Vous pensez être infecté, des pubs s'affichent quand vous naviguez sur internet ?
Perte de données, ralentissement système, virus USB ?
Réparez votre ordinateur gratuitement sur notre assistance en ligne.
  • Avatar du membre
  • Avatar du membre
#228028
J'ai chopé un malware qui bloque les anti-malwares.

A noter :
-Mes anti-malwares s'éteignaient au commencement du scan
-Les Anti-Malwares adsfix et adwcleaner on échouer au scan.
-Malwarebytes à fonctionné normalement mais n'a pas supprimé le virus
-J'ai depuis peu des erreurs input (clic de la sourit qui marche pas pendant une fraction de seconde), peu être causé par le même virus.
-Je fais une analyse complète avec Kaspersky Free (analyse estimer à environ 5H).

Es que quelqu'un connais un anti-malware qui ne se laisserais pas bloquer par mon malware.

EDIT : Le pourcentage de l'analyse n'as pas changer de puis 2H et la fin de l'analyse est estimer à environ 6H.
#228029
salut

ceci stp

1/
Image Télécharger zhpdiag de N Coolman



ou

https://www.sosvirus.net/telecharger/zhpcleaner/

Enregistrer le Fichier sur le bureau important

exécuter en tant qu'administrateur pour Vista/7) pour lancer le programme d'assistant d'installation

1/ ouvrir les options et tout cocher





cliquer sur scanner




cliques sur rapport


Le rapport zhpdiag.txt sera sur ton bureau

très volumineux incomplet sur le forum

il faut le poster sur

Image

Me donner le lien formé qui ressemble a çà


2/
Image Télécharger FARBAR et


l' enregistrer-le sur le Bureau


prendre la version compatible 32 ou 64 bits




ou

https://www.sosvirus.net/telecharger/zhpcleaner/


Faites un clic droit sur le fichier téléchargé (FRST.exe/FRST64.exe) et choisissez Exécuter en tant qu'administrateur


cocher les cases comme sur l'image ci dessous

Cliquer sur le bouton Analyser




L'outil va créer 3 rapports sur le bureau:
  • Frst.txt
    Addition.txt
    Shortcut.txt

Mettre les 3 rapports
Frst Addition et Shorcut ici car ils prennent bien de la place.

