Barre du menu (démarer) ne s'affiche pas au démarage
Fermé
sylviabiscotte
Messages postés
267
Date d'inscription
samedi 3 juillet 2004
Statut
Membre
Dernière intervention
2 janvier 2016
-
12 juin 2013 à 10:05
g3n-h@ckm@n Messages postés 13238 Date d'inscription jeudi 31 janvier 2013 Statut Membre Dernière intervention 24 février 2022 - 26 juin 2013 à 21:10
g3n-h@ckm@n Messages postés 13238 Date d'inscription jeudi 31 janvier 2013 Statut Membre Dernière intervention 24 février 2022 - 26 juin 2013 à 21:10
A voir également:
- Barre du menu (démarer) ne s'affiche pas au démarage
- Menu déroulant excel - Guide
- Le clavier de mon telephone ne s'affiche plus - Guide
- Windows 11 menu démarrer classique - Guide
- Windows 11 barre des taches a gauche - Guide
51 réponses
g3n-h@ckm@n
Messages postés
13238
Date d'inscription
jeudi 31 janvier 2013
Statut
Membre
Dernière intervention
24 février 2022
948
21 juin 2013 à 16:55
21 juin 2013 à 16:55
oui je te prépare un script
g3n-h@ckm@n
Messages postés
13238
Date d'inscription
jeudi 31 janvier 2013
Statut
Membre
Dernière intervention
24 février 2022
948
21 juin 2013 à 17:50
21 juin 2013 à 17:50
désinstalle adobe reader 9
désinstalle tout Java
désinstalle Panda Security
====
sélectionne ce texte puis CTRL + C :
Kill::
Key::
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[ISW]
[HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CTFMON.EXE]
[HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NvCplDaemon]
[HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\nwiz]
[HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RoboForm]
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{07c3c179-9008-4abe-b495-d6264c8a9e79}]
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{15d26b5a-3551-4b52-b99c-d717e864a34d}]
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5bcb5480-b45d-4961-8902-fc68717495af}]
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d5f11bc8-e9f3-4cc3-8215-0721df7135a8}]
[HKU\S-1-5-21-903607593-2093009781-735150894-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{91DA5E8A-3318-4F8C-B67E-5964DE3AB546}]
[HKU\S-1-5-21-903607593-2093009781-735150894-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{A057A204-BACC-4D26-8287-79A187E26987}]
[HKU\S-1-5-21-903607593-2093009781-735150894-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{AA58ED58-01DD-4D91-8333-CF10577473F7}]
[HKU\S-1-5-21-903607593-2093009781-735150894-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{CD292324-974F-4224-D074-CACA427AA030}]
[HKU\S-1-5-21-903607593-2093009781-735150894-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2318C2B1-4965-11D4-9B18-009027A5CD4F}]
[HKU\S-1-5-21-903607593-2093009781-735150894-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A057A204-BACC-4D26-8287-79A187E26987}]
[HKU\S-1-5-21-903607593-2093009781-735150894-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{AA58ED58-01DD-4D91-8333-CF10577473F7}]
[HKU\S-1-5-21-903607593-2093009781-735150894-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B}]
[HKU\S-1-5-21-903607593-2093009781-735150894-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CD292324-974F-4224-D074-CACA427AA030}]
[HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{FFFFFFFF-CACE-BABE-BABE-00AA0055595A}]
[HKU\S-1-5-21-903607593-2093009781-735150894-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{FFFFFFFF-CACE-BABE-BABE-00AA0055595A}]
[HKU\S-1-5-21-903607593-2093009781-735150894-1007\Software\Plus-HD-2.2]
[HKU\S-1-5-21-903607593-2093009781-735150894-1007\Software\VMNTOOLBAR]
[HKLM\Software\BrowserChoice]
[HKLM\Software\Iminent]
[HKLM\Software\Plus-HD-2.2]
File|Fold::
C:\Documents and Settings\Sylvia\Application Data\Mozilla\Firefox\Profiles\466b0t8x.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com
C:\Program Files\Plus-HD-2.2
C:\WINDOWS\ie8(2)
C:\WINDOWS\ie8(3)
C:\WINDOWS\system32\config\systemprofile\Application Data\Neopets Toolbar
C:\Documents and Settings\Sylvia\Application Data\vmntoolbar
C:\Documents and Settings\Sylvia\Local Settings\Application Data\PutLockerDownloader
C:\Program Files\Plus-HD-2.2
C:\Program Files\Misc. Support Library (Spybot - Search & Destroy)
C:\Program Files\File Scanner Library (Spybot - Search & Destroy)
C:\Program Files\SDHelper (Spybot - Search & Destroy)
C:\Program Files\TeaTimer (Spybot - Search & Destroy)
C:\Program Files\Spybot - Search & Destroy
C:\WINDOWS\Tasks\Plus-HD-2.2-codedownloader.job
C:\WINDOWS\Tasks\Plus-HD-2.2-chromeinstaller.job
C:\WINDOWS\Tasks\Plus-HD-2.2-firefoxinstaller.job
Driver::
AD-WATCH_CONNECT_FILTER
Ad-Watch Connect Filter
Ad-Watch Connect Kernel Filter
AD-WATCH_REAL-TIME_SCANNER
Ad-Watch Real-Time Scanner
AW Real-Time Scanner
AD-WATCH_REGISTRY_FILTER
Ad-Watch Registry Filter
AVGARCLN
AVGASCLN
AVG_ANTI-ROOTKIT
AVG Anti-Rootkit
AVG_ANTI-SPYWARE_DRIVER
AVG Anti-Spyware Driver
GEL90XNE
ZWUNZI_SERVICE
Zwunzi Service
Clean::
MBR::
Reboot::
Relance Pre_scan puis choisis l'option "Script"
une page va s'ouvrir
logiquement le texte que tu as sélectionné s'y trouve déjà , donc tu fermes et le programme va travailler.
