Bonjour,
J'utilise windows 7 sur mon pc et depuis un temps la machine est devenu très lente, lorsque je lance un programme il s'ouvre après une dizaine de minutes soit il ne s'ouvre pas du tout ,mes exécutable pèsent 0 Ko après que je les ai télécharger et le curseur perd de plus en plus le contrôle.J'ai fait un scan avec FRST voici le résultat :
https://pjjoint.malekal.com/files.php?i ... 10x5v14t12
https://pjjoint.malekal.com/files.php?i ... l9x7d12q15
https://pjjoint.malekal.com/files.php?i ... x7d13u11x9
Je ne sais pas quoi en faire et j'ai besoin d'aide.
Merci d'avance
SOS! Ma machine est infecté
Modérateurs : Mods Windows, Helper
- Messages : 114087
- Inscription : 10 sept. 2005 13:57
Re: SOS! Ma machine est infecté
Salut,
Désinstalle :
donc les applications ne fonctionnent plus.
Voici la correction à effectuer avec FRST. Tu peux t'aider de cette Voici la correction à effectuer avec FRST. Tu peux t'aider de cette #fix note explicative avec des captures d'écran.
Relance FRST puis sur ton clavier appuyer sur la touche CTRL + Y.
Le bloc-note va s'ouvrir, copie/colle ceci.
Ferme le bloc-note, retourne sur FRST et clique sur le bouton "Corriger / Fix"
Un redémarrage sera peut-être nécessaire et automatique.
Un fichier texte apparaît, copie/colle le contenu ici dans un nouveau message.
Redémarre l'ordinateur.
(L'ordinateur peut redémarrer tout seul, si le rapport de correction ne s'ouvre pas, cherche un fichier fixlog.txt qui se trouve dans le même dossier que FRST)
2)
Pour te protéger des infections amovibles type Wscript (Windows Script Host) et virus sur clé usb.
Télécharger et installer Marmiton
Clic sur Désactiver au niveau de Windows Script Host puis modifier pour prendre en compte les modifications.
Marmiton va bloquer les scripts malicieux (VBS, VBE, JavaScript etc).
3)
Pas d'antivirus installé.
Installe Kaspersky Free : https://www.malekal.com/kaspersky-free/
Analyse ton ordinateur et tes clés USB.
Désinstalle :
Il en ressort que tu as des infections amovibles dont une qui met les fichiers .exe à 0 octetFixCleaner
Java
TuneUp Utilities
WinPcap
donc les applications ne fonctionnent plus.
Voici la correction à effectuer avec FRST. Tu peux t'aider de cette Voici la correction à effectuer avec FRST. Tu peux t'aider de cette #fix note explicative avec des captures d'écran.
Relance FRST puis sur ton clavier appuyer sur la touche CTRL + Y.
Le bloc-note va s'ouvrir, copie/colle ceci.
Code : Tout sélectionner
CreateRestorePoint:
CloseProcesses:
C:\boots
HKU\S-1-5-21-2043484414-1554289357-1138519058-1000\...\Run: [syswin] => C:\boots\syswin.exe [4730812 2018-07-17] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\errorlog.txt [2018-05-26] ()
Startup: C:\Users\MARYSE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\errorlog.txt [2018-05-26] ()
Toolbar: HKU\S-1-5-21-2043484414-1554289357-1138519058-1000 -> No Name - {044C0939-9D32-4245-AB7D-DA37F0A7B448} - No File
Toolbar: HKU\S-1-5-21-2043484414-1554289357-1138519058-1000 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1413561713&from=pjr&uid=SAMSUNGXHM250HI_S24FJ90Z800142
2018-08-14 14:01 - 2018-08-14 14:01 - 000000000 ____D C:\Users\MARYSE\AppData\Roaming\McAfee Safe Connect
2018-08-14 14:01 - 2018-08-14 14:01 - 000000000 ____D C:\Users\MARYSE\AppData\Local\McAfee_Inc
2018-08-14 13:53 - 2018-08-29 14:24 - 000000000 ____D C:\Program Files (x86)\McAfee Safe Connect
2018-08-14 13:43 - 2018-08-17 08:35 - 000004496 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-08-14 13:43 - 2018-08-14 13:43 - 000004650 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-08-14 13:36 - 2018-08-14 14:56 - 000000000 _____ C:\Users\MARYSE\Downloads\flashplayer30pp_ka_install.exe
