ProgramData\8244572019325762438 => moved successfully.
C:\ProgramData\hidkddeihdbjgnlpfjjdbcehbjhpifll => moved successfully.
Could not move "C:\Windows\system32\Drivers\stream.sys" => Scheduled to move on reboot.
C:\Users\DOMZEN06\AppData\Local\25955 => moved successfully.
C:\ProgramData\joy => moved successfully.
C:\Users\DOMZEN06\AppData\Roaming\Yahoo! => moved successfully.
C:\ProgramData\Yahoo! => moved successfully.
C:\ProgramData\8A51J0f.dat => moved successfully.
C:\ProgramData\abc => moved successfully.
C:\Windows\SysWOW64\Number of results => moved successfully.
C:\Windows\System32\Tasks\{8CC7942C-F2B7-4222-B53E-46E448F310BC} => moved successfully.
C:\Windows\SysWOW64\acovcnt.exe => moved successfully.
C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7 => moved successfully.
C:\Windows\system32\Drivers\etc\hp.bak => moved successfully.
C:\Users\DOMZEN06\AppData\Roaming\288F1C80-1433758165-81E1-23A3-10BF4814D716 => moved successfully.
C:\Windows\joy.dat => moved successfully.
012-07-21 21:54 - 2015-06-27 18:55 - 0000387 _____ () C:\Users\DOMZEN06\AppData\Roaming\sp_data.sys => Error: No automatic fix found for this entry.
"C:\Users\DOMZEN06\AppData\Local\nsc126B.tmp" => File/Folder not found.
"C:\Users\DOMZEN06\AppData\Local\nscBF4B.tmp" => File/Folder not found.
"C:\Users\DOMZEN06\AppData\Local\nscCF13.tmp" => File/Folder not found.
"C:\Users\DOMZEN06\AppData\Local\nsiBFE4.tmp" => File/Folder not found.
"C:\Users\DOMZEN06\AppData\Local\nsn533A.tmp" => File/Folder not found.
"C:\Users\DOMZEN06\AppData\Local\nsp496A.tmp" => File/Folder not found.
"C:\Users\DOMZEN06\AppData\Local\nsr8300.tmp" => File/Folder not found.
"C:\Users\DOMZEN06\AppData\Local\nst8A28.tmp" => File/Folder not found.
"C:\Users\DOMZEN06\AppData\Local\nsy5F8C.tmp" => File/Folder not found.
"C:\Users\DOMZEN06\AppData\Local\nsyD45.tmp" => File/Folder not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{132AD632-F2D5-4FB4-909A-4336B64DB55A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{132AD632-F2D5-4FB4-909A-4336B64DB55A}" => key removed successfully
C:\Windows\System32\Tasks\{8CC7942C-F2B7-4222-B53E-46E448F310BC} not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{8CC7942C-F2B7-4222-B53E-46E448F310BC}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2F960467-696E-4862-9C99-A034311AF72D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2F960467-696E-4862-9C99-A034311AF72D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SpyHunter4Startup" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{68A61DE0-9708-45DC-A9AE-61CB27E94BCF}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{68A61DE0-9708-45DC-A9AE-61CB27E94BCF}" => key removed successfully
C:\Windows\System32\Tasks\WebInternetSecurity Update Task => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WebInternetSecurity Update Task" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7D6F95F8-77E8-48E1-B2C9-099E924610F1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7D6F95F8-77E8-48E1-B2C9-099E924610F1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\iren3006" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CB1CEABD-887C-4929-9743-28147AD2D8AE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CB1CEABD-887C-4929-9743-28147AD2D8AE}" => key removed successfully
C:\Windows\System32\Tasks\Ioect not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Ioect" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F5574861-E994-4C87-956E-76CCABD0C6DC}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F5574861-E994-4C87-956E-76CCABD0C6DC}" => key removed successfully
C:\Windows\System32\Tasks\SmartWeb Upgrade Trigger Task not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SmartWeb Upgrade Trigger Task" => key removed successfully
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-06-27 22:58:59)<=
C:\Windows\system32\Drivers\stream.sys => Is moved successfully
Fix result of Farbar Recovery Scan Tool (x64) Version:24-06-2015
Ran by DOMZEN06 at 2015-06-27 22:55:48 Run:1
Running from C:\Users\DOMZEN06\Desktop
Loaded Profiles: UpdatusUser & DOMZEN06 & DefaultAppPool (Available Profiles: UpdatusUser & DOMZEN06 & DefaultAppPool)
