Répondre à : Infesté par Rvzr-a.akamaihd.net 2016-09-08T13:20:10+00:00
Destrio5
Participant
Post count: 211
  • Copie tout le texte présent en vert ci-dessous (Sélectionne-le, clique droit dessus et choisis “Copier”).

    Script ZHPFix
    SysRestore
    M2 – MFEP: prefs.js [copain – zj7fcqsg.default-1370342759250firefox@savevid.com] [] Savevid v1.0.0.108933 (..)
    M2 – MFEP: prefs.js [copain – zj7fcqsg.default-1370342759250plugin@analytic-s.com] [] Analytics v1.0.0.108933 (..)
    O2 – BHO: Google Toolbar Helper – {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. – Google Toolbar.) — C:Program FilesGoogleGoogle ToolbarGoogleToolbar_32.dll
    O3 – Toolbar: Google Toolbar – [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. – Google Toolbar.) — C:Program FilesGoogleGoogle ToolbarGoogleToolbar_32.dll
    O3 – ToolbarWebBrowser: (no name) – [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
    O4 – GSProgram [copain]: Savevid.lnk – Clé orpheline
    OPT:O4 – HKLM..Run: [MessengerPlusForSkypeService] . (.Yuna Software – Service – Messenger Plus! for Skype.) — C:Program FilesYuna SoftwareMessenger Plus! for SkypeMsgPlusForSkypeService.exe
    OPT:O4 – HKLM..Run: [QuickTime Task] . (.Apple Inc. – QuickTime Task.) — C:Program FilesQuickTimeQTTask.exe
    M3 – MFPP: Plugins – [copain] — C:UserscopainAppDataRoamingMozillaFirefoxProfileszj7fcqsg.default-1370342759250searchpluginsbadoo.xml
    O4 – HKCU..Run: [Badoo Desktop] C:ProgramDataBadooBadoo desktop1.6.58.1220Badoo.desktop.exe (.not file.)
    O4 – HKUSS-1-5-21-3087315139-3471193338-2076595517-1000..Run: [Badoo Desktop] C:ProgramDataBadooBadoo desktop1.6.58.1220Badoo.desktop.exe (.not file.)
    [HKCUSoftwareBadoo]
    O69 – SBI: SearchScopes [HKCU] {0E44C4C8-4E26-A929-9750-2D7E01CEBDB0} – (Search) – http://badoo.com” onclick=”window.open(this.href);return false;
    O42 – Logiciel: Google Toolbar for Internet Explorer – (.Google Inc..) [HKLM] — {18455581-E099-4BA8-BC6B-F34B2F06600C}
    O42 – Logiciel: Google Toolbar for Internet Explorer – (.Google Inc..) [HKLM] — {2318C2B1-4965-11d4-9B18-009027A5CD4F}
    O42 – Logiciel: Savevid – (.Bandoo Media Inc.) [HKCU] — Savevid
    [HKCUSoftwarei-beta]
    [HKLMSoftwareSavevid]
    O43 – CFD: 30/09/2013 – 23:08:30 – [11,962] —-D C:Program Filesi-beta
    O43 – CFD: 17/07/2013 – 20:57:29 – [3,775] —-D C:Program FilesSavevid
    O43 – CFD: 02/09/2013 – 15:41:31 – [23,535] -SH-D C:ProgramData{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
    O43 – CFD: 04/09/2013 – 23:01:20 – [0,002] —-D C:UserscopainAppDataLocalavgchrome
    O43 – CFD: 26/08/2013 – 19:16:05 – [2,780] —-D C:UserscopainAppDataLocalCRE
    O45 – LFCP:[MD5.08FB2F5E35E6BEF4A4062BFBCB78778D] – 21/11/2013 – 10:48:30 —A- – C:WindowsPrefetchTBHCN.EXE-A56C094A.pf
    O45 – LFCP:[MD5.3628D16F4AE5EC9D6B6ED92C1EC97078] – 21/11/2013 – 13:38:41 —A- – C:WindowsPrefetchPLUS-HD-1.5-BG.EXE-2C11EBA0.pf
    O45 – LFCP:[MD5.EB7C7B6659E5CEA46B9903DF5537FB4E] – 21/11/2013 – 13:49:00 —A- – C:WindowsPrefetchPLUS-HD-1.5-CHROMEINSTALLER.E-EFFAA5AF.pf
    O45 – LFCP:[MD5.F2FBC6A45D96227ABAB561917F5CD907] – 21/11/2013 – 13:49:00 —A- – C:WindowsPrefetchPLUS-HD-1.5-CODEDOWNLOADER.EX-197CFFC5.pf
    O45 – LFCP:[MD5.E0FDCACD0CF42E893DC86EF3D82D3ACE] – 21/11/2013 – 13:49:01 —A- – C:WindowsPrefetchPLUS-HD-1.5-UPDATER.EXE-E2F369A4.pf
    O45 – LFCP:[MD5.D038D9DBCCDB8BB69D46D4F45B994D7F] – 21/11/2013 – 13:49:10 —A- – C:WindowsPrefetchPLUS-HD-1.5-FIREFOXINSTALLER.-9E566EE0.pf
    O45 – LFCP:[MD5.4DF40113EFA4F9C567F1FEC4C24BD9E4] – 21/11/2013 – 13:51:06 —A- – C:WindowsPrefetchSPYHUNTER-INSTALLER.EXE-A2D96C10.pf
    O45 – LFCP:[MD5.B4877DB072B69DE62E895B87ACFE7CF4] – 21/11/2013 – 13:51:54 —A- – C:WindowsPrefetchSHSETUP.EXE-E6519C87.pf
