Un virus qui fait crash mon ordi...

• FRST.txt
• Shortcut.txt
• Additionnal.txt

CreateRestorePoint:
CloseProcesses:
Task: {03F8392B-153E-4C31-B3D7-5C354D952E1A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2017-05-23] (Safer-Networking Ltd.)
Task: {0F753D3D-B248-44BE-A38A-1E65024A0081} - System32\Tasks\KlAEYQtzmHgics => rundll32 "C:\Program Files (x86)\GYHHaWMnbkQU2\spuNQUczsgWfx.dll",#1
Task: {1D2989D5-AEB9-4600-84DC-BA3D9F6787F4} - System32\Tasks\52b65092239a9a74416f58e9cb7246f1 => sc start 52b65092239a9a74416f58e9cb7246f1 <==== ATTENTION
Task: {1DA27B01-327E-49B8-A582-DE9661A42CC1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {32149A3A-BD02-4B22-9EA2-3CADE88F013D} - \System Healer Delayed -> Pas de fichier <==== ATTENTION
Task: {34418E79-9913-4BDC-8494-955F714AB7D9} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2017-05-23] (Safer-Networking Ltd.)
Task: {3609BCE2-C3B7-4843-A775-993E63093C03} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2017-05-23] (Safer-Networking Ltd.)
Task: {0F753D3D-B248-44BE-A38A-1E65024A0081} - System32\Tasks\KlAEYQtzmHgics => rundll32 "C:\Program Files (x86)\GYHHaWMnbkQU2\spuNQUczsgWfx.dll",#1
Task: {1D2989D5-AEB9-4600-84DC-BA3D9F6787F4} - System32\Tasks\52b65092239a9a74416f58e9cb7246f1 => sc start 52b65092239a9a74416f58e9cb7246f1 <==== ATTENTION
Task: {32149A3A-BD02-4B22-9EA2-3CADE88F013D} - \System Healer Delayed -> Pas de fichier <==== ATTENTION
Task: {368A5FAD-068D-4286-A780-39725BB159CE} - System32\Tasks\One System Care Delayed => C:\Program Files (x86)\OneSystemCare\OneSystemCare.exe [2018-03-29] () <==== ATTENTION
Task: {4C6E2DE2-E277-4424-8043-8F45A36DDE59} - \psv_TouchCom -> Pas de fichier <==== ATTENTION
Task: {53C649D3-F158-4D0B-9150-B1D82A93C50C} - System32\Tasks\GoogleUpdateSecurityTaskMachine_UH => C:\Users\gabii\AppData\Roaming\153ce65a32e94869808e8a5caf10d3bb\HandlerExecution.exe [2018-04-08] () <==== ATTENTION
Task: {562EFB2F-DC8D-4132-A3D2-4B1EABBD0687} - System32\Tasks\KlgKDPyHEeVbjwqnEgK2 => rundll32 "C:\Program Files (x86)\IUpWUBcycmhgC\cTlXBem.dll",#1
Task: {5E1839E3-2E09-444E-ADC7-F84DF5029A0C} - \psv_Lamlight -> Pas de fichier <==== ATTENTION
Task: {6014F900-1CE2-4F43-94A4-EA781A6FE1AC} - System32\Tasks\xRZOrQVCBWPMscb2 => rundll32 "C:\Program Files (x86)\muZPPgwvU\pNUzgf.dll",#1
Task: {67B7A9EF-EF77-43C3-B429-A58ECA1A1EE8} - System32\Tasks\Opera scheduled Autoupdate 1523192248 => C:\Users\gabii\AppData\Local\Programs\Opera\launcher.exe
Task: {6A3735DF-BA38-480C-9E8F-D3BBC9F1D158} - System32\Tasks\One System Care Monitor => C:\Program Files (x86)\OneSystemCare\CleanupConsole.exe [2018-03-29] () <==== ATTENTION
Task: {847460C7-2B81-442B-BD89-8B6884D78944} - System32\Tasks\csrss => C:\Windows\rss\csrss.exe [2018-04-08] () <==== ATTENTION
Task: {8D813A2B-D5C7-4B7F-B470-C87A6796E093} - System32\Tasks\GoogleUpdateSecurityTaskMachine_LT => C:\Users\gabii\AppData\Roaming\0de890cc07b6465baf7bb2b3b555eed0\HandlerExecution.exe [2018-04-08] () <==== ATTENTION
Task: {9B323133-8E43-4D7D-B655-43A2A2ABA67C} - \System Healer Monitor -> Pas de fichier <==== ATTENTION
Task: {A5BFE5BA-1C11-481A-9E4F-7F81221EC495} - System32\Tasks\GoogleUpdateSecurityTaskMachine_PF => C:\ProgramData\8c11690dcacd4104b6a76bc419bdca1a\HandlerExecution.exe [2018-04-08] () <==== ATTENTION
Task: {B6C93204-6C29-4E5A-813D-E450F1BC068D} - System32\Tasks\GoogleUpdateSecurityTaskMachine_XW => C:\ProgramData\08571a5b54db4cd79c57e283a41aefeb\HandlerExecution.exe [2018-04-08] () <==== ATTENTION
Task: {B8FFC045-331F-4C6F-8051-810327F29DB8} - System32\Tasks\{E5887997-6AE3-8622-85BC-D12A07C40E3C} => C:\Program Files (x86)\Common Files\ehlxvH.exe [2017-09-29] (Microsoft Corporation)
Task: {C1AB41F2-0221-4613-87C0-C66B562327BB} - \psv_Fining -> Pas de fichier <==== ATTENTION
Task: {C5EC22B6-D549-41C3-89E4-54372F5AAE5D} - System32\Tasks\ReimageUpdater => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe <==== ATTENTION
Task: {C6CFF250-6B86-4F54-A580-C847AE20BCB2} - System32\Tasks\Bill ActiveX Component => C:\Windows\system32\rundll32.exe "C:\Program Files\Bill ActiveX Component\Bill ActiveX Component.dll",UvdKGLsQtni <==== ATTENTION
