Mon Pc est extrêmement lent !
Ds26
-
Utilisateur anonyme -
Utilisateur anonyme -
Bonjour à tous,
J'ai un Pc portable qui date un peu, il est sous windows xp avec avast comme antivirus.
Je ne peux quasiment plus m'en servir. Chaque ouverture de programmes, de fichiers ou de Google chrome me prend plusieurs minutes.
Il rame et plante souvent.
Merci de bien vouloir m'aider car j'ai beau essayé les adwcleaner, bootvis et autres logiciels, rien n'y fait.
David
J'ai un Pc portable qui date un peu, il est sous windows xp avec avast comme antivirus.
Je ne peux quasiment plus m'en servir. Chaque ouverture de programmes, de fichiers ou de Google chrome me prend plusieurs minutes.
Il rame et plante souvent.
Merci de bien vouloir m'aider car j'ai beau essayé les adwcleaner, bootvis et autres logiciels, rien n'y fait.
David
A voir également:
- Mon Pc est extrêmement lent !
- Mon pc est lent - Guide
- Mon mac est lent comment le nettoyer - Guide
- Reinitialiser pc - Guide
- Test performance pc - Guide
- Mon pc est trop lent et se bloque - Guide
48 réponses
Bonsoir à toi,
c'est quoi le peer to peer ?
1) c'est possible d ajouter des ram ?
2) c'est fait
3)comment te dire ce qu'il y a dedans ?
il y a plusieurs choses mais qui ne me semblent pas très importantes
4)Dois-je absolument brancher des sources externes ?
je n'ai rien avec moi.
Merci pour tes réponses.
c'est quoi le peer to peer ?
1) c'est possible d ajouter des ram ?
2) c'est fait
3)comment te dire ce qu'il y a dedans ?
il y a plusieurs choses mais qui ne me semblent pas très importantes
4)Dois-je absolument brancher des sources externes ?
je n'ai rien avec moi.
Merci pour tes réponses.
Voici le rapport OTL.
J'attends ta réponse avant de démarrer usbfix
Bonne soirée.
All processes killed
========== OTL ==========
HKEY_USERS\S-1-5-21-1957994488-1275210071-725345543-1004\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-1957994488-1275210071-725345543-1004\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
File C:\Documents and Settings\david\Application Data\Mozilla\Firefox\Profiles\0yfrz9vt.default\searchplugins\_delta.xml not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\cacaoweb/b\ not found.
C:\WINDOWS\system32\drivers\aswVmm.sys.sum moved successfully.
C:\WINDOWS\system32\drivers\aswSP.sys.sum moved successfully.
C:\WINDOWS\system32\drivers\aswSnx.sys.sum moved successfully.
C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}\x86 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521} folder moved successfully.
C:\Documents and Settings\david\Local Settings\Application Data\{7148F0A6-6813-11D6-A77B-00B0D0142150} folder moved successfully.
========== FILES ==========
C:\Documents and Settings\david\Application Data\TuneUp Software\TU2012\Backups folder moved successfully.
C:\Documents and Settings\david\Application Data\TuneUp Software\TU2012 folder moved successfully.
C:\Documents and Settings\david\Application Data\TuneUp Software folder moved successfully.
C:\23e1b82fdde38ec8ea8a3da9\3082 folder moved successfully.
C:\23e1b82fdde38ec8ea8a3da9\3076 folder moved successfully.
C:\23e1b82fdde38ec8ea8a3da9\2070 folder moved successfully.
C:\23e1b82fdde38ec8ea8a3da9\2052 folder moved successfully.
C:\23e1b82fdde38ec8ea8a3da9\1055 folder moved successfully.
C:\23e1b82fdde38ec8ea8a3da9\1053 folder moved successfully.
C:\23e1b82fdde38ec8ea8a3da9\1049 folder moved successfully.
C:\23e1b82fdde38ec8ea8a3da9\1046 folder moved successfully.
C:\23e1b82fdde38ec8ea8a3da9\1045 folder moved successfully.
C:\23e1b82fdde38ec8ea8a3da9\1044 folder moved successfully.
C:\23e1b82fdde38ec8ea8a3da9\1043 folder moved successfully.
C:\23e1b82fdde38ec8ea8a3da9\1042 folder moved successfully.
C:\23e1b82fdde38ec8ea8a3da9\1041 folder moved successfully.
C:\23e1b82fdde38ec8ea8a3da9\1040 folder moved successfully.
C:\23e1b82fdde38ec8ea8a3da9\1038 folder moved successfully.
C:\23e1b82fdde38ec8ea8a3da9\1037 folder moved successfully.
C:\23e1b82fdde38ec8ea8a3da9\1036 folder moved successfully.
C:\23e1b82fdde38ec8ea8a3da9\1035 folder moved successfully.
C:\23e1b82fdde38ec8ea8a3da9\1033 folder moved successfully.
C:\23e1b82fdde38ec8ea8a3da9\1032 folder moved successfully.
C:\23e1b82fdde38ec8ea8a3da9\1031 folder moved successfully.
C:\23e1b82fdde38ec8ea8a3da9\1030 folder moved successfully.
C:\23e1b82fdde38ec8ea8a3da9\1029 folder moved successfully.
C:\23e1b82fdde38ec8ea8a3da9\1028 folder moved successfully.
C:\23e1b82fdde38ec8ea8a3da9\1025 folder moved successfully.
C:\23e1b82fdde38ec8ea8a3da9 folder moved successfully.
C:\Documents and Settings\david\Application Data\Open It! - Zip Extractor Packages folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Alwil Software\Avast5\Spamconf folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Alwil Software\Avast5\sounds\1036 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Alwil Software\Avast5\sounds folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Alwil Software\Avast5\SecureLine folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Alwil Software\Avast5\report folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Alwil Software\Avast5\moved folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Alwil Software\Avast5\log folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Alwil Software\Avast5\journal folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Alwil Software\Avast5\integ folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Alwil Software\Avast5\HtmlData folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Alwil Software\Avast5\fw folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Alwil Software\Avast5\Fonts folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Alwil Software\Avast5\chest folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Alwil Software\Avast5\backup folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Alwil Software\Avast5\arpot\TEMP folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Alwil Software\Avast5\arpot folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Alwil Software\Avast5 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Alwil Software folder moved successfully.
C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1\x86\x86 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1\x86 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1 folder moved successfully.
C:\b97e85bd8c42eeef556e\i386 folder moved successfully.
C:\b97e85bd8c42eeef556e\amd64 folder moved successfully.
C:\b97e85bd8c42eeef556e folder moved successfully.
C:\Program Files\Winsudate folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy folder moved successfully.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\\Winsudate not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: david
->Temp folder emptied: 1066946142 bytes
->Temporary Internet Files folder emptied: 3132797 bytes
->Java cache emptied: 38214365 bytes
->Google Chrome cache emptied: 53383603 bytes
->Flash cache emptied: 1929214 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: LocalService
->Temp folder emptied: 115616 bytes
->Temporary Internet Files folder emptied: 4893341 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 49894 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 19569 bytes
%systemroot%\System32 .tmp files removed: 3072 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 245070656 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 587329169 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 1536255 bytes
Total Files Cleaned = 1 910,00 mb
Restore point Set: OTL Restore Point
OTL by OldTimer - Version 3.2.69.0 log created on 07222013_225427
Files\Folders moved on Reboot...
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
J'attends ta réponse avant de démarrer usbfix
Bonne soirée.
All processes killed
========== OTL ==========
HKEY_USERS\S-1-5-21-1957994488-1275210071-725345543-1004\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-1957994488-1275210071-725345543-1004\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
File C:\Documents and Settings\david\Application Data\Mozilla\Firefox\Profiles\0yfrz9vt.default\searchplugins\_delta.xml not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\cacaoweb/b\ not found.
C:\WINDOWS\system32\drivers\aswVmm.sys.sum moved successfully.
C:\WINDOWS\system32\drivers\aswSP.sys.sum moved successfully.
C:\WINDOWS\system32\drivers\aswSnx.sys.sum moved successfully.
C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}\x86 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521} folder moved successfully.
C:\Documents and Settings\david\Local Settings\Application Data\{7148F0A6-6813-11D6-A77B-00B0D0142150} folder moved successfully.
========== FILES ==========
C:\Documents and Settings\david\Application Data\TuneUp Software\TU2012\Backups folder moved successfully.
C:\Documents and Settings\david\Application Data\TuneUp Software\TU2012 folder moved successfully.
C:\Documents and Settings\david\Application Data\TuneUp Software folder moved successfully.
C:\23e1b82fdde38ec8ea8a3da9\3082 folder moved successfully.
C:\23e1b82fdde38ec8ea8a3da9\3076 folder moved successfully.
C:\23e1b82fdde38ec8ea8a3da9\2070 folder moved successfully.
C:\23e1b82fdde38ec8ea8a3da9\2052 folder moved successfully.
C:\23e1b82fdde38ec8ea8a3da9\1055 folder moved successfully.
C:\23e1b82fdde38ec8ea8a3da9\1053 folder moved successfully.
C:\23e1b82fdde38ec8ea8a3da9\1049 folder moved successfully.
C:\23e1b82fdde38ec8ea8a3da9\1046 folder moved successfully.
C:\23e1b82fdde38ec8ea8a3da9\1045 folder moved successfully.
C:\23e1b82fdde38ec8ea8a3da9\1044 folder moved successfully.
C:\23e1b82fdde38ec8ea8a3da9\1043 folder moved successfully.
C:\23e1b82fdde38ec8ea8a3da9\1042 folder moved successfully.
C:\23e1b82fdde38ec8ea8a3da9\1041 folder moved successfully.
C:\23e1b82fdde38ec8ea8a3da9\1040 folder moved successfully.
C:\23e1b82fdde38ec8ea8a3da9\1038 folder moved successfully.
C:\23e1b82fdde38ec8ea8a3da9\1037 folder moved successfully.
C:\23e1b82fdde38ec8ea8a3da9\1036 folder moved successfully.
C:\23e1b82fdde38ec8ea8a3da9\1035 folder moved successfully.
C:\23e1b82fdde38ec8ea8a3da9\1033 folder moved successfully.
C:\23e1b82fdde38ec8ea8a3da9\1032 folder moved successfully.
C:\23e1b82fdde38ec8ea8a3da9\1031 folder moved successfully.
C:\23e1b82fdde38ec8ea8a3da9\1030 folder moved successfully.
C:\23e1b82fdde38ec8ea8a3da9\1029 folder moved successfully.
C:\23e1b82fdde38ec8ea8a3da9\1028 folder moved successfully.
C:\23e1b82fdde38ec8ea8a3da9\1025 folder moved successfully.
C:\23e1b82fdde38ec8ea8a3da9 folder moved successfully.
C:\Documents and Settings\david\Application Data\Open It! - Zip Extractor Packages folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Alwil Software\Avast5\Spamconf folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Alwil Software\Avast5\sounds\1036 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Alwil Software\Avast5\sounds folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Alwil Software\Avast5\SecureLine folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Alwil Software\Avast5\report folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Alwil Software\Avast5\moved folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Alwil Software\Avast5\log folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Alwil Software\Avast5\journal folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Alwil Software\Avast5\integ folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Alwil Software\Avast5\HtmlData folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Alwil Software\Avast5\fw folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Alwil Software\Avast5\Fonts folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Alwil Software\Avast5\chest folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Alwil Software\Avast5\backup folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Alwil Software\Avast5\arpot\TEMP folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Alwil Software\Avast5\arpot folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Alwil Software\Avast5 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Alwil Software folder moved successfully.
C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1\x86\x86 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1\x86 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1 folder moved successfully.
C:\b97e85bd8c42eeef556e\i386 folder moved successfully.
C:\b97e85bd8c42eeef556e\amd64 folder moved successfully.
C:\b97e85bd8c42eeef556e folder moved successfully.
C:\Program Files\Winsudate folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy folder moved successfully.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\\Winsudate not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: david
->Temp folder emptied: 1066946142 bytes
->Temporary Internet Files folder emptied: 3132797 bytes
->Java cache emptied: 38214365 bytes
->Google Chrome cache emptied: 53383603 bytes
->Flash cache emptied: 1929214 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: LocalService
->Temp folder emptied: 115616 bytes
->Temporary Internet Files folder emptied: 4893341 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 49894 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 19569 bytes
%systemroot%\System32 .tmp files removed: 3072 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 245070656 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 587329169 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 1536255 bytes
Total Files Cleaned = 1 910,00 mb
Restore point Set: OTL Restore Point
OTL by OldTimer - Version 3.2.69.0 log created on 07222013_225427
Files\Folders moved on Reboot...