    O45 – LFCP:[MD5.5884FB9E1D9BB5FC75C9F58CE6A95852] – 21/11/2013 – 13:52:45 —A- – C:WindowsPrefetchWISECUSTOMCALLA17.EXE-8D19643C.pf
    O45 – LFCP:[MD5.C085C40F193B0054750B329BC56532E3] – 21/11/2013 – 13:52:56 —A- – C:WindowsPrefetchWISECUSTOMCALLA19.EXE-B3C4D946.pf
    O45 – LFCP:[MD5.8BF07BF88CDE63E5B267F1529643E9A9] – 21/11/2013 – 13:52:58 —A- – C:WindowsPrefetchWISECUSTOMCALLA20.EXE-6B33BBD6.pf
    O45 – LFCP:[MD5.E1ED0B776DD14B6696E086D5F46F9614] – 21/11/2013 – 13:53:41 —A- – C:WindowsPrefetchSPYHUNTER4.EXE-7BD5E907.pf
    O45 – LFCP:[MD5.872444E71FC6080FA801E68AA4BF3D94] – 21/11/2013 – 13:56:02 —A- – C:WindowsPrefetchPLUS-HD-1.5-ENABLER.EXE-E038CD30.pf
    O45 – LFCP:[MD5.3570C32A801490129699A23579F0BC93] – 21/11/2013 – 14:15:37 —A- – C:WindowsPrefetchWISECUSTOMCALLA18.EXE-A06F1EC1.pf
    O45 – LFCP:[MD5.C4C79329FBDD7BEB12933CE59C288FD4] – 21/11/2013 – 14:15:46 —A- – C:WindowsPrefetchWISECUSTOMCALLA22.EXE-91DF30E0.pf
    O45 – LFCP:[MD5.FC6522E2A03F45BA6F7DE2570C0AEC77] – 21/11/2013 – 14:26:02 —A- – C:WindowsPrefetchTBHCN.EXE-8F7A1C23.pf
    O69 – SBI: SearchScopes [HKCU] {8A244612-A1F7-11E0-95C0-E71F4824019B} – (Mysearchdial) – http://start.mysearchdial.com” onclick=”window.open(this.href);return false;
    [MD5.36C689700ADBB227867E409938607270] [SPRF][06/07/2011] (…) — C:ProgramDataexplorer.exe [6144]
    O87 – FAEL: “{8C0D2454-5BEF-4C00-A4C9-3890B0CE306E}” | In – Private – P6 – TRUE | .(.SweetIM Technologies, Ltd. – SweetIM Installer.) — C:UserscopainDownloadsSweetImSetup.exe
    O87 – FAEL: “{1983147D-959E-4437-B5D4-E06A0AC11920}” | In – Private – P17 – TRUE | .(.SweetIM Technologies, Ltd. – SweetIM Installer.) — C:UserscopainDownloadsSweetImSetup.exe
    O87 – FAEL: “TCP Query User{4C16CEED-E821-40F8-897F-DADAC3AA506B}C:userscopainappdatalocalvghdbinvirtuagirl_downloader.exe” |In – Private – P6 – TRUE | .(…) — C:userscopainappdatalocalvghdbinvirtuagirl_downloader.exe (.not file.)
    O87 – FAEL: “UDP Query User{56D13DE0-8BB3-42B1-9A0E-3FDAF5767520}C:userscopainappdatalocalvghdbinvirtuagirl_downloader.exe” |In – Private – P17 – TRUE | .(…) — C:userscopainappdatalocalvghdbinvirtuagirl_downloader.exe (.not file.)
    [MD5.8C062F4F8973ABAB0F9B6AFA0080C592] [WIS][11/08/2012] (.Google Inc. – Google Toolbar for Internet Explorer.) — C:WindowsInstaller3a603.msi [28160]
    C:UserscopainAppDataLocalGoogleChromeUser DataDefaultExtensionsbkomkajifikmkfnjgphkjcfeepbnojok
    C:UserscopainAppDataRoamingMozillaFirefoxProfileszj7fcqsg.default-1370342759250extensionsfirefox@savevid.com
    [HKLMSoftwareMicrosoftInternet ExplorerToolbar]:{2318C2B1-4965-11d4-9B18-009027A5CD4F}
    [HKLMSoftwareWow6432NodeMicrosoftWindowsCurrentVersionExtPreApproved{11111111-1111-1111-1111-110311201100}]
    [HKCUSoftwareMicrosoftWindowsCurrentVersionUninstallSavevid]
    [HKLMSoftwareMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AA58ED58-01DD-4D91-8333-CF10577473F7}]
    [HKLMSoftwareMicrosoftWindowsCurrentVersionUninstall{18455581-E099-4BA8-BC6B-F34B2F06600C}]
    [HKLMSoftwareMicrosoftWindowsCurrentVersionUninstall{2318C2B1-4965-11d4-9B18-009027A5CD4F}]
    [HKLMSoftwareEnigmaSoftwareGroup]
    O43 – CFD: 21/11/2013 – 13:53:04 – [2,007] —-D C:Program FilesEnigma Software Group
    ProxyFix
    EmptyCLSID
    EmptyFlash
    EmptyTemp

  • Puis lance ZHPFix depuis le raccourci situé sur ton Bureau.
  • Clique sur le bouton “IMPORTER”. Dans l’encadré principal, tu verras les lignes que tu as copié précédemment apparaître.
  • Clique sur “GO” pour lancer le nettoyage. Laisse l’outil travailler et ne touche à rien.
  • Accepte la désinstallation des programmes si proposé, mais refuse le redémarrage de ton PC si également proposé, car cela stopperait ZHPFix.
  • Une fois terminé, héberge le rapport ZHPFix.txt sur SosUpload et copie-colle le lien fourni dans ta prochaine réponse.