Impossible de réinstaller google

[Seliatrop]

Bonjour, j'ai récemment installer un virus sans le savoir, je recevais des page de pub sans raison du coup j'ai désinstaller google puis lorsque je le réinstalle cela me marquait un message d'erreur intitulé: Votre administrateur réseau a appliqué une stratégie de groupe qui empêche de procéder à l'installation, du coup je me suis renseigner sur le sujet.
Voici les rapport que j'ai eu a partir de FRST:

FRST: https://pjjoint.malekal.com/files.php?i ... 10l11n8w12

Shortcut: https://pjjoint.malekal.com/files.php?i ... 14h9c14y14

Addition: https://pjjoint.malekal.com/files.php?i ... u10l12j8g9

[Malekal_morte]

Salut,

Mouaip bcp de malwares suite à un crack.

A désinstaller :

Akamai NetSession Interface
Java

Voici la correction à effectuer avec FRST. Tu peux t'aider de cette note explicative avec des captures d'écran.

Ouvre le bloc-notes : Touche Windows + R,
Dans le champs "Exécuter", saisir notepad et OK.
Copie/Colle dedans ce qui suit :

Code : Tout sélectionner

CreateRestorePoint:
CloseProcesses:
Task: {05423A22-A322-4C81-AA5B-6754BABF3A8E} - System32\Tasks\{852E844C-6E61-41CA-9D08-C6C562CC4EAD} => C:\Windows\system32\pcalua.exe -a C:\Users\gh\AppData\Local\{F83ECE62-DC96-A2DA-B10E-873295667BAA}\uninst.exe -c -P=/Uninstall /s /noun /DelSelfDir
Task: {0FBCA7BD-26B4-4653-ABC3-ACEF4E711072} - System32\Tasks\Online Application V2G2 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe (MICROLEAVES LTD -> ) <==== ATTENTION
Task: {1077541C-16CC-4C25-8DBF-01467FD1EAF7} - System32\Tasks\kQPOAcCRavYRc2 => C:\Windows\system32\wscript.exe "C:\ProgramData\UuBdWvPhYJRUMoVB\VybYWZN.wsf"
Task: {130A1C3D-53B8-455F-AE53-785BD5E5668D} - System32\Tasks\Online Application V2G4 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe (MICROLEAVES LTD -> ) <==== ATTENTION
Task: {14F1364F-8B5D-42CF-B767-E3585E97BEEE} - System32\Tasks\{3CFC3B76-8DBC-48F2-9341-9E47C5349946} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\ByteFence\ByteFence.exe" -c /uninstall
Task: {17B28B78-99BA-4990-97A0-4BB6DABA1242} - System32\Tasks\syncversion\{3B86CA3A-9F77-3DB7-AB13-598BED1FA608} => C:\PROGRA~2\COMMON~1\3B86CA~1\SYNCVE~1.EXE
Task: {17C12582-886E-4397-8CEA-76CD0567529A} - System32\Tasks\{4C92D5D2-29AA-448E-8060-B192FAF24AE2} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\ByteFence\ByteFence.exe" -c /uninstall
Task: {19CBF369-9ED9-4B44-BC83-060A196D525F} - System32\Tasks\Updater_Online_Application => C:\Program Files (x86)\Microleaves\Online Application\Online Application Updater.exe (MICROLEAVES LTD -> Microleaves) <==== ATTENTION
Task: {1B9AE616-2C01-4654-9839-D4011C375B0A} - System32\Tasks\nucleonics surrenderingnucleonics surrendering => C:\Program Files (x86)\Dauntingly\Lept.exe
Task: {1C407B43-FBF2-4A8A-9BCF-ABAC25A9D251} - System32\Tasks\{65671189-069B-42CF-83AD-295E65EEF4B2} => C:\Windows\system32\pcalua.exe -a "D:\Program Files (x86)\Arc\ArcLauncher.exe" -d C:\Users\gh\Desktop -c gamecustom nw
Task: {1E0415C7-EAFD-42BC-B466-1DDB3CF01056} - System32\Tasks\Online Application V2G1 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe (MICROLEAVES LTD -> ) <==== ATTENTION
