Bonjour je vous écrit ce matin car après avoir parcouru certain forum et étant resté sans réponse j'ai trouvé le votre en voyant beaucoup d'entraide.
Alors je m'explique j'ai un ras le bol, mon pc plante au démarrage pendant 20 à 30min sauf quand j'enlève rtvscan.exe dans gestionnaire des tâches et processus... Mon plantage au départ serais donc du à ça...
Que dois-je faire ? Un rapport ?
Merci d'avance et bonne journée.
Pc qui plante au départ
Modérateur : Mods Windows
- Messages : 32089
- Inscription : 28 févr. 2008 13:58
- Localisation : Breizhilienne
Re: Pc qui plante au départ
rtvscan.exe est un exécutable du Symantec Internet Security suite
Avec Gnu_Linux t'as un Noyau ... avec Ѡindows t'as que les pépins
https://helicium.altervista.org/
Supprimer les "virus" gratuitement http://www.supprimer-trojan.com/
Un p'tit Don à Angélique
Merci.
https://helicium.altervista.org/
Supprimer les "virus" gratuitement http://www.supprimer-trojan.com/
Un p'tit Don à Angélique
Merci.Re: Pc qui plante au départ
En effet, je crois que c'est une analyse de démarrage qui normalement dure 1 à 2 min mais mon pc est apparement infecté ce qui fait buguer l'analyse jusqu'à attendre 30min
- Messages : 32089
- Inscription : 28 févr. 2008 13:58
- Localisation : Breizhilienne
Re: Pc qui plante au départ
On peut regarder si tu veux !
- Téléchargez OTL scr sur votre Bureau.
- Faites un double clic sur l'icône pour le lancer (clic droit executer en tant qu'administrateur sous vista|seven). Vérifiez que toutes les autres fenêtres sont fermées afin qu'il s'exécute sans interruption.
- Quand la fenêtre apparaît, sous Rapport en haut, cochez Rapport minimal, ainsi que all users
- Sous Registre: standard cochez Tous.
- Cochez les cases à coté de Recherche Lop et Recherche Purity.
- Copies et colles le contenue de cette citation dans la partie inférieure d'OTL sous "Personalisation":
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%SYSTEMDRIVE%\*.exe
/md5start
services.exe
explorer.exe
userinit.exe
winlogon.exe
wininit.exe
atapi.sys
afd.sys
ipsec.sys
netbt.sys
tcpip.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
CREATERESTOREPOINT - Cliquez sur le bouton Analyse. Ne modifiez aucun paramètre sans qu'on vous ait dit de le faire. L'analyse ne va pas durer longtemps.
- Quand l'analyse est terminée, deux fenêtres du Bloc-notes vont s'ouvrir. OTL.Txt et Extras.Txt. Ces fichiers sont sauvegardés au même endroit que OTL.
- Veuillez copier (Edition->Sélectionner tout, Edition->Copier) le contenu de ces fichiers, l'un après l'autre, et envoyez-les dans votre prochaine réponse.
- Si ton rapport est trop long, utilise le site http://pjjoint.malekal.com/ ou http://www.ci-joint.fr pour envoyer ton rapport, et poste le lien dans ta prochaine réponse pour analyse
tuto : https://www.malekal.com/tutorial_OTL.php
Avec Gnu_Linux t'as un Noyau ... avec Ѡindows t'as que les pépins
https://helicium.altervista.org/
Supprimer les "virus" gratuitement http://www.supprimer-trojan.com/
Un p'tit Don à Angélique Merci.
https://helicium.altervista.org/
Supprimer les "virus" gratuitement http://www.supprimer-trojan.com/
Un p'tit Don à Angélique
Merci.Re: Pc qui plante au départ
Alors voilà le Extras.Txt :
http://pjjoint.malekal.com/files.php?id ... w5i8k13o11
Et le Olt.Txt :OTL Extras logfile created on: 21/10/2012 13:10:25 - Run 1
OTL by OldTimer - Version 3.2.70.1 Folder = C:\Documents and Settings\Assistant.BARRE-SBS\Bureau
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
2,99 Gb Total Physical Memory | 1,58 Gb Available Physical Memory | 52,91% Memory free
4,83 Gb Paging File | 3,42 Gb Available in Paging File | 70,68% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298,08 Gb Total Space | 229,84 Gb Free Space | 77,11% Space Free | Partition Type: NTFS
Drive S: | 139,69 Gb Total Space | 9,55 Gb Free Space | 6,84% Space Free | Partition Type: NTFS
Computer Name: PC-BARRE05 | User Name: Assistant | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
[HKEY_USERS\S-1-5-21-1620225293-1852270544-2216174193-1152\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Unable to open value key File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Unable to open value key
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Unable to open value key
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\AuthorizedApplications]
"Enabled" = 1
"AllowUserPrefMerge" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe:*:Enabled:Remote Assistance" = %windir%\system32\sessmgr.exe:*:Enabled:Remote Assistance -- (Microsoft Corporation)
"%windir%\PCHealth\HelpCtr\Binaries\Helpsvc.exe:*:Enabled::Offer Remote Assistance" = %windir%\PCHealth\HelpCtr\Binaries\Helpsvc.exe:*:Enabled:Offer Remote Assistance -- (Microsoft Corporation)
"%windir%\PCHealth\HelpCtr\Binaries\Helpctr.exe:*:Enabled:Remote Assistance - Windows Messenger and Voice" = %windir%\PCHealth\HelpCtr\Binaries\Helpctr.exe:*:Enabled:Remote Assistance - Windows Messenger and Voice -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\GloballyOpenPorts]
"Enabled" = 1
"AllowUserPrefMerge" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\GloballyOpenPorts\List]
"135:TCP:*:Enabled:Offer Remote Assistance - Port" = 135:TCP:*:Enabled:Offer Remote Assistance - Port
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\RemoteAdminSettings]
"Enabled" = 1
"RemoteAddresses" = localsubnet
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\Services]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\Services\FileAndPrint]
"Enabled" = 1
"RemoteAddresses" = localsubnet
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\Services\RemoteDesktop]
"Enabled" = 1
"RemoteAddresses" = localsubnet
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\AuthorizedApplications]
"AllowUserPrefMerge" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\GloballyOpenPorts]
"AllowUserPrefMerge" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\@Last Software\SketchUp 5\SketchUp.exe" = C:\Program Files\@Last Software\SketchUp 5\SketchUp.exe:*:Enabled:SketchUp Application -- (@Last Software, Inc.)
