lenteur anormale arrêt pc xp

Accélérer son PC et résoudre les problèmes de lenteur PC et Windows

Modérateur : Mods Windows

Avatar de l’utilisateur
biofenouil
Messages : 232
Inscription : 20 avr. 2008 18:28

lenteur anormale arrêt pc xp

par biofenouil »

Salut
depuis quelques temps le pc prend du temps, voire trop de temps
à s'arreter il reste bloqué sur enregistrement de vos paramètres (3 à 5 mn )
j'ai tenté de faire son entretien classique notamment c'cleaner
mais cela n'a rien changé
merci pour les conseils
SkyTech

Re: lenteur anormale arrêt pc xp

par SkyTech »

Salut,

Pour voir :


* Télécharge >> OTL <<sur ton bureau.

* Fait un double-clic sur l'icône d'OTL pour le lancer
/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

* Assure toi d'avoir fermé toutes les applications en court de fonctionnement.

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case "Rapport minimal" soit cochée.

* Copies et colles le contenue de cette citation dans la partie inférieure d'OTL "Personnalisation"
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%temp%\*.exe /s
%SYSTEMDRIVE%\*.exe
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
/md5start
explorer.exe
winlogon.exe
wininit.exe
/md5stop
HKEY_LOCAL_MACHINE\SYSTEM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters /s
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems /s
CREATERESTOREPOINT
nslookup http://www.google.fr /c
SAVEMBR:0
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs

* Cliques sur l'icône "Analyse" (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan un ou deux rapports vont s'ouvrir "OTL.Txt" et ( ou ) "Extras.Txt"( dans certains cas).
* Copie et colle le ou les rapports dans ta réponse stp...
* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés
Avatar de l’utilisateur
biofenouil
Messages : 232
Inscription : 20 avr. 2008 18:28

Re: lenteur anormale arrêt pc xp

par biofenouil »

merci...
OTL logfile created on: 01/02/2012 18:20:00 - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Olivier\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 1,56 Gb Available Physical Memory | 77,79% Memory free
3,35 Gb Paging File | 3,00 Gb Available in Paging File | 89,50% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 76,68 Gb Total Space | 25,24 Gb Free Space | 32,92% Space Free | Partition Type: NTFS
Drive D: | 663,20 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: BASECENTRALE | User Name: Olivier | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Olivier\Bureau\OTL.exe (OldTimer Tools)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)


========== Modules (No Company Name) ==========

MOD - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA ()
MOD - C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll ()
MOD - C:\WINDOWS\system32\pdfcmnnt.dll ()


========== Win32 Services (SafeList) ==========

SRV - (AppMgmt) -- File not found
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirWebService) -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (CobianBackupAmanita) -- C:\Program Files\Cobian Backup 9\cbService.exe (Luis Cobian)
SRV - (UserAccess7) SecuROM User Access Service (V7) -- C:\WINDOWS\system32\UAService7.exe (Sony DADC Austria AG.)
SRV - (IDriverT) -- C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe (Macrovision Corporation)


========== Driver Services (SafeList) ==========

DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)
DRV - (avkmgr) -- C:\WINDOWS\system32\drivers\avkmgr.sys (Avira GmbH)
DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH)
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (FsUsbExDisk) -- C:\WINDOWS\system32\FsUsbExDisk.Sys ()
DRV - (ss_bmdm) -- C:\WINDOWS\system32\drivers\ss_bmdm.sys (MCCI Corporation)
DRV - (ss_bbus) SAMSUNG USB Mobile Device (WDM) -- C:\WINDOWS\system32\drivers\ss_bbus.sys (MCCI)
DRV - (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter) -- C:\WINDOWS\system32\drivers\ss_bmdfl.sys (MCCI Corporation)
DRV - (ss_mdm) -- C:\WINDOWS\system32\drivers\ss_mdm.sys (MCCI Corporation)
DRV - (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM) -- C:\WINDOWS\system32\drivers\ss_bus.sys (MCCI Corporation)
DRV - (ss_mdfl) -- C:\WINDOWS\system32\drivers\ss_mdfl.sys (MCCI Corporation)
DRV - (fssfltr) -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys (Microsoft Corporation)
DRV - (videX32) -- C:\WINDOWS\system32\DRIVERS\videX32.sys (VIA Technologies, Inc.)
DRV - (s0017mdm) -- C:\WINDOWS\system32\drivers\s0017mdm.sys (MCCI Corporation)
DRV - (s0017unic) Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM) -- C:\WINDOWS\system32\drivers\s0017unic.sys (MCCI Corporation)
DRV - (s0017mgmt) Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM) -- C:\WINDOWS\system32\drivers\s0017mgmt.sys (MCCI Corporation)
DRV - (s0017obex) -- C:\WINDOWS\system32\drivers\s0017obex.sys (MCCI Corporation)
DRV - (s0017bus) Sony Ericsson Device 0017 driver (WDM) -- C:\WINDOWS\system32\drivers\s0017bus.sys (MCCI Corporation)
DRV - (s0017nd5) Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS) -- C:\WINDOWS\system32\drivers\s0017nd5.sys (MCCI Corporation)
DRV - (s0017mdfl) -- C:\WINDOWS\system32\drivers\s0017mdfl.sys (MCCI Corporation)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation)
DRV - (seehcri) -- C:\WINDOWS\system32\drivers\seehcri.sys (Sony Ericsson Mobile Communications)
DRV - (pccsmcfd) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys (Nokia)
DRV - (StarOpen) -- C:\WINDOWS\System32\drivers\StarOpen.sys ()
DRV - (sfvfs02) StarForce Protection VFS Driver (version 2.x) -- C:\WINDOWS\System32\drivers\sfvfs02.sys (Protection Technology)
DRV - (sfsync02) StarForce Protection Synchronization Driver (version 2.x) -- C:\WINDOWS\System32\drivers\sfsync02.sys (Protection Technology)
DRV - (sfdrv01) StarForce Protection Environment Driver (version 1.x) -- C:\WINDOWS\System32\drivers\sfdrv01.sys (Protection Technology)
DRV - (LHidKe) -- C:\WINDOWS\system32\drivers\LHidKE.Sys (Logitech, Inc.)
DRV - (LMouKE) -- C:\WINDOWS\system32\drivers\LMouKE.Sys (Logitech, Inc.)
DRV - (L8042Kbd) -- C:\WINDOWS\system32\drivers\L8042Kbd.sys (Logitech, Inc.)
DRV - (sfhlp02) StarForce Protection Helper Driver (version 2.x) -- C:\WINDOWS\System32\drivers\sfhlp02.sys (Protection Technology)
DRV - (SSHDRV65) -- C:\WINDOWS\system32\drivers\SSHDRV65.sys ()
DRV - (viasraid) -- C:\WINDOWS\System32\DRIVERS\viasraid.sys (VIA Technologies inc,.ltd)
DRV - (viaagp1) -- C:\WINDOWS\System32\DRIVERS\viaagp1.sys (VIA Technologies, Inc.)
DRV - (Aspi32) -- C:\WINDOWS\System32\drivers\aspi32.sys (Adaptec)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search bar = http://search.msn.com/spbasic.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)