Task: {25D7A2B9-D649-41CA-8AE3-DF009AB828D8} - System32\Tasks\billows_bouvierbillows_bouvier => C:\Program Files (x86)\Dauntingly\Oise.exe
Task: {26B14502-AB33-4C0F-A694-3DB42C915E63} - System32\Tasks\WebDiscover Browser Update Task => C:\Program Files\WebDiscoverBrowser\4.21.2\browser.exe <==== ATTENTION
Task: {2B5BDFA9-BD2C-4ACD-8B4C-221EBE251118} - System32\Tasks\dudWmRhRoqsSawPzq2 => rundll32 "C:\Program Files (x86)\nckTEZzRemtVffbHobR\QCwkVLQ.dll",#1
Task: {3B8436F7-1A5D-4EFA-A0BB-23F80AC710AA} - System32\Tasks\{0DCDCE7F-623D-4E6E-A724-77556539C80A} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.7.60.102/fr/abandoninstall?page=tsProgressBar
Task: {3EA9C761-D20A-40F5-A357-F53E6047A0F5} - System32\Tasks\{7A0BC20D-7970-407A-A3EE-05828E0236DD} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Hi-Rez Studios\HiRezGamesDiagAndSupport.exe" -c uninstall=0
Task: {40025127-D145-4D84-A472-BEDD57FF9E01} - System32\Tasks\augsijBPpDWbmS => rundll32 "C:\Program Files (x86)\rpqKkZxEWouU2\eJLNBWXQVPFvD.dll",#1
Task: {4264B895-0540-4C38-82C4-506F5A9D78F5} - System32\Tasks\looterslooters => C:\Program Files (x86)\Refocus\mote.exe
Task: {44320B89-F15D-4B31-B1BD-DCDD288EB3CE} - System32\Tasks\Opera scheduled Autoupdate 711520318 => C:\Users\gh\AppData\Roaming\Microsoft\Windows\vjhjvtde\urjtwsrf.exe (qip.ru) [Fichier non signé]
Task: {44E76A5D-D4F7-405C-9164-739F399E67E6} - System32\Tasks\Online Application V2G6 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe (MICROLEAVES LTD -> ) <==== ATTENTION
Task: {4AA196C1-37DB-4090-8FE5-951209BCF20A} - System32\Tasks\{0265A6DF-B90C-4C2C-A166-5751A74291E6} => C:\Windows\system32\pcalua.exe -a "D:\Program Files (x86)\Hi-Rez Studios\HiRezGamesDiagAndSupport.exe" -c uninstall=all
Task: {5224674F-D96D-473C-B454-C599F3CCC4A9} - System32\Tasks\AnVDoMYPdlSYoXw2 => rundll32 "C:\Program Files (x86)\BDaKbhYEU\JNWQPv.dll",#1
Task: {58989C3D-7E9B-43FB-9908-05E5A5A60E6C} - System32\Tasks\replies_overpayingreplies_overpaying => C:\Users\gh\AppData\Local\Lept.exe
Task: {5D8E82C9-8989-44B1-9C64-BB64D139BF34} - System32\Tasks\{80AE5526-1979-4C6E-8D4C-F2171F4E69E1} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\ByteFence\ByteFence.exe" -c /uninstall
Task: {704D6596-D0C8-4C72-86CE-83EC55F0AC0F} - System32\Tasks\{645B6B05-37AB-4A03-8558-EBEA64072A9A} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}\setup.exe" -c -runfromtemp -l0x0409  -removeonly
Task: {87CD3718-6511-41D3-AC25-BFFEBAE2AF2B} - System32\Tasks\esgLguAvYAzBucUaRbN2 => rundll32 "C:\Program Files (x86)\FIOIhwxDgWeVC\vyqEpdo.dll",#1
Task: {8BBF8D84-F4CB-4B56-AF63-ADF348BD357D} - System32\Tasks\{AC28DA06-73F3-4E91-BC6F-BB1561AB470F} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\TeamSpeak 3 Client\uninstall.exe"
Task: {8FE48BEC-5245-4722-B61D-8A24FFA1A8E6} - System32\Tasks\SynHelper\{7C0AF08E-1970-562D-9F40-52A6A96C800A} => C:\Users\gh\AppData\Roaming\TEKUHE~1\SYNHEL~1.EXE <==== ATTENTION
Task: {96EEEA32-4DEB-492C-9869-3F1151020E96} - System32\Tasks\{51569B12-28BE-4F48-AD90-6E57553577E8} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=5.0.0.152&LastError=404