et me donner les liens

@+
#228031
Salut NeoJupiter

ceci maintenant

Lance Farbar




Copies les lignes suivantes dans le cadre rouge
start::
CloseProcesses:
CreateRestorePoint:
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-519072743-836092174-4073667659-1001\...\MountPoints2: {421ac06f-3206-11e8-8750-6c626d3aacc4} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-519072743-836092174-4073667659-1001\...\MountPoints2: {6ebb065c-b113-11e8-8766-6c626d3aacc4} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-519072743-836092174-4073667659-1001\...\MountPoints2: {db99c76c-1491-11e8-8748-6c626d3aacc4} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-519072743-836092174-4073667659-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06082019154746028\...\MountPoints2: {421ac06f-3206-11e8-8750-6c626d3aacc4} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-519072743-836092174-4073667659-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06082019154746028\...\MountPoints2: {6ebb065c-b113-11e8-8766-6c626d3aacc4} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-519072743-836092174-4073667659-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06082019154746028\...\MountPoints2: {db99c76c-1491-11e8-8748-6c626d3aacc4} - "F:\HiSuiteDownLoader.exe"
GroupPolicy: Restriction ? <==== ATTENTION
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier
ContextMenuHandlers1: [Balabolka] -> {6CB83A5A-AA68-4895-9F54-175E789AE149} => C:\Program Files (x86)\Balabolka\BFileExt.dll -> Pas de fichier
AlternateDataStreams: C:\Users\Public\AppData:CSM [464]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [472]
StartRegedit:
Windows Registry Editor Version 5.00
[-HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains]
@=""
[-HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains]
[-HKEY_USERS\Software\Microsoft\Windows\CurrentVersion\Internet Settings\P3P]
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains]
@=""
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains]
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\P3P]
EndRegedit:
FirewallRules: [TCP Query User{68E82B9D-9362-44AD-8F58-E279C8824962}C:\games\grand theft auto v\gta5.exe] => (Allow) C:\games\grand theft auto v\gta5.exe Pas de fichier
FirewallRules: [UDP Query User{0AF7D4A7-CD92-4A06-808D-45FDA90E9C98}C:\games\grand theft auto v\gta5.exe] => (Allow) C:\games\grand theft auto v\gta5.exe Pas de fichier
FirewallRules: [TCP Query User{8084C299-1F61-4FB4-8C82-AD11FE366AEF}C:\games\dying light\dyinglightgame.exe] => (Allow) C:\games\dying light\dyinglightgame.exe Pas de fichier
FirewallRules: [UDP Query User{7620C13D-3ABE-4436-B5FF-52E28BDB2358}C:\games\dying light\dyinglightgame.exe] => (Allow) C:\games\dying light\dyinglightgame.exe Pas de fichier
FirewallRules: [{9076A0B6-B44E-4088-BCC0-0573A6CD5AAF}] => (Allow) C:\Users\NOE\AppData\Local\Chromium\Application\chrome.exe Pas de fichier
FirewallRules: [TCP Query User{E5878269-EBD1-41B6-A771-5DAA82ED5E35}C:\users\noe\appdata\local\crossout\launcher.exe] => (Allow) C:\users\noe\appdata\local\crossout\launcher.exe Pas de fichier
FirewallRules: [UDP Query User{03A5475C-6498-4FFC-829A-2A1806C8D75B}C:\users\noe\appdata\local\crossout\launcher.exe] => (Allow) C:\users\noe\appdata\local\crossout\launcher.exe Pas de fichier
FirewallRules: [{439FC04F-D8FC-4EB5-AF4B-068B292A6EBA}] => (Allow) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe Pas de fichier
FirewallRules: [{1E92EC45-28BE-4E79-AEC4-196F9F61C496}] => (Allow) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe Pas de fichier
FirewallRules: [TCP Query User{72DD1B00-6596-4365-AC51-70BBD345D4C4}C:\program files (x86)\x-plane 11\x-plane.exe] => (Allow) C:\program files (x86)\x-plane 11\x-plane.exe Pas de fichier
FirewallRules: [UDP Query User{B8860CDB-A79A-4507-AD0E-15EDB3FC9CB4}C:\program files (x86)\x-plane 11\x-plane.exe] => (Allow) C:\program files (x86)\x-plane 11\x-plane.exe Pas de fichier
FirewallRules: [{7D28D20A-5308-473A-977E-B9BF4F41BD82}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe Pas de fichier
FirewallRules: [{E44BF35C-DF26-4EC4-9439-4FBDF6B823FA}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe Pas de fichier
FirewallRules: [TCP Query User{27EE300C-FFA0-4189-8C6A-3CA93214ED7E}C:\games\simpleplanes.v1.7.1.0\simpleplanes.exe] => (Allow) C:\games\simpleplanes.v1.7.1.0\simpleplanes.exe Pas de fichier
FirewallRules: [UDP Query User{05DCD21A-C9D0-4783-8EE5-850D8A65D92C}C:\games\simpleplanes.v1.7.1.0\simpleplanes.exe] => (Allow) C:\games\simpleplanes.v1.7.1.0\simpleplanes.exe Pas de fichier
FirewallRules: [TCP Query User{1ABC16C0-0D33-476C-B2C8-7B8489AE3028}C:\program files\tom clancy's ghost recon wildlands\grw.exe] => (Allow) C:\program files\tom clancy's ghost recon wildlands\grw.exe Pas de fichier
FirewallRules: [UDP Query User{93094AE0-A567-41FE-8D91-306C9B2DBBCB}C:\program files\tom clancy's ghost recon wildlands\grw.exe] => (Allow) C:\program files\tom clancy's ghost recon wildlands\grw.exe Pas de fichier
FirewallRules: [{63E237CE-2354-4201-AB37-42269F1A9904}] => (Allow) C:\Users\NOE\Desktop\Grand Theft Auto V\GTA5.exe Pas de fichier
FirewallRules: [{89B200D9-B3B8-40A8-9780-876F85C25848}] => (Allow) C:\Users\NOE\Desktop\Grand Theft Auto V\GTA5.exe Pas de fichier