O1 HOSTS File: ([2010/01/19 21:55:25 | 000,000,927 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonScripts = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffScripts = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupScripts = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonScripts = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffScripts = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupScripts = 0
O8 - Extra context menu item: Télécharger avec Star Downloader - C:\Program Files\Star Downloader\sdie.htm ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O15 - HKCU\..Trusted Domains: ([]msn in My Computer)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} http://office.microsoft.com/officeupdat ... /opuc3.cab (Office Update Installation Engine)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} http://v4.windowsupdate.microsoft.com/C ... 4591203704 (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{538078F8-B2B1-440C-B054-B968E63CB8D6}: NameServer = 212.27.40.240,212.27.40.241
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Olivier\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Olivier\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/03/23 18:53:22 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2003/08/11 23:55:04 | 000,000,145 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\D\Shell - "" = AutoRun
O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\Setup\rsrc\AUTORUN.EXE -- [2000/01/18 01:28:36 | 000,028,672 | R--- | M] (Dipl.-Ing. Stefan Krueger <[email protected]>)
O33 - MountPoints2\D\Shell\dinstall\command - "" = D:\DirectX\dxsetup.exe -- [2003/06/02 01:47:20 | 000,467,456 | R--- | M] (Microsoft Corporation)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 0

SafeBootMin: 91040153.sys - Driver
SafeBootMin: AppMgmt - File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: 91040153.sys - Driver
SafeBootNet: AppMgmt - File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: SYMTDI - Service
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: UploadMgr - Service
SafeBootNet: vga.sys - Driver
SafeBootNet: vsmon - Service
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {0213C6AF-5562-4D09-884C-2ADCFC8C2F35} - Microsoft .NET Framework 1.1 Security Update (KB2656353)
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608555} - Internet Explorer Classes for Java
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Rendu VML (Vector Graphics Rendering)
ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 10.1
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {2298d453-bcae-4519-bf33-1cbf3faf1524} - Q867801
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Macromedia Shockwave Director 10.1.1
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Macromedia Shockwave Director 10.1.1
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2cc9d512-6db6-4f1c-8979-9a41fae88de0} - Q837009
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Liaison de données Dynamic HTML pour Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {3e7bb08a-a7a3-4692-8eac-ac5e7895755b} - KB834707
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Création avancée
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015C} - Microsoft DirectX
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Classes Java DirectAnimation
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7
ActiveX: {55C1E081-7975-EDC4-1077-18F6F3F1A1A9} - NetShow
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5f3c70b3-ac2f-432c-8f9c-1624df61f54f} - Microsoft Data Access Components KB870669
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {795d0712-722c-43ec-906a-fc5e678eada9} - Q831167
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {abcdf74f-9a64-4e6e-b8eb-6e5a41de6550} -
ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Planificateur de tâches
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {eddbec60-89cb-44ef-8291-0850fd28ff6a} - Q832894
ActiveX: {f5173cf0-1dfb-4978-8e50-a90169ee7ca9} - Q823353
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

Drivers32: MIDI1 - C:\WINDOWS\System32\Syncor11.dll (SoundMAX)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.dll (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.SP55 - SP5X_32.DLL File not found
Drivers32: VIDC.SP56 - SP5X_32.DLL File not found
Drivers32: VIDC.SP57 - SP5X_32.DLL File not found
Drivers32: VIDC.SP58 - SP5X_32.DLL File not found
Drivers32: wave1 - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

File not found -- C:\WINDOWS\System32\
[2012/02/01 18:18:22 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Olivier\Bureau\OTL.exe
[2012/02/01 13:36:43 | 001,327,512 | ---- | C] (C_XX) -- C:\Documents and Settings\Olivier\Bureau\C_XX_AD-R.exe
[2012/01/29 15:29:21 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Olivier\Recent
[2010/12/12 19:38:10 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\Documents and Settings\All Users\Application Data\hpe21.dll
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