Task: {978CEE45-847D-40E0-B229-BEFE0FA493AF} - System32\Tasks\{337A06AC-1476-0475-6D3C-1CF208AAF513} => C:\Users\gh\AppData\Roaming\bodor\SYNHEL~1.EXE
Task: {986DBA1D-42D4-4274-AB73-F59C92BCACDA} - System32\Tasks\eyeshadeeyeshade => C:\Program Files (x86)\Diaconate\Oise.exe
Task: {9A3012A0-426E-4CA3-8A93-A4D2F7D7CE98} - System32\Tasks\{2F3D2CE6-1333-4676-9222-5CEDB581B893} => C:\Windows\system32\pcalua.exe -a C:\Users\gh\AppData\Local\{883EBE62-AC96-D2DA-C10E-F732E5660BAA}\uninst.exe -c -P=/Uninstall /s /noun /DelSelfDir
Task: {9E938AF1-4328-4819-836D-46758047D5FC} - System32\Tasks\Online Application V2G3 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe (MICROLEAVES LTD -> ) <==== ATTENTION
Task: {A23AAF5D-07E0-43C6-B091-9FDA38C8F968} - System32\Tasks\DMMGamePlayer => D:\Program Files (x86)\DMMGamePlayer\DMMGamePlayer.exe <==== ATTENTION
Task: {A6D58357-243B-486B-9241-546A3248FDB4} - System32\Tasks\annika apaches monopolizedannika apaches monopolized => C:\Users\gh\AppData\Local\Oise.exe () [Fichier non signé]
Task: {AD1B7007-5F58-4536-81D8-08E3087734CB} - System32\Tasks\Secured Yahoo Powered mimod => C:\Windows\system32\wscript.exe "C:\ProgramData\{CFA20AC1-45E0-8007-C326-1E455964958B}\cire.txt" "68747470733a2f2f6464756b6d716c2e636f6d" "433a5c50726f6772616d446174615c7b43464132304143312d343545302d383030372d433332362d3145343535393634393538427d5c6c6f6c6f7469" "433a5c50726f6772616d446174615c7b43464132304143312d343545302d383030372d (l'élément de données a 84 caractères en plus). <==== ATTENTION
Task: {BB839833-A902-417A-8394-110394A44E1A} - System32\Tasks\{3E85A0F5-369D-4943-B334-36822A5FA33A} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.7.60.102/fr/abandoninstall?page=tsProgressBar
Task: {BD630469-1B9B-4440-B31A-2B1083CD33C5} - System32\Tasks\Opera scheduled Autoupdate 1504339184 => C:\Users\gh\AppData\Local\Programs\Opera\launcher.exe
Task: {C0E84DC8-7CBA-492B-8844-483D6A66151C} - System32\Tasks\{DE8EB8F8-2803-4E98-8714-2870022AE5B8} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.7.60.102/fr/abandoninstall?page=tsProgressBar
Task: {C75DD6C1-083D-4FC3-8F0D-FD0AC378DB78} - System32\Tasks\minerva-egosminerva-egos => C:\Program Files (x86)\prostitution\Lept.exe
Task: {E85B5090-4317-492E-8872-1EEF525E2987} - System32\Tasks\Yahoo! Powered mimod => "wscript.exe" "C:\ProgramData\{CC4D092E-460F-83E8-C0C9-1DAA5A8B9664}\cire" "68747470733a2f2f643277763764656e63316a78397a2e636c6f756466726f6e742e6e6574" "//B" "//E:jscript" "--IsErIk"
Task: {EFED2B52-4909-4000-8423-D3AC8D8C696D} - System32\Tasks\uninterrupteduninterrupted => C:\Program Files (x86)\hoshino\hoshino.exe
Task: {F58E5694-11AB-4656-841C-641C795E6977} - System32\Tasks\Online Application V2G5 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe (MICROLEAVES LTD -> ) <==== ATTENTION
Task: {FC815CE7-8E2D-42FD-AB8B-B9C7B16C6D9C} - System32\Tasks\WebDiscover Browser Launch Task => C:\Program Files\WebDiscoverBrowser\4.21.2\browser.exe <==== ATTENTION