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
Re
1) Le P2P.
2) Oui, tu peux ajouter des barrettes de RAM. Après, je ne m'y connais pas du tout, tu ouvriras un nouveau sujet sur le forum, partie Matériel, quand on aura fini !
3) tu me listes le tout (exemple : img.jpg, salut.exe etc...)
ou alors tu me fais une capture d'écran.
4) Tu passeras USBFix quand tu auras tes/ta clé(s) USB et tes/ton disque(s) dur(s)
Aider les autres, c'est bien... Mais quand on ne sait pas s'y prendre, on s'abstient!
1) Le P2P.
2) Oui, tu peux ajouter des barrettes de RAM. Après, je ne m'y connais pas du tout, tu ouvriras un nouveau sujet sur le forum, partie Matériel, quand on aura fini !
3) tu me listes le tout (exemple : img.jpg, salut.exe etc...)
ou alors tu me fais une capture d'écran.
4) Tu passeras USBFix quand tu auras tes/ta clé(s) USB et tes/ton disque(s) dur(s)
Aider les autres, c'est bien... Mais quand on ne sait pas s'y prendre, on s'abstient!
Re,
J'espère que ça te conviendra comme ça.
J'ai appris à faire des captures d'écrans grâce à toi ! lol
3)
C:\Drivers
https://www.cjoint.com/?3Gwx0cQGw32
C:\HSF
Un seul fichier: Contacts.rep (5ko)
C:\AgendaST
https://www.cjoint.com/?3Gwx2AZT1xB
C:\Program Files\eviews
https://www.cjoint.com/?3Gxaa0GxFAC
https://www.cjoint.com/?3GxabDm3CPT
C:\Program Files\extDATA
https://www.cjoint.com/?3GxacczlrE6
J'espère que ça te conviendra comme ça.
J'ai appris à faire des captures d'écrans grâce à toi ! lol
3)
C:\Drivers
https://www.cjoint.com/?3Gwx0cQGw32
C:\HSF
Un seul fichier: Contacts.rep (5ko)
C:\AgendaST
https://www.cjoint.com/?3Gwx2AZT1xB
C:\Program Files\eviews
https://www.cjoint.com/?3Gxaa0GxFAC
https://www.cjoint.com/?3GxabDm3CPT
C:\Program Files\extDATA
https://www.cjoint.com/?3GxacczlrE6
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Renkar: oui, je viens de me renseigner, c'est un logiciel que j'ai téléchargé mais qui ne m'a jamais servi. Je vais le desinstaller.
Oui, j'ai récupéré mon disque dur externe.
Je m'en occupe cet après midi et je te poste ça.
Merci pour tout
Je m'en occupe cet après midi et je te poste ça.
Merci pour tout
Voici le rapport Usbfix
############################## | UsbFix V 7.129 | [Suppression]
Utilisateur: david (Administrateur) # DAVID-26A87B563
Mis à jour le 24/06/2013 par El Desaparecido
Lancé à 15:00:54 | 23/07/2013
Site Web: https://www.sosvirus.net/
Upload Malware: http://www.sosvirus.net/upload-malware-pour-analyse-t489.html
Contact: contact@sosvirus.net
PC: Sony Corporation (VGN-FS515H) (X86-based PC)
CPU: Intel(R) Pentium(R) M processor 1.73GHz (1729)
RAM -> [Total : 502 | Free : 130]
BIOS: Phoenix NoteBIOS 4.0 Release 6.0
BOOT: Normal boot
OS: Microsoft Windows XP Édition familiale (5.1.2600 32-Bit) # Service Pack 3
WB: Windows Internet Explorer 8.0.6001.18702
SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
FW: Windows FireWall Service [Enabled]
C:\ (%systemdrive%) -> Disque fixe # 73 Go (22 Go libre(s) - 31%) [] # NTFS
D:\ -> CD-ROM
G:\ -> Disque fixe # 466 Go (27 Go libre(s) - 6%) [] # FAT32
################## | El Desaparecido Section |
HKLM\SOFTWARE | Run : [AVG_UI] - "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY
HKLM\SOFTWARE | RunOnce : [] -
HKU\S-1-5-19\SOFTWARE | Run : [CTFMON.EXE] - C:\WINDOWS\system32\CTFMON.EXE
HKU\S-1-5-20\SOFTWARE | Run : [CTFMON.EXE] - C:\WINDOWS\system32\CTFMON.EXE
HKU\S-1-5-21-1957994488-1275210071-725345543-1004\SOFTWARE | Run : [ctfmon.exe] - C:\WINDOWS\system32\ctfmon.exe
HKU\S-1-5-18\SOFTWARE | Run : [CTFMON.EXE] - C:\WINDOWS\system32\CTFMON.EXE
################## | Processus Stoppés |
Stoppé! C:\PROGRA~1\AVG\AVG2013\avgrsx.exe (784)
Stoppé! C:\Program Files\AVG\AVG2013\avgcsrvx.exe (840)
Stoppé! C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (1488)
Stoppé! C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (1564)
Stoppé! C:\WINDOWS\system32\spoolsv.exe (392)
Stoppé! C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe (500)
Stoppé! C:\Program Files\AVG\AVG2013\avgidsagent.exe (1508)
Stoppé! C:\Program Files\AVG\AVG2013\avgwdsvc.exe (156)
Stoppé! C:\Program Files\Bonjour\mDNSResponder.exe (1752)
Stoppé! C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\1\FTRTSVC.exe (144)
Stoppé! C:\Program Files\Java\jre6\bin\jqs.exe (552)
Stoppé! C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (716)
Stoppé! C:\Program Files\Sony\VAIO Event Service\VESMgr.exe (1048)
Stoppé! C:\Program Files\AVG\AVG2013\avgnsx.exe (1104)
Stoppé! C:\Program Files\AVG\AVG2013\avgemcx.exe (1640)
Stoppé! C:\WINDOWS\system32\wbem\wmiapsrv.exe (3312)
Stoppé! C:\Program Files\AVG\AVG2013\avgui.exe (2200)
Stoppé! C:\WINDOWS\system32\ctfmon.exe (2216)
Stoppé! C:\Program Files\Google\Chrome\Application\chrome.exe (3248)
Stoppé! C:\Program Files\Google\Chrome\Application\chrome.exe (216)
################## | Éléments infectieux |
Supprimé! G:\Thumbs.db
(!) Fichiers temporaires supprimés.