sinon colle-le (clic droit/coller ou ctrl+V) dans la page vierge.
puis onglet fichier => enregistrer (pas enregistrer sous...) , puis ferme le texte
des fenetres noires risquent de clignoter , c'est normal , c'est le programme qui travaille
poste Pre_Script.txt qui apparaitra sur le bureau en fin de travail
désinstalle tout Java
désinstalle Panda Security
====
sélectionne ce texte puis CTRL + C :
Kill::
Key::
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[ISW]
[HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CTFMON.EXE]
[HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NvCplDaemon]
[HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\nwiz]
[HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RoboForm]
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{07c3c179-9008-4abe-b495-d6264c8a9e79}]
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{15d26b5a-3551-4b52-b99c-d717e864a34d}]
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5bcb5480-b45d-4961-8902-fc68717495af}]
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d5f11bc8-e9f3-4cc3-8215-0721df7135a8}]
[HKU\S-1-5-21-903607593-2093009781-735150894-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{91DA5E8A-3318-4F8C-B67E-5964DE3AB546}]
[HKU\S-1-5-21-903607593-2093009781-735150894-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{A057A204-BACC-4D26-8287-79A187E26987}]
[HKU\S-1-5-21-903607593-2093009781-735150894-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{AA58ED58-01DD-4D91-8333-CF10577473F7}]
[HKU\S-1-5-21-903607593-2093009781-735150894-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{CD292324-974F-4224-D074-CACA427AA030}]
[HKU\S-1-5-21-903607593-2093009781-735150894-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2318C2B1-4965-11D4-9B18-009027A5CD4F}]
[HKU\S-1-5-21-903607593-2093009781-735150894-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A057A204-BACC-4D26-8287-79A187E26987}]
[HKU\S-1-5-21-903607593-2093009781-735150894-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{AA58ED58-01DD-4D91-8333-CF10577473F7}]
[HKU\S-1-5-21-903607593-2093009781-735150894-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B}]
[HKU\S-1-5-21-903607593-2093009781-735150894-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CD292324-974F-4224-D074-CACA427AA030}]
[HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{FFFFFFFF-CACE-BABE-BABE-00AA0055595A}]
[HKU\S-1-5-21-903607593-2093009781-735150894-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{FFFFFFFF-CACE-BABE-BABE-00AA0055595A}]
[HKU\S-1-5-21-903607593-2093009781-735150894-1007\Software\Plus-HD-2.2]
[HKU\S-1-5-21-903607593-2093009781-735150894-1007\Software\VMNTOOLBAR]
[HKLM\Software\BrowserChoice]
[HKLM\Software\Iminent]
[HKLM\Software\Plus-HD-2.2]
File|Fold::
C:\Documents and Settings\Sylvia\Application Data\Mozilla\Firefox\Profiles\466b0t8x.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com
C:\Program Files\Plus-HD-2.2
C:\WINDOWS\ie8(2)
C:\WINDOWS\ie8(3)
C:\WINDOWS\system32\config\systemprofile\Application Data\Neopets Toolbar
C:\Documents and Settings\Sylvia\Application Data\vmntoolbar
C:\Documents and Settings\Sylvia\Local Settings\Application Data\PutLockerDownloader
C:\Program Files\Plus-HD-2.2
C:\Program Files\Misc. Support Library (Spybot - Search & Destroy)
C:\Program Files\File Scanner Library (Spybot - Search & Destroy)
C:\Program Files\SDHelper (Spybot - Search & Destroy)
C:\Program Files\TeaTimer (Spybot - Search & Destroy)
C:\Program Files\Spybot - Search & Destroy
C:\WINDOWS\Tasks\Plus-HD-2.2-codedownloader.job
C:\WINDOWS\Tasks\Plus-HD-2.2-chromeinstaller.job
C:\WINDOWS\Tasks\Plus-HD-2.2-firefoxinstaller.job
Driver::
AD-WATCH_CONNECT_FILTER
Ad-Watch Connect Filter
Ad-Watch Connect Kernel Filter
AD-WATCH_REAL-TIME_SCANNER
Ad-Watch Real-Time Scanner
AW Real-Time Scanner
AD-WATCH_REGISTRY_FILTER
Ad-Watch Registry Filter
AVGARCLN
AVGASCLN
AVG_ANTI-ROOTKIT
AVG Anti-Rootkit
AVG_ANTI-SPYWARE_DRIVER
AVG Anti-Spyware Driver
GEL90XNE
ZWUNZI_SERVICE
Zwunzi Service
Clean::
MBR::
Reboot::
Relance Pre_scan puis choisis l'option "Script"
une page va s'ouvrir
logiquement le texte que tu as sélectionné s'y trouve déjà , donc tu fermes et le programme va travailler.
sinon colle-le (clic droit/coller ou ctrl+V) dans la page vierge.
puis onglet fichier => enregistrer (pas enregistrer sous...) , puis ferme le texte
des fenetres noires risquent de clignoter , c'est normal , c'est le programme qui travaille
poste Pre_Script.txt qui apparaitra sur le bureau en fin de travail
ok merci, je m'en occupe tout à l'heure.
tu peux juste m'expliquer ce que tout cela va faire ?
parce qu'adobe et java je les utlisent très régulièrement par exemple
tu peux juste m'expliquer ce que tout cela va faire ?
parce qu'adobe et java je les utlisent très régulièrement par exemple
g3n-h@ckm@n
Messages postés
13238
Date d'inscription
jeudi 31 janvier 2013
Statut
Membre
Dernière intervention
24 février 2022
948
Modifié par g3n-h@ckm@n le 22/06/2013 à 06:39
Modifié par g3n-h@ckm@n le 22/06/2013 à 06:39
oui mais on les reinstallera sous leurs dernières versions parce que celles que tu as.....
ne t'inquiete pas tout est prévu :) je ne fais pas les choses à moitié ^^
ne t'inquiete pas tout est prévu :) je ne fais pas les choses à moitié ^^
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
ah bon, elles ne sont pas de la bonne version ? bon ben autant pour moi :)
je fini ce que j'ai à faire sur l'ordi et je me lance, a tt :)
je fini ce que j'ai à faire sur l'ordi et je me lance, a tt :)
bon j'ai desinstallé panda active scan (rien trouvé d'autre sur panda)
je suis entrain de desinstaller des java et java update
par contre je ne trouve pas d'adobe reader 9, j'ai des adobe flash player et un reader 11
je suis entrain de desinstaller des java et java update
par contre je ne trouve pas d'adobe reader 9, j'ai des adobe flash player et un reader 11
je suis coincée avec le adobe 9 que je ne trouve pas. Dois je faire la maneouvre de script quand meme ?
g3n-h@ckm@n
Messages postés
13238
Date d'inscription
jeudi 31 janvier 2013
Statut
Membre
Dernière intervention
24 février 2022
948
22 juin 2013 à 15:46
22 juin 2013 à 15:46
oui c'est un reste alors....
sylviabiscotte
Messages postés
267
Date d'inscription
samedi 3 juillet 2004
Statut
Membre
Dernière intervention
2 janvier 2016
2
22 juin 2013 à 16:41
22 juin 2013 à 16:41
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Pre_Script | 3.0618 ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
Sylvia : Microsoft Windows XP (32 bits)
Switchs : http://www.sosvirus.net/tutoriels/switchs-pre-script-t312.html
New restorepoint created
Script : 16:18:09
Boot : Normal
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
¤¤¤¤¤¤¤¤¤¤ | Stopped Processes
(1048) -- a2service.exe
(1196) -- nvsvc32.exe
(1764) -- vsmon.exe
(1948) -- explorer.exe
(556) -- ISWSVC.exe
(420) -- spoolsv.exe
(1264) -- ForceField.exe
(2752) -- WasherSvc.exe
(2908) -- wmpnetwk.exe
(3704) -- alg.exe
(2680) -- rundll32.exe
(3164) -- zatray.exe
(3232) -- ctfmon.exe
¤¤¤¤¤¤¤¤¤¤ | Deletion | Drivers | Services
Service : AD-WATCH_CONNECT_FILTER Not actif
Service : Ad-Watch Connect Filter Not actif
Service : Ad-Watch Connect Kernel Filter Not actif
Service : AD-WATCH_REAL-TIME_SCANNER Not actif
Service : Ad-Watch Real-Time Scanner Not actif
Service : AW Real-Time Scanner Not actif
Service : AD-WATCH_REGISTRY_FILTER Not actif
Service : Ad-Watch Registry Filter Not actif
Service : AVGARCLN Not actif
Service : AVGASCLN Not actif
Service : AVG_ANTI-ROOTKIT Not actif
Service : AVG Anti-Rootkit Not actif
Service : AVG_ANTI-SPYWARE_DRIVER Not actif
Service : AVG Anti-Spyware Driver Not actif
Service : GEL90XNE Not actif
Service : ZWUNZI_SERVICE Not actif
Service : Zwunzi Service Not actif
¤
¤¤¤¤¤¤¤¤¤¤ | Registry Deletions
Value Deleted : [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:ISW
Key Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CTFMON.EXE
Key Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NvCplDaemon
Key Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\nwiz
Key Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RoboForm
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{07c3c179-9008-4abe-b495-d6264c8a9e79}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{15d26b5a-3551-4b52-b99c-d717e864a34d}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5bcb5480-b45d-4961-8902-fc68717495af}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d5f11bc8-e9f3-4cc3-8215-0721df7135a8}
Key Deleted : HKU\S-1-5-21-903607593-2093009781-735150894-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{91DA5E8A-3318-4F8C-B67E-5964DE3AB546}
Key Deleted : HKU\S-1-5-21-903607593-2093009781-735150894-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{A057A204-BACC-4D26-8287-79A187E26987}
Key Deleted : HKU\S-1-5-21-903607593-2093009781-735150894-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{AA58ED58-01DD-4D91-8333-CF10577473F7}
Key Deleted : HKU\S-1-5-21-903607593-2093009781-735150894-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{CD292324-974F-4224-D074-CACA427AA030}
Key Deleted : HKU\S-1-5-21-903607593-2093009781-735150894-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Key Deleted : HKU\S-1-5-21-903607593-2093009781-735150894-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A057A204-BACC-4D26-8287-79A187E26987}
Key Deleted : HKU\S-1-5-21-903607593-2093009781-735150894-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{AA58ED58-01DD-4D91-8333-CF10577473F7}
Key Deleted : HKU\S-1-5-21-903607593-2093009781-735150894-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B}
Key Deleted : HKU\S-1-5-21-903607593-2093009781-735150894-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CD292324-974F-4224-D074-CACA427AA030}
Key Deleted : HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{FFFFFFFF-CACE-BABE-BABE-00AA0055595A}
Key Deleted : HKU\S-1-5-21-903607593-2093009781-735150894-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{FFFFFFFF-CACE-BABE-BABE-00AA0055595A}
Key Deleted : HKU\S-1-5-21-903607593-2093009781-735150894-1007\Software\Plus-HD-2.2
Key Deleted : HKU\S-1-5-21-903607593-2093009781-735150894-1007\Software\VMNTOOLBAR
Key Deleted : HKLM\Software\BrowserChoice
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\Software\Plus-HD-2.2
¤
Folder Moved to quarantine successfully : |D| - C:\Documents and Settings\Sylvia\Application Data\Mozilla\Firefox\Profiles\466b0t8x.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com
Folder Moved to quarantine successfully : |D| - C:\Program Files\Plus-HD-2.2
Folder Moved to quarantine successfully : |DC| - C:\WINDOWS\ie8(2)
Folder Moved to quarantine successfully : |DC| - C:\WINDOWS\ie8(3)
Folder Moved to quarantine successfully : |D| - C:\WINDOWS\system32\config\systemprofile\Application Data\Neopets Toolbar
Folder Moved to quarantine successfully : |D| - C:\Documents and Settings\Sylvia\Application Data\vmntoolbar
Folder Moved to quarantine successfully : |D| - C:\Documents and Settings\Sylvia\Local Settings\Application Data\PutLockerDownloader
C:\Program Files\Plus-HD-2.2 : Not Found !