Task: {FF78708C-509A-4CF6-BAD3-95A65A7F9C62} - System32\Tasks\{83936694-BCE1-48EC-9683-2244AE4C4240} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\ByteFence\ByteFence.exe" -c /uninstall
HKLM\...\Run: [WebDiscoverBrowser] => C:\Program Files\WebDiscoverBrowser\4.21.2\browser.exe --docked <==== ATTENTION 
KLM\...\Run: [Astute] => C:\Program Files (x86)\Diaconate\Oise.exe hagvwhagvwhagvwhagv.hagvyhagvqhagvyhagv.hagvphagvwhagv/hagvvh2iw0iw1ihagvw9iw0q4q0vhagvh6vhiwhtmlhagv083P358Ct5hagvmbTkrUd1IF
HKLM\...\Run: [Drafter] => C:\Program Files (x86)\prostitution\Lept.exe hagvwhagvwhagvwhagv.hagvyhagvqhagvyhagv.hagvphagvwhagv/hagvvh2iw0iw1ihagvw9iw0q4q0vhagvh6vhiwhtmlhagv083P358Ct5hagvmbTkrUd1IF
HKLM\...\Run: [Footer] => C:\Program Files (x86)\Dauntingly\Oise.exe hagvwhagvwhagvwhagv.hagvyhagvqhagvyhagv.hagvphagvwhagv/hagvvh2iw0iw1ihagvw9iw0q4q0vhagvh6vhiwhtmlhagv083P358Ct5hagvmbTkrUd1IF 
HKLM-x32\...\Run: [Distinction] => C:\Program Files (x86)\Diaconate\Oise.exe hagvwhagvwhagvwhagv.hagvyhagvqhagvyhagv.hagvphagvwhagv/hagvvh2iw0iw1ihagvw9iw0q4q0vhagvh6vhiwhtmlhagv083P358Ct5hagvmbTkrUd1IF
HKLM-x32\...\Run: [Obermeyer] => C:\Program Files (x86)\prostitution\Lept.exe hagvwhagvwhagvwhagv.hagvyhagvqhagvyhagv.hagvphagvwhagv/hagvvh2iw0iw1ihagvw9iw0q4q0vhagvh6vhiwhtmlhagv083P358Ct5hagvmbTkrUd1IF
HKLM-x32\...\Run: [Lanza] => C:\Program Files (x86)\Dauntingly\Oise.exe hagvwhagvwhagvwhagv.hagvyhagvqhagvyhagv.hagvphagvwhagv/hagvvh2iw0iw1ihagvw9iw0q4q0vhagvh6vhiwhtmlhagv083P358Ct5hagvmbTkrUd1IF
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1429103522-612112897-1401305486-1001\...\Run: [Akamai NetSession Interface] => C:\Users\gh\AppData\Local\Akamai\netsession_win.exe [4490200 2017-01-03] (Akamai Technologies, Inc. -> Akamai Technologies, Inc.)
HKU\S-1-5-21-1429103522-612112897-1401305486-1001\...\Run: [asm-fixed-1.1.jar] => C:\Users\gh\AppData\Roaming\asm-fixed-1.1.jar --restore-last-session --restore-last-session 
HKU\S-1-5-21-1429103522-612112897-1401305486-1001\...\Run: [World of Warplanes] => D:\Games\World_of_Warplanes\WargamingGameUpdater.exe [3136264 2017-06-06] (Wargaming.net LLP -> Wargaming.net) [Fichier non signé]
HKU\S-1-5-21-1429103522-612112897-1401305486-1001\...\Run: [World of Tanks] => D:\Games\World_of_Tanks\WargamingGameUpdater.exe [3139936 2018-06-25] (Wargaming.net Limited -> Wargaming.net)
HKU\S-1-5-21-1429103522-612112897-1401305486-1001\...\Run: [McAfeeSafeConnect] => C:\Program Files (x86)\McAfee Safe Connect\McAfee Safe Connect.exe --restore-last-session --restore-last-session 
HKU\S-1-5-21-1429103522-612112897-1401305486-1001\...\Run: [glaxzi] => rundll32.exe C:\Users\gh\AppData\Local\glaxzi.dll,glaxzi <==== ATTENTION
HKU\S-1-5-21-1429103522-612112897-1401305486-1001\...\Run: [MhR93#Ll7z.exe] => C:\Program Files\Mozilla Firefox\8M7SZYV9IH4PFTXD1\MhR93#Ll7z.exe
HKU\S-1-5-21-1429103522-612112897-1401305486-1001\...\Run: [Urological] => C:\Program Files (x86)\Diaconate\Oise.exe hagvwhagvwhagvwhagv.hagvyhagvqhagvyhagv.hagvphagvwhagv/hagvvh2iw0iw1ihagvw9iw0q4q0vhagvh6vhiwhtmlhagv083P358Ct5hagvmbTkrUd1IF
HKU\S-1-5-21-1429103522-612112897-1401305486-1001\...\Run: [Damato] => C:\Program Files (x86)\prostitution\Lept.exe hagvwhagvwhagvwhagv.hagvyhagvqhagvyhagv.hagvphagvwhagv/hagvvh2iw0iw1ihagvw9iw0q4q0vhagvh6vhiwhtmlhagv083P358Ct5hagvmbTkrUd1IF
