gros probleme virus infection help please

[zeltaa]

bonjour,

je suis actuellement infecté sur mon ordinateur j'ai besoin d'aide mon pc est très lent j'ai un trojan je crois

https://pjjoint.malekal.com/files.php?i ... p12h8w5g14
https://pjjoint.malekal.com/files.php?i ... 1g12x13c11
https://pjjoint.malekal.com/files.php?i ... 0x9q6g5j11



merci d'avance

[Malekal_morte]

Salut,

Ouaip bien infecté à cause de crack ou fichiers pris au pif.

A désinstaller :

Apowersoft
Avast (Windows Defender est plus léger)
Avast SecureLine
CyberGhost
DAEMON Tools Lite
SearchAwesome

Voici la correction à effectuer avec FRST. Tu peux t'aider de cette Voici la correction à effectuer avec FRST. Tu peux t'aider de cette #fix note explicative avec des captures d'écran.
Relance FRST puis sur ton clavier appuyer sur la touche CTRL + Y.
Le bloc-note va s'ouvrir, copie/colle ceci.

Code : Tout sélectionner

Start
CloseProcesses:
CreateRestorePoint:
2019-03-07 20:17 - 2019-03-07 20:17 - 007316688 _____ (Malwarebytes) C:\Users\vince\Downloads\adwcleaner_7.2.7.0(1).exe
2019-03-07 20:15 - 2019-03-07 20:16 - 007320272 _____ (Malwarebytes) C:\Users\vince\Downloads\adwcleaner_7.2.6.0 (1).exe
2019-03-07 20:13 - 2019-03-07 20:13 - 001895383 _____ C:\Users\vince\AppData\Local\Alphatom.bin
2019-03-07 20:13 - 2019-03-07 20:13 - 000619880 _____ (VxDriver) C:\WINDOWS\5744629EB647.sys
2019-03-07 20:13 - 2019-03-07 20:13 - 000003246 _____ C:\WINDOWS\System32\Tasks\corolina17
2019-03-07 20:13 - 2019-03-07 20:13 - 000003044 _____ C:\WINDOWS\System32\Tasks\nwgunOXjCbxKL2
2019-03-07 20:13 - 2019-03-07 20:13 - 000003034 _____ C:\WINDOWS\System32\Tasks\MHsfjoHBjBJoAwMyz2
2019-03-07 20:13 - 2019-03-07 20:13 - 000003026 _____ C:\WINDOWS\System32\Tasks\tFhvygztNQVmokWetdU2
2019-03-07 20:13 - 2019-03-07 20:13 - 000000266 ____H C:\WINDOWS\Tasks\corolina17.job
2019-03-07 20:13 - 2019-03-07 20:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Throttle
2019-03-07 20:13 - 2019-03-07 20:13 - 000000000 ____D C:\ProgramData\ijikmcb
2019-03-07 20:13 - 2019-03-07 20:13 - 000000000 ____D C:\ProgramData\DQtKumvopDKCWKVB
2019-03-07 20:13 - 2019-03-07 20:13 - 000000000 ____D C:\Program Files (x86)\PGWARE
2019-03-07 20:13 - 2019-03-07 20:13 - 000000000 ____D C:\Program Files (x86)\KfnsJXyRyJHoDyJWuMR
2019-03-07 20:13 - 2019-03-07 20:13 - 000000000 ____D C:\Program Files (x86)\bqzrWnnidGJDC
2019-03-07 20:12 - 2019-03-07 20:13 - 000003356 _____ C:\WINDOWS\System32\Tasks\JLSktnhopmhFxt
2019-03-07 20:12 - 2019-03-07 20:13 - 000000000 ____D C:\Program Files (x86)\SmartData
2019-03-07 20:12 - 2019-03-07 20:13 - 000000000 ____D C:\Program Files (x86)\EhGTHpYbMZVU2
2019-03-07 20:12 - 2019-03-07 20:13 - 000000000 ____D C:\Program Files (x86)\aeVSlgaHU
2019-03-07 20:12 - 2019-03-07 20:12 - 007888384 _____ C:\Users\vince\AppData\Local\agent.dat
2019-03-07 20:12 - 2019-03-07 20:12 - 002035993 _____ C:\Users\vince\AppData\Local\Spanron.tst
2019-03-07 20:12 - 2019-03-07 20:12 - 000278509 _____ C:\Users\vince\AppData\Local\TrippleSailstring.tst
2019-03-07 20:12 - 2019-03-07 20:12 - 000126464 _____ C:\Users\vince\AppData\Local\noah.dat
2019-03-07 20:12 - 2019-03-07 20:12 - 000070896 _____ C:\Users\vince\AppData\Local\Config.xml
2019-03-07 20:12 - 2019-03-07 20:12 - 000005568 _____ C:\Users\vince\AppData\Local\md.xml
2019-03-07 20:12 - 2019-03-07 20:12 - 000004020 _____ C:\WINDOWS\System32\Tasks\schematically demoss textuallyschematically demoss textually
2019-03-07 20:12 - 2019-03-07 20:12 - 000003970 _____ C:\WINDOWS\System32\Tasks\commends_peacekeepercommends_peacekeeper
2019-03-07 20:12 - 2019-03-07 20:12 - 000003966 _____ C:\WINDOWS\System32\Tasks\engrossing hilfigerengrossing hilfiger
2019-03-07 20:12 - 2019-03-07 20:12 - 000003952 _____ C:\WINDOWS\System32\Tasks\robins_killinrobins_killin
2019-03-07 20:12 - 2019-03-07 20:12 - 000003946 _____ C:\WINDOWS\System32\Tasks\subroto-summersubroto-summer
2019-03-07 20:12 - 2019-03-07 20:12 - 000003946 _____ C:\WINDOWS\System32\Tasks\kilogramskilograms
2019-03-07 20:12 - 2019-03-07 20:12 - 000003928 _____ C:\WINDOWS\System32\Tasks\copticcoptic
2019-03-07 20:12 - 2019-03-07 20:12 - 000003918 _____ C:\WINDOWS\System32\Tasks\anchormenanchormen
2019-03-07 20:12 - 2019-03-07 20:12 - 000003008 _____ C:\WINDOWS\System32\Tasks\QNMJEtYKScqTlLB2
2019-03-07 20:12 - 2019-03-07 20:12 - 000000012 _____ C:\WINDOWS\b21768884
2019-03-07 20:12 - 2019-03-07 20:12 - 000000000 ___HD C:\Program Files (x86)\situs
2019-03-07 20:12 - 2019-03-07 20:12 - 000000000 ___HD C:\Program Files (x86)\Dirge
2019-03-07 20:12 - 2019-03-07 20:12 - 000000000 ____D C:\Users\vince\AppData\Roaming\Python
2019-03-07 20:12 - 2019-03-07 20:12 - 000000000 ____D C:\ProgramData\{E326E5D7-A154-BAF8-2CBC-7B362C5B2267}
2019-03-07 20:12 - 2019-03-07 20:12 - 000000000 ____D C:\ProgramData\{A8E5D19E-951D-F13B-6588-B87D656FE12C}
2019-03-07 20:12 - 2019-03-07 20:12 - 000000000 ____D C:\Program Files (x86)\Tight