File not found -- C:\WINDOWS\System32\
[2012/02/01 18:22:07 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012/02/01 18:18:26 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Olivier\Bureau\OTL.exe
[2012/02/01 18:12:04 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/02/01 18:10:02 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/02/01 14:18:51 | 000,000,275 | ---- | M] () -- C:\Documents and Settings\Olivier\Application Data\Microsoft\Internet Explorer\Quick Launch\Webmail Zimbra Free.fr.url
[2012/02/01 13:36:44 | 001,327,512 | ---- | M] (C_XX) -- C:\Documents and Settings\Olivier\Bureau\C_XX_AD-R.exe
[2012/02/01 13:13:00 | 000,001,018 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-789336058-1085031214-839522115-1007UA.job
[2012/01/22 22:13:00 | 000,000,996 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-789336058-1085031214-839522115-1007Core.job
[2012/01/20 21:37:13 | 000,510,650 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2012/01/20 21:37:13 | 000,441,444 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/01/20 21:37:13 | 000,085,750 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2012/01/20 21:37:13 | 000,071,762 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/02/01 18:22:07 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012/01/14 22:08:44 | 000,001,018 | ---- | C] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-789336058-1085031214-839522115-1007UA.job
[2012/01/14 22:08:42 | 000,000,996 | ---- | C] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-789336058-1085031214-839522115-1007Core.job
[2011/12/14 18:02:53 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\Olivier\Application Data\tdscszuuxkgor2dt.dat
[2011/11/16 18:22:35 | 000,000,347 | ---- | C] () -- C:\WINDOWS\CODUO.ini
[2011/11/09 17:03:12 | 000,000,745 | ---- | C] () -- C:\WINDOWS\COD.INI
[2011/09/24 18:41:45 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2011/09/24 16:19:41 | 000,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2010/07/22 18:47:06 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LauncherAccess.dt
[2010/07/15 20:17:55 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2010/07/15 20:17:55 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2010/07/15 20:17:44 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Olivier\Application Data\$_hpcst$.hpc
[2009/05/17 09:59:31 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\Olivier\Local Settings\Application Data\fusioncache.dat
[2009/05/17 09:52:08 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\Olivier\Application Data\PnkBstrK.sys
[2008/06/04 21:28:02 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\msssc.dll
[2008/05/12 16:22:31 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativvaxx.dat
[2008/05/12 16:22:31 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2008/05/12 16:22:31 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2008/04/20 17:08:39 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2008/04/20 17:08:39 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2008/04/20 17:08:39 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2008/04/20 17:08:39 | 000,049,152 | ---- | C] () -- C:\WINDOWS\VFind.exe
[2008/04/03 20:55:04 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2008/03/26 17:05:04 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2008/03/25 21:12:06 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2008/03/25 07:46:25 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2008/03/12 23:53:25 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2008/03/06 15:24:57 | 000,168,883 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2008/03/05 19:48:45 | 000,000,024 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2008/02/10 19:17:33 | 000,000,116 | ---- | C] () -- C:\WINDOWS\ConverterCore.INI
[2007/12/06 22:21:24 | 000,118,784 | R--- | C] () -- C:\WINDOWS\bwUnin-7.2.0.137-8876480SL.exe
[2007/10/25 16:26:10 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2007/07/02 20:02:47 | 000,002,650 | ---- | C] () -- C:\Documents and Settings\Olivier\Application Data\QuickZip45.ini
[2007/03/26 10:45:18 | 000,071,208 | ---- | C] () -- C:\WINDOWS\System32\PhysXLoader.dll
[2007/02/20 14:59:08 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2007/02/20 14:59:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2007/02/20 14:59:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2007/02/20 14:59:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2007/02/20 14:59:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2007/02/20 14:59:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2007/02/20 14:59:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2007/02/20 14:59:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2007/02/20 14:59:04 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2007/01/15 19:16:34 | 000,013,396 | ---- | C] () -- C:\WINDOWS\System32\drivers\MTiCtwl.sys
[2006/12/20 14:16:21 | 000,000,202 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006/12/03 17:45:20 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2006/10/27 07:26:56 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\vuins32.dll
[2006/10/16 13:54:43 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\FileOps.exe
[2006/02/24 18:25:32 | 000,001,311 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2006/01/22 12:01:33 | 000,092,240 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
[2006/01/22 12:01:33 | 000,001,136 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat
[2006/01/22 12:01:33 | 000,001,120 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_IT.dat
[2006/01/22 12:01:33 | 000,001,107 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_GE.dat
[2006/01/22 12:01:33 | 000,000,099 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2006/01/22 12:01:32 | 000,026,154 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
[2006/01/22 12:01:32 | 000,024,903 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat
[2006/01/22 12:01:32 | 000,021,390 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat
[2006/01/22 12:01:32 | 000,020,148 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
[2006/01/22 12:01:32 | 000,011,811 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat
[2006/01/22 12:01:32 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat
[2006/01/22 12:01:32 | 000,001,146 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_DU.dat
[2006/01/22 12:01:32 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat
[2006/01/22 12:01:32 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat
[2006/01/22 12:01:32 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat
[2006/01/22 12:01:32 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat
[2006/01/22 12:01:32 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat
[2006/01/22 11:39:34 | 000,000,025 | ---- | C] () -- C:\WINDOWS\CDE DX3800EFGIPSD.ini
[2006/01/09 20:24:42 | 000,000,067 | ---- | C] () -- C:\WINDOWS\StationRipper.INI
[2005/10/24 16:17:21 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\uninscpw.exe
[2005/10/15 17:30:32 | 000,000,462 | ---- | C] () -- C:\WINDOWS\hegames.ini
[2005/09/26 17:29:38 | 000,030,464 | ---- | C] () -- C:\WINDOWS\macromix.dll
[2005/09/25 18:11:25 | 000,000,018 | ---- | C] () -- C:\WINDOWS\TU_V2.INI
[2005/09/25 18:07:03 | 000,000,043 | ---- | C] () -- C:\WINDOWS\Lecture GS.ini
[2005/09/25 17:55:59 | 000,000,390 | ---- | C] () -- C:\WINDOWS\QTW.INI
[2005/09/02 14:51:43 | 000,008,419 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2005/08/08 18:14:23 | 000,000,034 | ---- | C] () -- C:\WINDOWS\Kit.ini
[2004/11/27 14:37:51 | 000,000,219 | ---- | C] () -- C:\WINDOWS\satmat.ini
[2004/11/06 00:16:44 | 000,049,152 | ---- | C] () -- C:\WINDOWS\Iniexpander.exe
[2004/10/04 21:39:43 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\xmltok.dll
[2004/10/04 21:39:43 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\xmlparse.dll
[2004/09/13 21:08:47 | 000,016,947 | ---- | C] () -- C:\WINDOWS\System32\lsrc.dll
[2004/09/12 13:26:45 | 000,000,232 | ---- | C] () -- C:\WINDOWS\Edmark.INI
[2004/09/12 13:26:44 | 000,000,144 | ---- | C] () -- C:\WINDOWS\INDEO.INI
[2004/09/12 13:26:43 | 000,002,574 | ---- | C] () -- C:\WINDOWS\WAVEMIX.INI
[2004/09/12 12:09:22 | 000,000,045 | ---- | C] () -- C:\WINDOWS\JDDHNMII.ini
[2004/09/01 20:11:25 | 000,120,320 | ---- | C] () -- C:\WINDOWS\System32\drivers\SSHDRV65.sys
[2004/08/31 18:57:46 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2004/08/31 18:57:46 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2004/08/31 18:57:46 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2004/08/02 14:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/02 11:20:16 | 000,012,288 | ---- | C] () -- C:\WINDOWS\impborl.dll
[2004/05/29 19:42:33 | 000,000,191 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2004/05/03 19:30:37 | 000,000,517 | ---- | C] () -- C:\WINDOWS\TSC.INI
[2004/05/03 18:40:54 | 000,000,170 | ---- | C] () -- C:\WINDOWS\GetServer.ini
[2004/04/16 10:46:47 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004/04/02 08:26:22 | 000,253,952 | ---- | C] () -- C:\WINDOWS\System32\PDFSpooler.exe
[2004/03/29 18:56:12 | 000,040,960 | ---- | C] () -- C:\Documents and Settings\Olivier\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2004/03/29 17:48:47 | 000,000,482 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004/03/24 21:31:20 | 000,000,062 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2004/03/23 22:55:22 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2004/03/23 19:59:48 | 000,002,894 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2004/03/23 18:55:11 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/03/23 18:51:06 | 000,023,032 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/03/23 18:42:52 | 000,004,207 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/03/23 18:41:56 | 000,259,840 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2002/08/30 13:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2002/08/30 13:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2002/08/30 13:00:00 | 000,510,650 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat
[2002/08/30 13:00:00 | 000,441,444 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2002/08/30 13:00:00 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat
[2002/08/30 13:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2002/08/30 13:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2002/08/30 13:00:00 | 000,085,750 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat
[2002/08/30 13:00:00 | 000,071,762 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2002/08/30 13:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2002/08/30 13:00:00 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat
[2002/08/30 13:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2002/08/30 13:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2002/08/30 13:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2002/08/30 13:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2002/04/11 19:47:52 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\msmscoin.dll
[2001/10/28 16:42:30 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[1999/07/23 12:46:48 | 000,000,116 | ---- | C] () -- C:\WINDOWS\AuHCcup1.ini
[1999/07/23 09:53:20 | 000,129,536 | ---- | C] () -- C:\WINDOWS\AuHCcup1.dll
[1999/01/22 19:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[1996/08/26 01:12:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\QTWMCI32.DLL