"C:\WINDOWS\system32\msiexec.exe" = C:\WINDOWS\system32\msiexec.exe:*:Enabled:Windows® installer -- (Microsoft Corporation)
"C:\Program Files\Hewlett-Packard\HP Deskjet 9800 Series\Toolbox\HPWQTBX.exe" = C:\Program Files\Hewlett-Packard\HP Deskjet 9800 Series\Toolbox\HPWQTBX.exe:*:Enabled:Toolbox for HP Printing System for Windows -- (Hewlett-Packard Company)
"C:\WINDOWS\system32\fxsclnt.exe" = C:\WINDOWS\system32\fxsclnt.exe:*:Enabled:Microsoft Fax Console -- (Microsoft Corporation)
"C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- (Microsoft Corporation)
"\\sbs2k3\commun\Thierry\Updater5\AdobeUpdater\Dofus-Private\Dofus Engine.exe" = \\sbs2k3\commun\Thierry\Updater5\AdobeUpdater\Dofus-Private\Dofus Engine.exe:*:Enabled:Dofus Engine
"C:\Program Files\Internet Explorer\iexplore.exe" = C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer -- (Microsoft Corporation)
"C:\Documents and Settings\TBARRE\Local Settings\Temporary Internet Files\Content.IE5\WRN68PIH\NTRsupport[1].exe" = C:\Documents and Settings\TBARRE\Local Settings\Temporary Internet Files\Content.IE5\WRN68PIH\NTRsupport[1].exe:*:Enabled:NTRsupport
"C:\WINDOWS\system32\muzapp.exe" = C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player -- (Musiccity Co.Ltd.)
"C:\Documents and Settings\Stagiaire\Local Settings\Temporary Internet Files\Content.IE5\0CNHH1CQ\NTRsupportProRC[1].exe" = C:\Documents and Settings\Stagiaire\Local Settings\Temporary Internet Files\Content.IE5\0CNHH1CQ\NTRsupportProRC[1].exe -- (Net Transmit & Receive)
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"C:\Romustrike 1.5.5\romustrike.exe" = C:\Romustrike 1.5.5\romustrike.exe:*:Enabled:romustrike
"C:\WINDOWS\system32\dpnsvr.exe" = C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server -- (Microsoft Corporation)
"C:\Program Files\Disney Interactive\Dofus\Dofus.exe" = C:\Program Files\Disney Interactive\Dofus\Dofus.exe:*:Enabled:Dofus.exe
"\\SRV-BARRE\RedirectedFolders\Assistant\My Documents\Downloads\Power-Emu\Core\PowerEmu.exe" = \\SRV-BARRE\RedirectedFolders\Assistant\My Documents\Downloads\Power-Emu\Core\PowerEmu.exe:*:Enabled:PowerEmu.exe
"\\Srv-barre\RedirectedFolders\Assistant\My Documents\Downloads\Realm\MyVemu - RealmServer.exe" = \\Srv-barre\RedirectedFolders\Assistant\My Documents\Downloads\Realm\MyVemu - RealmServer.exe:*:Enabled:MyVemu - RealmServer.exe
"F:\Perso\Serveur\wamp\bin\apache\Apache2.2.11\bin\httpd.exe" = F:\Perso\Serveur\wamp\bin\apache\Apache2.2.11\bin\httpd.exe:*:Enabled:Apache HTTP Server
"C:\Program Files\TeamViewer\Version6\TeamViewer.exe" = C:\Program Files\TeamViewer\Version6\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application
"C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe" = C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service
"C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe" = C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe:*:Enabled:NEXON_EU_Downloader_Engine
"C:\Documents and Settings\All Users\Application Data\NexonEU\NGM\NGM.exe" = C:\Documents and Settings\All Users\Application Data\NexonEU\NGM\NGM.exe:*:Enabled:Nexon Game Manager
"C:\Program Files\Disney Interactive\Romustrike 1.5.7\romustrike.exe" = C:\Program Files\Disney Interactive\Romustrike 1.5.7\romustrike.exe:*:Enabled:romustrike
"C:\Nexon\Combat Arms EU\CombatArms.exe" = C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe
"C:\Nexon\Combat Arms EU\NMService.exe" = C:\Nexon\Combat Arms EU\NMService.exe:*:Enabled:Nexon Messenger Core
"C:\WINDOWS\Temp\~os19.tmp\rlvknlg.exe" = C:\WINDOWS\Temp\~os19.tmp\rlvknlg.exe:*:Enabled:rlvknlg.exe
"C:\Documents and Settings\Assistant.BARRE-SBS\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" = C:\Documents and Settings\Assistant.BARRE-SBS\Local Settings\Application Data\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome -- (Google Inc.)