2019-03-07 20:12 - 2019-03-07 20:12 - 000000000 ____D C:\Program Files (x86)\tiara
2019-03-07 20:12 - 2019-03-07 20:12 - 000000000 ____D C:\Program Files (x86)\PdUEJHwTcIE
2019-03-07 20:12 - 2019-03-07 20:12 - 000000000 ____D C:\Program Files (x86)\NDeBlRjARAUn
2019-03-07 20:12 - 2019-03-07 20:12 - 000000000 ____D C:\Program Files (x86)\Fiberglass
2019-03-07 20:12 - 2019-03-07 20:12 - 000000000 ____D C:\Program Files (x86)\ecosystems
2019-03-07 20:12 - 2019-03-07 20:10 - 001632256 _____ (TODO: <Company name>) C:\Users\vince\AppData\Local\TrippleSailstring.exe
2019-03-07 20:12 - 2019-03-07 20:10 - 001632256 _____ (TODO: <Company name>) C:\Users\vince\AppData\Local\Spanron.exe
2019-03-07 20:11 - 2019-03-07 20:25 - 000003572 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 2796787680
2019-03-07 20:11 - 2019-03-07 20:21 - 000001546 _____ C:\WINDOWS\Tasks\Homeville.job
2019-03-07 20:11 - 2019-03-07 20:11 - 000013984 _____ C:\WINDOWS\System32\Tasks\Homeville
2019-03-07 20:11 - 2019-03-07 20:11 - 000000000 ____D C:\Program Files\Homeville
2019-03-07 20:10 - 2019-03-07 20:11 - 000001681 _____ C:\Users\vince\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Panda Forest Guard cleaner.lnk
2019-03-07 20:10 - 2019-03-07 20:10 - 000722944 _____ C:\Users\vince\AppData\Local\sha.db
2019-03-07 20:10 - 2019-03-07 20:10 - 000140800 _____ C:\Users\vince\AppData\Local\installer.dat
2019-03-07 20:10 - 2019-03-07 20:10 - 000000000 ____D C:\Program Files (x86)\foldershare
2019-03-07 20:09 - 2019-03-07 20:09 - 001743840 _____ C:\Users\vince\Downloads\csgo_cheat_7540d.zip
2019-03-07 20:08 - 2019-03-07 20:08 - 001462784 _____ C:\WINDOWS\thpuogibsbsagh.thp
2019-03-07 20:08 - 2019-03-07 20:08 - 000000000 ____D C:\Program Files\ZDUyNGZhMjc5ZmRkZT
2019-03-07 20:07 - 2019-03-07 20:07 - 000194048 _____ C:\Users\vince\AppData\Local\miakhad.dll
2019-03-07 20:07 - 2019-03-07 20:07 - 000015360 _____ C:\Users\vince\AppData\Local\ciksob.dll
2019-03-07 20:07 - 2019-03-07 20:07 - 000004096 _____ C:\Users\vince\AppData\Local\qq6b264507-ba91-4d85-86c9-1e827315cbe0.exe
2019-03-07 20:04 - 2019-03-07 20:04 - 001753774 _____ C:\Users\vince\Downloads\csgo_private_hack_v37_dbbc9.zip
2019-03-07 20:01 - 2019-03-07 20:01 - 001734165 _____ C:\Users\vince\Downloads\setup_1f3a5.zip
2019-03-07 19:56 - 2019-02-06 23:23 - 000000000 ____D C:\Users\vince\Desktop\Dura Menu Free
2019-03-07 19:53 - 2019-03-07 19:54 - 000697864 _____ C:\Users\vince\Downloads\Dura_Menu_Free.rar
2019-03-07 01:11 - 2019-03-07 01:11 - 000356079 _____ C:\Users\vince\Downloads\EZfrags.co.uk_csgo_multi_public (3).zip
2019-03-07 01:06 - 2017-06-02 07:40 - 000000815 _____ C:\Users\vince\Desktop\how to use.txt
2019-03-07 01:05 - 2019-03-07 01:05 - 000356079 _____ C:\Users\vince\Downloads\EZfrags.co.uk_csgo_multi_public.zip
2019-03-07 01:05 - 2019-03-07 01:05 - 000356079 _____ C:\Users\vince\Downloads\EZfrags.co.uk_csgo_multi_public (2).zip
2019-03-07 00:57 - 2019-03-07 00:57 - 001351168 _____ C:\Users\vince\Downloads\xanware.dll
2019-03-07 00:53 - 2019-03-07 00:53 - 002175976 _____ ( ) C:\Users\vince\Downloads\Non confirmé 402274.crdownload
2019-03-07 00:49 - 2019-03-07 00:49 - 000000070 _____ C:\Users\vince\Downloads\tempoarts_trollware.txt
2019-03-07 00:49 - 2019-03-07 00:49 - 000000070 _____ C:\Users\vince\Downloads\tempoarts_trollware (1).txt
2019-03-06 19:49 - 2019-03-06 19:49 - 001834496 _____ C:\WINDOWS\MjVjYjc.exe
2019-03-06 19:49 - 2019-03-06 19:49 - 000170928 _____ C:\WINDOWS\system32\Drivers\NjhhYWNiZTg
2019-03-06 19:49 - 2019-03-06 19:49 - 000101742 _____ C:\WINDOWS\uninstaller.dat
2019-03-05 17:27 - 2019-03-05 17:27 - 000000000 ____D C:\Users\vince\OneDrive\Documents\fightnrage_feedback
2019-03-05 17:27 - 2019-03-05 17:27 - 000000000 ____D C:\Users\vince\AppData\LocalLow\sebagamesdev
R1 NjhhYWNiZTg; \??\C:\WINDOWS\system32\drivers\NjhhYWNiZTg [X]
Task: {E18E5DEB-9CD0-4558-B34D-E2478EFFBF73} - System32\Tasks\Homeville => C:\Program Files\Homeville\Homeville.exe () [Fichier non signé] <==== ATTENTION
Task: {E19F57AF-B38C-4122-AD2C-F7219401DA9F} - System32\Tasks\MHsfjoHBjBJoAwMyz2 => rundll32 "C:\Program Files (x86)\KfnsJXyRyJHoDyJWuMR\NbeKyXY.dll",#1
Task: {A709CDBD-E6DB-47D1-BFA4-DD3EC4C7A973} - System32\Tasks\kilogramskilograms => C:\Program Files (x86)\Fiberglass\Synchronously.exe () [Fichier non signé]
Task: {9114B4F0-6346-4F46-9C68-68078AA5F960} - System32\Tasks\Opera scheduled Autoupdate 2796787680 => C:\Users\vince\AppData\Roaming\Microsoft\Windows\sgiddrjw\vvigfafh.exe () [Fichier non signé]
Task: {7F6A1FE4-B215-4BA2-9BCB-08FE51EB90A0} - System32\Tasks\anchormenanchormen => C:\Program Files (x86)\Tight\fone.exe () [Fichier non signé]
Task: {866C7E96-C088-4038-9561-28040EE8035B} - System32\Tasks\corolina17 => C:\ProgramData\ijikmcb\ehmkg.exe () [Fichier non signé]
Task: {6FFFD5E7-AAC6-4364-9403-DBC5C83F2D35} - System32\Tasks\tFhvygztNQVmokWetdU2 => rundll32 "C:\Program Files (x86)\bqzrWnnidGJDC\aIABAra.dll",#1