Folder Moved to quarantine successfully : |D| - C:\Program Files\Misc. Support Library (Spybot - Search & Destroy)
Folder Moved to quarantine successfully : |D| - C:\Program Files\File Scanner Library (Spybot - Search & Destroy)
Folder Moved to quarantine successfully : |D| - C:\Program Files\SDHelper (Spybot - Search & Destroy)
Folder Moved to quarantine successfully : |D| - C:\Program Files\TeaTimer (Spybot - Search & Destroy)
Folder Moved to quarantine successfully : |D| - C:\Program Files\Spybot - Search & Destroy
File Moved to quarantine successfully : |A| - C:\WINDOWS\Tasks\Plus-HD-2.2-codedownloader.job
File Moved to quarantine successfully : |A| - C:\WINDOWS\Tasks\Plus-HD-2.2-chromeinstaller.job
File Moved to quarantine successfully : |A| - C:\WINDOWS\Tasks\Plus-HD-2.2-firefoxinstaller.job
¤¤¤¤¤¤¤¤¤¤ | MBR
Windows Version: Windows XP Home Edition
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x000003fd
Analysis of file "C:\Pre_Scan\MBR.bin":
Unknown MBR code
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600 Disk: SAMSUNG_HD400LJ rev.ZZ100-15 -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
device: opened successfully
user: MBR read successfully
Disk trace:
kernel: MBR read successfully
_asm { XOR DI, DI; MOV SI, 0x200; MOV SS, DI; MOV SP, 0x7a00; MOV BX, 0x7a0; MOV CX, SI; MOV DS, BX; MOV ES, BX; REP MOVSB ; JMP FAR 0x7a0:0x5f; }
user & kernel MBR OK
¤
¤¤¤¤¤¤¤¤¤¤ | Disk cleaning
FreeSpace : 117139
Cleaning disk...
FreeSpace : 117156
¤
¤¤¤¤¤¤¤¤¤¤ ( EOF ) ¤¤¤¤¤¤¤¤¤¤ | End : 15:28:05
Sylvia : Microsoft Windows XP (32 bits)
Switchs : http://www.sosvirus.net/tutoriels/switchs-pre-script-t312.html
New restorepoint created
Script : 16:18:09
Boot : Normal
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
¤¤¤¤¤¤¤¤¤¤ | Stopped Processes
(1048) -- a2service.exe
(1196) -- nvsvc32.exe
(1764) -- vsmon.exe
(1948) -- explorer.exe
(556) -- ISWSVC.exe
(420) -- spoolsv.exe
(1264) -- ForceField.exe
(2752) -- WasherSvc.exe
(2908) -- wmpnetwk.exe
(3704) -- alg.exe
(2680) -- rundll32.exe
(3164) -- zatray.exe
(3232) -- ctfmon.exe
¤¤¤¤¤¤¤¤¤¤ | Deletion | Drivers | Services
Service : AD-WATCH_CONNECT_FILTER Not actif
Service : Ad-Watch Connect Filter Not actif
Service : Ad-Watch Connect Kernel Filter Not actif
Service : AD-WATCH_REAL-TIME_SCANNER Not actif
Service : Ad-Watch Real-Time Scanner Not actif
Service : AW Real-Time Scanner Not actif
Service : AD-WATCH_REGISTRY_FILTER Not actif
Service : Ad-Watch Registry Filter Not actif
Service : AVGARCLN Not actif
Service : AVGASCLN Not actif
Service : AVG_ANTI-ROOTKIT Not actif
Service : AVG Anti-Rootkit Not actif
Service : AVG_ANTI-SPYWARE_DRIVER Not actif
Service : AVG Anti-Spyware Driver Not actif
Service : GEL90XNE Not actif
Service : ZWUNZI_SERVICE Not actif
Service : Zwunzi Service Not actif
¤
¤¤¤¤¤¤¤¤¤¤ | Registry Deletions
Value Deleted : [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:ISW
Key Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CTFMON.EXE
Key Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NvCplDaemon
Key Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\nwiz
Key Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RoboForm
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{07c3c179-9008-4abe-b495-d6264c8a9e79}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{15d26b5a-3551-4b52-b99c-d717e864a34d}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5bcb5480-b45d-4961-8902-fc68717495af}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d5f11bc8-e9f3-4cc3-8215-0721df7135a8}
Key Deleted : HKU\S-1-5-21-903607593-2093009781-735150894-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{91DA5E8A-3318-4F8C-B67E-5964DE3AB546}
Key Deleted : HKU\S-1-5-21-903607593-2093009781-735150894-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{A057A204-BACC-4D26-8287-79A187E26987}
Key Deleted : HKU\S-1-5-21-903607593-2093009781-735150894-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{AA58ED58-01DD-4D91-8333-CF10577473F7}
Key Deleted : HKU\S-1-5-21-903607593-2093009781-735150894-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{CD292324-974F-4224-D074-CACA427AA030}
