PC qui rame; UC a 100% avec svchost

Résolu/Fermé

théo02 Messages postés 175 Date d'inscription mardi 26 janvier 2010 Statut Membre Dernière intervention 25 mai 2014 - 3 mars 2010 à 20:22
théo02 Messages postés 175 Date d'inscription mardi 26 janvier 2010 Statut Membre Dernière intervention 25 mai 2014 - 7 mars 2010 à 19:40

Bonjour,
depuis qqs jours j'ai un gros probleme: mon pc rame tres anormalement; j'ai eu differentes attaques bloquées par antivir.
Je vois que svchost bouffe plus de 95%
J'avais fait un scan avec Antimalware qui m'avait trouvé des choses. J'avais redémarré et c'etait ok.
Hélas le lendemain , quand je rallume, au bout de qqs secondes le pb revient.
J'ai fait CCleaner qui nettoie des trucs; mais ça change rien. MOn pc est a 80 % ; je navigue a peu pres normalement (bof) mais j'ai du mal a ouvrir des fichiers...

Mon PC est un peu vieillissant mais me convenait tres bien:
sous XP sp2, moinsd'1go de ram

voici le rapport Highjack ; si vous aviez un avis... marci d'avance

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:17:15, on 03/03/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\alg.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\Program Files\MouseWare\system\em_exec.exe
C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Documents and Settings\dupont\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\userinit.exe
N3 - Netscape 7: # Mozilla User Preferences
// This is a generated file!

user_pref("browser.activation.checkedNNFlag", true);
user_pref("browser.bookmarks.added_static_root", true);
user_pref("browser.history.last_page_visited", "http://www.netscape.fr/rech?q=pbase%20dupont&p=wf");
user_pref("browser.search.defaultengine", "engine://C%3A%5CPROGRA%7E1%5CNetscape%5CNetscape%5Csearchplugins%5CNetscape_France.src");
user_pref("browser.startup.homepage_override.mstone", "rv:1.0.2");
user_pref("browser.turbo.showDialog", false);
user_pref("intl.charsetmenu.browser.cache", "UTF-8, ISO-8859-1");
user_pref("intl.charsetmenu.composer.cache", "ISO-8859-1");
user_pref("mail.smtpservers", "");
user_pref("mail.ui.folderpane.version", 2);
user_pref("mailnews.global_html_domains.version", 2);
user_pref("mailnews.html_domains", "netscape.net,netscape.com,aol.com,cs.com,yahoo.com,hotmail.com,msn.com");
user_pref("mailnews.ui.threadpane.version", 2);
user_pref("prefs.converted-to-utf8", true);
user_pref("signon.SignonFileName"
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [LDM] \Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Update Service] "C:\Program Files\Fichiers communs\Teknum Systems\update.exe" /startup
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [SRUUninstall] "C:\WINDOWS\System32\msiexec.exe" /L*v C:\WINDOWS\TEMP\SND532unin.txt /x {6AF90EF6-F7F9-466C-99F4-1774826FBB40} /qn REBOOT=ReallySuppress (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [SRUUninstall] "C:\WINDOWS\System32\msiexec.exe" /L*v C:\WINDOWS\TEMP\SND532unin.txt /x {6AF90EF6-F7F9-466C-99F4-1774826FBB40} /qn REBOOT=ReallySuppress (User 'Default user')
O4 - Startup: ICstarter.exe
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Startup: Notification de cadeaux MSN.lnk = C:\Documents and Settings\dupont\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
O4 - Startup: winesm32.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} -
O16 - DPF: {380C4261-4FC3-40D0-ADF8-0240A5857CE6} (Aurigma Image Uploader 2.5) - http://www.photoweb.fr/order/telechargement-photoweb.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/EPUWALControl_v1-0-3-18.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab
O16 - DPF: {68C1822F-F5C7-4404-A73F-03C10E0E94DA} (telechargement-photoweb) - http://www4.photoweb.fr/telechargement/Photoweb_uploader.cab
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://express.foto.com/NewUploader/ImageUploader4.cab
O16 - DPF: {7DBFDA8E-D33B-11D4-9269-00600868E56E} - http://go.securelive.com/speed/WebInstall.dll
O16 - DPF: {826287F8-454E-11D9-ADFE-00062919A34C} (ActiveXUploadFotoCom.UserCtrlFotoCom) - http://express.foto.com/activeX/newUploadFotoCom.CAB
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://www.cabourg.net/meteocam/AxisCamControl.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.wisup.net/album-photo/wistiti/Upload/ImageUploader35.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://www.photoweb.fr/order/XUpload.ocx
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - http://us.dl1.yimg.com/download.companion.yahoo.com/dl/toolbar/yiebio5_2_3_0.cab
O16 - DPF: {FB90BA05-66E6-4C56-BCD3-D65B0F7EBA39} (Foto.com SpeedUploader 1.0 Control) - http://express.foto.com/activeX/SpeedUploader.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Update Service (gupdate1c9855e65ee66b4) (gupdate1c9855e65ee66b4) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - Unknown owner - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe (file missing)