Task: {702E8598-153B-4CD6-A598-3E5986F16C8B} - System32\Tasks\QNMJEtYKScqTlLB2 => rundll32 "C:\Program Files (x86)\aeVSlgaHU\mRbORQ.dll",#1
Task: {54525EE0-3899-450F-B248-E26E58BA0C10} - System32\Tasks\nwgunOXjCbxKL2 => C:\WINDOWS\system32\wscript.exe "C:\ProgramData\DQtKumvopDKCWKVB\NliEfly.wsf"
Task: {406BB5D4-96CD-4033-A45D-09521629B893} - System32\Tasks\JLSktnhopmhFxt => rundll32 "C:\Program Files (x86)\EhGTHpYbMZVU2\CmrRkbcOIRyQM.dll",#1
Task: {3B7A45B3-D5B8-427A-A1C4-1F3973E150F8} - System32\Tasks\copticcoptic => C:\Program Files (x86)\ecosystems\ecosystems.exe () [Fichier non signé]
HKLM\...\Run: [Dioramas] => C:\Program Files (x86)\Fiberglass\Synchronously.exe [10240 2019-03-07] () [Fichier non signé]
HKLM\...\Run: [Cummerbunds] => C:\Program Files (x86)\tiara\Servings.exe [10240 2019-03-07] () [Fichier non signé]
HKLM\...\Run: [Lemurs] => C:\Program Files (x86)\Dirge\Synchronously.exe [10240 2019-03-07] () [Fichier non signé]
HKLM-x32\...\Run: [Cometh] => C:\Program Files (x86)\Fiberglass\Synchronously.exe [10240 2019-03-07] () [Fichier non signé]
HKLM-x32\...\Run: [Workflow] => C:\Program Files (x86)\tiara\Servings.exe [10240 2019-03-07] () [Fichier non signé]
HKLM-x32\...\Run: [Bossier] => C:\Program Files (x86)\Dirge\Synchronously.exe [10240 2019-03-07] () [Fichier non signé]
HKLM\...\RunOnce: [OMEWPRODUCT_] => C:\Program Files\MSBuild\ILO8ENO5DKOU34IM4T9XN53\IWuxdXk3cW.exe [69120 2019-03-07] (3) [Fichier non signé] <==== ATTENTION
HKU\S-1-5-21-999553329-3704910932-3797768191-1001\...\Run: [BingSvc] => C:\Users\vince\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (Microsoft Corporation -> © 2015 Microsoft Corporation)
Startup: C:\Users\vince\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\sgiddrjw.lnk [2019-03-07]
Startup: C:\Users\vince\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\sulking.lnk [2019-03-07]
ShortcutTarget: sulking.lnk -> C:\Program Files (x86)\Fiberglass\Synchronously.exe () [Fichier non signé]
Startup: C:\Users\vince\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\sulkingsulking.lnk [2019-03-07]
ShortcutTarget: sulkingsulking.lnk -> C:\Program Files (x86)\tiara\Servings.exe () [Fichier non signé]HKU\S-1-5-21-999553329-3704910932-3797768191-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4701888 2016-12-22] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-999553329-3704910932-3797768191-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3146016 2019-03-06] (Valve -> Valve Corporation)
HKU\S-1-5-21-999553329-3704910932-3797768191-1001\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 6\CyberGhost.exe [1248848 2017-08-31] (CyberGhost SRL -> CyberGhost S.A.)
HKU\S-1-5-21-999553329-3704910932-3797768191-1001\...\Run: [Bethesda.net] => H:\bethesda.net launcher\bethesdanetupdater.exe [1846464 2019-03-07] (Zenimax Media Inc. -> Bethesda Softworks)
HKU\S-1-5-21-999553329-3704910932-3797768191-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3113768 2019-03-05] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-999553329-3704910932-3797768191-1001\...\Run: [FACEIT] => C:\Users\vince\AppData\Local\FACEITApp\update.exe [2203584 2019-01-08] (FACE IT LIMITED -> )
HKU\S-1-5-21-999553329-3704910932-3797768191-1001\...\Run: [ciksob] => C:\Users\vince\AppData\Local\ciksob.dll [15360 2019-03-07] () [Fichier non signé] <==== ATTENTION
HKU\S-1-5-21-999553329-3704910932-3797768191-1001\...\Run: [xhou7bru1'.exe] => C:\Program Files\MSBuild\ILO8ENO5DKOU34IM4T9XN53\xhou7bru1'.exe [431104 2019-03-07] (5) [Fichier non signé]
HKU\S-1-5-21-999553329-3704910932-3797768191-1001\...\Run: [Disaffiliation] => C:\Program Files (x86)\Fiberglass\Synchronously.exe [10240 2019-03-07] () [Fichier non signé]
HKU\S-1-5-21-999553329-3704910932-3797768191-1001\...\Run: [Screeds] => C:\Program Files (x86)\tiara\Servings.exe [10240 2019-03-07] () [Fichier non signé]
HKU\S-1-5-21-999553329-3704910932-3797768191-1001\...\Run: [Quire] => C:\Program Files (x86)\Dirge\Synchronously.exe [10240 2019-03-07] () [Fichier non signé]
HKU\S-1-5-21-999553329-3704910932-3797768191-1001\...\Run: [Bitstream] => C:\Program Files (x86)\Fiberglass\Synchronously.exe [10240 2019-03-07] () [Fichier non signé]
HKU\S-1-5-21-999553329-3704910932-3797768191-1001\...\Run: [Shalt] => C:\Program Files (x86)\tiara\Servings.exe [10240 2019-03-07] () [Fichier non signé]
HKU\S-1-5-21-999553329-3704910932-3797768191-1001\...\Run: [Indemnity] => C:\Program Files (x86)\Dirge\Synchronously.exe [10240 2019-03-07] () [Fichier non signé]
HKU\S-1-5-21-999553329-3704910932-3797768191-1001\...\Run: [frights] => C:\Program Files (x86)\situs\frights.exe [49516 2019-03-07] () [Fichier non signé]
HKU\S-1-5-21-999553329-3704910932-3797768191-1001\...\Run: [milquetoast] => C:\Program Files (x86)\Fiberglass\Synchronously.exe [10240 2019-03-07] () [Fichier non signé]
 EmptyTemp:
Hosts:
RemoveProxy:
Reboot:
End

Ferme le bloc-note, retourne sur FRST et clique sur le bouton "Corriger / Fix"
Un redémarrage sera peut-être nécessaire et automatique.
Un fichier texte apparaît, copie/colle le contenu ici dans un nouveau message.

Redémarre l'ordinateur.
(L'ordinateur peut redémarrer tout seul, si le rapport de correction ne s'ouvre pas, cherche un fichier fixlog.txt qui se trouve dans le même dossier que FRST)

2) réinitialiser les navigateurs:
==================================
Réinitialise tes navigateurs et/ou re-paramètre manuellement tes navigateurs WEB ( page de démarrage, moteur de recherche, etc ) mais aussi supprimer/désactiver les extensions inutiles/parasites.
Pour t'aider à effectuer ce ménage, clique ci-dessous sur le nom du navigateur WEB que tu utilises :
* Réinitialiser et réparer Mozilla Firefox
* Réinitialiser et réparer Google Chrome
* Réinitialiser et réparer Internet Explorer
(Ne pas utiliser Zeok)

3)
Faire un nettoyage Malwarebytes Anti-Malware (MBAM ) version gratuite

4)
Refais un scan FRST et donne les nouveaux rapports via pjjoint

[zeltaa]

bonjour,


merci pour votre réponse rapide, j'ai fait tout ce que vous m'avez indiqué voici le rapport apres la correction sur frst :

Résultats de correction de Farbar Recovery Scan Tool (x64) Version: 03.03.2019
Exécuté par vince (08-03-2019 10:32:15) Run:1
Exécuté depuis C:\Users\vince\Desktop
Profils chargés: vince (Profils disponibles: vince)
Mode d'amorçage: Normal
==============================================

