PC virusé je ne m'en sors pas, help !

Résolu/Fermé
Signaler
Messages postés
3
Date d'inscription
dimanche 10 mai 2015
Statut
Membre
Dernière intervention
10 mai 2015
-
Messages postés
180254
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
26 mars 2021
-
Bonjour,
voici plusieurs semaines que je n'arrive pas à me débarrasser d'un ou plusieurs virus qui installent sans cesse des applications ou programmes non désirés. J'utilise ccleaner, adwcleaner, je désinstalle manuellement, je supprime les modules non désirés sur internet mais rien y fait ils reviennent toujours. Voici le lien du dernier rapport adwcleaner, si quelqu'un peut y jeter un coup d'oeil pour m'aider à me débarrasser de tout ça, ça serait vraiment top ! Merci par avance.
https://pjjoint.malekal.com/files.php?id=20150510_v14k10d10l5e8

6 réponses

Messages postés
180254
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
26 mars 2021
24 412
Salut,

Suis ce tutoriel FRST: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/
(et bien prendre le temps de lire afin d'appliquer correctement - tout y est expliqué).
Télécharge et lance le scan FRST, cela va générer trois rapports FRST :
  • FRST.txt
  • Shortcut.txt
  • Additionnal.txt


Envoie, comme expliqué, ces trois rapports sur le site http://pjjoint.malekal.com et en retour donne les trois liens pjjoint qui mènent à ses rapports ici dans une nouvelle réponse afin que l'on puisse les consulter.

Messages postés
3
Date d'inscription
dimanche 10 mai 2015
Statut
Membre
Dernière intervention
10 mai 2015

Messages postés
180254
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
26 mars 2021
24 412
Voici la correction à effectuer avec FRST.
Tu peux t'inspirer de cette note explicative avec des captures d'écran pour t'aider: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/#fix

Ouvre le bloc-notes : Touche Windows + R, dans le champs executer, tape notepad et OK.
Copie/colle dedans ce qui suit :


HKLM\...\Run: [fst_fr_397] => [X]
HKLM\...\Run: [fst_fr_398] => [X]
HKLM\...\Run: [fst_fr_405] => [X]
HKLM\...\Run: [mbot_fr_590] => [X]
HKLM\...\Run: [gmsd_fr_416] => [X]
HKLM\...\Run: [gmsd_fr_433] => [X]
HKLM\...\Run: [gmsd_fr_486] => [X]
HKLM\...\Run: [gmsd_fr_495] => [X]
HKLM\...\Run: [gmsd_fr_517] => [X]
HKLM\...\Run: [gmsd_fr_520] => [X]
FF Extension: I - Cinema - C:\Users\elsuf et rouf\AppData\Roaming\Mozilla\Firefox\Profiles\7h533ect.default-1429636306396\Extensions\MGKN37049485@ACPSC11936960.com [2015-05-10]
S2 insvc_1.10.0.14; C:\Program Files\Infonaut_1.10.0.14\Service\insvc.exe [X]
S2 juboloso; C:\Users\elsuf et rouf\AppData\Roaming\CFC48600-1430660949-1013-B01A-C39E29C34EA2\nsoD2D.tmp [X]
S2 pylizyku; C:\Users\elsuf et rouf\AppData\Roaming\CFC48600-1430660949-1013-B01A-C39E29C34EA2\jnsyEB79.tmp [X]
S2 vylonomo; C:\Users\elsuf et rouf\AppData\Roaming\CFC48600-1428932942-1013-B01A-C39E29C34EA2\nsc2A1B.tmp [X]
S2 xogusefu; C:\Users\elsuf et rouf\AppData\Roaming\CFC48600-1428932942-1013-B01A-C39E29C34EA2\jnsoAD17.tmp [X]
R1 innfd_1_10_0_14; C:\Windows\System32\drivers\innfd_1_10_0_14.sys [52720 2015-04-10] (Infonaut)
2015-05-09 11:43 - 2015-05-09 11:43 - 00613255 _____ (CMI Limited) C:\Users\elsuf et rouf\AppData\Local\nse494E.tmp
2015-05-09 11:42 - 2015-05-10 11:48 - 00001028 _____ () C:\Windows\Tasks\CH9LNxta1twV.job