Task: {C6DAD60F-1E3F-4655-826E-20BFC2FF281E} - System32\Tasks\XeRTeJCMKPYXWyYqW2 => rundll32 "C:\Program Files (x86)\FpyEWGzDFWVVpLycIFR\hncSVAf.dll",#1
Task: {D3AF97BE-861A-4751-85A8-6CFC338890DF} - System32\Tasks\GoogleUpdateSecurityTaskMachine_EM => C:\ProgramData\68672f1d5c5249c9b2b833c3d5f482cc\HandlerExecution.exe [2018-04-08] () <==== ATTENTION
Task: {D43CD768-7356-40B4-A383-C2FBB4D5891E} - System32\Tasks\{C2197A6E-988B-6589-904A-19927ABED067} => C:\Program Files (x86)\ONSYUYU.exe [2017-09-29] (Microsoft Corporation) <==== ATTENTION
Task: {F5A29EF3-AD04-4586-8E13-E59713CCCD9A} - System32\Tasks\FastDataX Task => C:\Program Files (x86)\FastDataX\FastDataX.exe [2018-04-03] () <==== ATTENTION
ShortcutWithArgument: C:\Users\gabii\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> %SNP% --disable-quic
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> %SNP% --disable-quic
ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> %SNP% --disable-quic
HKLM\...\Run: [gplyra] => C:\Users\gabii\AppData\Roaming\gplyra\gplyra\start.cmd <==== ATTENTION 
 HKLM-x32\...\Run: [Multitimer] => C:\Program Files (x86)\Multitimer\Multitimer.exe [281600 2017-12-12] ()  
 S2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [X]  
 S2 WinService; C:\Users\gabii\AppData\Local\XService\XService.dll [976384 2018-04-08] () [Fichier non signé] 
 HKLM\...\RunOnce: [vqaglla0yph] => C:\Program Files (x86)\frgtrh\90639.exe [664064 2018-04-06] ()  
HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore: [DisableSR/DisableConfig] <==== ATTENTION 
 S2 Voyasollam; C:\ProgramData\\Voyasollam\\Voyasollam.exe [1814528 2018-04-08] (TODO: <Company name>) [Fichier non signé] 
 S2 Nettrans; C:\ProgramData\PrefsSecure\Nettrans.exe [43520 2018-04-08] () [Fichier non signé] <==== ATTENTION 
 S2 saiyitechnology; C:\ProgramData\yahoochrome_D\desktop84.exe [511800 2018-02-24] (PandaViewer)  
2018-04-08 20:03 - 2018-04-08 20:03 - 000000000 ____D C:\Users\gabii\AppData\Roaming\usgc1orfbbf 
 2018-04-08 20:03 - 2018-04-08 20:03 - 000000000 ____D C:\Program Files\FF7LF86ZXU 
 2018-04-08 20:03 - 2018-04-08 20:03 - 000000000 ____D C:\Program Files (x86)\VjljmRaTOaUn 
 2018-04-08 20:03 - 2018-04-08 20:03 - 000000000 ____D C:\Program Files (x86)\oPjpQbAMIIE 
 2018-04-08 20:03 - 2018-04-08 20:03 - 000000000 ____D C:\Program Files (x86)\muZPPgwvU 
 2018-04-08 20:03 - 2018-04-08 20:03 - 000000000 ____D C:\Program Files (x86)\IUpWUBcycmhgC 
 2018-04-08 20:03 - 2018-04-08 20:03 - 000000000 ____D C:\Program Files (x86)\GYHHaWMnbkQU2 
 2018-04-08 20:03 - 2018-04-08 20:03 - 000000000 ____D C:\Program Files (x86)\FpyEWGzDFWVVpLycIFR 
 2018-04-08 19:59 - 2018-04-08 19:59 - 000848044 _____ C:\Windows\Minidump\040818-21828-01.dmp  
 2018-04-08 19:57 - 2018-04-08 19:57 - 000894812 _____ C:\Windows\Minidump\040818-21468-01.dmp  
 2018-04-08 19:57 - 2018-04-08 19:57 - 000000000 ____D C:\Users\gabii\AppData\Roaming\zkjea24tij1 
 2018-04-08 19:57 - 2018-04-08 19:57 - 000000000 ____D C:\Program Files\BLCBF4ZS7Y 
 2018-04-08 19:54 - 2018-04-08 19:54 - 000000000 ____D C:\Users\gabii\AppData\Roaming\xuj4e2r5i4m 
 2018-04-08 19:54 - 2018-04-08 19:54 - 000000000 ____D C:\Program Files\BRK6I2TDNH 
 2018-04-08 19:49 - 2018-04-08 20:05 - 000034328 _____ (Sysinternals - www.sysinternals.com) C:\Windows\system32\Drivers\PROCEXP152.SYS  
 2018-04-08 19:47 - 2018-04-08 19:47 - 001188194 _____ C:\Users\gabii\Downloads\process-explorer_16-04_fr_14566.zip  
 2018-04-08 19:44 - 2018-04-08 19:44 - 000000000 ____D C:\Users\gabii\AppData\Roaming\t1m5aans2xp 
 2018-04-08 19:44 - 2018-04-08 19:44 - 000000000 ____D C:\Program Files\CCV834LULB 
 2018-04-08 17:27 - 2018-04-08 17:27 - 000000000 ____D C:\Users\gabii\AppData\Roaming\fsg0d14ncae 
 2018-04-08 17:27 - 2018-04-08 17:27 - 000000000 ____D C:\Program Files\5C8AS7HXNQ 
 2018-04-08 17:26 - 2018-04-08 17:27 - 000806908 _____ C:\Windows\Minidump\040818-21421-01.dmp  
 2018-04-08 17:22 - 2018-04-08 17:22 - 000000000 ____D C:\Users\gabii\AppData\Roaming\q34wysh13wa 
 2018-04-08 17:22 - 2018-04-08 17:22 - 000000000 ____D C:\Program Files\DVB9RU75SZ 