2018-08-14 13:19 - 2018-08-14 13:22 - 043011533 _____ C:\Users\MARYSE\Downloads\Analyse Numérique SMP3 _ Factorisation de Cholesky.mp4
2018-08-14 02:38 - 2018-08-14 02:38 - 000000000 ____D C:\4122b655405f63fdf574
2016-04-18 14:44 - 2016-04-18 14:44 - 000000121 _____ () C:\Users\MARYSE\teste.bat
2014-04-17 19:08 - 2011-10-10 06:45 - 000000038 ____R () C:\Program Files (x86)\Gyoza.bat
2014-04-17 19:08 - 2011-10-10 06:45 - 000000377 ____R () C:\Program Files (x86)\Gyoza.ini
2014-04-17 19:08 - 2011-10-10 06:45 - 000002829 ____R () C:\Program Files (x86)\GYOZA.PIF
2014-04-17 19:08 - 2011-10-10 06:45 - 003161874 ____R (Macromedia, Inc.) C:\Program Files (x86)\KillApp.exe
2014-04-17 19:08 - 2011-10-10 06:45 - 003438766 ____R (Macromedia, Inc.) C:\Program Files (x86)\Uninstall.exe
2018-06-15 01:24 - 2001-05-24 12:59 - 000162304 _____ () C:\Program Files (x86)\UNWISE.EXE
2014-04-17 19:08 - 2011-10-10 06:45 - 003065812 ____R (Macromedia, Inc.) C:\Program Files (x86)\Votre santé au quotidien.exe
2014-04-17 19:08 - 2011-10-10 06:45 - 000021630 ____R () C:\Program Files (x86)\Votre santé au quotidien.ico
2016-10-04 04:21 - 2016-10-04 04:21 - 000140288 _____ () C:\Users\MARYSE\AppData\Roaming\Installer.dat
2014-04-25 17:12 - 2018-08-06 21:53 - 000002464 _____ () C:\Users\MARYSE\AppData\Roaming\Rim.Desktop.Exception.log
2014-04-25 17:11 - 2016-06-11 05:57 - 000002257 _____ () C:\Users\MARYSE\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2014-04-25 17:12 - 2018-08-06 21:53 - 000002541 _____ () C:\Users\MARYSE\AppData\Roaming\Rim.DesktopHelper.Exception.log
2016-06-19 05:05 - 2018-08-06 21:53 - 000000539 _____ () C:\Users\MARYSE\AppData\Roaming\Rim.Transcoder.Exception.log
2016-07-13 05:11 - 2016-07-13 05:12 - 000001181 _____ () C:\Users\MARYSE\AppData\Roaming\trace_FilterInstaller.txt
2016-07-13 05:11 - 2016-07-13 05:11 - 000000000 _____ () C:\Users\MARYSE\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2018-06-26 08:08 - 2018-06-26 08:08 - 000000000 ____H () C:\Users\MARYSE\AppData\Local\BITE39B.tmp
2014-02-27 11:38 - 2018-08-06 20:43 - 000042496 _____ () C:\Users\MARYSE\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-07-16 13:06 - 2016-07-16 13:06 - 000000218 _____ () C:\Users\MARYSE\AppData\Local\recently-used.xbel
2014-05-21 02:01 - 2017-11-17 20:21 - 000007602 _____ () C:\Users\MARYSE\AppData\Local\Resmon.ResmonCfg
2016-10-04 04:22 - 2017-12-14 22:22 - 000000000 _____ () C:\Users\MARYSE\AppData\Local\TempOneClickRoot.exe
2016-10-04 02:20 - 2016-10-04 02:30 - 000000166 _____ () C:\Users\MARYSE\AppData\Local\uts.ini
2018-07-29 18:02 - 2018-07-29 18:02 - 000000000 _____ () C:\Users\MARYSE\AppData\Local\zenmap.exe.log
2018-01-29 08:30 - 2018-01-29 08:30 - 000000000 _____ () C:\Users\MARYSE\AppData\Local\{3BE280BE-3C99-4173-BE86-1A586DDAEF01}
2018-06-04 01:16 - 2018-06-04 01:16 - 000000000 _____ () C:\Users\MARYSE\AppData\Local\{76BC1E4E-11D0-427D-AE20-C91AF9C128FC}
2018-08-01 12:31 - 2018-08-01 12:31 - 000000000 _____ () C:\Users\MARYSE\AppData\Local\{83BDC7B6-33F4-4AAB-A8C3-750853E4BE35}
2018-03-17 10:04 - 2018-03-17 10:04 - 000000000 _____ () C:\Users\MARYSE\AppData\Local\{CFA1D7A9-7974-4361-B312-93F595F54F4D}
2018-04-16 17:03 - 2018-04-16 17:03 - 000000000 _____ () C:\Users\MARYSE\AppData\Local\{D40E31A0-BFDC-488B-802E-B61F30892F30}
2018-06-26 08:07 - 2018-06-26 08:08 - 000000000 _____ () C:\Users\MARYSE\AppData\Local\{D5F58C92-4587-4302-B967-0159B4CEAD8D}
2018-05-09 08:17 - 2018-05-09 08:17 - 000000000 _____ () C:\Users\MARYSE\AppData\Local\{F4C04C9E-2D4E-4EF3-A094-E6A15F6FBB95}
2018-03-25 22:43 - 2018-03-25 22:43 - 000000000 _____ () C:\Users\MARYSE\AppData\Local\{FDC25A8A-8CA3-43FB-9C51-DA85A5CC47E9}
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Hosts:
EmptyTemp:
RemoveProxy:
Reboot:Un redémarrage sera peut-être nécessaire et automatique.
