Ordinateur devenu très lent meme a la saisie

Accélérer son PC et résoudre les problèmes de lenteur PC et Windows

Modérateur : Mods Windows

phillibert

Ordinateur devenu très lent meme a la saisie

par phillibert »

Bonsoir Malekal je trouve votre forum très cool , ce que vous faites est top, si je viens posté

c'est que mon ordinateur est verry méga lent pourtant aucun problème de mémoire je n'ai rien dedans

hormis des virus torpak. logiciel espion que j'ai supprimé avec trend internet security et double click que j'ai supprimé

avec spyboot, ceci dit je ne vois aucune potentielle améliorations de la rapidité , ce qui me laisse dubitatif

quant a l'éradications de ces virus, s(il vous plait pouvez vous m'aidez?



Cordialement et merci quant même si vous ne pouvez pas.
SkyTech

Re: Ordinateur devenu très lent meme a la saisie

par SkyTech »

'soir,

Enlève la vaccination de Spybot :

Image

Puis désinstalle-le, il est obsolète voir : http://forum.malekal.com/test-eradicati ... tml#p64338

Va lire ça : http://forum.malekal.com/antispyware-gr ... ml#p209628

Puis :


* Télécharge >> OTL <<sur ton bureau.

* Fait un double-clic sur l'icône d'OTL pour le lancer
/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

* Assure toi d'avoir fermé toutes les applications en court de fonctionnement.

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case "Rapport minimal" soit cochée.

* Copies et colles le contenue de cette citation dans la partie inférieure d'OTL "Personnalisation"
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%temp%\*.exe /s
%SYSTEMDRIVE%\*.exe
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
/md5start
explorer.exe
winlogon.exe
wininit.exe
/md5stop
HKEY_LOCAL_MACHINE\SYSTEM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters /s
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems /s
CREATERESTOREPOINT
nslookup http://www.google.fr /c
SAVEMBR:0
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs

* Cliques sur l'icône "Analyse" (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan un ou deux rapports vont s'ouvrir "OTL.Txt" et ( ou ) "Extras.Txt"( dans certains cas).
* Copie et colle le ou les rapports dans ta réponse stp...
* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés
phillibert

Re: Ordinateur devenu très lent meme a la saisie

par phillibert »

Bonsoir skytech , et merci pour ta réponse rapide ,je suis allez jettez un oeil a tes liens

et j'en prend un coup , en ce qui concerne otl trend internet security le bloque,

dois je le désactivé?


Merci
phillibert

Re: Ordinateur devenu très lent meme a la saisie

par phillibert »

je débloque le fichier , je te fais confiance la suite dans quelques minutes


Merci
phillibert

Re: Ordinateur devenu très lent meme a la saisie

par phillibert »

bon sa a pris plus que quelques minutes, mais l'analyse était longue j'ai suivi toutes tes indications

a la lettre et voici le rapport :









OTL logfile created on: 04/12/2012 21:30:24 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\khitab\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,50 Gb Total Physical Memory | 2,19 Gb Available Physical Memory | 62,65% Memory free
6,99 Gb Paging File | 5,22 Gb Available in Paging File | 74,75% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 688,82 Gb Total Space | 639,22 Gb Free Space | 92,80% Space Free | Partition Type: NTFS
Drive D: | 688,82 Gb Total Space | 687,85 Gb Free Space | 99,86% Space Free | Partition Type: NTFS

Computer Name: KHITAB-PC | User Name: khitab | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\khitab\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe (Trend Micro Inc.)
PRC - C:\Program Files\My Lockbox\mylbx.exe (FSPro Labs)
PRC - C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Acer Incorporated)
PRC - C:\Program Files\Acer\Acer Updater\UpdaterService.exe (Acer Incorporated)


========== Modules (No Company Name) ==========

MOD - C:\Program Files\Trend Micro\Titanium\UIFramework\boost_thread-vc80-mt-1_49.dll ()
MOD - C:\Program Files\Trend Micro\Titanium\UIFramework\boost_date_time-vc80-mt-1_49.dll ()
MOD - C:\Program Files\My Lockbox\fspflt.dll ()


========== Services (SafeList) ==========

SRV:64bit: - (Amsp) -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe File not found
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (Live Updater Service) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe (Acer Incorporated)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (NAUpdate) -- C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (GREGService) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Acer Incorporated)
SRV - (GamesAppService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (tmactmon) -- C:\Windows\SysNative\drivers\tmactmon.sys (Trend Micro Inc.)
DRV:64bit: - (tmevtmgr) -- C:\Windows\SysNative\drivers\tmevtmgr.sys (Trend Micro Inc.)
DRV:64bit: - (tmcomm) -- C:\Windows\SysNative\drivers\tmcomm.sys (Trend Micro Inc.)
DRV:64bit: - (TMEBC) -- C:\Windows\SysNative\drivers\TMEBC64.sys (Trend Micro Inc.)
DRV:64bit: - (tmtdi) -- C:\Windows\SysNative\drivers\tmtdi.sys (Trend Micro Inc.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (NBVol) -- C:\Windows\SysNative\drivers\NBVol.sys (Nero AG)
DRV:64bit: - (NBVolUp) -- C:\Windows\SysNative\drivers\NBVolUp.sys (Nero AG)
DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation)
DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (amd_xata) -- C:\Windows\SysNative\drivers\amd_xata.sys (Advanced Micro Devices)
DRV:64bit: - (amd_sata) -- C:\Windows\SysNative\drivers\amd_sata.sys (Advanced Micro Devices)
DRV:64bit: - (FSProFilter) -- C:\Windows\SysNative\drivers\FSPFltd.sys (FSPro Labs)
DRV:64bit: - (AtiPcie) -- C:\Windows\SysNative\drivers\AtiPcie64.sys (Advanced Micro Devices Inc.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20120926
FF - prefs.js..extensions.enabledAddons: tmbepff-7.5%40trendmicro.com:7.5.0.1107
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 4001
FF - prefs.js..network.proxy.type: 1
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_265.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_32: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found
FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF - HKLM\Software\MozillaPlugins\@TrendMicro.com/FFExtension: C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll (Trend Micro Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\PROGRAM FILES\TREND MICRO\AMSP\MODULE\20002\7.5.1107\7.5.1107\FIREFOXEXTENSION [2012/12/04 16:38:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{38783831-6098-4faa-A9C9-1EE1E343F4D2}: C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1102\7.1.1102\firefoxextension
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1107\7.5.1107\firefoxextension [2012/12/04 16:38:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files\Trend Micro\AMSP\module\20004\FxExt\firefoxextension\ [2012/12/04 16:39:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/12/04 15:39:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