========== Custom Scans ==========


< %ALLUSERSPROFILE%\Application Data\*. >
[2011/06/22 16:05:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2011/12/14 23:38:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avira
[2008/10/15 19:36:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Blizzard
[2010/12/12 19:43:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2006/01/30 13:10:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Groove Games
[2006/09/17 18:51:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Lucasarts
[2010/01/19 22:16:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/07/21 13:52:22 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2005/09/15 14:47:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSN6
[2010/07/15 20:24:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2010/08/23 12:42:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Real
[2010/07/22 18:11:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung
[2004/03/29 17:56:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SBT
[2011/09/24 15:16:31 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data\SecuROM
[2010/12/12 19:37:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony Ericsson
[2010/01/31 18:39:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sun
[2006/07/21 13:15:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2008/01/05 23:11:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WLInstaller

< %ALLUSERSPROFILE%\Application Data\*.exe /s >
[2012/01/03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\ARM\Reader_10.1.1\12437\AcrobatUpdater.exe
[2012/01/03 08:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\ARM\Reader_10.1.1\12437\AdobeARM.exe
[2012/01/03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\ARM\Reader_10.1.1\12437\AdobeARMHelper.exe
[2012/01/03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\ARM\Reader_10.1.1\12437\ReaderUpdater.exe
[2010/09/21 19:37:40 | 000,338,856 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\Reader\9.3\ARM\10499\AcrobatUpdater.exe
[2010/09/21 19:37:40 | 000,932,288 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\Reader\9.3\ARM\10499\AdobeARM.exe
[2010/09/21 19:37:40 | 000,338,856 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\Reader\9.3\ARM\10499\ReaderUpdater.exe
[2012/01/29 15:42:02 | 010,847,608 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe

< %APPDATA%\*. >
[2011/06/07 19:15:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Olivier\Application Data\Adobe
[2008/05/16 23:24:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Olivier\Application Data\AdobeUM
[2006/12/20 11:48:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Olivier\Application Data\Ahead
[2007/06/24 14:33:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Olivier\Application Data\ATI
[2011/12/14 23:43:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Olivier\Application Data\Avira
[2009/12/22 22:32:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Olivier\Application Data\Command & Conquer 3 Les guerres du Tiberium
[2010/07/26 18:47:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Olivier\Application Data\dvdcss
[2006/01/31 09:05:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Olivier\Application Data\EPSON
[2011/10/26 15:28:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Olivier\Application Data\foobar2000
[2010/11/07 18:13:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Olivier\Application Data\FreeAudioPack
[2005/11/05 18:02:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Olivier\Application Data\Grisbi
[2005/11/22 14:43:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Olivier\Application Data\Help
[2007/03/18 17:04:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Olivier\Application Data\Identities
[2007/12/06 22:26:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Olivier\Application Data\Logitech
[2007/11/07 17:23:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Olivier\Application Data\Macromedia
[2010/01/19 22:16:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Olivier\Application Data\Malwarebytes
[2011/06/07 19:15:03 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Olivier\Application Data\Microsoft
[2010/04/09 19:35:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Olivier\Application Data\Microsoft Games
[2009/09/13 13:56:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Olivier\Application Data\MSN6
[2010/07/15 20:24:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Olivier\Application Data\PC Suite
[2005/10/24 18:28:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Olivier\Application Data\PDFCreator
[2009/09/11 19:37:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Olivier\Application Data\Real
[2010/07/22 20:56:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Olivier\Application Data\Samsung
[2006/02/01 20:46:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Olivier\Application Data\SecuROM
[2008/04/20 16:17:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Olivier\Application Data\Sun
[2011/04/03 14:13:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Olivier\Application Data\vlc

< %APPDATA%\*.exe /s >
[2006/08/26 16:58:41 | 000,015,872 | R--- | M] () -- C:\Documents and Settings\Olivier\Application Data\Microsoft\Installer\{048298C9-A4D3-490B-9FF9-AB023A9238F3}\Icon048298C9.exe
[2010/02/06 16:55:07 | 000,003,774 | R--- | M] () -- C:\Documents and Settings\Olivier\Application Data\Microsoft\Installer\{5F82B545-AE13-45ED-A8A2-67E56F3165BC}\_100e4822.exe
[2010/02/06 16:55:07 | 000,003,774 | R--- | M] () -- C:\Documents and Settings\Olivier\Application Data\Microsoft\Installer\{5F82B545-AE13-45ED-A8A2-67E56F3165BC}\_687dba.exe
[2007/06/22 22:38:42 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Olivier\Application Data\Microsoft\Installer\{987F2E66-35EC-D7CC-02E0-6F7094D35B71}\ARPPRODUCTICON.exe

< %temp%\*.exe /s >

< %SYSTEMDRIVE%\*.exe >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2008/03/24 22:08:03 | 001,835,008 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2008/03/24 21:55:46 | 000,262,144 | ---- | M] () -- C:\WINDOWS\System32\config\security.sav
[2008/03/24 22:08:03 | 023,592,960 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2008/03/24 22:08:03 | 007,340,032 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav


< MD5 for: EXPLORER.EXE >
[2011/12/14 19:33:26 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=2A7BD330924252A2FD80344FC949BB72 -- C:\WINDOWS\explorer.exe
[2011/12/14 19:33:26 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=2A7BD330924252A2FD80344FC949BB72 -- C:\WINDOWS\system32\dllcache\explorer.exe
[2007/06/13 14:10:53 | 001,037,312 | ---- | M] (Microsoft Corporation) MD5=B795475444D6D57A572C14B9E1A29839 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2008/04/14 03:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe

< MD5 for: WINLOGON.EXE >
[2011/12/24 17:50:20 | 000,182,856 | ---- | M] () MD5=B382935AB01B27D0E14F267DBF288896 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008/04/14 03:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/14 03:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\system32\winlogon.exe

< HKEY_LOCAL_MACHINE\SYSTEM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters /s >

< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems /s >
"Debug" =
"Kmode" = %SystemRoot%\system32\win32k.sys -- [2011/11/23 15:40:17 | 001,859,712 | ---- | M] (Microsoft Corporation)
"Optional" = Posix [binary data]
"Posix" = %SystemRoot%\system32\psxss.exe
"Required" = DebugWindows [binary data]
"Windows" = %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\CSRSS]
"CsrSrvSharedSectionBase" = 2137980928

< nslookup http://www.google.fr /c >
Serveur : dns1.proxad.net
Address: 212.27.40.240

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/11/04 12:24:17 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2011/11/04 12:24:17 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2011/11/04 12:24:17 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/11/04 12:24:17 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2011/11/04 12:24:17 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2011/11/04 12:24:17 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)

< >

< >

========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\WINDOWS\$NtUninstallKB59996$] -> Error: Cannot create file handle -> Unknown point type

< End of report >
SkyTech

Re: lenteur anormale arrêt pc xp

par SkyTech »

Re,

Télécharge & exécute le regfix en pièce jointe.
xp_fast_down.reg
---

Relance OTL.
o sous Peronnalisation, copie_colle le contenu du cadre ci dessous et clic Correction, un rapport apparraitra suite à l’operation que tu conserveras sur clé usb par exemple afin d’en coller le resultat:
:OTL
SRV - (AppMgmt) -- File not found
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - mswsock.dll File not found
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} http://v4.windowsupdate.microsoft.com/C ... 4591203704 (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
[2010/12/12 19:38:10 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\Documents and Settings\All Users\Application Data\hpe21.dll
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2012/02/01 13:13:00 | 000,001,018 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-789336058-1085031214-839522115-1007UA.job
[2012/01/22 22:13:00 | 000,000,996 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-789336058-1085031214-839522115-1007Core.job
[2011/12/14 18:02:53 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\Olivier\Application Data\tdscszuuxkgor2dt.dat
[2011/10/26 15:28:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Olivier\Application Data\foobar2000
:commands
[purity]
[emptytemp]
[emptyflash]
* redemarre le pc sous windows et poste le rapport ici
Vous ne pouvez pas consulter les pièces jointes insérées à ce message.
SkyTech

Re: lenteur anormale arrêt pc xp

par SkyTech »

As-tu des redirections lors de la navigation ?
Avatar de l’utilisateur
biofenouil
Messages : 232
Inscription : 20 avr. 2008 18:28

Re: lenteur anormale arrêt pc xp

par biofenouil »

non en ce qui concerne la navigation
par contre en décembre j'ai attrapé le virus Gendarmerie après les conseils de Malekal
j'ai pu récupérer le control du pc (ouf)
mais depuis, j'ai des alertes d'antivir ce soir encore avec TR/atraps.gen2, TR/offend.kd, TR/crypt.epack.gen
mais bon pour cela je suppose que je dois changer de forum
dis moi

sinon rapport OTL

All processes killed
Error: Unable to interpret <SRV - (AppMgmt) -- File not found> in the current context!
Error: Unable to interpret <O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.> in the current context!
Error: Unable to interpret <O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.> in the current context!
Error: Unable to interpret <O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.> in the current context!
Error: Unable to interpret <O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - mswsock.dll File not found> in the current context!
Error: Unable to interpret <O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - mswsock.dll File not found> in the current context!
Error: Unable to interpret <O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - mswsock.dll File not found> in the current context!
Error: Unable to interpret <O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - mswsock.dll File not found> in the current context!
Error: Unable to interpret <O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - mswsock.dll File not found> in the current context!
Error: Unable to interpret <O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - mswsock.dll File not found> in the current context!
Error: Unable to interpret <O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - mswsock.dll File not found> in the current context!
Error: Unable to interpret <O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - mswsock.dll File not found> in the current context!
Error: Unable to interpret <O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - mswsock.dll File not found> in the current context!
Error: Unable to interpret <O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - mswsock.dll File not found> in the current context!
Error: Unable to interpret <O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - mswsock.dll File not found> in the current context!
Error: Unable to interpret <O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - mswsock.dll File not found> in the current context!
Error: Unable to interpret <O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - mswsock.dll File not found> in the current context!
Error: Unable to interpret <O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - mswsock.dll File not found> in the current context!
Error: Unable to interpret <O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - mswsock.dll File not found> in the current context!
Error: Unable to interpret <O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - mswsock.dll File not found> in the current context!
Error: Unable to interpret <O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - mswsock.dll File not found> in the current context!
Error: Unable to interpret <O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - mswsock.dll File not found> in the current context!
Error: Unable to interpret <O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - mswsock.dll File not found> in the current context!
Error: Unable to interpret <O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} http://v4.windowsupdate.microsoft.com/C ... 4591203704 (Reg Error: Key error.)> in the current context!
Error: Unable to interpret <O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)> in the current context!
Error: Unable to interpret <O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)> in the current context!
Error: Unable to interpret <O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)> in the current context!
Error: Unable to interpret <[2010/12/12 19:38:10 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\Documents and Settings\All Users\Application Data\hpe21.dll> in the current context!
Error: Unable to interpret <[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]> in the current context!
Error: Unable to interpret <[2012/02/01 13:13:00 | 000,001,018 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-789336058-1085031214-839522115-1007UA.job> in the current context!
Error: Unable to interpret <[2012/01/22 22:13:00 | 000,000,996 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-789336058-1085031214-839522115-1007Core.job> in the current context!
Error: Unable to interpret <[2011/12/14 18:02:53 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\Olivier\Application Data\tdscszuuxkgor2dt.dat> in the current context!
Error: Unable to interpret <[2011/10/26 15:28:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Olivier\Application Data\foobar2000> in the current context!
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrateur
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: All Users

User: Canelle
->Temp folder emptied: 716 bytes
->Temporary Internet Files folder emptied: 5013252 bytes
->Java cache emptied: 218240 bytes
->Flash cache emptied: 470 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 2855256 bytes
->Java cache emptied: 0 bytes

User: NetworkService
->Temp folder emptied: 91213684 bytes
->Temporary Internet Files folder emptied: 39361555 bytes

User: Olivier
->Temp folder emptied: 11678720 bytes
->Temporary Internet Files folder emptied: 5461272 bytes
->Java cache emptied: 200704 bytes
->Flash cache emptied: 814 bytes

User: Philippine
->Temp folder emptied: 10443297 bytes
->Temporary Internet Files folder emptied: 141474547 bytes
->Java cache emptied: 427150 bytes
->Flash cache emptied: 487 bytes