Un fichier texte apparaît, copie/colle le contenu ici dans un nouveau message.
Redémarre l'ordinateur.
(L'ordinateur peut redémarrer tout seul, si le rapport de correction ne s'ouvre pas, cherche un fichier fixlog.txt qui se trouve dans le même dossier que FRST)
2)
Pour te protéger des infections amovibles type Wscript (Windows Script Host) et virus sur clé usb.
Télécharger et installer Marmiton
Clic sur Désactiver au niveau de Windows Script Host puis modifier pour prendre en compte les modifications.
Marmiton va bloquer les scripts malicieux (VBS, VBE, JavaScript etc).
3)
Pas d'antivirus installé.
Installe Kaspersky Free : https://www.malekal.com/kaspersky-free/
Analyse ton ordinateur et tes clés USB.
Première règle élémentaire de sécurité : on réfléchit puis on clic et pas l'inverse - Les fichiers/programmes c'est comme les bonbons, quand ça vient d'un inconnu, on n'accepte pas !
➔ Comment protéger son PC des virus
➔ Windows 11 : Compatibilité, Configuration minimale requise, télécharger ISO et installer Windows 11
Comment demander de l'aide sur le forum
Partagez malekal.com : n'hésitez pas à partager les articles qui vous plaisent sur la page Facebook du site.
➔ Comment protéger son PC des virus
➔ Windows 11 : Compatibilité, Configuration minimale requise, télécharger ISO et installer Windows 11
Comment demander de l'aide sur le forum
Partagez malekal.com : n'hésitez pas à partager les articles qui vous plaisent sur la page Facebook du site.
Re: SOS! Ma machine est infecté
Voici le fichier texte qui apparaît
Fix result of Farbar Recovery Scan Tool (x64) Version: 09.09.2018
Ran by MARYSE (09-09-2018 21:52:02) Run:1
Running from C:\Users\MARYSE\Downloads
Loaded Profiles: MARYSE (Available Profiles: MARYSE & Guest)
Boot Mode: Normal
==============================================
fixlist content:
*****************
CreateRestorePoint:
CloseProcesses:
C:\boots
HKU\S-1-5-21-2043484414-1554289357-1138519058-1000\...\Run: [syswin] => C:\boots\syswin.exe [4730812 2018-07-17] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\errorlog.txt [2018-05-26] ()
Startup: C:\Users\MARYSE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\errorlog.txt [2018-05-26] ()
Toolbar: HKU\S-1-5-21-2043484414-1554289357-1138519058-1000 -> No Name - {044C0939-9D32-4245-AB7D-DA37F0A7B448} - No File
Toolbar: HKU\S-1-5-21-2043484414-1554289357-1138519058-1000 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1413561713&from=pjr&uid=SAMSUNGXHM250HI_S24FJ90Z800142
2018-08-14 14:01 - 2018-08-14 14:01 - 000000000 ____D C:\Users\MARYSE\AppData\Roaming\McAfee Safe Connect
2018-08-14 14:01 - 2018-08-14 14:01 - 000000000 ____D C:\Users\MARYSE\AppData\Local\McAfee_Inc
2018-08-14 13:53 - 2018-08-29 14:24 - 000000000 ____D C:\Program Files (x86)\McAfee Safe Connect
2018-08-14 13:43 - 2018-08-17 08:35 - 000004496 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-08-14 13:43 - 2018-08-14 13:43 - 000004650 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-08-14 13:36 - 2018-08-14 14:56 - 000000000 _____ C:\Users\MARYSE\Downloads\flashplayer30pp_ka_install.exe
2018-08-14 13:19 - 2018-08-14 13:22 - 043011533 _____ C:\Users\MARYSE\Downloads\Analyse Numérique SMP3 _ Factorisation de Cholesky.mp4
2018-08-14 02:38 - 2018-08-14 02:38 - 000000000 ____D C:\4122b655405f63fdf574
2016-04-18 14:44 - 2016-04-18 14:44 - 000000121 _____ () C:\Users\MARYSE\teste.bat
2014-04-17 19:08 - 2011-10-10 06:45 - 000000038 ____R () C:\Program Files (x86)\Gyoza.bat
