Nettoyage en profondeur du PC Capdec
Fermé
juju666
Messages postés
35446
Date d'inscription
Statut
Contributeur sécurité
Dernière intervention
-
Capdec -
Capdec -
Bonjour,
Capdec,
Voici la première chose à faire sur le pc de ton fils, cela me permettra de voir ce qu'il y a dans la machine :)
Faire un scan OTL pour diagnostiquer les programmes qui tournent et déceler des infections :
▶ Télécharge ici :OTL
▶ Fais un double clic sur l'icône pour le lancer (clic droit executer en tant qu'administrateur sous Vista, Windows 7 ou Windows 8). Vérifier que toutes les autres fenêtres sont fermées afin qu'il s'exécute sans interruption.
▶ Clique ici pour voir la configuration
▶ Copie et colle le contenu de ce qui suit en gras dans la partie inférieure d'OTL "Personnalisation"
HKCU\Software
HKLM\Software
%Homedrive%\*
%Homedrive%\*.
%Userprofile%\*
%Userprofile%\*.
%Allusersprofile%\*
%Allusersprofile%\*.
%localappdata%\*
%localappdata%\*.
%Userprofile%\Local Settings\Application Data\*
%Userprofile%\Local Settings\Application Data\*.
%programFiles%\*
%programFiles%\*.
%Systemroot%\Temp\*.exe /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\*.exe /lockedfiles
%systemroot%\system32\*.in*
%systemroot%\Tasks\*
%systemroot%\Tasks\*.
%systemroot%\system32\Tasks\*
%systemroot%\system32\Tasks\*.
%systemroot%\system32\drivers\*.sy* /lockedfiles
%systemroot%\system32\config\*.exe /s
%Systemroot%\ServiceProfiles\*.exe /s
%systemroot%\system32\*.sys
%temp%\*.exe /s
%ALLUSERSPROFILE%\Application Data\*.exe /s
%ALLUSERSPROFILE%\Application Data\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.*
/md5start
explorer.exe
winlogon.exe
userinit.exe
svchost.exe
services.exe
winsock.*
/md5stop
msconfig
netsvcs
BASESERVICES
safebootminimal
safebootnetwork
CREATERESTOREPOINT
SAVEMBR:0
HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
HKLM\Software\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command
HKLM\Software\Clients\StartMenuInternet\Google Chrome\shell\open\command
dir "%Homedrive%\*" /S /A:L /C
▶ Clic sur Analyse.
A la fin du scan, 2 Bloc-Notes vont s'ouvrir avec les rapports (OTL.txt et extras.txt).
NE PAS COPIER/COLLER LE RAPPORT ICI - LIRE JUSQU'AU BOUT
Ces fichiers se trouvent à côté de l'exécutable OTL.exe
héberge OTL.txt et extra.txt sur FEC Upload et donne les liens obtenus en échange
NE PAS COPIER/COLLER LE LIEN DE SUPPRESSION, CONSERVE-LE SI TU DESIRE ENSUITE SUPPRIMER LES RAPPORTS DE LA BASE DE DONNEES FEC
A +
Capdec,
Voici la première chose à faire sur le pc de ton fils, cela me permettra de voir ce qu'il y a dans la machine :)
Faire un scan OTL pour diagnostiquer les programmes qui tournent et déceler des infections :
▶ Télécharge ici :OTL
▶ Fais un double clic sur l'icône pour le lancer (clic droit executer en tant qu'administrateur sous Vista, Windows 7 ou Windows 8). Vérifier que toutes les autres fenêtres sont fermées afin qu'il s'exécute sans interruption.
▶ Clique ici pour voir la configuration
▶ Copie et colle le contenu de ce qui suit en gras dans la partie inférieure d'OTL "Personnalisation"
HKCU\Software
HKLM\Software
%Homedrive%\*
%Homedrive%\*.
%Userprofile%\*
%Userprofile%\*.
%Allusersprofile%\*
%Allusersprofile%\*.
%localappdata%\*
%localappdata%\*.
