par g3n-h@ckm@n » mar. 19 août 2014 00:49
salut
vu
salut
vu
par
xav9425 » lun. 18 août 2014 09:48
Salut,
désolé de ne pas avoir posté plus tôt,
j'ai mis a jours les différents driver et aux démarrage "lcnb_main.exe" dans une fenêtre d'avertissement Windows.
voila rapport Delfix:
# DelFix v10.7 - Rapport créé le 09/08/2014 à 12:13:21
# Mis à jour le 27/04/2014 par Xplode
# Nom d'utilisateur : admin - PRODUCY-917E908
# Système d'exploitation : Microsoft Windows XP Service Pack 3 (32 bits)
~ Suppression des outils de désinfection ...
Supprimé : C:\_OTL
Supprimé : C:\Shortcut_Module
Supprimé : C:\Program Files\SEAF
Supprimé : C:\JavaRa.log
Supprimé : C:\Shortcut_Module_12_07_2014_20_46_41.txt
Supprimé : C:\Shortcut_Module_26_06_2014_13_58_01.txt
Supprimé : C:\Shortcut_Module_26_06_2014_19_47_45.txt
Supprimé : C:\Shortcut_Module_28_06_2014_16_01_44.txt
Supprimé : C:\Shortcut_Module_30_06_2014_11_05_47.txt
Supprimé : C:\Documents and Settings\admin\Bureau\Extras.Txt
Supprimé : C:\Documents and Settings\admin\Bureau\OTL.Txt
Supprimé : C:\Documents and Settings\admin\Bureau\SeafLog.txt
Supprimé : C:\Documents and Settings\admin\Bureau\Shortcut_Module.exe
Supprimé : C:\Documents and Settings\admin\Mes documents\Downloads\Extras.Txt
Supprimé : C:\Documents and Settings\admin\Mes documents\Downloads\JavaRa.zip
Supprimé : C:\Documents and Settings\admin\Mes documents\Downloads\OTL.Txt
Supprimé : C:\Documents and Settings\admin\Mes documents\Downloads\OTL.exe
Supprimé : C:\Documents and Settings\admin\Mes documents\Downloads\seaf.exe
Supprimé : C:\Documents and Settings\admin\Mes documents\Downloads\Shortcut_Module.exe
Supprimée : HKCU\Software\Shortcut_Module
Supprimée : HKLM\SOFTWARE\OldTimer Tools
Supprimée : HKLM\SOFTWARE\Shortcut_Module
Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SEAF
~ Sauvegarde de la base de registre ... OK
~ Purge de la restauration système ...
Supprimé : RP #179 [Point de vérification système | 06/26/2014 21:12:50]
Supprimé : RP #180 [Point de vérification système | 06/28/2014 12:55:18]
Supprimé : RP #181 [Supprimé Grand Theft Auto Vice City | 06/30/2014 12:21:57]
Supprimé : RP #182 [Point de vérification système | 07/02/2014 14:19:07]
Supprimé : RP #183 [Supprimé TuneUp Utilities 2013 | 07/03/2014 12:41:56]
Supprimé : RP #184 [Supprimé TuneUp Utilities Language Pack (fr-FR) | 07/03/2014 12:42:27]
Supprimé : RP #185 [Ma-Config.com supprimé | 07/04/2014 08:28:03]
Supprimé : RP #186 [Ma-Config.com installé | 07/04/2014 08:28:15]
Supprimé : RP #187 [Le Service Pack 3 pour Windows XP a été installé. | 07/04/2014 08:57:39]
Supprimé : RP #188 [Point de vérification système | 07/05/2014 09:58:41]
Supprimé : RP #189 [Software Distribution Service 3.0 | 07/05/2014 11:32:18]
Supprimé : RP #190 [Software Distribution Service 3.0 | 07/05/2014 12:12:35]
Supprimé : RP #191 [Software Distribution Service 3.0 | 07/05/2014 12:43:21]
Supprimé : RP #192 [Software Distribution Service 3.0 | 07/05/2014 14:34:37]
Supprimé : RP #193 [Software Distribution Service 3.0 | 07/06/2014 10:54:36]
Supprimé : RP #194 [Software Distribution Service 3.0 | 07/06/2014 11:12:07]
Supprimé : RP #195 [Point de vérification système | 07/07/2014 11:51:19]
Supprimé : RP #196 [Point de vérification système | 07/08/2014 12:10:16]
Supprimé : RP #197 [Software Distribution Service 3.0 | 07/09/2014 10:56:45]
Supprimé : RP #198 [Point de vérification système | 07/10/2014 13:01:28]
Supprimé : RP #199 [Point de vérification système | 07/11/2014 13:49:44]
Supprimé : RP #200 [Point de vérification système | 07/12/2014 22:02:36]
Supprimé : RP #201 [avast! antivirus system restore point | 07/15/2014 14:42:29]
Supprimé : RP #202 [Installé Conseiller de mise à niveau vers Windows 7 | 07/17/2014 12:10:39]
Supprimé : RP #203 [avast! antivirus system restore point | 07/18/2014 08:24:14]
Supprimé : RP #204 [Removed Un voisin d'enfer! | 07/18/2014 08:26:15]
Supprimé : RP #205 [Point de vérification système | 07/19/2014 10:38:27]
Supprimé : RP #206 [Point de vérification système | 07/22/2014 17:34:53]
Supprimé : RP #207 [Point de vérification système | 07/24/2014 09:37:00]
Supprimé : RP #208 [Point de vérification système | 07/25/2014 09:40:46]
Supprimé : RP #209 [OTL Restore Point - 26/07/2014 13:38:28 | 07/26/2014 11:38:31]
Supprimé : RP #210 [Point de vérification système | 07/29/2014 13:13:04]
Supprimé : RP #211 [Point de vérification système | 07/31/2014 09:16:53]
Supprimé : RP #212 [Point de vérification système | 08/04/2014 07:57:48]
Supprimé : RP #213 [Point de vérification système | 08/05/2014 10:33:56]
Supprimé : RP #214 [Installé REALTEK GbE FE Ethernet PCI-E NIC Driver | 08/06/2014 08:29:47]
Supprimé : RP #215 [Configuré REALTEK GbE FE Ethernet PCI-E NIC Driver | 08/07/2014 07:36:29]
Supprimé : RP #216 [Installé Realtek High Definition Audio Driver | 08/07/2014 07:38:53]
Supprimé : RP #217 [Installed Ralink Wireless LAN | 08/07/2014 07:41:59]
Supprimé : RP #218 [Point de vérification système | 08/08/2014 09:10:55]
Supprimé : RP #219 [Installé Java 7 Update 67 | 08/09/2014 10:07:55]
Nouveau point de restauration créé !
~ Réinitialisation des paramètres système ... OK
########## - EOF - ##########
Salut,
désolé de ne pas avoir posté plus tôt,
j'ai mis a jours les différents driver et aux démarrage "lcnb_main.exe" dans une fenêtre d'avertissement Windows.
voila rapport Delfix:
# DelFix v10.7 - Rapport créé le 09/08/2014 à 12:13:21
# Mis à jour le 27/04/2014 par Xplode
# Nom d'utilisateur : admin - PRODUCY-917E908
# Système d'exploitation : Microsoft Windows XP Service Pack 3 (32 bits)
~ Suppression des outils de désinfection ...
Supprimé : C:\_OTL
Supprimé : C:\Shortcut_Module
Supprimé : C:\Program Files\SEAF
Supprimé : C:\JavaRa.log
Supprimé : C:\Shortcut_Module_12_07_2014_20_46_41.txt
Supprimé : C:\Shortcut_Module_26_06_2014_13_58_01.txt
Supprimé : C:\Shortcut_Module_26_06_2014_19_47_45.txt
Supprimé : C:\Shortcut_Module_28_06_2014_16_01_44.txt
Supprimé : C:\Shortcut_Module_30_06_2014_11_05_47.txt
Supprimé : C:\Documents and Settings\admin\Bureau\Extras.Txt
Supprimé : C:\Documents and Settings\admin\Bureau\OTL.Txt
Supprimé : C:\Documents and Settings\admin\Bureau\SeafLog.txt
Supprimé : C:\Documents and Settings\admin\Bureau\Shortcut_Module.exe
Supprimé : C:\Documents and Settings\admin\Mes documents\Downloads\Extras.Txt
Supprimé : C:\Documents and Settings\admin\Mes documents\Downloads\JavaRa.zip
Supprimé : C:\Documents and Settings\admin\Mes documents\Downloads\OTL.Txt
Supprimé : C:\Documents and Settings\admin\Mes documents\Downloads\OTL.exe
Supprimé : C:\Documents and Settings\admin\Mes documents\Downloads\seaf.exe
Supprimé : C:\Documents and Settings\admin\Mes documents\Downloads\Shortcut_Module.exe
Supprimée : HKCU\Software\Shortcut_Module
Supprimée : HKLM\SOFTWARE\OldTimer Tools
Supprimée : HKLM\SOFTWARE\Shortcut_Module
Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SEAF
~ Sauvegarde de la base de registre ... OK
~ Purge de la restauration système ...
Supprimé : RP #179 [Point de vérification système | 06/26/2014 21:12:50]
Supprimé : RP #180 [Point de vérification système | 06/28/2014 12:55:18]
Supprimé : RP #181 [Supprimé Grand Theft Auto Vice City | 06/30/2014 12:21:57]
Supprimé : RP #182 [Point de vérification système | 07/02/2014 14:19:07]
Supprimé : RP #183 [Supprimé TuneUp Utilities 2013 | 07/03/2014 12:41:56]
Supprimé : RP #184 [Supprimé TuneUp Utilities Language Pack (fr-FR) | 07/03/2014 12:42:27]
Supprimé : RP #185 [Ma-Config.com supprimé | 07/04/2014 08:28:03]
Supprimé : RP #186 [Ma-Config.com installé | 07/04/2014 08:28:15]
Supprimé : RP #187 [Le Service Pack 3 pour Windows XP a été installé. | 07/04/2014 08:57:39]
Supprimé : RP #188 [Point de vérification système | 07/05/2014 09:58:41]
Supprimé : RP #189 [Software Distribution Service 3.0 | 07/05/2014 11:32:18]
Supprimé : RP #190 [Software Distribution Service 3.0 | 07/05/2014 12:12:35]
Supprimé : RP #191 [Software Distribution Service 3.0 | 07/05/2014 12:43:21]
Supprimé : RP #192 [Software Distribution Service 3.0 | 07/05/2014 14:34:37]
Supprimé : RP #193 [Software Distribution Service 3.0 | 07/06/2014 10:54:36]
Supprimé : RP #194 [Software Distribution Service 3.0 | 07/06/2014 11:12:07]
Supprimé : RP #195 [Point de vérification système | 07/07/2014 11:51:19]
Supprimé : RP #196 [Point de vérification système | 07/08/2014 12:10:16]
Supprimé : RP #197 [Software Distribution Service 3.0 | 07/09/2014 10:56:45]
Supprimé : RP #198 [Point de vérification système | 07/10/2014 13:01:28]
Supprimé : RP #199 [Point de vérification système | 07/11/2014 13:49:44]
Supprimé : RP #200 [Point de vérification système | 07/12/2014 22:02:36]
Supprimé : RP #201 [avast! antivirus system restore point | 07/15/2014 14:42:29]
Supprimé : RP #202 [Installé Conseiller de mise à niveau vers Windows 7 | 07/17/2014 12:10:39]
Supprimé : RP #203 [avast! antivirus system restore point | 07/18/2014 08:24:14]
Supprimé : RP #204 [Removed Un voisin d'enfer! | 07/18/2014 08:26:15]
Supprimé : RP #205 [Point de vérification système | 07/19/2014 10:38:27]
Supprimé : RP #206 [Point de vérification système | 07/22/2014 17:34:53]
Supprimé : RP #207 [Point de vérification système | 07/24/2014 09:37:00]
Supprimé : RP #208 [Point de vérification système | 07/25/2014 09:40:46]
Supprimé : RP #209 [OTL Restore Point - 26/07/2014 13:38:28 | 07/26/2014 11:38:31]
Supprimé : RP #210 [Point de vérification système | 07/29/2014 13:13:04]
Supprimé : RP #211 [Point de vérification système | 07/31/2014 09:16:53]
Supprimé : RP #212 [Point de vérification système | 08/04/2014 07:57:48]
Supprimé : RP #213 [Point de vérification système | 08/05/2014 10:33:56]
Supprimé : RP #214 [Installé REALTEK GbE FE Ethernet PCI-E NIC Driver | 08/06/2014 08:29:47]
Supprimé : RP #215 [Configuré REALTEK GbE FE Ethernet PCI-E NIC Driver | 08/07/2014 07:36:29]
Supprimé : RP #216 [Installé Realtek High Definition Audio Driver | 08/07/2014 07:38:53]
Supprimé : RP #217 [Installed Ralink Wireless LAN | 08/07/2014 07:41:59]
Supprimé : RP #218 [Point de vérification système | 08/08/2014 09:10:55]
Supprimé : RP #219 [Installé Java 7 Update 67 | 08/09/2014 10:07:55]
Nouveau point de restauration créé !
~ Réinitialisation des paramètres système ... OK
########## - EOF - ##########
par g3n-h@ckm@n » sam. 9 août 2014 00:00
ok fais ce ménage et dis quoi : http://gen-hackman.purforum.com/t50-fin-de-desinfection
par
xav9425 » ven. 8 août 2014 21:57
Oui oui ça a fonctionné
Oui oui ça a fonctionné
par g3n-h@ckm@n » ven. 8 août 2014 19:43
re
dis-moi déjà si ce que j'ai dit de faire a fonctionné ou pas
re
dis-moi déjà si ce que j'ai dit de faire a fonctionné ou pas
par
xav9425 » ven. 8 août 2014 10:40
Re,
Dsl de ma question, un peu conne.