A voir également:

PC qui rame; UC a 100% avec svchost
Pc qui rame - Guide
Test performance pc - Guide
Remettre a zero un pc - Guide
Whatsapp pc - Télécharger - Messagerie
Double ecran pc - Guide

43 réponses

Réponse 21 / 43

théo02 Messages postés 175 Date d'inscription mardi 26 janvier 2010 Statut Membre Dernière intervention 25 mai 2014 3
5 mars 2010 à 14:20

le voilà je pense

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
No active process named iexplore.exe was found!
No active process named firefox.exe was found!
No active process named msnmsgr.exe was found!
No active process named Teatimer.exe was found!
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\WMC_AutoUpdate deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\Symantec NetDriver Monitor deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\Symantec NetDriver Warning deleted successfully.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\Symantec NetDriver Monitor not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\Symantec NetDriver Warning not found.
Registry value HKEY_USERS\S-1-5-21-1732608525-2707793527-1502412964-1007\Software\Microsoft\Windows\CurrentVersion\Run\\LDM deleted successfully.
Starting removal of ActiveX control {1D6711C8-7154-40BB-8380-3DEA45B69CBF}
Registry delete failed. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1D6711C8-7154-40BB-8380-3DEA45B69CBF}\ scheduled to be deleted on reboot.
Unable to locate HKLM\Software\OldTimer Tools\OTL key.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1D6711C8-7154-40BB-8380-3DEA45B69CBF}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{1D6711C8-7154-40BB-8380-3DEA45B69CBF}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1D6711C8-7154-40BB-8380-3DEA45B69CBF}\ not found.
Starting removal of ActiveX control {7DBFDA8E-D33B-11D4-9269-00600868E56E}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{7DBFDA8E-D33B-11D4-9269-00600868E56E}\DownloadInformation\\INF .
Registry delete failed. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{7DBFDA8E-D33B-11D4-9269-00600868E56E}\ scheduled to be deleted on reboot.
Unable to locate HKLM\Software\OldTimer Tools\OTL key.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7DBFDA8E-D33B-11D4-9269-00600868E56E}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7DBFDA8E-D33B-11D4-9269-00600868E56E}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7DBFDA8E-D33B-11D4-9269-00600868E56E}\ not found.
Starting removal of ActiveX control {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
Unable to locate HKLM\Software\OldTimer Tools\OTL key.
File move failed. C:\WINDOWS\Downloaded Program Files\erma.inf scheduled to be moved on reboot.
Registry delete failed. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ scheduled to be deleted on reboot.
Unable to locate HKLM\Software\OldTimer Tools\OTL key.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}
Registry delete failed. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}\ scheduled to be deleted on reboot.
Unable to locate HKLM\Software\OldTimer Tools\OTL key.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}
Registry delete failed. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ scheduled to be deleted on reboot.
Unable to locate HKLM\Software\OldTimer Tools\OTL key.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
Registry delete failed. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ scheduled to be deleted on reboot.
Unable to locate HKLM\Software\OldTimer Tools\OTL key.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
Registry delete failed. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ scheduled to be deleted on reboot.
Unable to locate HKLM\Software\OldTimer Tools\OTL key.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
Registry delete failed. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ scheduled to be deleted on reboot.
Unable to locate HKLM\Software\OldTimer Tools\OTL key.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
Registry delete failed. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\ scheduled to be deleted on reboot.
Unable to locate HKLM\Software\OldTimer Tools\OTL key.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
Registry delete failed. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\ scheduled to be deleted on reboot.
Unable to locate HKLM\Software\OldTimer Tools\OTL key.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {EF99BD32-C1FB-11D2-892F-0090271D4F88}
Unable to locate HKLM\Software\OldTimer Tools\OTL key.
File move failed. C:\WINDOWS\Downloaded Program Files\ycomp5_2_3_0.inf scheduled to be moved on reboot.
Registry delete failed. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ scheduled to be deleted on reboot.
Unable to locate HKLM\Software\OldTimer Tools\OTL key.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ not found.
File Animation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab not found.
Starting removal of ActiveX control DirectAnimation Java Classes
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\DirectAnimation Java Classes\DownloadInformation\\INF .