User: Sandrine
->Temp folder emptied: 1883378 bytes
->Temporary Internet Files folder emptied: 68408958 bytes
->Java cache emptied: 37674027 bytes
->Flash cache emptied: 487 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 155648 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 664 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 67335560 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33726 bytes
RecycleBin emptied: 150274 bytes

Total Files Cleaned = 462,00 mb


[EMPTYFLASH]

User: Administrateur

User: All Users

User: Canelle
->Flash cache emptied: 0 bytes

User: Default User

User: LocalService

User: NetworkService

User: Olivier
->Flash cache emptied: 0 bytes

User: Philippine
->Flash cache emptied: 0 bytes

User: Sandrine
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.31.0 log created on 02012012_191629

Files\Folders moved on Reboot...
C:\Documents and Settings\Olivier\Local Settings\Temporary Internet Files\Content.IE5\IALRLI7S\ads[4].htm moved successfully.
C:\Documents and Settings\Olivier\Local Settings\Temporary Internet Files\Content.IE5\IALRLI7S\iframe[1].htm moved successfully.
C:\Documents and Settings\Olivier\Local Settings\Temporary Internet Files\Content.IE5\IALRLI7S\like[2].htm moved successfully.
C:\Documents and Settings\Olivier\Local Settings\Temporary Internet Files\Content.IE5\DOJQ5V6N\ads[8].htm moved successfully.
C:\Documents and Settings\Olivier\Local Settings\Temporary Internet Files\Content.IE5\DOJQ5V6N\ads[9].htm moved successfully.
C:\Documents and Settings\Olivier\Local Settings\Temporary Internet Files\Content.IE5\DOJQ5V6N\extra[4].htm moved successfully.
C:\Documents and Settings\Olivier\Local Settings\Temporary Internet Files\Content.IE5\DOJQ5V6N\extra[5].htm moved successfully.
C:\Documents and Settings\Olivier\Local Settings\Temporary Internet Files\Content.IE5\DOJQ5V6N\extra[6].htm moved successfully.
C:\Documents and Settings\Olivier\Local Settings\Temporary Internet Files\Content.IE5\DOJQ5V6N\extra[7].htm moved successfully.
C:\Documents and Settings\Olivier\Local Settings\Temporary Internet Files\Content.IE5\DOJQ5V6N\extra[8].htm moved successfully.
C:\Documents and Settings\Olivier\Local Settings\Temporary Internet Files\Content.IE5\DOJQ5V6N\extra[9].htm moved successfully.
C:\Documents and Settings\Olivier\Local Settings\Temporary Internet Files\Content.IE5\DOJQ5V6N\fastbutton[3].htm moved successfully.
C:\Documents and Settings\Olivier\Local Settings\Temporary Internet Files\Content.IE5\DOJQ5V6N\lenteur-anormale-arret-t35885[1].html moved successfully.
C:\Documents and Settings\Olivier\Local Settings\Temporary Internet Files\Content.IE5\1A15G5PI\fastbutton[2].htm moved successfully.
C:\Documents and Settings\Olivier\Local Settings\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.
File\Folder C:\Documents and Settings\Olivier\Application Data\Sun\Java\Deployment\cache\6.0\19\4b959353-68404829 not found!
File\Folder C:\Documents and Settings\Olivier\Application Data\Sun\Java\Deployment\cache\6.0\1\78db2541-35d60520 not found!

Registry entries deleted on Reboot...
SkyTech

Re: lenteur anormale arrêt pc xp

par SkyTech »

Tu t'es trompé en faisant le copié/collé pour le scan OTL, recommence.

:OTL
SRV - (AppMgmt) -- File not found
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - mswsock.dll File not found
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} http://v4.windowsupdate.microsoft.com/C ... 4591203704 (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
[2010/12/12 19:38:10 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\Documents and Settings\All Users\Application Data\hpe21.dll
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2012/02/01 13:13:00 | 000,001,018 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-789336058-1085031214-839522115-1007UA.job
[2012/01/22 22:13:00 | 000,000,996 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-789336058-1085031214-839522115-1007Core.job
[2011/12/14 18:02:53 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\Olivier\Application Data\tdscszuuxkgor2dt.dat
[2011/10/26 15:28:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Olivier\Application Data\foobar2000
:commands
[purity]
[emptytemp]
[emptyflash]

---

Ensuite sur les conseils d'angélique :

==> Télécharge http://download.sysinternals.com/Files/Junction.zip
  • dézippe le et met junction.exe dans le répertoire Windows C:\Windows\ , pas ailleurs!!

    copie_colle dans executer le contenu du cadre ci dessous et valide par enter

    Code : Tout sélectionner

    cmd /c junction -s c:\ >log.txt&log.txt& del log.txt
    Une invite de commande va s'ouvrir.....laisse faire..patiente jusqu'à l'apparrition du rapport que tu posteras.
=== si tu vois sur le rapport:: Failed to open \\?\C:\WINDOWS\$NtUninstallKB59996$: Access is denied.===> passe au 2•

2•
Image Telecharge:: http://swandog46.geekstogo.com/avenger2/download.php
http://swandog46.geekstogo.com/avenger2/avenger.zip

• dezippe le , Lance le , executer en tant qu'administrateur sous vista Image

Image

Dans le cadre , sous Input Script here , copie_colle le contenu du cadre ci dessous et clic execute:
begin copying here:
Folders to delete:
C:\WINDOWS\$NtUninstallKB59996$
→ Après le re-démarrage, il crée un fichier log qui s'ouvrira,que tu posteras dans ta prochaine reponse, faisant apparaitre les actions exécutées par The Avenger. Ce fichier log se trouve ici : C:\avenger.txt
Avatar de l’utilisateur
biofenouil
Messages : 232
Inscription : 20 avr. 2008 18:28

Re: lenteur anormale arrêt pc xp

par biofenouil »