Le PC est toujours un peu lent. Est ce qu'il faut que je fasse encore des manips?
Re,
Dsl de ma question, un peu conne.
Le PC est toujours un peu lent. Est ce qu'il faut que je fasse encore des manips?
par g3n-h@ckm@n » mar. 5 août 2014 14:01
dans le fichier boot.ini
lol
dans le fichier boot.ini
lol
par
xav9425 » mar. 5 août 2014 13:48
Ou faut-il que je supprime la ligne ?
Ou faut-il que je supprime la ligne ?
par g3n-h@ckm@n » mar. 5 août 2014 13:43
re
alors supprime cette ligne :
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect /noexecute=alwaysoff
et change cette ligne :
timeout=30
par
timeout=03
(tu attendras moins longtemps pour xp demarre, 3 sec au lieu de 30 ^^ )
ensuite :
touche windows + R
dans la fenetre noire tape :
%windir%\System32\attrib.exe +h +r +s %Homedrive%\Boot.ini
puis valide , ensuite tu peux redemarrer le pc
re
alors supprime cette ligne :
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect /noexecute=alwaysoff
et change cette ligne :
timeout=30
par
timeout=03
(tu attendras moins longtemps pour xp demarre, 3 sec au lieu de 30 ^^ )
ensuite :
touche windows + R
dans la fenetre noire tape :
%windir%\System32\attrib.exe +h +r +s %Homedrive%\Boot.ini
puis valide , ensuite tu peux redemarrer le pc
par
xav9425 » mar. 5 août 2014 12:17
Re,
oui ce serait pour booter directement sur l'édition familiale.
Re,
oui ce serait pour booter directement sur l'édition familiale.
par g3n-h@ckm@n » lun. 4 août 2014 18:54
ok et t'aimerais qu'il n'y ait que le choix de demarrer sur édition familiale c'est ca ?
==
pour le desktop qui s'ouvre au demarrage
faut supprimer :
c:\Documents and settings\ta session\menu démarrer\Programmes\démarrage\Desktop.ini
C:\All Users\menu démarrer\Programmes\démarrage\Desktop.ini
ok et t'aimerais qu'il n'y ait que le choix de demarrer sur édition familiale c'est ca ?
==
pour le desktop qui s'ouvre au demarrage
faut supprimer :
c:\Documents and settings\ta session\menu démarrer\Programmes\démarrage\Desktop.ini
C:\All Users\menu démarrer\Programmes\démarrage\Desktop.ini
par
xav9425 » lun. 4 août 2014 09:38
Re,
[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP dition familiale" /noexecute=optin /fastdetect
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect /noexecute=alwaysoff
Re,
[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP dition familiale" /noexecute=optin /fastdetect
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect /noexecute=alwaysoff
par g3n-h@ckm@n » dim. 3 août 2014 19:22
salut pour l 'icone tu peux le supprimer
colle le contenu de C:\Boot.ini
salut pour l 'icone tu peux le supprimer
colle le contenu de C:\Boot.ini
par
xav9425 » jeu. 31 juil. 2014 11:00
Re,
le PC tourne déjà beaucoup mieux.
J'ai toujours le fichier "destktop" qui s'ouvre au démarrage avec ce message: "[.ShellClassInfo]
LocalizedResourceName=@%SystemRoot%\system32\shell32.dll,-21787"
J'ai aussi au démarrage le choix de booter sur XP familiale ou pro. Si je choisis Pro, il ne boot pas, est ce que je peux dégager ça?
A part ça il me reste l'icône de Bearshare sur le bureau, est ce qu'un simple clique-droit supprimer suffit ?
Re,
le PC tourne déjà beaucoup mieux.
J'ai toujours le fichier "destktop" qui s'ouvre au démarrage avec ce message: "[.ShellClassInfo]
LocalizedResourceName=@%SystemRoot%\system32\shell32.dll,-21787"
J'ai aussi au démarrage le choix de booter sur XP familiale ou pro. Si je choisis Pro, il ne boot pas, est ce que je peux dégager ça?
A part ça il me reste l'icône de Bearshare sur le bureau, est ce qu'un simple clique-droit supprimer suffit ?
par g3n-h@ckm@n » mer. 30 juil. 2014 22:49
re ok nickel , des soucis persistent ?
re ok nickel , des soucis persistent ?
par
xav9425 » mar. 29 juil. 2014 18:12
All processes killed
========== OTL ==========
HKU\S-1-5-21-789336058-1801674531-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar| /E : value set successfully!
HKU\S-1-5-21-789336058-1801674531-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
C:\56aacd259d89b6aba8f7ad7089876a\x86 folder moved successfully.
C:\56aacd259d89b6aba8f7ad7089876a\FR-FR folder moved successfully.
C:\56aacd259d89b6aba8f7ad7089876a\EN-US folder moved successfully.
C:\56aacd259d89b6aba8f7ad7089876a folder moved successfully.
C:\98a61db3e46ed6f881\i386 folder moved successfully.
C:\98a61db3e46ed6f881\amd64 folder moved successfully.
C:\98a61db3e46ed6f881 folder moved successfully.
C:\Program Files\GUM2.tmp\GoogleCrashHandler.exe deleted successfully.
C:\Program Files\GUM2.tmp\GoogleCrashHandler64.exe deleted successfully.
C:\Program Files\GUM2.tmp\GoogleUpdate.exe deleted successfully.
C:\Program Files\GUM2.tmp\GoogleUpdateBroker.exe deleted successfully.
C:\Program Files\GUM2.tmp\GoogleUpdateComRegisterShell64.exe deleted successfully.
C:\Program Files\GUM2.tmp\GoogleUpdateHelper.msi deleted successfully.
C:\Program Files\GUM2.tmp\GoogleUpdateOnDemand.exe deleted successfully.
C:\Program Files\GUM2.tmp\GoogleUpdateSetup.exe deleted successfully.
C:\Program Files\GUM2.tmp\goopdate.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_am.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_ar.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_bg.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_bn.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_ca.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_cs.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_da.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_de.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_el.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_en-GB.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_en.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_es-419.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_es.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_et.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_fa.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_fi.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_fil.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_fr.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_gu.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_hi.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_hr.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_hu.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_id.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_is.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_it.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_iw.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_ja.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_kn.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_ko.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_lt.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_lv.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_ml.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_mr.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_ms.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_nl.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_no.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_pl.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_pt-BR.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_pt-PT.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_ro.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_ru.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_sk.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_sl.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_sr.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_sv.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_sw.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_ta.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_te.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_th.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_tr.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_uk.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_ur.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_vi.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_zh-CN.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_zh-TW.dll deleted successfully.
C:\Program Files\GUM2.tmp\npGoogleUpdate3.dll deleted successfully.