Registry delete failed. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\DirectAnimation Java Classes\ scheduled to be deleted on reboot.
Unable to locate HKLM\Software\OldTimer Tools\OTL key.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\DirectAnimation Java Classes\ not found.
File oft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab not found.
Starting removal of ActiveX control Microsoft XML Parser for Java
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\DownloadInformation\\INF .
Registry delete failed. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\ scheduled to be deleted on reboot.
Unable to locate HKLM\Software\OldTimer Tools\OTL key.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\Microsoft XML Parser for Java\ not found.
Registry delete failed. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{90ec9a1c-818c-11dd-8e03-00b0c4008803}\ scheduled to be deleted on reboot.
Unable to locate HKLM\Software\OldTimer Tools\OTL key.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{90ec9a1c-818c-11dd-8e03-00b0c4008803}\ not found.
File autorun not found.
Registry delete failed. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{90ec9a1c-818c-11dd-8e03-00b0c4008803}\ scheduled to be deleted on reboot.
Unable to locate HKLM\Software\OldTimer Tools\OTL key.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{90ec9a1c-818c-11dd-8e03-00b0c4008803}\ not found.
File K:\ \autorun.exe not found.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Current\Version\Run not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Current\Version\Run not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Current\Version\Run not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Current\Version\Run not found.
Unable to set value : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\"AntiVirusOverride"|1 /E!
Unable to set value : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\"FirewallOverride"|1 /E!
Registry delete failed. HKEY_USERS\.default\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{0E5CBF21-D15F-11D0-8301-00AA005B4383} scheduled to be deleted on reboot.
Unable to locate HKLM\Software\OldTimer Tools\OTL key.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0E5CBF21-D15F-11D0-8301-00AA005B4383}\ not found.
Registry delete failed. HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{0E5CBF21-D15F-11D0-8301-00AA005B4383} scheduled to be deleted on reboot.
Unable to locate HKLM\Software\OldTimer Tools\OTL key.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0E5CBF21-D15F-11D0-8301-00AA005B4383}\ not found.
Registry delete failed. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\MSN Messenger\livecall.exe scheduled to be deleted on reboot.
Unable to locate HKLM\Software\OldTimer Tools\OTL key.
Registry delete failed. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe scheduled to be deleted on reboot.
Unable to locate HKLM\Software\OldTimer Tools\OTL key.
Unable to set value : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\"C:\Program Files\Internet Explorer\iexplore.exe"|"C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer" /E!
Registry delete failed. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\MSN Messenger\livecall.exe scheduled to be deleted on reboot.
Unable to locate HKLM\Software\OldTimer Tools\OTL key.
Registry delete failed. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Documents and Settings\dupont\Local Settings\Temp\QZTEMP\freezer.exe scheduled to be deleted on reboot.
Unable to locate HKLM\Software\OldTimer Tools\OTL key.
Registry delete failed. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Documents and Settings\dupont\Mes documents\freezer v1.4 fr\freezer.exe scheduled to be deleted on reboot.
Unable to locate HKLM\Software\OldTimer Tools\OTL key.
========== FILES ==========
File\Folder C:\Documents and Settings\Pharaon\Menu Démarrer\Programmes\Démarrage\PowerReg Scheduler.exe not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrateur

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
->Flash cache emptied: 41 bytes

User: dupont

User: LocalService

User: NetworkService

User: Propriétaire

%systemdrive% .tmp files removed: 0 bytes
Unable to locate HKLM\Software\OldTimer Tools\OTL key.
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
Unable to locate HKLM\Software\OldTimer Tools\OTL key.
%systemroot%\System32\drivers .tmp files removed: 1897408 bytes
Unable to locate HKLM\Software\OldTimer Tools\OTL key.
Windows Temp folder emptied: 122880 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 2,00 mb

OTL by OldTimer - Version 3.1.32.0 log created on 03052010_140059

Réponse 22 / 43

Utilisateur anonyme
5 mars 2010 à 14:29

reefais la manip en mode sans echec stp :

Comment aller en Mode sans échec :

▶ Redémarres ton ordi
▶ Tapote la touche F8 immédiatement, (F5 sur certains PC) juste après le "Bip"
▶ Tu verras un écran avec options de démarrage apparaître
▶ Choisis la première option : Sans Échec, et valide avec "Entrée"
▶ Choisis ton compte habituel, et non Administrateur (si besoin ... )

(attention : pas de connexion possible en mode sans échec , donc copies ou imprimes bien la manipe pour éviter les erreurs ...)

Réponse 23 / 43

théo02 Messages postés 175 Date d'inscription mardi 26 janvier 2010 Statut Membre Dernière intervention 25 mai 2014 3
5 mars 2010 à 14:33

la manip où je copie le truc et je mets dans custom scan fix ??

je refais en mode sans echec?

si oui je refais ça en début de soirée car je dois repartir au boulot
apres je poste le rapport; je redemarre ou j'attends ?

Réponse 24 / 43

Utilisateur anonyme
5 mars 2010 à 14:38

ok oui cette manip en mode sans echec

copie-la dans un txt que tu retrouveras sur ton bureau en mode sans echec

oui tu posteras le rapport ensuite stp

le pc devrait redemarrer de lui-même a la fin du travail d'OTL

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question

Réponse 25 / 43

théo02 Messages postés 175 Date d'inscription mardi 26 janvier 2010 Statut Membre Dernière intervention 25 mai 2014 3
5 mars 2010 à 18:18

çay est je suis rentré.
J'ai fait ce qu'il fallait: mode sans echec puis coller dans scan fix
il a redémarré ; c'est ok.

avant de te montrer le scan, j'observe un changement: j'ai le message qui me dit que j'ai des mises a jour dispo; cela fait des années que je n'avais pas eu cela !!! je ne faisais plus cela.
Est ce si important de les faire ? dois je le faire ?
en tout cas merci dix mille fois de m'aider...
le scan:

All processes killed
========== PROCESSES ==========
Process explorer.exe killed successfully!
No active process named iexplore.exe was found!
No active process named firefox.exe was found!
No active process named msnmsgr.exe was found!
No active process named Teatimer.exe was found!
========== OTL ==========
Prefs.js: askopensearch-VTS@ask.com:1.0.0.0 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}:6.0.05 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}:6.0.10 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16 removed from extensions.enabledItems
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\WMC_AutoUpdate not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\Symantec NetDriver Monitor not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\Symantec NetDriver Warning not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\Symantec NetDriver Monitor not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\Symantec NetDriver Warning not found.
Registry value HKEY_USERS\S-1-5-21-1732608525-2707793527-1502412964-1007\Software\Microsoft\Windows\CurrentVersion\Run\\LDM not found.
Starting removal of ActiveX control {1D6711C8-7154-40BB-8380-3DEA45B69CBF}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1D6711C8-7154-40BB-8380-3DEA45B69CBF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1D6711C8-7154-40BB-8380-3DEA45B69CBF}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{1D6711C8-7154-40BB-8380-3DEA45B69CBF}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1D6711C8-7154-40BB-8380-3DEA45B69CBF}\ not found.
Starting removal of ActiveX control {7DBFDA8E-D33B-11D4-9269-00600868E56E}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{7DBFDA8E-D33B-11D4-9269-00600868E56E}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{7DBFDA8E-D33B-11D4-9269-00600868E56E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7DBFDA8E-D33B-11D4-9269-00600868E56E}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7DBFDA8E-D33B-11D4-9269-00600868E56E}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7DBFDA8E-D33B-11D4-9269-00600868E56E}\ not found.
Starting removal of ActiveX control {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
C:\WINDOWS\Downloaded Program Files\erma.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {EF99BD32-C1FB-11D2-892F-0090271D4F88}
C:\WINDOWS\Downloaded Program Files\ycomp5_2_3_0.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ not found.
File Animation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab not found.
Starting removal of ActiveX control DirectAnimation Java Classes
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\DirectAnimation Java Classes\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\DirectAnimation Java Classes\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\DirectAnimation Java Classes\ not found.
File oft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab not found.
Starting removal of ActiveX control Microsoft XML Parser for Java
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\Microsoft XML Parser for Java\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{90ec9a1c-818c-11dd-8e03-00b0c4008803}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{90ec9a1c-818c-11dd-8e03-00b0c4008803}\ not found.
File autorun not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{90ec9a1c-818c-11dd-8e03-00b0c4008803}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{90ec9a1c-818c-11dd-8e03-00b0c4008803}\ not found.
File K:\ \autorun.exe not found.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Current\Version\Run not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Current\Version\Run not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Current\Version\Run not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Current\Version\Run not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\"AntiVirusOverride"|1 /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\"FirewallOverride"|1 /E : value set successfully!
Registry value HKEY_USERS\.default\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{0E5CBF21-D15F-11D0-8301-00AA005B4383} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0E5CBF21-D15F-11D0-8301-00AA005B4383}\ deleted successfully.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{0E5CBF21-D15F-11D0-8301-00AA005B4383} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0E5CBF21-D15F-11D0-8301-00AA005B4383}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\MSN Messenger\livecall.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\"C:\Program Files\Internet Explorer\iexplore.exe"|"C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer" /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\MSN Messenger\livecall.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Documents and Settings\dupont\Local Settings\Temp\QZTEMP\freezer.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Documents and Settings\dupont\Mes documents\freezer v1.4 fr\freezer.exe deleted successfully.
========== FILES ==========
File\Folder C:\Documents and Settings\Pharaon\Menu Démarrer\Programmes\Démarrage\PowerReg Scheduler.exe not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrateur
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: dupont
->Temp folder emptied: 36533354 bytes
->Temporary Internet Files folder emptied: 8371663 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 268126983 bytes
->Flash cache emptied: 2086 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Propriétaire