fixlist contenu:
*****************
Start
CloseProcesses:
CreateRestorePoint:
2019-03-07 20:17 - 2019-03-07 20:17 - 007316688 _____ (Malwarebytes) C:\Users\vince\Downloads\adwcleaner_7.2.7.0(1).exe
2019-03-07 20:15 - 2019-03-07 20:16 - 007320272 _____ (Malwarebytes) C:\Users\vince\Downloads\adwcleaner_7.2.6.0 (1).exe
2019-03-07 20:13 - 2019-03-07 20:13 - 001895383 _____ C:\Users\vince\AppData\Local\Alphatom.bin
2019-03-07 20:13 - 2019-03-07 20:13 - 000619880 _____ (VxDriver) C:\WINDOWS\5744629EB647.sys
2019-03-07 20:13 - 2019-03-07 20:13 - 000003246 _____ C:\WINDOWS\System32\Tasks\corolina17
2019-03-07 20:13 - 2019-03-07 20:13 - 000003044 _____ C:\WINDOWS\System32\Tasks\nwgunOXjCbxKL2
2019-03-07 20:13 - 2019-03-07 20:13 - 000003034 _____ C:\WINDOWS\System32\Tasks\MHsfjoHBjBJoAwMyz2
2019-03-07 20:13 - 2019-03-07 20:13 - 000003026 _____ C:\WINDOWS\System32\Tasks\tFhvygztNQVmokWetdU2
2019-03-07 20:13 - 2019-03-07 20:13 - 000000266 ____H C:\WINDOWS\Tasks\corolina17.job
2019-03-07 20:13 - 2019-03-07 20:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Throttle
2019-03-07 20:13 - 2019-03-07 20:13 - 000000000 ____D C:\ProgramData\ijikmcb
2019-03-07 20:13 - 2019-03-07 20:13 - 000000000 ____D C:\ProgramData\DQtKumvopDKCWKVB
2019-03-07 20:13 - 2019-03-07 20:13 - 000000000 ____D C:\Program Files (x86)\PGWARE
2019-03-07 20:13 - 2019-03-07 20:13 - 000000000 ____D C:\Program Files (x86)\KfnsJXyRyJHoDyJWuMR
2019-03-07 20:13 - 2019-03-07 20:13 - 000000000 ____D C:\Program Files (x86)\bqzrWnnidGJDC
2019-03-07 20:12 - 2019-03-07 20:13 - 000003356 _____ C:\WINDOWS\System32\Tasks\JLSktnhopmhFxt
2019-03-07 20:12 - 2019-03-07 20:13 - 000000000 ____D C:\Program Files (x86)\SmartData
2019-03-07 20:12 - 2019-03-07 20:13 - 000000000 ____D C:\Program Files (x86)\EhGTHpYbMZVU2
2019-03-07 20:12 - 2019-03-07 20:13 - 000000000 ____D C:\Program Files (x86)\aeVSlgaHU
2019-03-07 20:12 - 2019-03-07 20:12 - 007888384 _____ C:\Users\vince\AppData\Local\agent.dat
2019-03-07 20:12 - 2019-03-07 20:12 - 002035993 _____ C:\Users\vince\AppData\Local\Spanron.tst
2019-03-07 20:12 - 2019-03-07 20:12 - 000278509 _____ C:\Users\vince\AppData\Local\TrippleSailstring.tst
2019-03-07 20:12 - 2019-03-07 20:12 - 000126464 _____ C:\Users\vince\AppData\Local\noah.dat
2019-03-07 20:12 - 2019-03-07 20:12 - 000070896 _____ C:\Users\vince\AppData\Local\Config.xml
2019-03-07 20:12 - 2019-03-07 20:12 - 000005568 _____ C:\Users\vince\AppData\Local\md.xml
2019-03-07 20:12 - 2019-03-07 20:12 - 000004020 _____ C:\WINDOWS\System32\Tasks\schematically demoss textuallyschematically demoss textually
2019-03-07 20:12 - 2019-03-07 20:12 - 000003970 _____ C:\WINDOWS\System32\Tasks\commends_peacekeepercommends_peacekeeper
2019-03-07 20:12 - 2019-03-07 20:12 - 000003966 _____ C:\WINDOWS\System32\Tasks\engrossing hilfigerengrossing hilfiger
2019-03-07 20:12 - 2019-03-07 20:12 - 000003952 _____ C:\WINDOWS\System32\Tasks\robins_killinrobins_killin
2019-03-07 20:12 - 2019-03-07 20:12 - 000003946 _____ C:\WINDOWS\System32\Tasks\subroto-summersubroto-summer
2019-03-07 20:12 - 2019-03-07 20:12 - 000003946 _____ C:\WINDOWS\System32\Tasks\kilogramskilograms
2019-03-07 20:12 - 2019-03-07 20:12 - 000003928 _____ C:\WINDOWS\System32\Tasks\copticcoptic
2019-03-07 20:12 - 2019-03-07 20:12 - 000003918 _____ C:\WINDOWS\System32\Tasks\anchormenanchormen
2019-03-07 20:12 - 2019-03-07 20:12 - 000003008 _____ C:\WINDOWS\System32\Tasks\QNMJEtYKScqTlLB2
2019-03-07 20:12 - 2019-03-07 20:12 - 000000012 _____ C:\WINDOWS\b21768884
2019-03-07 20:12 - 2019-03-07 20:12 - 000000000 ___HD C:\Program Files (x86)\situs
2019-03-07 20:12 - 2019-03-07 20:12 - 000000000 ___HD C:\Program Files (x86)\Dirge
2019-03-07 20:12 - 2019-03-07 20:12 - 000000000 ____D C:\Users\vince\AppData\Roaming\Python
2019-03-07 20:12 - 2019-03-07 20:12 - 000000000 ____D C:\ProgramData\{E326E5D7-A154-BAF8-2CBC-7B362C5B2267}
2019-03-07 20:12 - 2019-03-07 20:12 - 000000000 ____D C:\ProgramData\{A8E5D19E-951D-F13B-6588-B87D656FE12C}
2019-03-07 20:12 - 2019-03-07 20:12 - 000000000 ____D C:\Program Files (x86)\Tight
2019-03-07 20:12 - 2019-03-07 20:12 - 000000000 ____D C:\Program Files (x86)\tiara
2019-03-07 20:12 - 2019-03-07 20:12 - 000000000 ____D C:\Program Files (x86)\PdUEJHwTcIE
2019-03-07 20:12 - 2019-03-07 20:12 - 000000000 ____D C:\Program Files (x86)\NDeBlRjARAUn
2019-03-07 20:12 - 2019-03-07 20:12 - 000000000 ____D C:\Program Files (x86)\Fiberglass
2019-03-07 20:12 - 2019-03-07 20:12 - 000000000 ____D C:\Program Files (x86)\ecosystems
2019-03-07 20:12 - 2019-03-07 20:10 - 001632256 _____ (TODO: <Company name>) C:\Users\vince\AppData\Local\TrippleSailstring.exe
2019-03-07 20:12 - 2019-03-07 20:10 - 001632256 _____ (TODO: <Company name>) C:\Users\vince\AppData\Local\Spanron.exe
2019-03-07 20:11 - 2019-03-07 20:25 - 000003572 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 2796787680
2019-03-07 20:11 - 2019-03-07 20:21 - 000001546 _____ C:\WINDOWS\Tasks\Homeville.job
2019-03-07 20:11 - 2019-03-07 20:11 - 000013984 _____ C:\WINDOWS\System32\Tasks\Homeville
2019-03-07 20:11 - 2019-03-07 20:11 - 000000000 ____D C:\Program Files\Homeville
2019-03-07 20:10 - 2019-03-07 20:11 - 000001681 _____ C:\Users\vince\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Panda Forest Guard cleaner.lnk
2019-03-07 20:10 - 2019-03-07 20:10 - 000722944 _____ C:\Users\vince\AppData\Local\sha.db
2019-03-07 20:10 - 2019-03-07 20:10 - 000140800 _____ C:\Users\vince\AppData\Local\installer.dat
2019-03-07 20:10 - 2019-03-07 20:10 - 000000000 ____D C:\Program Files (x86)\foldershare
2019-03-07 20:09 - 2019-03-07 20:09 - 001743840 _____ C:\Users\vince\Downloads\csgo_cheat_7540d.zip
2019-03-07 20:08 - 2019-03-07 20:08 - 001462784 _____ C:\WINDOWS\thpuogibsbsagh.thp
2019-03-07 20:08 - 2019-03-07 20:08 - 000000000 ____D C:\Program Files\ZDUyNGZhMjc5ZmRkZT
2019-03-07 20:07 - 2019-03-07 20:07 - 000194048 _____ C:\Users\vince\AppData\Local\miakhad.dll
2019-03-07 20:07 - 2019-03-07 20:07 - 000015360 _____ C:\Users\vince\AppData\Local\ciksob.dll
2019-03-07 20:07 - 2019-03-07 20:07 - 000004096 _____ C:\Users\vince\AppData\Local\qq6b264507-ba91-4d85-86c9-1e827315cbe0.exe
2019-03-07 20:04 - 2019-03-07 20:04 - 001753774 _____ C:\Users\vince\Downloads\csgo_private_hack_v37_dbbc9.zip
2019-03-07 20:01 - 2019-03-07 20:01 - 001734165 _____ C:\Users\vince\Downloads\setup_1f3a5.zip
2019-03-07 19:56 - 2019-02-06 23:23 - 000000000 ____D C:\Users\vince\Desktop\Dura Menu Free
2019-03-07 19:53 - 2019-03-07 19:54 - 000697864 _____ C:\Users\vince\Downloads\Dura_Menu_Free.rar
2019-03-07 01:11 - 2019-03-07 01:11 - 000356079 _____ C:\Users\vince\Downloads\EZfrags.co.uk_csgo_multi_public (3).zip
2019-03-07 01:06 - 2017-06-02 07:40 - 000000815 _____ C:\Users\vince\Desktop\how to use.txt
2019-03-07 01:05 - 2019-03-07 01:05 - 000356079 _____ C:\Users\vince\Downloads\EZfrags.co.uk_csgo_multi_public.zip
2019-03-07 01:05 - 2019-03-07 01:05 - 000356079 _____ C:\Users\vince\Downloads\EZfrags.co.uk_csgo_multi_public (2).zip