[2012/07/29 13:17:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\khitab\AppData\Roaming\mozilla\Extensions
[2012/07/21 22:22:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\khitab\AppData\Roaming\mozilla\Firefox\extensions
[2012/07/21 22:22:22 | 000,000,000 | ---D | M] (01NET.com) -- C:\Users\khitab\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}
[2012/11/28 21:46:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\khitab\AppData\Roaming\mozilla\Firefox\Profiles\0vy7vo70.default\extensions
[2012/10/21 10:11:02 | 000,000,000 | ---D | M] (WOT) -- C:\Users\khitab\AppData\Roaming\mozilla\Firefox\Profiles\0vy7vo70.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2012/11/28 21:46:19 | 000,804,627 | ---- | M] () (No name found) -- C:\Users\khitab\AppData\Roaming\mozilla\firefox\profiles\0vy7vo70.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012/12/04 15:39:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/12/04 16:38:44 | 000,000,000 | ---D | M] (Trend Micro BEP Firefox Extension) -- C:\PROGRAM FILES\TREND MICRO\AMSP\MODULE\20002\7.5.1107\7.5.1107\FIREFOXEXTENSION
[2012/11/29 09:26:57 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/11/29 10:08:14 | 000,001,729 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-france.xml
[2012/11/29 10:08:14 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/11/29 10:08:14 | 000,002,035 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2012/11/29 10:08:14 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-france.xml
[2012/11/29 10:08:14 | 000,001,639 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-fr.xml
[2012/11/29 10:08:14 | 000,001,169 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2011/12/12 10:50:41 | 000,000,938 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.5.1331\6.8.1094\TmIEPlg.dll (Trend Micro Inc.)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1107\7.5.1107\TmBpIe64.dll (Trend Micro Inc.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.5.1331\6.8.1094\TmIEPlg32.dll (Trend Micro Inc.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1107\7.5.1107\TmBpIe32.dll (Trend Micro Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4:64bit: - HKLM..\Run: [mylbx] C:\Program Files\My Lockbox\mylbx.exe (FSPro Labs)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Trend Micro Client Framework] C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe (Trend Micro Inc.)
O4:64bit: - HKLM..\Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [FileHippo.com] C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe (FileHippo.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 60
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_32)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B7021337-9DBD-4D09-A975-376AB255C9FD}: DhcpNameServer = 212.27.40.241 212.27.40.240
O18:64bit: - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1107\7.5.1107\TmBpIe64.dll (Trend Micro Inc.)
O18:64bit: - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.5.1331\6.8.1094\TmIEPlg.dll (Trend Micro Inc.)
O18:64bit: - Protocol\Handler\tmtbim - No CLSID value found
O18 - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1107\7.5.1107\TmBpIe32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.5.1331\6.8.1094\TmIEPlg32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmtbim {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll (Trend Micro Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 0
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)


MsConfig:64bit - StartUpReg: Google Update - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
MsConfig:64bit - StartUpReg: uTorrent - hkey= - key= - C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)

SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: MCODS - Reg Error: Value error.
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: MCODS - Reg Error: Value error.
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:64bit: AppMgmt - Service
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: MCODS - Reg Error: Value error.
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: MCODS - Reg Error: Value error.
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2012/12/04 21:20:03 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\khitab\Desktop\OTL.exe
[2012/12/04 19:00:40 | 000,401,720 | ---- | C] (Trend Micro Inc.) -- C:\Users\khitab\Desktop\HijackThis.exe
[2012/12/04 18:52:38 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll
[2012/12/04 18:52:38 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll
[2012/12/04 18:52:38 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe
[2012/12/04 18:52:34 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbGD.sys
[2012/12/04 18:52:34 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys
[2012/12/04 18:52:33 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys
[2012/12/04 18:52:29 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpendp_winip.dll
[2012/12/04 18:52:29 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2012/12/04 18:52:29 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll
[2012/12/04 18:52:29 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2012/12/04 18:52:29 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprtPS.dll
[2012/12/04 18:52:29 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wksprtPS.dll
[2012/12/04 18:52:28 | 000,384,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe
[2012/12/04 18:52:28 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
[2012/12/04 18:52:28 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2012/12/04 18:52:28 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll
[2012/12/04 18:52:28 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpendp_winip.dll
[2012/12/04 18:52:28 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe
[2012/12/04 18:52:28 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsRdpWebAccess.dll
[2012/12/04 18:52:28 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsRdpWebAccess.dll
[2012/12/04 18:52:27 | 003,174,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2012/12/04 18:52:27 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2012/12/04 18:52:27 | 001,048,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2012/12/04 18:52:26 | 004,916,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2012/12/04 18:52:25 | 005,773,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2012/12/04 18:51:03 | 001,448,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012/12/04 18:51:03 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012/12/04 17:48:45 | 000,000,000 | ---D | C] -- C:\Users\khitab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\My Lockbox
[2012/12/04 17:48:43 | 000,000,000 | ---D | C] -- C:\Program Files\My Lockbox
[2012/12/04 17:26:20 | 000,000,000 | ---D | C] -- C:\Users\khitab\Desktop\RK_Quarantine
[2012/12/04 16:42:53 | 000,000,000 | -H-D | C] -- C:\TMRescueDisk
[2012/12/04 16:39:41 | 000,000,000 | ---D | C] -- C:\Users\khitab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Titanium Internet Security
[2012/12/04 16:38:59 | 000,105,744 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmtdi.sys
[2012/12/04 16:38:56 | 000,173,504 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmcomm.sys
[2012/12/04 16:38:56 | 000,106,000 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmactmon.sys
[2012/12/04 16:38:56 | 000,076,672 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmevtmgr.sys
[2012/12/04 16:38:50 | 000,046,392 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\TMEBC64.sys
[2012/12/04 16:34:11 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2012/12/04 16:31:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Trend Micro
[2012/12/04 16:30:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2012/12/04 16:26:28 | 100,309,176 | ---- | C] (Trend Micro Inc.) -- C:\Users\Public\Desktop\Trend_Micro.exe
[2012/12/04 15:40:13 | 000,054,848 | ---- | C] (FSPro Labs) -- C:\Windows\SysNative\drivers\FSPFltd.sys
[2012/12/04 15:39:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012/12/04 14:42:36 | 000,000,000 | ---D | C] -- C:\Users\khitab\AppData\Roaming\JonDo
[2012/12/04 14:34:56 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2012/12/04 14:34:55 | 000,000,000 | ---D | C] -- C:\Users\khitab\AppData\Roaming\IObit
[2012/12/04 14:34:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit
[2012/12/04 13:29:14 | 000,000,000 | ---D | C] -- C:\Users\khitab\Desktop\JAP
[2012/12/04 13:29:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JAP
[2012/12/04 13:29:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JAP
[2012/12/01 14:33:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012/12/01 14:33:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2012/12/01 14:32:42 | 000,000,000 | ---D | C] -- C:\Users\khitab\AppData\Local\Programs
[2012/12/01 14:22:56 | 000,289,768 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2012/12/01 14:22:41 | 000,189,416 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2012/12/01 14:22:41 | 000,188,904 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2012/12/01 14:22:41 | 000,108,008 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2012/12/01 14:22:10 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012/12/01 14:07:49 | 000,000,000 | ---D | C] -- C:\Users\khitab\AppData\Local\Geckofx
[2012/12/01 13:52:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\X-NetStat Professional
[2012/11/30 22:54:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012/11/29 00:12:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2012/11/16 20:23:17 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys
[2012/11/16 20:23:17 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll
[2012/11/16 20:13:18 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/11/16 20:13:17 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/11/16 20:13:15 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/11/16 20:13:15 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/11/16 20:13:14 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/11/16 20:13:14 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/11/16 20:13:13 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/11/16 20:13:13 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/11/16 20:13:11 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/11/16 20:13:11 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/11/16 20:13:10 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/11/16 20:13:09 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/11/16 20:13:05 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/11/16 20:13:04 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/11/16 20:13:04 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012/11/16 20:09:37 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll
[2012/11/16 20:09:29 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll
[2012/11/16 20:09:28 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll
[2012/11/16 20:09:28 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe
[2012/11/16 17:53:32 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012/11/16 17:53:32 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012/11/16 16:53:31 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll
[2012/11/16 16:53:31 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll
[2012/11/16 16:53:31 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll
[2012/11/16 16:53:02 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll
[2012/11/16 16:53:02 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll
[2012/11/16 16:53:02 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll
[2012/11/16 16:53:02 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll
[2012/11/16 16:53:02 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll
[2012/11/16 16:53:02 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll
[2012/11/16 16:52:25 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll
[2012/11/16 16:52:25 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/12/04 21:34:44 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012/12/04 21:20:06 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\khitab\Desktop\OTL.exe
[2012/12/04 21:15:53 | 000,016,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/12/04 21:15:53 | 000,016,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/12/04 21:13:39 | 001,683,976 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/12/04 21:13:39 | 000,753,536 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2012/12/04 21:13:39 | 000,665,104 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/12/04 21:13:39 | 000,147,542 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2012/12/04 21:13:39 | 000,123,184 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/12/04 21:08:29 | 000,000,290 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2012/12/04 21:08:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/12/04 21:08:17 | 2814,849,024 | -HS- | M] () -- C:\hiberfil.sys
phillibert

Re: Ordinateur devenu très lent meme a la saisie

par phillibert »

La suite du rapport car trop de caractères précedement:






[2012/12/04 19:00:43 | 000,401,720 | ---- | M] (Trend Micro Inc.) -- C:\Users\khitab\Desktop\HijackThis.exe
[2012/12/04 17:48:49 | 000,000,819 | ---- | M] () -- C:\Users\khitab\Desktop\My Lockbox Control Panel.lnk
[2012/12/04 17:48:48 | 000,001,681 | ---- | M] () -- C:\Users\khitab\Desktop\My Lockbox.lnk
[2012/12/04 16:39:48 | 000,001,499 | ---- | M] () -- C:\Users\khitab\Desktop\Trend Micro Titanium Internet Security.lnk
[2012/12/04 16:35:51 | 000,000,059 | ---- | M] () -- C:\Windows\SysNative\SupportTool.exe.bat
[2012/12/04 16:30:14 | 100,309,176 | ---- | M] (Trend Micro Inc.) -- C:\Users\Public\Desktop\Trend_Micro.exe
[2012/12/04 15:39:29 | 000,001,155 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/12/01 14:22:28 | 000,108,008 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2012/12/01 14:22:16 | 000,289,768 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2012/12/01 14:22:16 | 000,189,416 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2012/12/01 14:22:15 | 001,034,216 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll
[2012/12/01 14:22:15 | 000,916,456 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2012/12/01 14:22:15 | 000,188,904 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2012/12/01 14:15:13 | 000,001,977 | ---- | M] () -- C:\Users\khitab\Desktop\Update Checker.lnk
[2012/12/01 14:12:07 | 000,000,826 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/11/27 16:51:01 | 000,830,235 | ---- | M] () -- C:\Users\khitab\AppData\Local\census.cache
[2012/11/27 16:50:14 | 000,107,847 | ---- | M] () -- C:\Users\khitab\AppData\Local\ars.cache
[2012/11/19 20:03:57 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012/11/17 00:12:57 | 000,275,856 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/12/04 21:34:44 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012/12/04 17:48:49 | 000,000,819 | ---- | C] () -- C:\Users\khitab\Desktop\My Lockbox Control Panel.lnk
[2012/12/04 17:48:48 | 000,001,681 | ---- | C] () -- C:\Users\khitab\Desktop\My Lockbox.lnk
[2012/12/04 16:39:41 | 000,001,499 | ---- | C] () -- C:\Users\khitab\Desktop\Trend Micro Titanium Internet Security.lnk
[2012/12/04 16:35:51 | 000,000,059 | ---- | C] () -- C:\Windows\SysNative\SupportTool.exe.bat
[2012/12/04 15:39:29 | 000,001,155 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/12/04 15:39:28 | 000,001,167 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012/12/01 14:15:13 | 000,002,007 | ---- | C] () -- C:\Users\khitab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update Checker.lnk
[2012/12/01 14:15:13 | 000,001,977 | ---- | C] () -- C:\Users\khitab\Desktop\Update Checker.lnk
[2012/11/27 16:51:01 | 000,830,235 | ---- | C] () -- C:\Users\khitab\AppData\Local\census.cache
[2012/11/27 16:50:14 | 000,107,847 | ---- | C] () -- C:\Users\khitab\AppData\Local\ars.cache
[2012/11/16 20:23:24 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012/11/16 20:09:28 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012/08/26 21:05:34 | 000,785,188 | ---- | C] () -- C:\Windows\SysWow64\sig.bin
[2012/08/18 00:25:59 | 000,019,581 | ---- | C] () -- C:\Windows\prodsett_copy.ini
[2012/08/18 00:16:36 | 000,099,555 | ---- | C] () -- C:\ProgramData\1345245308.bdinstall.bin
[2012/08/18 00:13:39 | 000,368,821 | ---- | C] () -- C:\ProgramData\1345244358.bdinstall.bin
[2012/07/16 19:37:02 | 000,000,036 | ---- | C] () -- C:\Users\khitab\AppData\Local\housecall.guid.cache
[2012/07/16 18:55:45 | 000,010,196 | ---- | C] () -- C:\ProgramData\1342461342.3984.bin
[2012/07/16 18:55:45 | 000,006,918 | ---- | C] () -- C:\ProgramData\1342461342.3852.bin
[2012/07/16 18:55:45 | 000,001,404 | ---- | C] () -- C:\ProgramData\1342461342.3928.bin
[2012/07/16 18:55:45 | 000,001,404 | ---- | C] () -- C:\ProgramData\1342461342.3900.bin
[2012/07/16 18:55:43 | 000,070,297 | ---- | C] () -- C:\ProgramData\1342461342.3976.bin
[2012/07/16 18:55:43 | 000,009,379 | ---- | C] () -- C:\ProgramData\1342461342.3972.bin
[2012/07/16 18:55:42 | 000,040,757 | ---- | C] () -- C:\ProgramData\1342461342.1788.bin
[2012/05/12 17:44:13 | 000,100,746 | ---- | C] () -- C:\ProgramData\1336840963.bdinstall.bin
[2012/05/09 21:43:26 | 000,231,273 | ---- | C] () -- C:\ProgramData\1336595793.bdinstall.bin
[2012/05/02 20:40:59 | 000,900,619 | ---- | C] () -- C:\ProgramData\1335984138.bdinstall.bin
[2012/05/02 19:37:53 | 000,128,890 | ---- | C] () -- C:\ProgramData\1335983747.bdinstall.bin
[2012/01/29 22:07:41 | 000,017,408 | ---- | C] () -- C:\Users\khitab\AppData\Local\WebpageIcons.db
[2011/12/30 20:51:28 | 000,000,290 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011/12/29 22:14:50 | 000,101,971 | ---- | C] () -- C:\ProgramData\1325193213.bdinstall.bin
[2011/12/29 13:14:15 | 000,278,604 | ---- | C] () -- C:\ProgramData\1325160326.bdinstall.bin
[2011/12/14 00:15:22 | 001,709,520 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/09/20 01:01:06 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/07/14 09:33:22 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011/05/24 22:44:26 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll

========== ZeroAccess Check ==========

[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Custom Scans ==========

< >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2012/08/23 22:52:51 | 000,000,000 | ---D | M] -- C:\Users\khitab\AppData\Roaming\Ad-Aware Antivirus
[2011/12/12 12:12:02 | 000,000,000 | ---D | M] -- C:\Users\khitab\AppData\Roaming\Adobe
[2011/12/13 18:11:30 | 000,000,000 | ---D | M] -- C:\Users\khitab\AppData\Roaming\ATI
[2011/12/11 12:31:18 | 000,000,000 | ---D | M] -- C:\Users\khitab\AppData\Roaming\CyberLink
[2012/06/14 19:23:34 | 000,000,000 | ---D | M] -- C:\Users\khitab\AppData\Roaming\GetRightToGo
[2011/12/11 12:33:24 | 000,000,000 | ---D | M] -- C:\Users\khitab\AppData\Roaming\Identities
[2012/12/04 14:34:55 | 000,000,000 | ---D | M] -- C:\Users\khitab\AppData\Roaming\IObit
[2012/12/04 14:56:00 | 000,000,000 | ---D | M] -- C:\Users\khitab\AppData\Roaming\JonDo
[2011/12/11 12:34:00 | 000,000,000 | ---D | M] -- C:\Users\khitab\AppData\Roaming\Macromedia
[2011/12/12 07:12:15 | 000,000,000 | ---D | M] -- C:\Users\khitab\AppData\Roaming\Malwarebytes
[2010/11/21 08:16:41 | 000,000,000 | ---D | M] -- C:\Users\khitab\AppData\Roaming\Media Center Programs
[2012/12/01 15:26:46 | 000,000,000 | --SD | M] -- C:\Users\khitab\AppData\Roaming\Microsoft
[2012/07/29 13:17:14 | 000,000,000 | ---D | M] -- C:\Users\khitab\AppData\Roaming\Mozilla
[2012/07/05 11:52:50 | 000,000,000 | ---D | M] -- C:\Users\khitab\AppData\Roaming\Nero
[2012/02/06 14:57:25 | 000,000,000 | ---D | M] -- C:\Users\khitab\AppData\Roaming\Nokia
[2011/12/11 12:34:05 | 000,000,000 | ---D | M] -- C:\Users\khitab\AppData\Roaming\OEM
[2012/01/06 17:59:18 | 000,000,000 | ---D | M] -- C:\Users\khitab\AppData\Roaming\Opera
[2012/02/06 15:03:02 | 000,000,000 | ---D | M] -- C:\Users\khitab\AppData\Roaming\PC Suite
[2011/12/29 13:05:59 | 000,000,000 | ---D | M] -- C:\Users\khitab\AppData\Roaming\QuickScan
[2012/11/16 19:06:00 | 000,000,000 | ---D | M] -- C:\Users\khitab\AppData\Roaming\Skype
[2012/08/04 22:26:19 | 000,000,000 | ---D | M] -- C:\Users\khitab\AppData\Roaming\SoftGrid Client
[2011/12/14 00:16:32 | 000,000,000 | ---D | M] -- C:\Users\khitab\AppData\Roaming\TP
[2012/12/04 14:35:10 | 000,000,000 | ---D | M] -- C:\Users\khitab\AppData\Roaming\uTorrent
[2012/12/04 13:53:21 | 000,000,000 | ---D | M] -- C:\Users\khitab\AppData\Roaming\vlc
[2011/12/20 18:58:48 | 000,000,000 | ---D | M] -- C:\Users\khitab\AppData\Roaming\Windows Live Writer

< %APPDATA%\*.exe /s >

< %temp%\*.exe /s >
[2012/12/02 04:53:32 | 002,257,408 | ---- | M] (Jason York) -- C:\Users\khitab\AppData\Local\Temp\pc-decrapifier.exe
[5 C:\Users\khitab\AppData\Local\Temp\*.tmp files -> C:\Users\khitab\AppData\Local\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2012/10/08 09:02:17 | 009,738,240 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\ieframe.dll
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< MD5 for: EXPLORER.EXE >
[2011/02/26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/02/25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/21 04:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/21 04:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: WININIT.EXE >
[2009/07/14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009/07/14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

< HKEY_LOCAL_MACHINE\SYSTEM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters /s >

< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems /s >
"Debug" =
"" = mnmsrvc
"Kmode" = \SystemRoot\System32\win32k.sys
"Optional" = Posix [binary data]
"Posix" = %SystemRoot%\system32\psxss.exe
"Required" = DebugWindows [binary data]
"Windows" = %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

< nslookup http://www.google.fr /c >
Serveur : dns2.proxad.net
Address: 212.27.40.241

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/11/29 10:08:40 | 000,892,176 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/11/29 10:08:40 | 000,892,176 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/11/29 10:08:40 | 000,892,176 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files (x86)\Mozilla Firefox\firefox.exe [2012/11/29 09:26:08 | 000,916,960 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -preferences [2012/11/29 09:26:08 | 000,916,960 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -safe-mode [2012/11/29 09:26:08 | 000,916,960 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2011/09/20 01:19:47 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2011/09/20 01:19:47 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2011/09/20 01:19:47 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -extoff [2012/10/08 09:37:24 | 000,748,704 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files (x86)\Internet Explorer\iexplore.exe [2012/10/08 09:37:24 | 000,748,704 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Opera\Opera.exe" /ShowIconsCommand
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Opera\Opera.exe" /HideIconsCommand
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Opera\Opera.exe" /ReInstallBrowser
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\shell\open\command\\: "C:\Program Files (x86)\Opera\Opera.exe"

< hklm\software\clients\startmenuinternet|command /64 /rs >
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /HIDESHORTCUTS [2012/11/29 10:08:40 | 000,892,176 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SHOWSHORTCUTS [2012/11/29 10:08:40 | 000,892,176 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SETASDEFAULTAPPGLOBAL [2012/11/29 10:08:40 | 000,892,176 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE [2012/11/29 09:26:08 | 000,916,960 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -PREFERENCES [2012/11/29 09:26:08 | 000,916,960 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -SAFE-MODE [2012/11/29 09:26:08 | 000,916,960 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2011/09/20 01:19:46 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2011/09/20 01:19:46 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2011/09/20 01:19:46 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2012/10/08 09:37:24 | 000,748,704 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE [2012/10/08 09:37:24 | 000,748,704 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\OPERA\OPERA.EXE" /SHOWICONSCOMMAND
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\OPERA\OPERA.EXE" /HIDEICONSCOMMAND
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\OPERA\OPERA.EXE" /REINSTALLBROWSER
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\shell\open\command\\: "C:\PROGRAM FILES (X86)\OPERA\OPERA.EXE"

