ZONE ANTIMALWARE

Le forum de Nicolas Coolman a pour objectif de détecter et d'informer sur les nouvelles menaces malwares présentes sur le web. 

Vous avez des messages d'avertissement qui s'affichent, votre système est lent à démarrer, votre navigation est redirigée.
Ce sont peut-être les signes d'une infection. Vous avez fait une analyse de votre PC et vous ne savez pas analyser le rapport.
Dans cette section, vous pouvez désinfecter gratuitement votre ordinateur.
Des experts bénévoles vous assistent et vous conseillent tout le long de votre prise en charge.
Si vous sollicitez une aide dans ce forum, évitez de faire une demande similaire dans un autre site d'assistance.
 #84427  par tiboy76
 
Bonsoir,
Mon PC est considérablement ralenti depuis quelques semaines.
Voici la configuration:
Processeur AMD A4-7300 APU Radeon HD Graphics 3.8 GHz
RAM 8 Go
Windows 10 Pro 32 Bits version 1803
Version du système d'exploitation : 17134.112

Merci de votre aide
Vincent
 #84428  par tiboy76
 
Voici le rapport CKFiles:

CKScanner 2.5 - Additional Security Risks - These are not necessarily bad
c:\windows\system32\openssh\ssh-keygen.exe
c:\windows\winsxs\x86_openssh-common-components-onecore_31bf3856ad364e35_10.0.17134.1_none_46086da0608c4d30\ssh-keygen.exe
c:\windows\winsxs\x86_openssh-common-components-onecore_31bf3856ad364e35_10.0.17134.81_none_5a654838d14c1836\ssh-keygen.exe
scanner sequence 3.CP.11.VDLBLZ
----- EOF -----
 #84429  par tiboy76
 
Et le rapport WinChk

Rapport WinChk v2.0 - 09/07/2018 à 00:09
Mis à jour le 08/07/11 à 16h par Xplode
Système d'exploitation : Windows 10 Pro (32 bits) [version 10.0.17134.112]
Nom d'utilisateur : BUREAU - BUREAU-PC (Administrateur)
Exécuté depuis : C:\Users\BUREAU\Desktop\winchk_2.0.exe


¤¤¤¤¤ Recherche | KMS ¤¤¤¤¤

... OK !

¤¤¤¤¤ Recherche | Fichiers suspect ¤¤¤¤¤

... OK !

¤¤¤¤¤ Vérification | Fichiers système ¤¤¤¤¤

... OK !

¤¤¤¤¤ Vérification | Fichier Hosts ¤¤¤¤¤

[Ligne n°23] 127.0.0.1 genuine.microsoft.com
[Ligne n°24] 127.0.0.1 mpa.one.microsoft.com
[Ligne n°25] 127.0.0.1 sls.microsoft.com

¤¤¤¤¤ Vérification | Windows Update ¤¤¤¤¤

¤ Paramètres : Les mises à jour automatiques sont activées et sont installées automatiquement.

¤ Dernière mise à jour détectée le
¤ Dernière mise à jour téléchargée le
¤ Dernière mise à jour installée le

########## EOF - "C:\WinChk.txt" - [987 octets] ##########
 #84430  par did80
 
Bonjour,

Je m'appelle Didier et je vais tenter de résoudre votre problème.

Pourriez vous suivre les consignes du lien ci dessous. Prendre le temps de bien lire

>> Comment poster pour une désinfection <<

il est vivement conseillé de faire une sauvegarde des données avant de commencer la désinfection

je désinfecte gratuitement mais si vous souhaitez contribuer aux travaux de Nicolas

c'est Don Ici Merci


ce n'est pas une obligation

Fournir les rapports au format.txt
 #84434  par did80
 
re tiboy76



1/ a désinstaller QuickTime plus mis a jour par apple


2/Lance Farbar

Image


Copies les lignes suivantes dans le cadre rouge
Contenu caché
Vous devez être inscrit et connecté sur ce forum pour voir le contenu caché.
Corrige et heberge le rapport fixlog

@+
 #84438  par tiboy76
 
J'ai désinstallé QuickTime hier déjà.
Voici FixLog:

Fix result of Farbar Recovery Scan Tool (x86) Version: 20.06.2018
Ran by BUREAU (09-07-2018 22:02:10) Run:1
Running from C:\Users\BUREAU\Desktop
Loaded Profiles: BUREAU (Available Profiles: BUREAU & DefaultAppPool)
Boot Mode: Normal