Boot Mode: Normal
==============================================
fixlist content:
HKLM\...\Run: [shopperz] => C:\Program Files\shopperz\Ynauoihe.exe
HKLM\...\Run: [shopperz64] => C:\Program Files\shopperz\Ynauoihe64.exe
HKLM-x32\...\Run: [SmartWeb] => C:\Users\DOMZEN06\AppData\Local\SmartWeb\SmartWebHelper.exe
HKLM-x32\...\Run: [gmsd_fr_005010014] => [X]
FF Extension: No Name - C:\Users\DOMZEN06\AppData\Roaming\Mozilla\Firefox\Profiles\vjwejrec.default-1416659744052\extensions\39ffxtbr@www.mapsgalaxy.com [not found]
FF Extension: No Name - C:\Users\DOMZEN06\AppData\Roaming\Mozilla\Firefox\Profiles\vjwejrec.default-1416659744052\extensions\arthurj8283@gmail.com [not found]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [not found]
2015-06-27 21:57 - 2015-06-27 21:57 - 00000000 ____D C:\Users\DOMZEN06\Documents\Optimizer Pro
2015-06-27 21:52 - 2015-06-27 21:52 - 00000000 ____D C:\Program Files (x86)\predm
2015-06-22 00:00 - 2015-06-22 00:00 - 00613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nscBF4B.tmp
2015-06-21 23:59 - 2015-06-21 23:59 - 00003634 _____ C:\Windows\System32\Tasks\Ioect
2015-06-21 23:59 - 2015-06-18 12:08 - 00061336 _____ (Cherimoya Ltd) C:\Windows\system32\Drivers\cherimoya.sys
2015-06-21 19:46 - 2015-06-21 19:46 - 00613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nsyD45.tmp
2015-06-21 19:28 - 2015-06-21 19:28 - 00000000 ____D C:\ProgramData\IHProtectUpDate
2015-06-21 19:28 - 2015-06-21 19:27 - 00613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nsr8300.tmp
2015-06-21 19:27 - 2015-06-26 22:34 - 00004044 _____ C:\Windows\System32\Tasks\SmartWeb Upgrade Trigger Task
2015-06-21 19:27 - 2015-06-26 22:12 - 00000000 ____D C:\Program Files (x86)\MiuiTab
2015-06-21 17:26 - 2015-06-21 17:26 - 00613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nst8A28.tmp
2015-06-21 17:19 - 2015-06-21 17:24 - 00000000 ____D C:\Users\DOMZEN06\AppData\Local\gmsd_fr_002020008
2015-06-21 17:10 - 2015-06-21 17:10 - 00613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nsn533A.tmp
2015-06-20 02:04 - 2015-06-20 02:04 - 00000000 ____D C:\ProgramData\{09b9b015-1280-f39d-09b9-9b015128c054}
2015-06-20 01:59 - 2015-06-20 01:59 - 00000000 ____D C:\Users\DOMZEN06\AppData\Roaming\288F1C80-1434758374-81E1-23A3-10BF4814D716
2015-06-20 01:49 - 2015-06-20 01:49 - 00613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nscCF13.tmp
2015-06-19 23:55 - 2015-06-19 23:55 - 00613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nsp496A.tmp
2015-06-19 23:46 - 2015-06-20 01:58 - 00000000 ____D C:\Users\DOMZEN06\AppData\Local\gmsd_fr_005010007
2015-06-19 19:26 - 2015-06-19 19:26 - 00613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nsiBFE4.tmp
2015-06-18 22:20 - 2015-06-18 22:20 - 00613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nsy5F8C.tmp
2015-06-16 21:04 - 2015-06-16 21:04 - 00613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nsc126B.tmp
2015-06-16 21:03 - 2015-06-16 21:03 - 00000000 _____ C:\Windows\prleth.sys
2015-06-16 21:03 - 2015-06-16 21:03 - 00000000 _____ C:\Windows\hgfs.sys
2015-06-16 20:34 - 2015-06-26 22:20 - 00000000 ____D C:\Users\DOMZEN06\AppData\Local\288F1C80-1434486863-81E1-23A3-10BF4814D716
2015-06-16 20:32 - 2015-06-26 22:17 - 00000000 ____D C:\Users\DOMZEN06\AppData\Local\288F1C80-1434486726-81E1-23A3-10BF4814D716
2015-06-16 20:32 - 2015-06-16 23:10 - 00000000 ____D C:\Program Files (x86)\CutterGeneration
2015-06-16 20:31 - 2015-06-26 22:13 - 00000000 ____D C:\Users\DOMZEN06\AppData\Roaming\288F1C80-1434479479-81E1-23A3-10BF4814D716
2015-06-16 20:31 - 2015-06-16 20:42 - 00000000 ____D C:\ProgramData\{8cbfc9a0-0e4b-60d0-8cbf-fc9a00e42680}
2015-06-16 20:31 - 2015-06-16 20:32 - 00000000 ____D C:\ProgramData\8244572019325762438
2015-06-16 20:31 - 2015-06-16 20:31 - 00000000 ____D C:\ProgramData\hidkddeihdbjgnlpfjjdbcehbjhpifll
2015-06-10 16:36 - 2015-04-11 05:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-06-10 00:13 - 2015-06-16 20:42 - 00000000 ____D C:\Users\DOMZEN06\AppData\Local\25955
2015-06-09 23:46 - 2015-06-16 20:31 - 00000000 ___HD C:\ProgramData\joy
2015-06-08 16:54 - 2015-06-08 16:54 - 00000000 ____D C:\Users\DOMZEN06\AppData\Roaming\Yahoo!