< >

< End of report >




MERCI! PDT_013
SkyTech

Re: Ordinateur devenu très lent meme a la saisie

par SkyTech »

Ca ne serait pas depuis que tu as installé Trend Micro que les lenteurs ont commencé ?
phillibert

Re: Ordinateur devenu très lent meme a la saisie

par phillibert »

Non non en fait je ne l'ai instalé quaujourd'hui



Je n'ai pas de virus?
SkyTech

Re: Ordinateur devenu très lent meme a la saisie

par SkyTech »

Non rien de tout ça.
  • Menu Démarrer, dans la barre blanche "Rechercher"
  • Tape cmd, clic droit sur cmd.exe, Exécuter en tant qu'administrateur
  • Dans l'invite qui s'ouvre, copie et colle cette ligne

    Code : Tout sélectionner

    chkdsk c: /F/R
Tape sur entrée , dans une fenêtre noir il va te demander si tu veut le faire au redémarrage, tape o (oui), tape sur entrée et redémarre, au redémarrage un écran bleu va s'afficher avec étape 1 sur 5... , c'est normal, il va rester pendant 1h ou 2h.

&

Télécharge Report_CHDSK.exe de Laddy sur ton bureau
Double-Clic dessus pour l'exécuter.
Le rapport va s'ouvrir dans le bloc-note.
Si ce n'est pas le cas, le rapport nommé RapportCHK_DD-MM-AAAA.txt se trouve sur ton bureau.
Poste-le dans ta prochaine réponse.

---

Vérifie les fichiers systèmes : http://forum.malekal.com/sfc-outils-ver ... 50094.html
phillibert

Re: Ordinateur devenu très lent meme a la saisie

par phillibert »

Salut Sky tech , cool tes réponses je répsècte beaucoup tes conaissances dévellopé tu est un as

je vais faire ce que tu m'as indiqué ,d'habitude je suis sous mozilla avec ad block plus et wot plus ghost

aucun pop up ni demande d'installations de modules , j'ai tésté un nouveau logiciel pour l'ip

j'ai ouvert un proxy , je ne sais pas si cela vient de la , quant je surf sous internet explorer la c'est la cata

des fenêtres s'ouvrent toute seul , j'ai des demandes de mon firewall auto et mon pc est toujours lent , je

télécharges de la musique et des films de temps a autres mais je vais arreter,

démarrage de l'opération PDT_008 sorry pour l'horthographe
SkyTech

Re: Ordinateur devenu très lent meme a la saisie

par SkyTech »

Yop,

Je pense avoir trouver la source de ton problème : https://www.malekal.com/2012/06/17/01ne ... er-son-pc/

Relance OTL.
o sous Personnalisation, copie_colle le contenu du cadre ci dessous et clic Correction, un rapport apparraitra suite à l’operation que tu conserveras sur clé usb par exemple afin d’en coller le resultat:
:OTL
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 4001
FF - prefs.js..network.proxy.type: 1
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
[2012/07/21 22:22:22 | 000,000,000 | ---D | M] (01NET.com) -- C:\Users\khitab\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
MsConfig:64bit - StartUpReg: Google Update - hkey= - key= - File not found
[2012/12/04 17:26:20 | 000,000,000 | ---D | C] -- C:\Users\khitab\Desktop\RK_Quarantine
[2012/12/04 14:34:56 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2012/12/04 14:34:55 | 000,000,000 | ---D | C] -- C:\Users\khitab\AppData\Roaming\IObit
[2012/12/04 14:34:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit
[2012/12/01 14:33:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012/12/01 14:33:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2012/11/16 17:53:32 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012/11/16 17:53:32 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
[2012/08/23 22:52:51 | 000,000,000 | ---D | M] -- C:\Users\khitab\AppData\Roaming\Ad-Aware Antivirus
[2012/12/04 14:34:55 | 000,000,000 | ---D | M] -- C:\Users\khitab\AppData\Roaming\IObit
[5 C:\Users\khitab\AppData\Local\Temp\*.tmp files -> C:\Users\khitab\AppData\Local\Temp\*.tmp -> ]
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
:commands
[purity]
[emptytemp]
[emptyflash]
* redemarre le pc sous windows et poste le rapport ici
phillibert

Re: Ordinateur devenu très lent meme a la saisie

par phillibert »

Spytech, Bonsoir je vient de finir en effet cela a durée deux bonnes heures le souci c'est que quant je veux

enregistrer le fichier il me dit que le nom de fichier n'est pas valide et aucun rapport ne figure

dans mon bureau , j'ai tenté de recherché le fichier mais je n'y suis parvenu n'y a t'il pas

un autre moyen de le trouvé?
phillibert

Re: Ordinateur devenu très lent meme a la saisie

par phillibert »

Voila en ce qui concerne OT Spy Tech :





