6 sujets de 1 à 6 (sur un total de 6)
  • Auteur
    Messages
  • idefix007
    Participant
    Nombre d'articles : 3

    Bonjour,

    Mon PC est lent (notamment au demarrage) et le disque est beaucoup plus sollicite qu’auparavant.
    Je pense que j’ai ete infecte par un malware. Qu’en pensez-vous? Comme convenu, vous trouverez ci-joint les 3 rapports:
    (malheureusement, je ne parviens pas a attacher le rapport de ZHPDiag (limite de characteres a 60000) mais je peux vous le faire parvenir independamment).

    [spoiler:3gm01a8w]# AdwCleaner v4.000 – Report created 18/10/2014 at 23:58:14
    # DB v2014-10-17.9
    # Updated 12/10/2014 by Xplode
    # Operating System : Windows 7 Professional Service Pack 1 (64 bits)
    # Username : FX – FX-THINK
    # Running from : C:UsersFXDownloadsadwcleaner_4.000.exe
    # Option : Clean

    ***** [ Services ] *****

    ***** [ Files / Folders ] *****

    Folder Deleted : C:ProgramDataMicrosoftWindowsStart MenuProgramsFlvPlayer
    Folder Deleted : C:UsersFXAppDataRoamingFlvPlayer
    Folder Deleted : C:ProgramDataMicrosoftWindowsStart MenuProgramsLightspark 0.5.3-git
    Folder Deleted : C:Program Files (x86)Lightspark 0.5.3-git
    Folder Deleted : C:UsersFXAppDataRoamingpdfforge
    Folder Deleted : C:WindowsUtil

    ***** [ Scheduled Tasks ] *****

    ***** [ Shortcuts ] *****

    ***** [ Registry ] *****

    Value Deleted : HKCUSoftwareMozillaFirefoxExtensions [freegames4357@bestoffers]
    Key Deleted : HKLMSOFTWAREGoogleChromeExtensionsmkfokfffehpeedafpekjeddnmnjhmcmk
    Key Deleted : [x64] HKLMSOFTWAREGoogleChromeExtensionsmkfokfffehpeedafpekjeddnmnjhmcmk
    Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{C45EC9F0-8333-465D-9728-074BD41985C9}
    Key Deleted : HKLMSOFTWAREFlvPlayer
    Key Deleted : HKLMSOFTWARELightspark Team
    Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionUninstallFlvPlayer
    Key Deleted : HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstallLightspark

    ***** [ Browsers ] *****

    -\ Internet Explorer v11.0.9600.17344

    -\ Mozilla Firefox v31.0 (x86 en-US)

    -\ Google Chrome v37.0.2062.124

    Deleted [Search Provider] : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=ORJ&o=&locale=&apn_uid=2B344B44-F8FA-473A-99A6-83281BAAE482&apn_ptnrs=U3&apn_sauid=454E2E4C-DB06-42A5-906D-EA040D0C98BD&apn_dtid=OSJ000YYFR&q=” onclick=”window.open(this.href);return false;{searchTerms}

    *************************

    AdwCleaner[R0].txt – [3623 octets] – [12/04/2014 20:17:23]
    AdwCleaner[R1].txt – [1885 octets] – [18/10/2014 23:56:14]
    AdwCleaner[S0].txt – [2803 octets] – [12/04/2014 20:19:19]
    AdwCleaner[S1].txt – [2062 octets] – [18/10/2014 23:58:14]

    ########## EOF – C:AdwCleanerAdwCleaner[S1].txt – [2122 octets] ##########[/spoiler:3gm01a8w]
    [spoiler:3gm01a8w]Malwarebytes Anti-Malware
    http://www.malwarebytes.org” onclick=”window.open(this.href);return false;

    Scan Date: 10/19/2014
    Scan Time: 12:11:54 AM
    Logfile: MAM Report.txt
    Administrator: Yes

    Version: 2.00.3.1025
    Malware Database: v2014.10.19.02
    Rootkit Database: v2014.10.17.01
    License: Trial
    Malware Protection: Enabled
    Malicious Website Protection: Enabled
    Self-protection: Disabled

    OS: Windows 7 Service Pack 1
    CPU: x64
    File System: NTFS
    User: FX

    Scan Type: Hyper Scan
    Result: Completed
    Objects Scanned: 267682
    Time Elapsed: 13 hr, 32 min, 59 sec