################## | Registre |
################## | Mountpoints2 |
Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{61268716-2cef-11df-8f64-0016ce4f32ae}
Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{8ff74361-26ca-11df-8f61-0016ce4f32ae}
Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{aac34bda-2bdf-11df-8f63-0013a92f66a4}
Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{af69fe03-d98a-11dd-8e85-0013a92f66a4}
Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{d5acbca0-bcba-11de-8f23-0016ce4f32ae}
################## | Listing |
[18/07/2013 - 15:21:21 | D ] C:\$AVG
[31/12/2012 - 13:40:12 | N | 7169] C:\AdwCleaner[S1].txt
[15/07/2013 - 13:13:31 | N | 1846] C:\AdwCleaner[S2].txt
[19/07/2013 - 00:16:02 | N | 4344] C:\AdwCleaner[S3].txt
[25/08/2009 - 13:28:21 | D ] C:\AgendaST
[03/01/2009 - 13:31:43 | N | 0] C:\AUTOEXEC.BAT
[22/07/2013 - 22:12:58 | N | 216] C:\boot.ini
[02/03/2006 - 14:00:00 | N | 4952] C:\Bootfont.bin
[19/07/2013 - 13:42:24 | D ] C:\Config.Msi
[03/01/2009 - 13:31:43 | N | 0] C:\CONFIG.SYS
[25/01/2010 - 17:49:59 | D ] C:\Documents and Settings
[03/01/2009 - 13:37:49 | D ] C:\Drivers
[27/02/2012 - 14:51:30 | D ] C:\Gestan
[26/12/2011 - 16:57:35 | D ] C:\HSF
[03/01/2009 - 13:31:43 | N | 0] C:\IO.SYS
[03/01/2009 - 13:31:43 | N | 0] C:\MSDOS.SYS
[11/08/2009 - 12:21:15 | RHD ] C:\MSOCache
[02/03/2006 - 14:00:00 | N | 47564] C:\NTDETECT.COM
[03/01/2009 - 14:45:02 | N | 252240] C:\ntldr
[23/07/2013 - 14:46:03 | ASH | 792723456] C:\pagefile.sys
[22/07/2013 - 10:45:18 | N | 512] C:\PhysicalMBR.bin
[22/07/2013 - 22:55:04 | D ] C:\Program Files
[25/01/2010 - 17:49:59 | SHD ] C:\RECYCLER
[25/08/2009 - 13:20:47 | N | 3] C:\Renkar.ini
[22/07/2013 - 17:09:58 | N | 679] C:\RstHosts.txt
[24/12/2012 - 18:09:49 | SHD ] C:\System Volume Information
[23/07/2013 - 15:03:50 | D ] C:\UsbFix
[23/07/2013 - 15:04:18 | A | 4744] C:\UsbFix [Clean 1] DAVID-26A87B563.txt
[22/07/2013 - 22:55:42 | D ] C:\WINDOWS
[22/07/2013 - 22:54:27 | D ] C:\_OTL
[26/07/2012 - 14:15:56 | D ] G:\Photos
[17/03/2011 - 12:01:14 | D ] G:\Films
[19/08/2007 - 11:30:52 | SHD ] G:\RECYCLED
[10/08/2007 - 15:42:28 | SHD ] G:\System Volume Information
[17/04/2013 - 12:47:26 | N | 7318038] G:\IMG_2535.MOV.avi
[17/04/2013 - 12:48:42 | N | 3042846] G:\IMG_2563.MOV.avi
[31/07/2012 - 17:58:38 | D ] G:\Photos Iphone au 31 juillet 2012
[01/01/2013 - 23:36:10 | D ] G:\iphone debo au 1er janvier 2013
[11/04/2013 - 13:51:22 | D ] G:\Photos Iphone au 15 avril 2013
[11/04/2013 - 13:46:58 | D ] G:\Photos iphone
[17/04/2013 - 12:49:52 | N | 2351828] G:\IMG_2564.MOV.avi
[17/04/2013 - 11:57:20 | N | 23454896] G:\IMG_2627.MOV.avi
[17/04/2013 - 12:02:54 | N | 17226060] G:\IMG_2674.MOV.avi
[17/04/2013 - 12:07:08 | N | 13508348] G:\IMG_2711.MOV.avi
[17/04/2013 - 12:07:50 | N | 2171546] G:\IMG_2774.MOV.avi
[17/04/2013 - 12:35:06 | N | 12435572] G:\Copie de IMG_2565.MOV.avi
[15/01/2012 - 21:12:40 | D ] G:\Noa
[30/08/2009 - 12:02:08 | SHD ] G:\$RECYCLE.BIN
[12/02/2008 - 16:58:58 | D ] G:\Manuel
################## | Vaccin |
C:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
G:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
################## | E.O.F | https://www.sosvirus.net/ |
############################## | UsbFix V 7.129 | [Suppression]
Utilisateur: david (Administrateur) # DAVID-26A87B563
Mis à jour le 24/06/2013 par El Desaparecido
Lancé à 15:00:54 | 23/07/2013
Site Web: https://www.sosvirus.net/
Upload Malware: http://www.sosvirus.net/upload-malware-pour-analyse-t489.html
Contact: contact@sosvirus.net
PC: Sony Corporation (VGN-FS515H) (X86-based PC)
CPU: Intel(R) Pentium(R) M processor 1.73GHz (1729)
RAM -> [Total : 502 | Free : 130]
BIOS: Phoenix NoteBIOS 4.0 Release 6.0
BOOT: Normal boot
OS: Microsoft Windows XP Édition familiale (5.1.2600 32-Bit) # Service Pack 3
WB: Windows Internet Explorer 8.0.6001.18702
SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
FW: Windows FireWall Service [Enabled]
C:\ (%systemdrive%) -> Disque fixe # 73 Go (22 Go libre(s) - 31%) [] # NTFS
D:\ -> CD-ROM
G:\ -> Disque fixe # 466 Go (27 Go libre(s) - 6%) [] # FAT32
################## | El Desaparecido Section |
HKLM\SOFTWARE | Run : [AVG_UI] - "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY
HKLM\SOFTWARE | RunOnce : [] -
HKU\S-1-5-19\SOFTWARE | Run : [CTFMON.EXE] - C:\WINDOWS\system32\CTFMON.EXE
HKU\S-1-5-20\SOFTWARE | Run : [CTFMON.EXE] - C:\WINDOWS\system32\CTFMON.EXE
HKU\S-1-5-21-1957994488-1275210071-725345543-1004\SOFTWARE | Run : [ctfmon.exe] - C:\WINDOWS\system32\ctfmon.exe
HKU\S-1-5-18\SOFTWARE | Run : [CTFMON.EXE] - C:\WINDOWS\system32\CTFMON.EXE