2015-05-09 11:01 - 2015-05-09 11:01 - 00613255 _____ (CMI Limited) C:\Users\elsuf et rouf\AppData\Local\nsg14B3.tmp
2015-05-09 10:59 - 2015-05-10 11:48 - 00001032 _____ () C:\Windows\Tasks\mFOVoJWM2b5X8b.job
2015-05-09 08:36 - 2015-05-10 11:48 - 00001022 _____ () C:\Windows\Tasks\eOJ1pUo2v.job
2015-05-07 01:20 - 2015-05-07 01:20 - 00000000 ____D () C:\Users\elsuf et rouf\AppData\Local\ZombieNews
2015-05-07 01:19 - 2015-05-07 01:19 - 00000000 ____D () C:\ProgramData\ZombieNews
2015-05-07 01:05 - 2015-05-10 11:48 - 00001026 _____ () C:\Windows\Tasks\d33uBBg7Tqj.job
2015-05-06 18:33 - 2015-05-06 18:33 - 00000000 ____D () C:\Windows\system32\Flash
2015-05-06 18:31 - 2015-05-06 18:31 - 00613255 _____ (CMI Limited) C:\Users\elsuf et rouf\AppData\Local\nsu3D5E.tmp
2015-05-03 15:53 - 2015-05-03 16:44 - 00000000 ____D () C:\Users\elsuf et rouf\AppData\Local\CFC48600-1430668431-1013-B01A-C39E29C34EA2
2015-05-03 15:52 - 2015-05-10 11:39 - 00000004 _____ () C:\Windows\system32\029B560A371F4E00AB32838EBC01B9E7
2015-05-03 15:50 - 2015-05-03 15:51 - 00000000 ____D () C:\Users\elsuf et rouf\AppData\Local\CFC48600-1430668258-1013-B01A-C39E29C34EA2
2015-04-20 16:05 - 2015-04-20 16:05 - 01246720 _____ () C:\Users\elsuf et rouf\AppData\Roaming\mFOVoJWM2b5X8b.exe
2015-04-20 16:05 - 2015-04-20 16:05 - 01246720 _____ () C:\Users\elsuf et rouf\AppData\Roaming\eOJ1pUo2v.exe
2015-04-20 16:05 - 2015-04-20 16:05 - 01246720 _____ () C:\Users\elsuf et rouf\AppData\Roaming\d33uBBg7Tqj.exe
2015-04-20 16:05 - 2015-04-20 16:05 - 01246720 _____ () C:\Users\elsuf et rouf\AppData\Roaming\CH9LNxta1twV.exe
2015-04-15 10:27 - 2015-04-15 10:27 - 00000000 ____D () C:\ProgramData\The AdBlocker
2015-04-15 10:06 - 2015-04-15 10:06 - 00000000 ____D () C:\Program Files\ProcessModule
2015-04-14 18:28 - 2015-04-14 18:28 - 00004387 _____ () C:\Users\elsuf et rouf\AppData\Roaming\mFOVoJWM2b5X8b
2015-04-14 18:28 - 2015-04-14 18:28 - 00004387 _____ () C:\Users\elsuf et rouf\AppData\Roaming\eOJ1pUo2v
2015-04-14 18:28 - 2015-04-14 18:28 - 00004387 _____ () C:\Users\elsuf et rouf\AppData\Roaming\d33uBBg7Tqj
2015-04-14 18:28 - 2015-04-14 18:28 - 00004387 _____ () C:\Users\elsuf et rouf\AppData\Roaming\CH9LNxta1twV
2015-04-13 20:47 - 2015-04-13 20:47 - 00613255 _____ (CMI Limited) C:\Users\elsuf et rouf\AppData\Local\nsd5F82.tmp
2015-04-13 17:04 - 2015-04-13 17:04 - 00628688 _____ (CMI Limited) C:\Users\elsuf et rouf\AppData\Local\nsvEC32.tmp
2015-04-13 15:54 - 2015-04-13 16:00 - 00000000 ____D () C:\Users\elsuf et rouf\AppData\Local\CFC48600-1428940452-1013-B01A-C39E29C34EA2
2015-04-13 15:47 - 2015-04-13 15:47 - 00000000 ____D () C:\ProgramData\dd260b3663ea45b0871b6ee4108ab44b
2015-04-13 15:47 - 2015-04-13 15:47 - 00000000 ____D () C:\ProgramData\55b013472cad4f98807ec39918cdbd6f
2015-04-13 15:45 - 2015-04-14 01:50 - 00000000 ____D () C:\Program Files\Software
2015-04-10 21:56 - 2015-04-10 21:56 - 00052720 _____ (Infonaut) C:\Windows\system32\Drivers\innfd_1_10_0_14.sys
2015-04-10 22:37 - 2014-12-01 20:36 - 00000000 ____D () C:\ProgramData\23405448
Task: {34E1F2D2-ADBA-4B3A-AC5A-70AD176FF46D} - System32\Tasks\PC-Doctor\Scheduled Maintenance => C:\Program Files\PC-Doctor 5 for Windows\RunProfiler.exe [2008-03-13] (PC-Doctor, Inc.)