"c:\program files\relevantknowledge\rlvknlg.exe" = c:\program files\relevantknowledge\rlvknlg.exe:*:Enabled:rlvknlg.exe
"C:\WINDOWS\system32\mstsc.exe" = C:\WINDOWS\system32\mstsc.exe:*:Enabled:Remote Desktop Connection -- (Microsoft Corporation)
"C:\Program Files\UltraVNC\winvnc.exe" = C:\Program Files\UltraVNC\winvnc.exe:*:Enabled:Serveur VNC pour Win32
"C:\Program Files\Charles\Charles.exe" = C:\Program Files\Charles\Charles.exe:*:Enabled:Charles Web Debugging Proxy
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Documents and Settings\Assistant.BARRE-SBS\Local Settings\Application Data\Facebook\Video\Skype\FacebookVideoCalling.exe" = C:\Documents and Settings\Assistant.BARRE-SBS\Local Settings\Application Data\Facebook\Video\Skype\FacebookVideoCalling.exe:*:Enabled:Facebook Video Calling Plugin
"C:\Program Files\Steam\Steam.exe" = C:\Program Files\Steam\Steam.exe:*:Enabled:Steam
"C:\Program Files\Cracked Steam\steam.exe" = C:\Program Files\Cracked Steam\steam.exe:*:Enabled:Steam
"C:\Program Files\Steam\SteamApps\tanguy9800\condition zero\hl.exe" = C:\Program Files\Steam\SteamApps\tanguy9800\condition zero\hl.exe:*:Enabled:Counter-Strike: Condition Zero
"C:\Program Files\Fichiers communs\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Fichiers communs\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Service Bonjour -- (Apple Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Hewlett-Packard\HP Deskjet 9800 Series\Toolbox\HPWQTBX.exe" = C:\Program Files\Hewlett-Packard\HP Deskjet 9800 Series\Toolbox\HPWQTBX.exe:*:Disabled:Toolbox for HP Printing System for Windows -- (Hewlett-Packard Company)
"C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- (Microsoft Corporation)
"C:\Program Files\@Last Software\SketchUp 5\SketchUp.exe" = C:\Program Files\@Last Software\SketchUp 5\SketchUp.exe:*:Enabled:SketchUp Application -- (@Last Software, Inc.)
"C:\Documents and Settings\Stagiaire\Local Settings\Temporary Internet Files\Content.IE5\0CNHH1CQ\NTRsupportProRC[1].exe" = C:\Documents and Settings\Stagiaire\Local Settings\Temporary Internet Files\Content.IE5\0CNHH1CQ\NTRsupportProRC[1].exe -- (Net Transmit & Receive)
"C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe" = C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe:*:Enabled:SMC Service -- (Symantec Corporation)
"C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE" = C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE:*:Enabled:SNAC Service -- (Symantec Corporation)
"C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" = C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe:*:Enabled:Symantec Email -- (Symantec Corporation)
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe" = C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe:*:Enabled:NEXON_EU_Downloader_Engine
"C:\Nexon\Combat Arms EU\CombatArms.exe" = C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe
"C:\Nexon\Combat Arms EU\Engine.exe" = C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Disabled:Skype -- (Skype Technologies S.A.)
"C:\Program Files\Charles\Charles.exe" = C:\Program Files\Charles\Charles.exe:*:Enabled:Charles Web Debugging Proxy
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{043F86B7-EE12-3399-B2CA-D0B603D87963}" = Microsoft .NET Framework 4 Extended FRA Language Pack
"{08549BFD-D589-4024-A803-1D8C8DB7743E}" = Extension d'application Sage Apibâtiment
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack
"{0F6F6876-6334-4977-B5DD-CFC12E193420}" = iTunes
"{133742BA-6F46-4D3E-85AF-78631D9AD8B8}" = Installation Windows Live
"{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}" = Browser Manager
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java(TM) 6 Update 30
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{33286280-8617-11E1-8FF6-B8AC6F97B88E}" = Google Earth Plug-in
"{350C940C-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
"{3A32A44A-81B2-4415-B0CF-1884D54FFD66}_is1" = cadwork catalogue version 17.0
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{445B183D-F4F1-45C8-B9DB-F11355CA657B}" = Windows Live Messenger
"{492F8345-095D-467F-926C-278870D93ECF}" = Windows Small Business Server 2008 ClientAgent
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5D90E53A-BD7C-8F32-9B82-7733D0F0BC8E}" = Adobe Download Assistant
"{605B5DF6-7B89-481D-AE54-D1EE2955AACE}" = Batigest Standard
"{62B74257-2E1B-48FB-843C-0FBA43FE1327}" = Sentinel System Driver Installer 7.4.0
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7CAC6A44-C3DE-4153-ACA6-7524602C789E}" = Facebook Video Calling 1.2.0.159
"{838257FC-952A-467B-86BF-21DB6B137A3F}" = Windows Small Business Server 2008 WMI Provider
"{84B70C16-7032-41EE-965C-3C8D9D566CBB}" = Symantec Endpoint Protection
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8F774179-BA22-4FFC-8954-F3DCC3845441}" = Batigest Standard
"{90120000-0010-040C-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (French) 12
"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007
"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{9158FF30-78D7-40EF-B83E-451AC5334640}" = Adobe Photoshop CS5.1
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{99424B33-1B5A-45F5-AB15-255F0C528305}" = Sage Apibâtiment Batigest Standard
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1036-7B44-A95000000001}" = Adobe Reader 9.5.0 - Français
"{ACEB2BAF-96DF-48FD-ADD5-43842D4C443D}" = Adobe AIR
"{B3B487E7-6171-4376-9074-B28082CEB504}" = Windows Live Call
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D4DDFAA1-EC37-4529-AD5B-A433ADE68662}" = Apple Mobile Device Support
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{E55E7026-EF2A-4A17-AAA7-DB98EA3FD1B1}" = BabylonObjectInstaller
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"cadwork 17.0_is1" = cadwork 17.0
"Cadwork.dir" = Cadwork
"CamStudio 2.0 Fr_is1" = CamStudio 2.0 Fr
"CCleaner" = CCleaner
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"ESET Online Scanner" = ESET Online Scanner v3
"LiveUpdate" = LiveUpdate 3.3 (Symantec Corporation)
"MagasinU ServicePhoto_is1" = MagasinU Photogénie 4.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.65.0.1400
"MegaBlocNotes" = Mega Bloc Notes 5.2.0
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Extended FRA
"Mozilla Firefox 16.0.1 (x86 fr)" = Mozilla Firefox 16.0.1 (x86 fr)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"WinLiveSuite_Wave3" = Installation Windows Live
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1620225293-1852270544-2216174193-1152\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"1b49e76190e780c7" = Starpass Generator
"Google Chrome" = Google Chrome
"PhotoFiltre" = PhotoFiltre
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"UnityWebPlayer" = Unity Web Player
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-381122970-1802692160-2556704516-1136\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Britanaw" = Britanaw
"Google Chrome" = Google Chrome
"PhotoFiltre" = PhotoFiltre
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-381122970-1802692160-2556704516-1213\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"PhotoFiltre" = PhotoFiltre
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 21/10/2012 04:24:01 | Computer Name = PC-BARRE05 | Source = Application Hang | ID = 1002
Description = Application bloquée iexplore.exe, version 8.0.6001.18702, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.