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 1897408 bytes
Windows Temp folder emptied: 40960 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 189799 bytes
RecycleBin emptied: 2182537 bytes

Total Files Cleaned = 303,00 mb

OTL by OldTimer - Version 3.1.32.0 log created on 03052010_180804

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

Réponse 26 / 43

théo02 Messages postés 175 Date d'inscription mardi 26 janvier 2010 Statut Membre Dernière intervention 25 mai 2014 3
6 mars 2010 à 19:19

Il est plus là mon ami gen hackman ??!!!

non, c'est tout , tant pis; en tout cas ça a l'air de bien aller pour mon pc. On touche du bois....
Il m'a ameliorer des trucs en tout cas: j'ai de nouveau acces aux mise a jour windows (pas vues de puis 2 ou 3 ans...)
DE plus , j'avais un pb (je m'y etais fait...) quand je voulais eteindre mon pc , il fallait attendre 3 ou 4 minutes pour avoir la fenetre "mettre en veille. fermer . redemarrer". Maintenant cette fenetre arrive immédiatement, comme y a tres longtemps quoi.
Mon gestionnaire de tâches semble nickel ; bref je suis heureux et c'est grace à mon sauveur... encore mille mercis !!

Réponse 27 / 43

Utilisateur anonyme
6 mars 2010 à 19:36

hello on passe au nettoyage :

option 1 de ceci :

http://sd-1.archive-host.com/membres/up/829108531491024/Mes_Tools/Kill_Tool.exe

Réponse 28 / 43

théo02 Messages postés 175 Date d'inscription mardi 26 janvier 2010 Statut Membre Dernière intervention 25 mai 2014 3
6 mars 2010 à 20:00

voilà le rapport

List_Tool by g3n-h@ckm@n 1.0.0.2

¤¤¤¤¤¤¤¤¤¤ Files | Folders :