pour otl

All processes killed
Error: Unable to interpret <SRV - (AppMgmt) -- File not found> in the current context!
Error: Unable to interpret <O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.> in the current context!
Error: Unable to interpret <O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.> in the current context!
Error: Unable to interpret <O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.> in the current context!
Error: Unable to interpret <O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - mswsock.dll File not found> in the current context!
Error: Unable to interpret <O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - mswsock.dll File not found> in the current context!
Error: Unable to interpret <O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - mswsock.dll File not found> in the current context!
Error: Unable to interpret <O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - mswsock.dll File not found> in the current context!
Error: Unable to interpret <O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - mswsock.dll File not found> in the current context!
Error: Unable to interpret <O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - mswsock.dll File not found> in the current context!
Error: Unable to interpret <O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - mswsock.dll File not found> in the current context!
Error: Unable to interpret <O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - mswsock.dll File not found> in the current context!
Error: Unable to interpret <O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - mswsock.dll File not found> in the current context!
Error: Unable to interpret <O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - mswsock.dll File not found> in the current context!
Error: Unable to interpret <O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - mswsock.dll File not found> in the current context!
Error: Unable to interpret <O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - mswsock.dll File not found> in the current context!
Error: Unable to interpret <O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - mswsock.dll File not found> in the current context!
Error: Unable to interpret <O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - mswsock.dll File not found> in the current context!
Error: Unable to interpret <O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - mswsock.dll File not found> in the current context!
Error: Unable to interpret <O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - mswsock.dll File not found> in the current context!
Error: Unable to interpret <O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - mswsock.dll File not found> in the current context!
Error: Unable to interpret <O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - mswsock.dll File not found> in the current context!
Error: Unable to interpret <O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - mswsock.dll File not found> in the current context!
Error: Unable to interpret <O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} http://v4.windowsupdate.microsoft.com/C ... 4591203704 (Reg Error: Key error.)> in the current context!
Error: Unable to interpret <O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)> in the current context!
Error: Unable to interpret <O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)> in the current context!
Error: Unable to interpret <O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)> in the current context!
Error: Unable to interpret <[2010/12/12 19:38:10 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\Documents and Settings\All Users\Application Data\hpe21.dll> in the current context!
Error: Unable to interpret <[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]> in the current context!
Error: Unable to interpret <[2012/02/01 13:13:00 | 000,001,018 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-789336058-1085031214-839522115-1007UA.job> in the current context!
Error: Unable to interpret <[2012/01/22 22:13:00 | 000,000,996 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-789336058-1085031214-839522115-1007Core.job> in the current context!
Error: Unable to interpret <[2011/12/14 18:02:53 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\Olivier\Application Data\tdscszuuxkgor2dt.dat> in the current context!
Error: Unable to interpret <[2011/10/26 15:28:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Olivier\Application Data\foobar2000> in the current context!
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrateur
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: Canelle
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Olivier
->Temp folder emptied: 16384 bytes
->Temporary Internet Files folder emptied: 6202203 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 456 bytes

User: Philippine
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Sandrine
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 664 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 6,00 mb


[EMPTYFLASH]

User: Administrateur

User: All Users

User: Canelle
->Flash cache emptied: 0 bytes

User: Default User

User: LocalService

User: NetworkService

User: Olivier
->Flash cache emptied: 0 bytes

User: Philippine
->Flash cache emptied: 0 bytes

User: Sandrine
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.31.0 log created on 02012012_202851

Files\Folders moved on Reboot...
C:\Documents and Settings\Olivier\Local Settings\Temporary Internet Files\Content.IE5\9TFGIN6R\ads[8].htm moved successfully.
C:\Documents and Settings\Olivier\Local Settings\Temporary Internet Files\Content.IE5\9TFGIN6R\extra[1].htm moved successfully.
C:\Documents and Settings\Olivier\Local Settings\Temporary Internet Files\Content.IE5\9TFGIN6R\extra[2].htm moved successfully.
C:\Documents and Settings\Olivier\Local Settings\Temporary Internet Files\Content.IE5\9TFGIN6R\extra[3].htm moved successfully.
C:\Documents and Settings\Olivier\Local Settings\Temporary Internet Files\Content.IE5\9TFGIN6R\extra[4].htm moved successfully.
C:\Documents and Settings\Olivier\Local Settings\Temporary Internet Files\Content.IE5\9TFGIN6R\extra[5].htm moved successfully.
C:\Documents and Settings\Olivier\Local Settings\Temporary Internet Files\Content.IE5\9TFGIN6R\extra[6].htm moved successfully.
C:\Documents and Settings\Olivier\Local Settings\Temporary Internet Files\Content.IE5\9TFGIN6R\extra[7].htm moved successfully.
C:\Documents and Settings\Olivier\Local Settings\Temporary Internet Files\Content.IE5\9TFGIN6R\lenteur-anormale-arret-t35885[1].html moved successfully.
C:\Documents and Settings\Olivier\Local Settings\Temporary Internet Files\Content.IE5\91Q94WVT\adsCAY5FJ52.htm moved successfully.
C:\Documents and Settings\Olivier\Local Settings\Temporary Internet Files\Content.IE5\91Q94WVT\fastbutton[1].htm moved successfully.
C:\Documents and Settings\Olivier\Local Settings\Temporary Internet Files\Content.IE5\91Q94WVT\like[1].htm moved successfully.
C:\Documents and Settings\Olivier\Local Settings\Temporary Internet Files\Content.IE5\3V3HKAM6\adsCA1LXKHZ.htm moved successfully.
C:\Documents and Settings\Olivier\Local Settings\Temporary Internet Files\Content.IE5\3V3HKAM6\fastbutton[1].htm moved successfully.
C:\Documents and Settings\Olivier\Local Settings\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.

Registry entries deleted on Reboot...
Avatar de l’utilisateur
biofenouil
Messages : 232
Inscription : 20 avr. 2008 18:28

Re: lenteur anormale arrêt pc xp

par biofenouil »

Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com

Platform: Windows XP

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

Rootkit scan active.
No rootkits found!


Error: could not open folder "C:\WINDOWS\$NtUninstallKB59996$"
Deletion of folder "C:\WINDOWS\$NtUninstallKB59996$" failed!
Status: 0xc0000279


Completed script processing.

*******************

Finished! Terminate.
Vous ne pouvez pas consulter les pièces jointes insérées à ce message.
SkyTech

Re: lenteur anormale arrêt pc xp

par SkyTech »

Toujours pas ça pour OTL...

Il ne doit pas y avoir d'espace avec le :OTL PDT_019


Désactive les logiciels de protection (Antivirus, Antispywares) puis :

Télécharge Combofix sUBs : combofix.exe et sauvegarde le sur ton bureau et pas ailleurs!

Double-clic sur combofix, accepte la licence d’utilisation et laisse toi guider.

Eventuellement, installe la console de récupération comme cela est conseillé

Attends que combofix ait terminé, un rapport sera créé. Poste le rapport.