################## | Processus Stoppés |
Stoppé! C:\PROGRA~1\AVG\AVG2013\avgrsx.exe (784)
Stoppé! C:\Program Files\AVG\AVG2013\avgcsrvx.exe (840)
Stoppé! C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (1488)
Stoppé! C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (1564)
Stoppé! C:\WINDOWS\system32\spoolsv.exe (392)
Stoppé! C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe (500)
Stoppé! C:\Program Files\AVG\AVG2013\avgidsagent.exe (1508)
Stoppé! C:\Program Files\AVG\AVG2013\avgwdsvc.exe (156)
Stoppé! C:\Program Files\Bonjour\mDNSResponder.exe (1752)
Stoppé! C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\1\FTRTSVC.exe (144)
Stoppé! C:\Program Files\Java\jre6\bin\jqs.exe (552)
Stoppé! C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (716)
Stoppé! C:\Program Files\Sony\VAIO Event Service\VESMgr.exe (1048)
Stoppé! C:\Program Files\AVG\AVG2013\avgnsx.exe (1104)
Stoppé! C:\Program Files\AVG\AVG2013\avgemcx.exe (1640)
Stoppé! C:\WINDOWS\system32\wbem\wmiapsrv.exe (3312)
Stoppé! C:\Program Files\AVG\AVG2013\avgui.exe (2200)
Stoppé! C:\WINDOWS\system32\ctfmon.exe (2216)
Stoppé! C:\Program Files\Google\Chrome\Application\chrome.exe (3248)
Stoppé! C:\Program Files\Google\Chrome\Application\chrome.exe (216)
################## | Éléments infectieux |
Supprimé! G:\Thumbs.db
(!) Fichiers temporaires supprimés.
################## | Registre |
################## | Mountpoints2 |
Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{61268716-2cef-11df-8f64-0016ce4f32ae}
Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{8ff74361-26ca-11df-8f61-0016ce4f32ae}
Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{aac34bda-2bdf-11df-8f63-0013a92f66a4}
Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{af69fe03-d98a-11dd-8e85-0013a92f66a4}
Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{d5acbca0-bcba-11de-8f23-0016ce4f32ae}
################## | Listing |
[18/07/2013 - 15:21:21 | D ] C:\$AVG
[31/12/2012 - 13:40:12 | N | 7169] C:\AdwCleaner[S1].txt
[15/07/2013 - 13:13:31 | N | 1846] C:\AdwCleaner[S2].txt
[19/07/2013 - 00:16:02 | N | 4344] C:\AdwCleaner[S3].txt
[25/08/2009 - 13:28:21 | D ] C:\AgendaST
[03/01/2009 - 13:31:43 | N | 0] C:\AUTOEXEC.BAT
[22/07/2013 - 22:12:58 | N | 216] C:\boot.ini
[02/03/2006 - 14:00:00 | N | 4952] C:\Bootfont.bin
[19/07/2013 - 13:42:24 | D ] C:\Config.Msi
[03/01/2009 - 13:31:43 | N | 0] C:\CONFIG.SYS
[25/01/2010 - 17:49:59 | D ] C:\Documents and Settings
[03/01/2009 - 13:37:49 | D ] C:\Drivers
[27/02/2012 - 14:51:30 | D ] C:\Gestan
[26/12/2011 - 16:57:35 | D ] C:\HSF
[03/01/2009 - 13:31:43 | N | 0] C:\IO.SYS
[03/01/2009 - 13:31:43 | N | 0] C:\MSDOS.SYS
[11/08/2009 - 12:21:15 | RHD ] C:\MSOCache
[02/03/2006 - 14:00:00 | N | 47564] C:\NTDETECT.COM
[03/01/2009 - 14:45:02 | N | 252240] C:\ntldr
[23/07/2013 - 14:46:03 | ASH | 792723456] C:\pagefile.sys
[22/07/2013 - 10:45:18 | N | 512] C:\PhysicalMBR.bin
[22/07/2013 - 22:55:04 | D ] C:\Program Files
[25/01/2010 - 17:49:59 | SHD ] C:\RECYCLER
[25/08/2009 - 13:20:47 | N | 3] C:\Renkar.ini
[22/07/2013 - 17:09:58 | N | 679] C:\RstHosts.txt
[24/12/2012 - 18:09:49 | SHD ] C:\System Volume Information
[23/07/2013 - 15:03:50 | D ] C:\UsbFix
[23/07/2013 - 15:04:18 | A | 4744] C:\UsbFix [Clean 1] DAVID-26A87B563.txt
[22/07/2013 - 22:55:42 | D ] C:\WINDOWS
[22/07/2013 - 22:54:27 | D ] C:\_OTL
[26/07/2012 - 14:15:56 | D ] G:\Photos
[17/03/2011 - 12:01:14 | D ] G:\Films
[19/08/2007 - 11:30:52 | SHD ] G:\RECYCLED
[10/08/2007 - 15:42:28 | SHD ] G:\System Volume Information
[17/04/2013 - 12:47:26 | N | 7318038] G:\IMG_2535.MOV.avi
[17/04/2013 - 12:48:42 | N | 3042846] G:\IMG_2563.MOV.avi
[31/07/2012 - 17:58:38 | D ] G:\Photos Iphone au 31 juillet 2012
[01/01/2013 - 23:36:10 | D ] G:\iphone debo au 1er janvier 2013
[11/04/2013 - 13:51:22 | D ] G:\Photos Iphone au 15 avril 2013
[11/04/2013 - 13:46:58 | D ] G:\Photos iphone
[17/04/2013 - 12:49:52 | N | 2351828] G:\IMG_2564.MOV.avi
[17/04/2013 - 11:57:20 | N | 23454896] G:\IMG_2627.MOV.avi
[17/04/2013 - 12:02:54 | N | 17226060] G:\IMG_2674.MOV.avi
[17/04/2013 - 12:07:08 | N | 13508348] G:\IMG_2711.MOV.avi
[17/04/2013 - 12:07:50 | N | 2171546] G:\IMG_2774.MOV.avi
[17/04/2013 - 12:35:06 | N | 12435572] G:\Copie de IMG_2565.MOV.avi
[15/01/2012 - 21:12:40 | D ] G:\Noa
[30/08/2009 - 12:02:08 | SHD ] G:\$RECYCLE.BIN
[12/02/2008 - 16:58:58 | D ] G:\Manuel
################## | Vaccin |
C:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
G:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
################## | E.O.F | https://www.sosvirus.net/ |
Re,
Je ne sais pas si on a fini mais je dois avouer que l'ordi réagit beaucoup mieux.