 2018-04-08 17:21 - 2018-04-08 17:21 - 001655988 _____ C:\Windows\Minidump\040818-21375-01.dmp  
 2018-04-08 17:06 - 2018-04-08 17:06 - 000001460 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk 
 2018-04-08 17:06 - 2018-04-08 17:06 - 000000000 ____D C:\Windows\System32\Tasks\Safer-Networking 
 2018-04-08 17:06 - 2018-04-08 17:06 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy 
 2018-04-08 17:06 - 2018-04-08 17:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2 
 2018-04-08 17:06 - 2018-04-08 17:06 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2 
 2018-04-08 17:06 - 2017-05-23 09:22 - 000032240 _____ (Safer-Networking Ltd.) C:\Windows\system32\sdnclean64.exe  
 2018-04-08 17:05 - 2018-04-08 17:06 - 051725936 _____ (Safer-Networking Ltd. ) C:\Users\gabii\Downloads\spybotsd-2.6.46.exe 
 2018-04-08 16:51 - 2018-04-08 16:51 - 000000000 ____D C:\Users\gabii\AppData\Roaming\gplyra 
 2018-04-08 16:51 - 2018-04-08 16:51 - 000000000 ____D C:\Users\gabii\AppData\Roaming\de15ybmo30e 
 2018-04-08 16:51 - 2018-04-08 16:51 - 000000000 ____D C:\Program Files\SRZ819JDAI 
 2018-04-08 16:44 - 2018-04-08 16:44 - 000000000 ____D C:\Program Files\BTH14COLFD 
 2018-04-08 16:43 - 2018-04-08 16:43 - 000000000 ____D C:\Users\gabii\AppData\Roaming\yr0akif2lzd 
 2018-04-08 16:35 - 2018-04-08 16:35 - 000000000 ____D C:\Windows\pss  
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4174464 2017-05-23] (Safer-Networking Ltd.) 
 S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1776864 2017-05-23] (Safer-Networking Ltd.) 
 S2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2131760 2017-05-23] (Safer-Networking Ltd.) 
 S2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [233936 2017-05-23] (Safer-Networking Ltd.) 
 2018-04-08 17:06 - 2018-04-08 17:06 - 000001460 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk 
 2018-04-08 17:06 - 2018-04-08 17:06 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy 
 2018-04-08 17:06 - 2018-04-08 17:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2 
 2018-04-08 17:06 - 2018-04-08 17:06 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2 
 2018-04-08 17:05 - 2018-04-08 17:06 - 051725936 _____ (Safer-Networking Ltd. ) C:\Users\gabii\Downloads\spybotsd-2.6.46.exe 
 2018-04-08 16:25 - 2018-04-08 16:25 - 000004128 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{33FC1BD4-E6A0-4165-82C3-FDA47045A764}  
 2018-04-08 16:20 - 2018-04-08 16:20 - 000000000 ____D C:\Users\gabii\AppData\Roaming\se24hd4dpqz 
 2018-04-08 16:20 - 2018-04-08 16:20 - 000000000 ____D C:\Program Files\ZEAVI78DJL 
 2018-04-08 15:58 - 2018-04-08 15:58 - 000000000 ____D C:\Users\gabii\AppData\Roaming\is4qkbfhzcj 
 2018-04-08 15:58 - 2018-04-08 15:58 - 000000000 ____D C:\Program Files\TGFEOEDRCP 
 2018-04-08 14:57 - 2018-04-08 14:57 - 000004236 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1523192248 
 2018-04-08 14:57 - 2018-04-08 14:57 - 000000103 _____ C:\Windows\SysWOW64\del.bat  
 2018-04-08 14:57 - 2018-04-08 14:57 - 000000000 ____D C:\Users\gabii\AppData\Roaming\Opera Software  
 2018-04-08 14:57 - 2018-04-08 14:57 - 000000000 ____D C:\Users\gabii\AppData\Local\XService 
 2018-04-08 14:57 - 2018-04-08 14:57 - 000000000 ____D C:\Users\gabii\AppData\Local\Opera Software  
 2018-04-08 14:52 - 2018-04-08 14:52 - 000000000 ____D C:\Users\gabii\AppData\Roaming\wtzv4v4p1ih 
 2018-04-08 14:52 - 2018-04-08 14:52 - 000000000 ____D C:\Program Files\0J3W7604LC 
 2018-04-08 14:28 - 2018-04-08 14:28 - 000000000 ____D C:\Program Files\JVDPRBSZU9 
 2018-04-08 14:27 - 2018-04-08 14:27 - 000000000 ____D C:\Users\gabii\AppData\Roaming\pr0wcr202kp 
 2018-04-08 14:21 - 2018-04-08 14:21 - 000000000 ____D C:\Users\gabii\AppData\Roaming\ljlcbtlz0x1 
 2018-04-08 14:21 - 2018-04-08 14:21 - 000000000 ____D C:\Program Files\5052GLSA9W 
 2018-04-08 14:18 - 2018-04-08 14:18 - 000000000 ____D C:\Users\gabii\AppData\Roaming\izw31elj2pm 
 2018-04-08 14:18 - 2018-04-08 14:18 - 000000000 ____D C:\Program Files\ZSHRRC32IN 
 2018-04-08 14:10 - 2018-04-08 20:03 - 000003214 _____ C:\Windows\System32\Tasks\KlAEYQtzmHgics 