%Userprofile%\Local Settings\Application Data\*
%Userprofile%\Local Settings\Application Data\*.
%programFiles%\*
%programFiles%\*.
%Systemroot%\Temp\*.exe /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\*.exe /lockedfiles
%systemroot%\system32\*.in*
%systemroot%\Tasks\*
%systemroot%\Tasks\*.
%systemroot%\system32\Tasks\*
%systemroot%\system32\Tasks\*.
%systemroot%\system32\drivers\*.sy* /lockedfiles
%systemroot%\system32\config\*.exe /s
%Systemroot%\ServiceProfiles\*.exe /s
%systemroot%\system32\*.sys
%temp%\*.exe /s
%ALLUSERSPROFILE%\Application Data\*.exe /s
%ALLUSERSPROFILE%\Application Data\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.*
/md5start
explorer.exe
winlogon.exe
userinit.exe
svchost.exe
services.exe
winsock.*
/md5stop
msconfig
netsvcs
BASESERVICES
safebootminimal
safebootnetwork
CREATERESTOREPOINT
SAVEMBR:0
HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
HKLM\Software\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command
HKLM\Software\Clients\StartMenuInternet\Google Chrome\shell\open\command
dir "%Homedrive%\*" /S /A:L /C
▶ Clic sur Analyse.
A la fin du scan, 2 Bloc-Notes vont s'ouvrir avec les rapports (OTL.txt et extras.txt).
NE PAS COPIER/COLLER LE RAPPORT ICI - LIRE JUSQU'AU BOUT
Ces fichiers se trouvent à côté de l'exécutable OTL.exe
héberge OTL.txt et extra.txt sur FEC Upload et donne les liens obtenus en échange
NE PAS COPIER/COLLER LE LIEN DE SUPPRESSION, CONSERVE-LE SI TU DESIRE ENSUITE SUPPRIMER LES RAPPORTS DE LA BASE DE DONNEES FEC
A +
A voir également:
- Nettoyage en profondeur du PC Capdec
- Nettoyage pc lent - Guide
- Nettoyage mac - Guide
- Reinitialiser pc - Guide
- Test performance pc - Guide
- Nettoyage de disque - Guide
59 réponses
Bien.
ATTENTION !!! : Script personnalisé pour cette machine uniquement , ne pas reproduire !!
si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "executer en tant que...."
sur OTL.exe pour le lancer.
▶ Copie le contenu du fichier à télécharger ci-dessous et colle-le dans la zone sous "Personnalisation" :
https://forums-fec.be/upload/www/?a=d&i=1032068654
▶ Clique sur "Correction" pour lancer la suppression.
▶ Poste le rapport qui logiquement s'ouvrira tout seul en fin de travail apres le redemarrage.
.::. Contributeur Sécurité .::.
ATTENTION !!! : Script personnalisé pour cette machine uniquement , ne pas reproduire !!
si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "executer en tant que...."
sur OTL.exe pour le lancer.
▶ Copie le contenu du fichier à télécharger ci-dessous et colle-le dans la zone sous "Personnalisation" :
https://forums-fec.be/upload/www/?a=d&i=1032068654
▶ Clique sur "Correction" pour lancer la suppression.
▶ Poste le rapport qui logiquement s'ouvrira tout seul en fin de travail apres le redemarrage.
.::. Contributeur Sécurité .::.
Bonjour Juju :)
Voici le nouveau rapport... Bonne lecture !
All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-3818488922-3781467625-1375629139-1000\Software\Microsoft\Internet Explorer\SearchScopes\{searchTerms}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{searchTerms}\ not found.
Registry key HKEY_USERS\S-1-5-21-3818488922-3781467625-1375629139-1000\Software\Microsoft\Internet Explorer\SearchScopes\{searchTerms}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{searchTerms}\ not found.
C:\Users\Leni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\start.lnk moved successfully.
C:\Program Files (x86)\zzymf\13287.vbs moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:C:\Windows\SysWOW64\MPK\mpk.exe deleted successfully.
