Malware Baidu Fermé

Question

Bonsoir,

En installant un programme sur mon ordinateur, il y a les malwares Baidu et QQPCM, deux programmes entièrement écrit en chinois, donc j'y comprend rien. Ils ne sont pas présent dans le panneau de configuration "programmes et fonctionalités", je ne peux pas les désinstallé mais il sont encore en fonctionnement dans le gestionnaire des tâches.

J'apprécierai si quelqu'un peut m'aider.

Clément

Malekal_morte- · Answer

Salut,

Suis ce tutoriel FRST: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/
(et bien prendre le temps de lire afin d'appliquer correctement - tout y est expliqué).
Télécharge et lance le scan FRST, cela va générer trois rapports FRST :

 FRST.txt
 Shortcut.txt
 Additionnal.txt

Envoie, comme expliqué, ces trois rapports sur le site http://pjjoint.malekal.com et en retour donne les trois liens pjjoint qui mènent à ses rapports ici dans une nouvelle réponse afin que l'on puisse les consulter.

clementedc · Answer

Voici les trois liens, merci pour ton aide.

Lien FRST.txt : https://pjjoint.malekal.com/files.php?id=20150504_k12l14s8v10u11

Lien Shortcut.txt : https://pjjoint.malekal.com/files.php?id=20150504_t9x7c14u9f11

Lien Additionnal.txt  : https://pjjoint.malekal.com/files.php?id=20150504_b10u11h5w12v13