Error - 21/10/2012 04:24:01 | Computer Name = PC-BARRE05 | Source = Application Hang | ID = 1002
Description = Application bloquée iexplore.exe, version 8.0.6001.18702, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.
Error - 21/10/2012 04:24:03 | Computer Name = PC-BARRE05 | Source = Symantec AntiVirus | ID = 16711731
Description = Risque de sécurité détecté.W32.Sality.AE dans Fichier : C:\Documents
and Settings\Assistant.BARRE-SBS\Local Settings\Temp\DWH5.tmp par : analyse Auto-Protect.
Action : Nettoyer - échec : Quarantaine - échec : Accès refusé. Description de
l'action : Le risque a été supprimé en partie.
Error - 21/10/2012 04:33:13 | Computer Name = PC-BARRE05 | Source = Application Hang | ID = 1002
Description = Application bloquée iexplore.exe, version 8.0.6001.18702, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.
Error - 21/10/2012 04:33:13 | Computer Name = PC-BARRE05 | Source = Application Hang | ID = 1002
Description = Application bloquée iexplore.exe, version 8.0.6001.18702, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.
Error - 21/10/2012 04:33:23 | Computer Name = PC-BARRE05 | Source = Application Hang | ID = 1002
Description = Application bloquée iexplore.exe, version 8.0.6001.18702, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.
Error - 21/10/2012 06:30:28 | Computer Name = PC-BARRE05 | Source = Application Hang | ID = 1002
Description = Application bloquée OTL.scr, version 3.2.70.1, module bloqué hungapp,
version 0.0.0.0, adresse de blocage 0x00000000.
Error - 21/10/2012 06:51:02 | Computer Name = PC-BARRE05 | Source = Application Hang | ID = 1002
Description = Application bloquée OTL.scr, version 0.0.0.0, module bloqué hungapp,
version 0.0.0.0, adresse de blocage 0x00000000.
Error - 21/10/2012 07:09:40 | Computer Name = PC-BARRE05 | Source = Application Hang | ID = 1002
Description = Application bloquée OTL.scr, version 3.2.70.1, module bloqué hungapp,
version 0.0.0.0, adresse de blocage 0x00000000.
Error - 21/10/2012 07:09:40 | Computer Name = PC-BARRE05 | Source = Application Hang | ID = 1002
Description = Application bloquée OTL.scr, version 3.2.70.1, module bloqué hungapp,
version 0.0.0.0, adresse de blocage 0x00000000.
[ OSession Events ]
Error - 13/10/2012 06:23:31 | Computer Name = PC-BARRE05 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session
lasted 757 seconds with 600 seconds of active time. This session ended with a crash.
Error - 13/10/2012 09:04:29 | Computer Name = PC-BARRE05 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session
lasted 1488 seconds with 240 seconds of active time. This session ended with a
crash.
Error - 13/10/2012 09:05:05 | Computer Name = PC-BARRE05 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session
lasted 31 seconds with 0 seconds of active time. This session ended with a crash.
Error - 13/10/2012 09:05:24 | Computer Name = PC-BARRE05 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session
lasted 16 seconds with 0 seconds of active time. This session ended with a crash.
Error - 13/10/2012 09:06:05 | Computer Name = PC-BARRE05 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6662.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 304
seconds with 120 seconds of active time. This session ended with a crash.
Error - 13/10/2012 09:07:42 | Computer Name = PC-BARRE05 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6662.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 19
seconds with 0 seconds of active time. This session ended with a crash.
Error - 20/10/2012 09:36:03 | Computer Name = PC-BARRE05 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6662.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 6610
seconds with 2940 seconds of active time. This session ended with a crash.
Error - 20/10/2012 09:36:24 | Computer Name = PC-BARRE05 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6662.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 4
seconds with 0 seconds of active time. This session ended with a crash.
Error - 20/10/2012 09:36:57 | Computer Name = PC-BARRE05 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6662.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 17
seconds with 0 seconds of active time. This session ended with a crash.