 2018-04-08 14:10 - 2018-04-08 20:03 - 000003034 _____ C:\Windows\System32\Tasks\XeRTeJCMKPYXWyYqW2 
 2018-04-08 14:10 - 2018-04-08 20:03 - 000003026 _____ C:\Windows\System32\Tasks\KlgKDPyHEeVbjwqnEgK2 
 2018-04-08 14:10 - 2018-04-08 20:03 - 000003008 _____ C:\Windows\System32\Tasks\xRZOrQVCBWPMscb2 
 2018-04-08 14:10 - 2018-04-08 14:12 - 000000000 ____D C:\Users\gabii\AppData\Roaming\ZHP  
 2018-04-08 14:10 - 2018-04-08 14:10 - 003045760 _____ C:\Users\gabii\Downloads\ZHPDiag3.exe  
 2018-04-08 14:10 - 2018-04-08 14:10 - 000000000 ____D C:\Users\gabii\AppData\Roaming\3vocxey5osn 
 2018-04-08 14:10 - 2018-04-08 14:10 - 000000000 ____D C:\Users\gabii\AppData\Local\ZHP 
 2018-04-08 14:09 - 2018-04-08 14:09 - 000000000 ____D C:\Program Files\4BH2X67WG7 
 2018-04-08 14:04 - 2018-04-08 14:04 - 000000000 ____D C:\Users\gabii\AppData\Roaming\EpicNet Inc 
 2018-04-08 14:03 - 2018-04-08 14:03 - 000000000 ____D C:\Users\gabii\AppData\Roaming\huzcivjtufj 
 2018-04-08 14:03 - 2018-04-08 14:03 - 000000000 ____D C:\Program Files\HZO74ZB77Q 
 2018-04-08 14:00 - 2018-04-08 20:07 - 000003300 _____ C:\Windows\System32\Tasks\52b65092239a9a74416f58e9cb7246f1  
 2018-04-08 14:00 - 2018-04-08 16:38 - 000015587 _____ C:\Windows\SysWOW64\findit.xml  
 2018-04-08 14:00 - 2018-04-08 14:21 - 000003448 _____ C:\Windows\System32\Tasks\One System Care Monitor 
 2018-04-08 14:00 - 2018-04-08 14:21 - 000003440 _____ C:\Windows\System32\Tasks\One System Care Delayed 
 2018-04-08 14:00 - 2018-04-08 14:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\One System Care 
 2018-04-08 14:00 - 2018-04-08 14:21 - 000000000 ____D C:\ProgramData\c93bffa3-1769-4f43-90d0-692655e2815d 
 2018-04-08 14:00 - 2018-04-08 14:21 - 000000000 ____D C:\ProgramData\647aa69a-af5e-4df8-9558-e2c4b4c57398 
 2018-04-08 14:00 - 2018-04-08 14:21 - 000000000 ____D C:\Program Files (x86)\OneSystemCare  
 2018-04-08 14:00 - 2018-04-08 14:03 - 001377280 ____H C:\Windows\windefender.exe  
 2018-04-08 14:00 - 2018-04-08 14:00 - 001907200 _____ C:\Windows\1a285abaf1e475e70a579f49a7999db9.dll  
 2018-04-08 14:00 - 2018-04-08 14:00 - 000036096 _____ C:\Windows\system32\Drivers\WinmonProcessMonitor.sys  
 2018-04-08 14:00 - 2018-04-08 14:00 - 000023272 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\WinmonFS.sys  
 2018-04-08 14:00 - 2018-04-08 14:00 - 000009352 _____ C:\Windows\system32\Drivers\Winmon.sys  
 2018-04-08 14:00 - 2018-04-08 14:00 - 000003674 _____ C:\Windows\System32\Tasks\FastDataX Task 
 2018-04-08 14:00 - 2018-04-08 14:00 - 000000000 ____D C:\Windows\SysWOW64\SSL 
 2018-04-08 14:00 - 2018-04-08 14:00 - 000000000 ____D C:\Users\gabii\AppData\Roaming\OneSystemCare 
 2018-04-08 14:00 - 2018-04-08 14:00 - 000000000 ____D C:\Users\gabii\AppData\Roaming\One System Care 
 2018-04-08 14:00 - 2018-04-08 14:00 - 000000000 ____D C:\ProgramData\Voyasollams 
 2018-04-08 14:00 - 2018-04-08 14:00 - 000000000 ____D C:\ProgramData\Logic Cramble 
 2018-04-08 14:00 - 2018-04-08 14:00 - 000000000 ____D C:\Program Files (x86)\ProxyGate 
 2018-04-08 14:00 - 2018-04-08 14:00 - 000000000 ____D C:\Program Files (x86)\FastDataX 
 2018-04-08 13:59 - 2018-04-08 20:03 - 000000000 ____D C:\ProgramData\Voyasollam 
 2018-04-08 13:59 - 2018-04-08 16:50 - 000000000 ____D C:\Program Files\52b65092239a9a74416f58e9cb7246f1  
 2018-04-08 13:59 - 2018-04-08 13:59 - 000000000 ____D C:\Users\gabii\AppData\Roaming\FastDataX 
 2018-04-08 13:59 - 2018-04-08 13:59 - 000000000 ____D C:\Users\gabii\AppData\Roaming\1gfzexngydk 
 2018-04-08 13:59 - 2018-04-08 13:59 - 000000000 ____D C:\ProgramData\PrefsSecure 
 2018-04-08 13:59 - 2018-04-08 13:59 - 000000000 ____D C:\Program Files\20ITKAWTMS 
 2018-04-08 13:58 - 2018-04-08 20:07 - 000006460 __RSH C:\ProgramData\ntuser.pol  
 2018-04-08 13:58 - 2018-04-08 20:03 - 000003270 _____ C:\Windows\System32\Tasks\csrss 
 2018-04-08 13:58 - 2018-04-08 13:58 - 000016872 _____ C:\Windows\System32\Tasks\Bill ActiveX Component 
 2018-04-08 13:57 - 2018-04-08 14:57 - 000000000 ____D C:\Users\gabii\AppData\Roaming\WidModule 
 2018-04-08 13:57 - 2018-04-08 14:57 - 000000000 ____D C:\Users\gabii\AppData\Roaming\0de890cc07b6465baf7bb2b3b555eed0  