Malekal_morte- · Answer

Apparemment c'est un antivirus que tu as installé. Tu as aussi bcp d'adwares. Voici la correction à effectuer avec FRST. Tu peux t'inspirer de cette note explicative avec des captures d'écran pour t'aider: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/#fix Ouvre le bloc-notes : Touche Windows + R, dans le champs executer, tape notepad et OK. Copie/colle dedans ce qui suit : HKLM\...\Run: [BaiduSdTray] => C:\Program Files (x86)\Baidu\BaiduSd\3.0.0.4605\BaiduSdTray.exe [3257240 2015-04-28] (????????????????) HKLM\...\Run: [BaiduAnTray] => C:\Program Files (x86)\Baidu\BaiduAn\4.0.0.5166\BaiduAnTray.exe -stmd=3 HKLM-x32\...\Run: [baidusdTray] => C:\Program Files (x86)\Baidu\BaiduSd\3.0.0.4605\BaiduSdTray.exe [3257240 2015-04-28] (????????????????) HKLM-x32\...\Run: [ QQPCTray] => C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCTray.exe [355296 2015-04-28] (Tencent) HKU\S-1-5-21-3915861219-264147291-2921632032-1001\...\Run: [Search Protection] => C:\Users\user\AppData\Roaming\Search Protection\SP.EXE [913904 2015-04-20] () HKU\S-1-5-21-3915861219-264147291-2921632032-1001\...\Run: [Browser Extensions] => C:\Users\user\AppData\Roaming\BrowserExtensions\BEHelper.exe [540656 2015-04-20] () HKU\S-1-5-21-3915861219-264147291-2921632032-1001\...\Run: [WindApp] => C:\Users\user\AppData\Roaming\Store\WindApp\WindApp.exe /winstartup HKU\S-1-5-21-3915861219-264147291-2921632032-1001\...\Run: [Selection Tools] => C:\Users\user\AppData\Roaming\WTools\Selection Tools\Selection Tools.exe /winstartup HKU\S-1-5-21-3915861219-264147291-2921632032-1001\...\Run: [apphide] => C:\Program Files (x86)\baidu\baidu.exe [65536 2015-04-06] () ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMGCShellExt64.dll [2015-04-07] (Tencent) GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION BHO-x32: Browser Extensions -> {34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} -> C:\Users\user\AppData\Roaming\BrowserExtensions\Coupons.dll [2015-04-20] () BHO-x32: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files (x86)\XTab\SupTab.dll [2015-04-20] (Thinknice Co. Limited) BHO: Browser Extensions -> {34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} -> C:\Users\user\AppData\Roaming\BrowserExtensions\Coupons64.dll [2015-04-20] () CHR HKLM-x32\...\Chrome\Extension: [ooebklgpfnbcnpokahmdidgbmlcdepkm] - https://clients2.google.com/service/update2/crx CHR StartupUrls: Default -> hxxp://www.omniboxes.com/?type=hp&ts=1430244923&from=amt&uid=WDCXWD5000LPVX-28V0TT0_WD-WXG1E64ESJSFESJSF [Pays US - 50.97.32.151] S2 be0fb33b; C:\Windows\system32 undll32.exe c:\Program Files (x86)\Supporter\Supporter.dll,serv R2 IHProtect Service; C:\Program Files (x86)\XTab\ProtectService.exe [158816 2015-04-20] (XTab system) R2 QQPCRTP; C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCRTP.exe [297608 2015-04-28] (Tencent) S3 TAOFrame; C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TAOFrame.exe [293728 2015-04-28] (Tencent) S2 ClaraUpdater; C:\Program Files (x86)\Common Files\ClaraUpdater\ClaraUpdater.exe [887376 2015-04-28] (ClaraLabs) R1 