Error - 20/10/2012 09:37:25 | Computer Name = PC-BARRE05 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6662.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 15
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 20/10/2012 05:25:22 | Computer Name = PC-BARRE05 | Source = DCOM | ID = 10016
Description = Les paramètres d'autorisation par défaut de l'ordinateur n'accordent
pas d'autorisation Locale Activation pour l'application serveur COM avec le CLSID
{A4199E55-EBB9-49E5-AF1A-7A5408B2E206} au SID AUTORITE NT\SERVICE RÉSEAU de l'utilisateur
(S-1-5-20). Cette autorisation de sécurité peut être modifiée à l'aide de l'outil
d'administration Services de composants.
Error - 20/10/2012 05:25:49 | Computer Name = PC-BARRE05 | Source = W32Time | ID = 39452701
Description = Le fournisseur de temps NtpClient est configuré pour acquérir le temps
à partir d'une ou plusieurs sources de temps, cependant aucune source n'est actuellement
accessible. Aucune tentative pour en contacter une ne sera effectuée d'ici 14 minutes.
NtpClient
n'a pas de source de temps précis.
Error - 20/10/2012 06:27:05 | Computer Name = PC-BARRE05 | Source = iaStor | ID = 262153
Description = Le périphérique \Device\Ide\iaStor0 n'a pas répondu dans le délai
imparti.
Error - 20/10/2012 15:59:33 | Computer Name = PC-BARRE05 | Source = NETLOGON | ID = 5719
Description = Aucun contrôleur de domaine n'est disponible pour le domaine BARRE-SBS
pour la raison suivante : %%1311. Vérifiez que l'ordinateur est connecté au réseau
et tentez une nouvelle fois. Si le problème persiste, contactez votre administrateur
système.
Error - 21/10/2012 04:11:53 | Computer Name = PC-BARRE05 | Source = NETLOGON | ID = 5719
Description = Aucun contrôleur de domaine n'est disponible pour le domaine BARRE-SBS
pour la raison suivante : %%1311. Vérifiez que l'ordinateur est connecté au réseau
et tentez une nouvelle fois. Si le problème persiste, contactez votre administrateur
système.
Error - 21/10/2012 04:13:35 | Computer Name = PC-BARRE05 | Source = DCOM | ID = 10016
Description = Les paramètres d'autorisation par défaut de l'ordinateur n'accordent
pas d'autorisation Locale Activation pour l'application serveur COM avec le CLSID
{A4199E55-EBB9-49E5-AF1A-7A5408B2E206} au SID AUTORITE NT\SERVICE RÉSEAU de l'utilisateur
(S-1-5-20). Cette autorisation de sécurité peut être modifiée à l'aide de l'outil
d'administration Services de composants.
Error - 21/10/2012 04:13:35 | Computer Name = PC-BARRE05 | Source = DCOM | ID = 10016
Description = Les paramètres d'autorisation par défaut de l'ordinateur n'accordent
pas d'autorisation Locale Activation pour l'application serveur COM avec le CLSID
{A4199E55-EBB9-49E5-AF1A-7A5408B2E206} au SID AUTORITE NT\SERVICE RÉSEAU de l'utilisateur
(S-1-5-20). Cette autorisation de sécurité peut être modifiée à l'aide de l'outil
d'administration Services de composants.
Error - 21/10/2012 04:13:35 | Computer Name = PC-BARRE05 | Source = DCOM | ID = 10016
Description = Les paramètres d'autorisation par défaut de l'ordinateur n'accordent
pas d'autorisation Locale Activation pour l'application serveur COM avec le CLSID
{A4199E55-EBB9-49E5-AF1A-7A5408B2E206} au SID AUTORITE NT\SERVICE RÉSEAU de l'utilisateur
(S-1-5-20). Cette autorisation de sécurité peut être modifiée à l'aide de l'outil
d'administration Services de composants.
Error - 21/10/2012 04:13:48 | Computer Name = PC-BARRE05 | Source = W32Time | ID = 39452701
Description = Le fournisseur de temps NtpClient est configuré pour acquérir le temps
à partir d'une ou plusieurs sources de temps, cependant aucune source n'est actuellement
accessible. Aucune tentative pour en contacter une ne sera effectuée d'ici 14 minutes.
NtpClient
n'a pas de source de temps précis.
Error - 21/10/2012 04:51:10 | Computer Name = PC-BARRE05 | Source = iaStor | ID = 262153
Description = Le périphérique \Device\Ide\iaStor0 n'a pas répondu dans le délai
imparti.
< End of report >
http://pjjoint.malekal.com/files.php?id ... w5i8k13o11
- Messages : 32089
- Inscription : 28 févr. 2008 13:58
- Localisation : Breizhilienne
Re: Pc qui plante au départ
relançe OTL , Copies et colles le contenue de cette citation ci dessous (en commençant bien à :OTL , les : inclus devant OTL jusqu'à [emptytemp] inclus) dans la partie inférieure d'OTL sous "Personalisation" et cette fois ci clic CORRECTION
» Un rapport texte apparrait au redemarrage du pc << poste le:OTL
O2 - BHO: (no name) - {2EECD738-5844-4a99-B4B6-146BF802613B} - No CLSID value found.
O2 - BHO: (no name) - {465E08E7-F005-4389-980F-1D8764B3486C} - No CLSID value found.
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - No CLSID value found.