Task: {36FB238F-C939-48AC-826D-05B49AA33EA8} - System32\Tasks\CH9LNxta1twV => C:\Users\elsuf et rouf\AppData\Roaming\CH9LNxta1twV.exe [2015-04-20] () <==== ATTENTION
Task: {40D511CB-D757-481A-A11B-A805866F25CB} - System32\Tasks\eOJ1pUo2v => C:\Users\elsuf et rouf\AppData\Roaming\eOJ1pUo2v.exe [2015-04-20] () <==== ATTENTION
Task: {41B8C1E2-D0AC-411F-AE76-759C7127D298} - System32\Tasks\SpyHunter3 => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter3.exe
Task: {4E2EEFA4-B3F6-4142-99A3-1649F2243ACE} - System32\Tasks\PC-Doctor\Scheduled Maintenance Swap => C:\Program Files\PC-Doctor 5 for Windows\task_swap.exe [2008-03-13] (PC-Doctor, Inc.)
Task: {5E367F69-5A71-4F3D-B44E-9FD78C4EACF0} - System32\Tasks\{EBAF8D6E-3619-4B3D-BBCD-FFBA13E54DE0} => pcalua.exe -a E:\installer.exe -d E:\
Task: {740F5C1B-3D71-4DC0-91B6-EDDDC934FCA7} - System32\Tasks\amiupdaterExi => C:\Users\ELSUFE~1\AppData\Local\Temp\amiupdater160.exe <==== ATTENTION
Task: {957A35DE-3E09-4DEE-9E56-AEA0A0F55327} - System32\Tasks\CS => C:\Program Files\CS\cs.exe
Task: {A09DC90F-DEFD-48B0-93B2-63037B3F32F0} - System32\Tasks\PenWes => C:\Program Files\PenWes\penwes.exe <==== ATTENTION
Task: {B2CFA407-A3FA-41DD-9B8B-43F86659B7AF} - System32\Tasks\PRJUI => C:\ProgramData\55b013472cad4f98807ec39918cdbd6f\55b013472cad4f98807ec39918cdbd6f.exe [2015-04-12] ()
Task: {BA09C263-AB1F-481E-903A-8B1DC3F77475} - System32\Tasks\d33uBBg7Tqj => C:\Users\elsuf et rouf\AppData\Roaming\d33uBBg7Tqj.exe [2015-04-20] () <==== ATTENTION
Task: {D0AB4F7E-FF11-4020-8F58-6348EB3B5E92} - System32\Tasks\mFOVoJWM2b5X8b => C:\Users\elsuf et rouf\AppData\Roaming\mFOVoJWM2b5X8b.exe [2015-04-20] () <==== ATTENTION
Task: C:\Windows\Tasks\CH9LNxta1twV.job => C:\Users\elsuf et rouf\AppData\Roaming\CH9LNxta1twV.exe <==== ATTENTION
Task: C:\Windows\Tasks\CS.job => C:\Program Files\CS\cs.exe
Task: C:\Windows\Tasks\d33uBBg7Tqj.job => C:\Users\elsuf et rouf\AppData\Roaming\d33uBBg7Tqj.exe <==== ATTENTION
Task: C:\Windows\Tasks\eOJ1pUo2v.job => C:\Users\elsuf et rouf\AppData\Roaming\eOJ1pUo2v.exe <==== ATTENTION
Task: C:\Windows\Tasks\mFOVoJWM2b5X8b.job => C:\Users\elsuf et rouf\AppData\Roaming\mFOVoJWM2b5X8b.exe <==== ATTENTION

Une fois, le texte coller dans le bloc-note.
