Supprimer echec du chargement du script D:\$RECYCLEBIN\Adobe.rar
Résolu/Fermé
A voir également:
- Keypregentask
- Mode sans echec - Guide
- Script vidéo youtube - Guide
- Ps4 mode sans echec - Guide
- Echec du televersement de la video tiktok ✓ - Forum Mail
- Instagram echec de l'envoi du message ✓ - Forum Instagram
5 réponses
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 628
30 juil. 2015 à 10:56
30 juil. 2015 à 10:56
Salut,
Télécharge Remediate VBS Worm : https://forum.malekal.com/viewtopic.php?t=48588&start=
Lance l'option A (Appuye A et entrée).
Ouvre Mon ordinateur puis disque C, un rapport Rem-VBS.log doit s'y trouver, donne le contenu ici.
puis :
Suis le tutoriel FRST.
(et bien prendre le temps de lire afin d'appliquer correctement - tout y est expliqué).
Télécharge et lance le scan FRST, cela va générer trois rapports FRST :
Envoie, comme expliqué, ces trois rapports sur le site http://pjjoint.malekal.com et en retour donne les trois liens pjjoint qui mènent à ses rapports ici dans une nouvelle réponse afin que l'on puisse les consulter.
Télécharge Remediate VBS Worm : https://forum.malekal.com/viewtopic.php?t=48588&start=
Lance l'option A (Appuye A et entrée).
Ouvre Mon ordinateur puis disque C, un rapport Rem-VBS.log doit s'y trouver, donne le contenu ici.
puis :
Suis le tutoriel FRST.
(et bien prendre le temps de lire afin d'appliquer correctement - tout y est expliqué).
Télécharge et lance le scan FRST, cela va générer trois rapports FRST :
- FRST.txt
- Shortcut.txt
- Additionnal.txt
Envoie, comme expliqué, ces trois rapports sur le site http://pjjoint.malekal.com et en retour donne les trois liens pjjoint qui mènent à ses rapports ici dans une nouvelle réponse afin que l'on puisse les consulter.
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 628
30 juil. 2015 à 11:41
30 juil. 2015 à 11:41
Voici la correction à effectuer avec FRST.
Tu peux t'inspirer de cette note explicative avec des captures d'écran pour t'aider: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/#fix
Ouvre le bloc-notes : Touche Windows + R, dans le champs executer, tape notepad et OK.
Copie/colle dedans ce qui suit :
Startup: C:\Users\so\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\C-cleaner.lnk [2015-06-17]
Startup: C:\Users\so\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\VideoLAN.lnk [2015-06-17]
Task: {0D032A3B-BEA9-4FA0-9C6B-0EB1220FF16B} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d No Task File <==== ATTENTION
Task: {2C97A00A-1C5C-4318-B5CC-8A1A126B77F9} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\KeyPreGenTask
Task: {30649D70-AD17-4F43-B374-9013BFEB449D} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d No Task File <==== ATTENTION
Task: {48E0C133-B6DF-4C70-98AE-2401DFCAC911} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d No Task File <==== ATTENTION
Task: {4A8450C1-FE97-4DA8-9003-33B3F0ED7E10} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig No Task File <==== ATTENTION
Task: {801BFE8F-283A-4518-A7C1-95DD6F3D1289} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d No Task File <==== ATTENTION
Task: {B79E8A0A-92A6-4ABE-BD0B-89A460A4E7BF} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d No Task File <==== ATTENTION
Task: {CC29F61B-4E23-4BFF-96D9-64DED2C39B5E} - \Microsoft\Windows\Setup\gwx\launchtrayprocess No Task File <==== ATTENTION
Task: {CEC96DF4-ABDE-4FFA-BED5-EBA31C871E85} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B No Task File <==== ATTENTION
Task: {D882365E-23FA-444D-A229-B33CE08E736A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent No Task File <==== ATTENTION
Task: {EC1FC769-1BE8-40DE-B597-04AD53819557} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent No Task File <==== ATTENTION
Task: {EF271AF6-9C10-48D4-B68F-B945E769732A} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd No Task File <==== ATTENTION
Relance FRST et clic sur le bouton Fix
Selon comment un redémarrage est nécessaire (pas obligatoire).
Un fichier texte apparaît, copie/colle le contenu ici dans un nouveau message.