2019-03-07 00:57 - 2019-03-07 00:57 - 001351168 _____ C:\Users\vince\Downloads\xanware.dll
2019-03-07 00:53 - 2019-03-07 00:53 - 002175976 _____ ( ) C:\Users\vince\Downloads\Non confirmé 402274.crdownload
2019-03-07 00:49 - 2019-03-07 00:49 - 000000070 _____ C:\Users\vince\Downloads\tempoarts_trollware.txt
2019-03-07 00:49 - 2019-03-07 00:49 - 000000070 _____ C:\Users\vince\Downloads\tempoarts_trollware (1).txt
2019-03-06 19:49 - 2019-03-06 19:49 - 001834496 _____ C:\WINDOWS\MjVjYjc.exe
2019-03-06 19:49 - 2019-03-06 19:49 - 000170928 _____ C:\WINDOWS\system32\Drivers\NjhhYWNiZTg
2019-03-06 19:49 - 2019-03-06 19:49 - 000101742 _____ C:\WINDOWS\uninstaller.dat
2019-03-05 17:27 - 2019-03-05 17:27 - 000000000 ____D C:\Users\vince\OneDrive\Documents\fightnrage_feedback
2019-03-05 17:27 - 2019-03-05 17:27 - 000000000 ____D C:\Users\vince\AppData\LocalLow\sebagamesdev
R1 NjhhYWNiZTg; \??\C:\WINDOWS\system32\drivers\NjhhYWNiZTg [X]
Task: {E18E5DEB-9CD0-4558-B34D-E2478EFFBF73} - System32\Tasks\Homeville => C:\Program Files\Homeville\Homeville.exe () [Fichier non signé] <==== ATTENTION
Task: {E19F57AF-B38C-4122-AD2C-F7219401DA9F} - System32\Tasks\MHsfjoHBjBJoAwMyz2 => rundll32 "C:\Program Files (x86)\KfnsJXyRyJHoDyJWuMR\NbeKyXY.dll",#1
Task: {A709CDBD-E6DB-47D1-BFA4-DD3EC4C7A973} - System32\Tasks\kilogramskilograms => C:\Program Files (x86)\Fiberglass\Synchronously.exe () [Fichier non signé]
Task: {9114B4F0-6346-4F46-9C68-68078AA5F960} - System32\Tasks\Opera scheduled Autoupdate 2796787680 => C:\Users\vince\AppData\Roaming\Microsoft\Windows\sgiddrjw\vvigfafh.exe () [Fichier non signé]
Task: {7F6A1FE4-B215-4BA2-9BCB-08FE51EB90A0} - System32\Tasks\anchormenanchormen => C:\Program Files (x86)\Tight\fone.exe () [Fichier non signé]
Task: {866C7E96-C088-4038-9561-28040EE8035B} - System32\Tasks\corolina17 => C:\ProgramData\ijikmcb\ehmkg.exe () [Fichier non signé]
Task: {6FFFD5E7-AAC6-4364-9403-DBC5C83F2D35} - System32\Tasks\tFhvygztNQVmokWetdU2 => rundll32 "C:\Program Files (x86)\bqzrWnnidGJDC\aIABAra.dll",#1
Task: {702E8598-153B-4CD6-A598-3E5986F16C8B} - System32\Tasks\QNMJEtYKScqTlLB2 => rundll32 "C:\Program Files (x86)\aeVSlgaHU\mRbORQ.dll",#1
Task: {54525EE0-3899-450F-B248-E26E58BA0C10} - System32\Tasks\nwgunOXjCbxKL2 => C:\WINDOWS\system32\wscript.exe "C:\ProgramData\DQtKumvopDKCWKVB\NliEfly.wsf"
Task: {406BB5D4-96CD-4033-A45D-09521629B893} - System32\Tasks\JLSktnhopmhFxt => rundll32 "C:\Program Files (x86)\EhGTHpYbMZVU2\CmrRkbcOIRyQM.dll",#1
Task: {3B7A45B3-D5B8-427A-A1C4-1F3973E150F8} - System32\Tasks\copticcoptic => C:\Program Files (x86)\ecosystems\ecosystems.exe () [Fichier non signé]
HKLM\...\Run: [Dioramas] => C:\Program Files (x86)\Fiberglass\Synchronously.exe [10240 2019-03-07] () [Fichier non signé]
HKLM\...\Run: [Cummerbunds] => C:\Program Files (x86)\tiara\Servings.exe [10240 2019-03-07] () [Fichier non signé]
HKLM\...\Run: [Lemurs] => C:\Program Files (x86)\Dirge\Synchronously.exe [10240 2019-03-07] () [Fichier non signé]
HKLM-x32\...\Run: [Cometh] => C:\Program Files (x86)\Fiberglass\Synchronously.exe [10240 2019-03-07] () [Fichier non signé]
HKLM-x32\...\Run: [Workflow] => C:\Program Files (x86)\tiara\Servings.exe [10240 2019-03-07] () [Fichier non signé]
HKLM-x32\...\Run: [Bossier] => C:\Program Files (x86)\Dirge\Synchronously.exe [10240 2019-03-07] () [Fichier non signé]
HKLM\...\RunOnce: [OMEWPRODUCT_] => C:\Program Files\MSBuild\ILO8ENO5DKOU34IM4T9XN53\IWuxdXk3cW.exe [69120 2019-03-07] (3) [Fichier non signé] <==== ATTENTION
HKU\S-1-5-21-999553329-3704910932-3797768191-1001\...\Run: [BingSvc] => C:\Users\vince\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (Microsoft Corporation -> © 2015 Microsoft Corporation)
Startup: C:\Users\vince\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\sgiddrjw.lnk [2019-03-07]
Startup: C:\Users\vince\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\sulking.lnk [2019-03-07]
ShortcutTarget: sulking.lnk -> C:\Program Files (x86)\Fiberglass\Synchronously.exe () [Fichier non signé]
Startup: C:\Users\vince\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\sulkingsulking.lnk [2019-03-07]
ShortcutTarget: sulkingsulking.lnk -> C:\Program Files (x86)\tiara\Servings.exe () [Fichier non signé]HKU\S-1-5-21-999553329-3704910932-3797768191-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4701888 2016-12-22] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-999553329-3704910932-3797768191-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3146016 2019-03-06] (Valve -> Valve Corporation)
HKU\S-1-5-21-999553329-3704910932-3797768191-1001\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 6\CyberGhost.exe [1248848 2017-08-31] (CyberGhost SRL -> CyberGhost S.A.)
HKU\S-1-5-21-999553329-3704910932-3797768191-1001\...\Run: [Bethesda.net] => H:\bethesda.net launcher\bethesdanetupdater.exe [1846464 2019-03-07] (Zenimax Media Inc. -> Bethesda Softworks)
HKU\S-1-5-21-999553329-3704910932-3797768191-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3113768 2019-03-05] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-999553329-3704910932-3797768191-1001\...\Run: [FACEIT] => C:\Users\vince\AppData\Local\FACEITApp\update.exe [2203584 2019-01-08] (FACE IT LIMITED -> )
HKU\S-1-5-21-999553329-3704910932-3797768191-1001\...\Run: [ciksob] => C:\Users\vince\AppData\Local\ciksob.dll [15360 2019-03-07] () [Fichier non signé] <==== ATTENTION
HKU\S-1-5-21-999553329-3704910932-3797768191-1001\...\Run: [xhou7bru1'.exe] => C:\Program Files\MSBuild\ILO8ENO5DKOU34IM4T9XN53\xhou7bru1'.exe [431104 2019-03-07] (5) [Fichier non signé]
HKU\S-1-5-21-999553329-3704910932-3797768191-1001\...\Run: [Disaffiliation] => C:\Program Files (x86)\Fiberglass\Synchronously.exe [10240 2019-03-07] () [Fichier non signé]
HKU\S-1-5-21-999553329-3704910932-3797768191-1001\...\Run: [Screeds] => C:\Program Files (x86)\tiara\Servings.exe [10240 2019-03-07] () [Fichier non signé]
HKU\S-1-5-21-999553329-3704910932-3797768191-1001\...\Run: [Quire] => C:\Program Files (x86)\Dirge\Synchronously.exe [10240 2019-03-07] () [Fichier non signé]
HKU\S-1-5-21-999553329-3704910932-3797768191-1001\...\Run: [Bitstream] => C:\Program Files (x86)\Fiberglass\Synchronously.exe [10240 2019-03-07] () [Fichier non signé]
HKU\S-1-5-21-999553329-3704910932-3797768191-1001\...\Run: [Shalt] => C:\Program Files (x86)\tiara\Servings.exe [10240 2019-03-07] () [Fichier non signé]
HKU\S-1-5-21-999553329-3704910932-3797768191-1001\...\Run: [Indemnity] => C:\Program Files (x86)\Dirge\Synchronously.exe [10240 2019-03-07] () [Fichier non signé]
HKU\S-1-5-21-999553329-3704910932-3797768191-1001\...\Run: [frights] => C:\Program Files (x86)\situs\frights.exe [49516 2019-03-07] () [Fichier non signé]
HKU\S-1-5-21-999553329-3704910932-3797768191-1001\...\Run: [milquetoast] => C:\Program Files (x86)\Fiberglass\Synchronously.exe [10240 2019-03-07] () [Fichier non signé]
EmptyTemp:
Hosts:
RemoveProxy:
Reboot:
End
*****************