Key Deleted : HKU\S-1-5-21-903607593-2093009781-735150894-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Key Deleted : HKU\S-1-5-21-903607593-2093009781-735150894-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A057A204-BACC-4D26-8287-79A187E26987}
Key Deleted : HKU\S-1-5-21-903607593-2093009781-735150894-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{AA58ED58-01DD-4D91-8333-CF10577473F7}
Key Deleted : HKU\S-1-5-21-903607593-2093009781-735150894-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B}
Key Deleted : HKU\S-1-5-21-903607593-2093009781-735150894-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CD292324-974F-4224-D074-CACA427AA030}
Key Deleted : HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{FFFFFFFF-CACE-BABE-BABE-00AA0055595A}
Key Deleted : HKU\S-1-5-21-903607593-2093009781-735150894-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{FFFFFFFF-CACE-BABE-BABE-00AA0055595A}
Key Deleted : HKU\S-1-5-21-903607593-2093009781-735150894-1007\Software\Plus-HD-2.2
Key Deleted : HKU\S-1-5-21-903607593-2093009781-735150894-1007\Software\VMNTOOLBAR
Key Deleted : HKLM\Software\BrowserChoice
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\Software\Plus-HD-2.2
¤
Folder Moved to quarantine successfully : |D| - C:\Documents and Settings\Sylvia\Application Data\Mozilla\Firefox\Profiles\466b0t8x.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com
Folder Moved to quarantine successfully : |D| - C:\Program Files\Plus-HD-2.2
Folder Moved to quarantine successfully : |DC| - C:\WINDOWS\ie8(2)
Folder Moved to quarantine successfully : |DC| - C:\WINDOWS\ie8(3)
Folder Moved to quarantine successfully : |D| - C:\WINDOWS\system32\config\systemprofile\Application Data\Neopets Toolbar
Folder Moved to quarantine successfully : |D| - C:\Documents and Settings\Sylvia\Application Data\vmntoolbar
Folder Moved to quarantine successfully : |D| - C:\Documents and Settings\Sylvia\Local Settings\Application Data\PutLockerDownloader
C:\Program Files\Plus-HD-2.2 : Not Found !
Folder Moved to quarantine successfully : |D| - C:\Program Files\Misc. Support Library (Spybot - Search & Destroy)
Folder Moved to quarantine successfully : |D| - C:\Program Files\File Scanner Library (Spybot - Search & Destroy)
Folder Moved to quarantine successfully : |D| - C:\Program Files\SDHelper (Spybot - Search & Destroy)
Folder Moved to quarantine successfully : |D| - C:\Program Files\TeaTimer (Spybot - Search & Destroy)
Folder Moved to quarantine successfully : |D| - C:\Program Files\Spybot - Search & Destroy
File Moved to quarantine successfully : |A| - C:\WINDOWS\Tasks\Plus-HD-2.2-codedownloader.job
File Moved to quarantine successfully : |A| - C:\WINDOWS\Tasks\Plus-HD-2.2-chromeinstaller.job
File Moved to quarantine successfully : |A| - C:\WINDOWS\Tasks\Plus-HD-2.2-firefoxinstaller.job
¤¤¤¤¤¤¤¤¤¤ | MBR
Windows Version: Windows XP Home Edition
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x000003fd
Analysis of file "C:\Pre_Scan\MBR.bin":
Unknown MBR code
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600 Disk: SAMSUNG_HD400LJ rev.ZZ100-15 -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
device: opened successfully
user: MBR read successfully
Disk trace:
kernel: MBR read successfully
_asm { XOR DI, DI; MOV SI, 0x200; MOV SS, DI; MOV SP, 0x7a00; MOV BX, 0x7a0; MOV CX, SI; MOV DS, BX; MOV ES, BX; REP MOVSB ; JMP FAR 0x7a0:0x5f; }
user & kernel MBR OK
¤
¤¤¤¤¤¤¤¤¤¤ | Disk cleaning
FreeSpace : 117139
Cleaning disk...
FreeSpace : 117156
¤
¤¤¤¤¤¤¤¤¤¤ ( EOF ) ¤¤¤¤¤¤¤¤¤¤ | End : 15:28:05
g3n-h@ckm@n
Messages postés
13238
Date d'inscription
jeudi 31 janvier 2013
Statut
Membre
Dernière intervention
24 février 2022
948
22 juin 2013 à 17:19
22 juin 2013 à 17:19
ah il a pas voulu faire sauter les clés , pas grave on va le faire autrement
Télécharge ici :OTL
▶ enregistre le sur ton Bureau.
si tu as XP => double clique
si tu as Vista ou windows 7 / 8 => clic droit "executer en tant que...."
sur OTL.exe pour le lancer.