O4 - HKLM..\Run: [svchost.exe] C:\WINDOWS\windir\svchost.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1620225293-1852270544-2216174193-1152..\Run: [svchost.exe] C:\WINDOWS\windir\svchost.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-381122970-1802692160-2556704516-1136..\Run: [Facemoi] C:\Facemoi\facemoi.exe File not found
O4 - HKU\S-1-5-21-381122970-1802692160-2556704516-1150..\Run: [Facemoi] C:\Facemoi\facemoi.exe File not found
O4 - HKU\S-1-5-21-381122970-1802692160-2556704516-1212..\Run: [Facemoi] C:\Facemoi\facemoi.exe File not found
O4 - HKU\S-1-5-21-381122970-1802692160-2556704516-1213..\Run: [Facemoi] C:\Facemoi\facemoi.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: MSWUpdate = C:\Documents and Settings\Assistant.BARRE-SBS\Application Data\Microsoft\lsass.exe
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Policies = c:\dir\install\install\server.exe
O20 - HKLM Winlogon: UserInit - (C:\Documents and Settings\Assistant.BARRE-SBS\Application Data\Microsoft\lsass.exe) - File not found
MsConfig - StartUpReg: AdobeBridge - hkey= - key= - File not found
MsConfig - StartUpReg: Facemoi - hkey= - key= - File not found
MsConfig - StartUpReg: MSWUpdate - hkey= - key= - File not found
MsConfig - StartUpReg: Task Bar - hkey= - key= - File not found
:files
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:CB0AACC9
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:D1B5B4F1
:reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\Windows\\system32\\userinit.exe,"
[HKEY_CURRENT_USER\Control Panel\Desktop]
"MenuShowDelay"="100"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer]
"AlwaysUnloadDll"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=dword:000000ff
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoDriveTypeAutoRun"=dword:000000ff
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer]
"link"=hex:00,00,00,00
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"EnableBalloonTips"=dword:00000000
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\TrayNotify]
"IconStreams"=-
"PastIconsStream"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Setup\RecoveryConsole]
"SetCommand"=dword:00000001
"SecurityLevel"=dword:00000001
:commands
[emptytemp]
== desinstalle:
Browser Manager
==> Téléchargez AdwCleaner ( d'Xplode ) sur votre bureau:
=> Lancez le, cliquez sur [Suppression] puis patientez le temps du scan.
=> Une fois le scan fini, un rapport s'ouvrira.
Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt
Avec Gnu_Linux t'as un Noyau ... avec Ѡindows t'as que les pépins
https://helicium.altervista.org/
Supprimer les "virus" gratuitement http://www.supprimer-trojan.com/
Un p'tit Don à Angélique Merci.
https://helicium.altervista.org/
Supprimer les "virus" gratuitement http://www.supprimer-trojan.com/
Un p'tit Don à Angélique
Merci.Re: Pc qui plante au départ
Voilà le rapport :
Files\Folders moved on Reboot...
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
Registry delete failed. HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D0F4A166-B8D4-48b8-9D63-80849FE137CB} scheduled to be deleted on reboot.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D0F4A166-B8D4-48b8-9D63-80849FE137CB}\ not found.
Re: Pc qui plante au départ
J'ai désinstallé Browser Manager et installé Cleaner voilà son rapport :
# AdwCleaner v2.005 - Rapport créé le 21/10/2012 à 18:47:47
# Mis à jour le 14/10/2012 par Xplode
# Système d'exploitation : Microsoft Windows XP Service Pack 3 (32 bits)
# Nom d'utilisateur : Assistant - PC-BARRE05
# Mode de démarrage : Normal
# Exécuté depuis : C:\Documents and Settings\Assistant.BARRE-SBS\Bureau\adwcleaner.exe
# Option [Suppression]
***** [Services] *****
***** [Fichiers / Dossiers] *****
Dossier Supprimé : C:\Program Files\Ask.com
Dossier Supprimé : C:\Program Files\Software
Dossier Supprimé : C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Fichier Supprimé : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
Fichier Supprimé : C:\user.js
Fichier Supprimé : C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
Supprimé au redémarrage : C:\Documents and Settings\All Users\Application Data\Browser Manager
Supprimé au redémarrage : C:\Documents and Settings\Assistant.BARRE-SBS\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bjeikeheijdjdfjbmknpefojickbkmom
Supprimé au redémarrage : C:\Documents and Settings\Assistant.BARRE-SBS\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Supprimé au redémarrage : C:\Program Files\OfferBox
***** [Registre] *****
Clé Supprimée : HKCU\Software\BrowserMngr
Clé Supprimée : HKCU\Software\Conduit
Clé Supprimée : HKCU\Software\DataMngr
Clé Supprimée : HKCU\Software\IM
Clé Supprimée : HKCU\Software\Iminent
Clé Supprimée : HKCU\Software\ImInstaller
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1631550F-191D-4826-B069-D9439253D926}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{465E08E7-F005-4389-980F-1D8764B3486C}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{58124A0B-DC32-4180-9BFF-E0E21AE34026}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6ADB0F93-1AA5-4BCF-9DF4-CEA689A3C111}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{465E08E7-F005-4389-980F-1D8764B3486C}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{58124A0B-DC32-4180-9BFF-E0E21AE34026}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6576EBAA-B570-4345-98E4-96153C77CF24}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6ADB0F93-1AA5-4BCF-9DF4-CEA689A3C111}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{97ED3A9F-CD6F-473A-8FE1-7505C1B844C3}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Clé Supprimée : HKCU\Software\Offerbox
Clé Supprimée : HKCU\Software\PriceGong
Clé Supprimée : HKCU\Software\Softonic
Clé Supprimée : HKLM\Software\BrowserMngr
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Clé Supprimée : HKLM\SOFTWARE\Classes\b
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{A7E8C343-7860-4A95-9AA8-AAF30D0F6D1E}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}