Menu Fichier puis Enregistrer sous.
A gauche, place toi sur le bureau.
Dans le champs en bas, nom du fichier mets : fixlist.txt
Clic sur Enregistrer - cela va créer un fichier fixlist.txt sur le bureau.

Relance FRST et clic sur le bouton Fix
Selon comment un redémarrage est nécessaire (pas obligatoire).
Un fichier texte apparaît, copie/colle le contenu ici dans un nouveau message.


Redémarre l'ordinateur


puis réinitialise tes navigateurs:
==================================
Réinitialise tes navigateurs et ou manuellement reparamètre tes navigateurs WEB (page de démarrage, moteur de recherche etc) mais aussi supprimer/désactiver les extensions inutiles/parasites :

~~~

Désinstalle Microsoft Security Essentials.
installe Avast! : https://www.malekal.com/tutoriel-antivirus-avast/
(Surtout active les détections LPIs pour détecter les programmes parasites et publicitaires)

Voici le nouveau rapport :

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 09-05-2015
Ran by elsuf et rouf at 2015-05-10 13:42:07 Run:1
Running from C:\Users\elsuf et rouf\Desktop
Loaded Profiles: elsuf et rouf (Available profiles: elsuf et rouf)
Boot Mode: Normal

==============================================

Content of fixlist:

HKLM\...\Run: [fst_fr_397] => [X]
HKLM\...\Run: [fst_fr_398] => [X]
HKLM\...\Run: [fst_fr_405] => [X]
HKLM\...\Run: [mbot_fr_590] => [X]
HKLM\...\Run: [gmsd_fr_416] => [X]
HKLM\...\Run: [gmsd_fr_433] => [X]
HKLM\...\Run: [gmsd_fr_486] => [X]
HKLM\...\Run: [gmsd_fr_495] => [X]
HKLM\...\Run: [gmsd_fr_517] => [X]
HKLM\...\Run: [gmsd_fr_520] => [X]
FF Extension: I - Cinema - C:\Users\elsuf et rouf\AppData\Roaming\Mozilla\Firefox\Profiles\7h533ect.default-1429636306396\Extensions\***@*** [2015-05-10]
S2 insvc_1.10.0.14; C:\Program Files\Infonaut_1.10.0.14\Service\insvc.exe [X]
S2 juboloso; C:\Users\elsuf et rouf\AppData\Roaming\CFC48600-1430660949-1013-B01A-C39E29C34EA2\nsoD2D.tmp [X]
S2 pylizyku; C:\Users\elsuf et rouf\AppData\Roaming\CFC48600-1430660949-1013-B01A-C39E29C34EA2\jnsyEB79.tmp [X]
S2 vylonomo; C:\Users\elsuf et rouf\AppData\Roaming\CFC48600-1428932942-1013-B01A-C39E29C34EA2\nsc2A1B.tmp [X]
S2 xogusefu; C:\Users\elsuf et rouf\AppData\Roaming\CFC48600-1428932942-1013-B01A-C39E29C34EA2\jnsoAD17.tmp [X]
R1 innfd_1_10_0_14; C:\Windows\System32\drivers\innfd_1_10_0_14.sys [52720 2015-04-10] (Infonaut)
2015-05-09 11:43 - 2015-05-09 11:43 - 00613255 _____ (CMI Limited) C:\Users\elsuf et rouf\AppData\Local\nse494E.tmp
2015-05-09 11:42 - 2015-05-10 11:48 - 00001028 _____ () C:\Windows\Tasks\CH9LNxta1twV.job
2015-05-09 11:01 - 2015-05-09 11:01 - 00613255 _____ (CMI Limited) C:\Users\elsuf et rouf\AppData\Local\nsg14B3.tmp
2015-05-09 10:59 - 2015-05-10 11:48 - 00001032 _____ () C:\Windows\Tasks\mFOVoJWM2b5X8b.job
2015-05-09 08:36 - 2015-05-10 11:48 - 00001022 _____ () C:\Windows\Tasks\eOJ1pUo2v.job