 2018-04-08 13:57 - 2018-04-08 14:57 - 000000000 ____D C:\ProgramData\08571a5b54db4cd79c57e283a41aefeb  
 2018-04-08 13:57 - 2018-04-08 14:04 - 000000000 ____D C:\Program Files (x86)\texttotalk 
 2018-04-08 13:57 - 2018-04-08 13:57 - 000004612 _____ C:\Windows\System32\Tasks\GoogleUpdateSecurityTaskMachine_UH 
 2018-04-08 13:57 - 2018-04-08 13:57 - 000004612 _____ C:\Windows\System32\Tasks\GoogleUpdateSecurityTaskMachine_LT 
 2018-04-08 13:57 - 2018-04-08 13:57 - 000004548 _____ C:\Windows\System32\Tasks\GoogleUpdateSecurityTaskMachine_XW 
 2018-04-08 13:57 - 2018-04-08 13:57 - 000004548 _____ C:\Windows\System32\Tasks\GoogleUpdateSecurityTaskMachine_EM 
 2018-04-08 13:57 - 2018-04-08 13:57 - 000004524 _____ C:\Windows\System32\Tasks\GoogleUpdateSecurityTaskMachine_PF 
 2018-04-08 13:57 - 2018-04-08 13:57 - 000003790 _____ C:\Windows\System32\Tasks\{C2197A6E-988B-6589-904A-19927ABED067} 
 2018-04-08 13:57 - 2018-04-08 13:57 - 000003616 _____ C:\Windows\System32\Tasks\{E5887997-6AE3-8622-85BC-D12A07C40E3C} 
 2018-04-08 13:57 - 2018-04-08 13:57 - 000000000 ___HD C:\Windows\rss 
 2018-04-08 13:57 - 2018-04-08 13:57 - 000000000 ____D C:\Users\gabii\AppData\Roaming\SystemHealer 
 2018-04-08 13:57 - 2018-04-08 13:57 - 000000000 ____D C:\Users\gabii\AppData\Roaming\153ce65a32e94869808e8a5caf10d3bb  
 2018-04-08 13:57 - 2018-04-08 13:57 - 000000000 ____D C:\ProgramData\yahoochrome_D 
 2018-04-08 13:57 - 2018-04-08 13:57 - 000000000 ____D C:\ProgramData\8c11690dcacd4104b6a76bc419bdca1a  
 2018-04-08 13:57 - 2018-04-08 13:57 - 000000000 ____D C:\ProgramData\68672f1d5c5249c9b2b833c3d5f482cc  
 2018-04-08 13:57 - 2018-04-08 13:57 - 000000000 ____D C:\Program Files (x86)\PandaViewer 
 2018-04-08 13:57 - 2018-04-08 13:57 - 000000000 ____D C:\Program Files (x86)\Multitimer 
 2018-04-08 13:57 - 2018-04-08 13:57 - 000000000 ____D C:\Program Files (x86)\frgtrh 
 2018-04-08 13:57 - 2017-09-29 15:42 - 000059904 ____N (Microsoft Corporation) C:\Program Files (x86)\ONSYUYU.exe 
 2018-04-08 13:53 - 2018-04-08 13:53 - 000043520 _____ C:\Users\gabii\AppData\Local\pkunop.dll  
 2018-04-08 13:53 - 2018-04-08 13:53 - 000000000 __SHD C:\Users\gabii\AppData\Roaming\Folder 
 2018-04-08 13:53 - 2018-04-08 13:53 - 000000000 ____D C:\Users\gabii\AppData\Roaming\Clipboard 
 2018-04-08 10:51 - 2018-04-08 10:51 - 000000306 _____ C:\prefs.js 
 2018-04-07 14:26 - 2018-04-07 14:26 - 000502784 _____ C:\Windows\79174470cda43104ed91ca60394ccee7.exe  
 2018-04-07 14:26 - 2018-04-07 14:26 - 000144648 _____ C:\Windows\system32\Drivers\a499787ee89219e76973e05d6c66dc32.sys  
 S2 1a285abaf1e475e70a579f49a7999db9; C:\Windows\1a285abaf1e475e70a579f49a7999db9.dll [1907200 2018-04-08] () [Fichier non signé]  
 S2 52b65092239a9a74416f58e9cb7246f1; C:\Program Files\52b65092239a9a74416f58e9cb7246f1\3340bbabdc8162f261a1bcb192a9d41f.exe [893440 2018-04-07] () [Fichier non signé] <==== ATTENTION  
 HKLM\ DisallowedCertificates: 03D22C9C66915D58C88912B64C1F984B8344EF09 (Comodo Security Solutions) <==== ATTENTION  
 HKLM\ DisallowedCertificates: 0F684EC1163281085C6AF20528878103ACEFCAAB (F-Secure Corporation) <==== ATTENTION  
 HKLM\ DisallowedCertificates: 1667908C9E22EFBD0590E088715CC74BE4C60884 (FRISK Software International/F-Prot) <==== ATTENTION  
 HKLM\ DisallowedCertificates: 18DEA4EFA93B06AE997D234411F3FD72A677EECE (Bitdefender SRL) <==== ATTENTION  
 HKLM\ DisallowedCertificates: 2026D13756EB0DB753DF26CB3B7EEBE3E70BB2CF (G DATA Software AG) <==== ATTENTION  
 HKLM\ DisallowedCertificates: 249BDA38A611CD746A132FA2AF995A2D3C941264 (Malwarebytes Corporation) <==== ATTENTION  
 HKLM\ DisallowedCertificates: 31AC96A6C17C425222C46D55C3CCA6BA12E54DAF (Symantec Corporation) <==== ATTENTION  
 HKLM\ DisallowedCertificates: 331E2046A1CCA7BFEF766724394BE6112B4CA3F7 (Trend Micro) <==== ATTENTION  
 HKLM\ DisallowedCertificates: 3353EA609334A9F23A701B9159E30CB6C22D4C59 (Webroot Inc.) <==== ATTENTION  
 HKLM\ DisallowedCertificates: 373C33726722D3A5D1EDD1F1585D5D25B39BEA1A (SUPERAntiSpyware.com) <==== ATTENTION  
 HKLM\ DisallowedCertificates: 3850EDD77CC74EC9F4829AE406BBF9C21E0DA87F (Kaspersky Lab) <==== ATTENTION  