J'attends tes nouvelles instructions s'il y en a .
Merci
Je ne sais pas si on a fini mais je dois avouer que l'ordi réagit beaucoup mieux.
J'attends tes nouvelles instructions s'il y en a .
Merci
Possible. Branche ton iPhone et ton appareil photo (ou du moins leur carte mémoire) et refais USBFix.
:)
:)
Voici le nouveau rapport usbfix après avoir branché iphone et carte memoire
############################## | UsbFix V 7.129 | [Suppression]
Utilisateur: david (Administrateur) # DAVID-26A87B563
Mis à jour le 24/06/2013 par El Desaparecido
Lancé à 16:10:58 | 23/07/2013
Site Web: https://www.sosvirus.net/
Upload Malware: http://www.sosvirus.net/upload-malware-pour-analyse-t489.html
Contact: contact@sosvirus.net
PC: Sony Corporation (VGN-FS515H) (X86-based PC)
CPU: Intel(R) Pentium(R) M processor 1.73GHz (1729)
RAM -> [Total : 502 | Free : 80]
BIOS: Phoenix NoteBIOS 4.0 Release 6.0
BOOT: Normal boot
OS: Microsoft Windows XP Édition familiale (5.1.2600 32-Bit) # Service Pack 3
WB: Windows Internet Explorer 8.0.6001.18702
SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
FW: Windows FireWall Service [Enabled]
C:\ (%systemdrive%) -> Disque fixe # 73 Go (22 Go libre(s) - 31%) [] # NTFS
D:\ -> CD-ROM
H:\ -> Disque amovible # 62 Mo (42 Mo libre(s) - 67%) [] # FAT
################## | El Desaparecido Section |
HKLM\SOFTWARE | Run : [AVG_UI] - "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY
HKLM\SOFTWARE | RunOnce : [] -
HKU\S-1-5-19\SOFTWARE | Run : [CTFMON.EXE] - C:\WINDOWS\system32\CTFMON.EXE
HKU\S-1-5-20\SOFTWARE | Run : [CTFMON.EXE] - C:\WINDOWS\system32\CTFMON.EXE
HKU\S-1-5-21-1957994488-1275210071-725345543-1004\SOFTWARE | Run : [ctfmon.exe] - C:\WINDOWS\system32\ctfmon.exe
HKU\S-1-5-21-1957994488-1275210071-725345543-1004\SOFTWARE | Run : [swg] - "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
HKU\S-1-5-18\SOFTWARE | Run : [CTFMON.EXE] - C:\WINDOWS\system32\CTFMON.EXE
################## | Processus Stoppés |
Stoppé! C:\PROGRA~1\AVG\AVG2013\avgrsx.exe (784)
Stoppé! C:\Program Files\AVG\AVG2013\avgcsrvx.exe (840)
Stoppé! C:\Program Files\AVG\AVG2013\avgidsagent.exe (1508)
Stoppé! C:\Program Files\AVG\AVG2013\avgwdsvc.exe (156)
Stoppé! C:\Program Files\AVG\AVG2013\avgnsx.exe (1104)
Stoppé! C:\Program Files\AVG\AVG2013\avgemcx.exe (1640)
Stoppé! C:\Program Files\AVG\AVG2013\avgui.exe (2200)
Stoppé! C:\WINDOWS\system32\spoolsv.exe (3804)
Stoppé! C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe (3808)
Stoppé! C:\WINDOWS\Explorer.exe (612)
Stoppé! C:\WINDOWS\system32\ctfmon.exe (3396)
Stoppé! C:\Program Files\Google\Chrome\Application\chrome.exe (3876)
Stoppé! C:\Program Files\Google\Chrome\Application\chrome.exe (3044)
Stoppé! C:\Program Files\Google\Chrome\Application\chrome.exe (3584)
Stoppé! C:\Program Files\Google\Chrome\Application\chrome.exe (3972)
################## | Éléments infectieux |
(!) Fichiers temporaires supprimés.
################## | Registre |
################## | Mountpoints2 |
################## | Listing |
[18/07/2013 - 15:21:21 | D ] C:\$AVG
[31/12/2012 - 13:40:12 | N | 7169] C:\AdwCleaner[S1].txt
[15/07/2013 - 13:13:31 | N | 1846] C:\AdwCleaner[S2].txt
[19/07/2013 - 00:16:02 | N | 4344] C:\AdwCleaner[S3].txt
[25/08/2009 - 13:28:21 | D ] C:\AgendaST
[03/01/2009 - 13:31:43 | N | 0] C:\AUTOEXEC.BAT
[23/07/2013 - 15:04:18 | RASHD ] C:\Autorun.inf
[22/07/2013 - 22:12:58 | N | 216] C:\boot.ini
[02/03/2006 - 14:00:00 | N | 4952] C:\Bootfont.bin
[19/07/2013 - 13:42:24 | D ] C:\Config.Msi
[03/01/2009 - 13:31:43 | N | 0] C:\CONFIG.SYS
[25/01/2010 - 17:49:59 | D ] C:\Documents and Settings
[03/01/2009 - 13:37:49 | D ] C:\Drivers
[27/02/2012 - 14:51:30 | D ] C:\Gestan
[26/12/2011 - 16:57:35 | D ] C:\HSF
[03/01/2009 - 13:31:43 | N | 0] C:\IO.SYS
[03/01/2009 - 13:31:43 | N | 0] C:\MSDOS.SYS
[11/08/2009 - 12:21:15 | RHD ] C:\MSOCache
[02/03/2006 - 14:00:00 | N | 47564] C:\NTDETECT.COM
[03/01/2009 - 14:45:02 | N | 252240] C:\ntldr
[23/07/2013 - 14:46:03 | ASH | 792723456] C:\pagefile.sys
[22/07/2013 - 10:45:18 | N | 512] C:\PhysicalMBR.bin
[22/07/2013 - 22:55:04 | D ] C:\Program Files
[25/01/2010 - 17:49:59 | SHD ] C:\RECYCLER
[25/08/2009 - 13:20:47 | N | 3] C:\Renkar.ini
[22/07/2013 - 17:09:58 | N | 679] C:\RstHosts.txt
[24/12/2012 - 18:09:49 | SHD ] C:\System Volume Information
[23/07/2013 - 15:04:20 | N | 33713] C:\Upload_UsbFix.zip
[23/07/2013 - 16:13:20 | D ] C:\UsbFix
[23/07/2013 - 15:04:20 | N | 6166] C:\UsbFix [Clean 1] DAVID-26A87B563.txt
[23/07/2013 - 16:13:48 | A | 4300] C:\UsbFix [Clean 2] DAVID-26A87B563.txt
[23/07/2013 - 16:07:56 | D ] C:\WINDOWS
[22/07/2013 - 22:54:27 | D ] C:\_OTL
[28/03/2003 - 06:45:12 | N | 0] H:\MEMSTICK.IND
[28/05/2003 - 16:58:58 | D ] H:\DCIM
[01/01/2005 - 20:07:36 | D ] H:\MSSONY
################## | Vaccin |
C:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
H:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
################## | E.O.F | https://www.sosvirus.net/ |
############################## | UsbFix V 7.129 | [Suppression]
Utilisateur: david (Administrateur) # DAVID-26A87B563
Mis à jour le 24/06/2013 par El Desaparecido
Lancé à 16:10:58 | 23/07/2013
Site Web: https://www.sosvirus.net/
Upload Malware: http://www.sosvirus.net/upload-malware-pour-analyse-t489.html
Contact: contact@sosvirus.net
PC: Sony Corporation (VGN-FS515H) (X86-based PC)
CPU: Intel(R) Pentium(R) M processor 1.73GHz (1729)
RAM -> [Total : 502 | Free : 80]
BIOS: Phoenix NoteBIOS 4.0 Release 6.0
BOOT: Normal boot
OS: Microsoft Windows XP Édition familiale (5.1.2600 32-Bit) # Service Pack 3
WB: Windows Internet Explorer 8.0.6001.18702
SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
FW: Windows FireWall Service [Enabled]
C:\ (%systemdrive%) -> Disque fixe # 73 Go (22 Go libre(s) - 31%) [] # NTFS
D:\ -> CD-ROM
H:\ -> Disque amovible # 62 Mo (42 Mo libre(s) - 67%) [] # FAT
################## | El Desaparecido Section |
HKLM\SOFTWARE | Run : [AVG_UI] - "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY
HKLM\SOFTWARE | RunOnce : [] -
HKU\S-1-5-19\SOFTWARE | Run : [CTFMON.EXE] - C:\WINDOWS\system32\CTFMON.EXE
HKU\S-1-5-20\SOFTWARE | Run : [CTFMON.EXE] - C:\WINDOWS\system32\CTFMON.EXE
HKU\S-1-5-21-1957994488-1275210071-725345543-1004\SOFTWARE | Run : [ctfmon.exe] - C:\WINDOWS\system32\ctfmon.exe
HKU\S-1-5-21-1957994488-1275210071-725345543-1004\SOFTWARE | Run : [swg] - "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
HKU\S-1-5-18\SOFTWARE | Run : [CTFMON.EXE] - C:\WINDOWS\system32\CTFMON.EXE
################## | Processus Stoppés |
Stoppé! C:\PROGRA~1\AVG\AVG2013\avgrsx.exe (784)
Stoppé! C:\Program Files\AVG\AVG2013\avgcsrvx.exe (840)
Stoppé! C:\Program Files\AVG\AVG2013\avgidsagent.exe (1508)
Stoppé! C:\Program Files\AVG\AVG2013\avgwdsvc.exe (156)
Stoppé! C:\Program Files\AVG\AVG2013\avgnsx.exe (1104)
Stoppé! C:\Program Files\AVG\AVG2013\avgemcx.exe (1640)
Stoppé! C:\Program Files\AVG\AVG2013\avgui.exe (2200)
Stoppé! C:\WINDOWS\system32\spoolsv.exe (3804)
Stoppé! C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe (3808)
Stoppé! C:\WINDOWS\Explorer.exe (612)
Stoppé! C:\WINDOWS\system32\ctfmon.exe (3396)
Stoppé! C:\Program Files\Google\Chrome\Application\chrome.exe (3876)
Stoppé! C:\Program Files\Google\Chrome\Application\chrome.exe (3044)
Stoppé! C:\Program Files\Google\Chrome\Application\chrome.exe (3584)
Stoppé! C:\Program Files\Google\Chrome\Application\chrome.exe (3972)
################## | Éléments infectieux |
(!) Fichiers temporaires supprimés.
################## | Registre |
################## | Mountpoints2 |
################## | Listing |
[18/07/2013 - 15:21:21 | D ] C:\$AVG
[31/12/2012 - 13:40:12 | N | 7169] C:\AdwCleaner[S1].txt
[15/07/2013 - 13:13:31 | N | 1846] C:\AdwCleaner[S2].txt
[19/07/2013 - 00:16:02 | N | 4344] C:\AdwCleaner[S3].txt
[25/08/2009 - 13:28:21 | D ] C:\AgendaST
[03/01/2009 - 13:31:43 | N | 0] C:\AUTOEXEC.BAT
[23/07/2013 - 15:04:18 | RASHD ] C:\Autorun.inf
[22/07/2013 - 22:12:58 | N | 216] C:\boot.ini
[02/03/2006 - 14:00:00 | N | 4952] C:\Bootfont.bin
[19/07/2013 - 13:42:24 | D ] C:\Config.Msi
[03/01/2009 - 13:31:43 | N | 0] C:\CONFIG.SYS
[25/01/2010 - 17:49:59 | D ] C:\Documents and Settings
[03/01/2009 - 13:37:49 | D ] C:\Drivers
[27/02/2012 - 14:51:30 | D ] C:\Gestan
[26/12/2011 - 16:57:35 | D ] C:\HSF
[03/01/2009 - 13:31:43 | N | 0] C:\IO.SYS
[03/01/2009 - 13:31:43 | N | 0] C:\MSDOS.SYS
[11/08/2009 - 12:21:15 | RHD ] C:\MSOCache
[02/03/2006 - 14:00:00 | N | 47564] C:\NTDETECT.COM
[03/01/2009 - 14:45:02 | N | 252240] C:\ntldr
[23/07/2013 - 14:46:03 | ASH | 792723456] C:\pagefile.sys
[22/07/2013 - 10:45:18 | N | 512] C:\PhysicalMBR.bin
[22/07/2013 - 22:55:04 | D ] C:\Program Files
[25/01/2010 - 17:49:59 | SHD ] C:\RECYCLER
[25/08/2009 - 13:20:47 | N | 3] C:\Renkar.ini
[22/07/2013 - 17:09:58 | N | 679] C:\RstHosts.txt
[24/12/2012 - 18:09:49 | SHD ] C:\System Volume Information
[23/07/2013 - 15:04:20 | N | 33713] C:\Upload_UsbFix.zip
[23/07/2013 - 16:13:20 | D ] C:\UsbFix
[23/07/2013 - 15:04:20 | N | 6166] C:\UsbFix [Clean 1] DAVID-26A87B563.txt
[23/07/2013 - 16:13:48 | A | 4300] C:\UsbFix [Clean 2] DAVID-26A87B563.txt
[23/07/2013 - 16:07:56 | D ] C:\WINDOWS
[22/07/2013 - 22:54:27 | D ] C:\_OTL
[28/03/2003 - 06:45:12 | N | 0] H:\MEMSTICK.IND
[28/05/2003 - 16:58:58 | D ] H:\DCIM
[01/01/2005 - 20:07:36 | D ] H:\MSSONY
################## | Vaccin |
C:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
H:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
################## | E.O.F | https://www.sosvirus.net/ |
Re
bon visiblement c'était un autre périphérique. Tant pis, passons.