2015-05-07 01:20 - 2015-05-07 01:20 - 00000000 ____D () C:\Users\elsuf et rouf\AppData\Local\ZombieNews
2015-05-07 01:19 - 2015-05-07 01:19 - 00000000 ____D () C:\ProgramData\ZombieNews
2015-05-07 01:05 - 2015-05-10 11:48 - 00001026 _____ () C:\Windows\Tasks\d33uBBg7Tqj.job
2015-05-06 18:33 - 2015-05-06 18:33 - 00000000 ____D () C:\Windows\system32\Flash
2015-05-06 18:31 - 2015-05-06 18:31 - 00613255 _____ (CMI Limited) C:\Users\elsuf et rouf\AppData\Local\nsu3D5E.tmp
2015-05-03 15:53 - 2015-05-03 16:44 - 00000000 ____D () C:\Users\elsuf et rouf\AppData\Local\CFC48600-1430668431-1013-B01A-C39E29C34EA2
2015-05-03 15:52 - 2015-05-10 11:39 - 00000004 _____ () C:\Windows\system32\029B560A371F4E00AB32838EBC01B9E7
2015-05-03 15:50 - 2015-05-03 15:51 - 00000000 ____D () C:\Users\elsuf et rouf\AppData\Local\CFC48600-1430668258-1013-B01A-C39E29C34EA2
2015-04-20 16:05 - 2015-04-20 16:05 - 01246720 _____ () C:\Users\elsuf et rouf\AppData\Roaming\mFOVoJWM2b5X8b.exe
2015-04-20 16:05 - 2015-04-20 16:05 - 01246720 _____ () C:\Users\elsuf et rouf\AppData\Roaming\eOJ1pUo2v.exe
2015-04-20 16:05 - 2015-04-20 16:05 - 01246720 _____ () C:\Users\elsuf et rouf\AppData\Roaming\d33uBBg7Tqj.exe
2015-04-20 16:05 - 2015-04-20 16:05 - 01246720 _____ () C:\Users\elsuf et rouf\AppData\Roaming\CH9LNxta1twV.exe
2015-04-15 10:27 - 2015-04-15 10:27 - 00000000 ____D () C:\ProgramData\The AdBlocker
2015-04-15 10:06 - 2015-04-15 10:06 - 00000000 ____D () C:\Program Files\ProcessModule
2015-04-14 18:28 - 2015-04-14 18:28 - 00004387 _____ () C:\Users\elsuf et rouf\AppData\Roaming\mFOVoJWM2b5X8b
2015-04-14 18:28 - 2015-04-14 18:28 - 00004387 _____ () C:\Users\elsuf et rouf\AppData\Roaming\eOJ1pUo2v
2015-04-14 18:28 - 2015-04-14 18:28 - 00004387 _____ () C:\Users\elsuf et rouf\AppData\Roaming\d33uBBg7Tqj
2015-04-14 18:28 - 2015-04-14 18:28 - 00004387 _____ () C:\Users\elsuf et rouf\AppData\Roaming\CH9LNxta1twV
2015-04-13 20:47 - 2015-04-13 20:47 - 00613255 _____ (CMI Limited) C:\Users\elsuf et rouf\AppData\Local\nsd5F82.tmp
2015-04-13 17:04 - 2015-04-13 17:04 - 00628688 _____ (CMI Limited) C:\Users\elsuf et rouf\AppData\Local\nsvEC32.tmp
2015-04-13 15:54 - 2015-04-13 16:00 - 00000000 ____D () C:\Users\elsuf et rouf\AppData\Local\CFC48600-1428940452-1013-B01A-C39E29C34EA2
2015-04-13 15:47 - 2015-04-13 15:47 - 00000000 ____D () C:\ProgramData\dd260b3663ea45b0871b6ee4108ab44b
2015-04-13 15:47 - 2015-04-13 15:47 - 00000000 ____D () C:\ProgramData\55b013472cad4f98807ec39918cdbd6f
2015-04-13 15:45 - 2015-04-14 01:50 - 00000000 ____D () C:\Program Files\Software
2015-04-10 21:56 - 2015-04-10 21:56 - 00052720 _____ (Infonaut) C:\Windows\system32\Drivers\innfd_1_10_0_14.sys
2015-04-10 22:37 - 2014-12-01 20:36 - 00000000 ____D () C:\ProgramData\23405448
Task: {34E1F2D2-ADBA-4B3A-AC5A-70AD176FF46D} - System32\Tasks\PC-Doctor\Scheduled Maintenance => C:\Program Files\PC-Doctor 5 for Windows\RunProfiler.exe [2008-03-13] (PC-Doctor, Inc.)
