Run.vbs manquant suite adwcleaner Fermé

Question

Bonjour, 

Suite à un nettoyage adwcleaner , je me retrouve avec le run.vbs manquant, merci de m'apporter votre aide à ce problème.

Cordialement

Shortcut
https://pjjoint.malekal.com/files.php?id=20160312_911w15q10f6

FRST
https://pjjoint.malekal.com/files.php?id=FRST_20160312_f13l8x10k10s14

Addition
https://pjjoint.malekal.com/files.php?id=20160312_p5l5l12l6y6



Configuration: Windows / Chrome 42.0.2311.135

Malekal_morte- · Answer

Salut,

Je regarde cela.

Malekal_morte- · Answer

Voici la correction à effectuer avec FRST. Tu peux t'aider de cette note explicative avec des captures d'écran.

Ouvre le bloc-notes : Touche Windows + R, 
Dans le champs "Exécuter", saisir notepad et OK.
Copie/Colle dedans ce qui suit : 

HKLM-x32\...\Run: [fst_fr_126] => [X]HKLM-x32\...\Run: [fst_fr_157] => [X]HKLM-x32\...\Run: [Web Protector Plus UI] => C:\Program Files (x86)\WebProtectorPlus\WebProtectorPlusUI.exe [320000 2015-02-24] ()HKLM-x32\...\Run: [gmsd_fr_010010140] => [X]HKLM-x32\...\Run: [rec_en_77] => "C:\Program Files (x86)ec_en_77ec_en_77.exe"HKLM-x32\...\Run: [gmsd_fr_005010142] => "C:\Program Files (x86)\gmsd_fr_005010142\gmsd_fr_005010142.exe"HKLM-x32\...\Run: [gmsd_fr_005010144] => "C:\Program Files (x86)\gmsd_fr_005010144\gmsd_fr_005010144.exe"HKLM-x32\...\Run: [gmsd_fr_005010145] => "C:\Program Files (x86)\gmsd_fr_005010145\gmsd_fr_005010145.exe"HKLM-x32\...\Run: [gmsd_fr_005010146] => "C:\Program Files (x86)\gmsd_fr_005010146\gmsd_fr_005010146.exe"HKLM-x32\...\Run: [gmsd_fr_005010149] => "C:\Program Files (x86)\gmsd_fr_005010149\gmsd_fr_005010149.exe"HKLM-x32\...\Run: [gmsd_fr_005010150] => "C:\Program Files (x86)\gmsd_fr_005010150\gmsd_fr_005010150.exe"HKLM-x32\...\Run: [gmsd_fr_005010151] => "C:\Program Files (x86)\gmsd_fr_005010151\gmsd_fr_005010151.exe"HKLM-x32\...\Run: [gmsd_fr_005010152] => "C:\Program Files (x86)\gmsd_fr_005010152\gmsd_fr_005010152.exe"HKLM-x32\...\Run: [gmsd_fr_005010153] => [X]HKLM-x32\...\Run: [gmsd_fr_005010154] => "C:\Program Files (x86)\gmsd_fr_005010154\gmsd_fr_005010154.exe"HKLM-x32\...\Run: [rec_fr_112] => [X]HKLM-x32\...\Run: [gmsd_fr_005010155] => "C:\Program Files (x86)\gmsd_fr_005010155\gmsd_fr_005010155.exe"HKLM-x32\...\Run: [gmsd_fr_005010156] => [X]HKLM-x32\...\Run: [gmsd_fr_005010157] => [X]HKLM-x32\...\Run: [gmsd_fr_005010158] => "C:\Program Files (x86)\gmsd_fr_005010158\gmsd_fr_005010158.exe"HKLM-x32\...\Run: [gmsd_fr_005010159] => [X]HKLM-x32\...\Run: [gmsd_fr_005010160] => [X]HKLM-x32\...\Run: [gmsd_fr_005010161] => "C:\Program Files (x86)\gmsd_fr_005010161\gmsd_fr_005010161.exe"HKLM-x32\...\Run: [gmsd_fr_005010162] => "C:\Program Files (x86)\gmsd_fr_005010162\gmsd_fr_005010162.exe"HKLM-x32\...\Run: [gmsd_fr_005010163] => [X]HKLM-x32\...\Run: [gmsd_fr_005010164] => [X]HKLM-x32\...\Run: [gmsd_fr_005010165] => [X]HKLM-x32\...\Run: [gmsd_fr_005010168] => "C:\Program Files (x86)\gmsd_fr_005010168\gmsd_fr_005010168.exe"HKLM-x32\...\Run: [gmsd_fr_005010169] => [X]HKLM-x32\...\Run: [gmsd_fr_005010170] => [X]HKLM-x32\...\Run: [gmsd_fr_005010171] => [X]HKLM-x32\...\Run: [rec_fr_130] => [X]HKLM-x32\...\Run: [gmsd_fr_005010173] => [X]HKLM-x32\...\Run: [gmsd_fr_005010176] => [X]HKLM-x32\...\Run: [gmsd_fr_005010177] => [X]HKLM-x32\...\Run: [rec_fr_137] => [X]HKLM-x32\...\Run: [gmsd_fr_005010178] => "C:\Program Files (x86)\gmsd_fr_005010178\gmsd_fr_005010178.exe"HKLM-x32\...\Run: [rec_fr_139] => "C:\Program Files (x86)ec_fr_139ec_fr_139.exe"HKLM-x32\...\Run: [gmsd_fr_005010180] => [X]HKLM-x32\...\Run: [gmsd_fr_005010183] => "C:\Program Files (x86)\gmsd_fr_005010183\gmsd_fr_005010183.exe"HKLM-x32\...\Run: [gmsd_fr_005010184] => [X]HKLM-x32\...\Run: [rec_fr_145] => "C:\Program Files (x86)ec_fr_145ec_fr_145.exe"HKLM-x32\...\Run: [gmsd_fr_005010185] => [X]HKLM-x32\...\Run: [gmsd_fr_005010188] => "C:\Program Files (x86)\gmsd_fr_005010188\gmsd_fr_005010188.exe"HKLM-x32\...\Run: [gmsd_fr_005010189] => [X]HKLM-x32\...\Run: [rec_fr_150] => "C:\Program Files (x86)ec_fr_150ec_fr_150.exe"HKLM-x32\...