QMUdisk; C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMUdisk64.sys [62264 2015-04-28] (Tencent) R2 QQSysMonX64; C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQSysMonX64.sys [127800 2015-04-28] (????) R2 TAOAccelerator; C:\Windows\system32\Drivers\TAOAccelerator64.sys [99640 2015-04-28] (Tencent) R1 TAOKernelDriver; C:\Windows\System32\Drivers\TAOKernel64.sys [174392 2015-04-28] (Tencent Technology(Shenzhen) Company Limited) R3 TFsFlt; C:\Windows\System32\Drivers\TFsFltX64.sys [87864 2015-04-28] (????) R3 TS888x64; C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TS888x64.sys [28984 2015-04-29] (Tencent) R1 TSCPM; C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227 scpm64.sys [42296 2015-04-28] (????) R1 TSDefenseBt; C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TSDefenseBT64.sys [28472 2015-04-28] (Tencent) R1 TSSysKit; C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TSSysKit64.sys [87352 2015-04-28] (????) R1 {3211ae5b-d056-4176-9f6e-b51496f003f1}Gw64; C:\Windows\System32\drivers\{3211ae5b-d056-4176-9f6e-b51496f003f1}Gw64.sys [48776 2014-12-14] (StdLib) R1 bd0001; C:\Windows\System32\DRIVERS\bd0001.sys [202704 2015-04-28] (Baidu) R1 bd0001; C:\Windows\SysWOW64\DRIVERS\bd0001.sys [202704 2015-04-28] (Baidu) R1 bd0002; C:\Windows\System32\DRIVERS\bd0002.sys [198600 2015-04-28] (Baidu) R1 bd0002; C:\Windows\SysWOW64\DRIVERS\bd0002.sys [198600 2015-04-28] (Baidu) R1 bd0003; C:\Windows\System32\DRIVERS\bd0003.sys [67400 2014-11-06] (Baidu) R2 BDArKit; C:\Windows\System32\DRIVERS\BDArKit.sys [152392 2014-12-25] (Baidu Technology) R2 BDDefense; C:\Windows\system32\drivers\BDDefense.sys [103752 2015-04-28] (Baidu) R1 BDMWrench_x64; C:\Windows\System32\DRIVERS\BDMWrench_x64.sys [56136 2014-11-06] (Baidu) 2015-04-29 08:25 - 2014-11-06 09:38 - 00056136 _____ (Baidu) C:\Windows\system32\Drivers\BDMWrench_x64.sys 2015-04-29 08:24 - 2015-04-28 20:34 - 00198600 _____ (Baidu) C:\Windows\system32\Drivers\bd0002.sys 2015-04-29 08:24 - 2014-12-25 04:35 - 00152392 _____ (Baidu Technology) C:\Windows\system32\Drivers\BDArKit.SYS 2015-04-28 21:21 - 2015-04-29 09:07 - 00028984 _____ (Tencent) C:\Windows\SysWOW64\Drivers\TS888x64.sys 2015-04-28 21:20 - 2015-04-28 21:20 - 00000004 _____ () C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7 2015-04-28 20:57 - 2015-04-28 20:57 - 00000000 __SHD () C:\Users\user\AppData\Roaming\AnyProtectEx 2015-04-28 20:57 - 2015-04-28 20:56 - 00613255 _____ (CMI Limited) C:\Users\user\AppData\Local sy3BF4.tmp 2015-04-28 20:39 - 2015-04-28 20:40 - 00001656 _____ () C:\Windows\SysWOW64\${LOGFILE} 2015-04-28 20:36 - 2015-04-28 20:36 - 00000000 ____D () C:\ProgramData\TXQMPC 2015-04-28 20:34 - 2015-05-04 08:34 - 00002776 _____ () C:\Windows\Tasks\8fda1737-f699-4f2d-aa43-ddee0fcd38fb-5_user.job 2015-04-28 20:34 - 2015-04-28 20:34 - 00202704 _____ (Baidu) C:\Windows\SysWOW64\Drivers\bd0001.sys 2015-04-28 20:34 - 2015-04-28 20:34 - 00198600 _____ (Baidu) C:\Windows\SysWOW64\Drivers\bd0002.sys 2015-04-28 20:33 - 2015-05-04 21:33 - 00005504 _____ () C:\Windows\Tasks\8fda1737-f699-4f2d-aa43-ddee0fcd38fb-6.job 2015-04-28 