Task: {36FB238F-C939-48AC-826D-05B49AA33EA8} - System32\Tasks\CH9LNxta1twV => C:\Users\elsuf et rouf\AppData\Roaming\CH9LNxta1twV.exe [2015-04-20] () <==== ATTENTION
Task: {40D511CB-D757-481A-A11B-A805866F25CB} - System32\Tasks\eOJ1pUo2v => C:\Users\elsuf et rouf\AppData\Roaming\eOJ1pUo2v.exe [2015-04-20] () <==== ATTENTION
Task: {41B8C1E2-D0AC-411F-AE76-759C7127D298} - System32\Tasks\SpyHunter3 => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter3.exe
Task: {4E2EEFA4-B3F6-4142-99A3-1649F2243ACE} - System32\Tasks\PC-Doctor\Scheduled Maintenance Swap => C:\Program Files\PC-Doctor 5 for Windows\task_swap.exe [2008-03-13] (PC-Doctor, Inc.)
Task: {5E367F69-5A71-4F3D-B44E-9FD78C4EACF0} - System32\Tasks\{EBAF8D6E-3619-4B3D-BBCD-FFBA13E54DE0} => pcalua.exe -a E:\installer.exe -d E:\
Task: {740F5C1B-3D71-4DC0-91B6-EDDDC934FCA7} - System32\Tasks\amiupdaterExi => C:\Users\ELSUFE~1\AppData\Local\Temp\amiupdater160.exe <==== ATTENTION
Task: {957A35DE-3E09-4DEE-9E56-AEA0A0F55327} - System32\Tasks\CS => C:\Program Files\CS\cs.exe
Task: {A09DC90F-DEFD-48B0-93B2-63037B3F32F0} - System32\Tasks\PenWes => C:\Program Files\PenWes\penwes.exe <==== ATTENTION
Task: {B2CFA407-A3FA-41DD-9B8B-43F86659B7AF} - System32\Tasks\PRJUI => C:\ProgramData\55b013472cad4f98807ec39918cdbd6f\55b013472cad4f98807ec39918cdbd6f.exe [2015-04-12] ()
Task: {BA09C263-AB1F-481E-903A-8B1DC3F77475} - System32\Tasks\d33uBBg7Tqj => C:\Users\elsuf et rouf\AppData\Roaming\d33uBBg7Tqj.exe [2015-04-20] () <==== ATTENTION
Task: {D0AB4F7E-FF11-4020-8F58-6348EB3B5E92} - System32\Tasks\mFOVoJWM2b5X8b => C:\Users\elsuf et rouf\AppData\Roaming\mFOVoJWM2b5X8b.exe [2015-04-20] () <==== ATTENTION
Task: C:\Windows\Tasks\CH9LNxta1twV.job => C:\Users\elsuf et rouf\AppData\Roaming\CH9LNxta1twV.exe <==== ATTENTION
Task: C:\Windows\Tasks\CS.job => C:\Program Files\CS\cs.exe
Task: C:\Windows\Tasks\d33uBBg7Tqj.job => C:\Users\elsuf et rouf\AppData\Roaming\d33uBBg7Tqj.exe <==== ATTENTION
Task: C:\Windows\Tasks\eOJ1pUo2v.job => C:\Users\elsuf et rouf\AppData\Roaming\eOJ1pUo2v.exe <==== ATTENTION
Task: C:\Windows\Tasks\mFOVoJWM2b5X8b.job => C:\Users\elsuf et rouf\AppData\Roaming\mFOVoJWM2b5X8b.exe <==== ATTENTION


HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\fst_fr_397 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\fst_fr_398 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\fst_fr_405 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\mbot_fr_590 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\gmsd_fr_416 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\gmsd_fr_433 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\gmsd_fr_486 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\gmsd_fr_495 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\gmsd_fr_517 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\gmsd_fr_520 => value deleted successfully.