Redémarre l'ordinateur
Tu peux t'inspirer de cette note explicative avec des captures d'écran pour t'aider: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/#fix
Ouvre le bloc-notes : Touche Windows + R, dans le champs executer, tape notepad et OK.
Copie/colle dedans ce qui suit :
Startup: C:\Users\so\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\C-cleaner.lnk [2015-06-17]
Startup: C:\Users\so\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\VideoLAN.lnk [2015-06-17]
Task: {0D032A3B-BEA9-4FA0-9C6B-0EB1220FF16B} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d No Task File <==== ATTENTION
Task: {2C97A00A-1C5C-4318-B5CC-8A1A126B77F9} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\KeyPreGenTask
Task: {30649D70-AD17-4F43-B374-9013BFEB449D} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d No Task File <==== ATTENTION
Task: {48E0C133-B6DF-4C70-98AE-2401DFCAC911} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d No Task File <==== ATTENTION
Task: {4A8450C1-FE97-4DA8-9003-33B3F0ED7E10} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig No Task File <==== ATTENTION
Task: {801BFE8F-283A-4518-A7C1-95DD6F3D1289} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d No Task File <==== ATTENTION
Task: {B79E8A0A-92A6-4ABE-BD0B-89A460A4E7BF} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d No Task File <==== ATTENTION
Task: {CC29F61B-4E23-4BFF-96D9-64DED2C39B5E} - \Microsoft\Windows\Setup\gwx\launchtrayprocess No Task File <==== ATTENTION
Task: {CEC96DF4-ABDE-4FFA-BED5-EBA31C871E85} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B No Task File <==== ATTENTION
Task: {D882365E-23FA-444D-A229-B33CE08E736A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent No Task File <==== ATTENTION
Task: {EC1FC769-1BE8-40DE-B597-04AD53819557} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent No Task File <==== ATTENTION
Task: {EF271AF6-9C10-48D4-B68F-B945E769732A} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd No Task File <==== ATTENTION
Relance FRST et clic sur le bouton Fix
Selon comment un redémarrage est nécessaire (pas obligatoire).
Un fichier texte apparaît, copie/colle le contenu ici dans un nouveau message.
Redémarre l'ordinateur
Fix result of Farbar Recovery Scan Tool (x64) Version:28-07-2015
Ran by so (2015-07-30 11:46:31) Run:1
Running from C:\Users\so\Desktop
Loaded Profiles: so (Available Profiles: so)
Boot Mode: Normal
==============================================
fixlist content:
Startup: C:\Users\so\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\C-cleaner.lnk [2015-06-17]
Startup: C:\Users\so\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\VideoLAN.lnk [2015-06-17]
Task: {0D032A3B-BEA9-4FA0-9C6B-0EB1220FF16B} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d No Task File <==== ATTENTION
Task: {2C97A00A-1C5C-4318-B5CC-8A1A126B77F9} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\KeyPreGenTask
Task: {30649D70-AD17-4F43-B374-9013BFEB449D} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d No Task File <==== ATTENTION
Task: {48E0C133-B6DF-4C70-98AE-2401DFCAC911} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d No Task File <==== ATTENTION
Task: {4A8450C1-FE97-4DA8-9003-33B3F0ED7E10} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig No Task File <==== ATTENTION
Task: {801BFE8F-283A-4518-A7C1-95DD6F3D1289} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d No Task File <==== ATTENTION
Task: {B79E8A0A-92A6-4ABE-BD0B-89A460A4E7BF} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d No Task File <==== ATTENTION
Task: {CC29F61B-4E23-4BFF-96D9-64DED2C39B5E} - \Microsoft\Windows\Setup\gwx\launchtrayprocess No Task File <==== ATTENTION
Task: {CEC96DF4-ABDE-4FFA-BED5-EBA31C871E85} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B No Task File <==== ATTENTION
Task: {D882365E-23FA-444D-A229-B33CE08E736A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent No Task File <==== ATTENTION
Task: {EC1FC769-1BE8-40DE-B597-04AD53819557} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent No Task File <==== ATTENTION
Task: {EF271AF6-9C10-48D4-B68F-B945E769732A} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd No Task File <==== ATTENTION
C:\Users\so\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\C-cleaner.lnk => moved successfully.