20:33 - 2015-05-04 21:33 - 00003124 _____ () C:\Windows\Tasks\8fda1737-f699-4f2d-aa43-ddee0fcd38fb-1-6.job 2015-04-28 20:33 - 2015-05-04 08:33 - 00005504 _____ () C:\Windows\Tasks\8fda1737-f699-4f2d-aa43-ddee0fcd38fb-7.job 2015-04-28 20:33 - 2015-05-04 08:33 - 00003460 _____ () C:\Windows\Tasks\8fda1737-f699-4f2d-aa43-ddee0fcd38fb-1-7.job 2015-04-28 20:33 - 2015-04-28 20:33 - 00008508 _____ () C:\Windows\System32\Tasks\8fda1737-f699-4f2d-aa43-ddee0fcd38fb-7 2015-04-28 20:33 - 2015-04-28 20:33 - 00008508 _____ () C:\Windows\System32\Tasks\8fda1737-f699-4f2d-aa43-ddee0fcd38fb-6 2015-04-28 20:33 - 2015-04-28 20:33 - 00006464 _____ () C:\Windows\System32\Tasks\8fda1737-f699-4f2d-aa43-ddee0fcd38fb-1-7 2015-04-28 20:33 - 2015-04-28 20:33 - 00006128 _____ () C:\Windows\System32\Tasks\8fda1737-f699-4f2d-aa43-ddee0fcd38fb-1-6 2015-04-28 20:33 - 2015-04-28 20:33 - 00000000 ____D () C:\Program Files (x86)\07b12830-f20a-4ae3-97a5-ed04e0382f78 2015-04-28 20:32 - 2015-05-04 21:32 - 00002098 _____ () C:\Windows\Tasks\8fda1737-f699-4f2d-aa43-ddee0fcd38fb-10_user.job 2015-04-28 20:32 - 2015-05-04 08:32 - 00004480 _____ () C:\Windows\Tasks\8fda1737-f699-4f2d-aa43-ddee0fcd38fb-3.job 2015-04-28 20:32 - 2015-04-28 21:12 - 00000000 ____D () C:\Users\user\AppData\Local\27303 2015-04-28 20:32 - 2015-04-28 20:32 - 00007484 _____ () C:\Windows\System32\Tasks\8fda1737-f699-4f2d-aa43-ddee0fcd38fb-3 2015-04-28 20:30 - 2015-04-28 21:19 - 00000000 ____D () C:\Users\user\AppData\Local\UnicoBrowser 2015-04-28 20:22 - 2015-04-28 20:22 - 00000000 ____D () C:\Program Files\Common Files\Tencent 2015-04-28 20:22 - 2015-04-28 20:20 - 00099640 _____ (Tencent) C:\Windows\system32\Drivers\TAOAccelerator64.sys 2015-04-28 20:21 - 2015-04-28 20:21 - 00000000 ____D () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\???? 2015-04-28 20:21 - 2015-04-28 20:20 - 00174392 _____ (Tencent Technology(Shenzhen) Company Limited) C:\Windows\system32\Drivers\TAOKernel64.sys 2015-04-28 20:21 - 2015-04-28 20:20 - 00087864 _____ (????) C:\Windows\system32\Drivers\TFsFltX64.sys 2015-04-28 20:20 - 2015-04-28 21:35 - 00000000 ____D () C:\Users\user\AppData\Local\4C4C4544-1430252423-4810-8050-B5C04F515431 2015-04-28 20:18 - 2015-04-28 20:40 - 00103752 _____ (Baidu) C:\Windows\system32\Drivers\BDDefense.sys 2015-04-28 20:18 - 2015-04-28 20:34 - 00202704 _____ (Baidu) C:\Windows\system32\Drivers\bd0001.sys 2015-04-28 20:18 - 2014-11-06 09:38 - 00067400 _____ (Baidu) C:\Windows\system32\Drivers\bd0003.sys 2015-04-28 20:17 - 2015-04-28 22:16 - 00000000 ____D () C:\Program Files (x86)\baidu 2015-04-28 20:17 - 2015-04-28 20:25 - 00000000 ____D () C:\ProgramData\Baidu 2015-04-28 20:17 - 2015-04-28 20:19 - 00000000 ____D () C:\Users\user\AppData\Roaming\Baidu 2015-04-28 20:17 - 2015-04-28 20:17 - 00000000 ____D () C:\Users\user\AppData\Roaming\4C4C4544-1430245025-4810-8050-B5C04F515431 2015-04-28 20:16 - 2015-05-04 21:16 - 00005526 _____ () C:\Windows\Tasks\545b980c-7c8e-4ab9-8397-ec778d81a535-6.job 2015-04-28 20:16 - 2015-05-04 21:16 - 00002802 _____ () C:\Windows\Tasks\545b980c-7c8e-4ab9-8397-ec778d81a535-1-6.job 