▶ => Clique ici pour voir la Configuration
▶ Copie et colle le contenu de ce qui suit en gras dans la partie inférieure d'OTL "Personnalisation"
HKCU\Software
HKLM\Software
HKCU\Software\Microsoft\Command Processor /s
%Homedrive%\*
%Homedrive%\*.
%Userprofile%\*
%Userprofile%\*.
%Allusersprofile%\*
%Allusersprofile%\*.
%LocalAppData%\*
%LocalAppData%\*.
%Userprofile%\Local Settings\Application Data\*
%Userprofile%\Local Settings\Application Data\*.
%programFiles%\*
%programFiles%\*.
%Systemroot%\Installer\*.
%Systemroot%\Temp\*.exe /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\*.exe /lockedfiles
%systemroot%\system32\*.in*
%systemroot%\Tasks\*
%systemroot%\Tasks\*.
%systemroot%\system32\Tasks\*
%systemroot%\system32\Tasks\*.
%systemroot%\system32\drivers\*.sy* /lockedfiles
%systemroot%\system32\config\*.exe /s
%Systemroot%\ServiceProfiles\*.exe /s
%systemroot%\system32\*.sys
dir C:\ /S /A:L /C
msconfig
activex
/md5start
explorer.exe
winlogon.exe
wininit.exe
volsnap.sys
atapi.sys
ndisuio.sys
ndis.sys
cdrom.sys
i8042prt.sys
iastor.sys
tdx.sys
netbt.sys
afd.sys
/md5stop
netsvcs
safebootminimal
safebootnetwork
CREATERESTOREPOINT
▶ Clic sur Analyse.
A la fin du scan, le Bloc-Notes va s'ouvrir avec le rapport (OTL.txt).
Ce fichier est sur ton Bureau (en général C:\Documents and settings\le_nom_de_ta_session\<Bureau ou Desktop>\OTL.txt)
▶▶▶ NE LE POSTE PAS SUR LE FORUM (il est trop long)
heberge OTL.txt et extra.txt sur https://www.cjoint.com/ et donne les liens
Télécharge ici :OTL
▶ enregistre le sur ton Bureau.
si tu as XP => double clique
si tu as Vista ou windows 7 / 8 => clic droit "executer en tant que...."
sur OTL.exe pour le lancer.
▶ => Clique ici pour voir la Configuration
▶ Copie et colle le contenu de ce qui suit en gras dans la partie inférieure d'OTL "Personnalisation"
HKCU\Software
HKLM\Software
HKCU\Software\Microsoft\Command Processor /s
%Homedrive%\*
%Homedrive%\*.
%Userprofile%\*
%Userprofile%\*.
%Allusersprofile%\*
%Allusersprofile%\*.
%LocalAppData%\*
%LocalAppData%\*.
%Userprofile%\Local Settings\Application Data\*
%Userprofile%\Local Settings\Application Data\*.
%programFiles%\*
%programFiles%\*.
%Systemroot%\Installer\*.
%Systemroot%\Temp\*.exe /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\*.exe /lockedfiles
%systemroot%\system32\*.in*
%systemroot%\Tasks\*
%systemroot%\Tasks\*.
%systemroot%\system32\Tasks\*
%systemroot%\system32\Tasks\*.
%systemroot%\system32\drivers\*.sy* /lockedfiles
%systemroot%\system32\config\*.exe /s
%Systemroot%\ServiceProfiles\*.exe /s
%systemroot%\system32\*.sys
dir C:\ /S /A:L /C
msconfig
activex
/md5start
explorer.exe
winlogon.exe
wininit.exe
volsnap.sys
atapi.sys
ndisuio.sys
ndis.sys
cdrom.sys
i8042prt.sys
iastor.sys
tdx.sys
netbt.sys
afd.sys
/md5stop
netsvcs
safebootminimal
safebootnetwork
CREATERESTOREPOINT
▶ Clic sur Analyse.
A la fin du scan, le Bloc-Notes va s'ouvrir avec le rapport (OTL.txt).
Ce fichier est sur ton Bureau (en général C:\Documents and settings\le_nom_de_ta_session\<Bureau ou Desktop>\OTL.txt)
▶▶▶ NE LE POSTE PAS SUR LE FORUM (il est trop long)
heberge OTL.txt et extra.txt sur https://www.cjoint.com/ et donne les liens
sylviabiscotte
Messages postés
267
Date d'inscription
samedi 3 juillet 2004
Statut
Membre
Dernière intervention
2 janvier 2016
2
22 juin 2013 à 18:35
22 juin 2013 à 18:35
sylviabiscotte
Messages postés
267
Date d'inscription
samedi 3 juillet 2004
Statut
Membre
Dernière intervention
2 janvier 2016
2
22 juin 2013 à 18:48
22 juin 2013 à 18:48
et le extra :
https://www.cjoint.com/?CFwsWueli8G
https://www.cjoint.com/?CFwsWueli8G
g3n-h@ckm@n
Messages postés
13238
Date d'inscription
jeudi 31 janvier 2013
Statut
Membre
Dernière intervention
24 février 2022
948
22 juin 2013 à 18:48
22 juin 2013 à 18:48
le deuxieme stp ?
sylviabiscotte
Messages postés
267
Date d'inscription
samedi 3 juillet 2004
Statut
Membre
Dernière intervention
2 janvier 2016
2
22 juin 2013 à 18:53
22 juin 2013 à 18:53
les deux sont postés :)
tu les voit ?
tu les voit ?