==============================================

fixlist content:
*****************
CloseProcesses:
CreateRestorePoint:
GroupPolicyScripts: Restriction <==== ATTENTION
U3 idsvc; no ImagePath
U5 REALPLAYERUPDATESVC; no ImagePath
CustomCLSID: HKU\S-1-5-21-2614886394-3112521437-220470954-1000_Classes\CLSID\{090746F9-9F39-42C0-920A-4852C2EDE704}\InprocServer32 -> C:\Users\BUREAU\AppData\Local\Temp\{A7FD405F-5793-4AD6-8E9C-72B0AA6AA51A}\APAX.dll => No File
CustomCLSID: HKU\S-1-5-21-2614886394-3112521437-220470954-1000_Classes\CLSID\{0BBFE402-CCA1-4f64-9322-13B66D841049}\InprocServer32 -> C:\Users\BUREAU\AppData\Local\TechSmith\SnagIt\Accessories\{23102CBF-AC8D-4424-9364-A79738894850}\MSWord.dll => No File
CustomCLSID: HKU\S-1-5-21-2614886394-3112521437-220470954-1000_Classes\CLSID\{25D005BF-FE63-4cce-AA25-CE952B1D9381}\InprocServer32 -> C:\Users\BUREAU\AppData\Local\TechSmith\SnagIt\Accessories\{638B203F-8FB6-49ec-A139-AB8C530F0CAB}\MSPowerPoint.dll => No File
CustomCLSID: HKU\S-1-5-21-2614886394-3112521437-220470954-1000_Classes\CLSID\{54050FBB-F2AE-404b-8BFD-7EE3EC784A52}\InprocServer32 -> C:\Users\BUREAU\AppData\Local\TechSmith\SnagIt\Accessories\{18AA4E21-D540-4a3a-9F9F-E6DE33D6F253}\MSExcel.dll => No File
CustomCLSID: HKU\S-1-5-21-2614886394-3112521437-220470954-1000_Classes\CLSID\{6B1948B3-9547-42F8-9B37-7AA9768134C4}\InprocServer32 -> C:\Users\BUREAU\AppData\Local\TechSmith\SnagIt\Accessories\{23102CBF-AC8D-4424-9364-A79738894850}\MSWord.dll => No File
CustomCLSID: HKU\S-1-5-21-2614886394-3112521437-220470954-1000_Classes\CLSID\{780927D9-C564-4C09-8892-43E6EF2A8AFB}\InprocServer32 -> C:\Users\BUREAU\AppData\Local\Temp\{A7FD405F-5793-4AD6-8E9C-72B0AA6AA51A}\APAX.dll => No File
CustomCLSID: HKU\S-1-5-21-2614886394-3112521437-220470954-1000_Classes\CLSID\{98C7093D-ED62-429F-A6E7-F1729B310212}\InprocServer32 -> C:\Users\BUREAU\AppData\Local\Temp\{A7FD405F-5793-4AD6-8E9C-72B0AA6AA51A}\APAX.dll => No File
ContextMenuHandlers1: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => -> No File
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => -> No File
ContextMenuHandlers6: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => -> No File
AlternateDataStreams: C:\Users\BUREAU\OneDrive:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.SyncRootIdentity [108]
DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\
DeleteKey: HKLM\Software\Classes\CLSID\{A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75}
DeleteKey: HKLM\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\
DeleteKey: HKLM\Software\Classes\CLSID\{A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75}
DeleteKey: HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\
DeleteKey: HKLM\Software\Classes\CLSID\{6B9228DA-9C15-419e-856C-19E768A13BDC}
DeleteKey: HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\
DeleteKey: HKLM\Software\Classes\CLSID\{A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75}
DeleteKey: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\
DeleteKey: HKLM\Software\Classes\CLSID\{A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75}
C:\WINDOWS\Installer\18dd157.msp
C:\WINDOWS\Installer\214ef9.msp
C:\WINDOWS\Installer\24caa95.msp
C:\WINDOWS\Installer\3cdb540.msp
C:\WINDOWS\Installer\4ee58b4b.msp
C:\WINDOWS\Installer\b5170.msp
C:\WINDOWS\Installer\bb865.msp
C:\WINDOWS\Installer\c2bf5.msp
C:\WINDOWS\Installer\c2fae.msp
C:\WINDOWS\Installer\c4d57.msp
C:\WINDOWS\Installer\c5597.msp
C:\WINDOWS\Installer\c5a44.msp
C:\WINDOWS\Installer\c5b03.msp
C:\WINDOWS\Installer\c96b7.msp
C:\WINDOWS\Installer\cd2a41.msp
DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\UAContextMenu
DeleteKey: HKLM\Software\Classes\lnkfile\shellex\ContextMenuHandlers\UAContextMenu
DeleteKey: HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\Gadgets
DeleteKey: HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\UAContextMenu
DeleteKey: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\UAContextMenu
EmptyTemp:

*****************

Processes closed successfully.
Restore point was successfully created.
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
"HKLM\System\CurrentControlSet\Services\idsvc" => removed successfully.
idsvc => service removed successfully.
"HKLM\System\CurrentControlSet\Services\REALPLAYERUPDATESVC" => removed successfully.
REALPLAYERUPDATESVC => service removed successfully.
"HKU\S-1-5-21-2614886394-3112521437-220470954-1000_Classes\CLSID\{090746F9-9F39-42C0-920A-4852C2EDE704}" => removed successfully.
"HKU\S-1-5-21-2614886394-3112521437-220470954-1000_Classes\CLSID\{0BBFE402-CCA1-4f64-9322-13B66D841049}" => removed successfully.
"HKU\S-1-5-21-2614886394-3112521437-220470954-1000_Classes\CLSID\{25D005BF-FE63-4cce-AA25-CE952B1D9381}" => removed successfully.
"HKU\S-1-5-21-2614886394-3112521437-220470954-1000_Classes\CLSID\{54050FBB-F2AE-404b-8BFD-7EE3EC784A52}" => removed successfully.
"HKU\S-1-5-21-2614886394-3112521437-220470954-1000_Classes\CLSID\{6B1948B3-9547-42F8-9B37-7AA9768134C4}" => removed successfully.
"HKU\S-1-5-21-2614886394-3112521437-220470954-1000_Classes\CLSID\{780927D9-C564-4C09-8892-43E6EF2A8AFB}" => removed successfully.
"HKU\S-1-5-21-2614886394-3112521437-220470954-1000_Classes\CLSID\{98C7093D-ED62-429F-A6E7-F1729B310212}" => removed successfully.
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\UAContextMenu" => removed successfully.
HKLM\Software\Classes\CLSID\{A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => not found
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\Gadgets" => removed successfully.
HKLM\Software\Classes\CLSID\{6B9228DA-9C15-419e-856C-19E768A13BDC} => not found
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\UAContextMenu" => removed successfully.
HKLM\Software\Classes\CLSID\{A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => not found
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\UAContextMenu" => removed successfully.
HKLM\Software\Classes\CLSID\{A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => not found
C:\Users\BUREAU\OneDrive => ":${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.SyncRootIdentity" ADS could not remove.
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" => removed successfully.
HKLM\Software\Classes\CLSID\{A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => not found
"HKLM\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers" => removed successfully.
HKLM\Software\Classes\CLSID\{A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => not found
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" => removed successfully.
HKLM\Software\Classes\CLSID\{6B9228DA-9C15-419e-856C-19E768A13BDC} => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers => not found
HKLM\Software\Classes\CLSID\{A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => not found
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" => removed successfully.
HKLM\Software\Classes\CLSID\{A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => not found
C:\WINDOWS\Installer\18dd157.msp => moved successfully
C:\WINDOWS\Installer\214ef9.msp => moved successfully
C:\WINDOWS\Installer\24caa95.msp => moved successfully
C:\WINDOWS\Installer\3cdb540.msp => moved successfully
C:\WINDOWS\Installer\4ee58b4b.msp => moved successfully
C:\WINDOWS\Installer\b5170.msp => moved successfully
C:\WINDOWS\Installer\bb865.msp => moved successfully
C:\WINDOWS\Installer\c2bf5.msp => moved successfully
C:\WINDOWS\Installer\c2fae.msp => moved successfully
C:\WINDOWS\Installer\c4d57.msp => moved successfully
C:\WINDOWS\Installer\c5597.msp => moved successfully
C:\WINDOWS\Installer\c5a44.msp => moved successfully
C:\WINDOWS\Installer\c5b03.msp => moved successfully
C:\WINDOWS\Installer\c96b7.msp => moved successfully
C:\WINDOWS\Installer\cd2a41.msp => moved successfully
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\UAContextMenu" => not found
"HKLM\Software\Classes\lnkfile\shellex\ContextMenuHandlers\UAContextMenu" => not found
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\Gadgets" => not found
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\UAContextMenu" => not found
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\UAContextMenu" => not found

=========== EmptyTemp: ==========

BITS transfer queue => 9986048 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 25710327 B
Java, Flash, Steam htmlcache => 291 B
Windows/system/drivers => 361520 B
Edge => 15453 B
Chrome => 6240065 B
Firefox => 25181260 B
Opera => 164780 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
LocalService => 0 B
NetworkService => 3148 B
BUREAU => 11888449 B
DefaultAppPool => 0 B

RecycleBin => 0 B
EmptyTemp: => 75.9 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 22:03:48 ====

@+
 #84491  par did80
 
salut tiboy76

ceci stp



Image Télécharge ZHPCleaner de Nicolas Coolman sur ton bureau

http://www.nicolascoolman.fr/telecharger/


Faire un click droit sur zhpcleaner


execute le en tant qu'administrateur

1/ ouvrir les options et tout cocher

Image



Image


Scanner

puis cliques sur nettoyer


Image



Le rapport se trouve sur ton bureau et

dans ton dossier utilisateur « %AppData% /ZHP »

héberger le rapport sur www.cjoint.com/ si volumineux

@+
Sujets similaires Statistiques Dernier message
Pc ralenti
par MarcZhp54  dans : Analyse de rapports et Désinfection.
52 Réponses
1960 Vues
par MarcZhp54
PC considérablement ralenti
par Baptodon  dans : Analyse de rapports et Désinfection.
19 Réponses
3311 Vues
par El Magnifico
Mon PC est bien ralenti
par lapache  dans : Analyse de rapports et Désinfection.
26 Réponses
2091 Vues
par lapache
Mon HP EliteBook tourne au ralenti
par jocas29  dans : Analyse de rapports et Désinfection.
16 Réponses
7119 Vues
par jocas29
PROBLEMES WINDOWS
par bepicard  dans : Support Windows
45 Réponses
19865 Vues
par bepicard