 HKLM\ DisallowedCertificates: 3D496FA682E65FC122351EC29B55AB94F3BB03FC (AVG Technologies CZ) <==== ATTENTION  
 HKLM\ DisallowedCertificates: 4243A03DB4C3C15149CEA8B38EEA1DA4F26BD159 (PC Tools) <==== ATTENTION  
 HKLM\ DisallowedCertificates: 42727E052C0C2E1B35AB53E1005FD9EDC9DE8F01 (K7 Computing Pvt Ltd) <==== ATTENTION  
 HKLM\ DisallowedCertificates: 4420C99742DF11DD0795BC15B7B0ABF090DC84DF (Doctor Web Ltd.) <==== ATTENTION  
 HKLM\ DisallowedCertificates: 4C0AF5719009B7C9D85C5EAEDFA3B7F090FE5FFF (Emsisoft Ltd) <==== ATTENTION  
 HKLM\ DisallowedCertificates: 5240AB5B05D11B37900AC7712A3C6AE42F377C8C (Check Point Software Technologies Ltd.) <==== ATTENTION  
 HKLM\ DisallowedCertificates: 5DD3D41810F28B2A13E9A004E6412061E28FA48D (Emsisoft Ltd) <==== ATTENTION  
 HKLM\ DisallowedCertificates: 7457A3793086DBB58B3858D6476889E3311E550E (K7 Computing Pvt Ltd) <==== ATTENTION  
 HKLM\ DisallowedCertificates: 76A9295EF4343E12DFC5FE05DC57227C1AB00D29 (BullGuard Ltd) <==== ATTENTION  
 HKLM\ DisallowedCertificates: 775B373B33B9D15B58BC02B184704332B97C3CAF (McAfee) <==== ATTENTION  
 HKLM\ DisallowedCertificates: 872CD334B7E7B3C3D1C6114CD6B221026D505EAB (Comodo Security Solutions) <==== ATTENTION  
 HKLM\ DisallowedCertificates: 88AD5DFE24126872B33175D1778687B642323ACF (McAfee) <==== ATTENTION  
 HKLM\ DisallowedCertificates: 9132E8B079D080E01D52631690BE18EBC2347C1E (Adaware Software) <==== ATTENTION  
 HKLM\ DisallowedCertificates: 982D98951CF3C0CA2A02814D474A976CBFF6BDB1 (Safer Networking Ltd.) <==== ATTENTION  
 HKLM\ DisallowedCertificates: 9A08641F7C5F2CCA0888388BE3E5DBDDAAA3B361 (Webroot Inc.) <==== ATTENTION  
 HKLM\ DisallowedCertificates: 9C43F665E690AB4D486D4717B456C5554D4BCEB5 (ThreatTrack Security) <==== ATTENTION  
 HKLM\ DisallowedCertificates: 9E3F95577B37C74CA2F70C1E1859E798B7FC6B13 (CURIOLAB S.M.B.A.) <==== ATTENTION  
 HKLM\ DisallowedCertificates: A1F8DCB086E461E2ABB4B46ADCFA0B48C58B6E99 (Avira Operations GmbH & Co. KG) <==== ATTENTION  
 HKLM\ DisallowedCertificates: A5341949ABE1407DD7BF7DFE75460D9608FBC309 (BullGuard Ltd) <==== ATTENTION  
 HKLM\ DisallowedCertificates: A59CC32724DD07A6FC33F7806945481A2D13CA2F (ESET) <==== ATTENTION  
 HKLM\ DisallowedCertificates: AB7E760DA2485EA9EF5A6EEE7647748D4BA6B947 (AVG Technologies CZ) <==== ATTENTION  
 HKLM\ DisallowedCertificates: AD4C5429E10F4FF6C01840C20ABA344D7401209F (Avast Antivirus/Software) <==== ATTENTION  
 HKLM\ DisallowedCertificates: AD96BB64BA36379D2E354660780C2067B81DA2E0 (Symantec Corporation) <==== ATTENTION  
 HKLM\ DisallowedCertificates: B8EBF0E696AF77F51C96DB4D044586E2F4F8FD84 (Malwarebytes Corporation) <==== ATTENTION  
 HKLM\ DisallowedCertificates: CDC37C22FE9272D8F2610206AD397A45040326B8 (Trend Micro) <==== ATTENTION  
 HKLM\ DisallowedCertificates: D3F78D747E7C5D6D3AE8ABFDDA7522BFB4CBD598 (Kaspersky Lab) <==== ATTENTION  
 HKLM\ DisallowedCertificates: DB303C9B61282DE525DC754A535CA2D6A9BD3D87 (ThreatTrack Security) <==== ATTENTION  
 HKLM\ DisallowedCertificates: DB77E5CFEC34459146748B667C97B185619251BA (Avast Antivirus/Software) <==== ATTENTION  
 HKLM\ DisallowedCertificates: E22240E837B52E691C71DF248F12D27F96441C00 (Total Defense, Inc.) <==== ATTENTION  
 HKLM\ DisallowedCertificates: E513EAB8610CFFD7C87E00BCA15C23AAB407FCEF (AVG Technologies CZ) <==== ATTENTION  
 HKLM\ DisallowedCertificates: ED841A61C0F76025598421BC1B00E24189E68D54 (Bitdefender SRL) <==== ATTENTION  
 HKLM\ DisallowedCertificates: F83099622B4A9F72CB5081F742164AD1B8D048C9 (ESET) <==== ATTENTION  
 HKLM\ DisallowedCertificates: FBB42F089AF2D570F2BF6F493D107A3255A9BB1A (Panda Security S.L) <==== ATTENTION  
 HKLM\ DisallowedCertificates: FFFA650F2CB2ABC0D80527B524DD3F9FC172C138 (Doctor Web Ltd.) <==== ATTENTION  
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION 
 HKU\S-1-5-21-2639807415-4272221005-408389636-1001\...\Run: [Steam] => D:\Steam\steam.exe [3199776 2018-04-03] (Valve Corporation)  
 HKU\S-1-5-21-2639807415-4272221005-408389636-1001\...\Run: [Discord] => C:\Users\gabii\AppData\Local\Discord\app-0.0.300\Discord.exe [57821176 2018-01-08] (Discord Inc.)  