FirewallRules: [TCP Query User{0CC80EA4-7BAC-4F52-AEFE-9E36D948F589}C:\program files (x86)\red faction guerrilla remarstered\rfg.exe] => (Allow) C:\program files (x86)\red faction guerrilla remarstered\rfg.exe Pas de fichier
FirewallRules: [UDP Query User{968D0EFC-937B-4419-93B2-4D443625CF38}C:\program files (x86)\red faction guerrilla remarstered\rfg.exe] => (Allow) C:\program files (x86)\red faction guerrilla remarstered\rfg.exe Pas de fichier
FirewallRules: [{5CDAB028-317C-47E6-AE1C-464E7171138F}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe Pas de fichier
FirewallRules: [{3E8998B6-F525-44EF-82BF-9360AAAF7E11}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe Pas de fichier
FirewallRules: [{2F0AF5F2-B8C4-4CE8-87F5-DEE903937C1B}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe Pas de fichier
FirewallRules: [{DB8BA756-B667-424B-B85A-F0AB798ED3AD}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe Pas de fichier
FirewallRules: [{6746342B-8611-4247-8E38-ADC07E49DCE4}] => (Allow) C:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe Pas de fichier
FirewallRules: [{A12DF5AB-927E-4DDD-B37B-8BF6BAD9BDA6}] => (Allow) C:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe Pas de fichier
FirewallRules: [TCP Query User{66D2EDBB-8E84-48E2-8964-8A7D5116C057}C:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) C:\program files (x86)\origin games\apex\r5apex.exe Pas de fichier
FirewallRules: [UDP Query User{1CDBE584-4FDD-4F3B-A1E9-3AB730B1C627}C:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) C:\program files (x86)\origin games\apex\r5apex.exe Pas de fichier
C:\Users\NOE\AppData\Roaming\Mozilla\Firefox\Profiles\p1bmj2w6.default\searchplugins\bing-lavasoft-ff59.xml
C:\Users\NOE\AppData\Roaming\Babylon
C:\Users\NOE\AppData\Local\Babylon
DeleteValue: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Spotify
DeleteValue: HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\StartupApproved\Run|OneDriveSetup
DeleteValue: HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\StartupApproved\Run|OneDriveSetup
DeleteValue: HKU\S-1-5-21-519072743-836092174-4073667659-1001\Software\Microsoft\Windows\CurrentVersion\Run|Spotify
DeleteKey: HKLM\SOFTWARE\Wow6432Node\IObit\Driver Booster
DeleteKey: HKLM\SOFTWARE\WOW6432Node\Tencent
DeleteKey: HKCU\SOFTWARE\Tencent
DeleteKey: HKU\S-1-5-21-519072743-836092174-4073667659-1001\SOFTWARE\Tencent
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tencent Software
C:\ProgramData\Tencent
C:\Users\NOE\AppData\Roaming\Tencent
C:\WINDOWS\System32\Config\systemprofile\AppData\Roaming\Tencent
DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32
DeleteKey: HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA}
DeleteKey: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32
DeleteKey: HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{BF1B1B9B-3F03-46EF-AE0F-C5D61B050114}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{1C58DFA9-30A6-4F9B-AA14-04DB85EBB7E3}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{542001BC-5DCB-4412-8BE0-4B77F7313CFE}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{CFB52C81-DA8E-4535-AB7B-9FB5E659C198}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{134E904C-B07B-4494-9563-E4C8F091856A}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{CF579734-7E1E-459A-AD5F-B40440524C5D}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{60486E71-9D06-4CD6-B709-B9A609A10E60}C:\program files (x86)\savagehunt\launcher.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{68871B2F-DC97-4C39-991F-F1253A82D5D5}C:\program files (x86)\savagehunt\launcher.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{AB1CCC0B-BBA4-4E30-B4E6-C0A2B2EF5FD9}C:\games\kingdom come - deliverance\bin\win64\kingdomcome.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{223A5000-8980-4018-9557-F715F402CBDD}C:\games\kingdom come - deliverance\bin\win64\kingdomcome.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{2898BA0B-5C5B-471C-AF7B-0C6ED4CD75F9}C:\program files (x86)\r.g. mechanics\far cry 4\bin\farcry4.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{06A3C7CE-B7FE-4396-ABBD-00E540D8F52D}C:\program files (x86)\r.g. mechanics\far cry 4\bin\farcry4.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{BE667285-72BD-4267-9E86-189BB55A810F}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{ECF7B24F-A280-4793-97C6-BCBCEF0AC6DC}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{71F773DF-6297-4F6A-BADE-50A6B0D077A3}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{DD2E3C89-C4FE-4F73-A271-87681A1E2A5C}C:\program files (x86)\the escapists 2\theescapists2.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{5CF793D7-BDFD-460D-B99B-DD5448C55922}C:\program files (x86)\the escapists 2\theescapists2.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{B4BCBFA4-AFAF-410C-8E79-6C4C4FE82E7E}C:\program files (x86)\origin games\star wars battlefront\starwarsbattlefront.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{CFFE4678-F99A-4038-81A9-D3DDBFC03C03}C:\program files (x86)\origin games\star wars battlefront\starwarsbattlefront.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{68E82B9D-9362-44AD-8F58-E279C8824962}C:\games\grand theft auto v\gta5.