Problème avec "winx"
Solved
dragonball13
Posted messages
17
Registration date
Status
Membre
Last intervention
-
Malekal_morte- Posted messages 178136 Registration date Status Modérateur, Contributeur sécurité Last intervention -
Malekal_morte- Posted messages 178136 Registration date Status Modérateur, Contributeur sécurité Last intervention -
Hello,
for some time now, without me doing anything or when opening a new tab, a white window has been opening quite regularly while I am online with "winx" written in the taskbar, along with a tab in which it says:
"Windows 7 has detected that your Microsoft Windows system is outdated and compromised
this leads to the automatic deletion of your system files
follow the instructions immediately to resolve this issue and ensure your system remains up to date"
I know this message is totally fake, but it’s quite annoying because the only way to close this window is to go through the task manager to close all open tabs
thank you in advance for any help you can provide to get rid of this nuisance
for some time now, without me doing anything or when opening a new tab, a white window has been opening quite regularly while I am online with "winx" written in the taskbar, along with a tab in which it says:
"Windows 7 has detected that your Microsoft Windows system is outdated and compromised
this leads to the automatic deletion of your system files
follow the instructions immediately to resolve this issue and ensure your system remains up to date"
I know this message is totally fake, but it’s quite annoying because the only way to close this window is to go through the task manager to close all open tabs
thank you in advance for any help you can provide to get rid of this nuisance
4 réponses
Good evening,
Follow the FRST tutorial. ( take the time to read carefully - everything is well explained ).
Download and run the FRST scan,
Wait for the scan to finish, a message will indicate that the analysis is complete.
Three FRST reports will be generated:
Send these 3 reports to the website https://pjjoint.malekal.com/ to share them.
In return, provide the 3 pjjoint links to the reports here in a new reply so we can review them.
--
Please press any key to continue the disinfection...
Follow the FRST tutorial. ( take the time to read carefully - everything is well explained ).
Download and run the FRST scan,
Wait for the scan to finish, a message will indicate that the analysis is complete.
Three FRST reports will be generated:
- FRST.txt
- Shortcut.txt
- Additionnal.txt
Send these 3 reports to the website https://pjjoint.malekal.com/ to share them.
In return, provide the 3 pjjoint links to the reports here in a new reply so we can review them.
--
Please press any key to continue the disinfection...
Uninstall Google Toolbar for Internet Explorer
Here is the fix to perform with FRST. You can refer to this explanatory note with screenshots.
Restart FRST and then press CTRL + Y on your keyboard.
The notepad will open, copy/paste this.
Save the content via the file menu and then save.
Close the notepad, go back to FRST, and click on the "Fix" button
A restart may be necessary and automatic.
A text file will appear, copy/paste the content here in a new message.
Restart the computer.
2°)
Reset/Repair the affected web browsers:
3°)
Open "My Computer" then the "C" drive then the "FRST" folder
Inside you will find the "Quarantine" folder, right-click on it,
Then select from the menu "Send to compressed folder"
Then send the "Quarantine.zip" to http://upload.malekal.com/
--
Please press a key to continue the disinfection...
Here is the fix to perform with FRST. You can refer to this explanatory note with screenshots.
Restart FRST and then press CTRL + Y on your keyboard.
The notepad will open, copy/paste this.
CreateRestorePoint:
CloseProcesses:
Task: {78997282-5B6D-4CD6-9B97-9A8FDEE8968E} - \Yahoo! Powered nomif -> No file <==== WARNING
Task: {87872510-6884-46DE-BE47-D8DD07FE9775} - \ByteFence -> No file <==== WARNING
Task: {E364D9B3-6F3C-452D-BC95-EB557AC987ED} - System32\Tasks\{5A0F46FF-B5D0-6B33-5AC0-29EA834D8F71} => C:\Users\LAFAMI~1\AppData\Local\Femago\SYNHEL~1.EXE
BHO-x32: Partner BHO Class -> {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} -> C:\ProgramData\Partner\Partner.dll [2010-01-13] (Google Inc.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2017-11-15] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2017-11-15] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2017-11-15] (Google Inc.)
Toolbar: HKU\S-1-5-21-3013395529-3837710840-3842723136-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2017-11-15] (Google Inc.)
C:\Program Files (x86)\Google\Google Toolbar
2018-04-10 21:49 - 2018-04-18 21:49 - 000000282 _____ C:\Windows\Tasks\{5A0F46FF-B5D0-6B33-5AC0-29EA834D8F71}.job
2018-04-10 21:49 - 2018-04-11 18:15 - 000000000 ____D C:\Users\la famille\AppData\Local\Femago
2018-04-10 21:49 - 2018-04-10 21:49 - 000003240 _____ C:\Windows\System32\Tasks\{5A0F46FF-B5D0-6B33-5AC0-29EA834D8F71}
2018-04-10 21:49 - 2018-04-10 21:49 - 000001349 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HowToRemove.lnk
2018-04-10 21:49 - 2018-04-10 21:49 - 000000000 ____D C:\ProgramData\{8B684E0B-012A-C4CD-87EC-5A8F1DAED141}
RemoveProxy:
Reboot:
Save the content via the file menu and then save.
Close the notepad, go back to FRST, and click on the "Fix" button
A restart may be necessary and automatic.
A text file will appear, copy/paste the content here in a new message.
Restart the computer.
2°)
Reset/Repair the affected web browsers:
- Repair Mozilla Firefox (first paragraph)
- Repair Google Chrome (only the first paragraph).
3°)
Open "My Computer" then the "C" drive then the "FRST" folder
Inside you will find the "Quarantine" folder, right-click on it,
Then select from the menu "Send to compressed folder"
Then send the "Quarantine.zip" to http://upload.malekal.com/
--
Please press a key to continue the disinfection...
It's all good =)
Delete the folder C:\FRST
Finish with a cleanup using Malwarebytes - Malwarebytes Anti-Malware Free Version Tutorial
Avoid regular scans and cleanups with ZHPCleaner, AdwCleaner, not useful.
Some tips:
To avoid getting caught again.
Read - Potentially Unwanted Programs / PUPs: Adwares/PUPs File: unwanted and parasitic programs
(Especially enable LPI detections to spot parasitic and ad programs)
--
Please press a key to continue the disinfection...
Delete the folder C:\FRST
Finish with a cleanup using Malwarebytes - Malwarebytes Anti-Malware Free Version Tutorial
Avoid regular scans and cleanups with ZHPCleaner, AdwCleaner, not useful.
Some tips:
To avoid getting caught again.
Read - Potentially Unwanted Programs / PUPs: Adwares/PUPs File: unwanted and parasitic programs
(Especially enable LPI detections to spot parasitic and ad programs)
--
Please press a key to continue the disinfection...
Hello,
well, we didn't have to wait long...
here is the link for the screenshot:
https://pjjoint.malekal.com/files.php?id=20180423_b7w6b7j1512
well, we didn't have to wait long...
here is the link for the screenshot:
https://pjjoint.malekal.com/files.php?id=20180423_b7w6b7j1512