2014-04-17 19:08 - 2011-10-10 06:45 - 000000377 ____R () C:\Program Files (x86)\Gyoza.ini
2014-04-17 19:08 - 2011-10-10 06:45 - 000002829 ____R () C:\Program Files (x86)\GYOZA.PIF
2014-04-17 19:08 - 2011-10-10 06:45 - 003161874 ____R (Macromedia, Inc.) C:\Program Files (x86)\KillApp.exe
2014-04-17 19:08 - 2011-10-10 06:45 - 003438766 ____R (Macromedia, Inc.) C:\Program Files (x86)\Uninstall.exe
2018-06-15 01:24 - 2001-05-24 12:59 - 000162304 _____ () C:\Program Files (x86)\UNWISE.EXE
2014-04-17 19:08 - 2011-10-10 06:45 - 003065812 ____R (Macromedia, Inc.) C:\Program Files (x86)\Votre santé au quotidien.exe
2014-04-17 19:08 - 2011-10-10 06:45 - 000021630 ____R () C:\Program Files (x86)\Votre santé au quotidien.ico
2016-10-04 04:21 - 2016-10-04 04:21 - 000140288 _____ () C:\Users\MARYSE\AppData\Roaming\Installer.dat
2014-04-25 17:12 - 2018-08-06 21:53 - 000002464 _____ () C:\Users\MARYSE\AppData\Roaming\Rim.Desktop.Exception.log
2014-04-25 17:11 - 2016-06-11 05:57 - 000002257 _____ () C:\Users\MARYSE\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2014-04-25 17:12 - 2018-08-06 21:53 - 000002541 _____ () C:\Users\MARYSE\AppData\Roaming\Rim.DesktopHelper.Exception.log
2016-06-19 05:05 - 2018-08-06 21:53 - 000000539 _____ () C:\Users\MARYSE\AppData\Roaming\Rim.Transcoder.Exception.log
2016-07-13 05:11 - 2016-07-13 05:12 - 000001181 _____ () C:\Users\MARYSE\AppData\Roaming\trace_FilterInstaller.txt
2016-07-13 05:11 - 2016-07-13 05:11 - 000000000 _____ () C:\Users\MARYSE\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2018-06-26 08:08 - 2018-06-26 08:08 - 000000000 ____H () C:\Users\MARYSE\AppData\Local\BITE39B.tmp
2014-02-27 11:38 - 2018-08-06 20:43 - 000042496 _____ () C:\Users\MARYSE\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-07-16 13:06 - 2016-07-16 13:06 - 000000218 _____ () C:\Users\MARYSE\AppData\Local\recently-used.xbel
2014-05-21 02:01 - 2017-11-17 20:21 - 000007602 _____ () C:\Users\MARYSE\AppData\Local\Resmon.ResmonCfg
2016-10-04 04:22 - 2017-12-14 22:22 - 000000000 _____ () C:\Users\MARYSE\AppData\Local\TempOneClickRoot.exe
2016-10-04 02:20 - 2016-10-04 02:30 - 000000166 _____ () C:\Users\MARYSE\AppData\Local\uts.ini
2018-07-29 18:02 - 2018-07-29 18:02 - 000000000 _____ () C:\Users\MARYSE\AppData\Local\zenmap.exe.log
2018-01-29 08:30 - 2018-01-29 08:30 - 000000000 _____ () C:\Users\MARYSE\AppData\Local\{3BE280BE-3C99-4173-BE86-1A586DDAEF01}
2018-06-04 01:16 - 2018-06-04 01:16 - 000000000 _____ () C:\Users\MARYSE\AppData\Local\{76BC1E4E-11D0-427D-AE20-C91AF9C128FC}
2018-08-01 12:31 - 2018-08-01 12:31 - 000000000 _____ () C:\Users\MARYSE\AppData\Local\{83BDC7B6-33F4-4AAB-A8C3-750853E4BE35}
2018-03-17 10:04 - 2018-03-17 10:04 - 000000000 _____ () C:\Users\MARYSE\AppData\Local\{CFA1D7A9-7974-4361-B312-93F595F54F4D}
2018-04-16 17:03 - 2018-04-16 17:03 - 000000000 _____ () C:\Users\MARYSE\AppData\Local\{D40E31A0-BFDC-488B-802E-B61F30892F30}
2018-06-26 08:07 - 2018-06-26 08:08 - 000000000 _____ () C:\Users\MARYSE\AppData\Local\{D5F58C92-4587-4302-B967-0159B4CEAD8D}
2018-05-09 08:17 - 2018-05-09 08:17 - 000000000 _____ () C:\Users\MARYSE\AppData\Local\{F4C04C9E-2D4E-4EF3-A094-E6A15F6FBB95}
2018-03-25 22:43 - 2018-03-25 22:43 - 000000000 _____ () C:\Users\MARYSE\AppData\Local\{FDC25A8A-8CA3-43FB-9C51-DA85A5CC47E9}
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Hosts:
EmptyTemp:
RemoveProxy:
Reboot:
*****************
Restore point was successfully created.
Processes closed successfully.