C:\Users\so\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\VideoLAN.lnk => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0D032A3B-BEA9-4FA0-9C6B-0EB1220FF16B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0D032A3B-BEA9-4FA0-9C6B-0EB1220FF16B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2C97A00A-1C5C-4318-B5CC-8A1A126B77F9}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2C97A00A-1C5C-4318-B5CC-8A1A126B77F9}" => key removed successfully
C:\Windows\System32\Tasks\Microsoft\Windows\CertificateServicesClient\KeyPreGenTask => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\CertificateServicesClient\KeyPreGenTask" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{30649D70-AD17-4F43-B374-9013BFEB449D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{30649D70-AD17-4F43-B374-9013BFEB449D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{48E0C133-B6DF-4C70-98AE-2401DFCAC911}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{48E0C133-B6DF-4C70-98AE-2401DFCAC911}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4A8450C1-FE97-4DA8-9003-33B3F0ED7E10}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4A8450C1-FE97-4DA8-9003-33B3F0ED7E10}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{801BFE8F-283A-4518-A7C1-95DD6F3D1289}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{801BFE8F-283A-4518-A7C1-95DD6F3D1289}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B79E8A0A-92A6-4ABE-BD0B-89A460A4E7BF}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B79E8A0A-92A6-4ABE-BD0B-89A460A4E7BF}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CC29F61B-4E23-4BFF-96D9-64DED2C39B5E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CC29F61B-4E23-4BFF-96D9-64DED2C39B5E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CEC96DF4-ABDE-4FFA-BED5-EBA31C871E85}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CEC96DF4-ABDE-4FFA-BED5-EBA31C871E85}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D882365E-23FA-444D-A229-B33CE08E736A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D882365E-23FA-444D-A229-B33CE08E736A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EC1FC769-1BE8-40DE-B597-04AD53819557}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EC1FC769-1BE8-40DE-B597-04AD53819557}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EF271AF6-9C10-48D4-B68F-B945E769732A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EF271AF6-9C10-48D4-B68F-B945E769732A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => key removed successfully
Ran by so (2015-07-30 11:46:31) Run:1
Running from C:\Users\so\Desktop
Loaded Profiles: so (Available Profiles: so)
Boot Mode: Normal
==============================================
fixlist content:
Startup: C:\Users\so\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\C-cleaner.lnk [2015-06-17]
Startup: C:\Users\so\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\VideoLAN.lnk [2015-06-17]
Task: {0D032A3B-BEA9-4FA0-9C6B-0EB1220FF16B} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d No Task File <==== ATTENTION
Task: {2C97A00A-1C5C-4318-B5CC-8A1A126B77F9} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\KeyPreGenTask
Task: {30649D70-AD17-4F43-B374-9013BFEB449D} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d No Task File <==== ATTENTION
Task: {48E0C133-B6DF-4C70-98AE-2401DFCAC911} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d No Task File <==== ATTENTION
Task: {4A8450C1-FE97-4DA8-9003-33B3F0ED7E10} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig No Task File <==== ATTENTION
Task: {801BFE8F-283A-4518-A7C1-95DD6F3D1289} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d No Task File <==== ATTENTION
Task: {B79E8A0A-92A6-4ABE-BD0B-89A460A4E7BF} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d No Task File <==== ATTENTION
Task: {CC29F61B-4E23-4BFF-96D9-64DED2C39B5E} - \Microsoft\Windows\Setup\gwx\launchtrayprocess No Task File <==== ATTENTION
Task: {CEC96DF4-ABDE-4FFA-BED5-EBA31C871E85} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B No Task File <==== ATTENTION
Task: {D882365E-23FA-444D-A229-B33CE08E736A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent No Task File <==== ATTENTION
Task: {EC1FC769-1BE8-40DE-B597-04AD53819557} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent No Task File <==== ATTENTION
Task: {EF271AF6-9C10-48D4-B68F-B945E769732A} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd No Task File <==== ATTENTION
C:\Users\so\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\C-cleaner.lnk => moved successfully.