g3n-h@ckm@n
Messages postés
13238
Date d'inscription
jeudi 31 janvier 2013
Statut
Membre
Dernière intervention
24 février 2022
948
22 juin 2013 à 18:54
22 juin 2013 à 18:54
on a posté en même temps ^^ je regarde ca :)
sylviabiscotte
Messages postés
267
Date d'inscription
samedi 3 juillet 2004
Statut
Membre
Dernière intervention
2 janvier 2016
2
22 juin 2013 à 18:57
22 juin 2013 à 18:57
:D merci
g3n-h@ckm@n
Messages postés
13238
Date d'inscription
jeudi 31 janvier 2013
Statut
Membre
Dernière intervention
24 février 2022
948
22 juin 2013 à 19:58
22 juin 2013 à 19:58
ATTENTION !!! : Script personnalisé pour cette machine uniquement , ne pas reproduire !!
si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "executer en tant que...."
sur OTL.exe pour le lancer.
▶Copie la liste qui se trouve en gras ci-dessous,
▶ colle-la dans la zone sous "Personnalisation" :
:processes
explorer.exe
iexplore.exe
firefox.exe
msnmsgr.exe
Teatimer.exe
safari.exe
opera.exe
rundll32.exe
:Services
AD-WATCH_CONNECT_FILTER
Ad-Watch Connect Filter
Ad-Watch Connect Kernel Filter
AD-WATCH_REAL-TIME_SCANNER
Ad-Watch Real-Time Scanner
AW Real-Time Scanner
AD-WATCH_REGISTRY_FILTER
Ad-Watch Registry Filter
AVGARCLN
AVGASCLN
AVG_ANTI-ROOTKIT
AVG Anti-Rootkit
AVG_ANTI-SPYWARE_DRIVER
AVG Anti-Spyware Driver
GEL90XNE
ZWUNZI_SERVICE
Zwunzi Service
:commands
[emptytemp]
▶ Clique sur "Correction" pour lancer la suppression.
▶ Poste le rapport qui logiquement s'ouvrira tout seul en fin de travail appres le redemarrage.
si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "executer en tant que...."
sur OTL.exe pour le lancer.
▶Copie la liste qui se trouve en gras ci-dessous,
▶ colle-la dans la zone sous "Personnalisation" :
:processes
explorer.exe
iexplore.exe
firefox.exe
msnmsgr.exe
Teatimer.exe
safari.exe
opera.exe
rundll32.exe
:Services
AD-WATCH_CONNECT_FILTER
Ad-Watch Connect Filter
Ad-Watch Connect Kernel Filter
AD-WATCH_REAL-TIME_SCANNER
Ad-Watch Real-Time Scanner
AW Real-Time Scanner
AD-WATCH_REGISTRY_FILTER
Ad-Watch Registry Filter
AVGARCLN
AVGASCLN
AVG_ANTI-ROOTKIT
AVG Anti-Rootkit
AVG_ANTI-SPYWARE_DRIVER
AVG Anti-Spyware Driver
GEL90XNE
ZWUNZI_SERVICE
Zwunzi Service
:commands
[emptytemp]
▶ Clique sur "Correction" pour lancer la suppression.
▶ Poste le rapport qui logiquement s'ouvrira tout seul en fin de travail appres le redemarrage.
sylviabiscotte
Messages postés
267
Date d'inscription
samedi 3 juillet 2004
Statut
Membre
Dernière intervention
2 janvier 2016
2
22 juin 2013 à 20:22
22 juin 2013 à 20:22
j'espere que tout est bon :
All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
No active process named iexplore.exe was found!
No active process named firefox.exe was found!
No active process named msnmsgr.exe was found!
No active process named Teatimer.exe was found!
No active process named safari.exe was found!
No active process named opera.exe was found!
Process rundll32.exe killed successfully!
========== SERVICES/DRIVERS ==========
Error: No service named AD-WATCH_CONNECT_FILTER was found to stop!
Service\Driver key AD-WATCH_CONNECT_FILTER not found.
Service Ad-Watch Connect Filter stopped successfully!
Service Ad-Watch Connect Filter deleted successfully!
Error: No service named Ad-Watch Connect Kernel Filter was found to stop!
Service\Driver key Ad-Watch Connect Kernel Filter not found.
Error: No service named AD-WATCH_REAL-TIME_SCANNER was found to stop!
Service\Driver key AD-WATCH_REAL-TIME_SCANNER not found.
Error: No service named Ad-Watch Real-Time Scanner was found to stop!
Service\Driver key Ad-Watch Real-Time Scanner not found.
Error: No service named AW Real-Time Scanner was found to stop!
Service\Driver key AW Real-Time Scanner not found.
Error: No service named AD-WATCH_REGISTRY_FILTER was found to stop!
Service\Driver key AD-WATCH_REGISTRY_FILTER not found.
Error: No service named Ad-Watch Registry Filter was found to stop!
Service\Driver key Ad-Watch Registry Filter not found.
Error: No service named AVGARCLN was found to stop!
Service\Driver key AVGARCLN not found.
Error: No service named AVGASCLN was found to stop!
Service\Driver key AVGASCLN not found.
Error: No service named AVG_ANTI-ROOTKIT was found to stop!
Service\Driver key AVG_ANTI-ROOTKIT not found.
Error: No service named AVG Anti-Rootkit was found to stop!
Service\Driver key AVG Anti-Rootkit not found.
Error: No service named AVG_ANTI-SPYWARE_DRIVER was found to stop!
Service\Driver key AVG_ANTI-SPYWARE_DRIVER not found.
Error: No service named AVG Anti-Spyware Driver was found to stop!