Registry value HKEY_USERS\S-1-5-21-3818488922-3781467625-1375629139-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell:C:\Users\Leni\AppData\Local\Temp\vbc\vbc.exe deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\ApnUpdater/b\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\Babylon Client/b\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\Iminent/b\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\IminentMessenger/b\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\Optimizer Pro/b\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\PlusService/b\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\SpybotSnD/b\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\svshost/b\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\SweetIM/b\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\Sweetpacks Communicator/b\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\vProt/b\ not found.
C:\Users\Leni\AppData\Roaming\O0SV0AR5F9.exe moved successfully.
C:\Users\Leni\Desktop\Gros-boulet.reg moved successfully.
C:\Users\Leni\Desktop\zzymf.zip moved successfully.
C:\Users\Leni\AppData\Local\funmoods_2.3.crx moved successfully.
C:\Users\Leni\AppData\Roaming\7JVvS96a2w folder moved successfully.
C:\Users\Leni\AppData\Roaming\Genieo\Application\Updater\uninstall folder moved successfully.
C:\Users\Leni\AppData\Roaming\Genieo\Application\Updater folder moved successfully.
C:\Users\Leni\AppData\Roaming\Genieo\Application folder moved successfully.
C:\Users\Leni\AppData\Roaming\Genieo folder moved successfully.
C:\Users\Leni\AppData\Roaming\svshost folder moved successfully.
C:\chatzum.exe moved successfully.
C:\ProgramData\InstallMate\{EBB83E27-00A4-4533-A7D8-4886305B1CD1} folder moved successfully.
C:\ProgramData\InstallMate folder moved successfully.
C:\Users\Leni\AppData\Local\PPFA9y8E8KsNo5 folder moved successfully.
C:\Program Files (x86)\Savevid folder moved successfully.
C:\Program Files (x86)\Spybot - Search & Destroy folder moved successfully.
C:\Program Files (x86)\TuneUp Utilities 2012\data\ApplicationHeader folder moved successfully.
C:\Program Files (x86)\TuneUp Utilities 2012\data folder moved successfully.
C:\Program Files (x86)\TuneUp Utilities 2012 folder moved successfully.
C:\Program Files (x86)\zzymf folder moved successfully.
Unable to delete ADS C:\Users\Leni\AppData\Local\PPFA9y8E8KsNo5:jLhFvUq4m7dYNboZC1g6YY55OBx .
========== REGISTRY ==========
Registry key HKEY_CURRENT_USER\Software\gros-boulet\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Doufus\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Savevid\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\VBMZ\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0BE7266D-3C3F-40A5-99A1-2F83FF0F769E} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0BE7266D-3C3F-40A5-99A1-2F83FF0F769E}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0C4662FA-D148-4931-8DEE-E77B4A50255D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0C4662FA-D148-4931-8DEE-E77B4A50255D}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{18B2DE3B-B13F-49BE-B3A9-9B48363CC6C6} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{18B2DE3B-B13F-49BE-B3A9-9B48363CC6C6}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3C0F45FC-1FE1-4D7E-BFE8-9BC560C12E7A} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3C0F45FC-1FE1-4D7E-BFE8-9BC560C12E7A}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{AC98119F-DA0E-49D7-A7CC-D710008E0033}C:\program files (x86)\1clickdownload\1clickdownloader.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{BA1DC696-67D7-4E5F-B3D1-91258423E292}C:\program files (x86)\1clickdownload\1clickdownloader.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{14A38604-EC5B-402B-941D-6639E0C77B63}C:\program files (x86)\1clickdownload\1clickdownloader.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{4CC86F8F-AEDC-47C1-AF2C-BB4DCC3EE399}C:\program files (x86)\1clickdownload\1clickdownloader.exe deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VisualBee chrome Toolbar\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\System32\ deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 57472 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Leni
->Temp folder emptied: 9700136 bytes
->Temporary Internet Files folder emptied: 28562071 bytes
->Java cache emptied: 184599132 bytes
->FireFox cache emptied: 66647271 bytes
->Google Chrome cache emptied: 234098811 bytes
->Flash cache emptied: 58464 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 3425832 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 42310552 bytes
RecycleBin emptied: 1194377 bytes
Total Files Cleaned = 544,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 03172014_072824
Files\Folders moved on Reboot...