C:\Program Files\GUM2.tmp\psmachine.dll deleted successfully.
C:\Program Files\GUM2.tmp\psmachine_64.dll deleted successfully.
C:\Program Files\GUM2.tmp\psuser.dll deleted successfully.
C:\Program Files\GUM2.tmp\psuser_64.dll deleted successfully.
C:\Program Files\GUM2.tmp folder deleted successfully.
C:\Program Files\GUT3.tmp deleted successfully.
C:\WINDOWS\msdownld.tmp folder deleted successfully.
C:\Documents and Settings\All Users\Application Data\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} folder moved successfully.
C:\Documents and Settings\admin\Local Settings\Application Data\Software\CrashReports folder moved successfully.
C:\Documents and Settings\admin\Local Settings\Application Data\Software folder moved successfully.
C:\Program Files\BearShare Applications\BearShare folder moved successfully.
C:\Program Files\BearShare Applications folder moved successfully.
Folder C:\Program Files\GUM2.tmp\ not found.
C:\Program Files\TuneUp Utilities 2013\UpdateWizard\fr-FR folder moved successfully.
C:\Program Files\TuneUp Utilities 2013\UpdateWizard folder moved successfully.
C:\Program Files\TuneUp Utilities 2013 folder moved successfully.
C:\WINDOWS\Installer\{EBE677C0-CBCB-4EBF-8098-E27E1B5271CF} folder moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: admin
-Temp folder emptied: 2188316 bytes
-Temporary Internet Files folder emptied: 295314 bytes
-Google Chrome cache emptied: 50936814 bytes
-Flash cache emptied: 506 bytes
User: Administrateur
-Temp folder emptied: 1083 bytes
-Temporary Internet Files folder emptied: 2671006 bytes
-Google Chrome cache emptied: 63336061 bytes
User: All Users
User: Default User
-Temp folder emptied: 0 bytes
-Temporary Internet Files folder emptied: 33170 bytes
User: LocalService
-Temp folder emptied: 0 bytes
-Temporary Internet Files folder emptied: 34034 bytes
User: NetworkService
-Temp folder emptied: 0 bytes
-Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 315300 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 24991288 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 138,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 07292014_161215
Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.
File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
All processes killed
========== OTL ==========
HKU\S-1-5-21-789336058-1801674531-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar| /E : value set successfully!
HKU\S-1-5-21-789336058-1801674531-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
C:\56aacd259d89b6aba8f7ad7089876a\x86 folder moved successfully.
C:\56aacd259d89b6aba8f7ad7089876a\FR-FR folder moved successfully.
C:\56aacd259d89b6aba8f7ad7089876a\EN-US folder moved successfully.
C:\56aacd259d89b6aba8f7ad7089876a folder moved successfully.
C:\98a61db3e46ed6f881\i386 folder moved successfully.
C:\98a61db3e46ed6f881\amd64 folder moved successfully.
C:\98a61db3e46ed6f881 folder moved successfully.
C:\Program Files\GUM2.tmp\GoogleCrashHandler.exe deleted successfully.
C:\Program Files\GUM2.tmp\GoogleCrashHandler64.exe deleted successfully.
C:\Program Files\GUM2.tmp\GoogleUpdate.exe deleted successfully.
C:\Program Files\GUM2.tmp\GoogleUpdateBroker.exe deleted successfully.
C:\Program Files\GUM2.tmp\GoogleUpdateComRegisterShell64.exe deleted successfully.
C:\Program Files\GUM2.tmp\GoogleUpdateHelper.msi deleted successfully.
C:\Program Files\GUM2.tmp\GoogleUpdateOnDemand.exe deleted successfully.
C:\Program Files\GUM2.tmp\GoogleUpdateSetup.exe deleted successfully.
C:\Program Files\GUM2.tmp\goopdate.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_am.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_ar.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_bg.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_bn.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_ca.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_cs.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_da.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_de.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_el.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_en-GB.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_en.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_es-419.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_es.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_et.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_fa.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_fi.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_fil.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_fr.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_gu.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_hi.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_hr.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_hu.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_id.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_is.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_it.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_iw.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_ja.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_kn.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_ko.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_lt.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_lv.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_ml.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_mr.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_ms.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_nl.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_no.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_pl.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_pt-BR.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_pt-PT.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_ro.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_ru.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_sk.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_sl.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_sr.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_sv.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_sw.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_ta.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_te.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_th.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_tr.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_uk.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_ur.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_vi.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_zh-CN.dll deleted successfully.
C:\Program Files\GUM2.tmp\goopdateres_zh-TW.dll deleted successfully.
C:\Program Files\GUM2.tmp\npGoogleUpdate3.dll deleted successfully.
C:\Program Files\GUM2.tmp\psmachine.dll deleted successfully.
C:\Program Files\GUM2.tmp\psmachine_64.dll deleted successfully.
C:\Program Files\GUM2.tmp\psuser.dll deleted successfully.
C:\Program Files\GUM2.tmp\psuser_64.dll deleted successfully.
C:\Program Files\GUM2.tmp folder deleted successfully.
C:\Program Files\GUT3.tmp deleted successfully.
C:\WINDOWS\msdownld.tmp folder deleted successfully.
C:\Documents and Settings\All Users\Application Data\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} folder moved successfully.
C:\Documents and Settings\admin\Local Settings\Application Data\Software\CrashReports folder moved successfully.
C:\Documents and Settings\admin\Local Settings\Application Data\Software folder moved successfully.
C:\Program Files\BearShare Applications\BearShare folder moved successfully.
C:\Program Files\BearShare Applications folder moved successfully.
Folder C:\Program Files\GUM2.tmp\ not found.
C:\Program Files\TuneUp Utilities 2013\UpdateWizard\fr-FR folder moved successfully.
C:\Program Files\TuneUp Utilities 2013\UpdateWizard folder moved successfully.
C:\Program Files\TuneUp Utilities 2013 folder moved successfully.
C:\WINDOWS\Installer\{EBE677C0-CBCB-4EBF-8098-E27E1B5271CF} folder moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: admin
-Temp folder emptied: 2188316 bytes
-Temporary Internet Files folder emptied: 295314 bytes
-Google Chrome cache emptied: 50936814 bytes
-Flash cache emptied: 506 bytes
User: Administrateur
-Temp folder emptied: 1083 bytes
-Temporary Internet Files folder emptied: 2671006 bytes
-Google Chrome cache emptied: 63336061 bytes
User: All Users
User: Default User
-Temp folder emptied: 0 bytes
-Temporary Internet Files folder emptied: 33170 bytes
User: LocalService
-Temp folder emptied: 0 bytes
-Temporary Internet Files folder emptied: 34034 bytes
User: NetworkService
-Temp folder emptied: 0 bytes
-Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 315300 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 24991288 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 138,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 07292014_161215
Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.
