Vous pensez être infecté, des pubs s'affichent quand vous naviguez sur internet ?
Perte de données, ralentissement système, virus USB ?
Désinfectez votre ordinateur gratuitement !
  • Avatar du membre
  • Avatar du membre
Avatar du membre
par g3n-h@ckm@n
#13774
youpi :D :D :D

on fait un diag ^^ :

http://gen-hackman.purforum.com/t5-otl" onclick="window.open(this.href);return false;
Avatar du membre
par g3n-h@ckm@n
#13778
j'étudie ton log 10/15 mn , je vois si il faut que je te prépare un script , et ensuite si tu n'as plus de soucis on termine :)

edit ::

desinstalle google toolbar ca sert à  rien
desinstalle tuneUP utilities c'est un fracasse systeme tu vas flinguer ta machine à  force d'utiliser ca
desinstalle Extended update

============

ATTENTION !!! : Script personnalisé pour cette machine uniquement , ne pas reproduire !!

si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "executer en tant que...."

sur OTL.exe pour le lancer.


Copie la liste qui se trouve en gras ci-dessous,

colle-la dans la zone sous "Personnalisation" :


:processes
explorer.exe
iexplore.exe
firefox.exe
msnmsgr.exe
Teatimer.exe

:OTL
IE - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
FF - user.js - File not found
CHR - Extension: Whilokii = C:\Users\Sylvie Inspiron\AppData\Local\Google\Chrome\User Data\Default\Extensions\iaimhpklononapfjngelgdokckfjekfc\1.0.0_0\
O32 - AutoRun File - [2006/02/09 14:59:36 | 000,000,000 | ---D | M] - G:\autorun -- [ FAT32 ]
[2013/10/17 18:40:06 | 000,000,000 | ---D | C] -- C:\Users\Sylvie Inspiron\Desktop\Act*
[2013/10/16 18:28:33 | 000,000,000 | ---D | C] -- C:\Users\Sylvie Inspiron\AppData\Local\avgchrome
[2013/10/16 18:14:50 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Extensions
[2013/10/16 18:14:49 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\searchplugins
[2013/10/14 21:18:26 | 000,000,000 | ---D | C] -- C:\Windows\AutoKMS

:Reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
""=-
[-HKEY_CURRENT_USER\Software\UpdaterEX]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall"=DWORD:0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall"=DWORD:0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{792E369F-A6EA-47AA-8071-DF6D37ABA786}"=-

:commands
[emptytemp]

Clique sur "Correction" pour lancer la suppression.

Poste le rapport qui logiquement s'ouvrira tout seul en fin de travail appres le redemarrage.
Avatar du membre
par g3n-h@ckm@n
#13781
nan tu colles le texte puis => correction c'est tout ^^
Avatar du membre
par sylvie
#13782
Et voilà à  :) Alors doc' quel est le verdict???
Code: Tout sélectionner
All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
No active process named iexplore.exe was found!
Process firefox.exe killed successfully!
No active process named msnmsgr.exe was found!
No active process named Teatimer.exe was found!
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
C:\Users\Sylvie Inspiron\AppData\Local\Google\Chrome\User Data\Default\Extensions\iaimhpklononapfjngelgdokckfjekfc\1.0.0_0 folder moved successfully.
File not found.
Folder C:\Users\Sylvie Inspiron\Desktop\Act*\ not found.
C:\Users\Sylvie Inspiron\AppData\Local\avgchrome folder moved successfully.
C:\Windows\SysWow64\Extensions folder moved successfully.
C:\Windows\SysWow64\searchplugins folder moved successfully.
C:\Windows\AutoKMS folder moved successfully.
========== REGISTRY ==========
Registry delete failed. HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ scheduled to be deleted on reboot.
Registry key HKEY_CURRENT_USER\Software\UpdaterEX\ deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\\"EnableFirewall"|DWORD:0 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\"EnableFirewall"|DWORD:0 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\\"EnableFirewall"|DWORD:0 /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{792E369F-A6EA-47AA-8071-DF6D37ABA786} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{792E369F-A6EA-47AA-8071-DF6D37ABA786}\ not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: Sylvie Inspiron
->Temp folder emptied: 3911138 bytes
->Temporary Internet Files folder emptied: 185649346 bytes
->FireFox cache emptied: 29273038 bytes
->Google Chrome cache emptied: 7609265 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 36160 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 582086 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50668 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 217,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 11012013_003645

Files\Folders moved on Reboot...
C:\Users\Sylvie Inspiron\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Sylvie Inspiron\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File\Folder C:\Windows\SysNative\uxt1056.tmp not found!
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
File\Folder C:\Windows\temp\TMP0000004E88DD5886DE72ACF9 not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
Registry delete failed. HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ scheduled to be deleted on reboot.
Avatar du membre
par sylvie
#13784
Vérifier la version de Java

Nous ne pouvons pas vérifier si Java est actuellement installé et activé dans le navigateur.

Si vous avez installé Java et que la vérification a échoué, un problème de configuration a pu survenir (navigateur, panneau de configuration Java, paramètres de sécurité).

» Reportez-vous à  la FAQ de dépannage
» Vérifier à  nouveau la version de Java

Je sais pas trop ce que je dois faire :s
Avatar du membre
par g3n-h@ckm@n
#13786
laissse tomber java n'est pas indispensable je ne l'ai moi-même pas installé ( en plus , c'est plus sà»r de pas l'avoir question sécurité)

bonsoir oki pour la fermeture je m'en charge car[…]

how to clean junk files

Hello don't use this program , it's a bullshit :)

Bonjour https://www.aht.li/3213847/AdsFix.exe b[…]

De rien Bon WE :)