C:\Users\Leni\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Leni\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
Voici le nouveau rapport... Bonne lecture !
All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-3818488922-3781467625-1375629139-1000\Software\Microsoft\Internet Explorer\SearchScopes\{searchTerms}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{searchTerms}\ not found.
Registry key HKEY_USERS\S-1-5-21-3818488922-3781467625-1375629139-1000\Software\Microsoft\Internet Explorer\SearchScopes\{searchTerms}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{searchTerms}\ not found.
C:\Users\Leni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\start.lnk moved successfully.
C:\Program Files (x86)\zzymf\13287.vbs moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:C:\Windows\SysWOW64\MPK\mpk.exe deleted successfully.
Registry value HKEY_USERS\S-1-5-21-3818488922-3781467625-1375629139-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell:C:\Users\Leni\AppData\Local\Temp\vbc\vbc.exe deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\ApnUpdater/b\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\Babylon Client/b\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\Iminent/b\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\IminentMessenger/b\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\Optimizer Pro/b\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\PlusService/b\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\SpybotSnD/b\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\svshost/b\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\SweetIM/b\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\Sweetpacks Communicator/b\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\vProt/b\ not found.
C:\Users\Leni\AppData\Roaming\O0SV0AR5F9.exe moved successfully.
C:\Users\Leni\Desktop\Gros-boulet.reg moved successfully.
C:\Users\Leni\Desktop\zzymf.zip moved successfully.
C:\Users\Leni\AppData\Local\funmoods_2.3.crx moved successfully.
C:\Users\Leni\AppData\Roaming\7JVvS96a2w folder moved successfully.
C:\Users\Leni\AppData\Roaming\Genieo\Application\Updater\uninstall folder moved successfully.
C:\Users\Leni\AppData\Roaming\Genieo\Application\Updater folder moved successfully.
C:\Users\Leni\AppData\Roaming\Genieo\Application folder moved successfully.
C:\Users\Leni\AppData\Roaming\Genieo folder moved successfully.
C:\Users\Leni\AppData\Roaming\svshost folder moved successfully.
C:\chatzum.exe moved successfully.
C:\ProgramData\InstallMate\{EBB83E27-00A4-4533-A7D8-4886305B1CD1} folder moved successfully.
C:\ProgramData\InstallMate folder moved successfully.
C:\Users\Leni\AppData\Local\PPFA9y8E8KsNo5 folder moved successfully.
C:\Program Files (x86)\Savevid folder moved successfully.
C:\Program Files (x86)\Spybot - Search & Destroy folder moved successfully.
C:\Program Files (x86)\TuneUp Utilities 2012\data\ApplicationHeader folder moved successfully.
C:\Program Files (x86)\TuneUp Utilities 2012\data folder moved successfully.
C:\Program Files (x86)\TuneUp Utilities 2012 folder moved successfully.
C:\Program Files (x86)\zzymf folder moved successfully.
Unable to delete ADS C:\Users\Leni\AppData\Local\PPFA9y8E8KsNo5:jLhFvUq4m7dYNboZC1g6YY55OBx .
========== REGISTRY ==========
Registry key HKEY_CURRENT_USER\Software\gros-boulet\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Doufus\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Savevid\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\VBMZ\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0BE7266D-3C3F-40A5-99A1-2F83FF0F769E} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0BE7266D-3C3F-40A5-99A1-2F83FF0F769E}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0C4662FA-D148-4931-8DEE-E77B4A50255D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0C4662FA-D148-4931-8DEE-E77B4A50255D}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{18B2DE3B-B13F-49BE-B3A9-9B48363CC6C6} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{18B2DE3B-B13F-49BE-B3A9-9B48363CC6C6}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3C0F45FC-1FE1-4D7E-BFE8-9BC560C12E7A} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3C0F45FC-1FE1-4D7E-BFE8-9BC560C12E7A}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{AC98119F-DA0E-49D7-A7CC-D710008E0033}C:\program files (x86)\1clickdownload\1clickdownloader.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{BA1DC696-67D7-4E5F-B3D1-91258423E292}C:\program files (x86)\1clickdownload\1clickdownloader.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{14A38604-EC5B-402B-941D-6639E0C77B63}C:\program files (x86)\1clickdownload\1clickdownloader.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{4CC86F8F-AEDC-47C1-AF2C-BB4DCC3EE399}C:\program files (x86)\1clickdownload\1clickdownloader.exe deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VisualBee chrome Toolbar\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\System32\ deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 57472 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Leni
->Temp folder emptied: 9700136 bytes
->Temporary Internet Files folder emptied: 28562071 bytes
->Java cache emptied: 184599132 bytes
->FireFox cache emptied: 66647271 bytes
->Google Chrome cache emptied: 234098811 bytes
->Flash cache emptied: 58464 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 3425832 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 42310552 bytes
RecycleBin emptied: 1194377 bytes
Total Files Cleaned = 544,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 03172014_072824
Files\Folders moved on Reboot...
C:\Users\Leni\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Leni\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
Salut,
Peux-tu refaire une correction avec ces lignes uniquement ? Le PC ne va pas redémarrer.
Ce ne sont que des traces sans influence, mais tant qu'à faire ... :)
Peux-tu refaire une correction avec ces lignes uniquement ? Le PC ne va pas redémarrer.
:Reg
MsConfig:64bit - StartUpReg: ApnUpdater - hkey= - key= - Reg Error: Value error. File not found
MsConfig:64bit - StartUpReg: Babylon Client - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: Iminent - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: IminentMessenger - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: Optimizer Pro - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: PlusService - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: SpybotSnD - hkey= - key= - C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe (Safer Networking Limited)
MsConfig:64bit - StartUpReg: svshost - hkey= - key= - C:\Users\Leni\AppData\Roaming\svshost\explorer.exe (Microsoft Corporation)
MsConfig:64bit - StartUpReg: SweetIM - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: Sweetpacks Communicator - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: vProt - hkey= - key= - File not found
Ce ne sont que des traces sans influence, mais tant qu'à faire ... :)
Erreur ???
Error: Unable to interpret <:RegMsConfig:64bit - StartUpReg: ApnUpdater - hkey= - key= - Reg Error: Value error. File not foundMsConfig:64bit - StartUpReg: Babylon Client - hkey= - key= - File not foundMsConfig:64bit - StartUpReg: Iminent - hkey= - key= - File not foundMsConfig:64bit - StartUpReg: IminentMessenger - hkey= - key= - File not foundMsConfig:64bit - StartUpReg: Optimizer Pro - hkey= - key= - File not foundMsConfig:64bit - StartUpReg: PlusService - hkey= - key= - File not foundMsConfig:64bit - StartUpReg: SpybotSnD - hkey= - key= - C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe (Safer Networking Limited)MsConfig:64bit - StartUpReg: svshost - hkey= - key= - C:\Users\Leni\AppData\Roaming\svshost\explorer.exe (Microsoft Corporation) MsConfig:64bit - StartUpReg: SweetIM - hkey= - key= - File not foundMsConfig:64bit - StartUpReg: Sweetpacks Communicator - hkey= - key= - File not foundMsConfig:64bit - StartUpReg: vProt - hkey= - key= - File not found> in the current context!