Present : C:\Kill'em
Present : C:\Kill'em.txt
Present : C:\Qoobox
Present : C:\_OTL
Present : C:\ComboFix\SF.exe
Present : C:\Documents and Settings\All Users\Bureau\List_Kill'em.lnk
Present : C:\Documents and Settings\All Users\Menu Démarrer\Programmes\List_Kill'em
Present : C:\Documents and Settings\All Users\Menu Démarrer\Programmes\List_Kill'em\Désinstaller List_Kill'em.lnk
Present : C:\Documents and Settings\All Users\Menu Démarrer\Programmes\List_Kill'em\List_Kill'em.lnk
Present : C:\Kill'em\Quarantine
Present : C:\Kill'em\Save
Present : C:\Kill'em\Save\DEFAULT
Present : C:\Kill'em\Save\ERDNT.CON
Present : C:\Kill'em\Save\ERDNT.EXE
Present : C:\Kill'em\Save\ERDNT.INF
Present : C:\Kill'em\Save\ERDNTDOS.LOC
Present : C:\Kill'em\Save\ERDNTWIN.LOC
Present : C:\Kill'em\Save\SAM
Present : C:\Kill'em\Save\SECURITY
Present : C:\Kill'em\Save\SOFTWARE
Present : C:\Kill'em\Save\SYSTEM
Present : C:\Kill'em\Save\Users
Present : C:\Kill'em\Save\Users\00000001
Present : C:\Kill'em\Save\Users\00000002
Present : C:\Kill'em\Save\Users\00000001\ntuser.dat
Present : C:\Kill'em\Save\Users\00000002\UsrClass.dat
Present : C:\Program Files\List_Kill'em
Present : C:\Program Files\List_Kill'em\List_Kill'em.scr
Present : C:\Program Files\List_Kill'em\unins000.dat
Present : C:\Program Files\List_Kill'em\unins000.exe
Present : C:\Qoobox\BackEnv
Present : C:\Qoobox\LastRun
Present : C:\Qoobox\Quarantine
Present : C:\Qoobox\Test
Present : C:\Qoobox\TestC
Present : C:\Qoobox\Quarantine\C
Present : C:\Qoobox\Quarantine\catchme.log
Present : C:\Qoobox\Quarantine\Registry_backups
Present : C:\Qoobox\Quarantine\C\WINDOWS
Present : C:\Qoobox\Quarantine\C\WINDOWS\_yipty_.rci.zip
Present : C:\_OTL\MovedFiles
Present : C:\_OTL\MovedFiles\03052010_140059
Present : C:\_OTL\MovedFiles\03052010_140059.log
Present : C:\_OTL\MovedFiles\03052010_180804
Present : C:\_OTL\MovedFiles\03052010_180804.log
Present : C:\_OTL\MovedFiles\03052010_140059\C_WINDOWS
Present : C:\_OTL\MovedFiles\03052010_140059\C_WINDOWS\Downloaded Program Files
Present : C:\_OTL\MovedFiles\03052010_180804\C_WINDOWS
Present : C:\_OTL\MovedFiles\03052010_180804\C_WINDOWS\Downloaded Program Files
Present : C:\_OTL\MovedFiles\03052010_180804\C_WINDOWS\Downloaded Program Files\erma.inf
Present : C:\_OTL\MovedFiles\03052010_180804\C_WINDOWS\Downloaded Program Files\ycomp5_2_3_0.inf

¤¤¤¤¤¤¤¤¤¤ Keys :

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{e88ba4e8-6b36-4d39-9499-c10b439819e1}_is1
DisplayName REG_SZ List_Kill'em 1.2.8.4

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ( EOF ) ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

Réponse 29 / 43

Utilisateur anonyme
6 mars 2010 à 20:05

option 2 (l'outil devrait s'auto supprimer)

Réponse 30 / 43

théo02 Messages postés 175 Date d'inscription mardi 26 janvier 2010 Statut Membre Dernière intervention 25 mai 2014 3
6 mars 2010 à 20:06