2015-04-28 20:16 - 2015-05-04 21:16 - 00002120 _____ () C:\Windows\Tasks\545b980c-7c8e-4ab9-8397-ec778d81a535-10_user.job 2015-04-28 20:16 - 2015-05-04 08:37 - 00000922 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job 2015-04-28 20:16 - 2015-05-04 08:16 - 00005190 _____ () C:\Windows\Tasks\545b980c-7c8e-4ab9-8397-ec778d81a535-7.job 2015-04-28 20:16 - 2015-05-04 08:16 - 00004166 _____ () C:\Windows\Tasks\545b980c-7c8e-4ab9-8397-ec778d81a535-3.job 2015-04-28 20:16 - 2015-05-04 08:16 - 00003146 _____ () C:\Windows\Tasks\545b980c-7c8e-4ab9-8397-ec778d81a535-1-7.job 2015-04-28 20:16 - 2015-05-04 08:16 - 00002454 _____ () C:\Windows\Tasks\545b980c-7c8e-4ab9-8397-ec778d81a535-5_user.job 2015-04-28 20:16 - 2015-05-04 08:16 - 00002454 _____ () C:\Windows\Tasks\545b980c-7c8e-4ab9-8397-ec778d81a535-5.job 2015-04-28 20:16 - 2015-04-30 08:14 - 00000994 _____ () C:\Windows\Tasks\VvZkyzn6.job 2015-04-28 20:16 - 2015-04-30 08:14 - 00000918 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job 2015-04-28 20:16 - 2015-04-29 08:23 - 00000000 ____D () C:\Users\user\AppData\Roaming\4C4C4544-1430245004-4810-8050-B5C04F515431 2015-04-28 20:16 - 2015-04-28 20:32 - 00003894 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA 2015-04-28 20:16 - 2015-04-28 20:32 - 00003658 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore 2015-04-28 20:16 - 2015-04-28 20:16 - 00008530 _____ () C:\Windows\System32\Tasks\545b980c-7c8e-4ab9-8397-ec778d81a535-6 2015-04-28 20:16 - 2015-04-28 20:16 - 00008194 _____ () C:\Windows\System32\Tasks\545b980c-7c8e-4ab9-8397-ec778d81a535-7 2015-04-28 20:16 - 2015-04-28 20:16 - 00007170 _____ () C:\Windows\System32\Tasks\545b980c-7c8e-4ab9-8397-ec778d81a535-3 2015-04-28 20:16 - 2015-04-28 20:16 - 00006150 _____ () C:\Windows\System32\Tasks\545b980c-7c8e-4ab9-8397-ec778d81a535-1-7 2015-04-28 20:16 - 2015-04-28 20:16 - 00005806 _____ () C:\Windows\System32\Tasks\545b980c-7c8e-4ab9-8397-ec778d81a535-1-6 2015-04-28 20:16 - 2015-04-28 20:16 - 00005458 _____ () C:\Windows\System32\Tasks\545b980c-7c8e-4ab9-8397-ec778d81a535-5 2015-04-28 20:16 - 2015-04-28 20:16 - 00003992 _____ () C:\Windows\System32\Tasks\VvZkyzn6 2015-04-28 20:16 - 2015-04-28 20:16 - 00000000 ____D () C:\Users\user\AppData\Local\globalUpdate 2015-04-28 20:16 - 2015-04-28 20:16 - 00000000 ____D () C:\Program Files (x86)\globalUpdate 2015-04-28 20:16 - 2015-04-28 20:16 - 00000000 ____D () C:\Program Files (x86)\8f87706d-f9e5-45cb-a760-5b52c5ce8c4d 2015-04-28 20:15 - 2015-04-28 20:35 - 00000000 ____D () C:\Users\user\AppData\Roaming\WTools 2015-04-28 20:15 - 2015-04-28 20:32 - 00000000 ____D () C:\Users\user\AppData\Roaming\Store 2015-04-28 20:15 - 2015-04-28 20:17 - 00000156 _____ () C:\Users\user\AppData\Roaming\WindApp.installation.log 2015-04-28 20:15 - 2015-04-28 20:17 - 00000156 _____ () C:\Users\user\AppData\Roaming\Selection Tools.installation.log 2015-04-28 20:14 - 2015-05-04 08:12 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect 2015-04-28 20:14 - 2015-04-28 20:40 - 00000000 ____D () C:\Users\user\AppData\Roaming\Nosibay 2015-04-28 20:14 - 2015-04-28 20:17 - 