OTL by OldTimer - Version 3.2.69.0 log created on 03172014_185921
Error: Unable to interpret <:RegMsConfig:64bit - StartUpReg: ApnUpdater - hkey= - key= - Reg Error: Value error. File not foundMsConfig:64bit - StartUpReg: Babylon Client - hkey= - key= - File not foundMsConfig:64bit - StartUpReg: Iminent - hkey= - key= - File not foundMsConfig:64bit - StartUpReg: IminentMessenger - hkey= - key= - File not foundMsConfig:64bit - StartUpReg: Optimizer Pro - hkey= - key= - File not foundMsConfig:64bit - StartUpReg: PlusService - hkey= - key= - File not foundMsConfig:64bit - StartUpReg: SpybotSnD - hkey= - key= - C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe (Safer Networking Limited)MsConfig:64bit - StartUpReg: svshost - hkey= - key= - C:\Users\Leni\AppData\Roaming\svshost\explorer.exe (Microsoft Corporation) MsConfig:64bit - StartUpReg: SweetIM - hkey= - key= - File not foundMsConfig:64bit - StartUpReg: Sweetpacks Communicator - hkey= - key= - File not foundMsConfig:64bit - StartUpReg: vProt - hkey= - key= - File not found> in the current context!
OTL by OldTimer - Version 3.2.69.0 log created on 03172014_185921
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Autant pour moi lol
De cette manière ça ira mieux :
:p
De cette manière ça ira mieux :
:OTL
MsConfig:64bit - StartUpReg: ApnUpdater - hkey= - key= - Reg Error: Value error. File not found
MsConfig:64bit - StartUpReg: Babylon Client - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: Iminent - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: IminentMessenger - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: Optimizer Pro - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: PlusService - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: SpybotSnD - hkey= - key= - C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe (Safer Networking Limited)
MsConfig:64bit - StartUpReg: svshost - hkey= - key= - C:\Users\Leni\AppData\Roaming\svshost\explorer.exe (Microsoft Corporation)
MsConfig:64bit - StartUpReg: SweetIM - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: Sweetpacks Communicator - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: vProt - hkey= - key= - File not found
:p
Désolé... Idem :
Error: Unable to interpret <:OTLMsConfig:64bit - StartUpReg: ApnUpdater - hkey= - key= - Reg Error: Value error. File not foundMsConfig:64bit - StartUpReg: Babylon Client - hkey= - key= - File not foundMsConfig:64bit - StartUpReg: Iminent - hkey= - key= - File not foundMsConfig:64bit - StartUpReg: IminentMessenger - hkey= - key= - File not foundMsConfig:64bit - StartUpReg: Optimizer Pro - hkey= - key= - File not foundMsConfig:64bit - StartUpReg: PlusService - hkey= - key= - File not foundMsConfig:64bit - StartUpReg: SpybotSnD - hkey= - key= - C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe (Safer Networking Limited)MsConfig:64bit - StartUpReg: svshost - hkey= - key= - C:\Users\Leni\AppData\Roaming\svshost\explorer.exe (Microsoft Corporation) MsConfig:64bit - StartUpReg: SweetIM - hkey= - key= - File not foundMsConfig:64bit - StartUpReg: Sweetpacks Communicator - hkey= - key= - File not foundMsConfig:64bit - StartUpReg: vProt - hkey= - key= - File not found > in the current context!
OTL by OldTimer - Version 3.2.69.0 log created on 03172014_202207
Error: Unable to interpret <:OTLMsConfig:64bit - StartUpReg: ApnUpdater - hkey= - key= - Reg Error: Value error. File not foundMsConfig:64bit - StartUpReg: Babylon Client - hkey= - key= - File not foundMsConfig:64bit - StartUpReg: Iminent - hkey= - key= - File not foundMsConfig:64bit - StartUpReg: IminentMessenger - hkey= - key= - File not foundMsConfig:64bit - StartUpReg: Optimizer Pro - hkey= - key= - File not foundMsConfig:64bit - StartUpReg: PlusService - hkey= - key= - File not foundMsConfig:64bit - StartUpReg: SpybotSnD - hkey= - key= - C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe (Safer Networking Limited)MsConfig:64bit - StartUpReg: svshost - hkey= - key= - C:\Users\Leni\AppData\Roaming\svshost\explorer.exe (Microsoft Corporation) MsConfig:64bit - StartUpReg: SweetIM - hkey= - key= - File not foundMsConfig:64bit - StartUpReg: Sweetpacks Communicator - hkey= - key= - File not foundMsConfig:64bit - StartUpReg: vProt - hkey= - key= - File not found > in the current context!