HKU\S-1-5-21-1429103522-612112897-1401305486-1001\...\Run: [Partying] => C:\Program Files (x86)\Dauntingly\Oise.exe hagvwhagvwhagvwhagv.hagvyhagvqhagvyhagv.hagvphagvwhagv/hagvvh2iw0iw1ihagvw9iw0q4q0vhagvh6vhiwhtmlhagv083P358Ct5hagvmbTkrUd1IF
HKU\S-1-5-21-1429103522-612112897-1401305486-1001\...\Run: [Subdural] => C:\Program Files (x86)\Diaconate\Oise.exe hagvwhagvwhagvwhagv.hagvyhagvqhagvyhagv.hagvphagvwhagv/hagvvh2iw0iw1ihagvw9iw0q4q0vhagvh6vhiwhtmlhagv083P358Ct5hagvmbTkrUd1IF
HKU\S-1-5-21-1429103522-612112897-1401305486-1001\...\Run: [Earner] => C:\Program Files (x86)\prostitution\Lept.exe hagvwhagvwhagvwhagv.hagvyhagvqhagvyhagv.hagvphagvwhagv/hagvvh2iw0iw1ihagvw9iw0q4q0vhagvh6vhiwhtmlhagv083P358Ct5hagvmbTkrUd1IF
HKU\S-1-5-21-1429103522-612112897-1401305486-1001\...\Run: [Strainers] => C:\Program Files (x86)\Dauntingly\Oise.exe hagvwhagvwhagvwhagv.hagvyhagvqhagvyhagv.hagvphagvwhagv/hagvvh2iw0iw1ihagvw9iw0q4q0vhagvh6vhiwhtmlhagv083P358Ct5hagvmbTkrUd1IF
HKU\S-1-5-21-1429103522-612112897-1401305486-1001\...\Run: [undergoing] => C:\Program Files (x86)\persona\undergoing.exe hagvwhagvwhagvwhagv.hagvyhagvqhagvyhagv.hagvphagvwhagv/hagvvh2iw0iw1ihagvw9iw0q4q0vhagvh6vhiwhtmlhagv083P358Ct5hagvmbTkrUd1IF
HKU\S-1-5-21-1429103522-612112897-1401305486-1001\...\Run: [hooke] => C:\Program Files (x86)\Diaconate\Oise.exe 
AppInit_DLLs: C:\AEROGL~1\ModernFrame.dll => Pas de fichier
Startup: C:\Users\gh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\decorously.lnk [2019-04-06]
ShortcutTarget: decorously.lnk -> C:\Program Files (x86)\Diaconate\Oise.exe (Pas de fichier)
Startup: C:\Users\gh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\decorouslydecorously.lnk [2019-04-06]
ShortcutTarget: decorouslydecorously.lnk -> C:\Program Files (x86)\prostitution\Lept.exe (Pas de fichier)
Startup: C:\Users\gh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\vjhjvtde.lnk [2019-04-07]
GroupPolicy: Restriction - Chrome <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
R2 AppServiceGroup; C:\Users\gh\AppData\Local\Michael\Michael.dll [586752 2019-01-03] () [Fichier non signé] 
R2 NzRiZWUwMmEy; C:\Program Files\NzRiZWUwMmEy\YjI0MmU3OTFmNDg5.exe [1250304 2019-04-05] () [Fichier non signé]
S2 pgt_svc; C:\Program Files (x86)\ProxyGate\MainService.exe [X] <==== ATTENTION
S2 Smart Monitoring; C:\Program Files (x86)\SmartData\hhb91hih.exe /srv [X]
R2 ZDRjMjM3Y2U5YmI3OG; rundll32.exe C:\Windows\usqehjfuoqimx.usqeh BrfINPkpCTLBPvCC [X] 
S2 rcdll; C:\Users\gh\AppData\Local\Temp\rcdll.exe [60928 2019-04-06] (Microsoft Corporation) [Fichier non signé] <==== ATTENTION
S2 symsrv; C:\Program Files\windows nt\symsrv.exe [145168 2019-04-06] (Microsoft Corporation -> Microsoft Corporation) 
S3 mracdrv; C:\Windows\System32\drivers\mracdrv.sys [10782936 2018-10-25] (Mail.Ru LLC -> LLC Mail.Ru) 
2019-04-06 15:29 - 2019-04-06 15:29 - 014214207 _____ C:\Users\gh\Downloads\Trigon.zip
2019-04-06 15:17 - 2019-04-06 07:39 - 000012800 _____ C:\Users\gh\AppData\Local\Oise.exe