File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
par g3n-h@ckm@n » lun. 28 juil. 2014 02:12
re
pas tout a fonctionné j'ai mis des caractères en trop
refais avec juste ca :
:OTL
IE - HKU\S-1-5-21-789336058-1801674531-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
http://dts.search.ask.com/sidebar.html? ... systemid=2
IE - HKU\S-1-5-21-789336058-1801674531-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://dts.search.ask.com/sidebar.html? ... systemid=2
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
[2014/07/13 18:02:42 | 000,000,000 | ---D | C] -- C:\56aacd259d89b6aba8f7ad7089876a
[2014/07/05 16:35:43 | 000,000,000 | ---D | C] -- C:\98a61db3e46ed6f881
[2 C:\Program Files\*.tmp files - C:\Program Files\*.tmp - ]
[1 C:\WINDOWS\*.tmp files - C:\WINDOWS\*.tmp - ]
[2013/05/19 14:16:29 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2013/07/06 13:25:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Local Settings\Application Data\Software
[2013/08/28 11:17:26 | 000,000,000 | ---D | M] -- C:\Program Files\BearShare Applications
[2014/06/26 14:02:06 | 000,000,000 | ---D | M] -- C:\Program Files\GUM2.tmp
[2014/07/03 14:42:10 | 000,000,000 | ---D | M] -- C:\Program Files\TuneUp Utilities 2013
[2013/07/06 13:40:52 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{EBE677C0-CBCB-4EBF-8098-E27E1B5271CF}
:commands
[emptytemp]
re
pas tout a fonctionné j'ai mis des caractères en trop
refais avec juste ca :
:OTL
IE - HKU\S-1-5-21-789336058-1801674531-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://dts.search.ask.com/sidebar.html?src=ssbgct=dsappid=702systemid=2
IE - HKU\S-1-5-21-789336058-1801674531-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://dts.search.ask.com/sidebar.html?src=ssbgct=dsappid=702systemid=2
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
[2014/07/13 18:02:42 | 000,000,000 | ---D | C] -- C:\56aacd259d89b6aba8f7ad7089876a
[2014/07/05 16:35:43 | 000,000,000 | ---D | C] -- C:\98a61db3e46ed6f881
[2 C:\Program Files\*.tmp files - C:\Program Files\*.tmp - ]
[1 C:\WINDOWS\*.tmp files - C:\WINDOWS\*.tmp - ]
[2013/05/19 14:16:29 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2013/07/06 13:25:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Local Settings\Application Data\Software
[2013/08/28 11:17:26 | 000,000,000 | ---D | M] -- C:\Program Files\BearShare Applications
[2014/06/26 14:02:06 | 000,000,000 | ---D | M] -- C:\Program Files\GUM2.tmp
[2014/07/03 14:42:10 | 000,000,000 | ---D | M] -- C:\Program Files\TuneUp Utilities 2013
[2013/07/06 13:40:52 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{EBE677C0-CBCB-4EBF-8098-E27E1B5271CF}
:commands
[emptytemp]
par
xav9425 » dim. 27 juil. 2014 13:35
Re,
voila le rapport:
All processes killed
Error: Unable to interpret :OTL in the current context!
Error: Unable to interpret
http://dts.search.ask.com/sidebar.html? ... systemid=2 in the current context!
Error: Unable to interpret
http://dts.search.ask.com/sidebar.html? ... systemid=2 in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret C:\Program Files\*.tmp - ] in the current context!
Error: Unable to interpret C:\WINDOWS\*.tmp - ] in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
========== REGISTRY ==========
Registry key HKEY_CURRENT_USER\Software\(null)\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\APN DTX\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\BearShare\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Boxore\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Conduit\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\DSiteProducts\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\iMesh\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\lollipop\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Optimizer Pro\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\systweak\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Torch\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Tuguu SL\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Vittalia\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\1900:UDP deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\2869:TCP deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\139:TCP deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\445:TCP deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\137:UDP deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\138:UDP deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\\"EnableFirewall"|DWORD:0 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\"EnableFirewall"|DWORD:0 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\\"EnableFirewall"|DWORD:0 /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\BearShare Applications\BearShare\BearShare.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\BearShare Applications\BearShare\BearShare.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Documents and Settings\admin\Local Settings\Temp\Répertoire temporaire 1 pour PortableEmule-049c-r01.zip\PortableEmule-049c-r01\PortableeMule\emule\emule.exe deleted successfully.
========== COMMANDS ==========
Error: Unable to interpret in the current context!
OTL by OldTimer - Version 3.2.69.0 log created on 07272014_133025
Files\Folders moved on Reboot...
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
Re,
voila le rapport:
All processes killed
Error: Unable to interpret :OTL in the current context!
Error: Unable to interpret http://dts.search.ask.com/sidebar.html?src=ssbgct=dsappid=702systemid=2 in the current context!
Error: Unable to interpret http://dts.search.ask.com/sidebar.html?src=ssbgct=dsappid=702systemid=2 in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret C:\Program Files\*.tmp - ] in the current context!
Error: Unable to interpret C:\WINDOWS\*.tmp - ] in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
========== REGISTRY ==========
Registry key HKEY_CURRENT_USER\Software\(null)\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\APN DTX\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\BearShare\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Boxore\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Conduit\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\DSiteProducts\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\iMesh\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\lollipop\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Optimizer Pro\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\systweak\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Torch\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Tuguu SL\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Vittalia\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\1900:UDP deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\2869:TCP deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\139:TCP deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\445:TCP deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\137:UDP deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\138:UDP deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\\"EnableFirewall"|DWORD:0 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\"EnableFirewall"|DWORD:0 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\\"EnableFirewall"|DWORD:0 /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\BearShare Applications\BearShare\BearShare.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\BearShare Applications\BearShare\BearShare.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Documents and Settings\admin\Local Settings\Temp\Répertoire temporaire 1 pour PortableEmule-049c-r01.zip\PortableEmule-049c-r01\PortableeMule\emule\emule.exe deleted successfully.
========== COMMANDS ==========
Error: Unable to interpret in the current context!
OTL by OldTimer - Version 3.2.69.0 log created on 07272014_133025
Files\Folders moved on Reboot...