ok

Kill_Tool by g3n-h@ckm@n 1.0.0.2

¤¤¤¤¤¤¤¤¤¤ Files | Folders

Deleted : C:\Kill'em
Deleted : C:\Kill'em.txt
Deleted : C:\Qoobox
Deleted : C:\_OTL
Deleted : C:\ComboFix\SF.exe
Deleted : C:\Documents and Settings\All Users\Bureau\List_Kill'em.lnk
Deleted : C:\Documents and Settings\All Users\Menu Démarrer\Programmes\List_Kill'em
Deleted : C:\Documents and Settings\All Users\Menu Démarrer\Programmes\List_Kill'em\Désinstaller List_Kill'em.lnk
Deleted : C:\Documents and Settings\All Users\Menu Démarrer\Programmes\List_Kill'em\List_Kill'em.lnk
Deleted : C:\Kill'em\Quarantine
Deleted : C:\Kill'em\Save
Deleted : C:\Kill'em\Save\DEFAULT
Deleted : C:\Kill'em\Save\ERDNT.CON
Deleted : C:\Kill'em\Save\ERDNT.EXE
Deleted : C:\Kill'em\Save\ERDNT.INF
Deleted : C:\Kill'em\Save\ERDNTDOS.LOC
Deleted : C:\Kill'em\Save\ERDNTWIN.LOC
Deleted : C:\Kill'em\Save\SAM
Deleted : C:\Kill'em\Save\SECURITY
Deleted : C:\Kill'em\Save\SOFTWARE
Deleted : C:\Kill'em\Save\SYSTEM
Deleted : C:\Kill'em\Save\Users
Deleted : C:\Kill'em\Save\Users\00000001
Deleted : C:\Kill'em\Save\Users\00000002
Deleted : C:\Kill'em\Save\Users\00000001\ntuser.dat
Deleted : C:\Kill'em\Save\Users\00000002\UsrClass.dat
Deleted : C:\Program Files\List_Kill'em
Deleted : C:\Program Files\List_Kill'em\List_Kill'em.scr
Deleted : C:\Program Files\List_Kill'em\unins000.dat
Deleted : C:\Program Files\List_Kill'em\unins000.exe
Deleted : C:\Qoobox\BackEnv
Deleted : C:\Qoobox\LastRun
Deleted : C:\Qoobox\Quarantine
Deleted : C:\Qoobox\Test
Deleted : C:\Qoobox\TestC
Deleted : C:\Qoobox\Quarantine\C
Deleted : C:\Qoobox\Quarantine\catchme.log
Deleted : C:\Qoobox\Quarantine\Registry_backups
Deleted : C:\Qoobox\Quarantine\C\WINDOWS
Deleted : C:\Qoobox\Quarantine\C\WINDOWS\_yipty_.rci.zip
Deleted : C:\_OTL\MovedFiles
Deleted : C:\_OTL\MovedFiles\03052010_140059
Deleted : C:\_OTL\MovedFiles\03052010_140059.log
Deleted : C:\_OTL\MovedFiles\03052010_180804
Deleted : C:\_OTL\MovedFiles\03052010_180804.log
Deleted : C:\_OTL\MovedFiles\03052010_140059\C_WINDOWS
Deleted : C:\_OTL\MovedFiles\03052010_140059\C_WINDOWS\Downloaded Program Files
Deleted : C:\_OTL\MovedFiles\03052010_180804\C_WINDOWS
Deleted : C:\_OTL\MovedFiles\03052010_180804\C_WINDOWS\Downloaded Program Files
Deleted : C:\_OTL\MovedFiles\03052010_180804\C_WINDOWS\Downloaded Program Files\erma.inf
Deleted : C:\_OTL\MovedFiles\03052010_180804\C_WINDOWS\Downloaded Program Files\ycomp5_2_3_0.inf

¤¤¤¤¤¤¤¤¤¤ Keys :

Deleted : HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{E88BA4E8-6B36-4D39-9499-C10B439819E1}_is1

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ( EOF ) ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

Réponse 31 / 43

théo02 Messages postés 175 Date d'inscription mardi 26 janvier 2010 Statut Membre Dernière intervention 25 mai 2014 3
6 mars 2010 à 22:51

je viens de voir un truc; dans spybot, je dois purger? je suis allé dans sauvegardes et j'ai vu plein de trucs...

Réponse 32 / 43

Utilisateur anonyme
6 mars 2010 à 22:55

purge , purge...^^

Réponse 33 / 43

théo02 Messages postés 175 Date d'inscription mardi 26 janvier 2010 Statut Membre Dernière intervention 25 mai 2014 3
6 mars 2010 à 23:08

merci ; par contre je me rends compte que mes ennuis sont surement arrivé par une clé usb
Ce soir par exemple, j'ai voulu prendre des docs sur la clé et quend j'ai cliqué dessus j'ai eu un message et un blocage de Avira; j'ai eu peur j'ai supprimé et retirer la clé. Dois je oublié cette clé ??

Réponse 34 / 43

Utilisateur anonyme
6 mars 2010 à 23:26

non....tu l'as toujours sous la main ?

Réponse 35 / 43

théo02 Messages postés 175 Date d'inscription mardi 26 janvier 2010 Statut Membre Dernière intervention 25 mai 2014 3
6 mars 2010 à 23:44

je l'ai ; pourquoi ??

Réponse 36 / 43

Utilisateur anonyme
7 mars 2010 à 00:06

▶ Télécharge UsbFix

(!) Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d'avoir été infectées sans les ouvrir

▶ Double clic sur le raccourci UsbFix présent sur ton bureau .

▶ Au menu principal choisis l'option " F " pour français et tape sur [entrée] .

▶ Au second menu Choisis l'option " 1 " (recherche) et tape sur [entrée]

▶ Laisse travailler l'outil.

▶ Ensuite post le rapport UsbFix.txt qui apparaitra.

Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque. ( C:\UsbFix.txt )

( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.