 HKU\S-1-5-21-2639807415-4272221005-408389636-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Users\gabii\DAEMON Tools Lite\DTAgent.exe [729704 2018-03-21] (Disc Soft Ltd)  
 HKU\S-1-5-21-2639807415-4272221005-408389636-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize   
 HKU\S-1-5-21-2639807415-4272221005-408389636-1001\...\Run: [Windscribe] => C:\Program Files (x86)\Windscribe\Windscribe.exe [9906864 2018-03-29] (Windscribe Limited)  
 HKU\S-1-5-21-2639807415-4272221005-408389636-1001\...\Run: [pkunop] => rundll32.exe C:\Users\gabii\AppData\Local\pkunop.dll,pkunop <==== ATTENTION  
 HKU\S-1-5-21-2639807415-4272221005-408389636-1001\...\Run: [mob+-5qYiY.exe] => C:\Program Files\Windows Media Player\8U7MZGD24R91F1QMADN\mob+-5qYiY.exe [504320 2018-04-08] () 
 HKU\S-1-5-21-2639807415-4272221005-408389636-1001\...\Run: [BoldDew] => C:\Windows\rss\csrss.exe [3077632 2018-04-08] () <==== ATTENTION  
 HKU\S-1-5-21-2639807415-4272221005-408389636-1001\...\Run: [1845602] => C:\Users\gabii\AppData\Roaming\1gfzexngydk\hktqpg4iuxs.exe [554109 2018-04-08] ( ) 
 HKU\S-1-5-21-2639807415-4272221005-408389636-1001\...\Run: [PZ3A6M1ILXY2H41] => C:\Program Files\20ITKAWTMS\20ITKAWTM.exe [666112 2018-04-08] (S) 
 HKU\S-1-5-21-2639807415-4272221005-408389636-1001\...\Run: [913JYO65HH7XNY9] => C:\Program Files\HZO74ZB77Q\HZO74ZB77.exe [666112 2018-04-08] (S) 
 HKU\S-1-5-21-2639807415-4272221005-408389636-1001\...\Run: [4408131] => C:\Users\gabii\AppData\Roaming\huzcivjtufj\32wd5icvoet.exe [554109 2018-04-08] ( ) 
 HKU\S-1-5-21-2639807415-4272221005-408389636-1001\...\Run: [4XB6O1C7H57NVTZ] => C:\Program Files\4BH2X67WG7\4BH2X67WG.exe [666112 2018-04-08] (S) 
 HKU\S-1-5-21-2639807415-4272221005-408389636-1001\...\Run: [8643836] => C:\Users\gabii\AppData\Roaming\3vocxey5osn\jfcxv0i44ul.exe [554109 2018-04-08] ( ) 
 HKU\S-1-5-21-2639807415-4272221005-408389636-1001\...\Run: [CloudNet] => C:\Users\gabii\AppData\Roaming\EpicNet Inc\CloudNet\cloudnet.exe [680960 2018-04-08] (EpicNet Inc.) 