[zeltaa]

j'ai désinstallé les logiciel que vous m'avez dit sauf celui la que je ne trouve pas dans ajoutez et supprimé un programme :
SearchAwesome


voici les nouveau rapports de frst après la correction :

https://pjjoint.malekal.com/files.php?i ... 1p7r9g9f14

https://pjjoint.malekal.com/files.php?i ... 4n13c13z12

https://pjjoint.malekal.com/files.php?i ... 1d10i6t6l8


Dans l'attente de votre réponse

merci

[Malekal_morte]

ok pas grave.
Il reste quel problème ?

[zeltaa]

Je pense pas qu'il y a d'autre pb j'ai retrouvé une bonne vitesse du pc ,

merci beaucoup pour la rapidité

[Malekal_morte]

ok attention à ce que tu télécharges,

Tu peux supprimer le dossier C:\FRST =)


Termine par un nettoyage Malwarebytes Anti-Malware (MBAM) version gratuite
Evite les analyses et nettoyages réguliers ZHPCleaner, AdwCleaner, pas utile.


Quelques conseils :

Pour ne plus te faire avoir.
A lire - Programmes parasites / PUPs : Dossier Adwares/PUPs : programmes indésirables et parasites
(Surtout active les détections LPIs pour détecter les programmes parasites et publicitaires)

[zeltaa]

ok merci pour toute ces infos ,oui je ferai attention a l'avenir car j'ai voulu télécharger un modmenu pour un amis et voila le résultat .


Fini tout sa ,même sur youtube c'est blindé de virus

[salwa1215]

Bonjour,

J'ai le même problème.
Voici le lien de FRST.txt
https://pjjoint.malekal.com/files.php?i ... l12e15d5w8
Addition.txt
https://pjjoint.malekal.com/files.php?i ... 10r14s13w6

Merci d'avance de votre aide.

[Malekal_morte]

Salut salwa,

Deux antivirus installés.

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Kaspersky Endpoint Security 10 for Windows (Disabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}

C'est mal, désinstalle celui en trop.

Programmes inutiles, encombrant, à désinstaller éventuellement.

CCleaner (inutile)
Free Download Manager
McAfee Safe Connect (parasite)
McAfee WebAdvisor (parasite)
NativeDesktopMediaService
Online Application
SearchAwesome

Voici la correction à effectuer avec FRST. Tu peux t'aider de cette Voici la correction à effectuer avec FRST. Tu peux t'aider de cette #fix note explicative avec des captures d'écran.
Relance FRST puis sur ton clavier appuyer sur la touche CTRL + Y.
Le bloc-note va s'ouvrir, copie/colle ceci.