OTL by OldTimer - Version 3.2.69.0 log created on 03172014_202207
Ouais mais on dirait que tout est collé à la queue leu leu quand tu colle le texte dans OTL ...
télécharge le script ici : https://forums-fec.be/upload/www/?a=d&i=0103228430
copie/colle dans OTL
Vérifie que la première ligne c'est bien :OTL , la deuxieme MsConfig:64bit - StartUpReg: ApnUpdater - hkey= - key= - Reg Error: Value error. File not found etc
télécharge le script ici : https://forums-fec.be/upload/www/?a=d&i=0103228430
copie/colle dans OTL
Vérifie que la première ligne c'est bien :OTL , la deuxieme MsConfig:64bit - StartUpReg: ApnUpdater - hkey= - key= - Reg Error: Value error. File not found etc
Ah, cette fois c'est mieux ! J'avais bien vu mais je ne savais pas comment faire...
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\ApnUpdater\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\Babylon Client\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\Iminent\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\IminentMessenger\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\Optimizer Pro\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\PlusService\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\SpybotSnD\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\svshost\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\SweetIM\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\Sweetpacks Communicator\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\vProt\ not found.
OTL by OldTimer - Version 3.2.69.0 log created on 03172014_203701
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\ApnUpdater\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\Babylon Client\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\Iminent\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\IminentMessenger\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\Optimizer Pro\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\PlusService\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\SpybotSnD\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\svshost\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\SweetIM\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\Sweetpacks Communicator\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\vProt\ not found.
OTL by OldTimer - Version 3.2.69.0 log created on 03172014_203701
# DelFix v10.6 - Rapport créé le 17/03/2014 à 21:13:53
# Mis à jour le 11/11/2013 par Xplode
# Nom d'utilisateur : Leni - HP-LENI
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
~ Activation de l'UAC ... OK
~ Suppression des outils de désinfection ...
Supprimé : C:\_OTL
Supprimé : C:\AdwCleaner
Supprimé : C:\AdwCleaner[R1].txt
Supprimé : C:\AdwCleaner[R2].txt
Supprimé : C:\AdwCleaner[R3].txt
Supprimé : C:\AdwCleaner[S1].txt
Supprimé : C:\AdwCleaner[S2].txt
Supprimé : C:\AdwCleaner[S3].txt
Supprimé : C:\Users\Leni\Desktop\AdwCleaner[S0].txt
Supprimé : C:\Users\Leni\Desktop\Extras.Txt
Supprimé : C:\Users\Leni\Desktop\JRT.exe
Supprimé : C:\Users\Leni\Desktop\JRT.txt
Supprimé : C:\Users\Leni\Desktop\OTL.Txt
Supprimé : C:\Users\Leni\Desktop\OTL.exe
Supprimé : C:\Users\Leni\Downloads\adwcleaner.exe
Supprimée : HKLM\SOFTWARE\OldTimer Tools
Supprimée : HKLM\SOFTWARE\AdwCleaner
~ Sauvegarde de la base de registre ... OK
~ Purge de la restauration système ...
Supprimé : RP #568 [Windows Update | 02/25/2014 23:10:55]
Supprimé : RP #569 [Windows Update | 02/26/2014 18:18:11]
Supprimé : RP #570 [Windows Update | 03/04/2014 13:23:20]
Supprimé : RP #571 [HPSF Restore Point | 03/09/2014 00:20:18]
Supprimé : RP #572 [Windows Update | 03/11/2014 12:49:21]
Supprimé : RP #573 [Windows Update | 03/14/2014 00:22:08]
Supprimé : RP #574 [OTL Restore Point - 14/03/2014 21:59:25 | 03/14/2014 20:59:36]
Supprimé : RP #575 [avast! antivirus system restore point | 03/15/2014 07:41:02]
Supprimé : RP #576 [Removed Java(TM) 6 Update 33 | 03/15/2014 12:52:17]
Supprimé : RP #577 [OTL Restore Point - 16/03/2014 15:01:28 | 03/16/2014 14:01:33]
Nouveau point de restauration créé !
