Forum d'Entraide Informatique (FEI)

Bonjour à tous,

Après avoir eu beaucoup de plantage et de beug, j'ai regardé plein de tutos et essayer plusieurs choses.

Entre autre j'ai désinstallé Google Chrome (je suis sur windows 10 pro), mais au moment de le télécharger pour le réinstaller, impossible.

J'en suis arrivée à utiliser FRST, et à avoir trois liens (ceux des scripts affichés en fin d'analyse). De ce que j'ai compris, je dois en faire quelques choses mais je ne sais pas trop quoi... C'est là que je vous appelle au secours !

Voici donc les trois liens :

- https://pjjoint.malekal.com/files.php?i ... j15x13j7v8
- https://pjjoint.malekal.com/files.php?i ... 0v10w5y9n6
- https://pjjoint.malekal.com/files.php?i ... y9q5v15c10

J'espère que quelqu'un pourra m'aider car j'arrive au bout de mes limites en informatique

Merci d'avance

Salut lili2222

fait moi ceci

Télécharges Zhpsuite sur ton bureau: Téléchargement ICI

• [ Si l'outil n'est pas sur le bureau mais dans le dossier téléchargement fais un couper/coller
  Cliques sur le bouton Télécharger ici]

• Cliques sur le fichier téléchargé pour éxécuter l'outil
• Un raccourci sera crée sur le bureau, le logiciel s'ouvre
• Accepte le Cluf

Dans les options decoche / coche comme indiqué ci-dessous puis ferme



Lance ensuite l'outil en cliquant sur analyse

• Ne pas interrompre l'outil
• Quand fin de recherche s'affiche un rapport zhpdiag.txt apparait sur le bureau
• Heberge le sur le site www.cjoint.com/
• Donne moi le lien fourni dans ton prochain message

did80

Bonjour Did80,

Merci de ta réponse ! J'ai suivi ce que tu as dit, voici le lien : https://www.cjoint.com/c/JEnqMu4z1tK
J'espère que c'est bien cela

Merci d'avance, à bientôt !!