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
par g3n-h@ckm@n » dim. 27 juil. 2014 01:11
Bonsoir désinstalle tuneUP utilities si tu l'as pas fait , puis colle ca en bas d'OTL puis clique sur correction et poste le nouveau rapport qui s'ouvrira :
:OTL
IE - HKU\S-1-5-21-789336058-1801674531-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://dts.search.ask.com/sidebar.html? ... systemid=2
IE - HKU\S-1-5-21-789336058-1801674531-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://dts.search.ask.com/sidebar.html? ... systemid=2
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
[2014/07/13 18:02:42 | 000,000,000 | ---D | C] -- C:\56aacd259d89b6aba8f7ad7089876a
[2014/07/05 16:35:43 | 000,000,000 | ---D | C] -- C:\98a61db3e46ed6f881
[2 C:\Program Files\*.tmp files - C:\Program Files\*.tmp - ]
[1 C:\WINDOWS\*.tmp files - C:\WINDOWS\*.tmp - ]
[2013/05/19 14:16:29 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2013/07/06 13:25:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Local Settings\Application Data\Software
[2013/08/28 11:17:26 | 000,000,000 | ---D | M] -- C:\Program Files\BearShare Applications
[2014/06/26 14:02:06 | 000,000,000 | ---D | M] -- C:\Program Files\GUM2.tmp
[2014/07/03 14:42:10 | 000,000,000 | ---D | M] -- C:\Program Files\TuneUp Utilities 2013
[2013/07/06 13:40:52 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{EBE677C0-CBCB-4EBF-8098-E27E1B5271CF}
:reg
[-HKEY_CURRENT_USER\Software\(null)]
[-HKEY_CURRENT_USER\Software\APN DTX]
[-HKEY_CURRENT_USER\Software\BearShare]
[-HKEY_CURRENT_USER\Software\Boxore]
[-HKEY_CURRENT_USER\Software\Conduit]
[-HKEY_CURRENT_USER\Software\DSiteProducts]
[-HKEY_CURRENT_USER\Software\iMesh]
[-HKEY_CURRENT_USER\Software\lollipop]
[-HKEY_CURRENT_USER\Software\Optimizer Pro]
[-HKEY_CURRENT_USER\Software\systweak]
[-HKEY_CURRENT_USER\Software\Torch]
[-HKEY_CURRENT_USER\Software\Tuguu SL]
[-HKEY_CURRENT_USER\Software\Vittalia]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP"=-
"2869:TCP"=-
"139:TCP"=-
"445:TCP"=-
"137:UDP"=-
"138:UDP"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall"=DWORD:0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall"=DWORD:0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\BearShare Applications\BearShare\BearShare.exe"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\BearShare Applications\BearShare\BearShare.exe"=-
"C:\Documents and Settings\admin\Local Settings\Temp\Répertoire temporaire 1 pour PortableEmule-049c-r01.zip\PortableEmule-049c-r01\PortableeMule\emule\emule.exe"=-
:commands
[emptytemp]Bonsoir désinstalle tuneUP utilities si tu l'as pas fait , puis colle ca en bas d'OTL puis clique sur correction et poste le nouveau rapport qui s'ouvrira :
[b]:OTL
IE - HKU\S-1-5-21-789336058-1801674531-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://dts.search.ask.com/sidebar.html?src=ssbgct=dsappid=702systemid=2
IE - HKU\S-1-5-21-789336058-1801674531-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://dts.search.ask.com/sidebar.html?src=ssbgct=dsappid=702systemid=2
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
[2014/07/13 18:02:42 | 000,000,000 | ---D | C] -- C:\56aacd259d89b6aba8f7ad7089876a
[2014/07/05 16:35:43 | 000,000,000 | ---D | C] -- C:\98a61db3e46ed6f881
[2 C:\Program Files\*.tmp files - C:\Program Files\*.tmp - ]
[1 C:\WINDOWS\*.tmp files - C:\WINDOWS\*.tmp - ]
[2013/05/19 14:16:29 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2013/07/06 13:25:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Local Settings\Application Data\Software
[2013/08/28 11:17:26 | 000,000,000 | ---D | M] -- C:\Program Files\BearShare Applications
[2014/06/26 14:02:06 | 000,000,000 | ---D | M] -- C:\Program Files\GUM2.tmp
[2014/07/03 14:42:10 | 000,000,000 | ---D | M] -- C:\Program Files\TuneUp Utilities 2013
[2013/07/06 13:40:52 | 000,000,000 | ---D | M] -- C:\WINDOWS\Installer\{EBE677C0-CBCB-4EBF-8098-E27E1B5271CF}
:reg
[-HKEY_CURRENT_USER\Software\(null)]
[-HKEY_CURRENT_USER\Software\APN DTX]
[-HKEY_CURRENT_USER\Software\BearShare]
[-HKEY_CURRENT_USER\Software\Boxore]
[-HKEY_CURRENT_USER\Software\Conduit]
[-HKEY_CURRENT_USER\Software\DSiteProducts]
[-HKEY_CURRENT_USER\Software\iMesh]
[-HKEY_CURRENT_USER\Software\lollipop]
[-HKEY_CURRENT_USER\Software\Optimizer Pro]
[-HKEY_CURRENT_USER\Software\systweak]
[-HKEY_CURRENT_USER\Software\Torch]
[-HKEY_CURRENT_USER\Software\Tuguu SL]
[-HKEY_CURRENT_USER\Software\Vittalia]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP"=-
"2869:TCP"=-
"139:TCP"=-
"445:TCP"=-
"137:UDP"=-
"138:UDP"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall"=DWORD:0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall"=DWORD:0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\BearShare Applications\BearShare\BearShare.exe"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\BearShare Applications\BearShare\BearShare.exe"=-
"C:\Documents and Settings\admin\Local Settings\Temp\Répertoire temporaire 1 pour PortableEmule-049c-r01.zip\PortableEmule-049c-r01\PortableeMule\emule\emule.exe"=-
:commands
[emptytemp][/b]
par
xav9425 » sam. 26 juil. 2014 17:31
Salut,
en effet je n'ai pas tout copié -_-'
Voila les rapports qui cette fois-ci devrait être les bons:
http://upload.sosvirus.net/www/?a=di=4knLyak5mv
http://upload.sosvirus.net/www/?a=di=dHHdc9oxnd
(Au démarrage j'ai un fichier "desktop.ini" qui s'ouvre avec ce texte "[.ShellClassInfo]
LocalizedResourceName=@%SystemRoot%\system32\shell32.dll,-21787")
Salut,
en effet je n'ai pas tout copié -_-'
Voila les rapports qui cette fois-ci devrait être les bons:
http://upload.sosvirus.net/www/?a=di=4knLyak5mv
http://upload.sosvirus.net/www/?a=di=dHHdc9oxnd
(Au démarrage j'ai un fichier "desktop.ini" qui s'ouvre avec ce texte "[.ShellClassInfo]
LocalizedResourceName=@%SystemRoot%\system32\shell32.dll,-21787")
par g3n-h@ckm@n » ven. 25 juil. 2014 19:11
t'as pas tout copié c'est pas complet
t'as pas tout copié c'est pas complet
par
xav9425 » ven. 25 juil. 2014 17:19
Voila les rapports, avec le texte copié:
http://upload.sosvirus.net/www/?a=di=ywpaSR3Tu9
http://upload.sosvirus.net/www/?a=di=mU9gjDmBoP
par
xav9425 » ven. 25 juil. 2014 17:18
Voila les rapports, avec le texte copié:
http://upload.sosvirus.net/www/?a=di=ywpaSR3Tu9
http://upload.sosvirus.net/www/?a=di=mU9gjDmBoP
par
xav9425 » jeu. 24 juil. 2014 20:38
Il me semblait l'avoir fait, je refais la manip et je t'envois les liens
Il me semblait l'avoir fait, je refais la manip et je t'envois les liens
par g3n-h@ckm@n » jeu. 24 juil. 2014 20:33
tu n'as pas collé le texte dans OTL
tu n'as pas collé le texte dans OTL
par
xav9425 » jeu. 24 juil. 2014 20:11
Non, c'est la version gratuite.