    Memory: Enabled
    Startup: Enabled
    Filesystem: Disabled
    Archives: Enabled
    Rootkits: Disabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled

    Processes: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Registry Keys: 2
    PUP.Optional.DataMangr.A, HKLMSOFTWAREMICROSOFTINTERNET EXPLORERLOW RIGHTSELEVATIONPOLICY${dtUserElevationPolicyID}, Quarantined, [bed09284acd09a9c3a7c96f49a6a9070],
    PUP.Optional.PlusHD.A, HKUS-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0SOFTWAREAPPDATALOWSOFTWAREPlus-HD-4.9, Quarantined, [068841d5dba139fd7a47ff46649ff50b],

    Registry Values: 0
    (No malicious items detected)

    Registry Data: 0
    (No malicious items detected)

    Folders: 5
    PUP.Optional.CrossRider.A, C:UsersFXAppDataLocalGoogleChromeUser DataDefaultLocal Extension Settingsjjflmfkjppbmejlfbhlpgjnomdoefkfa, Quarantined, [c7c716005329dc5a8948f70858aa09f7],
    PUP.Optional.FreeGames.A, C:UsersFXAppDataRoamingMozillaExtensionsfreegames4357@BestOffers, Quarantined, [d8b6ad695329a09689800203f013ca36],
    PUP.Optional.FreeGames.A, C:UsersFXAppDataRoamingMozillaExtensionsfreegames4357@BestOfferschrome, Quarantined, [d8b6ad695329a09689800203f013ca36],
    PUP.Optional.FreeGames.A, C:UsersFXAppDataRoamingMozillaExtensionsfreegames4357@BestOfferschromecontent, Quarantined, [d8b6ad695329a09689800203f013ca36],
    PUP.Optional.FreeGames.A, C:UsersFXAppDataRoamingMozillaExtensionsfreegames4357@BestOfferschromeskin, Quarantined, [d8b6ad695329a09689800203f013ca36],