All processes killed
Error: Unable to interpret <FF - prefs.js..network.proxy.http: "127.0.0.1"> in the current context!
Error: Unable to interpret <FF - prefs.js..network.proxy.http_port: 4001> in the current context!
Error: Unable to interpret <FF - prefs.js..network.proxy.type: 1> in the current context!
Error: Unable to interpret <FF - user.js - File not found> in the current context!
Error: Unable to interpret <FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found> in the current context!
Error: Unable to interpret <[2012/07/21 22:22:22 | 000,000,000 | ---D | M] (01NET.com) -- C:\Users\khitab\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}> in the current context!
Error: Unable to interpret <IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0> in the current context!
Error: Unable to interpret <O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.> in the current context!
Error: Unable to interpret <O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.> in the current context!
Error: Unable to interpret <O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.> in the current context!
Error: Unable to interpret <MsConfig:64bit - StartUpReg: Google Update - hkey= - key= - File not found> in the current context!
Error: Unable to interpret <[2012/12/04 17:26:20 | 000,000,000 | ---D | C] -- C:\Users\khitab\Desktop\RK_Quarantine> in the current context!
Error: Unable to interpret <[2012/12/04 14:34:56 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit> in the current context!
Error: Unable to interpret <[2012/12/04 14:34:55 | 000,000,000 | ---D | C] -- C:\Users\khitab\AppData\Roaming\IObit> in the current context!
Error: Unable to interpret <[2012/12/04 14:34:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit> in the current context!
Error: Unable to interpret <[2012/12/01 14:33:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy> in the current context!
Error: Unable to interpret <[2012/12/01 14:33:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2> in the current context!
Error: Unable to interpret <[2012/11/16 17:53:32 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software> in the current context!
Error: Unable to interpret <[2012/11/16 17:53:32 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software> in the current context!
Error: Unable to interpret <[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]> in the current context!
Error: Unable to interpret <[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]> in the current context!
Error: Unable to interpret <[1 C:\*.tmp files -> C:\*.tmp -> ]> in the current context!
Error: Unable to interpret <[2012/08/23 22:52:51 | 000,000,000 | ---D | M] -- C:\Users\khitab\AppData\Roaming\Ad-Aware Antivirus> in the current context!
Error: Unable to interpret <[2012/12/04 14:34:55 | 000,000,000 | ---D | M] -- C:\Users\khitab\AppData\Roaming\IObit> in the current context!
Error: Unable to interpret <[5 C:\Users\khitab\AppData\Local\Temp\*.tmp files -> C:\Users\khitab\AppData\Local\Temp\*.tmp -> ]> in the current context!
Error: Unable to interpret <[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]> in the current context!
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Cobra
->Temp folder emptied: 8115 bytes
->Temporary Internet Files folder emptied: 131475 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 65967090 bytes
->Flash cache emptied: 523 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Invité
->Temp folder emptied: 272115 bytes
->Temporary Internet Files folder emptied: 47822313 bytes
->Java cache emptied: 171640 bytes
->FireFox cache emptied: 101117099 bytes
->Flash cache emptied: 906 bytes

User: khitab
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 17218543 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 69558243 bytes
->Flash cache emptied: 523 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 8236816 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 296,00 mb


[EMPTYFLASH]

User: All Users

User: Cobra
->Flash cache emptied: 0 bytes

User: Default

User: Default User

User: Invité
->Flash cache emptied: 0 bytes

User: khitab
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 12052012_164935

Files\Folders moved on Reboot...
C:\Users\khitab\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\O59IRFZZ\ajs[2].js moved successfully.
C:\Users\khitab\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\O59IRFZZ\ajs[3].js moved successfully.
C:\Users\khitab\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\O59IRFZZ\emily[1].htm moved successfully.
C:\Users\khitab\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\O59IRFZZ\firewall2b[1].js moved successfully.
C:\Users\khitab\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\O59IRFZZ\p[1].js moved successfully.
C:\Users\khitab\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\O59IRFZZ\set_partner_uid[1].gif moved successfully.
C:\Users\khitab\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\O59IRFZZ\verifyrtb[1].js moved successfully.
C:\Users\khitab\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\706LHX0Y\ajs[3].js moved successfully.
C:\Users\khitab\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\706LHX0Y\ajs[4].js moved successfully.
C:\Users\khitab\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\706LHX0Y\g[1].js moved successfully.
C:\Users\khitab\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\271TRXKA\ads[4].htm moved successfully.
C:\Users\khitab\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\271TRXKA\ajs[2].js moved successfully.
C:\Users\khitab\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\271TRXKA\ajs[3].js moved successfully.
C:\Users\khitab\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\271TRXKA\ajs[4].js moved successfully.
C:\Users\khitab\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\271TRXKA\firewall2b[1].js moved successfully.
C:\Users\khitab\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\271TRXKA\ordianteur-devenu-tres-lemps-meme-saisie-t41342[1].htm moved successfully.
C:\Users\khitab\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\271TRXKA\p[6].js moved successfully.
C:\Users\khitab\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\271TRXKA\syncuppixels[1].htm moved successfully.
C:\Users\khitab\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0SJDOZCE\ads[3].htm moved successfully.
C:\Users\khitab\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0SJDOZCE\ajs[1].js moved successfully.
C:\Users\khitab\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0SJDOZCE\impr[1] moved successfully.
C:\Users\khitab\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0SJDOZCE\like[1].htm moved successfully.
C:\Users\khitab\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0SJDOZCE\Pug[3].gif moved successfully.
C:\Users\khitab\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0SJDOZCE\p[3].js moved successfully.
C:\Users\khitab\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\ED8654D5-B9F0-4DD9-B3E8-F8F560086FDF.dat moved successfully.
C:\Users\khitab\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...