00012000 _____ () C:\Users\user\AppData\Roaming\Bubble Dock.installation.log 2015-04-28 20:14 - 2015-04-28 20:17 - 00002550 _____ () C:\Users\user\AppData\Roaming\Bubble Dock.boostrap.log 2015-04-28 20:14 - 2015-04-28 20:16 - 00000194 _____ () C:\Users\user\AppData\Roaming\WindApp.boostrap.log 2015-04-28 20:14 - 2015-04-28 20:15 - 00000000 ____D () C:\Program Files (x86)\XTab 2015-04-28 20:14 - 2015-04-28 20:14 - 00000000 ____D () C:\ProgramData\IHProtectUpDate 2015-04-28 20:13 - 2015-04-28 21:21 - 00000000 ____D () C:\Program Files (x86)\Supporter 2015-04-28 20:13 - 2015-04-28 20:13 - 00000000 ____D () C:\ProgramData\144539010419081441 2015-04-28 20:12 - 2015-05-04 08:12 - 00000000 ____D () C:\ProgramData\ecdfpjcjkcoannbfhkghddpnpknbfccl 2015-04-28 20:11 - 2015-05-04 08:12 - 00000000 ____D () C:\Program Files (x86)\Priceless 2015-04-28 20:11 - 2015-04-28 20:11 - 00000000 ____D () C:\Users\user\AppData\Local\Boxore 2015-04-28 20:11 - 2015-04-28 20:11 - 00000000 ____D () C:\Program Files (x86)\app_setup 2015-04-28 20:10 - 2015-04-28 22:15 - 00000000 ____D () C:\Program Files (x86)\Software 2015-04-28 20:10 - 2015-04-28 20:10 - 00000000 ____D () C:\Users\user\AppData\Local\Software 2015-04-19 14:20 - 2015-04-19 14:20 - 00005872 ____N () C:\Users\user\AppData\Roaming\VvZkyzn6 2015-04-28 21:23 - 2014-12-15 00:19 - 00000000 ____D () C:\Users\user\AppData\Roaming\BrowserExtensions Task: {066C98E9-43D2-49E2-98AF-9244BB909DBF} - System32\Tasks\8fda1737-f699-4f2d-aa43-ddee0fcd38fb-7 => C:\Program Files (x86)\I - Cinema\8fda1737-f699-4f2d-aa43-ddee0fcd38fb-7.exe <==== ATTENTION Task: {13B21445-D7AF-4D78-A819-CFA86B42C6B4} - System32\Tasks\545b980c-7c8e-4ab9-8397-ec778d81a535-1-6 => C:\Program Files (x86)\CinPlus_HD-4.1cV28.04\545b980c-7c8e-4ab9-8397-ec778d81a535-1-6.exe <==== ATTENTION Task: {25C0D3BB-5FA8-41A7-B9E5-33ED6254046C} - System32\Tasks\8fda1737-f699-4f2d-aa43-ddee0fcd38fb-3 => C:\Program Files (x86)\I - Cinema\8fda1737-f699-4f2d-aa43-ddee0fcd38fb-3.exe <==== ATTENTION Task: {324A0D0C-CA5B-40B3-9FF7-7D1BB0C7184F} - System32\Tasks\8fda1737-f699-4f2d-aa43-ddee0fcd38fb-6 => C:\Program Files (x86)\I - Cinema\8fda1737-f699-4f2d-aa43-ddee0fcd38fb-6.exe <==== ATTENTION Task: {495891A6-3509-4EA2-B558-E71D692A9EF2} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2015-04-28] (globalUpdate) <==== ATTENTION Task: {5A53AB9D-A153-4F26-B162-228575DF22BE} - System32\Tasks\545b980c-7c8e-4ab9-8397-ec778d81a535-3 => C:\Program Files (x86)\CinPlus_HD-4.1cV28.04\545b980c-7c8e-4ab9-8397-ec778d81a535-3.exe <==== ATTENTION Task: {6A844D8A-41F7-44A9-BF75-E41681D1A50D} - System32\Tasks\VvZkyzn6 => C:\Users\user\AppData\Roaming\VvZkyzn6.exe <==== ATTENTION Task: {8FF36AA9-706B-432F-99E8-4660499B2CB9} - System32\Tasks\545b980c-7c8e-4ab9-8397-ec778d81a535-5_user => C:\Program Files (x86)\CinPlus_HD-4.1cV28.04\545b980c-7c8e-4ab9-8397-ec778d81a535-5.exe <==== ATTENTION Task: {9BE917B8-C4F2-4AB9-8E63-BB0A69F3A14D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {9CC2A015-3508-4A8F-AEAD-A9FEDF3BD039} - System32\Tasks\545b980c-7c8e-4ab9-8397-ec778d81a535-1-7 => C:\Program Files (x86)\CinPlus_HD-4.1cV28.04\545b980c-7c8e-4ab9-8397-ec778d81a535-1-7.exe <==== ATTENTION Task: {B1243AD8-4F81-4563-A433-967597AB3091} - System32\Tasks\545b980c-7c8e-4ab9-8397-ec778d81a535-10_user => C:\Program Files (x86)\CinPlus_HD-4.1cV28.04\545b980c-7c8e-4ab9-8397-ec778d81a535-10.exe <==== ATTENTION Task: {BD16F49B-F8CB-40D7-A104-90EDEAD3A37C} - System32\Tasks\545b980c-7c8e-4ab9-8397-ec778d81a535-5 => C:\Program Files (x86)\CinPlus_HD-4.1cV28.04\545b980c-7c8e-4ab9-8397-ec778d81a535-5.exe <==== ATTENTION Task: {BE8837D0-1EA8-43D5-A147-4A23AEBC4550} - System32\Tasks\545b980c-7c8e-4ab9-8397-ec778d81a535-6 => C:\Program Files (x86)\CinPlus_HD-4.1cV28.04\545b980c-7c8e-4ab9-8397-ec778d81a535-6.exe <==== ATTENTION Task: {D63BEE81-85ED-4AC1-ACB2-B68C9350626F} - System32\Tasks\8fda1737-f699-4f2d-aa43-ddee0fcd38fb-1-7 => C:\Program Files (x86)\I - Cinema\8fda1737-f699-4f2d-aa43-ddee0fcd38fb-1-7.exe <==== ATTENTION Task: {DEB3954A-1BB6-4E7D-82F6-3453E50A5427} - System32\Tasks\8fda1737-f699-4f2d-aa43-ddee0fcd38fb-1-6 => C:\Program Files (x86)\I - Cinema\8fda1737-f699-4f2d-aa43-ddee0fcd38fb-1-6.exe <==== ATTENTION Task: {E7F1E557-2ECC-45FD-897D-9A6D9AF9D753} - System32\Tasks\8fda1737-f699-4f2d-aa43-ddee0fcd38fb-5_user => C:\Program Files (x86)\I - Cinema\8fda1737-f699-4f2d-aa43-ddee0fcd38fb-5.exe <==== ATTENTION Task: {EA301C2A-11CE-4655-965F-2000987FC1A8} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2015-04-28] (globalUpdate) <==== ATTENTION Task: {ED025D9A-2DF5-4782-8EEF-311D44606EAD} - System32\Tasks\545b980c-7c8e-4ab9-8397-ec778d81a535-7 => C:\Program Files (x86)\CinPlus_HD-4.1cV28.04\545b980c-7c8e-4ab9-8397-ec778d81a535-7.exe <==== ATTENTION Task: {F0857F60-D6FD-4D32-AF85-D209CCEFE186} - System32\Tasks\{50464AA3-70D4-42D1-A935-F66CA3D5E434} => Chrome.exe http://ui.skype.com/ui/0/7.0.0.102/fr/abandoninstall?source=lightinstaller&page=tsInstall Task: {F269DC05-6620-496F-9DBB-06A148B85F3D} - System32\Tasks\8fda1737-f699-4f2d-aa43-ddee0fcd38fb-10_user => C:\Program Files (x86)\I - Cinema\8fda1737-f699-4f2d-aa43-ddee0fcd38fb-10.exe <==== ATTENTION Task: C:\Windows\Tasks\545b980c-7c8e-4ab9-8397-ec778d81a535-1-6.job => C:\Program Files (x86)\CinPlus_HD-4.1cV28.04\545b980c-7c8e-4ab9-8397-ec778d81a535-1-6.exe <==== ATTENTION Task: C:\Windows\Tasks\545b980c-7c8e-4ab9-8397-ec778d81a535-1-7.job => C:\Program Files (x86)\CinPlus_HD-4.1cV28.04\545b980c-7c8e-4ab9-8397-ec778d81a535-1-7.exe <==== ATTENTION Task: C:\Windows\Tasks\545b980c-7c8e-4ab9-8397-ec778d81a535-10_user.job => C:\Program Files (x86)\CinPlus_HD-4.1cV28.04\545b980c-7c8e-4ab9-8397-ec778d81a535-10.exe <==== ATTENTION Task: C:\Windows\Tasks\545b980c-7c8e-4ab9-8397-ec778d81a535-3.job => C:\Program Files (x86)\CinPlus_HD-4.1cV28.04\545b980c-7c8e-4ab9-8397-ec778d81a535-3.exe <==== ATTENTION Task: C:\Windows\Tasks\545b980c-7c8e-4ab9-8397-ec778d81a535-5.job => C:\Program Files (x86)\CinPlus_HD-4.1cV28.04\545b980c-7c8e-4ab9-8397-ec778d81a535-5.exe <==== ATTENTION Task: C:\Windows\Tasks\545b980c-7c8e-4ab9-8397-ec778d81a535-5_user.job => C:\Program Files (x86)\CinPlus_HD-4.1cV28.04\545b980c-7c8e-4ab9-8397-ec778d81a535-5.exe <==== ATTENTION Task: C:\Windows\Tasks\545b980c-7c8e-4ab9-8397-ec778d81a535-6.job => C:\Program Files (x86)\CinPlus_HD-4.1cV28.04\545b980c-7c8e-4ab9-8397-ec778d81a535-6.exe <==== ATTENTION Task: C:\Windows\Tasks\545b980c-7c8e-4ab9-8397-ec778d81a535-7.job => C:\Program Files (x86)\CinPlus_HD-4.1cV28.04\545b980c-7c8e-4ab9-8397-ec778d81a535-7.exe <==== ATTENTION Task: C:\Windows\Tasks\8fda1737-f699-4f2d-aa43-ddee0fcd38fb-1-6.job => C:\Program Files (x86)\I - Cinema\8fda1737-f699-4f2d-aa43-ddee0fcd38fb-1-6.exe <==== ATTENTION Task: C:\Windows\Tasks\8fda1737-f699-4f2d-aa43-ddee0fcd38fb-1-7.job => C:\Program Files (x86)\I - Cinema\8fda1737-f699-4f2d-aa43-ddee0fcd38fb-1-7.exe <==== ATTENTION Task: C:\Windows\Tasks\8fda1737-f699-4f2d-aa43-ddee0fcd38fb-10_user.job => C:\Program Files (x86)\I - Cinema\8fda1737-f699-4f2d-aa43-ddee0fcd38fb-10.exe <==== ATTENTION Task: C:\Windows\Tasks\8fda1737-f699-4f2d-aa43-ddee0fcd38fb-3.job => C:\Program Files (x86)\I - Cinema\8fda1737-f699-4f2d-aa43-ddee0fcd38fb-3.exe <==== ATTENTION Task: C:\Windows\Tasks\8fda1737-f699-4f2d-aa43-ddee0fcd38fb-5_user.job => C:\Program Files (x86)\I - Cinema\8fda1737-f699-4f2d-aa43-ddee0fcd38fb-5.exe <==== ATTENTION Task: C:\Windows\Tasks\8fda1737-f699-4f2d-aa43-ddee0fcd38fb-6.job => C:\Program Files (x86)\I - Cinema\8fda1737-f699-4f2d-aa43-ddee0fcd38fb-6.exe <==== ATTENTION Task: C:\Windows\Tasks\8fda1737-f699-4f2d-aa43-ddee0fcd38fb-7.job => C:\Program Files (x86)\I - Cinema\8fda1737-f699-4f2d-aa43-ddee0fcd38fb-7.exe <==== ATTENTION Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION ask: C:\Windows\Tasks\VvZkyzn6.job => C:\Users\user\AppData\Roaming\VvZkyzn6.exe <==== ATTENTION Une fois, le texte coller dans le bloc-note. Menu Fichier puis Enregistrer sous. A gauche, place toi sur le bureau. Dans le champs en bas, nom du fichier mets : fixlist.txt Clic sur Enregistrer - cela va créer un fichier fixlist.txt sur le bureau. Relance FRST et clic sur le bouton Fix Selon comment un redémarrage est nécessaire (pas obligatoire). Un fichier texte apparaît, copie/colle le contenu ici dans un nouveau message. Redémarre l'ordinateur puis réinitialise tes navigateurs: ================================== Réinitialise tes navigateurs et ou manuellement reparamètre tes navigateurs WEB (page de démarrage, moteur de recherche etc) mais aussi supprimer/désactiver les extensions inutiles/parasites : Firefox : https://www.malekal.com/reparer-firefox/?t=36057&start= Google Chrome : https://www.malekal.com/reparer-google-chrome/?t=35837&start= Internet Explorer et modules complémentaires / moteurs de recherche : https://forum.malekal.com/viewtopic.php?t=41399&start=

clementedc · Answer

Merci, il me semble qu'ils sont partis.
Il reste Tencent dessus, est-ce que tu saurais comment le désinstaller?

Malekal_morte- · Answer

y a des trucs que FRST n'a pas dû réussir à supprimer.

Ce n'est pas possible de faire une restauration du système à une date antérieur à l'installation de tous ces programmes ?

=> https://www.malekal.com/restauration-systeme-windows/

Malware Baidu

5 réponses

Discussions similaires