2019-04-06 15:12 - 2019-04-06 15:12 - 000000000 ____D C:\Program Files\NzRiZWUwMmEy
2019-04-06 14:53 - 2019-04-06 14:53 - 000003202 _____ C:\Windows\System32\Tasks\augsijBPpDWbmS
2019-04-06 14:53 - 2019-04-06 14:53 - 000002890 _____ C:\Windows\System32\Tasks\kQPOAcCRavYRc2
2019-04-06 14:53 - 2019-04-06 14:53 - 000002872 _____ C:\Windows\System32\Tasks\dudWmRhRoqsSawPzq2
2019-04-06 14:53 - 2019-04-06 14:53 - 000002860 _____ C:\Windows\System32\Tasks\esgLguAvYAzBucUaRbN2
2019-04-06 14:53 - 2019-04-06 14:53 - 000002850 _____ C:\Windows\System32\Tasks\AnVDoMYPdlSYoXw2
2019-04-06 14:52 - 2019-04-07 09:30 - 000003446 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 711520318
2019-04-06 14:52 - 2019-04-06 15:40 - 000000000 ____D C:\Program Files (x86)\ProxyGate
2019-04-06 14:52 - 2019-04-06 14:52 - 000000000 ____D C:\Users\gh\AppData\Roaming\Jetmedia
2019-04-06 14:51 - 2019-04-06 14:58 - 000000000 ____D C:\Users\gh\AppData\Roaming\MaxiBuy
2019-04-06 14:51 - 2019-04-06 14:51 - 000000000 ____D C:\Users\gh\AppData\Roaming\Python
2019-04-06 14:50 - 2019-04-06 14:50 - 000000290 __RSH C:\Users\gh\ntuser.pol
2019-04-06 14:48 - 2019-04-06 14:48 - 000000000 ____D C:\Users\gh\AppData\LocalLow\GEhHGYpyxLTaL
2019-04-06 14:46 - 2019-04-06 14:46 - 000003804 _____ C:\Windows\System32\Tasks\minerva-egosminerva-egos
2019-04-06 14:46 - 2019-04-06 14:46 - 000003802 _____ C:\Windows\System32\Tasks\uninterrupteduninterrupted
2019-04-06 14:46 - 2019-04-06 14:46 - 000003802 _____ C:\Windows\System32\Tasks\nucleonics surrenderingnucleonics surrendering
2019-04-06 14:46 - 2019-04-06 14:46 - 000003802 _____ C:\Windows\System32\Tasks\billows_bouvierbillows_bouvier
2019-04-06 14:46 - 2019-04-06 14:46 - 000003796 _____ C:\Windows\System32\Tasks\looterslooters
2019-04-06 14:46 - 2019-04-06 14:46 - 000003796 _____ C:\Windows\System32\Tasks\eyeshadeeyeshade
2019-04-06 14:46 - 2019-04-06 14:46 - 000003786 _____ C:\Windows\System32\Tasks\replies_overpayingreplies_overpaying
2019-04-06 14:46 - 2019-04-06 14:46 - 000003786 _____ C:\Windows\System32\Tasks\annika apaches monopolizedannika apaches monopolized
2019-04-06 14:44 - 2019-04-06 15:16 - 000000000 ____D C:\Windows\SysWOW64\SSL
2019-04-06 14:44 - 2019-04-06 14:44 - 001335808 _____ C:\Windows\usqehjfuoqimx.usqeh
2019-04-06 07:39 - 2019-04-06 07:39 - 000012800 _____ C:\Windows\xia.exe
2019-04-05 20:01 - 2019-04-05 20:01 - 001774165 _____ C:\Users\gh\Downloads\OptiFine_1.7.10_HD_U_E7.jar
2019-04-05 19:42 - 2019-04-05 19:42 - 003404723 _____ C:\Users\gh\Downloads\forge-1.7.10-10.13.4.1558-1.7.10-installer-win.exe
2019-04-05 18:53 - 2019-04-05 18:54 - 146243423 _____ C:\Users\gh\Downloads\Decimation.jar
2019-04-05 01:33 - 2019-04-05 01:33 - 001681920 _____ C:\Windows\OGQ3MDdhODIxY.exe
2019-04-05 01:33 - 2019-04-05 01:33 - 000238360 _____ C:\Windows\system32\Drivers\MGEzY
2019-04-05 01:33 - 2019-04-05 01:33 - 000111040 _____ C:\Windows\uninstaller.dat
2019-04-03 23:28 - 2019-04-03 23:28 - 000000000 ____D C:\Users\gh\AppData\Roaming\Frontwing
2019-04-03 23:23 - 2019-04-03 23:27 - 000000000 ____D C:\Users\gh\Desktop\Grisaia 
EmptyTemp:
RemoveProxy:
Reboot:

Une fois, le texte collé dans le Bloc-notes,
Menu "Fichier" puis "Enregistrer sous",
A gauche, place toi sur le Bureau,
Dans le champs en bas, nom du fichier mets : fixlist.txt
Clique sur "Enregistrer", cela va créer fixlist.txt sur le Bureau.

Relance FRST et clique sur le bouton "Corriger / Fix"
Un redémarrage sera peut-être nécessaire ( pas obligatoire )
Un fichier texte apparait, copie/colle le contenu ici dans un nouveau message.

Redémarre l'ordinateur.


2) réinitialiser les navigateurs:
==================================
Réinitialise tes navigateurs et/ou re-paramètre manuellement tes navigateurs WEB ( page de démarrage, moteur de recherche, etc ) mais aussi supprimer/désactiver les extensions inutiles/parasites.
Pour t'aider à effectuer ce ménage, clique ci-dessous sur le nom du navigateur WEB que tu utilises :
* Réinitialiser et réparer Mozilla Firefox
* Réinitialiser et réparer Google Chrome
* Réinitialiser et réparer Internet Explorer
(Ne pas utiliser Zeok)

3)
Termine par un nettoyage Malwarebytes Anti-Malware (MBAM) version gratuite
Evite les analyses et nettoyages réguliers ZHPCleaner, AdwCleaner, pas utile.

[Seliatrop]

Merci beaucoup

[Malekal_morte]

de rien =)