    Files: 36
    PUP.Optional.CrossRider.A, C:UsersFXAppDataLocalGoogleChromeUser DataDefaultLocal Storagechrome-extension_jjflmfkjppbmejlfbhlpgjnomdoefkfa_0.localstorage, Quarantined, [8a04cd49a8d4f046feabed48af547d83],
    PUP.Optional.CrossRider.A, C:UsersFXAppDataLocalGoogleChromeUser DataDefaultLocal Storagechrome-extension_jjflmfkjppbmejlfbhlpgjnomdoefkfa_0.localstorage-journal, Quarantined, [b7d738de3b413ff7e7c254e19c67768a],
    PUP.Optional.CrossRider.A, C:UsersFXAppDataLocalGoogleChromeUser DataDefaultLocal Extension Settingsjjflmfkjppbmejlfbhlpgjnomdoefkfa00003.log, Quarantined, [c7c716005329dc5a8948f70858aa09f7],
    PUP.Optional.CrossRider.A, C:UsersFXAppDataLocalGoogleChromeUser DataDefaultLocal Extension SettingsjjflmfkjppbmejlfbhlpgjnomdoefkfaCURRENT, Quarantined, [c7c716005329dc5a8948f70858aa09f7],
    PUP.Optional.CrossRider.A, C:UsersFXAppDataLocalGoogleChromeUser DataDefaultLocal Extension SettingsjjflmfkjppbmejlfbhlpgjnomdoefkfaLOCK, Quarantined, [c7c716005329dc5a8948f70858aa09f7],
    PUP.Optional.CrossRider.A, C:UsersFXAppDataLocalGoogleChromeUser DataDefaultLocal Extension SettingsjjflmfkjppbmejlfbhlpgjnomdoefkfaLOG, Quarantined, [c7c716005329dc5a8948f70858aa09f7],
    PUP.Optional.CrossRider.A, C:UsersFXAppDataLocalGoogleChromeUser DataDefaultLocal Extension SettingsjjflmfkjppbmejlfbhlpgjnomdoefkfaMANIFEST-000002, Quarantined, [c7c716005329dc5a8948f70858aa09f7],
    PUP.Optional.FreeGames.A, C:UsersFXAppDataRoamingMozillaExtensionsfreegames4357@BestOfferschrome.manifest, Quarantined, [d8b6ad695329a09689800203f013ca36],
    PUP.Optional.FreeGames.A, C:UsersFXAppDataRoamingMozillaExtensionsfreegames4357@BestOffersicon.png, Quarantined, [d8b6ad695329a09689800203f013ca36],
    PUP.Optional.FreeGames.A, C:UsersFXAppDataRoamingMozillaExtensionsfreegames4357@BestOffersinstall.rdf, Quarantined, [d8b6ad695329a09689800203f013ca36],
    PUP.Optional.FreeGames.A, C:UsersFXAppDataRoamingMozillaExtensionsfreegames4357@BestOfferschromecontentbackground.html, Quarantined, [d8b6ad695329a09689800203f013ca36],
    PUP.Optional.FreeGames.A, C:UsersFXAppDataRoamingMozillaExtensionsfreegames4357@BestOfferschromecontentbutton.js, Quarantined, [d8b6ad695329a09689800203f013ca36],
    PUP.Optional.FreeGames.A, C:UsersFXAppDataRoamingMozillaExtensionsfreegames4357@BestOfferschromecontentbutton.xml, Quarantined, [d8b6ad695329a09689800203f013ca36],
    PUP.Optional.FreeGames.A, C:UsersFXAppDataRoamingMozillaExtensionsfreegames4357@BestOfferschromecontentconfig.js, Quarantined, [d8b6ad695329a09689800203f013ca36],
    PUP.Optional.FreeGames.A, C:UsersFXAppDataRoamingMozillaExtensionsfreegames4357@BestOfferschromecontentcontent.js, Quarantined, [d8b6ad695329a09689800203f013ca36],
    PUP.Optional.FreeGames.A, C:UsersFXAppDataRoamingMozillaExtensionsfreegames4357@BestOfferschromecontentframework.js, Quarantined, [d8b6ad695329a09689800203f013ca36],
    PUP.Optional.FreeGames.A, C:UsersFXAppDataRoamingMozillaExtensionsfreegames4357@BestOfferschromecontentframework.png, Quarantined, [d8b6ad695329a09689800203f013ca36],
    PUP.Optional.FreeGames.A, C:UsersFXAppDataRoamingMozillaExtensionsfreegames4357@BestOfferschromecontentframework.xul, Quarantined, [d8b6ad695329a09689800203f013ca36],
    PUP.Optional.FreeGames.A, C:UsersFXAppDataRoamingMozillaExtensionsfreegames4357@BestOfferschromecontenticon128.ico, Quarantined, [d8b6ad695329a09689800203f013ca36],
    PUP.Optional.FreeGames.A, C:UsersFXAppDataRoamingMozillaExtensionsfreegames4357@BestOfferschromecontenticon128.png, Quarantined, [d8b6ad695329a09689800203f013ca36],
    PUP.Optional.FreeGames.A, C:UsersFXAppDataRoamingMozillaExtensionsfreegames4357@BestOfferschromecontenticon16.ico, Quarantined, [d8b6ad695329a09689800203f013ca36],
    PUP.Optional.FreeGames.A, C:UsersFXAppDataRoamingMozillaExtensionsfreegames4357@BestOfferschromecontenticon16.png, Quarantined, [d8b6ad695329a09689800203f013ca36],
    PUP.Optional.FreeGames.A, C:UsersFXAppDataRoamingMozillaExtensionsfreegames4357@BestOfferschromecontenticon18.ico, Quarantined, [d8b6ad695329a09689800203f013ca36],
    PUP.Optional.FreeGames.A, C:UsersFXAppDataRoamingMozillaExtensionsfreegames4357@BestOfferschromecontenticon18.png, Quarantined, [d8b6ad695329a09689800203f013ca36],
    PUP.Optional.FreeGames.A, C:UsersFXAppDataRoamingMozillaExtensionsfreegames4357@BestOfferschromecontenticon24.ico, Quarantined, [d8b6ad695329a09689800203f013ca36],
    PUP.Optional.FreeGames.A, C:UsersFXAppDataRoamingMozillaExtensionsfreegames4357@BestOfferschromecontenticon24.png, Quarantined, [d8b6ad695329a09689800203f013ca36],
    PUP.Optional.FreeGames.A, C:UsersFXAppDataRoamingMozillaExtensionsfreegames4357@BestOfferschromecontenticon32.ico, Quarantined, [d8b6ad695329a09689800203f013ca36],
    PUP.Optional.FreeGames.A, C:UsersFXAppDataRoamingMozillaExtensionsfreegames4357@BestOfferschromecontenticon32.png, Quarantined, [d8b6ad695329a09689800203f013ca36],
    PUP.Optional.FreeGames.A, C:UsersFXAppDataRoamingMozillaExtensionsfreegames4357@BestOfferschromecontenticon48.ico, Quarantined, [d8b6ad695329a09689800203f013ca36],
    PUP.Optional.FreeGames.A, C:UsersFXAppDataRoamingMozillaExtensionsfreegames4357@BestOfferschromecontenticon48.png, Quarantined, [d8b6ad695329a09689800203f013ca36],
    PUP.Optional.FreeGames.A, C:UsersFXAppDataRoamingMozillaExtensionsfreegames4357@BestOfferschromecontentjquery-1.9.1.min.js, Quarantined, [d8b6ad695329a09689800203f013ca36],
    PUP.Optional.FreeGames.A, C:UsersFXAppDataRoamingMozillaExtensionsfreegames4357@BestOfferschromecontentoptions.xul, Quarantined, [d8b6ad695329a09689800203f013ca36],
    PUP.Optional.FreeGames.A, C:UsersFXAppDataRoamingMozillaExtensionsfreegames4357@BestOfferschromecontentrjs.js, Quarantined, [d8b6ad695329a09689800203f013ca36],
    PUP.Optional.FreeGames.A, C:UsersFXAppDataRoamingMozillaExtensionsfreegames4357@BestOfferschromecontentsettings.json, Quarantined, [d8b6ad695329a09689800203f013ca36],
    PUP.Optional.FreeGames.A, C:UsersFXAppDataRoamingMozillaExtensionsfreegames4357@BestOfferschromecontentsubscriptloader.js, Quarantined, [d8b6ad695329a09689800203f013ca36],
    PUP.Optional.FreeGames.A, C:UsersFXAppDataRoamingMozillaExtensionsfreegames4357@BestOfferschromeskinframework.css, Quarantined, [d8b6ad695329a09689800203f013ca36],