Clé Supprimée : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Clé Supprimée : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{6612AFDD-34AD-4B89-A236-7E6D07C3FDCD}
Clé Supprimée : HKLM\SOFTWARE\Classes\OfferBox.OfferBoxServer
Clé Supprimée : HKLM\SOFTWARE\Classes\OfferBox.OfferBoxServer.1
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{ED85AEBE-F834-4088-B5D3-97EB2478A6CD}
Clé Supprimée : HKLM\Software\Conduit
Clé Supprimée : HKLM\Software\DataMngr
Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\bjeikeheijdjdfjbmknpefojickbkmom
Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Clé Supprimée : HKLM\Software\Iminent
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{37F4A335-D085-423E-A425-0370799166FB}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{E55E7026-EF2A-4A17-AAA7-DB98EA3FD1B1}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BabylonToolbar
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Offerbox
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E55E7026-EF2A-4A17-AAA7-DB98EA3FD1B1}
Clé Supprimée : HKLM\Software\Offerbox
Donnée Supprimée : HKLM\..\Windows [AppInit_DLLs] = c:\docume~1\alluse~1\applic~1\browse~1\23787~1.43\{16cdf~1\browse~1.dll c:\docume~1\alluse~1\applic~1\browse~1\22643~1.41\{16cdf~1\browse~1.dll apshook.dll
Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{6ADB0F93-1AA5-4BCF-9DF4-CEA689A3C111}]
Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
Valeur Supprimée : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [[email protected]]
***** [Navigateurs] *****
-\\ Internet Explorer v8.0.6001.18702
Remplacé : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://search.babylon.com/?affID=112543&tt=120912_ccp_3712_7&babsrc=NT_ss&mntrId=00e1477100000000000000247e51e733 --> hxxp://www.google.com
-\\ Mozilla Firefox v16.0.1 (fr)
-\\ Google Chrome v22.0.1229.94
*************************
AdwCleaner[S2].txt - [9569 octets] - [21/10/2012 18:47:47]
########## EOF - C:\AdwCleaner[S2].txt - [9629 octets] ##########
- Messages : 32089
- Inscription : 28 févr. 2008 13:58
- Localisation : Breizhilienne
Re: Pc qui plante au départ
le rapport de correction OTL parait maigre!
le rapport de suppression est sauvegardé sur ton disque dur C:\_OTL\ sous la forme date_heure.txt
== onglet desinstallation dans adwcleaner
ç'est mieux ?
le rapport de suppression est sauvegardé sur ton disque dur C:\_OTL\ sous la forme date_heure.txt
== onglet desinstallation dans adwcleaner
ç'est mieux ?
Avec Gnu_Linux t'as un Noyau ... avec Ѡindows t'as que les pépins
https://helicium.altervista.org/
Supprimer les "virus" gratuitement http://www.supprimer-trojan.com/
Un p'tit Don à Angélique Merci.
https://helicium.altervista.org/
Supprimer les "virus" gratuitement http://www.supprimer-trojan.com/
Un p'tit Don à Angélique
Merci.Re: Pc qui plante au départ
Voilà mon PC a du avoir un petit problème ^^ le rapport cette fois ci normalement bon :
All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{465E08E7-F005-4389-980F-1D8764B3486C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{465E08E7-F005-4389-980F-1D8764B3486C}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D0F4A166-B8D4-48b8-9D63-80849FE137CB} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D0F4A166-B8D4-48b8-9D63-80849FE137CB}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\svchost.exe not found.
File C:\WINDOWS\windir\svchost.exe not found.
Registry value HKEY_USERS\S-1-5-21-1620225293-1852270544-2216174193-1152\Software\Microsoft\Windows\CurrentVersion\Run\\svchost.exe not found.
File C:\WINDOWS\windir\svchost.exe not found.
Registry key HKEY_USERS\S-1-5-21-381122970-1802692160-2556704516-1136\Software\Microsoft\Windows\CurrentVersion\Run not found.
Registry key HKEY_USERS\S-1-5-21-381122970-1802692160-2556704516-1150\Software\Microsoft\Windows\CurrentVersion\Run not found.
Registry key HKEY_USERS\S-1-5-21-381122970-1802692160-2556704516-1212\Software\Microsoft\Windows\CurrentVersion\Run not found.
Registry key HKEY_USERS\S-1-5-21-381122970-1802692160-2556704516-1213\Software\Microsoft\Windows\CurrentVersion\Run not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\\MSWUpdate not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\\Policies not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:C:\Documents and Settings\Assistant.BARRE-SBS\Application Data\Microsoft\lsass.exe deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\AdobeBridge\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\Facemoi\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\MSWUpdate\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\Task Bar\ not found.
========== FILES ==========
Unable to delete ADS C:\Documents and Settings\All Users\Application Data\Temp:CB0AACC9 .
Unable to delete ADS C:\Documents and Settings\All Users\Application Data\Temp:D1B5B4F1 .
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\"Userinit"|"C:\\Windows\\system32\\userinit.exe," /E : value set successfully!
HKEY_CURRENT_USER\Control Panel\Desktop\\"MenuShowDelay"|"100" /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\\"AlwaysUnloadDll"|dword:00000001 /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\"NoDriveTypeAutoRun"|dword:000000ff /E : value set successfully!
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\"NoDriveTypeAutoRun"|dword:000000ff /E : value set successfully!
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\\"link"|hex:00,00,00,00 /E : value set successfully!
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\\"EnableBalloonTips"|dword:00000000 /E : value set successfully!
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\TrayNotify\\IconStreams deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\TrayNotify\\PastIconsStream deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Setup\RecoveryConsole\\"SetCommand"|dword:00000001 /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Setup\RecoveryConsole\\"SecurityLevel"|dword:00000001 /E : value set successfully!