C:\boots => moved successfully
"HKU\S-1-5-21-2043484414-1554289357-1138519058-1000\Software\Microsoft\Windows\CurrentVersion\Run\\syswin" => removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\errorlog.txt => moved successfully
C:\Users\MARYSE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\errorlog.txt => moved successfully
"HKU\S-1-5-21-2043484414-1554289357-1138519058-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{044C0939-9D32-4245-AB7D-DA37F0A7B448}" => removed successfully
HKLM\Software\Classes\CLSID\{044C0939-9D32-4245-AB7D-DA37F0A7B448} => not found
"HKU\S-1-5-21-2043484414-1554289357-1138519058-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}" => removed successfully
HKLM\Software\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} => not found
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => value restored successfully
C:\Users\MARYSE\AppData\Roaming\McAfee Safe Connect => moved successfully
C:\Users\MARYSE\AppData\Local\McAfee_Inc => moved successfully
C:\Program Files (x86)\McAfee Safe Connect => moved successfully
C:\Windows\System32\Tasks\Adobe Flash Player Updater => moved successfully
C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier => moved successfully
"C:\Users\MARYSE\Downloads\flashplayer30pp_ka_install.exe" => not found
"C:\Users\MARYSE\Downloads\Analyse Numérique SMP3 _ Factorisation de Cholesky.mp4" => not found
C:\4122b655405f63fdf574 => moved successfully
C:\Users\MARYSE\teste.bat => moved successfully
C:\Program Files (x86)\Gyoza.bat => moved successfully
C:\Program Files (x86)\Gyoza.ini => moved successfully
C:\Program Files (x86)\GYOZA.PIF => moved successfully
C:\Program Files (x86)\KillApp.exe => moved successfully
C:\Program Files (x86)\Uninstall.exe => moved successfully
C:\Program Files (x86)\UNWISE.EXE => moved successfully
C:\Program Files (x86)\Votre santé au quotidien.exe => moved successfully
C:\Program Files (x86)\Votre santé au quotidien.ico => moved successfully
C:\Users\MARYSE\AppData\Roaming\Installer.dat => moved successfully
C:\Users\MARYSE\AppData\Roaming\Rim.Desktop.Exception.log => moved successfully
C:\Users\MARYSE\AppData\Roaming\Rim.Desktop.HttpServerSetup.log => moved successfully
C:\Users\MARYSE\AppData\Roaming\Rim.DesktopHelper.Exception.log => moved successfully
C:\Users\MARYSE\AppData\Roaming\Rim.Transcoder.Exception.log => moved successfully
C:\Users\MARYSE\AppData\Roaming\trace_FilterInstaller.txt => moved successfully
C:\Users\MARYSE\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt => moved successfully
C:\Users\MARYSE\AppData\Local\BITE39B.tmp => moved successfully
C:\Users\MARYSE\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
C:\Users\MARYSE\AppData\Local\recently-used.xbel => moved successfully
C:\Users\MARYSE\AppData\Local\Resmon.ResmonCfg => moved successfully
C:\Users\MARYSE\AppData\Local\TempOneClickRoot.exe => moved successfully
C:\Users\MARYSE\AppData\Local\uts.ini => moved successfully
C:\Users\MARYSE\AppData\Local\zenmap.exe.log => moved successfully
C:\Users\MARYSE\AppData\Local\{3BE280BE-3C99-4173-BE86-1A586DDAEF01} => moved successfully
C:\Users\MARYSE\AppData\Local\{76BC1E4E-11D0-427D-AE20-C91AF9C128FC} => moved successfully
C:\Users\MARYSE\AppData\Local\{83BDC7B6-33F4-4AAB-A8C3-750853E4BE35} => moved successfully
C:\Users\MARYSE\AppData\Local\{CFA1D7A9-7974-4361-B312-93F595F54F4D} => moved successfully
C:\Users\MARYSE\AppData\Local\{D40E31A0-BFDC-488B-802E-B61F30892F30} => moved successfully
C:\Users\MARYSE\AppData\Local\{D5F58C92-4587-4302-B967-0159B4CEAD8D} => moved successfully
C:\Users\MARYSE\AppData\Local\{F4C04C9E-2D4E-4EF3-A094-E6A15F6FBB95} => moved successfully
C:\Users\MARYSE\AppData\Local\{FDC25A8A-8CA3-43FB-9C51-DA85A5CC47E9} => moved successfully
"HKLM\SOFTWARE\Policies\Google" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
========= RemoveProxy: =========
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-2043484414-1554289357-1138519058-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-2043484414-1554289357-1138519058-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
========= End of RemoveProxy: =========
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 25881078 B
Java, Flash, Steam htmlcache => 291 B
Windows/system/drivers => 9389697 B
Edge => 0 B
Chrome => 422973490 B
Firefox => 35536884 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 33253 B
systemprofile32 => 36857 B
LocalService => 0 B
NetworkService => 2849868 B
MARYSE => 5799248 B
Guest.MARYSE-PC => 77913 B
RecycleBin => 25095091 B
EmptyTemp: => 511.2 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 21:55:56 ====
Fix result of Farbar Recovery Scan Tool (x64) Version: 09.09.2018
Ran by MARYSE (09-09-2018 21:52:02) Run:1
Running from C:\Users\MARYSE\Downloads
Loaded Profiles: MARYSE (Available Profiles: MARYSE & Guest)
Boot Mode: Normal
==============================================
fixlist content:
*****************
CreateRestorePoint:
CloseProcesses:
C:\boots
HKU\S-1-5-21-2043484414-1554289357-1138519058-1000\...\Run: [syswin] => C:\boots\syswin.exe [4730812 2018-07-17] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\errorlog.txt [2018-05-26] ()
Startup: C:\Users\MARYSE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\errorlog.txt [2018-05-26] ()
Toolbar: HKU\S-1-5-21-2043484414-1554289357-1138519058-1000 -> No Name - {044C0939-9D32-4245-AB7D-DA37F0A7B448} - No File
Toolbar: HKU\S-1-5-21-2043484414-1554289357-1138519058-1000 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1413561713&from=pjr&uid=SAMSUNGXHM250HI_S24FJ90Z800142
2018-08-14 14:01 - 2018-08-14 14:01 - 000000000 ____D C:\Users\MARYSE\AppData\Roaming\McAfee Safe Connect
2018-08-14 14:01 - 2018-08-14 14:01 - 000000000 ____D C:\Users\MARYSE\AppData\Local\McAfee_Inc
2018-08-14 13:53 - 2018-08-29 14:24 - 000000000 ____D C:\Program Files (x86)\McAfee Safe Connect
2018-08-14 13:43 - 2018-08-17 08:35 - 000004496 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-08-14 13:43 - 2018-08-14 13:43 - 000004650 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-08-14 13:36 - 2018-08-14 14:56 - 000000000 _____ C:\Users\MARYSE\Downloads\flashplayer30pp_ka_install.exe
2018-08-14 13:19 - 2018-08-14 13:22 - 043011533 _____ C:\Users\MARYSE\Downloads\Analyse Numérique SMP3 _ Factorisation de Cholesky.mp4
2018-08-14 02:38 - 2018-08-14 02:38 - 000000000 ____D C:\4122b655405f63fdf574
2016-04-18 14:44 - 2016-04-18 14:44 - 000000121 _____ () C:\Users\MARYSE\teste.bat
2014-04-17 19:08 - 2011-10-10 06:45 - 000000038 ____R () C:\Program Files (x86)\Gyoza.bat
2014-04-17 19:08 - 2011-10-10 06:45 - 000000377 ____R () C:\Program Files (x86)\Gyoza.ini
2014-04-17 19:08 - 2011-10-10 06:45 - 000002829 ____R () C:\Program Files (x86)\GYOZA.PIF
2014-04-17 19:08 - 2011-10-10 06:45 - 003161874 ____R (Macromedia, Inc.) C:\Program Files (x86)\KillApp.exe
2014-04-17 19:08 - 2011-10-10 06:45 - 003438766 ____R (Macromedia, Inc.) C:\Program Files (x86)\Uninstall.exe
2018-06-15 01:24 - 2001-05-24 12:59 - 000162304 _____ () C:\Program Files (x86)\UNWISE.EXE
2014-04-17 19:08 - 2011-10-10 06:45 - 003065812 ____R (Macromedia, Inc.) C:\Program Files (x86)\Votre santé au quotidien.exe
2014-04-17 19:08 - 2011-10-10 06:45 - 000021630 ____R () C:\Program Files (x86)\Votre santé au quotidien.ico
2016-10-04 04:21 - 2016-10-04 04:21 - 000140288 _____ () C:\Users\MARYSE\AppData\Roaming\Installer.dat
2014-04-25 17:12 - 2018-08-06 21:53 - 000002464 _____ () C:\Users\MARYSE\AppData\Roaming\Rim.Desktop.Exception.log
2014-04-25 17:11 - 2016-06-11 05:57 - 000002257 _____ () C:\Users\MARYSE\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2014-04-25 17:12 - 2018-08-06 21:53 - 000002541 _____ () C:\Users\MARYSE\AppData\Roaming\Rim.DesktopHelper.Exception.log
2016-06-19 05:05 - 2018-08-06 21:53 - 000000539 _____ () C:\Users\MARYSE\AppData\Roaming\Rim.Transcoder.Exception.log
2016-07-13 05:11 - 2016-07-13 05:12 - 000001181 _____ () C:\Users\MARYSE\AppData\Roaming\trace_FilterInstaller.txt
2016-07-13 05:11 - 2016-07-13 05:11 - 000000000 _____ () C:\Users\MARYSE\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2018-06-26 08:08 - 2018-06-26 08:08 - 000000000 ____H () C:\Users\MARYSE\AppData\Local\BITE39B.tmp
2014-02-27 11:38 - 2018-08-06 20:43 - 000042496 _____ () C:\Users\MARYSE\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-07-16 13:06 - 2016-07-16 13:06 - 000000218 _____ () C:\Users\MARYSE\AppData\Local\recently-used.xbel
2014-05-21 02:01 - 2017-11-17 20:21 - 000007602 _____ () C:\Users\MARYSE\AppData\Local\Resmon.ResmonCfg
2016-10-04 04:22 - 2017-12-14 22:22 - 000000000 _____ () C:\Users\MARYSE\AppData\Local\TempOneClickRoot.exe