Non, c'est la version gratuite.
par g3n-h@ckm@n » jeu. 24 juil. 2014 20:06
un question , ton Avast c'est la version pro ? payante ?
un question , ton Avast c'est la version pro ? payante ?
par
xav9425 » jeu. 24 juil. 2014 15:53
Rapport OTL:
http://upload.sosvirus.net/www/?a=di=CtcHNV4JEL
http://upload.sosvirus.net/www/?a=di=NKV0AhPxQw
par g3n-h@ckm@n » jeu. 24 juil. 2014 13:32
ok refais OTL stp voir.....
ok refais OTL stp voir.....
par
xav9425 » jeu. 24 juil. 2014 11:21
Re,
j'ai le dossier "jumpshot.com" mais celui ci est vide ...
(Pour le téléchargement, j’espère ne pas m'être trompé dans le liens, même si théoriquement, j'évite de dl sur n'importe quel site, sur les conseils des helpeurs)
Re,
j'ai le dossier "jumpshot.com" mais celui ci est vide ...
(Pour le téléchargement, j’espère ne pas m'être trompé dans le liens, même si théoriquement, j'évite de dl sur n'importe quel site, sur les conseils des helpeurs)
par g3n-h@ckm@n » mer. 23 juil. 2014 23:30
ah ben si c'est sur microsoft même...
Fais analyser le(s) fichier(s) suivants sur Virustotal :
http://www.virustotal.com/index.html
clique sur "Parcourir" et trouve puis selectionne ce(s) fichier(s) :
C:\WINDOWS\jumpshot.com
* Clique maintenant sur Envoyer le fichier. et laisse travailler tant que "Situation actuelle : en cours d'analyse" est affiché.
* Il est possible que le fichier soit mis en file d'attente en raison d'un grand nombre de demandes d'analyses. En ce cas, il te faudra patienter sans actualiser la page.
* Lorsque l'analyse est terminée colle le lien de(s)( la) page(s) dans ta prochaine réponse.
ah ben si c'est sur microsoft même...
Fais analyser le(s) fichier(s) suivants sur Virustotal :
http://www.virustotal.com/index.html
clique sur "Parcourir" et trouve puis selectionne ce(s) fichier(s) :
C:\WINDOWS\jumpshot.com
* Clique maintenant sur Envoyer le fichier. et laisse travailler tant que "Situation actuelle : en cours d'analyse" est affiché.
* Il est possible que le fichier soit mis en file d'attente en raison d'un grand nombre de demandes d'analyses. En ce cas, il te faudra patienter sans actualiser la page.
* Lorsque l'analyse est terminée colle le lien de(s)( la) page(s) dans ta prochaine réponse.
par
xav9425 » mer. 23 juil. 2014 17:59
Re,
si je ne me trompe pas, je l'ai pris sur:
http://support.microsoft.com/Re,
si je ne me trompe pas, je l'ai pris sur: http://support.microsoft.com/
par g3n-h@ckm@n » mer. 23 juil. 2014 09:14
heu.... les detections des antivirus ne sont pas importantes ils détectent n'importe quoi
tu te rapelles vraiment plus sur quel site tu l'as téléchargé ?
évite de suivre les indications sur commentcamarche les gens gens qui aident la-bàs ne comprennent rien en désinfection pour 70% des cas
heu.... les detections des antivirus ne sont pas importantes ils détectent n'importe quoi
tu te rapelles vraiment plus sur quel site tu l'as téléchargé ?
évite de suivre les indications sur commentcamarche les gens gens qui aident la-bàs ne comprennent rien en désinfection pour 70% des cas
par
xav9425 » mar. 22 juil. 2014 13:37
Re,
j'ai lancé Ccleaner du coup je ne suis pas certain du site exact, mais j'ai trouvé le liens en passant par "comment ça marche" et en analysant le fichier avec Avast "aucune menace détectée"
Re,
j'ai lancé Ccleaner du coup je ne suis pas certain du site exact, mais j'ai trouvé le liens en passant par "comment ça marche" et en analysant le fichier avec Avast "aucune menace détectée"
par g3n-h@ckm@n » mar. 22 juil. 2014 00:19
re
tu l'as téléchargé où ?
re
tu l'as téléchargé où ?
par
xav9425 » lun. 21 juil. 2014 07:09
Salut,
J'ai téléchargé le programme "Conseiller de mise à niveau vers Windows 7", pour voir si éventuellement le PC aurait été compatible avec Windows 7.
Salut,
J'ai téléchargé le programme "Conseiller de mise à niveau vers Windows 7", pour voir si éventuellement le PC aurait été compatible avec Windows 7.
par g3n-h@ckm@n » dim. 20 juil. 2014 13:14
heuuu..... tu as téléchargé et installé des programmes entre temps ?
heuuu..... tu as téléchargé et installé des programmes entre temps ?
par
xav9425 » dim. 20 juil. 2014 10:21
Ok, voila les rapports OTL
http://cjoint.com/?DGukt41LO5h
http://cjoint.com/?DGukvp1Rhn2
par g3n-h@ckm@n » sam. 19 juil. 2014 19:45
Hello ok
refais OTL je vais te faire sauter ca
Hello ok
refais OTL je vais te faire sauter ca
par
xav9425 » sam. 19 juil. 2014 16:22
Salut,
voila le rapport:
1. ========================= SEAF 1.0.1.0 - C_XX
2.
3. Commencé à: 15:57:54 le 19/07/2014
4.
5. Valeur(s) recherchée(s):
6. bearshare
7.
8. Légende: TC = Date de création, TM = Date de modification, DA = Dernier accès
9.
10. (!) --- Recherche registre
11.
12. ====== Fichier(s) ======
13.
14.
15. "C:\Documents and Settings\admin\Bureau\BearShare.lnk" [ ARCHIVE | 885 o ]
16. TC: 28/08/2013,11:18:15 | TM: 28/08/2013,11:18:15 | DA: 19/07/2014,11:47:22
17.
18.
19. =========================
20.
21.
22.
23. ====== Entrée(s) du registre ======
24.
25.
26. [HKLM\Software\Classes\AppID\{C41C967C-1BD4-404c-8393-A34F94156193}]
27. ""="BearShare" (REG_SZ)
28.
29. [HKLM\Software\Classes\Applications\BearShareSetup (2).exe]
30. DA: 05/07/2014 16:36:26
31.
32. [HKLM\Software\Classes\Applications\BearShareSetup-r702-w-bc (1).exe]
33. DA: 05/07/2014 16:36:26
34.
35. [HKLM\Software\Classes\AudioCD\shell]
36. "MPlayer2.BAK"="PlayWithBearShare" (REG_SZ)
37.