Service\Driver key AVG Anti-Spyware Driver not found.
Service GEL90XNE stopped successfully!
Service GEL90XNE deleted successfully!
Error: No service named ZWUNZI_SERVICE was found to stop!
Service\Driver key ZWUNZI_SERVICE not found.
Error: No service named Zwunzi Service was found to stop!
Service\Driver key Zwunzi Service not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrateur
->Temporary Internet Files folder emptied: 268 bytes
User: Administrateur.LOCAL-B6340356A
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 5452803 bytes
->Flash cache emptied: 492 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: LocalService
->Temp folder emptied: 4285260 bytes
->Temporary Internet Files folder emptied: 33237 bytes
User: NetworkService
->Temp folder emptied: 1054812 bytes
->Temporary Internet Files folder emptied: 39619473 bytes
User: Sylvia
->Temp folder emptied: 5961913 bytes
->Temporary Internet Files folder emptied: 29979755 bytes
->FireFox cache emptied: 359186772 bytes
->Google Chrome cache emptied: 399464275 bytes
->Apple Safari cache emptied: 0 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 3127769 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1307180 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 538456982 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 311968043 bytes
Total Files Cleaned = 1 621,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 06222013_191122
Files\Folders moved on Reboot...
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
No active process named iexplore.exe was found!
No active process named firefox.exe was found!
No active process named msnmsgr.exe was found!
No active process named Teatimer.exe was found!
No active process named safari.exe was found!
No active process named opera.exe was found!
Process rundll32.exe killed successfully!
========== SERVICES/DRIVERS ==========
Error: No service named AD-WATCH_CONNECT_FILTER was found to stop!
Service\Driver key AD-WATCH_CONNECT_FILTER not found.
Service Ad-Watch Connect Filter stopped successfully!
Service Ad-Watch Connect Filter deleted successfully!
Error: No service named Ad-Watch Connect Kernel Filter was found to stop!
Service\Driver key Ad-Watch Connect Kernel Filter not found.
Error: No service named AD-WATCH_REAL-TIME_SCANNER was found to stop!
Service\Driver key AD-WATCH_REAL-TIME_SCANNER not found.
Error: No service named Ad-Watch Real-Time Scanner was found to stop!
Service\Driver key Ad-Watch Real-Time Scanner not found.
Error: No service named AW Real-Time Scanner was found to stop!
Service\Driver key AW Real-Time Scanner not found.
Error: No service named AD-WATCH_REGISTRY_FILTER was found to stop!
Service\Driver key AD-WATCH_REGISTRY_FILTER not found.
Error: No service named Ad-Watch Registry Filter was found to stop!
Service\Driver key Ad-Watch Registry Filter not found.
Error: No service named AVGARCLN was found to stop!
Service\Driver key AVGARCLN not found.
Error: No service named AVGASCLN was found to stop!
Service\Driver key AVGASCLN not found.
Error: No service named AVG_ANTI-ROOTKIT was found to stop!
Service\Driver key AVG_ANTI-ROOTKIT not found.
Error: No service named AVG Anti-Rootkit was found to stop!
Service\Driver key AVG Anti-Rootkit not found.
Error: No service named AVG_ANTI-SPYWARE_DRIVER was found to stop!
Service\Driver key AVG_ANTI-SPYWARE_DRIVER not found.
Error: No service named AVG Anti-Spyware Driver was found to stop!
Service\Driver key AVG Anti-Spyware Driver not found.
Service GEL90XNE stopped successfully!
Service GEL90XNE deleted successfully!
Error: No service named ZWUNZI_SERVICE was found to stop!
Service\Driver key ZWUNZI_SERVICE not found.
Error: No service named Zwunzi Service was found to stop!
Service\Driver key Zwunzi Service not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrateur
->Temporary Internet Files folder emptied: 268 bytes
User: Administrateur.LOCAL-B6340356A
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 5452803 bytes
->Flash cache emptied: 492 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: LocalService
->Temp folder emptied: 4285260 bytes
->Temporary Internet Files folder emptied: 33237 bytes
User: NetworkService
->Temp folder emptied: 1054812 bytes
->Temporary Internet Files folder emptied: 39619473 bytes
User: Sylvia
->Temp folder emptied: 5961913 bytes
->Temporary Internet Files folder emptied: 29979755 bytes
->FireFox cache emptied: 359186772 bytes
->Google Chrome cache emptied: 399464275 bytes
->Apple Safari cache emptied: 0 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 3127769 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1307180 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 538456982 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 311968043 bytes
Total Files Cleaned = 1 621,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 06222013_191122
Files\Folders moved on Reboot...
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
g3n-h@ckm@n
Messages postés
13238
Date d'inscription
jeudi 31 janvier 2013
Statut
Membre
Dernière intervention
24 février 2022
948
22 juin 2013 à 20:42
22 juin 2013 à 20:42
mmmm....refais OTL avec les mêmes consignes ? ( l'analyse )
sylviabiscotte
Messages postés
267
Date d'inscription
samedi 3 juillet 2004
Statut
Membre
Dernière intervention
2 janvier 2016
2
22 juin 2013 à 21:42
22 juin 2013 à 21:42
bon j'ai quelques soucis avec ccm
je reessai :
les extras :
https://www.cjoint.com/?CFwvOwYMrRF
et le otl :
https://www.cjoint.com/?CFwvQcB1PgL
je reessai :
les extras :
https://www.cjoint.com/?CFwvOwYMrRF
et le otl :
https://www.cjoint.com/?CFwvQcB1PgL