\Run: [gmsd_fr_005010192] => "C:\Program Files (x86)\gmsd_fr_005010192\gmsd_fr_005010192.exe"HKLM-x32\...\Run: [gmsd_fr_005010193] => "C:\Program Files (x86)\gmsd_fr_005010193\gmsd_fr_005010193.exe"HKLM-x32\...\Run: [gmsd_fr_005010196] => "C:\Program Files (x86)\gmsd_fr_005010196\gmsd_fr_005010196.exe"HKLM-x32\...\Run: [gmsd_fr_005010197] => [X]HKLM-x32\...\Run: [gmsd_fr_005010199] => [X]HKLM-x32\...\Run: [rec_fr_161] => "C:\Program Files (x86)ec_fr_161ec_fr_161.exe"HKLM-x32\...\Run: [gmsd_fr_005010201] => "C:\Program Files (x86)\gmsd_fr_005010201\gmsd_fr_005010201.exe"HKLM-x32\...\Run: [gmsd_fr_005010202] => [X]HKLM-x32\...\Run: [rec_fr_164] => [X]HKLM-x32\...\Run: [rec_fr_166] => [X]HKLM-x32\...\Run: [gmsd_fr_005010208] => [X]HKLM-x32\...\Run: [rec_fr_165] => [X]HKLM-x32\...\Run: [gmsd_fr_005010210] => [X]HKLM-x32\...\Run: [gmsd_fr_005010211] => "C:\Program Files (x86)\gmsd_fr_005010211\gmsd_fr_005010211.exe"HKLM-x32\...\Run: [gmsd_fr_005010212] => [X]HKLM-x32\...\Run: [gmsd_fr_005010213] => [X]HKLM-x32\...\Run: [gmsd_fr_005010216] => "C:\Program Files (x86)\gmsd_fr_005010216\gmsd_fr_005010216.exe"HKLM-x32\...\Run: [gmsd_fr_005010218] => [X]HKLM-x32\...\Run: [gmsd_fr_005010221] => [X]HKLM-x32\...\Run: [gmsd_fr_005010222] => "C:\Program Files (x86)\gmsd_fr_005010222\gmsd_fr_005010222.exe"HKLM-x32\...\Run: [gmsd_fr_005010223] => "C:\Program Files (x86)\gmsd_fr_005010223\gmsd_fr_005010223.exe"HKLM-x32\...\Run: [gmsd_fr_005010226] => "C:\Program Files (x86)\gmsd_fr_005010226\gmsd_fr_005010226.exe"HKLM-x32\...\Run: [gmsd_fr_005010228] => [X]HKLM-x32\...\Run: [mbot_en_037050244] => "C:\Program Files (x86)\mbot_en_037050244\mbot_en_037050244.exe"HKLM-x32\...\Run: [gmsd_fr_005010244] => "C:\Program Files (x86)\gmsd_fr_005010244\gmsd_fr_005010244.exe"HKLM-x32\...\Run: [win_en_77] => "C:\Program Files (x86)\win_en_77\win_en_77.exe"HKLM-x32\...\Run: [mbot_en_037050248] => "C:\Program Files (x86)\mbot_en_037050248\mbot_en_037050248.exe"HKLM-x32\...\Run: [gmsd_fr_005010248] => "C:\Program Files (x86)\gmsd_fr_005010248\gmsd_fr_005010248.exe"HKLM-x32\...\Run: [mpck_en_005030248] => "C:\Program Files (x86)\mpck_en_005030248\mpck_en_005030248.exe"HKLM-x32\...\Run: [sun7] => "C:\Program Files (x86)\SunnyDay7\SunnyDay.exe"HKLM-x32\...\Run: [mbot_en_037050250] => "C:\Program Files (x86)\mbot_en_037050250\mbot_en_037050250.exe"HKLM-x32\...\Run: [gmsd_fr_005010250] => "C:\Program Files (x86)\gmsd_fr_005010250\gmsd_fr_005010250.exe"HKLM-x32\...\Run: [mbot_en_037050251] => "C:\Program Files (x86)\mbot_en_037050251\mbot_en_037050251.exe"HKLM-x32\...\Run: [gmsd_fr_005010251] => "C:\Program Files (x86)\gmsd_fr_005010251\gmsd_fr_005010251.exe"HKLM-x32\...\Run: [rec_fr_209] => "C:\Program Files (x86)ec_fr_209ec_fr_209.exe"HKLM-x32\...\Run: [mbot_en_037050252] => "C:\Program Files (x86)\mbot_en_037050252\mbot_en_037050252.exe"HKLM-x32\...\Run: [gmsd_fr_005010252] => "C:\Program Files (x86)\gmsd_fr_005010252\gmsd_fr_005010252.exe"HKLM-x32\...\Run: [mbot_en_037050253] => "C:\Program Files (x86)\mbot_en_037050253\mbot_en_037050253.exe"HKLM-x32\...\Run: [rec_fr_212] => "C:\Program Files (x86)ec_fr_212ec_fr_212.exe"HKLM-x32\...\Run: [sun21] => "C:\Program Files (x86)\SunnyDay21\SunnyDay.exe"HKLM-x32\...\Run: [rec_fr_214] => "C:\Program Files (x86)ec_fr_214ec_fr_214.exe"HKLM-x32\...\Run: [mbot_en_037050256] => "C:\Program Files (x86)\mbot_en_037050256\mbot_en_037050256.exe"HKLM-x32\...\Run: [rec_fr_216] => "C:\Program Files (x86)ec_fr_216ec_fr_216.exe"HKLM-x32\...\Run: [WikiZ] => C:\Users\Abel\AppData\Roaming\WikiZ\WikiZ.exe [47986592 2016-02-09] ()HKLM-x32\...\Run: [mbot_en_037050257] => "C:\Program Files (x86)\mbot_en_037050257\mbot_en_037050257.exe"HKLM-x32\...\RunOnce: [upgmsd_fr_005010210.exe] => C:\Users\Abel\AppData\Local\gmsd_fr_005010210\upgmsd_fr_005010210.exe -runonceHKLM-x32\...\RunOnce: [upgmsd_fr_005010244.exe] => C:\Users\Abel\AppData\Local\gmsd_fr_005010244\upgmsd_fr_005010244.exe -runonceHKLM-x32\...\RunOnce: [upgmsd_fr_005010222.exe] => C:\Users\Abel\AppData\Local\gmsd_fr_005010222\upgmsd_fr_005010222.exe -runonceHKLM-x32\...