Réponse 37 / 43

théo02 Messages postés 175 Date d'inscription mardi 26 janvier 2010 Statut Membre Dernière intervention 25 mai 2014 3
7 mars 2010 à 09:57

le voilà

############################## | UsbFix V6.098 |

User : dupont (Administrateurs) # SN400066460006
Update on 03/03/2010 by El Desaparecido , C_XX & Chimay8
Start at: 09:54:55 | 07/03/2010
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

AMD Athlon(tm) XP 2600+
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 2
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Enabled
AV : AntiVir PersonalEdition Classic Virus Protection 0.0.0.0 [ Enabled | Updated ]
AV : AntiVir PersonalEdition Classic Virus Protection 0.0.0.0 [ Enabled | Updated ]
AV : Avira AntiVir PersonalEdition 8.0.1.30 [ Enabled | Updated ]
AV : AntiVir PersonalEdition Classic Virus Protection 0.0.0.0 [ Enabled | Updated ]
AV : AntiVir PersonalEdition Classic Virus Protection 7.0.3.150
[ Enabled | Updated ]
AV : AntiVir PersonalEdition Classic Virus Protection 7.0.1.80
[ Enabled | Updated ]

A:\ -> Lecteur de disquettes 3 ½ pouces
C:\ -> Disque fixe local # 70,54 Go (15,23 Go free) [HDD] # NTFS
D:\ -> Disque CD-ROM
E:\ -> Disque CD-ROM
J:\ -> Disque fixe local # 149,01 Go (104,98 Go free) [My Passport] # FAT32
K:\ -> Disque amovible # 1,87 Go (1013,56 Mo free) [UDISK] # FAT

################## | Elements infectieux |

C:\DOCUME~1\dupont\APPLIC~1\Microsoft\Crypto\AM
C:\GETBOOTD.BAT
J:\autorun.inf
K:\autorun.inf
K:\winamp_cache_0001.xml

################## | Registre |

################## | Mountpoints2 |

HKCU\..\..\Explorer\MountPoints2\J
Shell\AutoRun\command =J:\WDSetup.exe

HKCU\..\..\Explorer\MountPoints2\{90ec9a1c-818c-11dd-8e03-00b0c4008803}
shell\autorun\command = \autorun.exe

################## | Vaccin |

################## | ! Fin du rapport # UsbFix V6.098 ! |

Réponse 38 / 43

Utilisateur anonyme
7 mars 2010 à 16:01

salut :

▶ (!) Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d avoir été infectés sans les ouvrir

▶ Double clic (clic droit "en tant qu'administrateur" pour Vista)sur le raccourci UsbFix présent sur ton bureau

▶ Au menu principal choisis l'option " F " pour français et tape sur [entrée] .

▶ Au second menu Choisis l'option " 2 " ( Suppression ) et tape sur [entrée]

▶ Ton bureau disparaitra et le pc redémarrera .

▶ Au redémarrage , UsbFix scannera ton pc , laisse travailler l'outil.

▶ Ensuite post le rapport UsbFix.txt qui apparaitra avec le bureau .

Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque.( C:\UsbFix.txt )

( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

Réponse 39 / 43

théo02 Messages postés 175 Date d'inscription mardi 26 janvier 2010 Statut Membre Dernière intervention 25 mai 2014 3
7 mars 2010 à 18:04

############################## | UsbFix V6.098 |

User : dupont (Administrateurs) # SN400066460006
Update on 03/03/2010 by El Desaparecido , C_XX & Chimay8
Start at: 17:58:35 | 07/03/2010
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

AMD Athlon(tm) XP 2600+
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 2
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Enabled
AV : AntiVir PersonalEdition Classic Virus Protection 0.0.0.0 [ Enabled | Updated ]
AV : AntiVir PersonalEdition Classic Virus Protection 0.0.0.0 [ Enabled | Updated ]
AV : Avira AntiVir PersonalEdition 8.0.1.30 [ Enabled | Updated ]
AV : AntiVir PersonalEdition Classic Virus Protection 0.0.0.0 [ Enabled | Updated ]
AV : AntiVir PersonalEdition Classic Virus Protection 7.0.3.150
[ Enabled | Updated ]
AV : AntiVir PersonalEdition Classic Virus Protection 7.0.1.80
[ Enabled | Updated ]

A:\ -> Lecteur de disquettes 3 ½ pouces
C:\ -> Disque fixe local # 70,54 Go (15,16 Go free) [HDD] # NTFS
D:\ -> Disque CD-ROM
E:\ -> Disque CD-ROM
J:\ -> Disque fixe local # 149,01 Go (104,98 Go free) [My Passport] # FAT32
K:\ -> Disque amovible # 1,87 Go (1013,56 Mo free) [UDISK] # FAT

################## | Elements infectieux |

Réponse 40 / 43

Utilisateur anonyme
7 mars 2010 à 18:33

euh possible de l'avoir en entier ?

Newsletters