Re LILI

Lance Farbar




Copies les lignes suivantes dans le cadre rouge


start::
CloseProcesses:
CreateRestorePoint:
Tcpip\..\Interfaces\{f3ffa78c-b798-4b0e-815d-6204c9cb0bbb}: [DhcpNameServer] 40.32.1.55
HKU\S-1-5-21-2437515506-2380788585-398803849-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.search.ask.com/?l=dis&o=14469
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2437515506-2380788585-398803849-1001 -> DefaultScope {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=F-ET&o=&src=crm&q={searchTerms}&locale=&apn_ptnrs=&apn_dtid=&apn_uid=D57B95FF-2E36-41DD-89BE-721909FB6467&apn_sauid=E9958EBF-2DAC-425D-BD4B-E2E969CE5C67
SearchScopes: HKU\S-1-5-21-2437515506-2380788585-398803849-1001 -> {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=F-ET&o=&src=crm&q={searchTerms}&locale=&apn_ptnrs=&apn_dtid=&apn_uid=D57B95FF-2E36-41DD-89BE-721909FB6467&apn_sauid=E9958EBF-2DAC-425D-BD4B-E2E969CE5C67
CustomCLSID: HKU\S-1-5-21-2437515506-2380788585-398803849-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Lili\AppData\Local\Microsoft\OneDrive\19.232.1124.0012\amd64\FileSyncShell64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-2437515506-2380788585-398803849-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Lili\AppData\Local\Microsoft\OneDrive\19.232.1124.0012\amd64\FileSyncShell64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-2437515506-2380788585-398803849-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Lili\AppData\Local\Microsoft\OneDrive\19.232.1124.0012\amd64\FileSyncShell64.dll => Pas de fichier
FirewallRules: [{2298338B-1FFA-4A6E-B815-492288CD26C7}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe => Pas de fichier
DeleteValue: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|CL-23-DE504AD8-1CD3-4895-ADF0-D688CD49856E
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{2298338B-1FFA-4A6E-B815-492288CD26C7}
C:\Windows\Installer\13c863.msp
C:\Windows\Installer\146311f7.msp
C:\Windows\Installer\16d9404.msp
C:\Windows\Installer\29c8a97f.msp
C:\Windows\Installer\2a15b62d.msp
C:\Windows\Installer\5e1ed.msp
C:\Windows\Installer\ecbe1f.msp
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files\Mozilla Firefox\firefox.exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files\Mozilla Firefox\firefox.exe.ApplicationCompany
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files\iTunes\iTunes.exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files\iTunes\iTunes.exe.ApplicationCompany
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files (x86)\CleverFiles\Disk Drill\DD.exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files (x86)\CleverFiles\Disk Drill\DD.exe.ApplicationCompany
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\Lili\AppData\Local\SquirrelTemp\Update.exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\Lili\AppData\Local\SquirrelTemp\Update.exe.ApplicationCompany
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\Lili\Downloads\readerdc_fr_xa_crd_install.exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\Lili\Downloads\readerdc_fr_xa_crd_install.exe.ApplicationCompany
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\Lili\Desktop\Apache_OpenOffice_4.1.5_Win_x86_install_fr.exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files (x86)\WinRAR\WinRAR.exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files (x86)\WinRAR\WinRAR.exe.ApplicationCompany
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files (x86)\Google\Chrome\Application\chrome.exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files (x86)\Google\Chrome\Application\chrome.exe.ApplicationCompany
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\Lili\Downloads\iTunes6464Setup.exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\Lili\Downloads\iTunes6464Setup.exe.ApplicationCompany
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|D:\System Volume Information.exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|D:\POSTE.exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|D:\Ma musique.exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|D:\ \Ma musique\Ma musique.exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|D:\ .exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|D:\ \Ma musique.exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|D:\ \EJE.exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|D:\ \APA.exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|D:\ \ .exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\Lili\Documents\FRST64-2.1.exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\Lili\Documents\FRST64-2.1.exe.ApplicationCompany
DeleteValue: HKU\S-1-5-21-2437515506-2380788585-398803849-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files\Mozilla Firefox\firefox.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-2437515506-2380788585-398803849-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files\Mozilla Firefox\firefox.exe.ApplicationCompany
DeleteValue: HKU\S-1-5-21-2437515506-2380788585-398803849-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files\iTunes\iTunes.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-2437515506-2380788585-398803849-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files\iTunes\iTunes.exe.ApplicationCompany
DeleteValue: HKU\S-1-5-21-2437515506-2380788585-398803849-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files (x86)\CleverFiles\Disk Drill\DD.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-2437515506-2380788585-398803849-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files (x86)\CleverFiles\Disk Drill\DD.exe.ApplicationCompany
DeleteValue: HKU\S-1-5-21-2437515506-2380788585-398803849-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\Lili\AppData\Local\SquirrelTemp\Update.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-2437515506-2380788585-398803849-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\Lili\AppData\Local\SquirrelTemp\Update.exe.ApplicationCompany
DeleteValue: HKU\S-1-5-21-2437515506-2380788585-398803849-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\Lili\Downloads\readerdc_fr_xa_crd_install.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-2437515506-2380788585-398803849-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\Lili\Downloads\readerdc_fr_xa_crd_install.exe.ApplicationCompany
DeleteValue: HKU\S-1-5-21-2437515506-2380788585-398803849-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\Lili\Desktop\Apache_OpenOffice_4.1.5_Win_x86_install_fr.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-2437515506-2380788585-398803849-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files (x86)\WinRAR\WinRAR.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-2437515506-2380788585-398803849-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files (x86)\WinRAR\WinRAR.exe.ApplicationCompany
DeleteValue: HKU\S-1-5-21-2437515506-2380788585-398803849-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files (x86)\Google\Chrome\Application\chrome.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-2437515506-2380788585-398803849-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files (x86)\Google\Chrome\Application\chrome.exe.ApplicationCompany
DeleteValue: HKU\S-1-5-21-2437515506-2380788585-398803849-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\Lili\Downloads\iTunes6464Setup.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-2437515506-2380788585-398803849-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\Lili\Downloads\iTunes6464Setup.exe.ApplicationCompany
DeleteValue: HKU\S-1-5-21-2437515506-2380788585-398803849-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|D:\System Volume Information.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-2437515506-2380788585-398803849-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|D:\POSTE.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-2437515506-2380788585-398803849-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|D:\Ma musique.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-2437515506-2380788585-398803849-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|D:\ \Ma musique\Ma musique.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-2437515506-2380788585-398803849-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|D:\ .exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-2437515506-2380788585-398803849-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|D:\ \Ma musique.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-2437515506-2380788585-398803849-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|D:\ \EJE.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-2437515506-2380788585-398803849-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|D:\ \APA.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-2437515506-2380788585-398803849-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|D:\ \ .exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-2437515506-2380788585-398803849-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\Lili\Documents\FRST64-2.1.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-2437515506-2380788585-398803849-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\Lili\Documents\FRST64-2.1.exe.ApplicationCompany
EmptyTemp:
cmd: dism.exe /online /cleanup-image /restorehealth
cmd: sfc /scannow
end::

Corrige et heberge le rapport fixlog

@+ Didier

Ca y est j'ai fait la correction, voici le lien : https://www.cjoint.com/c/JEnxbIcUARK

Bonne soirée !

Bonsoir Lili2222

ta machine n est pas vraiment infectée

par contre ton windows est endommagé

ta version

Windows 10 Pro Version 1703 15063.1418 (X64) Langue: Français (France)

est trés ancienne


https://www.toutwindows.com/liste-des-n ... indows-10/

Je te propose de mettre ton système a niveau



aide

https://genhackmantools.wordpress.com/w ... tana-edge/



coche mettre a niveau et suis la procédure

Didier