\RunOnce: [upmbot_en_037050257.exe] => C:\Users\Abel\AppData\Local\mbot_en_037050257\upmbot_en_037050257.exe -runonceHKLM-x32\...\RunOnce: [upgmsd_fr_005010221.exe] => C:\Users\Abel\AppData\Local\gmsd_fr_005010221\upgmsd_fr_005010221.exe -runonceHKLM-x32\...\RunOnce: [DeleteOnReboot] => C:\Users\Abel\AppData\Local\Temp\DeleteOnReboot.bat [8442 2016-03-10] () <===== ATTENTIONHKLM-x32\...\RunOnce: [Update] => C:\Users\Abel\AppData\Roaming\ASPackage\ASPackage.exe [1030622 2016-03-12] ()HKLM\...\Winlogon: [Userinit] wscript C:\WINDOWSun.vbs,Startup: C:\Users\mohamad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SynRemoveUserSettings.bat [2015-06-12] ()AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC64Loader.dll [249104 2016-03-02] (Client Connect LTD)AppInit_DLLs:  C:\ProgramData\ohnuze\DentoSaostrong.dll => C:\ProgramData\ohnuze\DentoSaostrong.dll [363520 2016-03-08] ()AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC32Loader.dll [221456 2016-03-02] (Client Connect LTD)AppInit_DLLs-x32:  C:\ProgramData\ohnuze\Bamtax.dll => C:\ProgramData\ohnuze\Bamtax.dll [257536 2016-03-08] ()Edge HomeButtonPage: HKU\S-1-5-21-1485477478-184724316-859990111-1001 -> www.tohotweb.com?oem=sunadfrv3&uid=2332C445T_TOSHIBAMQ01ABD032&tm=1448553264S2 serfe; C:\ProgramData\serfe\serfe.exe [528384 2016-02-24] () [Fichier non signé]R2 rowugoqo; C:\Users\Abel\AppData\Local\85CE4D50-1457823224-81E2-38E9-7C050700D999\snscC846.tmp [225792 2016-03-12] () [Fichier non signé]S2 ohnuze; C:\ProgramData\ohnuze\ohnuze.exe [508416 2016-01-02] () [Fichier non signé]S2 Bamcof; C:\ProgramData\Bamcof\Bamcof.exe [529408 2016-03-10] () [Fichier non signé]R2 zdwfp; C:\WINDOWS\system32\Drivers\zdwfp64.sys [46352 2016-03-04] (zdengine)R1 {0c7dc56c-1fb8-4d6b-a40f-10611881a3b6}w64; C:\Windows\System32\drivers\{0c7dc56c-1fb8-4d6b-a40f-10611881a3b6}w64.sys [48784 2014-10-11] (StdLib)R1 {0cc68180-2a05-471a-a647-5c6cbe910ab9}w64; C:\Windows\System32\drivers\{0cc68180-2a05-471a-a647-5c6cbe910ab9}w64.sys [48784 2014-10-20] (StdLib)R1 {16aeaf7e-8e31-4ae5-a406-23e1011dca16}w64; C:\Windows\System32\drivers\{16aeaf7e-8e31-4ae5-a406-23e1011dca16}w64.sys [48784 2014-11-07] (StdLib)R1 {18fa7aee-6838-42dd-8d32-3fd665a7e664}w64; C:\Windows\System32\drivers\{18fa7aee-6838-42dd-8d32-3fd665a7e664}w64.sys [48784 2014-10-17] (StdLib)R1 {1dc3c8ee-7a5c-414f-bf32-ae563ad31ed1}w64; C:\Windows\System32\drivers\{1dc3c8ee-7a5c-414f-bf32-ae563ad31ed1}w64.sys [48784 2014-12-06] (StdLib)R1 {1fe5a9eb-d0ad-44c6-8e0e-e079118db915}w64; C:\Windows\System32\drivers\{1fe5a9eb-d0ad-44c6-8e0e-e079118db915}w64.sys [48784 2014-10-13] (StdLib)R1 {2169981c-4403-4a8d-a144-e936eff23fce}w64; C:\Windows\System32\drivers\{2169981c-4403-4a8d-a144-e936eff23fce}w64.sys [48784 2014-10-31] (StdLib)R1 {2429c312-24d3-4127-94ed-c247fe9e02fc}w64; C:\Windows\System32\drivers\{2429c312-24d3-4127-94ed-c247fe9e02fc}w64.sys [48784 2014-10-22] (StdLib)R1 {2ac9eb83-636e-4a51-ab66-bf4f388a02ab}w64; C:\Windows\System32\drivers\{2ac9eb83-636e-4a51-ab66-bf4f388a02ab}w64.sys [48784 2014-10-20] (StdLib)R1 {2b929fe1-284b-4766-afb9-19b0915b99b0}w64; C:\Windows\System32\drivers\{2b929fe1-284b-4766-afb9-19b0915b99b0}w64.sys [61120 2014-07-05] (StdLib)R1 {2f6db162-50b5-48ec-8bd0-c6ac5074038f}w64; C:\Windows\System32\drivers\{2f6db162-50b5-48ec-8bd0-c6ac5074038f}w64.sys [48784 2014-12-09] (StdLib)R1 {38f72c19-9857-4bc2-b729-9d00bd429872}w64; C:\Windows\System32\drivers\{38f72c19-9857-4bc2-b729-9d00bd429872}w64.sys [48784 2014-10-15] (StdLib)R1 {3ea27cd7-108c-45ee-8411-93eb09c031bd}w64; C:\Windows\System32\drivers\{3ea27cd7-108c-45ee-8411-93eb09c031bd}w64.sys [48784 2014-11-03] (StdLib)R1 {44699219-d901-4cc7-b9db-3b9374b26020}w64; C:\Windows\System32\drivers\{44699219-d901-4cc7-b9db-3b9374b26020}w64.sys [48784 2014-12-12] (StdLib)R1 {44e47164-d520-4796-ae70-d95ff1ff2841}w64; C:\Windows\System32\drivers\{44e47164-d520-4796-ae70-d95ff1ff2841}w64.sys [48784 2014-12-18] (StdLib)R1 {4dbbe3b0-af29-43dd-bcba-7bfabd419f61}w64; C:\Windows\System32\drivers\{4dbbe3b0-af29-43dd-bcba-7bfabd419f61}w64.sys [48784 2014-10-10] (StdLib)R1 {4eb2a13d-18ae-409a-90b2-663225f13d69}w64; C:\Windows\System32\drivers\{4eb2a13d-18ae-409a-90b2-663225f13d69}w64.sys [48784 2014-12-22] (StdLib)R1 {5a28cc9c-8cff-4fb9-8594-f59fd357bfc5}w64; C:\Windows\System32\drivers\{5a28cc9c-8cff-4fb9-8594-f59fd357bfc5}w64.sys [48784 2014-11-27] (StdLib)R1 {6610c2c8-50f9-4a6a-b791-c2b9e2bdc00d}w64; C:\Windows\System32\drivers\{6610c2c8-50f9-4a6a-b791-c2b9e2bdc00d}w64.sys [48784 2014-11-30] (StdLib)R1 {6cfec6a5-9d93-4492-985a-470a68eff4e9}w64; C:\Windows\System32\drivers\{6cfec6a5-9d93-4492-985a-470a68eff4e9}w64.sys [48784 2014-10-24] (StdLib)R1 {75729234-632f-47d7-8e20-2e89ba1587cf}w64; C:\Windows\System32\drivers\{75729234-632f-47d7-8e20-2e89ba1587cf}w64.sys [48784 2014-10-11] (StdLib)R1 {944d25d5-1adf-4cba-98d5-05e5f2efd201}w64; C:\Windows\System32\drivers\{944d25d5-1adf-4cba-98d5-05e5f2efd201}w64.sys [48784 2014-10-14] (StdLib)R1 {94538859-34de-4cd4-9dc6-aa29e98ff214}w64; C:\Windows\System32\drivers\{94538859-34de-4cd4-9dc6-aa29e98ff214}w64.sys [48784 2014-10-15] (StdLib)R1 {9794b31c-7078-45aa-8534-9fee5d10dfe6}w64; C:\Windows\System32\drivers\{9794b31c-7078-45aa-8534-9fee5d10dfe6}w64.sys [48784 2014-12-03] (StdLib)R1 {9c0df18c-3bd6-408f-9564-a751e1735df7}w64; C:\Windows\System32\drivers\{9c0df18c-3bd6-408f-9564-a751e1735df7}w64.sys [48784 2014-11-28] (StdLib)R1 {b35afcf6-0992-4551-b2da-3af8a5dc5119}w64; C:\Windows\System32\drivers\{b35afcf6-0992-4551-b2da-3af8a5dc5119}w64.sys [48784 2014-10-11] (StdLib)R1 {b8202deb-d90b-4859-9db1-238d59fbcdd4}w64; C:\Windows\System32\drivers\{b8202deb-d90b-4859-9db1-238d59fbcdd4}w64.sys [48784 2014-11-30] (StdLib)R1 {c047df5e-0fda-4055-b5db-a96a8a34a094}Gw64; C:\Windows\System32\drivers\{c047df5e-0fda-4055-b5db-a96a8a34a094}Gw64.sys [61112 2014-04-28] (StdLib)R1 {c047df5e-0fda-4055-b5db-a96a8a34a094}w64; C:\Windows\System32\drivers\{c047df5e-0fda-4055-b5db-a96a8a34a094}w64.sys [61064 2014-06-09] (StdLib)R1 {c0727293-b4b8-43d3-9bba-ad36542dcd37}w64; C:\Windows\System32\drivers\{c0727293-b4b8-43d3-9bba-ad36542dcd37}w64.sys [48784 2014-11-13] (StdLib)R1 {c5e48979-bd7f-4cf7-9b73-2482a67a4f37}w64; C:\Windows\System32\drivers\{c5e48979-bd7f-4cf7-9b73-2482a67a4f37}w64.sys [48784 2014-09-24] (StdLib)R1 {c89879cb-75b8-4cb6-bc13-07c704396fd0}w64; C:\Windows\System32\drivers\{c89879cb-75b8-4cb6-bc13-07c704396fd0}w64.sys [48784 2014-10-13] (StdLib)R1 {cf9dbb3a-fbdd-44ad-8691-de2ae76a11d7}w64; C:\Windows\System32\drivers\{cf9dbb3a-fbdd-44ad-8691-de2ae76a11d7}w64.sys [48784 2014-10-10] (StdLib)R1 {d4d321d4-96af-4085-9e56-1a9e01d8cb3a}w64; C:\Windows\System32\drivers\{d4d321d4-96af-4085-9e56-1a9e01d8cb3a}w64.sys [48784 2014-12-16] (StdLib)R1 {df3e0b68-bf66-4a38-9dc7-1016227262b0}w64; C:\Windows\System32\drivers\{df3e0b68-bf66-4a38-9dc7-1016227262b0}w64.sys [48784 2014-11-10] (StdLib)R1 {e0c89f91-0178-4464-8daf-bec566dd2d9a}w64; C:\Windows\System32\drivers\{e0c89f91-0178-4464-8daf-bec566dd2d9a}w64.sys [48784 2014-11-01] (StdLib)R1 {e0f11ce0-b988-4edf-90cb-37fdcbf046be}w64; C:\Windows\System32\drivers\{e0f11ce0-b988-4edf-90cb-37fdcbf046be}w64.sys [48784 2014-11-22] (StdLib)R1 {e5d10fed-0d49-46a4-a9d8-08a4db4ef17c}w64; C:\Windows\System32\drivers\{e5d10fed-0d49-46a4-a9d8-08a4db4ef17c}w64.sys [48784 2014-11-26] (StdLib)R1 {e920b931-4015-4acf-9561-0197bd6bfe7e}w64; C:\Windows\System32\drivers\{e920b931-4015-4acf-9561-0197bd6bfe7e}w64.sys [48784 2014-11-16] (StdLib)R1 {f54d9c50-8210-46e0-a0e8-d9ea665b4ee8}w64; C:\Windows\System32\drivers\{f54d9c50-8210-46e0-a0e8-d9ea665b4ee8}w64.sys [48784 2014-11-18] (StdLib)R1 {fff2d2b4-0f90-4edd-a75a-047e2658236a}w64; C:\Windows\System32\drivers\{fff2d2b4-0f90-4edd-a75a-047e2658236a}w64.sys [48784 2014-10-17] (StdLib)S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [3251984 2016-03-02] (Client Connect LTD)R2 dojygici; C:\Program Files (x86)\85CE4D50-1457819493-81E2-38E9-7C050700D999\jnslFAA9.tmp [284160 2016-03-12] () [Fichier non signé]CHR DefaultSearchURL: Default -> hxxp://www-searching.com/search.aspx?s=G1Pzftpbl2,5075a95d-3834-4382-993c-c00aade764a0,&prd=smw&q={searchTerms}CHR DefaultSearchKeyword: Default -> www-searching.comCHR DefaultSuggestURL: Default -> hxxp://api.searchpredict.com/api/?rqtype=ffplugin&siteID=8661&dbCode=1&command={searchTerms}S3 wpscloudsvr; C:\Users\Abel\AppData\Local\kingsoft\WPS Office\wpscloudsvr.exe [143720 2015-12-22] (Zhuhai Kingsoft Office Software Co.,Ltd)R2 wucotusy; C:\Program Files (x86)\85CE4D50-1457819493-81E2-38E9-7C050700D999\hnsr1603.tmp [416256 2016-03-12] () [Fichier non signé]R2 diqebunozbt; C:\Program Files (x86)\85CE4D50-1457819493-81E2-38E9-7C050700D999\knseDCDA.tmpfs [X]S2 SMUpd; C:\Program Files\Common Files\Goobzo\GBUpdate\smu.exe /service [X]S2 updateamadownqoadai; C:\Users\Abel\AppData\Local\Nimdexon.exe [46592 2015-11-19] () [Fichier non signé]2016-03-12 22:53 - 2016-03-12 22:53 - 00000000 ____D C:\Users\Abel\AppData\Local\85CE4D50-1457823224-81E2-38E9-7C050700D9992016-03-12 22:52 - 2016-03-12 22:52 - 00000000 ____D C:\Program Files (x86)\YTDownloader2016-03-12 22:52 - 2016-03-12 22:52 - 00000000 ____D C:\Program Files (x86)\yessearches_bnd2016-03-12 22:52 - 2016-03-12 22:52 - 00000000 ____D C:\Program Files (x86)\WowCoupon2016-03-12 22:52 - 2016-03-12 22:52 - 00000000 ____D C:\Program Files (x86)\CleanBrowser2016-03-12 22:51 - 2016-03-12 22:52 - 00000000 ____D C:\Program Files (x86)\WebProtectorPlus2016-03-12 22:51 - 2016-03-12 22:52 - 00000000 ____D C:\Program Files (x86)\85CE4D50-1457819493-81E2-38E9-7C050700D9992016-03-12 22:51 - 2016-03-12 22:51 - 00000000 ____D C:\Users\Abel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASPackage2016-03-12 22:51 - 2016-03-12 22:51 - 00000000 ____D C:\Users\Abel\AppData\Roaming\ASPackage2016-03-12 22:51 - 2016-03-12 22:51 - 00000000 ____D C:\Program Files (x86)\WebAdSystem2016-03-12 22:51 - 2016-03-12 22:51 - 00000000 ____D C:\Program Files (x86)\Uniblue2016-03-12 22:51 - 2016-03-12 22:51 - 00000000 ____D C:\Program Files (x86)\Super Optimizer2016-03-12 22:51 - 2016-03-12 22:51 - 00000000 ____D C:\Program Files (x86)\SunnyDay32016-03-12 22:51 - 2016-03-12 22:51 - 00000000 ____D C:\Program Files (x86)\Shop and Save Up2016-03-12 22:51 - 2016-03-12 22:51 - 00000000 ____D C:\Program Files (x86)\SFK2016-03-12 22:50 - 2016-03-12 22:50 - 00000000 ____D C:\Program Files (x86)\ScreenSnapshotTool2016-03-12 22:50 - 2016-03-12 22:50 - 00000000 ____D C:\Program Files (x86)\RoboSaver2016-03-12 22:50 - 2016-03-12 22:50 - 00000000 ____D C:\Program Files (x86)\RCP2016-03-12 22:49 - 2016-03-12 22:50 - 00000000 ____D C:\Program Files (x86)\QuickSearch2016-03-12 22:49 - 2016-03-12 22:49 - 00000000 ____D C:\Program Files (x86)\PriceMeterLiveUpdate2016-03-12 22:49 - 2016-03-12 22:49 - 00000000 ____D C:\Program Files (x86)\ORBTR2016-03-12 22:49 - 2016-03-12 22:49 - 00000000 ____D C:\Program Files (x86)\OfferBoulevard2016-03-12 22:49 - 2016-03-12 22:49 - 00000000 ____D C:\Program Files (x86)\NewSaVer2016-03-12 22:41 - 2016-03-12 22:41 - 00000000 ____D C:\Program Files (x86)\Max Driver Updater2016-03-12 22:41 - 2016-03-12 22:41 - 00000000 ____D C:\Program Files (x86)\iWebar2016-03-12 22:41 - 2016-03-12 22:41 - 00000000 ____D C:\Program Files (x86)\HomeTab2016-03-12 22:41 - 2016-03-12 22:41 - 00000000 ____D C:\Program Files (x86)\globalUpdate2016-03-12 22:41 - 2016-03-12 22:41 - 00000000 ____D C:\Program Files (x86)\Games-desktop2016-03-12 22:41 - 2016-03-12 22:41 - 00000000 ____D C:\Program Files (x86)\Feed Notifier2016-03-12 22:41 - 2016-03-12 22:41 - 00000000 ____D C:\Program Files (x86)\Fast-Search2016-03-12 22:41 - 2016-03-12 22:41 - 00000000 ____D C:\Program Files (x86)\ExploreTech2016-03-12 22:41 - 2016-03-12 22:41 - 00000000 ____D C:\Program Files (x86)\Exploremedia2016-03-12 22:40 - 2016-03-12 22:46 - 00073090 _____ C:\Users\Abel\Downloads\Addition.txt2016-03-12 22:40 - 2016-03-12 22:41 - 00000000 ____D C:\Program Files (x86)\DNS Unlocker2016-03-12 22:40 - 2016-03-12 22:40 - 00000000 ____D C:\Program Files (x86)\deal2dealit2016-03-12 22:40 - 2016-03-12 22:40 - 00000000 ____D C:\Program Files (x86)\DailyPcClean Support2016-03-12 22:38 - 2016-03-12 22:38 - 00000000 ____D C:\Program Files\WebBar2016-03-12 22:38 - 2016-03-12 22:38 - 00000000 ____D C:\Program Files\SpaceSoundPro2016-03-12 22:38 - 2016-03-12 22:38 - 00000000 ____D C:\Program Files\SOUND+2016-03-12 22:38 - 2016-03-12 22:38 - 00000000 ____D C:\Program Files (x86)\Crossbrowse2016-03-12 22:38 - 2016-03-12 22:38 - 00000000 ____D C:\Program Files (x86)\Bench2016-03-12 22:37 - 2016-03-12 22:37 - 00000000 ____D C:\Program Files\HomeTab2016-03-11 23:10 - 2016-03-11 23:10 - 00000000 ____D C:\Users\Abel\AppData\LocalLow\mystarttb2016-03-11 23:09 - 2016-03-12 22:42 - 00000000 ____D C:\Program Files (x86)\mystarttb2016-03-11 23:09 - 2016-03-11 23:09 - 03131345 _____ () C:\Program Files\Common Files\e4w4vnoc.exe2016-03-11 23:09 - 2016-03-11 23:09 - 03131345 _____ () C:\Program Files\Common Files\054u0nab.exe2016-03-11 07:52 - 2016-03-12 22:21 - 00002724 _____ C:\WINDOWS\System32\Tasks\bvxvcyxvyy2016-03-11 07:51 - 2016-03-11 22:46 - 00000000 ____D C:\Users\Abel\AppData\Local\bvxvcyxvyy2016-03-10 21:02 - 2016-03-10 21:02 - 00000000 ____D C:\ProgramData\Bamcofs2016-03-10 21:02 - 2016-03-10 21:02 - 00000000 ____D C:\ProgramData\Bamcof2016-03-10 21:01 - 2016-03-10 21:01 - 03135443 _____ () C:\Program Files\Common Files\v42q50fo.exe2016-03-10 21:01 - 2016-03-10 21:01 - 03135443 _____ () C:\Program Files\Common Files\i0f5tadd.exe2016-03-10 21:01 - 2016-03-10 21:01 - 03135443 _____ () C:\Program Files\Common Files\euojuhxf.exe2016-03-10 21:01 - 2016-03-10 21:01 - 03135443 _____ () C:\Program Files\Common Files\clak4v3d.exe2016-03-10 21:01 - 2016-03-10 21:01 - 03135443 _____ () C:\Program Files\Common Files\aspndisb.exe2016-03-10 21:01 - 2016-03-10 21:01 - 03135443 _____ () C:\Program Files\Common Files\4b54kvaq.exe2016-03-10 20:58 - 2016-03-12 22:50 - 00000000 ____D C:\Program Files (x86)\SearchProtect2016-03-10 20:58 - 2016-03-10 20:58 - 00000000 ____D C:\Users\Abel\AppData\Local\SearchProtect2016-03-10 20:58 - 2016-03-10 20:58 - 00000000 ____D C:\Users\Abel\AppData\Local\AppRunner2016-03-10 20:57 - 2016-03-12 22:52 - 00000000 ____D C:\Program Files (x86)\SearchesToYesbnd2016-03-10 20:10 - 2016-03-10 20:10 - 00000000 ____D C:\$AVG2016-03-10 20:02 - 2016-03-10 20:02 - 00000882 _____ C:\Users\Public\Desktop\AVG.lnk2016-03-10 20:02 - 2016-03-10 20:02 - 00000000 ____D C:\Users\Abel\AppData\Local\MFAData2016-03-10 20:02 - 2016-03-10 20:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen2016-03-10 20:02 - 2016-03-10 20:02 - 00000000 ____D C:\ProgramData\MFAData2016-03-09 18:46 - 2016-03-09 18:46 - 00000000 ___HD C:\$WINDOWS.~BT2016-03-05 20:22 - 2016-03-05 20:22 - 00003440 _____ C:\WINDOWS\System32\Tasks\onrvsq0g2016-03-05 20:20 - 2016-03-05 20:21 - 00000000 ____D C:\Program Files\Common Files\wua1uexe2016-03-05 12:05 - 2016-03-04 15:13 - 00046352 _____ (zdengine) C:\WINDOWS\system32\Drivers\zdwfp64.sys2016-03-05 10:18 - 2016-03-05 10:18 - 00003440 _____ C:\WINDOWS\System32\Tasks\0s4yj04f2016-03-05 10:14 - 2016-03-05 10:15 - 00000000 ____D C:\Program Files\Common Files\etgefu3f2016-03-05 09:47 - 2016-03-10 20:45 - 00000000 ____D C:\Users\Abel\AppData\Local\WikiZ2016-03-05 09:46 - 2016-03-05 09:46 - 00000000 ____D C:\Users\Abel\AppData\Roaming\WikiZ2016-03-05 09:46 - 2016-03-05 09:46 - 00000000 ____D C:\Users\Abel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WikiZ2016-03-04 17:33 - 2016-03-04 17:33 - 00003440 _____ C:\WINDOWS\System32\Tasks\bwrt33fo2016-03-04 17:33 - 2016-03-04 17:33 - 00000000 ____D C:\Program Files\Common Files\vj3nlvs12016-03-04 14:25 - 2016-03-08 19:49 - 00000000 ____D C:\Users\Abel\Desktop\knb amv2016-03-04 12:15 - 2016-03-04 12:15 - 00003440 _____ C:\WINDOWS\System32\Tasks\m4gl0ypn2016-03-04 12:13 - 2016-03-04 12:13 - 00000000 ____D C:\Program Files\Common Filespehiis22016-03-04 10:42 - 2016-03-09 21:42 - 00000000 ____D C:\Users\Abel\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E1082016-03-04 10:40 - 2016-03-05 09:46 - 00000000 ____D C:\extensions2016-03-02 23:04 - 2016-03-02 23:04 - 00003316 _____ C:\WINDOWS\System32\Tasks\uadatedjwn2016-03-02 19:16 - 2016-03-02 19:16 - 00003440 _____ C:\WINDOWS\System32\Tasks\ibremlue2016-03-02 19:16 - 2016-03-02 19:16 - 00000000 ____D C:\Program Files\Common Files\zra0l5ee2016-03-01 13:29 - 2016-03-10 20:44 - 00000000 ____D C:\Users\Abel\AppData\Local