Code : Tout sélectionner

Start
CloseProcesses:
CreateRestorePoint:
2019-05-15 13:59 - 2018-09-05 13:23 - 000000000 ____D C:\Users\ensibs\AppData\Roaming\jupyter 
2019-05-16 11:51 - 2013-08-01 14:12 - 000006134 ____N C:\Users\ensibs\Documents\readme.txt
2019-05-16 11:09 - 2018-05-26 21:08 - 000000000 ____D C:\Users\ensibs\Documents\Pcap.Net-master
2019-05-16 10:47 - 2019-05-16 10:47 - 000722944 _____ C:\Users\ensibs\AppData\Local\sha.db
2019-05-16 10:47 - 2019-05-16 10:47 - 000140800 _____ C:\Users\ensibs\AppData\Local\installer.dat
2019-05-16 10:47 - 2019-05-16 10:47 - 000011568 _____ C:\Users\ensibs\AppData\Local\InstallationConfiguration.xml
2019-05-16 10:44 - 2019-05-16 18:12 - 000000000 ____D C:\Program Files (x86)\FastDataX
2019-05-16 10:44 - 2019-05-16 10:44 - 000001153 _____ C:\Users\ensibs\Desktop\foldershare.lnk
2019-05-16 10:44 - 2019-05-16 10:44 - 000000000 ____D C:\ProgramData\Jetmedia
2019-05-16 10:44 - 2019-05-16 10:44 - 000000000 ____D C:\Program Files (x86)\Jetmedia
2019-05-16 10:43 - 2019-05-16 18:12 - 000000000 ____D C:\Program Files (x86)\LetsSee!
2019-05-16 10:43 - 2019-05-16 10:43 - 001397760 _____ C:\Windows\vanrywhsd.vanr
2019-05-16 10:43 - 2019-05-16 10:43 - 001246160 _____ (Mozilla Foundation) C:\ProgramData\nss3.dll
2019-05-16 10:43 - 2019-05-16 10:43 - 000440120 _____ (Microsoft Corporation) C:\ProgramData\msvcp140.dll
2019-05-16 10:43 - 2019-05-16 10:43 - 000334288 _____ (Mozilla Foundation) C:\ProgramData\freebl3.dll
2019-05-16 10:43 - 2019-05-16 10:43 - 000144848 _____ (Mozilla Foundation) C:\ProgramData\softokn3.dll
2019-05-16 10:43 - 2019-05-16 10:43 - 000137168 _____ (Mozilla Foundation) C:\ProgramData\mozglue.dll
2019-05-16 10:43 - 2019-05-16 10:43 - 000083784 _____ (Microsoft Corporation) C:\ProgramData\vcruntime140.dll
2019-05-16 10:43 - 2019-05-16 10:43 - 000001736 _____ C:\Users\ensibs\Desktop\LetsSee!.lnk
2019-05-16 10:43 - 2019-05-16 10:43 - 000000000 ____D C:\Windows\SysWOW64\SSL
2019-05-16 10:43 - 2019-05-16 10:43 - 000000000 ____D C:\ProgramData\H3SBJ0A59BS08ZKYPK1QC4U4O
2019-05-16 10:43 - 2019-05-16 10:43 - 000000000 ____D C:\ProgramData\{C5E86BA2-F708-08C4-70EA-4784700D1ED5}
2019-05-16 10:43 - 2019-05-16 10:43 - 000000000 ____D C:\ProgramData\{ABB0D54D-49E7-669C-9F54-1FEA9FB346BB}
2019-05-16 10:42 - 2019-05-17 10:45 - 000000376 _____ C:\Windows\Tasks\Updater_Online_Application.job
2019-05-16 10:42 - 2019-05-16 10:43 - 000000000 ____D C:\Program Files\YzQ4MTFmYzc3MTlmM
2019-05-16 10:42 - 2019-05-16 10:42 - 000003208 _____ C:\Windows\System32\Tasks\Updater_Online_Application
2019-05-16 10:42 - 2019-05-16 10:42 - 000000000 ____D C:\Users\ensibs\AppData\Roaming\Microleaves
2019-05-16 10:42 - 2019-05-16 10:42 - 000000000 ____D C:\Users\ensibs\AppData\Local\AdvinstAnalytics
2019-05-16 10:42 - 2019-05-16 10:42 - 000000000 ____D C:\Program Files (x86)\Microleaves
Task: C:\Windows\Tasks\Updater_Online_Application.job => C:\Program Files (x86)\Microleaves\Online Application\Online Application Updater.exe <==== ATTENTION
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\WsAppService.exe [493792 2017-11-07] (Wondershare Technology Co.,Ltd -> Wondershare)
R2 YzQ4MTFmYzc3MTlmM; C:\Program Files\YzQ4MTFmYzc3MTlmM\YjhhYWY5NmE3YzQ1.exe [1813728 2019-05-15] (technologiejarbon.com -> ) <==== ATTENTION
Hosts:
EmptyTemp:
RemoveProxy:
Reboot:
End

Ferme le bloc-note, retourne sur FRST et clique sur le bouton "Corriger / Fix"
Un redémarrage sera peut-être nécessaire et automatique.
Un fichier texte apparaît, copie/colle le contenu ici dans un nouveau message.

Redémarre l'ordinateur.
(L'ordinateur peut redémarrer tout seul, si le rapport de correction ne s'ouvre pas, cherche un fichier fixlog.txt qui se trouve dans le même dossier que FRST)


2) réinitialiser les navigateurs:
==================================
Réinitialise tes navigateurs et/ou re-paramètre manuellement tes navigateurs WEB ( page de démarrage, moteur de recherche, etc ) mais aussi supprimer/désactiver les extensions inutiles/parasites.
Pour t'aider à effectuer ce ménage, clique ci-dessous sur le nom du navigateur WEB que tu utilises :
* Réinitialiser et réparer Mozilla Firefox
* Réinitialiser et réparer Google Chrome
* Réinitialiser et réparer Internet Explorer
(Ne pas utiliser Zeok)

3)
Faire un nettoyage Malwarebytes Anti-Malware (MBAM ) version gratuite

4)
Refais un scan FRST et donne les nouveaux rapports via pjjoint