Tu as le tutorial sur ce lien pour t’aider : http://www.bleepingcomputer.com/combofi ... r-combofix

PS : si Combofix ne se lance pas, renomme le fichier Combofix et retente.
Avatar de l’utilisateur
angelique
Messages : 31464
Inscription : 28 févr. 2008 13:58
Localisation : Breizhilienne

Re: lenteur anormale arrêt pc xp

par angelique »

Tu es infecté par une variante zeroaccess

Le rapport junction le confirme avec OTL:

========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\WINDOWS\$NtUninstallKB59996$] -> Error: Cannot create file handle -> Unknown point type
Failed to open \\?\c:\\Documents and Settings\Olivier\Local Settings\Application Data\9bb28e11\X: Accès refusé.
Failed to open \\?\c:\\WINDOWS\$NtUninstallKB59996$: Accès refusé.
Failed to open \\?\c:\\WINDOWS\assembly\GAC_MSIL\Desktop.ini: Accès refusé.
Failed to open \\?\c:\\Documents and Settings\Olivier\Local Settings\Application Data\9bb28e11\X: Accès refusé == parraissant être le drop de ZAccess

Fait comboFix comme demande Skyteck
Avec Gnu_Linux t'as un Noyau ... avec Ѡindows t'as que les pépins
https://helicium.altervista.org/
Supprimer les "virus" gratuitement http://www.supprimer-trojan.com/
Image
Avatar de l’utilisateur
biofenouil
Messages : 232
Inscription : 20 avr. 2008 18:28

Re: lenteur anormale arrêt pc xp

par biofenouil »

salut et merci
alors je viens de repasser otl et visiblement c'est réuissi
mais du coup j'ai plus de connexion
que faire ?
SkyTech

Re: lenteur anormale arrêt pc xp

par SkyTech »

Salut,

Utilise la commande netsh winsock reset catalog : http://www.commentcamarche.net/faq/2743 ... e-commande
Avatar de l’utilisateur
biofenouil
Messages : 232
Inscription : 20 avr. 2008 18:28

Re: lenteur anormale arrêt pc xp

par biofenouil »

Salut
merci super pour la connexion
sinon, pour otl :

All processes killed
========== OTL ==========
Service AppMgmt stopped successfully!
Service AppMgmt deleted successfully!
File File not found not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107}\ not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000003\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000004\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000005\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000006\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000007\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000008\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000009\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000010\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000011\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000012\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000013\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000014\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000015\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000016\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000017\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000018\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000019\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000020\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000021\ deleted successfully.
Starting removal of ActiveX control {9F1C11AA-197B-4942-BA54-47A8489BB47F}
C:\WINDOWS\Downloaded Program Files\iuctl.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{9F1C11AA-197B-4942-BA54-47A8489BB47F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9F1C11AA-197B-4942-BA54-47A8489BB47F}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9F1C11AA-197B-4942-BA54-47A8489BB47F}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9F1C11AA-197B-4942-BA54-47A8489BB47F}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
File Animation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab not found.
Starting removal of ActiveX control DirectAnimation Java Classes
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\DirectAnimation Java Classes\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\DirectAnimation Java Classes\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\DirectAnimation Java Classes\ not found.
File oft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab not found.
Starting removal of ActiveX control Microsoft XML Parser for Java
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\Microsoft XML Parser for Java\ not found.
C:\Documents and Settings\All Users\Application Data\hpe21.dll moved successfully.
File/Folder C:\WINDOWS\*.tmp not found.
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-789336058-1085031214-839522115-1007UA.job moved successfully.
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-789336058-1085031214-839522115-1007Core.job moved successfully.
C:\Documents and Settings\Olivier\Application Data\tdscszuuxkgor2dt.dat moved successfully.
C:\Documents and Settings\Olivier\Application Data\foobar2000\playlists folder moved successfully.
C:\Documents and Settings\Olivier\Application Data\foobar2000\index-data folder moved successfully.
C:\Documents and Settings\Olivier\Application Data\foobar2000\configuration folder moved successfully.
C:\Documents and Settings\Olivier\Application Data\foobar2000 folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrateur
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: Canelle
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Olivier
->Temp folder emptied: 763904 bytes
->Temporary Internet Files folder emptied: 12957294 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 470 bytes

User: Philippine
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Sandrine
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 664 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 185595 bytes

Total Files Cleaned = 13,00 mb


[EMPTYFLASH]

User: Administrateur

User: All Users

User: Canelle
->Flash cache emptied: 0 bytes

User: Default User

User: LocalService

User: NetworkService

User: Olivier
->Flash cache emptied: 0 bytes

User: Philippine
->Flash cache emptied: 0 bytes

User: Sandrine
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\: LSP stack updated.

OTL by OldTimer - Version 3.2.31.0 log created on 02022012_214311

Files\Folders moved on Reboot...
C:\Documents and Settings\Olivier\Local Settings\Temporary Internet Files\Content.IE5\AR2O6R4Y\ads[1].htm moved successfully.
C:\Documents and Settings\Olivier\Local Settings\Temporary Internet Files\Content.IE5\4FGE5RHX\ads[1].htm moved successfully.
C:\Documents and Settings\Olivier\Local Settings\Temporary Internet Files\Content.IE5\4FGE5RHX\ads[2].htm moved successfully.
C:\Documents and Settings\Olivier\Local Settings\Temporary Internet Files\Content.IE5\4FGE5RHX\fastbutton[1].htm moved successfully.
C:\Documents and Settings\Olivier\Local Settings\Temporary Internet Files\Content.IE5\4FGE5RHX\lenteur-anormale-arret-t35885[1].html moved successfully.
C:\Documents and Settings\Olivier\Local Settings\Temporary Internet Files\Content.IE5\4FGE5RHX\like[1].htm moved successfully.
C:\Documents and Settings\Olivier\Local Settings\Temporary Internet Files\Content.IE5\4EUGMDE8\activityi;src=1140015;type=nico0809;cat=hpperf;ord=1;num=31973372053[1].htm moved successfully.
C:\Documents and Settings\Olivier\Local Settings\Temporary Internet Files\Content.IE5\4EUGMDE8\fastbutton[1].htm moved successfully.
C:\Documents and Settings\Olivier\Local Settings\Temporary Internet Files\Content.IE5\4EUGMDE8\spectech[1].htm moved successfully.
C:\Documents and Settings\Olivier\Local Settings\Temporary Internet Files\Content.IE5\1R2PEHAB\extra[1].htm moved successfully.
C:\Documents and Settings\Olivier\Local Settings\Temporary Internet Files\Content.IE5\1R2PEHAB\extra[2].htm moved successfully.
C:\Documents and Settings\Olivier\Local Settings\Temporary Internet Files\Content.IE5\1R2PEHAB\extra[3].htm moved successfully.
C:\Documents and Settings\Olivier\Local Settings\Temporary Internet Files\Content.IE5\1R2PEHAB\extra[5].htm moved successfully.
C:\Documents and Settings\Olivier\Local Settings\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.

Registry entries deleted on Reboot...
SkyTech

Re: lenteur anormale arrêt pc xp

par SkyTech »

Relance OTL et clic sur Purge outil.

Passe a ComboFix ;)
  • Sujets similaires
    Réponses
    Vues
    Dernier message

Revenir à « Accélérer Windows et problème de lenteur PC »