w-app2016-02-29 13:28 - 2016-02-29 13:28 - 00003440 _____ C:\WINDOWS\System32\Tasks\znenazvd2016-02-28 09:16 - 2016-02-28 09:16 - 00000000 ____D C:\Users\Abel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sound+ 1.02016-02-24 23:26 - 2016-02-24 23:26 - 00000000 ____D C:\ProgramData\serfes2016-02-24 23:25 - 2016-03-09 20:22 - 00000000 ____D C:\ProgramData\serfe2016-02-19 20:25 - 2016-03-12 22:21 - 00002330 _____ C:\WINDOWS\System32\Tasks\{DFBC0FCF-B44A-4769-A0C2-E0117A0A2962}2016-03-10 19:57 - 2016-02-08 11:02 - 00000000 ____D C:\Users\Abel\AppData\Roaming\ayux5tH2016-03-10 19:57 - 2015-04-08 19:46 - 00000000 ____D C:\Users\Abel\AppData\Roaming\SG6KKVJ2015-12-25 11:44 - 2016-01-05 14:32 - 2984805 _____ (qBank) C:\Program Files (x86)\SSFK.exe2016-03-11 23:09 - 2016-03-11 23:09 - 3131345 _____ () C:\Program Files\Common Files\054u0nab.exe2016-03-10 21:01 - 2016-03-10 21:01 - 3135443 _____ () C:\Program Files\Common Files\4b54kvaq.exe2016-03-10 21:01 - 2016-03-10 21:01 - 3135443 _____ () C:\Program Files\Common Files\aspndisb.exe2016-03-10 21:01 - 2016-03-10 21:01 - 3135443 _____ () C:\Program Files\Common Files\clak4v3d.exe2016-03-11 23:09 - 2016-03-11 23:09 - 3131345 _____ () C:\Program Files\Common Files\e4w4vnoc.exe2016-03-10 21:01 - 2016-03-10 21:01 - 3135443 _____ () C:\Program Files\Common Files\euojuhxf.exe2016-03-10 21:01 - 2016-03-10 21:01 - 3135443 _____ () C:\Program Files\Common Files\i0f5tadd.exe2016-03-10 21:01 - 2016-03-10 21:01 - 3135443 _____ () C:\Program Files\Common Files\v42q50fo.exe2015-05-21 08:45 - 2015-08-13 12:42 - 0000024 _____ () C:\Users\Abel\AppData\Roaming\appdataFr25.bin2015-02-11 17:38 - 2015-05-13 13:18 - 0000020 _____ () C:\Users\Abel\AppData\Roaming\appdataFr3.bin2014-03-19 20:45 - 2015-11-23 01:31 - 0000151 _____ () C:\Users\Abel\AppData\Roaming\WB.CFG2015-04-14 18:04 - 2015-04-14 18:04 - 0000000 _____ () C:\Users\Abel\AppData\Local\.a852.db2014-06-08 21:25 - 2014-06-20 19:07 - 7938048 _____ () C:\Users\Abel\AppData\Local\ChromeHitoryDB2015-11-10 19:38 - 2015-11-10 19:38 - 3531374 _____ () C:\Users\Abel\AppData\Local\curl.zip2015-01-20 16:14 - 2015-12-15 12:17 - 0238592 _____ () C:\Users\Abel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini2014-12-02 12:34 - 2014-12-17 11:34 - 0000001 _____ () C:\Users\Abel\AppData\Local\DSI.DAT2014-12-13 16:34 - 2014-12-13 16:34 - 0022528 _____ () C:\Users\Abel\AppData\Local\dsisetup31942502.exe2014-12-02 12:34 - 2014-12-02 12:34 - 0022528 _____ () C:\Users\Abel\AppData\Local\dsisetup8422342.exe2014-12-17 11:34 - 2014-12-17 11:34 - 0022528 _____ () C:\Users\Abel\AppData\Local\dsisetup9939372.exe2014-11-26 18:45 - 2014-12-20 12:45 - 0000008 _____ () C:\Users\Abel\AppData\Local\ext2.dat2014-11-26 18:45 - 2014-11-26 18:45 - 0022528 _____ () C:\Users\Abel\AppData\Local\extsetup2621793121.exe2014-12-20 12:45 - 2014-12-20 12:45 - 0022528 _____ () C:\Users\Abel\AppData\Local\extsetup2644549841.exe2014-11-26 18:45 - 2014-12-20 12:45 - 0643948 _____ () C:\Users\Abel\AppData\Local\extsq.dll2015-11-19 16:47 - 2015-11-19 16:47 - 0046592 _____ () C:\Users\Abel\AppData\Local\Nimdexon.exe2015-11-19 16:47 - 2015-11-19 16:47 - 0000187 _____ () C:\Users\Abel\AppData\Local\Nimdexon.exe.config2014-03-19 20:03 - 2014-03-19 20:03 - 1172664 _____ (AnyProtect.com) C:\Users\Abel\AppData\Local
skF801.tmp2015-04-08 19:46 - 2016-03-05 10:23 - 0000399 _____ () C:\Users\Abel\AppData\Localecently-fix.db2015-12-29 13:16 - 2015-12-29 13:17 - 0000338 _____ () C:\Users\Abel\AppData\Local\SaZWQ5.vbs2015-12-28 19:16 - 2015-12-28 19:17 - 0000338 _____ () C:\Users\Abel\AppData\Local\ukK3Bq.vbs2014-05-30 16:18 - 2014-05-30 16:18 - 0000000 _____ () C:\Users\Abel\AppData\Local\{25B4A9E6-EA62-4DBB-B36C-C8CBBE2F6C8D}2014-05-30 16:18 - 2014-05-30 16:18 - 0000000 _____ () C:\Users\Abel\AppData\Local\{46FE4EF1-AF47-474B-A844-4634E5C534D1}2014-05-30 16:18 - 2014-05-30 16:18 - 0000000 _____ () C:\Users\Abel\AppData\Local\{5453D268-849B-462D-BC80-D5809C6DFEDE}2014-08-18 21:26 - 2014-08-18 21:27 - 1482664 _____ () C:\ProgramData\Setup.exe