2016-10-04 02:20 - 2016-10-04 02:30 - 000000166 _____ () C:\Users\MARYSE\AppData\Local\uts.ini
2018-07-29 18:02 - 2018-07-29 18:02 - 000000000 _____ () C:\Users\MARYSE\AppData\Local\zenmap.exe.log
2018-01-29 08:30 - 2018-01-29 08:30 - 000000000 _____ () C:\Users\MARYSE\AppData\Local\{3BE280BE-3C99-4173-BE86-1A586DDAEF01}
2018-06-04 01:16 - 2018-06-04 01:16 - 000000000 _____ () C:\Users\MARYSE\AppData\Local\{76BC1E4E-11D0-427D-AE20-C91AF9C128FC}
2018-08-01 12:31 - 2018-08-01 12:31 - 000000000 _____ () C:\Users\MARYSE\AppData\Local\{83BDC7B6-33F4-4AAB-A8C3-750853E4BE35}
2018-03-17 10:04 - 2018-03-17 10:04 - 000000000 _____ () C:\Users\MARYSE\AppData\Local\{CFA1D7A9-7974-4361-B312-93F595F54F4D}
2018-04-16 17:03 - 2018-04-16 17:03 - 000000000 _____ () C:\Users\MARYSE\AppData\Local\{D40E31A0-BFDC-488B-802E-B61F30892F30}
2018-06-26 08:07 - 2018-06-26 08:08 - 000000000 _____ () C:\Users\MARYSE\AppData\Local\{D5F58C92-4587-4302-B967-0159B4CEAD8D}
2018-05-09 08:17 - 2018-05-09 08:17 - 000000000 _____ () C:\Users\MARYSE\AppData\Local\{F4C04C9E-2D4E-4EF3-A094-E6A15F6FBB95}
2018-03-25 22:43 - 2018-03-25 22:43 - 000000000 _____ () C:\Users\MARYSE\AppData\Local\{FDC25A8A-8CA3-43FB-9C51-DA85A5CC47E9}
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Hosts:
EmptyTemp:
RemoveProxy:
Reboot:
*****************
Restore point was successfully created.
Processes closed successfully.
C:\boots => moved successfully
"HKU\S-1-5-21-2043484414-1554289357-1138519058-1000\Software\Microsoft\Windows\CurrentVersion\Run\\syswin" => removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\errorlog.txt => moved successfully
C:\Users\MARYSE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\errorlog.txt => moved successfully
"HKU\S-1-5-21-2043484414-1554289357-1138519058-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{044C0939-9D32-4245-AB7D-DA37F0A7B448}" => removed successfully
HKLM\Software\Classes\CLSID\{044C0939-9D32-4245-AB7D-DA37F0A7B448} => not found
"HKU\S-1-5-21-2043484414-1554289357-1138519058-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}" => removed successfully
HKLM\Software\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} => not found
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => value restored successfully
C:\Users\MARYSE\AppData\Roaming\McAfee Safe Connect => moved successfully
C:\Users\MARYSE\AppData\Local\McAfee_Inc => moved successfully
C:\Program Files (x86)\McAfee Safe Connect => moved successfully
C:\Windows\System32\Tasks\Adobe Flash Player Updater => moved successfully
C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier => moved successfully
"C:\Users\MARYSE\Downloads\flashplayer30pp_ka_install.exe" => not found
"C:\Users\MARYSE\Downloads\Analyse Numérique SMP3 _ Factorisation de Cholesky.mp4" => not found
C:\4122b655405f63fdf574 => moved successfully
C:\Users\MARYSE\teste.bat => moved successfully
C:\Program Files (x86)\Gyoza.bat => moved successfully
C:\Program Files (x86)\Gyoza.ini => moved successfully
C:\Program Files (x86)\GYOZA.PIF => moved successfully
C:\Program Files (x86)\KillApp.exe => moved successfully
C:\Program Files (x86)\Uninstall.exe => moved successfully
C:\Program Files (x86)\UNWISE.EXE => moved successfully
C:\Program Files (x86)\Votre santé au quotidien.exe => moved successfully
C:\Program Files (x86)\Votre santé au quotidien.ico => moved successfully
C:\Users\MARYSE\AppData\Roaming\Installer.dat => moved successfully
C:\Users\MARYSE\AppData\Roaming\Rim.Desktop.Exception.log => moved successfully
C:\Users\MARYSE\AppData\Roaming\Rim.Desktop.HttpServerSetup.log => moved successfully
C:\Users\MARYSE\AppData\Roaming\Rim.DesktopHelper.Exception.log => moved successfully
C:\Users\MARYSE\AppData\Roaming\Rim.Transcoder.Exception.log => moved successfully
C:\Users\MARYSE\AppData\Roaming\trace_FilterInstaller.txt => moved successfully
C:\Users\MARYSE\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt => moved successfully
C:\Users\MARYSE\AppData\Local\BITE39B.tmp => moved successfully
C:\Users\MARYSE\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
C:\Users\MARYSE\AppData\Local\recently-used.xbel => moved successfully
C:\Users\MARYSE\AppData\Local\Resmon.ResmonCfg => moved successfully
C:\Users\MARYSE\AppData\Local\TempOneClickRoot.exe => moved successfully
C:\Users\MARYSE\AppData\Local\uts.ini => moved successfully
C:\Users\MARYSE\AppData\Local\zenmap.exe.log => moved successfully