Merçi
SkyTech

Re: Ordinateur devenu très lent meme a la saisie

par SkyTech »

Pour OTL tu as dû mettre un espace avant :OTL du coup ce n'est pas bon, réessaye.
phillibert a écrit :enregistrer le fichier il me dit que le nom de fichier n'est pas valide et aucun rapport ne figure
Prends-le ici : http://www.multifa7.be/SkyTech/Report_CHKDSK.exe
phillibert

Re: Ordinateur devenu très lent meme a la saisie

par phillibert »

All processes killed
Error: Unable to interpret <FF - prefs.js..network.proxy.http: "127.0.0.1"> in the current context!
Error: Unable to interpret <FF - prefs.js..network.proxy.http_port: 4001> in the current context!
Error: Unable to interpret <FF - prefs.js..network.proxy.type: 1> in the current context!
Error: Unable to interpret <FF - user.js - File not found> in the current context!
Error: Unable to interpret <FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found> in the current context!
Error: Unable to interpret <[2012/07/21 22:22:22 | 000,000,000 | ---D | M] (01NET.com) -- C:\Users\khitab\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}> in the current context!
Error: Unable to interpret <IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0> in the current context!
Error: Unable to interpret <O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.> in the current context!
Error: Unable to interpret <O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.> in the current context!
Error: Unable to interpret <O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.> in the current context!
Error: Unable to interpret <MsConfig:64bit - StartUpReg: Google Update - hkey= - key= - File not found> in the current context!
Error: Unable to interpret <[2012/12/04 17:26:20 | 000,000,000 | ---D | C] -- C:\Users\khitab\Desktop\RK_Quarantine> in the current context!
Error: Unable to interpret <[2012/12/04 14:34:56 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit> in the current context!
Error: Unable to interpret <[2012/12/04 14:34:55 | 000,000,000 | ---D | C] -- C:\Users\khitab\AppData\Roaming\IObit> in the current context!
Error: Unable to interpret <[2012/12/04 14:34:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit> in the current context!
Error: Unable to interpret <[2012/12/01 14:33:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy> in the current context!
Error: Unable to interpret <[2012/12/01 14:33:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2> in the current context!
Error: Unable to interpret <[2012/11/16 17:53:32 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software> in the current context!
Error: Unable to interpret <[2012/11/16 17:53:32 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software> in the current context!
Error: Unable to interpret <[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]> in the current context!
Error: Unable to interpret <[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]> in the current context!
Error: Unable to interpret <[1 C:\*.tmp files -> C:\*.tmp -> ]> in the current context!
Error: Unable to interpret <[2012/08/23 22:52:51 | 000,000,000 | ---D | M] -- C:\Users\khitab\AppData\Roaming\Ad-Aware Antivirus> in the current context!
Error: Unable to interpret <[2012/12/04 14:34:55 | 000,000,000 | ---D | M] -- C:\Users\khitab\AppData\Roaming\IObit> in the current context!
Error: Unable to interpret <[5 C:\Users\khitab\AppData\Local\Temp\*.tmp files -> C:\Users\khitab\AppData\Local\Temp\*.tmp -> ]> in the current context!
Error: Unable to interpret <[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]> in the current context!
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Cobra
->Temp folder emptied: 8115 bytes
->Temporary Internet Files folder emptied: 131475 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 65967090 bytes
->Flash cache emptied: 523 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Invité
->Temp folder emptied: 272115 bytes
->Temporary Internet Files folder emptied: 47822313 bytes
->Java cache emptied: 171640 bytes
->FireFox cache emptied: 101117099 bytes
->Flash cache emptied: 906 bytes

User: khitab
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 17218543 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 69558243 bytes
->Flash cache emptied: 523 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 8236816 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 296,00 mb


[EMPTYFLASH]

User: All Users

User: Cobra
->Flash cache emptied: 0 bytes

User: Default

User: Default User

User: Invité
->Flash cache emptied: 0 bytes

User: khitab
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 12052012_164935

Files\Folders moved on Reboot...
C:\Users\khitab\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\O59IRFZZ\ajs[2].js moved successfully.
C:\Users\khitab\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\O59IRFZZ\ajs[3].js moved successfully.
C:\Users\khitab\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\O59IRFZZ\emily[1].htm moved successfully.
C:\Users\khitab\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\O59IRFZZ\firewall2b[1].js moved successfully.
C:\Users\khitab\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\O59IRFZZ\p[1].js moved successfully.
C:\Users\khitab\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\O59IRFZZ\set_partner_uid[1].gif moved successfully.
C:\Users\khitab\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\O59IRFZZ\verifyrtb[1].js moved successfully.
C:\Users\khitab\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\706LHX0Y\ajs[3].js moved successfully.
C:\Users\khitab\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\706LHX0Y\ajs[4].js moved successfully.
C:\Users\khitab\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\706LHX0Y\g[1].js moved successfully.
C:\Users\khitab\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\271TRXKA\ads[4].htm moved successfully.
C:\Users\khitab\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\271TRXKA\ajs[2].js moved successfully.
C:\Users\khitab\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\271TRXKA\ajs[3].js moved successfully.
C:\Users\khitab\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\271TRXKA\ajs[4].js moved successfully.
C:\Users\khitab\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\271TRXKA\firewall2b[1].js moved successfully.
C:\Users\khitab\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\271TRXKA\ordianteur-devenu-tres-lemps-meme-saisie-t41342[1].htm moved successfully.
C:\Users\khitab\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\271TRXKA\p[6].js moved successfully.
C:\Users\khitab\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\271TRXKA\syncuppixels[1].htm moved successfully.
C:\Users\khitab\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0SJDOZCE\ads[3].htm moved successfully.
C:\Users\khitab\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0SJDOZCE\ajs[1].js moved successfully.
C:\Users\khitab\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0SJDOZCE\impr[1] moved successfully.
C:\Users\khitab\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0SJDOZCE\like[1].htm moved successfully.
C:\Users\khitab\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0SJDOZCE\Pug[3].gif moved successfully.
C:\Users\khitab\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0SJDOZCE\p[3].js moved successfully.
C:\Users\khitab\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\ED8654D5-B9F0-4DD9-B3E8-F8F560086FDF.dat moved successfully.
C:\Users\khitab\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
  • Sujets similaires
    Réponses
    Vues
    Dernier message

Revenir à « Accélérer Windows et problème de lenteur PC »