C:\Users\elsuf et rouf\AppData\Roaming\Mozilla\Firefox\Profiles\7h533ect.default-1429636306396\Extensions\***@*** => Moved successfully.
insvc_1.10.0.14 => Service deleted successfully.
juboloso => Service deleted successfully.
pylizyku => Service deleted successfully.
vylonomo => Service deleted successfully.
xogusefu => Service deleted successfully.
innfd_1_10_0_14 => Unable to stop service
innfd_1_10_0_14 => Service deleted successfully.
C:\Users\elsuf et rouf\AppData\Local\nse494E.tmp => Moved successfully.
C:\Windows\Tasks\CH9LNxta1twV.job => Moved successfully.
C:\Users\elsuf et rouf\AppData\Local\nsg14B3.tmp => Moved successfully.
C:\Windows\Tasks\mFOVoJWM2b5X8b.job => Moved successfully.
C:\Windows\Tasks\eOJ1pUo2v.job => Moved successfully.
C:\Users\elsuf et rouf\AppData\Local\ZombieNews => Moved successfully.
C:\ProgramData\ZombieNews => Moved successfully.
C:\Windows\Tasks\d33uBBg7Tqj.job => Moved successfully.
C:\Windows\system32\Flash => Moved successfully.
C:\Users\elsuf et rouf\AppData\Local\nsu3D5E.tmp => Moved successfully.
C:\Users\elsuf et rouf\AppData\Local\CFC48600-1430668431-1013-B01A-C39E29C34EA2 => Moved successfully.
C:\Windows\system32\029B560A371F4E00AB32838EBC01B9E7 => Moved successfully.
C:\Users\elsuf et rouf\AppData\Local\CFC48600-1430668258-1013-B01A-C39E29C34EA2 => Moved successfully.
C:\Users\elsuf et rouf\AppData\Roaming\mFOVoJWM2b5X8b.exe => Moved successfully.
C:\Users\elsuf et rouf\AppData\Roaming\eOJ1pUo2v.exe => Moved successfully.
C:\Users\elsuf et rouf\AppData\Roaming\d33uBBg7Tqj.exe => Moved successfully.
C:\Users\elsuf et rouf\AppData\Roaming\CH9LNxta1twV.exe => Moved successfully.
C:\ProgramData\The AdBlocker => Moved successfully.
C:\Program Files\ProcessModule => Moved successfully.
C:\Users\elsuf et rouf\AppData\Roaming\mFOVoJWM2b5X8b => Moved successfully.
C:\Users\elsuf et rouf\AppData\Roaming\eOJ1pUo2v => Moved successfully.
C:\Users\elsuf et rouf\AppData\Roaming\d33uBBg7Tqj => Moved successfully.
C:\Users\elsuf et rouf\AppData\Roaming\CH9LNxta1twV => Moved successfully.
C:\Users\elsuf et rouf\AppData\Local\nsd5F82.tmp => Moved successfully.
C:\Users\elsuf et rouf\AppData\Local\nsvEC32.tmp => Moved successfully.
C:\Users\elsuf et rouf\AppData\Local\CFC48600-1428940452-1013-B01A-C39E29C34EA2 => Moved successfully.
C:\ProgramData\dd260b3663ea45b0871b6ee4108ab44b => Moved successfully.
C:\ProgramData\55b013472cad4f98807ec39918cdbd6f => Moved successfully.
C:\Program Files\Software => Moved successfully.
C:\Windows\system32\Drivers\innfd_1_10_0_14.sys => Moved successfully.
C:\ProgramData\23405448 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{34E1F2D2-ADBA-4B3A-AC5A-70AD176FF46D}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{34E1F2D2-ADBA-4B3A-AC5A-70AD176FF46D}" => Key deleted successfully.
C:\Windows\System32\Tasks\PC-Doctor\Scheduled Maintenance => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PC-Doctor\Scheduled Maintenance" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{36FB238F-C939-48AC-826D-05B49AA33EA8}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{36FB238F-C939-48AC-826D-05B49AA33EA8}" => Key deleted successfully.
C:\Windows\System32\Tasks\CH9LNxta1twV => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CH9LNxta1twV" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{40D511CB-D757-481A-A11B-A805866F25CB}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{40D511CB-D757-481A-A11B-A805866F25CB}" => Key deleted successfully.