2015-06-08 16:54 - 2015-06-08 16:54 - 00000000 ____D C:\ProgramData\Yahoo!
2015-06-08 14:55 - 2015-06-08 19:42 - 00000112 _____ C:\ProgramData\8A51J0f.dat
2015-06-08 13:11 - 2015-06-08 20:51 - 00000000 ____D C:\ProgramData\abc
2015-06-08 13:09 - 2015-06-08 13:09 - 00000000 _____ C:\Windows\SysWOW64\Number of results
2015-06-08 13:06 - 2015-06-21 16:42 - 00003164 _____ C:\Windows\System32\Tasks\{8CC7942C-F2B7-4222-B53E-46E448F310BC}
2015-06-08 12:27 - 2015-06-27 18:55 - 00045056 _____ C:\Windows\SysWOW64\acovcnt.exe
2015-06-08 12:13 - 2015-06-24 19:39 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-06-08 12:10 - 2009-06-10 23:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hp.bak
2015-06-08 12:09 - 2015-06-26 22:20 - 00000000 ____D C:\Users\DOMZEN06\AppData\Roaming\288F1C80-1433758165-81E1-23A3-10BF4814D716
2015-06-08 12:09 - 2015-06-08 12:09 - 00631296 _____ C:\Windows\joy.dat
012-07-21 21:54 - 2015-06-27 18:55 - 0000387 _____ () C:\Users\DOMZEN06\AppData\Roaming\sp_data.sys
2015-06-16 21:04 - 2015-06-16 21:04 - 0613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nsc126B.tmp
2015-06-22 00:00 - 2015-06-22 00:00 - 0613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nscBF4B.tmp
2015-06-20 01:49 - 2015-06-20 01:49 - 0613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nscCF13.tmp
2015-06-19 19:26 - 2015-06-19 19:26 - 0613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nsiBFE4.tmp
2015-06-21 17:10 - 2015-06-21 17:10 - 0613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nsn533A.tmp
2015-06-19 23:55 - 2015-06-19 23:55 - 0613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nsp496A.tmp
2015-06-21 19:28 - 2015-06-21 19:27 - 0613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nsr8300.tmp
2015-06-21 17:26 - 2015-06-21 17:26 - 0613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nst8A28.tmp
2015-06-18 22:20 - 2015-06-18 22:20 - 0613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nsy5F8C.tmp
2015-06-21 19:46 - 2015-06-21 19:46 - 0613255 _____ (CMI Limited) C:\Users\DOMZEN06\AppData\Local\nsyD45.tmp
Task: {132AD632-F2D5-4FB4-909A-4336B64DB55A} - System32\Tasks\{8CC7942C-F2B7-4222-B53E-46E448F310BC} => pcalua.exe -a C:\Users\DOMZEN06\AppData\Roaming\mystartsearch\UninstallManager.exe -c -ptid=cmi
Task: {2F960467-696E-4862-9C99-A034311AF72D} - \SpyHunter4Startup No Task File <==== ATTENTION
Task: {68A61DE0-9708-45DC-A9AE-61CB27E94BCF} - System32\Tasks\WebInternetSecurity Update Task => C:\Program Files (x86)\Webinternetsecurity\uninstall.webinternetsecurity.exe <==== ATTENTION
Task: {7D6F95F8-77E8-48E1-B2C9-099E924610F1} - \iren3006 No Task File <==== ATTENTION
Task: {CB1CEABD-887C-4929-9743-28147AD2D8AE} - System32\Tasks\Ioect => C:\Program Files\shopperz\Ewvdwdoae.bat <==== ATTENTION
Task: {F5574861-E994-4C87-956E-76CCABD0C6DC} - System32\Tasks\SmartWeb Upgrade Trigger Task => C:\Users\DOMZEN06\AppData\Local\SmartWeb\SmartWebHelper.exe <==== ATTENTION
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\shopperz => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\shopperz64 => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SmartWeb => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\gmsd_fr_005010014 => value removed successfully
C:\Users\DOMZEN06\AppData\Roaming\Mozilla\Firefox\Profiles\vjwejrec.default-1416659744052\extensions\39ffxtbr@www.mapsgalaxy.com not found.