========== COMMANDS ==========
[EMPTYTEMP]
User: Admin
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Administrateur
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: All Users
User: Assistant
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Assistant.BARRE
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 24334646 bytes
->Flash cache emptied: 91677 bytes
User: Assistant.BARRE-SBS
->Temp folder emptied: 12941739 bytes
->Temporary Internet Files folder emptied: 48080087 bytes
->Java cache emptied: 12761 bytes
->FireFox cache emptied: 118762349 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 72019 bytes
User: ASSIST~2_BAR
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56475 bytes
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 157389 bytes
User: Nomade
->Temp folder emptied: 18400008 bytes
->Temporary Internet Files folder emptied: 115196653 bytes
->Google Chrome cache emptied: 222688972 bytes
->Flash cache emptied: 13195347 bytes
User: Stagiaire
->Temp folder emptied: 758763 bytes
->Temporary Internet Files folder emptied: 57176673 bytes
->Flash cache emptied: 57335 bytes
User: TBARRE
->Temp folder emptied: 104661544 bytes
->Temporary Internet Files folder emptied: 275064055 bytes
->Google Chrome cache emptied: 81266273 bytes
->Flash cache emptied: 33749587 bytes
User: Utilisateur
->Temp folder emptied: 643314401 bytes
->Temporary Internet Files folder emptied: 10673106 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2148155 bytes
%systemroot%\System32 .tmp files removed: 3072 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 331865 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 436561822 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 32902 bytes
RecycleBin emptied: 846284163 bytes
Total Files Cleaned = 2 924,00 mb
OTL by OldTimer - Version 3.2.70.1 log created on 10232012_181245
Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\Assistant.BARRE-SBS\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\ZBGY3EMT\z0DNEQJct76SoUhl4Xr-fPll2aopLIDTdvMxWKkrrp08LDRDcSrU1B6K3UdFM0g3BvXSxaBV5pCHZtK_m4Mi2rx-uvPRM30UtR_XnDaXxBN3-Y80AUvC5-KS5hlyA&callback=google.LU[1].loadFeaturemap_375_0 not found!
File\Folder C:\Documents and Settings\Assistant.BARRE-SBS\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\N3NL290X\8VlL3_dPlDMOO0MGnFzJmUotMA3GF_qhWxpNX-dUr4_QMDjpcgLyujWyKAfcbPzkX5rcG_EzpNwW4UHAlKz52wW6S3DJ9ZHHiKgb9H6cFOGXjzHAhB3ngFmTUMA2A&callback=google.LU[1].loadFeaturemap_133_0 not found!
File\Folder C:\Documents and Settings\Assistant.BARRE-SBS\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\KII9C73U\8VlL3_dPlDMOO0MGnFzJmUotMA3GF_qhWxpNX-dUr4_QMDjpcgLyujWyKAfcbPzkX5rcG_EzpNwW4UHAlKz52wW6S3DJ9ZHHiKgb9H6cFOGXjzHAhB3ngFmTUMA2A&callback=google.LU[1].loadFeaturemap_854_0 not found!
File\Folder C:\Documents and Settings\Assistant.BARRE-SBS\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\KII9C73U\PLDYoIWcfVXxvZu9XwJ55OX7Ag,wGrYD6EL58VlL3_dPlDMOO0MGnFzJmUotMA3GF_qhWxpNX-dUr4_QMDjpcgLyujWyKAfcbPzkX5rcG_EzpNwW4UHAlKz52wW6S3DJ9ZHHiKgb9H6cFOGXjzHAhB3ngFmTUMA2A[1].gif not found!
File\Folder C:\Documents and Settings\Assistant.BARRE-SBS\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\KII9C73U\PLDYoIWcfVXxvZu9XwJ55OX7Ag,wM2JjggXKz0DNEQJct76SoUhl4Xr-fPll2aopLIDTdvMxWKkrrp08LDRDcSrU1B6K3UdFM0g3BvXSxaBV5pCHZtK_m4Mi2rx-uvPRM30UtR_XnDaXxBN3-Y80AUvC5-KS5hlyA[1].gif not found!
File\Folder C:\Documents and Settings\TBARRE\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\JEH3P8F0\41df8525d0c97a42268a;kvexpandable=1;kvdim=twig-bottom;kvbw=0;kvpid=1534324;kva1824=100;kva2534=100;kva2544=100;kva1834=100;kvagt25=100;kvagt35=100;kvagt18=100;kvgf=100[1].htm not found!
File\Folder C:\WINDOWS\temp\Perflib_Perfdata_14f8.dat not found!
File\Folder C:\WINDOWS\temp\TMP1F.tmp not found!
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
- Messages : 32089
- Inscription : 28 févr. 2008 13:58
- Localisation : Breizhilienne
Re: Pc qui plante au départ
est ce que ç'est mieux ???
Avec Gnu_Linux t'as un Noyau ... avec Ѡindows t'as que les pépins
https://helicium.altervista.org/
Supprimer les "virus" gratuitement http://www.supprimer-trojan.com/
Un p'tit Don à Angélique Merci.
https://helicium.altervista.org/
Supprimer les "virus" gratuitement http://www.supprimer-trojan.com/
Un p'tit Don à Angélique
Merci.-
- Sujets similaires
- Réponses
- Vues
- Dernier message
-
- 5 Réponses
- 117 Vues
-
Dernier message par jano27
-
- 8 Réponses
- 502 Vues
-
Dernier message par Parisien_entraide
-
- 0 Réponses
- 76 Vues
-
Dernier message par webjack
-
- 0 Réponses
- 96 Vues
-
Dernier message par xavg
-
- 20 Réponses
- 151 Vues
-
Dernier message par Parisien_entraide