    Physical Sectors: 0
    (No malicious items detected)

    (end)[/spoiler:3gm01a8w]
    Un grand merci d’avance pour votre temps.

    g3n-h@ckm@ng3n-h@ckm@n
    Moderator
    Nombre d'articles : 8258

    salut ;)

    • Désactive ton antivirus le temps du téléchargement et de l’utilisation.
    • Télécharge AdsFix sur ton bureau.
      Note : Enregistrer votre travail avant de continuer !
    • Lance AdsFix
    • Pour un pc assez infecté , il peut mettre plusieurs secondes à se charger
    • Inscrit ton pays
    • Clique sur Nettoyer , après l’avoir débloqué dans les options

      Note : Patiente le temps du scan
    • Laisse travailler l’outil même s’il te parait bloqué
    • Si l’outil détecte un proxy que tu ne connais pas clic sur : “Supprimer le proxy
    • Héberge le rapport C:AdsFix_date_heure.txt sur SOSUpload puis donne le lien obtenu.

    Aide:

    idefix007
    Participant
    Nombre d'articles : 3

    Desole pour le retard. Voici le rapport ci-joint:
    https://antimalware.top/www/?a=d&i=BxcbHiKpPv” onclick=”window.open(this.href);return false;

    g3n-h@ckm@ng3n-h@ckm@n
    Moderator
    Nombre d'articles : 8258

    re

    ok :)

    • désactive ton antivirus le temps du scan
    • Télécharge quickDiag ici : https://www.sosvirus.net/telecharger/quickdiag/” onclick=”window.open(this.href);return false;
    • lance-le

    • clique sur “Quick” puis une fois terminé :
    • heberge le rapport sur https://antimalware.top” onclick=”window.open(this.href);return false;
    • donne le lien obtenu dans ta prochaine réponse

    note : le rapport sera sur le bureau au nom de QuickDiag_date_heure.txt, et une copie du même nom sera disponible dans ton disque système ( logiquement C: )

    idefix007
    Participant
    Nombre d'articles : 3

    Merci!
    Comme convenu, voici le rapport:
    https://antimalware.top/www/?a=d&i=KglAR3ucLC” onclick=”window.open(this.href);return false;

    g3n-h@ckm@ng3n-h@ckm@n
    Moderator
    Nombre d'articles : 8258

    le diagnostique est propre, il n’indique plus d’infections

    tu as du mieux ?

6 sujets de 1 à 6 (sur un total de 6)
  • Vous devez être connecté pour répondre à ce sujet.