 HKU\S-1-5-21-2639807415-4272221005-408389636-1001\...\Run: [7454564] => C:\Users\gabii\AppData\Roaming\ljlcbtlz0x1\ofedo4cn5xx.exe [554109 2018-04-08] ( ) 
 HKU\S-1-5-21-2639807415-4272221005-408389636-1001\...\Run: [127VVRZVKAKFZH0] => C:\Program Files\5052GLSA9W\5052GLSA9.exe [666112 2018-04-08] () 
 HKU\S-1-5-21-2639807415-4272221005-408389636-1001\...\Run: [9848821] => C:\Users\gabii\AppData\Roaming\pr0wcr202kp\oghatkiyh5k.exe [554109 2018-04-08] ( ) 
 HKU\S-1-5-21-2639807415-4272221005-408389636-1001\...\Run: [HIBVTWXF9H5S2S1] => C:\Program Files\JVDPRBSZU9\JVDPRBSZU.exe [666112 2018-04-08] () 
 HKU\S-1-5-21-2639807415-4272221005-408389636-1001\...\Run: [7783754] => C:\Users\gabii\AppData\Roaming\wtzv4v4p1ih\igm1o2jubze.exe [554109 2018-04-08] ( ) 
 HKU\S-1-5-21-2639807415-4272221005-408389636-1001\...\Run: [9QRGPBN15O8T421] => C:\Program Files\0J3W7604LC\0J3W7604L.exe [666112 2018-04-08] () 
 HKU\S-1-5-21-2639807415-4272221005-408389636-1001\...\Run: [HRHLFTLWTH.exe] => C:\ProgramData\08571a5b54db4cd79c57e283a41aefeb\HRHLFTLWTH.exe [491008 2018-04-08] ()  
 HKU\S-1-5-21-2639807415-4272221005-408389636-1001\...\Run: [9367694] => C:\Users\gabii\AppData\Roaming\se24hd4dpqz\54p14ag2evx.exe [554109 2018-04-08] ( ) 
 HKU\S-1-5-21-2639807415-4272221005-408389636-1001\...\Run: [I4HQ27ID75MO4HE] => C:\Program Files\ZEAVI78DJL\ZEAVI78DJ.exe [666112 2018-04-08] (WZ796O56C) 
 HKU\S-1-5-21-2639807415-4272221005-408389636-1001\...\Run: [75047] => C:\Users\gabii\AppData\Roaming\yr0akif2lzd\xpzjor5uv25.exe [554109 2018-04-08] ( ) 
 HKU\S-1-5-21-2639807415-4272221005-408389636-1001\...\Run: [6TSCNBJEAU3PK36] => C:\Program Files\BTH14COLFD\BTH14COLF.exe [666112 2018-04-08] (WZ796O56C) 
 HKU\S-1-5-21-2639807415-4272221005-408389636-1001\...\Run: [3270694] => C:\Users\gabii\AppData\Roaming\de15ybmo30e\zfv3izuag3y.exe [554109 2018-04-08] ( ) 
 HKU\S-1-5-21-2639807415-4272221005-408389636-1001\...\Run: [MG1EEJQX41UZRGA] => C:\Program Files\SRZ819JDAI\SRZ819JDA.exe [666112 2018-04-08] (WZ796O56C) 
 HKU\S-1-5-21-2639807415-4272221005-408389636-1001\...\Run: [6E4BPJM3DVRG94Z] => C:\Program Files\CCV834LULB\CCV834LUL.exe [666112 2018-04-08] (0JVW75) 
 HKU\S-1-5-21-2639807415-4272221005-408389636-1001\...\Run: [9754819] => C:\Users\gabii\AppData\Roaming\t1m5aans2xp\ulqhlvt2uje.exe [554109 2018-04-08] ( ) 
 HKU\S-1-5-21-2639807415-4272221005-408389636-1001\...\Run: [7900613] => C:\Users\gabii\AppData\Roaming\zkjea24tij1\0q3o0310tsv.exe [554109 2018-04-08] ( ) 
 HKU\S-1-5-21-2639807415-4272221005-408389636-1001\...\Run: [33O2D527VON01PT] => C:\Program Files\BLCBF4ZS7Y\BLCBF4ZS7.exe [666112 2018-04-08] (0JVW75) 
 HKU\S-1-5-21-2639807415-4272221005-408389636-1001\...\Run: [1ER21KBPVZ8USHC] => C:\Program Files\FF7LF86ZXU\FF7LF86ZX.exe [666112 2018-04-08] (0JVW75) 
 HKU\S-1-5-21-2639807415-4272221005-408389636-1001\...\Run: [7350389] => C:\Users\gabii\AppData\Roaming\usgc1orfbbf\jtx25kkfwpz.exe [554109 2018-04-08] ( ) 
HKU\S-1-5-21-2639807415-4272221005-408389636-1001\...\Policies\Explorer: [NoTrayItemsDisplay] 0 
HKU\S-1-5-21-2639807415-4272221005-408389636-1001\...\Policies\Explorer: [HideClock] 0 
HKU\S-1-5-21-2639807415-4272221005-408389636-1001\...\Policies\Explorer: [HideSCANetwork] 0 
HKU\S-1-5-21-2639807415-4272221005-408389636-1001\...\Policies\Explorer: [HideSCAVolume] 0 
HKU\S-1-5-21-2639807415-4272221005-408389636-1001\...\Policies\Explorer: [NoPreviewPane] 0 
HKU\S-1-5-21-2639807415-4272221005-408389636-1001\...\Policies\Explorer: [NoWinkeys] 0 
HKU\S-1-5-21-2639807415-4272221005-408389636-1001\...\Policies\Explorer: [NoTrayContextMenu] 0 
HKU\S-1-5-21-2639807415-4272221005-408389636-1001\...\Policies\Explorer: [NoSetTaskbar] 0 
HKU\S-1-5-21-2639807415-4272221005-408389636-1001\...\Policies\Explorer: [NoViewContextMenu] 0 
 HKU\S-1-5-21-2639807415-4272221005-408389636-1001\...\MountPoints2: {110b857a-2dab-11e8-af84-0015836501b6} - F:\TmUnitedForever_Setup.exe  
 HKU\S-1-5-21-2639807415-4272221005-408389636-1001\...\MountPoints2: {11f607ae-36ab-11e8-af8b-0015836501b6} - M:\HiSuiteDownLoader.exe  
 HKU\S-1-5-18\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize   
 AppInit_DLLs: C:\ProgramData\Voyasollam\Zonenix.dll => C:\ProgramData\Voyasollam\Zonenix.dll [342528 2018-04-08] ()  
 AppInit_DLLs-x32: C:\ProgramData\Voyasollam\Jayfix.dll => C:\ProgramData\Voyasollam\Jayfix.dll [460800 2018-04-08] ()  
  EmptyTemp:
RemoveProxy:
Reboot:

• Réparer Mozilla Firefox (premier paragraphe)
• Réparer Google Chrome (seulement le premier paragraphe).
• Réinitialiser et réparer Internet Explorer