C:\Users\so\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\VideoLAN.lnk => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0D032A3B-BEA9-4FA0-9C6B-0EB1220FF16B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0D032A3B-BEA9-4FA0-9C6B-0EB1220FF16B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2C97A00A-1C5C-4318-B5CC-8A1A126B77F9}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2C97A00A-1C5C-4318-B5CC-8A1A126B77F9}" => key removed successfully
C:\Windows\System32\Tasks\Microsoft\Windows\CertificateServicesClient\KeyPreGenTask => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\CertificateServicesClient\KeyPreGenTask" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{30649D70-AD17-4F43-B374-9013BFEB449D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{30649D70-AD17-4F43-B374-9013BFEB449D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{48E0C133-B6DF-4C70-98AE-2401DFCAC911}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{48E0C133-B6DF-4C70-98AE-2401DFCAC911}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4A8450C1-FE97-4DA8-9003-33B3F0ED7E10}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4A8450C1-FE97-4DA8-9003-33B3F0ED7E10}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{801BFE8F-283A-4518-A7C1-95DD6F3D1289}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{801BFE8F-283A-4518-A7C1-95DD6F3D1289}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B79E8A0A-92A6-4ABE-BD0B-89A460A4E7BF}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B79E8A0A-92A6-4ABE-BD0B-89A460A4E7BF}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CC29F61B-4E23-4BFF-96D9-64DED2C39B5E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CC29F61B-4E23-4BFF-96D9-64DED2C39B5E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CEC96DF4-ABDE-4FFA-BED5-EBA31C871E85}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CEC96DF4-ABDE-4FFA-BED5-EBA31C871E85}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D882365E-23FA-444D-A229-B33CE08E736A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D882365E-23FA-444D-A229-B33CE08E736A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EC1FC769-1BE8-40DE-B597-04AD53819557}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EC1FC769-1BE8-40DE-B597-04AD53819557}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EF271AF6-9C10-48D4-B68F-B945E769732A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EF271AF6-9C10-48D4-B68F-B945E769732A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => key removed successfully
End of Fixlog 11:46:31
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 628
30 juil. 2015 à 11:52
30 juil. 2015 à 11:52
plus de message au démarrage ?
Malekal_morte-
Messages postés
180304
Date d'inscription
mercredi 17 mai 2006
Statut
Modérateur, Contributeur sécurité
Dernière intervention
15 décembre 2020
24 628
30 juil. 2015 à 12:04
30 juil. 2015 à 12:04
Installe Avast! : https://www.malekal.com/tutoriel-antivirus-avast/
Désactive Windows Defender : https://forum.malekal.com/viewtopic.php?t=52282&start=
et Surtout active les détections LPIs.
Scanne tes clefs USB avec.
Il fortement conseillé de désactiver les scripts VBS / WSH, comme expliqué sur le dossier : Malware VBS/WSH
Le reste de la sécurité : http://forum.malekal.com/comment-securiser-son-ordinateur.html
Désactive Windows Defender : https://forum.malekal.com/viewtopic.php?t=52282&start=
et Surtout active les détections LPIs.
Scanne tes clefs USB avec.
Il fortement conseillé de désactiver les scripts VBS / WSH, comme expliqué sur le dossier : Malware VBS/WSH
Le reste de la sécurité : http://forum.malekal.com/comment-securiser-son-ordinateur.html
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
30 juil. 2015 à 11:13
Rem-VBSworm v4.0
======================================================== - General info:
Ran by so on profile C:\Users\so
Ran on SOLENE
IPv4: 192.168.1.16
Microsoft Windows 10 Famille
Normal boot
30/07/2015
10:58:19,37
======================================================== - Drive info:
Listing currently attached drives:
Caption Description VolumeName
C: Disque mont' local OS
D: Disque CD-ROM
Physical drives information:
C: \Device\HarddiskVolume5 NTFS
======================================================== - Disinfection info:
Cleaning all TEMP files...
Disabling Autorun...
Temporarily disabling the WSH...
Windows Script Host disabled!
Fixing system/user policies and registry hijacks...
Killing, hijacking and deleting malicious processes and files...:
Adding image hijacks...
Deleting malicious Run keys...
Killing malicious processes...
Op'ration r'ussieÿ: le processus "wscript.exe" de PID 5504 a 't' arr^t'.
Op'ration r'ussieÿ: le processus avec PID 5548 a 't' termin'.
Informationÿ: aucune tfche en service ne correspond aux critSres sp'cifi's.
Deleting malicious files...
Les liens FRST :
http://pjjoint.malekal.com/files.php?id=20150730_m13w15v15d5o8
http://pjjoint.malekal.com/files.php?id=20150730_w14y8w9p11l7
http://pjjoint.malekal.com/files.php?id=20150730_b9h9t12x13j12