virus privacy shield 2018

Aide à la désinfection pour supprimer les virus, adwares, ransomwares, trojans.

Modérateurs : Mods Windows, Helper

cmxprod
Messages : 1
Inscription : 31 janv. 2019 20:27

virus privacy shield 2018

Message par cmxprod » 31 janv. 2019 20:32

bonjour a tous je suis nouveau sur le forum
mon pc windows 10
je suis infecter par un virus
privacy shield 2018
j essais de comprendre en lisant des truc sur internet et je vois qu il faut poster le rapport pour se faire aider
voici le rapport de adwcleaner
merci de votre aide

Code : Tout sélectionner

# -------------------------------
# Malwarebytes AdwCleaner 7.2.7.0
# -------------------------------
# Build:    01-30-2019
# Database: 2019-01-25.2 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    01-31-2019
# Duration: 00:00:07
# OS:       Windows 10 Home
# Cleaned:  58
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:\Users\lacigalebleue\Documents\PROPCCleaner
Deleted       C:\TVWizard
Deleted       C:\Meteoroids
Deleted       C:\Users\lacigalebleue\AppData\Local\Vosteran
Deleted       C:\ZombieNews

***** [ Files ] *****

Deleted       C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HowToRemove.html.lnk

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKCU\Software\csastats
Deleted       HKCU\Software\InstallCore
Deleted       HKCU\Software\Ecommfactory
Deleted       HKCU\Software\ShieldApps
Deleted       HKLM\Software\Wow6432Node\ShieldApps
Deleted       HKLM\Software\WebBar
Deleted       HKCU\Software\Vosteran Browser
Deleted       HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|wbmain.exe
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4A9D6FE-8C16-4D72-B845-7AE0FFAB2DAB}
Deleted       HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ttdetect.staticimgfarm.com
Deleted       HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\staticimgfarm.com
Deleted       HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ak.staticimgfarm.com
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.izito.fr
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\izito.fr
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.izito.fr
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\izito.fr
Deleted       HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.developpement-durable.gouv.fr
Deleted       HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\developpement-durable.gouv.fr
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.nicematin.com
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\nicematin.com
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\newsinnice.com
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\archives.nicematin.com
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.nicematin.com
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\nicematin.com
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\newsinnice.com
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\archives.nicematin.com
Deleted       HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.nicematin.com
Deleted       HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\nicematin.com
Deleted       HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.solvusoft.com
Deleted       HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\solvusoft.com
Deleted       HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Deleted       HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Deleted       HKLM\Software\Microsoft\Internet Explorer\Main|Start Page
Deleted       HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\voiture.trovit.fr
Deleted       HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\trovit.fr
Deleted       HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146}
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\st.chatango.com
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\chatango.com
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\st.chatango.com
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\chatango.com
Deleted       HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\st.chatango.com
Deleted       HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\chatango.com
Deleted       HKCU\Software\PRODUCTSETUP
Deleted       HKCU\Software\ProductSetup\Uninstall\0S1P1T1C1R1MtT0P1C1F2X1L1Q1P1QtT1S2UtT0Y1T1M1F1F
Deleted       HKCU\Software\ProductSetup\Uninstall\0B2U2Z1P0F1P1G1R1P1V0A1Q1Q0O1G
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\warthunder.com
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\warthunder.com
Deleted       HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\warthunder.com

***** [ Chromium (and derivatives) ] *****

Deleted       Search Manager
Deleted       Vosteran New Tab

***** [ Chromium URLs ] *****

Deleted       http://vosteran.com/?f=1&a=vst_coinis_15_04_other&cd=2XzuyEtN2Y1L1Qzu0EtDtA0FyEzy0EyCyB0D0AzzyD0FyDyEtN0D0Tzu0StCtCtCzztN1L2XzutAtFyBtFtBtFtCtN1L1CzutCyEtBzytDyD1V1ByEtN1L1G1B1V1N2Y1L1Qzu2StD0DyDtAtAtB0DtCtGzy0E0CyBtGzz0B0D0DtGtCyEyC0FtGtAtBtBzy0D0E0F0FtCtAzy0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDyC0AtD0D0FtC0DtG0D0E0E0AtGyE0ByE0AtG0ByBtBtBtGyE0A0DtAyD0FzzyB0F0C0ByE2Q&cr=1221252993&ir=
Deleted       Vosteran

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [9268 octets] - [31/01/2019 20:12:38]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########




Avatar de l’utilisateur
Malekal_morte
Site Admin
Site Admin
Messages : 95090
Inscription : 10 sept. 2005 13:57
Contact :

Re: virus privacy shield 2018

Message par Malekal_morte » 31 janv. 2019 22:23

Salut,

C'est très vieux tout cela.
Ce sont des restes de dossiers probablement.


Suis le tutoriel FRST. ( prends le temps de lire attentivement - tout y est bien expliqué ).

Télécharge et lance le scan FRST,
Attendre la fin du scan, un message indique que l'analyse est terminée.

Trois rapports FRST seront générés :
* FRST.txt
* Shortcut.
* Additionnal.txt

Envoie ces 3 rapports sur le site https://pjjoint.malekal.com/ et en retour donne les 3 liens pjjoint qui mènent aux rapports ici dans une nouvelle réponse afin que l'on puisse les consulter.

(Les liens bleus mènent à des tutoriels explicatifs pas à pas, clic dessus pour avoir les instructions plus précises à suivre).
Première règle élémentaire de sécurité : on réfléchit puis on clic et pas l'inverse - Les fichiers/programmes c'est comme les bonbons, quand ça vient d'un inconnu, on n'accepte pas

Sécuriser son ordinateur (version courte)

Tutoriels Logiciels - Tutoriel Windows - Windows 10

Stop publicités - popups intempestives
supprimer-trojan.com : guide de suppression de malwares

Partagez malekal.com : n'hésitez pas à partager sur Facebook et GooglePlus les articles qui vous plaisent.

Répondre

Revenir vers « VIRUS : Supprimer/Desinfecter (Trojan, Adwares, Ransomwares, Backdoor, Spywares) »