C:\Users\DOMZEN06\AppData\Roaming\Mozilla\Firefox\Profiles\vjwejrec.default-1416659744052\extensions\arthurj8283@gmail.com not found.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} not found.
"C:\Users\DOMZEN06\Documents\Optimizer Pro" => File/Folder not found.
C:\Program Files (x86)\predm => moved successfully.
C:\Users\DOMZEN06\AppData\Local\nscBF4B.tmp => moved successfully.
C:\Windows\System32\Tasks\Ioect => moved successfully.
C:\Windows\system32\Drivers\cherimoya.sys => moved successfully.
C:\Users\DOMZEN06\AppData\Local\nsyD45.tmp => moved successfully.
C:\ProgramData\IHProtectUpDate => moved successfully.
C:\Users\DOMZEN06\AppData\Local\nsr8300.tmp => moved successfully.
C:\Windows\System32\Tasks\SmartWeb Upgrade Trigger Task => moved successfully.
C:\Program Files (x86)\MiuiTab => moved successfully.
C:\Users\DOMZEN06\AppData\Local\nst8A28.tmp => moved successfully.
C:\Users\DOMZEN06\AppData\Local\gmsd_fr_002020008 => moved successfully.
C:\Users\DOMZEN06\AppData\Local\nsn533A.tmp => moved successfully.
C:\ProgramData\{09b9b015-1280-f39d-09b9-9b015128c054} => moved successfully.
C:\Users\DOMZEN06\AppData\Roaming\288F1C80-1434758374-81E1-23A3-10BF4814D716 => moved successfully.
C:\Users\DOMZEN06\AppData\Local\nscCF13.tmp => moved successfully.
C:\Users\DOMZEN06\AppData\Local\nsp496A.tmp => moved successfully.
C:\Users\DOMZEN06\AppData\Local\gmsd_fr_005010007 => moved successfully.
C:\Users\DOMZEN06\AppData\Local\nsiBFE4.tmp => moved successfully.
C:\Users\DOMZEN06\AppData\Local\nsy5F8C.tmp => moved successfully.
C:\Users\DOMZEN06\AppData\Local\nsc126B.tmp => moved successfully.
C:\Windows\prleth.sys => moved successfully.
C:\Windows\hgfs.sys => moved successfully.
C:\Users\DOMZEN06\AppData\Local\288F1C80-1434486863-81E1-23A3-10BF4814D716 => moved successfully.
C:\Users\DOMZEN06\AppData\Local\288F1C80-1434486726-81E1-23A3-10BF4814D716 => moved successfully.
C:\Program Files (x86)\CutterGeneration => moved successfully.
C:\Users\DOMZEN06\AppData\Roaming\288F1C80-1434479479-81E1-23A3-10BF4814D716 => moved successfully.
C:\ProgramData\{8cbfc9a0-0e4b-60d0-8cbf-fc9a00e42680} => moved successfully.
C:\ProgramData\8244572019325762438 => moved successfully.
C:\ProgramData\hidkddeihdbjgnlpfjjdbcehbjhpifll => moved successfully.
Could not move "C:\Windows\system32\Drivers\stream.sys" => Scheduled to move on reboot.
C:\Users\DOMZEN06\AppData\Local\25955 => moved successfully.
C:\ProgramData\joy => moved successfully.
C:\Users\DOMZEN06\AppData\Roaming\Yahoo! => moved successfully.
C:\ProgramData\Yahoo! => moved successfully.
C:\ProgramData\8A51J0f.dat => moved successfully.
C:\ProgramData\abc => moved successfully.
C:\Windows\SysWOW64\Number of results => moved successfully.
C:\Windows\System32\Tasks\{8CC7942C-F2B7-4222-B53E-46E448F310BC} => moved successfully.
C:\Windows\SysWOW64\acovcnt.exe => moved successfully.
C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7 => moved successfully.
C:\Windows\system32\Drivers\etc\hp.bak => moved successfully.