38. [HKLM\Software\Classes\TypeLib\{C4C4F1F4-3074-4CB6-9FB8-0A64273166F0}\1.0\0\win32]
39. ""="C:\Program Files\BearShare Applications\BearShare\ImageUploader5.ocx" (REG_SZ)
40.
41. [HKLM\Software\Microsoft\ESENT\Process\BearShare]
42. DA: 04/07/2014 08:49:27
43.
44. [HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0ABE0FED-50E7-4e42-A125-57C0A11DBCDE}]
45. "AppName"="BearShare.exe" (REG_SZ)
46.
47. [HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0ABE0FED-50E7-4e42-A125-57C0A11DBCDE}]
48. "AppPath"="C:\Program Files\BearShare Applications\BearShare" (REG_SZ)
49.
50. [HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\bearsharemusicboxtoolbarGC]
51. DA: 18/07/2014 10:26:28
52.
53. [HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\bearsharemusicboxtoolbarIE]
54. DA: 18/07/2014 10:26:28
55.
56. [HKLM\Software\RegisteredApplications]
57. "BearShare"="SOFTWARE\BearShare\Capabilities" (REG_SZ)
58.
59. [HKLM\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
60. "C:\Program Files\BearShare Applications\BearShare\BearShare.exe"="C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare" (REG_SZ)
61.
62. [HKLM\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
63. "C:\Program Files\BearShare Applications\BearShare\BearShare.exe"="C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare" (REG_SZ)
64.
65. [HKLM\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
66. "C:\Program Files\BearShare Applications\BearShare\BearShare.exe"="C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare" (REG_SZ)
67.
68. [HKLM\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
69. "C:\Program Files\BearShare Applications\BearShare\BearShare.exe"="C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Disabled:BearShare" (REG_SZ)
70.
71. [HKLM\System\ControlSet004\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
72. "C:\Program Files\BearShare Applications\BearShare\BearShare.exe"="C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare" (REG_SZ)
73.
74. [HKLM\System\ControlSet004\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
75. "C:\Program Files\BearShare Applications\BearShare\BearShare.exe"="C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Disabled:BearShare" (REG_SZ)
76.
77. [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
78. "C:\Program Files\BearShare Applications\BearShare\BearShare.exe"="C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare" (REG_SZ)
79.
80. [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
81. "C:\Program Files\BearShare Applications\BearShare\BearShare.exe"="C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Disabled:BearShare" (REG_SZ)
82.
83. [HKU\S-1-5-21-789336058-1801674531-839522115-1004\Software\BearShare]
84. DA: 19/07/2014 12:23:15
85.
86. =========================
87.
88. Fin à: 15:59:06 le 19/07/2014
89. 140465 Éléments analysés
90.
91. =========================
92. E.O.F
Salut,
voila le rapport:
1. ========================= SEAF 1.0.1.0 - C_XX
2.
3. Commencé à: 15:57:54 le 19/07/2014
4.
5. Valeur(s) recherchée(s):
6. bearshare
7.
8. Légende: TC = Date de création, TM = Date de modification, DA = Dernier accès
9.
10. (!) --- Recherche registre
11.
12. ====== Fichier(s) ======
13.
14.
15. "C:\Documents and Settings\admin\Bureau\BearShare.lnk" [ ARCHIVE | 885 o ]
16. TC: 28/08/2013,11:18:15 | TM: 28/08/2013,11:18:15 | DA: 19/07/2014,11:47:22
17.
18.
19. =========================
20.
21.
22.
23. ====== Entrée(s) du registre ======
24.
25.
26. [HKLM\Software\Classes\AppID\{C41C967C-1BD4-404c-8393-A34F94156193}]
27. ""="BearShare" (REG_SZ)
28.
29. [HKLM\Software\Classes\Applications\BearShareSetup (2).exe]
30. DA: 05/07/2014 16:36:26
31.
32. [HKLM\Software\Classes\Applications\BearShareSetup-r702-w-bc (1).exe]
33. DA: 05/07/2014 16:36:26
34.
35. [HKLM\Software\Classes\AudioCD\shell]
36. "MPlayer2.BAK"="PlayWithBearShare" (REG_SZ)
37.
38. [HKLM\Software\Classes\TypeLib\{C4C4F1F4-3074-4CB6-9FB8-0A64273166F0}\1.0\0\win32]
39. ""="C:\Program Files\BearShare Applications\BearShare\ImageUploader5.ocx" (REG_SZ)
40.
41. [HKLM\Software\Microsoft\ESENT\Process\BearShare]
42. DA: 04/07/2014 08:49:27
43.
44. [HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0ABE0FED-50E7-4e42-A125-57C0A11DBCDE}]
45. "AppName"="BearShare.exe" (REG_SZ)
46.
47. [HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0ABE0FED-50E7-4e42-A125-57C0A11DBCDE}]
48. "AppPath"="C:\Program Files\BearShare Applications\BearShare" (REG_SZ)
49.
50. [HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\bearsharemusicboxtoolbarGC]
51. DA: 18/07/2014 10:26:28
52.
53. [HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\bearsharemusicboxtoolbarIE]
54. DA: 18/07/2014 10:26:28
55.
56. [HKLM\Software\RegisteredApplications]
57. "BearShare"="SOFTWARE\BearShare\Capabilities" (REG_SZ)
58.
59. [HKLM\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
60. "C:\Program Files\BearShare Applications\BearShare\BearShare.exe"="C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare" (REG_SZ)
61.
62. [HKLM\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
63. "C:\Program Files\BearShare Applications\BearShare\BearShare.exe"="C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare" (REG_SZ)
64.
65. [HKLM\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
66. "C:\Program Files\BearShare Applications\BearShare\BearShare.exe"="C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare" (REG_SZ)
67.
68. [HKLM\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
69. "C:\Program Files\BearShare Applications\BearShare\BearShare.exe"="C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Disabled:BearShare" (REG_SZ)
70.
71. [HKLM\System\ControlSet004\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
72. "C:\Program Files\BearShare Applications\BearShare\BearShare.exe"="C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare" (REG_SZ)
73.
74. [HKLM\System\ControlSet004\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
75. "C:\Program Files\BearShare Applications\BearShare\BearShare.exe"="C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Disabled:BearShare" (REG_SZ)
76.
77. [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
78. "C:\Program Files\BearShare Applications\BearShare\BearShare.exe"="C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare" (REG_SZ)
79.
80. [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
81. "C:\Program Files\BearShare Applications\BearShare\BearShare.exe"="C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Disabled:BearShare" (REG_SZ)
82.
83. [HKU\S-1-5-21-789336058-1801674531-839522115-1004\Software\BearShare]
84. DA: 19/07/2014 12:23:15
85.
86. =========================
87.
88. Fin à: 15:59:06 le 19/07/2014
89. 140465 Éléments analysés
90.
91. =========================
92. E.O.F
FLTL_BYMad57
FLTL_BY2011N2