~ Réinitialisation des paramètres système ... OK
########## - EOF - ##########
# Mis à jour le 11/11/2013 par Xplode
# Nom d'utilisateur : Leni - HP-LENI
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
~ Activation de l'UAC ... OK
~ Suppression des outils de désinfection ...
Supprimé : C:\_OTL
Supprimé : C:\AdwCleaner
Supprimé : C:\AdwCleaner[R1].txt
Supprimé : C:\AdwCleaner[R2].txt
Supprimé : C:\AdwCleaner[R3].txt
Supprimé : C:\AdwCleaner[S1].txt
Supprimé : C:\AdwCleaner[S2].txt
Supprimé : C:\AdwCleaner[S3].txt
Supprimé : C:\Users\Leni\Desktop\AdwCleaner[S0].txt
Supprimé : C:\Users\Leni\Desktop\Extras.Txt
Supprimé : C:\Users\Leni\Desktop\JRT.exe
Supprimé : C:\Users\Leni\Desktop\JRT.txt
Supprimé : C:\Users\Leni\Desktop\OTL.Txt
Supprimé : C:\Users\Leni\Desktop\OTL.exe
Supprimé : C:\Users\Leni\Downloads\adwcleaner.exe
Supprimée : HKLM\SOFTWARE\OldTimer Tools
Supprimée : HKLM\SOFTWARE\AdwCleaner
~ Sauvegarde de la base de registre ... OK
~ Purge de la restauration système ...
Supprimé : RP #568 [Windows Update | 02/25/2014 23:10:55]
Supprimé : RP #569 [Windows Update | 02/26/2014 18:18:11]
Supprimé : RP #570 [Windows Update | 03/04/2014 13:23:20]
Supprimé : RP #571 [HPSF Restore Point | 03/09/2014 00:20:18]
Supprimé : RP #572 [Windows Update | 03/11/2014 12:49:21]
Supprimé : RP #573 [Windows Update | 03/14/2014 00:22:08]
Supprimé : RP #574 [OTL Restore Point - 14/03/2014 21:59:25 | 03/14/2014 20:59:36]
Supprimé : RP #575 [avast! antivirus system restore point | 03/15/2014 07:41:02]
Supprimé : RP #576 [Removed Java(TM) 6 Update 33 | 03/15/2014 12:52:17]
Supprimé : RP #577 [OTL Restore Point - 16/03/2014 15:01:28 | 03/16/2014 14:01:33]
Nouveau point de restauration créé !
~ Réinitialisation des paramètres système ... OK
########## - EOF - ##########
Bonsoir Juju,
Je peux considérer son PC comme "propre" voire sain maintenant ?
Pour les scans MBAM réguliers, un examen rapide suffit, non ?
Par ailleurs je trouve que mon PC perso (qui n'est pas non plus une bête de course) a parfois quelques lenteurs et/ou blocages disons... inquiétants. Tu pourrais y jeter un oeil un de ces quatre ?
Je peux considérer son PC comme "propre" voire sain maintenant ?
Pour les scans MBAM réguliers, un examen rapide suffit, non ?
Par ailleurs je trouve que mon PC perso (qui n'est pas non plus une bête de course) a parfois quelques lenteurs et/ou blocages disons... inquiétants. Tu pourrais y jeter un oeil un de ces quatre ?
Alors c'est reparti pour un tour. J'espère que tu continueras à fermer les yeux sur certains détails... ;)
Bah après si dans 1 mois tu reviens parce que t'es encore infecté par des cracks/keygen c'est clair qu'on t'aidera plus ...
Entendu.
Ah, au fait : j'ai un gros DD externe de 3 To plein de musique et de films... Vaut-il mieux que je le débranche ?
Ah, au fait : j'ai un gros DD externe de 3 To plein de musique et de films... Vaut-il mieux que je le débranche ?