Une fois, le texte collé dans le Bloc-notes,
Menu "Fichier" puis "Enregistrer sous",
A gauche, place toi sur le Bureau,
Dans le champs en bas, nom du fichier mets : fixlist.txt
Clique sur "Enregistrer", cela va créer fixlist.txt sur le Bureau.

Relance FRST et clique sur le bouton "Corriger / Fix"
Un redémarrage sera peut-être nécessaire ( pas obligatoire )
Un fichier texte apparait, copie/colle le contenu ici dans un nouveau message.
 
 
Veuillez appuyer sur une touche pour continuer la désinfection...

Malekal_morte- · Answer

Peux-tu faire passer le rapport AdwCleaner ?



Tu devrais faire un nettoyage Malwarebytes.

MalwareBytes ( durée : environ 40min de scan ):
==================================================
Télécharge et installe MBAM. La version gratuite permet de nettoyer ( décoche bien la proposition d'essai de la version Premium à la fin de l'installation ) :

 Tutoriel MBAM version gratuite
 Tutoriel MBAM version payante

Mettre MBAM à jour puis lancer un examen.
A la fin du scan, clique sur "Supprimer Sélection" en bas à gauche. 
Redémarrer l'ordinateur si nécessaire puis relancer Malwarebytes.
Vas chercher le rapport dans l'onglet "Historique".

A gauche "Journal d'analyse", double-clique sur l'examen dans la liste. Puis en bas "Copier dans le presse papier", va sur http://pjjoint.malekal.com/, clique droit "Coller" pour coller le contenu du rapport du scan. Clique sur "Envoyer". Dans un nouveau message ici en réponse, donne le lien pjjoint afin de pouvoir consulter le rapport.

Run.vbs manquant suite adwcleaner

3 réponses

Fin de Fixlog 23:48:35

Discussions similaires

Newsletters