C:\Windows\System32\Tasks\eOJ1pUo2v => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\eOJ1pUo2v" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{41B8C1E2-D0AC-411F-AE76-759C7127D298}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{41B8C1E2-D0AC-411F-AE76-759C7127D298}" => Key deleted successfully.
C:\Windows\System32\Tasks\SpyHunter3 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SpyHunter3" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4E2EEFA4-B3F6-4142-99A3-1649F2243ACE}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4E2EEFA4-B3F6-4142-99A3-1649F2243ACE}" => Key deleted successfully.
C:\Windows\System32\Tasks\PC-Doctor\Scheduled Maintenance Swap => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PC-Doctor\Scheduled Maintenance Swap" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5E367F69-5A71-4F3D-B44E-9FD78C4EACF0}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5E367F69-5A71-4F3D-B44E-9FD78C4EACF0}" => Key deleted successfully.
C:\Windows\System32\Tasks\{EBAF8D6E-3619-4B3D-BBCD-FFBA13E54DE0} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{EBAF8D6E-3619-4B3D-BBCD-FFBA13E54DE0}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{740F5C1B-3D71-4DC0-91B6-EDDDC934FCA7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{740F5C1B-3D71-4DC0-91B6-EDDDC934FCA7}" => Key deleted successfully.
C:\Windows\System32\Tasks\amiupdaterExi => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\amiupdaterExi" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{957A35DE-3E09-4DEE-9E56-AEA0A0F55327}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{957A35DE-3E09-4DEE-9E56-AEA0A0F55327}" => Key deleted successfully.
C:\Windows\System32\Tasks\CS => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CS" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A09DC90F-DEFD-48B0-93B2-63037B3F32F0}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A09DC90F-DEFD-48B0-93B2-63037B3F32F0}" => Key deleted successfully.
C:\Windows\System32\Tasks\PenWes => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PenWes" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B2CFA407-A3FA-41DD-9B8B-43F86659B7AF}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B2CFA407-A3FA-41DD-9B8B-43F86659B7AF}" => Key deleted successfully.
C:\Windows\System32\Tasks\PRJUI => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PRJUI" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{BA09C263-AB1F-481E-903A-8B1DC3F77475}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BA09C263-AB1F-481E-903A-8B1DC3F77475}" => Key deleted successfully.
C:\Windows\System32\Tasks\d33uBBg7Tqj => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\d33uBBg7Tqj" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D0AB4F7E-FF11-4020-8F58-6348EB3B5E92}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D0AB4F7E-FF11-4020-8F58-6348EB3B5E92}" => Key deleted successfully.
C:\Windows\System32\Tasks\mFOVoJWM2b5X8b => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\mFOVoJWM2b5X8b" => Key deleted successfully.
C:\Windows\Tasks\CH9LNxta1twV.job not found.
C:\Windows\Tasks\CS.job => Moved successfully.
C:\Windows\Tasks\d33uBBg7Tqj.job not found.
C:\Windows\Tasks\eOJ1pUo2v.job not found.
C:\Windows\Tasks\mFOVoJWM2b5X8b.job not found.


The system needed a reboot.

End of Fixlog 13:42:15

Messages postés
3
Date d'inscription
dimanche 10 mai 2015
Statut
Membre
Dernière intervention
10 mai 2015

J'ai installé avast comme vous me l'avez recommandé.
Merci pour le temps que vous m'avez accordé.
Bonne continuation.
Messages postés
180254
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
26 mars 2021
24 412
Termine par un nettoyage Malwarebyte : https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
et ça devrait rouler =)

~~


Voila, c'est terminé, tu peux supprimer les programmes utilisés.

Quelques conseils :


Pour prévenir les sites malicieux, tu peux installer Blockulicious : https://forum.malekal.com/viewtopic.php?t=46656&start=


Pour ne plus te faire avoir.
A lire - Programmes parasites / PUPs : https://www.malekal.com/adwares-pup-protection/
(Surtout active les détections LPIs pour détecter les programmes parasites et publicitaires)


Le reste de la sécurité : http://forum.malekal.com/comment-securiser-son-ordinateur.html