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{0AF7D4A7-CD92-4A06-808D-45FDA90E9C98}C:\games\grand theft auto v\gta5.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{8084C299-1F61-4FB4-8C82-AD11FE366AEF}C:\games\dying light\dyinglightgame.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{7620C13D-3ABE-4436-B5FF-52E28BDB2358}C:\games\dying light\dyinglightgame.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{9076A0B6-B44E-4088-BCC0-0573A6CD5AAF}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{E5878269-EBD1-41B6-A771-5DAA82ED5E35}C:\users\noe\appdata\local\crossout\launcher.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{03A5475C-6498-4FFC-829A-2A1806C8D75B}C:\users\noe\appdata\local\crossout\launcher.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{439FC04F-D8FC-4EB5-AF4B-068B292A6EBA}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{1E92EC45-28BE-4E79-AEC4-196F9F61C496}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{72DD1B00-6596-4365-AC51-70BBD345D4C4}C:\program files (x86)\x-plane 11\x-plane.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{B8860CDB-A79A-4507-AD0E-15EDB3FC9CB4}C:\program files (x86)\x-plane 11\x-plane.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{7D28D20A-5308-473A-977E-B9BF4F41BD82}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{E44BF35C-DF26-4EC4-9439-4FBDF6B823FA}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{27EE300C-FFA0-4189-8C6A-3CA93214ED7E}C:\games\simpleplanes.v1.7.1.0\simpleplanes.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{05DCD21A-C9D0-4783-8EE5-850D8A65D92C}C:\games\simpleplanes.v1.7.1.0\simpleplanes.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{1ABC16C0-0D33-476C-B2C8-7B8489AE3028}C:\program files\tom clancy's ghost recon wildlands\grw.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{93094AE0-A567-41FE-8D91-306C9B2DBBCB}C:\program files\tom clancy's ghost recon wildlands\grw.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{63E237CE-2354-4201-AB37-42269F1A9904}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{89B200D9-B3B8-40A8-9780-876F85C25848}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{0CC80EA4-7BAC-4F52-AEFE-9E36D948F589}C:\program files (x86)\red faction guerrilla remarstered\rfg.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{968D0EFC-937B-4419-93B2-4D443625CF38}C:\program files (x86)\red faction guerrilla remarstered\rfg.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{5CDAB028-317C-47E6-AE1C-464E7171138F}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{3E8998B6-F525-44EF-82BF-9360AAAF7E11}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{2F0AF5F2-B8C4-4CE8-87F5-DEE903937C1B}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{DB8BA756-B667-424B-B85A-F0AB798ED3AD}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{AC61061F-2795-4051-A556-2D95E59ACF07}C:\program files (x86)\emule\emule.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{6F35BAC6-6627-4396-90D2-A7F7EA2D9D52}C:\program files (x86)\emule\emule.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{4E0BDDDD-13D9-43C5-B1BC-FB72604A83F7}
C:\Users\NOE\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{33E7935D-78ED-4AE6-A898-223DB657A655}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{7BAFE7BB-A27C-4870-863C-34EA63F20B60}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{383A6C59-4E44-49C1-B8F4-963F8CB7BA97}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{DE530677-0535-4943-98BC-7BE2576AAE2D}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{AB0383DC-B3FC-44D2-9D81-650F9D3C4449}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{6746342B-8611-4247-8E38-ADC07E49DCE4}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{A12DF5AB-927E-4DDD-B37B-8BF6BAD9BDA6}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{66D2EDBB-8E84-48E2-8964-8A7D5116C057}C:\program files (x86)\origin games\apex\r5apex.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{1CDBE584-4FDD-4F3B-A1E9-3AB730B1C627}C:\program files (x86)\origin games\apex\r5apex.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{11770619-1057-45FD-AC55-25F61D13C6FA}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.192\deploy\leagueclient.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{8A0BCA36-FFB1-4E99-A73F-856E8056EE1F}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.192\deploy\leagueclient.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{75BDEFA3-4171-4BAF-BB6D-096E87E38943}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{67CEC546-1953-411D-A7F2-EF5C9E9A8293}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{FE064198-7655-422E-9C44-2AEA50037E80}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{C6072C66-96A6-4701-AF16-F1F008662FC7}
DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\Balabolka
DeleteKey: HKLM\Software\Classes\CLSID\{6CB83A5A-AA68-4895-9F54-175E789AE149}
DeleteKey: HKLM\Software\Wow6432Node\Classes\CLSID\{6CB83A5A-AA68-4895-9F54-175E789AE149}
DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32
DeleteKey: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32
EmptyTemp:
end::
Corrige et heberge le rapport fixlog