C:\Users\DOMZEN06\AppData\Roaming\288F1C80-1433758165-81E1-23A3-10BF4814D716 => moved successfully.
C:\Windows\joy.dat => moved successfully.
012-07-21 21:54 - 2015-06-27 18:55 - 0000387 _____ () C:\Users\DOMZEN06\AppData\Roaming\sp_data.sys => Error: No automatic fix found for this entry.
"C:\Users\DOMZEN06\AppData\Local\nsc126B.tmp" => File/Folder not found.
"C:\Users\DOMZEN06\AppData\Local\nscBF4B.tmp" => File/Folder not found.
"C:\Users\DOMZEN06\AppData\Local\nscCF13.tmp" => File/Folder not found.
"C:\Users\DOMZEN06\AppData\Local\nsiBFE4.tmp" => File/Folder not found.
"C:\Users\DOMZEN06\AppData\Local\nsn533A.tmp" => File/Folder not found.
"C:\Users\DOMZEN06\AppData\Local\nsp496A.tmp" => File/Folder not found.
"C:\Users\DOMZEN06\AppData\Local\nsr8300.tmp" => File/Folder not found.
"C:\Users\DOMZEN06\AppData\Local\nst8A28.tmp" => File/Folder not found.
"C:\Users\DOMZEN06\AppData\Local\nsy5F8C.tmp" => File/Folder not found.
"C:\Users\DOMZEN06\AppData\Local\nsyD45.tmp" => File/Folder not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{132AD632-F2D5-4FB4-909A-4336B64DB55A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{132AD632-F2D5-4FB4-909A-4336B64DB55A}" => key removed successfully
C:\Windows\System32\Tasks\{8CC7942C-F2B7-4222-B53E-46E448F310BC} not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{8CC7942C-F2B7-4222-B53E-46E448F310BC}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2F960467-696E-4862-9C99-A034311AF72D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2F960467-696E-4862-9C99-A034311AF72D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SpyHunter4Startup" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{68A61DE0-9708-45DC-A9AE-61CB27E94BCF}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{68A61DE0-9708-45DC-A9AE-61CB27E94BCF}" => key removed successfully
C:\Windows\System32\Tasks\WebInternetSecurity Update Task => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WebInternetSecurity Update Task" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7D6F95F8-77E8-48E1-B2C9-099E924610F1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7D6F95F8-77E8-48E1-B2C9-099E924610F1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\iren3006" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CB1CEABD-887C-4929-9743-28147AD2D8AE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CB1CEABD-887C-4929-9743-28147AD2D8AE}" => key removed successfully
C:\Windows\System32\Tasks\Ioect not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Ioect" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F5574861-E994-4C87-956E-76CCABD0C6DC}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F5574861-E994-4C87-956E-76CCABD0C6DC}" => key removed successfully
C:\Windows\System32\Tasks\SmartWeb Upgrade Trigger Task not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SmartWeb Upgrade Trigger Task" => key removed successfully
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-06-27 22:58:59)<=
C:\Windows\system32\Drivers\stream.sys => Is moved successfully
End of Fixlog 22:58:59
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 663
Modifié par Malekal_morte- le 27/06/2015 à 23:18
Modifié par Malekal_morte- le 27/06/2015 à 23:18
oups C:\Windows\system32\Drivers\stream.sys est légitime.
Fais une recherche de fichier sur stream.sys
il doit se trouve dans C:\FRST\Quarantine\C\Windows\system32\Drivers\
(Mon Ordinateur > Disque C > FRST > Quarantine > C > C > Windows > system32> Drivers)
et tu le copies dans C:\Windows\system32\drivers
ou si tu trouves plus simples, tu peux refaire un fix avec un fixlist.txt contenant :
RestoreQuarantine: C:\FRST\Quarantine\C\Windows\system32\Drivers\stream.sys
Fais le reste, surtout la partie DNS, sinon les pubs CloudScout vont continuer.
Et fais du ménage dans les antivirus.
Fais une recherche de fichier sur stream.sys
il doit se trouve dans C:\FRST\Quarantine\C\Windows\system32\Drivers\
(Mon Ordinateur > Disque C > FRST > Quarantine > C > C > Windows > system32> Drivers)
et tu le copies dans C:\Windows\system32\drivers
ou si tu trouves plus simples, tu peux refaire un fix avec un fixlist.txt contenant :
RestoreQuarantine: C:\FRST\Quarantine\C\Windows\system32\Drivers\stream.sys
Fais le reste, surtout la partie DNS, sinon les pubs CloudScout vont continuer.
Et fais du ménage dans les antivirus.