C:\Users\MARYSE\AppData\Local\{3BE280BE-3C99-4173-BE86-1A586DDAEF01} => moved successfully
C:\Users\MARYSE\AppData\Local\{76BC1E4E-11D0-427D-AE20-C91AF9C128FC} => moved successfully
C:\Users\MARYSE\AppData\Local\{83BDC7B6-33F4-4AAB-A8C3-750853E4BE35} => moved successfully
C:\Users\MARYSE\AppData\Local\{CFA1D7A9-7974-4361-B312-93F595F54F4D} => moved successfully
C:\Users\MARYSE\AppData\Local\{D40E31A0-BFDC-488B-802E-B61F30892F30} => moved successfully
C:\Users\MARYSE\AppData\Local\{D5F58C92-4587-4302-B967-0159B4CEAD8D} => moved successfully
C:\Users\MARYSE\AppData\Local\{F4C04C9E-2D4E-4EF3-A094-E6A15F6FBB95} => moved successfully
C:\Users\MARYSE\AppData\Local\{FDC25A8A-8CA3-43FB-9C51-DA85A5CC47E9} => moved successfully
"HKLM\SOFTWARE\Policies\Google" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
========= RemoveProxy: =========
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-2043484414-1554289357-1138519058-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-2043484414-1554289357-1138519058-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
========= End of RemoveProxy: =========
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 25881078 B
Java, Flash, Steam htmlcache => 291 B
Windows/system/drivers => 9389697 B
Edge => 0 B
Chrome => 422973490 B
Firefox => 35536884 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 33253 B
systemprofile32 => 36857 B
LocalService => 0 B
NetworkService => 2849868 B
MARYSE => 5799248 B
Guest.MARYSE-PC => 77913 B
RecycleBin => 25095091 B
EmptyTemp: => 511.2 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 21:55:56 ====
- Messages : 114087
- Inscription : 10 sept. 2005 13:57
Re: SOS! Ma machine est infecté
ok fais bien le reste =)
Première règle élémentaire de sécurité : on réfléchit puis on clic et pas l'inverse - Les fichiers/programmes c'est comme les bonbons, quand ça vient d'un inconnu, on n'accepte pas !
➔ Comment protéger son PC des virus
➔ Windows 11 : Compatibilité, Configuration minimale requise, télécharger ISO et installer Windows 11
Comment demander de l'aide sur le forum
Partagez malekal.com : n'hésitez pas à partager les articles qui vous plaisent sur la page Facebook du site.
➔ Comment protéger son PC des virus
➔ Windows 11 : Compatibilité, Configuration minimale requise, télécharger ISO et installer Windows 11
Comment demander de l'aide sur le forum
Partagez malekal.com : n'hésitez pas à partager les articles qui vous plaisent sur la page Facebook du site.
Re: SOS! Ma machine est infecté
J'ai terminer tout le processus . Ma machine est de nouveau sur pied et tout marche bien .
Merci beaucoup
Merci beaucoup
- Messages : 114087
- Inscription : 10 sept. 2005 13:57
Re: SOS! Ma machine est infecté
de rien =)
Supprime le dossier C:\FRST
Pour éviter les virus, il faut savoir comment les pirates s'y prennent pour infecter les ordinateurs : [https://www.malekal.com/comment-les-vir ... istribues/ Comment les virus informatiques sont distribués]
Supprime le dossier C:\FRST
Pour éviter les virus, il faut savoir comment les pirates s'y prennent pour infecter les ordinateurs : [https://www.malekal.com/comment-les-vir ... istribues/ Comment les virus informatiques sont distribués]
Première règle élémentaire de sécurité : on réfléchit puis on clic et pas l'inverse - Les fichiers/programmes c'est comme les bonbons, quand ça vient d'un inconnu, on n'accepte pas !
➔ Comment protéger son PC des virus
➔ Windows 11 : Compatibilité, Configuration minimale requise, télécharger ISO et installer Windows 11
Comment demander de l'aide sur le forum
Partagez malekal.com : n'hésitez pas à partager les articles qui vous plaisent sur la page Facebook du site.
➔ Comment protéger son PC des virus
➔ Windows 11 : Compatibilité, Configuration minimale requise, télécharger ISO et installer Windows 11
Comment demander de l'aide sur le forum
Partagez malekal.com : n'hésitez pas à partager les articles qui vous plaisent sur la page Facebook du site.
-
- Sujets similaires
- Réponses
- Vues
- Dernier message
-
- 15 Réponses
- 180 Vues
-
Dernier message par Wolfgaltier
-
- 5 Réponses
- 98 Vues
-
Dernier message par Malekal_morte
-
- 12 Réponses
- 269 Vues
-
Dernier message par Parisien_entraide
-
- 11 Réponses
- 169 Vues
-
Dernier message par Parisien_entraide
-
- 3 Réponses
- 197 Vues
-
Dernier message par mohamed ali