@+ didier
#228033
re

Télécharge AdwCleaner ( d'Xplode ) sur ton bureau.

dernière version dessous


>> <<



Pour Windows 7,Windows 8 : il faut lancer le fichier par clic-droit " Exécuter en tant qu'administrateur "

Accepter la licence



lancer l'analyse





Poste le contenu de ce rapport.

Note
Le rapport est également sauvegardé sous C:\AdwCleaner\logs [s0].txt
#228035
ok

ceci maintnant

Image Télécharger kapersky removal tool


https://www.sosvirus.net/telecharger/kaspersky-virus-removal-tool/



mettre sur le bureau KVRT.exe



désactiver l'antivirus


executer en mode administrateur le fichier kvrt



accepter les conditions d'utilisation


parametrer







lancer le scan





Scanner






Si des menaces ont été détectées lors de l'analyse, une notification s'affichera sur l'écran vous invitant à choisir des actions à exécuter.


il n'y a pas de rapport si l'outil ne trouve pas d'infection



Delete : Supprimer le fichier
Quarantine : place le fichier en quarantaine.
Clique sur le bouton Continue




Kaspersky Virus Removal Tool propose ensuite de désinfecter l’ordinateur en redémarrant ce dernier : Disinfect and restart the computer
Note que tu as un bouton « Try to desinfect without computer restart » afin de tenter de supprimer les virus sans redémarrer l’ordinateur




L’ordinateur va alors redémarrer, si tu obtient le message, ci-dessous, clique sur Exécuter




Image
#228037
ok neo

ceci maintenant

Image AdliceDiag



Choisir la version voulue
  • Installer 32/64 bits

    Portable 32 bits

    Portable 64 bits


Laissez les Paramétres par défaut



Scannez

Ala fin du scan cliques sur le bouton results

puis sur le bouton Rapport

tu vas obtenir cet ecran




onglet upload/suppressioncloud

assigner le helper did80

bouton Uploader

Tu vas obtenir un lien Permalink en bas de l'écran a me fournir

Bonsoir g3n-h@ckm@n, J'ai effectivement ré[…]

suspicion de contamination

ok très bien, merci

ZHPDiag détecte des problèmes

Bonjour Jacques, Peux tu transmettre ton rapport[…]

Bonjour pas de réponse je ferme