Votre système est lent à démarrer, vous avez des messages d'avertissement qui s'affichent, votre navigation est redirigée, ce sont les signes d'une infection. Désinfectez votre ordinateur gratuitement !
  • Avatar du membre
#85819
Bonjour,

Je viens de faire un scan rapide Avast et celui-ci m'a détecté ces ce malware et cet adware que je ne peux ni supprimer ni mettre en quarantaine.
Je ne sais pas quoi faire et j'ai peur que ce soit quelque chose de grave.

J'ai fait un scan de tout.
Scan ZHPCLEANER:

https://www.cjoint.com/c/HHgp4xa5Iv1

Scan ZHPDIAG:

https://www.cjoint.com/c/HHgp5gEPcd1

SCAN ADWCLEANER:

https://www.cjoint.com/c/HHgrySnnLq1

SCAN Malwarbytes:

https://www.cjoint.com/c/HHgryoYkSf1

Puis j'ai refait un scan de ZHPDIAG ci dessous (nouveau fichier):

https://www.cjoint.com/c/HHgrJHqu541

Puis j'ai fait un scan avec FRST64

Addiction.txt

https://www.cjoint.com/c/HHhkCV8eWh1

FRST64.txt(c'est normal que y a rien sur ce fichier)

https://www.cjoint.com/c/HHhkDwFobE1

Merci d'avance de vôtre aide.
Modifié en dernier par essg95 le dim. 12 août 2018 22:00, modifié 1 fois.
#85888
Bonjour,

Lance Farbar

Image


Copies les lignes suivantes dans le cadre rouge


start::
CloseProcesses:
Hosts:
CreateRestorePoint:
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
SearchScopes: HKU\S-1-5-21-3179802963-2873160600-3177918653-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3179802963-2873160600-3177918653-1001 -> {20D0AB8B-CA6D-45FB-ACA3-4BBEAB7F294B} URL =
BHO: Pas de nom -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> Pas de fichier
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Pas de fichier
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}
DeleteKey: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B4F3A835-0E21-4959-BA22-42B3008E02FF}
DeleteKey: HKLM\Software\Classes\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF}
DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32
DeleteKey: HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA}
DeleteKey: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32
DeleteKey: HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA}
DeleteKey: HKLM\SOFTWARE\Classes\Drive\shellex\ContextMenuHandlers\VMDiskMenuHandler
DeleteKey: HKLM\Software\Classes\CLSID\{271DC252-6FE1-4D59-9053-E4CF50AB99DE}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{420404E8-8DF1-436A-8130-386C1A78364C}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{0AC5D315-B70B-4A9B-A928-4E05265F0836}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{DC8F57BC-EF40-4810-8119-3DF56FF349EF}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{54ADF0EB-B5BD-4C37-BF4F-FB65AED6AAA5}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{7F59A1E0-31F8-467A-8529-A5F89B98BB7D}C:\wamp\bin\apache\apache2.2.22\bin\httpd.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{4FEB8276-E7AA-4E49-B0CE-C4851ECC5EE9}C:\wamp\bin\apache\apache2.2.22\bin\httpd.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{A7F854A0-1663-441F-937A-7CB8EF011922}C:\program files\openshot video editor\launch.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{245E735C-82EE-457B-8AD0-B1699958FFC5}C:\program files\openshot video editor\launch.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{98E0B2B9-8D26-46C7-ACFC-260EBA8F9B16}C:\program files\openshot video editor\launch.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{B079B412-06F9-4B37-A613-C6F4879C1DCB}C:\program files\openshot video editor\launch.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{86D34B9B-D8CA-4C1F-A533-A7D48B0CFC78}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{FEE4B014-B27D-4DC9-8719-13ECA51BD74E}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{30CA3E82-6F00-4F96-A132-73130CC1814B}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{EA9BC6AF-2775-4E40-A511-94C7AEC42508}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{32DF02AE-30AB-496C-8689-9C82759D34F9}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{B85AA9B8-58A5-428C-950F-5A33FC4B2F6F}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{658D4BCF-0012-40E1-A208-E85AE6820580}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{B07080B7-4E6A-43D5-84C3-4656E0DE6301}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{7609B543-FBE0-488C-BF23-D2FE8DB417F0}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{F27FDAAB-934F-458D-8577-5BECD27C0A52}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{70B7E6A0-94F1-45C3-BDBB-8DCC2D3CDC66}C:\programdata\oracle\java\javapath_target_420635250\javaw.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{2B082092-8488-4F39-A221-8510D3E7388F}C:\programdata\oracle\java\javapath_target_420635250\javaw.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{8108D3C8-BD9D-43D6-9E9F-9AF47679A69F}C:\program files\java\jre-9.0.4\bin\javaw.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{7B7D4388-5525-4A8A-9E35-AB46B21895FE}C:\program files\java\jre-9.0.4\bin\javaw.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{8BB4CC8B-5485-48D6-B7AF-38372C20CCC4}C:\program files\java\jre-9.0.4\bin\javaw.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{CD40C086-DFCE-49EC-AA09-622F5F158EF2}C:\program files\java\jre-9.0.4\bin\javaw.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{C22BAC42-786C-42DC-B20D-2138ED709C71}C:\programdata\oracle\java\javapath_target_420635250\javaw.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{CEAD79D1-00C5-4F4A-9B57-BECAD62C40B7}C:\programdata\oracle\java\javapath_target_420635250\javaw.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{7F4AC3F9-F832-44C6-A3FE-B62386A68715}C:\program files\java\jdk-9.0.1\bin\java.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{CF343AF5-BE02-4233-A747-11E62CA284AD}C:\program files\java\jdk-9.0.1\bin\java.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{1F6F464F-744C-49A3-8076-C64382469ED0}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{B9327B45-A3A0-4478-8DCA-D99036A962FA}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{82A999F2-9615-41CB-8D8D-E3FD9F52AA48}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{13D56D45-E1DF-4FA0-A6C3-FE8395330FCF}
DeleteKey: HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}
DeleteKey: HKLM\Software\Classes\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF}
DeleteKey: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B4F3A835-0E21-4959-BA22-42B3008E02FF}
DeleteKey: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B4F3A835-0E21-4959-BA22-42B3008E02FF}
DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32
DeleteKey: HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA}
DeleteKey: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32
DeleteKey: HKLM\Software\Classes\Drive\shellex\ContextMenuHandlers\VMDiskMenuHandler
DeleteKey: HKLM\Software\Classes\CLSID\{271DC252-6FE1-4D59-9053-E4CF50AB99DE}
EmptyTemp:
end::


Corrige et heberge le rapport fixlog

@+

J'ai décoché ces 2 cases, car effect[…]

[did80]besoin d'aide

Pas de réponse Arrêt de la pri[…]

Bonsoir, Nous allons vérifier les packs in[…]

Bon anniversaire saigon

Hello chúc mừng sinh nhật :mrgreen: