"blocage" de xp

Accélérer son PC et résoudre les problèmes de lenteur PC et Windows

Modérateur : Mods Windows

gh78

"blocage" de xp

par gh78 »

Bonjour à tous. Voici le problème que je rencontre avec mon xp sp3 x86.
Avant toute chose : c'est un bug bizarre, que je risque d'avoir du mal à expliquer

Voila les symptômes :
Je démarre xp normalement, je me connecte ma session, elle s'ouvre, et... frezze dans le chargement Oo
J'explique : D'après ce que j'ai pu remarqué, le démarrage d'une session xp se fait en 2 phases : le démarrage avec les vérifs + lancements des pilotes,ect. puis le démarrage des processus normaux, où xp est 100% fonctionnel. Normalement, les 2 s’enchaînent sans que l'utilisateur ne le remarque.
Voici mon problème : mon ordi reste bloqué à cette première étape de manière aléatoire (parfois, pas tout le temps), et pendant qu'il reste bloqué, je ne peux pas :
-Démarrer Chrome (le processus s'ouvre, mais c'est tous, le navigateur ne s'ouvre pas), pareil pour IE
-Consulter mes mails avec outlook express : ce dernier s'ovre et se plante lors de la récupération des mails
-lancer les 3/4 des programmes qui accèdent à Internet (maj auto, services en ligne...)

L’exception qui confirme la règle est Firefox qui accepte de démarrer, mais sans module complémentaires, donc flash player ne fonctionne pas (les pages me demandent de l'installer), pareil pour java apparemment.

Pendant ce blocage, le DD ne tourne pas, l'UC n'est pas utilisé, et il dure de 5mn à 20mn puis tout se débloque.
Dernière chose, pendant ce blocage, si e fait fermer la session/arrêter l'ordinateur, ça reste bloqué à Enregistrement de vos paramètres personnels, jusqu'à le déblocage miracle, voir ci-dessus^^

Voila j'espère avoir pu bien expliquer mon problème et avoir été assez clair, merci d'avance pour votre aide^^

gh78
SkyTech

Re: "blocage" de xp

par SkyTech »

Salut,

Tu as déjà fais un CHKDSK ?

Pour voir :


* Télécharge >> OTL <<sur ton bureau.

* Fait un double-clic sur l'icône d'OTL pour le lancer
/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

* Assure toi d'avoir fermé toutes les applications en court de fonctionnement.

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case "Rapport minimal" soit cochée.

* Copies et colles le contenue de cette citation dans la partie inférieure d'OTL "Personnalisation"
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%temp%\*.exe /s
%SYSTEMDRIVE%\*.exe
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
/md5start
explorer.exe
winlogon.exe
wininit.exe
/md5stop
HKEY_LOCAL_MACHINE\SYSTEM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters /s
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems /s
CREATERESTOREPOINT
nslookup http://www.google.fr /c
SAVEMBR:0
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs

* Cliques sur l'icône "Analyse" (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan un ou deux rapports vont s'ouvrir "OTL.Txt" et ( ou ) "Extras.Txt"( dans certains cas).
* Copie et colle le ou les rapports dans ta réponse stp...
* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés
gh78

Re: "blocage" de xp

par gh78 »

oui, j'ai même déjà tous réinstallé, mais il est vrai que iolo me détecte toujours une erreur sur mon DD

Je te fait ça
gh78

Re: "blocage" de xp

par gh78 »

OTL.txt


OTL logfile created on: 27/02/2012 13:04:09 - Run 1
OTL by OldTimer - Version 3.2.33.2 Folder = C:\Documents and Settings\Guillaume\Bureau
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 1,57 Gb Available Physical Memory | 78,79% Memory free
3,85 Gb Paging File | 3,61 Gb Available in Paging File | 93,84% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 87,99 Gb Free Space | 59,04% Space Free | Partition Type: NTFS
Drive E: | 1,86 Gb Total Space | 1,49 Gb Free Space | 80,15% Space Free | Partition Type: FAT

Computer Name: HERAUT-B3C7275D | User Name: Guillaume | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Guillaume\Bureau\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\Fichiers communs\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (ABBYY)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)


========== Modules (No Company Name) ==========

MOD - C:\Program Files\AVAST Software\Avast\defs\12022700\algo.dll ()
MOD - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA ()
MOD - C:\WINDOWS\system32\pdfcmnnt.dll ()


========== Win32 Services (SafeList) ==========

SRV - (HidServ) -- File not found
SRV - (TomTomHOMEService) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
SRV - (ioloSystemService) -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe (iolo technologies, LLC)
SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (FreemakeVideoCapture) -- C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe (Microsoft)
SRV - (Apple Mobile Device) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (odserv) -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (ABBYY.Licensing.FineReader.Sprint.9.0) -- C:\Program Files\Fichiers communs\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (ABBYY)
SRV - (NMIndexingService) -- C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe (Nero AG)
SRV - (ose) -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV - (atksgt) -- C:\WINDOWS\system32\drivers\atksgt.sys ()
DRV - (lirsgt) -- C:\WINDOWS\system32\drivers\lirsgt.sys ()
DRV - (aswSnx) -- C:\WINDOWS\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software)
DRV - (FileDisk) -- C:\WINDOWS\System32\drivers\filedisk.sys (iolo technologies, LLC (based on original work by Bo Brantén))
DRV - (fssfltr) -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys (Microsoft Corporation)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (npf) -- C:\WINDOWS\system32\drivers\npf.sys (CACE Technologies, Inc.)
DRV - (nvnetbus) -- C:\WINDOWS\system32\drivers\nvnetbus.sys (NVIDIA Corporation)
DRV - (NVENETFD) -- C:\WINDOWS\system32\drivers\NVENETFD.sys (NVIDIA Corporation)
DRV - (AmdPPM) -- C:\WINDOWS\system32\drivers\AmdPPM.sys (Advanced Micro Devices)
DRV - (JRAID) -- C:\WINDOWS\system32\DRIVERS\jraid.sys (JMicron Technology Corp.)
DRV - (SenFiltService) -- C:\WINDOWS\system32\drivers\senfilt.sys (Sensaura)
DRV - (JGOGO) -- C:\WINDOWS\system32\DRIVERS\JGOGO.sys (JMicron )
DRV - (MTsensor) -- C:\WINDOWS\system32\drivers\ASACPI.sys ()
DRV - (nvgts) -- C:\WINDOWS\system32\DRIVERS\nvgts.sys (NVIDIA Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-57989841-1965331169-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
IE - HKU\S-1-5-21-57989841-1965331169-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://home.microsoft.com/access/allinone.asp
IE - HKU\S-1-5-21-57989841-1965331169-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
IE - HKU\S-1-5-21-57989841-1965331169-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-57989841-1965331169-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011/10/24 14:46:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ [2012/02/18 14:55:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/11/29 20:53:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/02/05 17:33:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/01/13 19:38:55 | 000,000,000 | ---D | M]

[2011/10/24 15:28:39 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Guillaume\Application Data\Mozilla\Extensions
[2011/10/24 15:28:39 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Guillaume\Application Data\Mozilla\Extensions\[email protected]
[2011/11/10 22:46:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/11/29 20:53:20 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2012/02/18 14:55:22 | 000,000,000 | ---D | M] (Freemake Video Converter Plugin) -- C:\PROGRAM FILES\FREEMAKE\FREEMAKE VIDEO CONVERTER\BROWSERPLUGIN\FIREFOX
[2011/10/24 14:08:47 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/10/25 18:02:52 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2012/02/05 17:33:50 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2009/08/03 15:07:42 | 000,373,104 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\npOGAPlugin.dll
[2012/02/05 11:02:31 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2012/02/05 11:02:31 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/02/05 11:02:31 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2012/02/05 11:02:31 | 000,001,154 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2012/02/05 11:02:31 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2012/02/05 11:02:31 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.77\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.77\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.77\pdf.dll
CHR - plugin: Freemake np-plugin for google chrome (Enabled) = C:\Documents and Settings\Guillaume\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj\1.0.0_0\npFreemake.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Guillaume\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Google Translate = C:\Documents and Settings\Guillaume\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb\1.2.3.1_0\
CHR - Extension: chrometheme = C:\Documents and Settings\Guillaume\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\behfnpejdobfoinioecbdimhaemcolkb\1_0\
CHR - Extension: Turn Off the Lights = C:\Documents and Settings\Guillaume\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn\2.0.0.50_0\
CHR - Extension: WOT = C:\Documents and Settings\Guillaume\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\1.2.11_0\
CHR - Extension: Flag for Chrome = C:\Documents and Settings\Guillaume\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dbpojpfdiliekbbiplijcphappgcgjfn\0.4.1_1\
CHR - Extension: D\u00E9sactivation de Google\u00A0Analytics = C:\Documents and Settings\Guillaume\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fllaojicojecljbmefodhfapmkghcbnh\0.9.0_0\
CHR - Extension: AdBlock = C:\Documents and Settings\Guillaume\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.16_0\
CHR - Extension: \u003Cvideo\u003E HTML5 DivX Plus Web Player = C:\Documents and Settings\Guillaume\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.126_0\

O1 HOSTS File: ([2011/12/15 17:52:25 | 000,438,899 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 15095 more lines...
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKU\.DEFAULT..\Run: [EPSON SX440 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIHBE.EXE (SEIKO EPSON CORPORATION)
O4 - HKU\S-1-5-18..\Run: [EPSON SX440 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIHBE.EXE (SEIKO EPSON CORPORATION)
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-57989841-1965331169-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/download/ ... ontrol.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1E3F1348-4370-4BBE-A67A-CC7ED824CA85} http://download.microsoft.com/download/ ... ontrol.cab (Microsoft Genuine Advantage Self Support Tool)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microso ... 9451607609 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{10FB2B7B-9F03-4ED8-9D4A-FBF76356EE6C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{10FB2B7B-9F03-4ED8-9D4A-FBF76356EE6C}: NameServer = 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B2C750A3-D2DD-4997-AE09-B8E628D060B0}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B2C750A3-D2DD-4997-AE09-B8E628D060B0}: NameServer = 8.8.8.8
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Colline verdoyante.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Guillaume\Application Data\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/10/24 10:31:39 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{a8860707-fe23-11e0-8f85-fa24c473e1d6}\Shell - "" = AutoRun
O33 - MountPoints2\{a8860707-fe23-11e0-8f85-fa24c473e1d6}\Shell\AutoRun\command - "" = E:\unlock.exe autoplay=true
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: APSDaemon - hkey= - key= - C:\Program Files\Fichiers communs\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
MsConfig - StartUpReg: BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - hkey= - key= - C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe (Nero AG)
MsConfig - StartUpReg: DivXUpdate - hkey= - key= - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
MsConfig - StartUpReg: EEventManager - hkey= - key= - C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
MsConfig - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig - StartUpReg: JMB36X Configure - hkey= - key= - File not found
MsConfig - StartUpReg: JMB36X IDE Setup - hkey= - key= - C:\WINDOWS\JM\JMInsIDE.exe ()
MsConfig - StartUpReg: KernelFaultCheck - hkey= - key= - File not found
MsConfig - StartUpReg: Microsoft Works Update Detection - hkey= - key= - C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe (Microsoft® Corporation)
MsConfig - StartUpReg: NeroFilterCheck - hkey= - key= - C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe (Nero AG)
MsConfig - StartUpReg: NVRaidService - hkey= - key= - C:\Program Files\NVIDIA Corporation\Raid\nvraidservice.exe (NVIDIA Corporation)
MsConfig - StartUpReg: SoundMAX - hkey= - key= - C:\Program Files\Analog Devices\SoundMAX\Smax4.exe (Analog Devices, Inc.)
MsConfig - StartUpReg: SoundMAXPnP - hkey= - key= - C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
MsConfig - StartUpReg: StartCCC - hkey= - key= - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
MsConfig - StartUpReg: TomTomHOME.exe - hkey= - key= - C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: ioloSystemService - C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe (iolo technologies, LLC)
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: ioloSystemService - C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe (iolo technologies, LLC)
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {1a3e09be-1e45-494b-9174-d7385b45bbf5} -
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {0213C6AF-5562-4D09-884C-2ADCFC8C2F35} - Microsoft .NET Framework 1.1 Security Update (KB2656353)
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Rendu VML (Vector Graphics Rendering)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Liaison de données Dynamic HTML pour Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {3F7924B9-D148-3141-87B1-68F36043A940} - .NET Framework
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Création avancée
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Classes Java DirectAnimation
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {72AD53CC-CCC0-3757-8480-9EE176866A7C} - .NET Framework
ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {9A394342-4A68-4EBA-85A6-55B559F4E700} - .NET Framework
ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Planificateur de tâches
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EF289A85-8E57-408d-BE47-73B55609861A} - RootsUpdate
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
ActiveX: Microsoft Base Smart Card Crypto Provider Package -

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.VP31 - C:\WINDOWS\System32\vp31vfw.dll (On2.com)
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2012/02/27 12:56:23 | 000,583,680 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Guillaume\Bureau\OTL.exe
[2012/02/20 14:59:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2012/02/10 20:00:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Guillaume\Mes documents\config box
[2012/02/10 19:22:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Guillaume\Local Settings\Application Data\OCCT
[2012/02/10 19:17:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Guillaume\Mes documents\OCCT
[2012/02/09 17:34:45 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\DirectX
[2012/02/09 17:30:11 | 000,409,600 | ---- | C] (Creative Labs) -- C:\WINDOWS\System32\wrap_oal.dll
[2012/02/09 17:30:11 | 000,114,688 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\WINDOWS\System32\OpenAL32.dll
[2012/02/09 17:30:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Dancing Dots
[2012/02/09 15:42:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dllcache\restext
[2012/02/09 15:39:48 | 000,446,464 | ---- | C] (On2.com) -- C:\WINDOWS\System32\vp31vfw.dll
[2012/02/09 15:39:48 | 000,000,000 | ---D | C] -- C:\Program Files\On2 Technologies
[2012/02/09 15:39:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Nobilis
[2012/02/09 14:46:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\PAN vision
[2012/02/09 14:45:41 | 000,000,000 | ---D | C] -- C:\Program Files\PAN vision
[2012/02/09 14:44:49 | 000,327,168 | ---- | C] (InstallShield Software Corporation) -- C:\WINDOWS\IsUn040c.exe
[2012/02/04 18:29:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Google Chrome
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/02/27 13:07:00 | 000,000,444 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{AE2EB561-FD14-4A6E-BBDB-1DDA21F9B7FE}.job
[2012/02/27 13:06:34 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012/02/27 13:00:50 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/02/27 12:56:28 | 000,583,680 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Guillaume\Bureau\OTL.exe
[2012/02/27 11:41:17 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012/02/26 18:35:04 | 000,013,738 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/02/18 14:55:24 | 000,000,973 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Freemake Video Converter.lnk
[2012/02/15 14:59:55 | 000,304,416 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/02/15 14:55:42 | 000,553,262 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2012/02/15 14:55:42 | 000,482,172 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/02/15 14:55:42 | 000,095,774 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2012/02/15 14:55:42 | 000,080,436 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/02/15 14:49:49 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/02/11 19:03:03 | 000,002,239 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Alexandra Ledermann 6.lnk
[2012/02/09 17:30:11 | 000,409,600 | ---- | M] (Creative Labs) -- C:\WINDOWS\System32\wrap_oal.dll
[2012/02/09 17:30:11 | 000,114,688 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\WINDOWS\System32\OpenAL32.dll
[2012/02/09 15:42:27 | 000,000,113 | ---- | M] () -- C:\WINDOWS\System32\dllcache\restext\Cian_9_09022012_154227_E.ysa
[2012/02/09 15:42:27 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\dllcache\restextCian_9_09022012_154227_E.ysa
[2012/02/09 15:39:14 | 000,000,103 | ---- | M] () -- C:\WINDOWS\SpringdaleSH.ini
[2012/02/04 18:00:32 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\CCleaner.lnk
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/02/27 13:06:34 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012/02/15 14:42:58 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2012/02/15 14:38:08 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/02/15 14:38:08 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2012/02/11 19:03:03 | 000,002,239 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Alexandra Ledermann 6.lnk
[2012/02/09 15:42:27 | 000,000,113 | ---- | C] () -- C:\WINDOWS\System32\dllcache\restext\Cian_9_09022012_154227_E.ysa
[2012/02/09 15:42:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\dllcache\restextCian_9_09022012_154227_E.ysa
[2012/02/09 15:39:14 | 000,000,103 | ---- | C] () -- C:\WINDOWS\SpringdaleSH.ini
[2012/01/30 09:54:10 | 000,436,298 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-57989841-1965331169-725345543-1005-0.dat
[2012/01/23 19:11:44 | 000,000,269 | ---- | C] () -- C:\WINDOWS\SysMech.INI
[2011/12/21 18:11:51 | 000,000,226 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.351.32.bc
[2011/12/17 22:15:53 | 000,279,712 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2011/12/17 22:15:51 | 000,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2011/11/28 19:51:01 | 000,344,880 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/11/16 18:26:42 | 000,271,478 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-57989841-1965331169-725345543-1003-0.dat
[2011/11/14 09:40:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\EEventManager.INI
[2011/11/12 18:48:11 | 000,119,808 | ---- | C] () -- C:\WINDOWS\System32\t2embed.dll
[2011/11/10 21:38:08 | 000,000,022 | -HS- | C] () -- C:\Documents and Settings\Guillaume\Application Data\Sys2662.Config.Repository.bin
[2011/11/07 13:50:44 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Guillaume\Local Settings\Application Data\{A45C5E01-96CB-43D2-9C4A-B56F6BD8732F}
[2011/11/05 19:38:28 | 000,074,703 | ---- | C] () -- C:\WINDOWS\System32\mfc45.dll
[2011/11/03 09:00:49 | 001,117,898 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-57989841-1965331169-725345543-1006-0.dat
[2011/11/02 21:12:16 | 000,004,608 | ---- | C] () -- C:\Documents and Settings\Guillaume\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/10/24 17:55:09 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2011/10/24 15:34:24 | 000,271,478 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2011/10/24 15:27:18 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2011/10/24 14:04:20 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\Guillaume\Local Settings\Application Data\fusioncache.dat
[2011/10/24 13:50:59 | 000,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
[2011/10/24 12:40:19 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2011/10/24 12:22:38 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011/10/24 12:21:08 | 000,304,416 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/10/24 12:14:04 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2011/10/24 11:15:04 | 000,005,876 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin
[2011/10/24 10:47:18 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2011/10/24 10:47:16 | 000,002,071 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2011/10/24 10:47:04 | 000,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2011/10/24 10:33:44 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011/10/24 10:28:39 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

========== Custom Scans ==========


< %ALLUSERSPROFILE%\Application Data\*. >
[2011/10/24 14:45:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ABBYY
[2011/10/24 17:40:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2011/10/24 17:10:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ahead
[2011/11/07 15:23:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple
[2011/12/15 17:14:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2011/10/24 13:50:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ATI
[2011/12/21 18:00:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Auralog
[2011/10/24 12:48:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/10/24 14:46:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DivX
[2011/10/24 14:48:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EPSON
[2012/02/18 14:55:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Freemake
[2012/01/22 20:19:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iolo
[2011/10/24 15:50:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/12/08 21:53:51 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2012/02/15 14:43:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help
[2011/10/24 17:33:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nero
[2011/12/12 09:41:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
[2011/10/24 15:20:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype
[2012/01/22 19:58:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2011/10/24 14:09:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sun
[2011/12/17 22:17:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tages
[2012/01/12 18:57:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TomTom
[2011/10/24 14:43:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UDL
[2011/10/24 11:23:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2011/11/07 15:25:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}

< %ALLUSERSPROFILE%\Application Data\*.exe /s >
[2009/02/04 13:56:14 | 000,075,112 | ---- | M] (GEAR Software, Inc.) -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}\x86\DifXInstall32.exe
[2012/01/03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\ARM\Reader_10.1.1\24794\AcrobatUpdater.exe
[2012/01/03 08:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\ARM\Reader_10.1.1\24794\AdobeARM.exe
[2012/01/03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\ARM\Reader_10.1.1\24794\AdobeARMHelper.exe
[2012/01/03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\ARM\Reader_10.1.1\24794\ReaderUpdater.exe
[2011/09/05 22:51:05 | 001,560,520 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\Setup\{AC76BA86-7AD7-1036-7B44-AA1000000001}\setup.exe
[2011/12/15 17:04:53 | 000,073,584 | ---- | M] (Apple Inc.) -- C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 10.5.2.11\SetupAdmin.exe
[2011/10/24 14:45:38 | 000,056,969 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\ASPEncoder\Uninstaller.exe
[2011/10/24 14:45:52 | 000,057,591 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\ControlPanel\Uninstaller.exe
[2011/10/24 14:46:10 | 000,063,144 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\DesktopService\Uninstaller.exe
[2011/10/24 14:45:58 | 000,056,458 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DivXDecoderShortcut\Uninstaller.exe
[2011/10/24 14:46:31 | 000,064,957 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\DivXPlusShortcuts\Uninstaller.exe
[2011/10/24 14:45:57 | 000,062,879 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\DSAACDecoder\Uninstaller.exe
[2011/10/24 14:46:00 | 000,057,275 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSASPDecoder\Uninstaller.exe
[2011/10/24 14:46:04 | 000,054,166 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSAVCDecoder\Uninstaller.exe
[2011/10/24 14:46:07 | 000,057,037 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSDesktopComponents\Uninstaller.exe
[2011/10/24 14:45:26 | 000,061,667 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\MSVC80CRTRedist\Uninstaller.exe
[2011/10/24 14:45:32 | 000,063,228 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\OVSHelper\Uninstaller.exe
[2011/10/24 14:45:49 | 000,054,073 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\Qt4.5\Uninstaller.exe
[2011/10/24 14:43:12 | 000,926,560 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\Setup\DivXSetup.exe
[2011/10/24 14:46:12 | 000,061,792 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\Update\Uninstaller.exe
[2011/10/24 14:46:30 | 000,066,428 | ---- | M] (DivX, LLC) -- C:\Documents and Settings\All Users\Application Data\DivX\WebPlayer\Uninstaller.exe
[2011/08/08 15:36:00 | 048,482,292 | ---- | M] (iolo technologies, LLC ) -- C:\Documents and Settings\All Users\Application Data\iolo\System Shield\smsysshieldinstaller.exe

< %APPDATA%\*. >
[2011/10/24 17:40:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Guillaume\Application Data\Adobe
[2011/10/24 17:39:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Guillaume\Application Data\Ahead
[2011/11/16 16:28:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Guillaume\Application Data\Apple Computer
[2011/10/24 13:50:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Guillaume\Application Data\ATI
[2011/10/24 17:43:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Guillaume\Application Data\Audacity
[2011/11/28 18:25:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Guillaume\Application Data\cacaoweb
[2011/10/24 14:48:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Guillaume\Application Data\DDMSettings
[2011/11/16 16:58:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Guillaume\Application Data\DivX
[2011/11/11 21:20:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Guillaume\Application Data\Downloaded Installations
[2011/11/18 20:54:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Guillaume\Application Data\EPSON
[2011/10/24 15:15:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Guillaume\Application Data\Google
[2011/10/24 10:36:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Guillaume\Application Data\Identities
[2012/01/23 19:47:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Guillaume\Application Data\iolo
[2011/10/24 10:41:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Guillaume\Application Data\Macromedia
[2011/10/24 15:50:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Guillaume\Application Data\Malwarebytes
[2011/12/21 18:57:42 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Guillaume\Application Data\Microsoft
[2011/10/24 14:28:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Guillaume\Application Data\Mozilla
[2011/10/24 15:27:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Guillaume\Application Data\pdfforge
[2011/11/05 13:30:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Guillaume\Application Data\PSpad
[2011/12/13 21:07:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Guillaume\Application Data\QuickScan
[2012/01/23 20:03:31 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Guillaume\Application Data\SecuROM
[2012/01/22 19:48:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Guillaume\Application Data\Skype
[2011/10/24 14:07:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Guillaume\Application Data\Sun
[2011/10/24 15:28:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Guillaume\Application Data\TomTom
[2011/11/11 22:16:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Guillaume\Application Data\vlc
[2011/10/24 13:52:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Guillaume\Application Data\WinRAR
[2011/11/27 22:27:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Guillaume\Application Data\Xilisoft

< %APPDATA%\*.exe /s >

< %temp%\*.exe /s >
[2012/02/18 14:54:43 | 023,827,232 | ---- | M] (Ellora Assets Corporation ) -- C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\FreemakeVideoConverter_3.0.1.15.exe
[2012/02/18 14:53:49 | 000,248,664 | ---- | M] (Ask.com) -- C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\installChecker.exe
[2007/02/27 15:08:44 | 000,456,416 | R--- | M] (Macrovision Corporation) -- C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\_is5.exe
[4 C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\*.tmp files -> C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2010/08/27 09:02:58 | 000,119,808 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\t2embed.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2011/10/24 12:20:07 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2011/10/24 12:20:07 | 000,663,552 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2011/10/24 12:20:07 | 000,446,464 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav


< MD5 for: EXPLORER.EXE >
[2006/03/02 13:00:00 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=2A7BD330924252A2FD80344FC949BB72 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2008/04/13 18:34:04 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\explorer.exe
[2008/04/13 18:34:04 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe

< MD5 for: WINLOGON.EXE >
[2006/03/02 13:00:00 | 000,506,368 | ---- | M] (Microsoft Corporation) MD5=123EEA158F74D0F67A51DCDF065D1091 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008/04/13 18:34:30 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/13 18:34:30 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\system32\winlogon.exe

< HKEY_LOCAL_MACHINE\SYSTEM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters /s >

< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems /s >
"Debug" =
"Kmode" = %SystemRoot%\system32\win32k.sys -- [2012/01/12 18:20:33 | 001,860,096 | ---- | M] (Microsoft Corporation)
"Optional" = Posix [binary data]
"Required" = DebugWindows [binary data]
"Windows" = %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\CSRSS]
"CsrSrvSharedSectionBase" = 2137980928

< nslookup http://www.google.fr /c >
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
Serveur : UnKnown
Address: 8.8.8.8
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
gh78

Re: "blocage" de xp

par gh78 »

OTL.txt p2



< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\chrome.exe\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2012/01/20 06:35:36 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/02/05 17:33:47 | 000,836,928 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/02/05 17:33:47 | 000,836,928 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/02/05 17:33:47 | 000,836,928 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2012/02/05 17:33:50 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2012/02/05 17:33:50 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2012/02/05 17:33:50 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --show-icons [2012/01/20 06:35:36 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --hide-icons [2012/01/20 06:35:36 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/01/20 06:35:36 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2012/01/20 06:35:36 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/12/16 13:23:08 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2011/12/16 13:23:08 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2011/12/16 13:23:08 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\chrome.exe\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2012/01/20 06:35:36 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/02/05 17:33:47 | 000,836,928 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/02/05 17:33:47 | 000,836,928 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/02/05 17:33:47 | 000,836,928 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2012/02/05 17:33:50 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2012/02/05 17:33:50 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2012/02/05 17:33:50 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --show-icons [2012/01/20 06:35:36 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --hide-icons [2012/01/20 06:35:36 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/01/20 06:35:36 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2012/01/20 06:35:36 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/12/16 13:23:08 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2011/12/16 13:23:08 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2011/12/16 13:23:08 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)

========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\WINDOWS\$NtUninstallKB5171$] -> Error: Cannot create file handle -> Unknown point type

< End of report >



Juste précision : ma box étais pas connecté à Internet pendant le scan
gh78

Re: "blocage" de xp

par gh78 »

Extras.txt


OTL Extras logfile created on: 27/02/2012 13:04:09 - Run 1
OTL by OldTimer - Version 3.2.33.2 Folder = C:\Documents and Settings\Guillaume\Bureau
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 1,57 Gb Available Physical Memory | 78,79% Memory free
3,85 Gb Paging File | 3,61 Gb Available in Paging File | 93,84% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 87,99 Gb Free Space | 59,04% Space Free | Partition Type: NTFS
Drive E: | 1,86 Gb Total Space | 1,49 Gb Free Space | 80,15% Space Free | Partition Type: FAT

Computer Name: HERAUT-B3C7275D | User Name: Guillaume | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\explorer.exe" = C:\WINDOWS\explorer.exe:*:Disabled:Explorateur Windows -- (Microsoft Corporation)
"C:\Program Files\Fichiers communs\Ahead\Nero Web\SetupX.exe" = C:\Program Files\Fichiers communs\Ahead\Nero Web\SetupX.exe:*:Enabled:Nero ProductSetup -- (Nero AG)
"C:\Documents and Settings\Guillaume\Local Settings\Temp\Nero Web\SetupXu.exe" = C:\Documents and Settings\Guillaume\Local Settings\Temp\Nero Web\SetupXu.exe:*:Enabled:Nero ProductSetup
"C:\Program Files\EPSON Software\Event Manager\EEventManager.exe" = C:\Program Files\EPSON Software\Event Manager\EEventManager.exe:*:Enabled:EEventManager Application -- (SEIKO EPSON CORPORATION)
"C:\Program Files\cacaoweb\cacaoweb.exe" = C:\Program Files\cacaoweb\cacaoweb.exe:*:Enabled:cacaoweb
"C:\Program Files\Fichiers communs\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Fichiers communs\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Program Files\Ubisoft\IL-2 Sturmovik 1946\il2fb.exe" = C:\Program Files\Ubisoft\IL-2 Sturmovik 1946\il2fb.exe:*:Enabled:il2fb -- ()


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
""Marie La Cavalière"" = "Marie La Cavalière"
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{03460010-3975-4267-9F39-1DC4745090B7}" = Encyclopédie Microsoft Encarta 2003
"{03ADC8AB-C130-0C3D-1FF9-2C385DF25689}" = CCC Help Czech
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{07021185-008D-ABF9-7716-475AC035F8B3}" = CCC Help Spanish
"{0BD83598-C2EF-3343-847B-7D2E84599128}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA
"{0E7257E7-F08F-46FB-8C85-56C679E55440}" = Alexandra Ledermann 6
"{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack
"{0F8D0406-7755-AC37-6529-73AD649DBE32}" = Catalyst Control Center Graphics Previews Common
"{10F63395-157F-4B93-AB4D-702A2FF11942}" = Epson Download Navigator
"{133742BA-6F46-4D3E-85AF-78631D9AD8B8}" = Installation Windows Live
"{15EB20D6-5F13-41D0-BEF9-C9C44D6AC620}" = SDFormatter
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{22072CC8-7230-96F8-52F4-05EAF3F906B6}" = CCC Help Polish
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2368ADBD-6FDF-4B9F-FE41-E20B4D78E79E}" = CCC Help Chinese Standard
"{25EF0DC4-B072-2E04-4581-A13C91423CE6}" = CCC Help Portuguese
"{26A24AE4-039D-4CA4-87B4-2F83216029FF}" = Java(TM) 6 Update 29
"{26F7855C-443B-00A6-F7B8-A97A5403F617}" = CCC Help Danish
"{2CB4A925-48A7-DA65-DCEE-D4DE224B7D84}" = CCC Help English
"{306D75B9-7FFF-FF65-0C76-57F2FE4FE1D6}" = Catalyst Control Center Core Implementation
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{32B12FE4-5A51-751A-1FB6-A14E97EBDD5C}" = CCC Help German
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{351512E5-01BD-E878-6F57-AA3E517D9ECE}" = Skins
"{354A387E-0374-21A3-6832-335674A6D7D1}" = CCC Help French
"{369B36BE-3D64-4641-9AEA-808D436FE132}" = Microsoft Picture It! Photo 7.0
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JMB36X Raid Configurer
"{3C00BEE9-26D0-D9E0-A2D1-62F70D412A12}" = CCC Help Turkish
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra
"{4346F7AA-3D56-0941-424C-4454E04D37F6}" = CCC Help Italian
"{445B183D-F4F1-45C8-B9DB-F11355CA657B}" = Windows Live Messenger
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AEEC5FF-0A75-4858-9B86-5144E0744AFD}" = Cheval Académie
"{4CAE2F2C-75CD-A0DE-7520-449BCBBCC833}" = CCC Help Korean
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57F7F0A5-8F22-8E63-E819-803B5C9CA3A5}" = CCC Help Dutch
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5EA437D2-7A57-B60E-E8F2-76BFAC0895A5}" = CCC Help Chinese Traditional
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{61AF4E75-050E-0304-3417-8BC16417FEB1}" = CCC Help Greek
"{632005DA-C291-5275-284C-5EE96B05C714}" = Catalyst Control Center HydraVision Full
"{64D114CE-4234-45C2-B60A-2B07D5A48F72}" = Microsoft Works 7.0
"{67CDD5A0-C572-4D2C-A354-6492B51F4138}" = SlimDrivers
"{6C72BE0C-3E25-CACD-0070-2FD9C02ABA14}" = ccc-core-preinstall
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72AD53CC-CCC0-3757-8480-9EE176866A7C}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{79438F1E-DEC3-443D-9DCD-FECE2D68C605}" = IL-2 Sturmovik 1946
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{880BB617-914E-17E8-D877-A96BAC5794D2}" = Catalyst Control Center Graphics Full New
"{8897CF22-DB6C-8248-895C-12BFA2677F51}" = CCC Help Hungarian
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{8ED43F7E-A8F6-4898-AF11-B6158F2EDF94}" = Epson Event Manager
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90120000-0010-040C-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (French) 12
"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007
"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-0014-0000-0000-0000000FF1CE}" = Microsoft Office Professional 2007
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{942E5031-2BD6-4C1B-918C-C8A1CBAE7B8C}" = Microsoft IntelliPoint 8.2
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A394342-4A68-4EBA-85A6-55B559F4E700}" = Microsoft .NET Framework 1.1 French Language Pack
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9FF9FDF7-F84A-4F99-B4BB-066B6F95F33D}" = Windows Live Contrôle parental
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC76BA86-7AD7-1036-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Français
"{AF710FDE-2815-8C8D-5281-8004C2654AA6}" = CCC Help Russian
"{AFF2D965-C6F2-A210-FBF7-532612AA1D23}" = CCC Help Swedish
"{B21336EE-4AEF-9940-4AC7-EDB89854B8D3}" = CCC Help Thai
"{B2D55EB8-32C5-4B43-9006-9E97DECBA178}" = Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)
"{B3B487E7-6171-4376-9074-B28082CEB504}" = Windows Live Call
"{B7DBF6E8-0D17-4BE4-853B-ACD6EFBD4A1F}" = iTunes
"{BBA69346-61A1-BD34-E75A-4D81232DB1FE}" = Catalyst Control Center Localization All
"{BBD3F66B-1180-4785-B679-3F91572CD3B4}_is1" = iolo technologies' System Mechanic Professional
"{BFD5ED08-F066-92D5-BE67-3B9AE5DCFF0C}" = CCC Help Japanese
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C4609F15-FB3C-D97E-BAA1-4F10815039C2}" = Catalyst Control Center Graphics Full Existing
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC452A50-5C87-4A1F-B295-445C3C69BF7D}" = NVIDIA MediaShield
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF59708F-60F4-11D5-866A-00A0D2183227}" = On2 VP3 Video for Windows Codec
"{D01FAC3D-86B4-3A19-9D10-9156A0EB3EBE}" = CCC Help Finnish
"{D73722C8-3F65-C75B-A631-5D36894DAB92}" = ccc-core-static
"{D7E7EC5E-4349-4E40-B37C-4342188B86EC}" = Monopoly
"{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live
"{DDAD33B6-8C00-428D-087B-A7088355B9BE}" = Catalyst Control Center Graphics Light
"{E333F074-FC7F-596D-3D61-44F0EC28E8C0}" = ccc-utility
"{E38D381A-ABCF-4D97-9D9C-B3A8529DCA15}" = OS Pack Works Suite
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F9000000-0018-0000-0000-074957833700}" = ABBYY FineReader 9.0 Sprint
"{F90D6825-8F1F-4E3A-9E42-A9C8A9DD1036}" = Nero 7 Essentials
"{FA38F9E4-BED7-E021-B660-8FDFF7EC6E1A}" = CCC Help Norwegian
"{FFF841F3-9A15-4F61-BD16-C19F132E5A27}" = Epson Easy Photo Print 2
"7-Zip" = 7-Zip 9.20
"ABBYY FineReader 9.0 Sprint" = ABBYY FineReader 9.0 Sprint
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Alexandra Ledermann 3 - Équitation Aventure" = Alexandra Ledermann 3 - Équitation Aventure
"All ATI Software" = ATI - Utilitaire de désinstallation du logiciel
"ATI Display Driver" = ATI Display Driver
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.13 (Unicode)
"avast" = avast! Free Antivirus
"CCleaner" = CCleaner
"DivX Setup" = Configuration DivX
"EPSON Scanner" = EPSON Scan
"EPSON SX440 Series" = EPSON SX440 Series Printer Uninstall
"FileHippo.com" = FileHippo.com Update Checker
"Freemake Video Converter_is1" = Freemake Video Converter version 3.0.1
"Google Chrome" = Google Chrome
"ie8" = Windows Internet Explorer 8
"InstallShield_{79438F1E-DEC3-443D-9DCD-FECE2D68C605}" = IL-2 Sturmovik 1946
"jv16 PowerTools 2011" = jv16 PowerTools 2011
"LAME for Audacity_is1" = LAME v3.98.3 for Audacity
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA
"Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2
"Mozilla Firefox 10.0 (x86 fr)" = Mozilla Firefox 10.0 (x86 fr)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NVIDIA Drivers" = NVIDIA Drivers
"PrintMusic! 2001 Fr" = PrintMusic! 2001 Fr
"PROR" = Microsoft Office Professional 2007
"Ride Equitation nouvelle génération_is1" = Ride Equitation nouvelle génération 1
"TomTom HOME" = TomTom HOME 2.8.3.2499
"VLC media player" = VLC media player 1.1.11
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Lecteur Windows Media 11
"Windows XP Service" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Installation Windows Live
"WinPcapInst" = WinPcap 4.1.1
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Works2003Setup" = Sélecteur d'installation de Microsoft Works Suite 2003
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 15/02/2012 10:01:58 | Computer Name = HERAUT-B3C7275D | Source = .NET Runtime Optimization Service | ID = 1103
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
- Tried to start a service that wasn't the latest version of CLR Optimization service.
Will shutdown

Error - 16/02/2012 05:52:53 | Computer Name = HERAUT-B3C7275D | Source = Family Safety Service | ID = 0
Description = IDCRL login failed. Error Code: 80048869 Username: '[email protected]'
Proxy:
'(null)' Proxy Bypass: '(null)' Environment: 'Production'

Error - 16/02/2012 05:52:55 | Computer Name = HERAUT-B3C7275D | Source = Application Error | ID = 1000
Description = Application défaillante alexandra ledermann 6.exe, version 2.0.0.0,
module défaillant alexandra ledermann 6.exe, version 2.0.0.0, adresse de défaillance
0x000042ec.

Error - 16/02/2012 05:53:30 | Computer Name = HERAUT-B3C7275D | Source = Family Safety Service | ID = 0
Description = IDCRL login failed (second attempt). Error Code: 80048869 Username:
'[email protected]' Proxy: '(null)' Proxy Bypass: '(null)' Environment:
'Production'

Error - 18/02/2012 09:37:00 | Computer Name = HERAUT-B3C7275D | Source = Family Safety Service | ID = 0
Description = IDCRL login failed. Error Code: 80048869 Username: '[email protected]'
Proxy:
'(null)' Proxy Bypass: '(null)' Environment: 'Production'

Error - 18/02/2012 09:37:37 | Computer Name = HERAUT-B3C7275D | Source = Family Safety Service | ID = 0
Description = IDCRL login failed (second attempt). Error Code: 80048869 Username:
'[email protected]' Proxy: '(null)' Proxy Bypass: '(null)' Environment:
'Production'

Error - 26/02/2012 13:37:00 | Computer Name = HERAUT-B3C7275D | Source = Family Safety Service | ID = 0
Description = IDCRL login failed. Error Code: 80048869 Username: '[email protected]'
Proxy:
'(null)' Proxy Bypass: '(null)' Environment: 'Production'

Error - 26/02/2012 13:37:37 | Computer Name = HERAUT-B3C7275D | Source = Family Safety Service | ID = 0
Description = IDCRL login failed (second attempt). Error Code: 80048869 Username:
'[email protected]' Proxy: '(null)' Proxy Bypass: '(null)' Environment:
'Production'

Error - 27/02/2012 08:02:13 | Computer Name = HERAUT-B3C7275D | Source = Family Safety Service | ID = 0
Description = IDCRL login failed. Error Code: 80048869 Username: '[email protected]'
Proxy:
'(null)' Proxy Bypass: '(null)' Environment: 'Production'

Error - 27/02/2012 08:02:50 | Computer Name = HERAUT-B3C7275D | Source = Family Safety Service | ID = 0
Description = IDCRL login failed (second attempt). Error Code: 80048869 Username:
'[email protected]' Proxy: '(null)' Proxy Bypass: '(null)' Environment:
'Production'

[ System Events ]
Error - 26/02/2012 13:43:34 | Computer Name = HERAUT-B3C7275D | Source = nvgts | ID = 262153
Description = Le périphérique \Device\Scsi\nvgts1 n'a pas répondu dans le délai
imparti.

Error - 26/02/2012 13:43:34 | Computer Name = HERAUT-B3C7275D | Source = nvgts | ID = 262149
Description = Une erreur de parité a été détectée sur \Device\Scsi\nvgts1.

Error - 26/02/2012 14:01:00 | Computer Name = HERAUT-B3C7275D | Source = DCOM | ID = 10005
Description = DCOM a reçu l'erreur "%1058" lors de la mise en route du service upnphost
avec les arguments "" pour démarrer le serveur : {204810B9-73B2-11D4-BF42-00B0D0118B56}

Error - 26/02/2012 14:02:25 | Computer Name = HERAUT-B3C7275D | Source = DCOM | ID = 10005
Description = DCOM a reçu l'erreur "%1058" lors de la mise en route du service upnphost
avec les arguments "" pour démarrer le serveur : {204810B9-73B2-11D4-BF42-00B0D0118B56}

Error - 27/02/2012 06:31:36 | Computer Name = HERAUT-B3C7275D | Source = DCOM | ID = 10005
Description = DCOM a reçu l'erreur "%1058" lors de la mise en route du service upnphost
avec les arguments "" pour démarrer le serveur : {204810B9-73B2-11D4-BF42-00B0D0118B56}

Error - 27/02/2012 06:33:56 | Computer Name = HERAUT-B3C7275D | Source = DCOM | ID = 10005
Description = DCOM a reçu l'erreur "%1058" lors de la mise en route du service upnphost
avec les arguments "" pour démarrer le serveur : {204810B9-73B2-11D4-BF42-00B0D0118B56}

Error - 27/02/2012 06:35:15 | Computer Name = HERAUT-B3C7275D | Source = DCOM | ID = 10005
Description = DCOM a reçu l'erreur "%1058" lors de la mise en route du service upnphost
avec les arguments "" pour démarrer le serveur : {204810B9-73B2-11D4-BF42-00B0D0118B56}

Error - 27/02/2012 06:36:36 | Computer Name = HERAUT-B3C7275D | Source = DCOM | ID = 10005
Description = DCOM a reçu l'erreur "%1058" lors de la mise en route du service upnphost
avec les arguments "" pour démarrer le serveur : {204810B9-73B2-11D4-BF42-00B0D0118B56}

Error - 27/02/2012 06:41:11 | Computer Name = HERAUT-B3C7275D | Source = DCOM | ID = 10005
Description = DCOM a reçu l'erreur "%1058" lors de la mise en route du service upnphost
avec les arguments "" pour démarrer le serveur : {204810B9-73B2-11D4-BF42-00B0D0118B56}

Error - 27/02/2012 06:51:31 | Computer Name = HERAUT-B3C7275D | Source = DCOM | ID = 10005
Description = DCOM a reçu l'erreur "%1058" lors de la mise en route du service upnphost
avec les arguments "" pour démarrer le serveur : {204810B9-73B2-11D4-BF42-00B0D0118B56}


< End of report >
SkyTech

Re: "blocage" de xp

par SkyTech »

Fais quand même :
Tape sur entrée , dans une fenêtre noir il va te demander si tu veut le faire au redémarrage, tape o (oui), tape sur entrée et redémarre, au redémarrage un écran bleu va s'afficher avec étape 1 sur 5... , c'est normal, il va rester pendant 1h ou 2h.

&

Télécharge Report_CHDSK.exe de Laddy sur ton bureau
Double-Clic dessus pour l'exécuter.
Le rapport va s'ouvrir dans le bloc-note.
Si ce n'est pas le cas, le rapport nommé RapportCHK_DD-MM-AAAA.txt se trouve sur ton bureau.
Poste-le dans ta prochaine réponse.
gh78

Re: "blocage" de xp

par gh78 »

argh, j'aurais préféré éviter le complet, mais bon... j'ais essayer de voir quand je peux obtenir l'ordi et j'te fait ça
SkyTech

Re: "blocage" de xp

par SkyTech »

Bon j'avais pas fais gaffe mais tu es infecté /:
========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\WINDOWS\$NtUninstallKB5171$] -> Error: Cannot create file handle -> Unknown point type
https://www.malekal.com/tag/zeroaccess/

Désactive les logiciels de protection (Antivirus, Antispywares) puis :

Télécharge Combofix sUBs : combofix.exe et sauvegarde le sur ton bureau et pas ailleurs!

Double-clic sur combofix, accepte la licence d’utilisation et laisse toi guider.

Eventuellement, installe la console de récupération comme cela est conseillé

Attends que combofix ait terminé, un rapport sera créé. Poste le rapport.

Tu as le tutorial sur ce lien pour t’aider : http://www.bleepingcomputer.com/combofi ... r-combofix

PS : si Combofix ne se lance pas, renomme le fichier Combofix et retente.

Si pas mieux, tente en en mode sans échec avec prise en charge du réseau du réseau : Redémarre en mode sans échec, pour cela, redémarre l’ordinateur, avant le logo Windows, tapote sur la touche F8, un menu va apparaître, choisis Mode sans échec avec prise en charge du réseau et appuye sur la touche entrée du clavier.
gh78

Re: "blocage" de xp

par gh78 »

exact, reste d'une ancienne infection supprimé avec mbam, (j'vais téléchargé une version vérolé de vlc, j'étais allé trop vite et pas encore réinstallé l'AV, honte à moi :oops: )

j'ai lancé le chdsk, j vois ça après ;)
gh78

Re: "blocage" de xp

par gh78 »

donc voici la suite :
RapportCHK_27-02-2012


Report_CHKDSK v1.0 BY Laddy
Début le 27/02/2012 à 15:09:53.
OS : Microsoft Windows XP Service Pack 3
Utilisateur Guillaume : Administrateur
Lancement: C:\Documents and Settings\Guillaume\Bureau\Report_CHKDSK.exe


########## [EVENTLOG CHKDSK]


SourceName = Winlogon
TimeGenerated = 27/02/2012 15:06:38
Message = Vérification du système de fichiers sur C:
Le type du système de fichiers est NTFS.

Une vérification de disque a été planifiée.
Windows va maintenant vérifier le disque.
Nettoyage en cours de petites incohérences sur le lecteur.
Nettoyage en cours de 115 entrées d'index inutilisées à partir de l'index $SII du fichier 0x9.
Nettoyage en cours de 115 entrées d'index inutilisées à partir de l'index $SDH du fichier 0x9.
Nettoyage en cours de 115 descripteurs de sécurité non utilisés.
CHKDSK vérifie le journal USN...
Vérification du journal USN terminée.
CHKDSK est en train de vérifier les données du fichier (étape 4 de 5)...
La vérification des données du fichier est terminée.
CHKDSK est en train de vérifier l'espace libre (étape 5 de 5)...
La vérification de l'espace libre est terminée.

156280288 Ko d'espace disque au total.
62927364 Ko dans 107152 fichiers.
40016 Ko dans 14562 index.
0 Ko dans des secteurs défectueux.
378948 Ko utilisés par le système.
65536 Ko occupés par le fichier journal.
92933960 Ko disponibles sur le disque.

4096 octets dans chaque unité d'allocation.
39070072 unités d'allocation au total sur le disque.
23233490 unités d'allocation disponibles sur le disque.

Informations internes :
c0 07 02 00 7d db 01 00 64 d5 02 00 00 00 00 00 ....}...d.......
17 0a 00 00 09 00 00 00 a2 06 00 00 00 00 00 00 ................
1c b6 97 09 00 00 00 00 a2 d7 21 55 00 00 00 00 ..........!U....
c2 61 bc 10 00 00 00 00 2a de d7 61 04 00 00 00 .a......*..a....
b8 8b 19 03 04 00 00 00 ea 14 e0 e5 08 00 00 00 ................
50 25 c1 7d 00 00 00 00 18 38 07 00 90 a2 01 00 P%.}.....8......
00 00 00 00 00 10 c8 00 0f 00 00 00 e2 38 00 00 .............8..

Windows a terminé la vérification de votre disque.
Veuillez patienter pendant le redémarrage de votre ordinateur.


###########################################################################

SourceName = Winlogon
TimeGenerated = 22/01/2012 20:19:53
Message = Vérification du système de fichiers sur C:
Le type du système de fichiers est NTFS.


Une vérification de disque a été planifiée.
Windows va maintenant vérifier le disque.
Nettoyage en cours de petites incohérences sur le lecteur.
Nettoyage en cours de 789 entrées d'index inutilisées à partir de l'index $SII du fichier 0x9.
Nettoyage en cours de 789 entrées d'index inutilisées à partir de l'index $SDH du fichier 0x9.
Nettoyage en cours de 789 descripteurs de sécurité non utilisés.
CHKDSK vérifie le journal USN...
Vérification du journal USN terminée.

156280288 Ko d'espace disque au total.
58059404 Ko dans 97703 fichiers.
36444 Ko dans 13584 index.
0 Ko dans des secteurs défectueux.
365096 Ko utilisés par le système.
65536 Ko occupés par le fichier journal.
97819344 Ko disponibles sur le disque.

4096 octets dans chaque unité d'allocation.
39070072 unités d'allocation au total sur le disque.
24454836 unités d'allocation disponibles sur le disque.

Informations internes :
c0 07 02 00 c2 b2 01 00 4b 8f 02 00 00 00 00 00 ........K.......
13 09 00 00 09 00 00 00 30 09 00 00 00 00 00 00 ........0.......
8a b7 78 09 00 00 00 00 d4 28 98 56 00 00 00 00 ..x......(.V....
4e 42 66 13 00 00 00 00 00 00 00 00 00 00 00 00 NBf.............
00 00 00 00 00 00 00 00 d0 95 65 84 00 00 00 00 ..........e.....
00 62 c0 7d 00 00 00 00 18 38 07 00 a7 7d 01 00 .b.}.....8...}..
00 00 00 00 00 30 aa d7 0d 00 00 00 10 35 00 00 .....0.......5..

Windows a terminé la vérification de votre disque.
Veuillez patienter pendant le redémarrage de votre ordinateur.


###########################################################################



########## ENDOF 15:09:56
gh78

Re: "blocage" de xp

par gh78 »

et combofix


ComboFix 12-02-25.02 - Guillaume 27/02/2012 15:31:35.1.2 - x86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.2046.1643 [GMT 1:00]
Lancé depuis: c:\documents and settings\Guillaume\Bureau\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Guillaume\Application Data\cacaoweb
c:\documents and settings\Guillaume\Application Data\cacaoweb\downloadZACKEXTG1070036754.cacao
c:\documents and settings\Guillaume\Application Data\cacaoweb\npdfile.dat
c:\documents and settings\Guillaume\Application Data\cacaoweb\storage.db
c:\program files\Downloaded Installers
c:\program files\Downloaded Installers\{67cdd5a0-c572-4d2c-a354-6492b51f4138}\setup.msi
c:\windows\$NtUninstallKB5171$
c:\windows\$NtUninstallKB5171$\1039742116
c:\windows\$NtUninstallKB5171$\2260495728\@
c:\windows\$NtUninstallKB5171$\2260495728\L\mhkrfybf
c:\windows\$NtUninstallKB5171$\2260495728\U\$00000001
c:\windows\$NtUninstallKB5171$\2260495728\U\$000000c0
c:\windows\$NtUninstallKB5171$\2260495728\U\$000000cb
c:\windows\$NtUninstallKB5171$\2260495728\U\$000000cf
c:\windows\$NtUninstallKB5171$\2260495728\U\$80000000
c:\windows\$NtUninstallKB5171$\2260495728\U\$800000c0
c:\windows\$NtUninstallKB5171$\2260495728\U\$800000cb
c:\windows\$NtUninstallKB5171$\2260495728\U\$800000cf
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2012-01-27 au 2012-02-27 ))))))))))))))))))))))))))))))))))))
.
.
2012-02-27 12:06 . 2012-02-27 12:06 512 ----a-w- C:\PhysicalMBR.bin
2012-02-20 13:59 . 2012-02-20 13:59 -------- d-----w- c:\windows\Sun
2012-02-15 13:38 . 2012-01-11 19:06 3072 -c----w- c:\windows\system32\dllcache\iacenc.dll
2012-02-15 13:38 . 2012-01-11 19:06 3072 ------w- c:\windows\system32\iacenc.dll
2012-02-11 18:03 . 2012-02-11 18:03 -------- d-----w- c:\documents and settings\Papa Maman\Local Settings\Application Data\Identities
2012-02-11 17:57 . 2003-02-27 15:12 696320 ----a-w- c:\program files\Fichiers communs\InstallShield\Professional\RunTime\0701\Intel32\iKernel.dll
2012-02-11 17:57 . 2002-12-05 13:10 155648 ----a-w- c:\program files\Fichiers communs\InstallShield\Professional\RunTime\0701\Intel32\iuser.dll
2012-02-11 17:57 . 2002-12-02 14:22 5632 ----a-w- c:\program files\Fichiers communs\InstallShield\Professional\RunTime\0701\Intel32\DotNetInstaller.exe
2012-02-11 17:57 . 2002-12-02 12:33 57344 ----a-w- c:\program files\Fichiers communs\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll
2012-02-11 17:57 . 2002-12-02 12:33 237568 ----a-w- c:\program files\Fichiers communs\InstallShield\Professional\RunTime\0701\Intel32\iscript.dll
2012-02-11 17:57 . 2012-02-11 17:57 282756 ----a-w- c:\program files\Fichiers communs\InstallShield\Professional\RunTime\0701\Intel32\setup.dll
2012-02-11 17:57 . 2012-02-11 17:57 163972 ----a-w- c:\program files\Fichiers communs\InstallShield\Professional\RunTime\0701\Intel32\iGdi.dll
2012-02-10 18:22 . 2012-02-10 18:22 -------- d-----w- c:\documents and settings\Guillaume\Local Settings\Application Data\OCCT
2012-02-09 16:34 . 2012-02-09 16:34 -------- d-----w- c:\program files\Fichiers communs\DirectX
2012-02-09 16:30 . 2012-02-09 16:30 409600 ----a-w- c:\windows\system32\wrap_oal.dll
2012-02-09 16:30 . 2012-02-09 16:30 114688 ----a-w- c:\windows\system32\OpenAL32.dll
2012-02-09 14:39 . 2012-02-09 14:39 -------- d-----w- c:\program files\On2 Technologies
2012-02-09 14:39 . 2002-02-14 10:48 446464 ----a-w- c:\windows\system32\vp31vfw.dll
2012-02-09 14:35 . 2004-10-22 01:17 69715 ----a-w- c:\program files\Fichiers communs\InstallShield\Professional\RunTime\10\50\Intel32\ctor.dll
2012-02-09 14:35 . 2004-10-22 01:17 274432 ----a-w- c:\program files\Fichiers communs\InstallShield\Professional\RunTime\10\50\Intel32\iscript.dll
2012-02-09 14:35 . 2004-10-22 01:16 180224 ----a-w- c:\program files\Fichiers communs\InstallShield\Professional\RunTime\10\50\Intel32\iuser.dll
2012-02-09 14:35 . 2004-10-22 01:16 5632 ----a-w- c:\program files\Fichiers communs\InstallShield\Professional\RunTime\10\50\Intel32\DotNetInstaller.exe
2012-02-09 14:35 . 2012-02-09 14:35 192644 ----a-w- c:\program files\Fichiers communs\InstallShield\Professional\RunTime\10\50\Intel32\iGdi.dll
2012-02-09 14:35 . 2004-10-22 01:18 749568 ----a-w- c:\program files\Fichiers communs\InstallShield\Professional\RunTime\10\50\Intel32\iKernel.dll
2012-02-09 14:35 . 2012-02-09 14:35 323716 ----a-w- c:\program files\Fichiers communs\InstallShield\Professional\RunTime\10\50\Intel32\setup.dll
2012-02-09 13:45 . 2012-02-09 13:45 -------- d-----w- c:\program files\PAN vision
2012-02-09 13:44 . 1998-10-07 12:08 327168 ----a-w- c:\windows\IsUn040c.exe
2012-02-06 14:00 . 2012-02-06 14:00 -------- d--h--r- c:\documents and settings\Tiphaine\Application Data\SecuROM
2012-02-05 11:42 . 2012-02-05 11:42 -------- d--h--r- c:\documents and settings\Boulot lolo\Application Data\SecuROM
2012-02-05 10:02 . 2012-02-05 16:33 45016 ----a-w- c:\program files\Mozilla Firefox\mozutils.dll
2012-02-05 10:02 . 2012-02-05 10:02 626688 ----a-w- c:\program files\Mozilla Firefox\msvcr80.dll
2012-02-05 10:02 . 2012-02-05 10:02 548864 ----a-w- c:\program files\Mozilla Firefox\msvcp80.dll
2012-02-05 10:02 . 2012-02-05 10:02 479232 ----a-w- c:\program files\Mozilla Firefox\msvcm80.dll
2012-02-04 21:48 . 2012-02-04 21:48 -------- d-----w- c:\documents and settings\Papa Maman\Local Settings\Application Data\ABBYY
2012-02-04 17:19 . 2012-02-04 17:19 -------- d-----w- c:\documents and settings\Papa Maman\Application Data\EPSON
2012-01-28 18:10 . 2012-01-28 18:10 -------- d-----w- c:\documents and settings\Boulot lolo\Local Settings\Application Data\TomTom
2012-01-28 18:10 . 2012-01-28 18:10 -------- d-----w- c:\documents and settings\Boulot lolo\Application Data\TomTom
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-23 19:03 . 2012-01-23 19:03 98304 ----a-w- c:\windows\system32\CmdLineExt.dll
2012-01-12 17:20 . 2006-03-02 12:00 1860096 ----a-w- c:\windows\system32\win32k.sys
2012-01-06 10:51 . 2011-11-05 18:44 29696 ----a-w- c:\windows\system32\iolobtdfg.exe
2012-01-06 10:51 . 2011-11-05 18:44 11776 ----a-w- c:\windows\system32\smrgdf.exe
2012-01-06 10:29 . 2011-11-05 18:45 2083464 ----a-w- c:\windows\system32\Incinerator32.dll
2011-12-30 10:11 . 2011-10-24 13:29 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-12-17 21:15 . 2011-12-17 21:15 279712 ----a-w- c:\windows\system32\drivers\atksgt.sys
2011-12-17 21:15 . 2011-12-17 21:15 25888 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2011-12-17 19:43 . 2006-03-02 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2011-12-17 19:43 . 2006-03-02 12:00 43520 ------w- c:\windows\system32\licmgr10.dll
2011-12-17 19:43 . 2006-03-02 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-12-16 12:22 . 2006-03-02 12:00 385024 ------w- c:\windows\system32\html.iec
2012-02-05 16:33 . 2011-11-10 21:46 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2000-01-01 1821576]
"fssui"="c:\program files\Windows Live\Family Safety\fsui.exe" [2010-04-28 647528]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ioloSystemService]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\windows\system32\dumprep 0 -k [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-01-03 07:37 843712 ----a-w- c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2011-11-01 22:25 59240 ----a-w- c:\program files\Fichiers communs\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2008-01-22 09:13 152872 ----a-w- c:\program files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2011-07-28 23:08 1259376 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EEventManager]
2010-10-12 11:56 979328 ----a-w- c:\program files\EPSON Software\Event Manager\EEventManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2011-12-08 00:36 421736 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\JMB36X Configure]
2006-10-30 12:44 1953792 ------r- c:\windows\system32\JMRaidSetup.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\JMB36X IDE Setup]
2006-10-30 12:44 36864 ------r- c:\windows\JM\JMInsIDE.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Works Update Detection]
2002-07-18 15:36 28672 ----a-w- c:\program files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2008-05-28 06:27 570664 ----a-w- c:\program files\Fichiers communs\Ahead\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NVRaidService]
2010-04-09 00:42 163944 ----a-w- c:\program files\NVIDIA Corporation\Raid\nvraidservice.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAX]
2006-07-13 05:12 729088 ------w- c:\program files\Analog Devices\SoundMAX\SMax4.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
2006-12-18 19:34 868352 ----a-r- c:\program files\Analog Devices\Core\smax4pnp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
2010-02-10 21:32 61440 ----a-w- c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2011-06-09 11:06 254696 ----a-w- c:\program files\Fichiers communs\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
2012-01-23 04:43 247728 ----a-w- c:\program files\TomTom HOME 2\TomTomHOMERunner.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Fichiers communs\\Ahead\\Nero Web\\SetupX.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\EPSON Software\\Event Manager\\EEventManager.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\Fichiers communs\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Ubisoft\\IL-2 Sturmovik 1946\\il2fb.exe"=
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [24/10/2011 12:48 435032]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [24/10/2011 12:48 314456]
R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files\Fichiers communs\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [14/05/2009 16:07 759048]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [24/10/2011 12:48 20568]
R2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [27/01/2010 03:09 50704]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [23/01/2012 05:43 92592]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18/03/2010 12:16 130384]
S3 FreemakeVideoCapture;FreemakeVideoCapture;c:\program files\Freemake\CaptureLib\CaptureLibService.exe [27/11/2011 22:15 8704]
S3 gupdatem;Service Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [24/10/2011 15:14 136176]
S3 ioloSystemService;iolo System Service;c:\program files\iolo\Common\Lib\ioloServiceManager.exe [05/11/2011 19:45 722616]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18/03/2010 12:16 753504]
S4 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [24/10/2011 15:14 136176]
.
Contenu du dossier 'Tâches planifiées'
.
2012-02-27 c:\windows\Tasks\User_Feed_Synchronization-{AE2EB561-FD14-4A6E-BBDB-1DDA21F9B7FE}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 02:31]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr/
uInternet Settings,ProxyOverride = *.local
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{10FB2B7B-9F03-4ED8-9D4A-FBF76356EE6C}: NameServer = 8.8.8.8
TCP: Interfaces\{B2C750A3-D2DD-4997-AE09-B8E628D060B0}: NameServer = 8.8.8.8
FF - ProfilePath - c:\documents and settings\Guillaume\Application Data\Mozilla\Firefox\Profiles\iceyz51c.default\
.
.
------- Associations de fichier -------
.
JSEFile=NOTEPAD.EXE %1
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-02-27 15:47
Windows 5.1.2600 Service Pack 3 NTFS
.
Recherche de processus cachés ...
.
Recherche d'éléments en démarrage automatique cachés ...
.
Recherche de fichiers cachés ...
.
Scan terminé avec succès
Fichiers cachés: 0
.
**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_USERS\S-1-5-21-57989841-1965331169-725345543-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:b0,d5,ca,ee,ce,8a,d7,1f,2b,44,14,04,29,9e,60,cf,eb,67,c5,8f,c8,2f,db,
35,03,7b,b9,28,cb,dc,26,ff,ab,99,69,4c,e0,11,c9,d2,88,5d,54,31,0c,5a,d8,b0,\
"??"=hex:4d,52,66,ed,82,f1,09,c5,f9,d4,d2,57,ba,69,c6,a6
.
--------------------- DLLs chargées dans les processus actifs ---------------------
.
- - - - - - - > 'explorer.exe'(1620)
c:\windows\system32\msi.dll
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\system32\eappprxy.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Windows Live\Family Safety\fsssvc.exe
c:\windows\system32\tcpsvcs.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Heure de fin: 2012-02-27 15:51:40 - La machine a redémarré
ComboFix-quarantined-files.txt 2012-02-27 14:51
.
Avant-CF: 95 332 397 056 octets libres
Après-CF: 96 361 652 224 octets libres
.
WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect
.
- - End Of File - - 7F81B61DED1334ED7221136D9885E398


J'ai été étonnée de voir que cacaoweb étais considéré comme un nuisible, et j'aurais du mieux le nettoyer :/
gh78

Re: "blocage" de xp

par gh78 »

triple post dsl

Comment désinstaller la console que combofix à installé, car impossible de supprimer le dossier cmdcons, tous les fichiers sont protégés, même en mode sans échec et par le cmd admin :/
SkyTech

Re: "blocage" de xp

par SkyTech »

Comment désinstaller la console que combofix à installé, car impossible de supprimer le dossier cmdcons, tous les fichiers sont protégés, même en mode sans échec et par le cmd admin :/
Laisse-la, elle peut servir ;)

Quand est-il du problème initial ?
gh78

Re: "blocage" de xp

par gh78 »

ben je peux pas te dire pour l'insatnt vu que ça arrive de manière aléatoire :/

je vais voir ce qu'il en est dans le prochain mois, merci^^
  • Sujets similaires
    Réponses
    Vues
    Dernier message

Revenir à « Accélérer Windows et problème de lenteur PC »