On finalise :
Puis :
▶ Télécharge PureRa
▶ Une fois télécharger :
- sur XP, double clique ;
- sur Vista/7/8, clique droit, "Exécuter en tant qu'administrateur"
▶ Clique sur "Next"
▶ Clique sur "Check All"
▶ Décoche les deux cases "Windows Update Installation Files" et "WMI Logs"
▶ AIDE EN IMAGE
▶ Poste le rapport C:\PureRa.txt
@+
bon visiblement c'était un autre périphérique. Tant pis, passons.
On finalise :
Puis :
▶ Télécharge PureRa
▶ Une fois télécharger :
- sur XP, double clique ;
- sur Vista/7/8, clique droit, "Exécuter en tant qu'administrateur"
▶ Clique sur "Next"
▶ Clique sur "Check All"
▶ Décoche les deux cases "Windows Update Installation Files" et "WMI Logs"
▶ AIDE EN IMAGE
▶ Poste le rapport C:\PureRa.txt
@+
RAPPORT PureRa
RaProducts' PureRa v1.7
Log created at 16:52 on 23/07/2013 (david)
C:\Config.MSI emptied.
C:\Documents and Settings\david\Application Data\Microsoft\CryptNetURLCache\Content emptied.
C:\Documents and Settings\david\Application Data\Microsoft\CryptNetURLCache\MetaData emptied.
C:\WINDOWS\system32\FNTCACHE.DAT <- Successfully deleted.
Recycle bin emptied.
C:\WINDOWS\SoftwareDistribution\DataStore\Logs emptied.
C:\WINDOWS\SoftwareDistribution\Download emptied.
C:\WINDOWS\SoftwareDistribution\SelfUpdate\Default emptied.
C:\WINDOWS\SoftwareDistribution\WuRedir emptied.
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log <- Le processus ne peut pas accéder au fichier car ce fichier est utilisé par un autre processus.
C:\DOCUME~1\david\LOCALS~1\Temp emptied.
C:\WINDOWS\TEMP emptied.
C:\Documents and Settings\All Users\Documents\Mes images\Échantillons d'images\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Microsoft Office\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Bureau\Personnel\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Bureau\Personnel\David\AvantagesCE\JPEG\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Bureau\Personnel\David\Livre d'or\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Bureau\Personnel\Déborah\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Bureau\Personnel\Déborah\Documents Caceis debo\Accords\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Bureau\Personnel\Déborah\Documents Caceis debo\beCaseis\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Bureau\Personnel\Déborah\Documents Caceis debo\CaceisNews\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Bureau\Personnel\Déborah\Documents Caceis debo\Charte\CACEIS_Bank\download\electronic\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Bureau\Personnel\Déborah\Documents Caceis debo\Charte\CACEIS_CorporateTrust\download\electronic\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Bureau\Personnel\Déborah\Documents Caceis debo\Charte\CACEIS_Fastnet\download\electronic\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Bureau\Personnel\Déborah\Documents Caceis debo\Charte\CACEIS_SAS\download\electronic\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Bureau\Personnel\Déborah\Documents Caceis debo\Charte\elements\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Bureau\Personnel\Déborah\Documents Caceis debo\FichesProduits\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Bureau\Personnel\Déborah\Documents Caceis debo\ProcedureBadgeuse\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Bureau\Personnel\Déborah\Documents Caceis debo\RapportsActivite\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Bureau\Personnel\Photos\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Bureau\Personnel\Photos\Appart\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Bureau\Personnel\Photos\Bouffe\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Bureau\Personnel\Photos\Diverses\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Bureau\Personnel\Photos\Grossesse\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Bureau\Personnel\Photos\HINNA\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Bureau\Personnel\Photos\Ima & Aba\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Bureau\Personnel\Photos\iphone debo au 1er janvier 2013\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Bureau\Personnel\Photos\israel 2007\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Bureau\Personnel\Photos\Las Vegas\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Bureau\Personnel\Photos\Lea & Eytan\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Bureau\Personnel\Photos\mariage\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Bureau\Personnel\Photos\mariage\WEDDING\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Bureau\Personnel\Photos\Nanou & Nanou\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Bureau\Personnel\Photos\New York\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Bureau\Personnel\Photos\Noa\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Bureau\Personnel\Photos\Noa\Photos Noa\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Bureau\Personnel\Photos\Photos grands parents israel\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Bureau\Personnel\Photos\photos pour I\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Bureau\Personnel\Photos\Samuel & Ophera & Mikiche\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Bureau\Personnel\Photos\Samuel & Ophera & Mikiche\Fiancailles Sam et Ophéra\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Bureau\Personnel\Photos\Seph & Jeremy & Maayane & Ouriel\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Bureau\Personnel\Photos\Touareg\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Local Settings\Application Data\IconCache.db <- Successfully deleted.
C:\Documents and Settings\david\Local Settings\Application Data\Microsoft\Windows Live Mail\sqmnoopt00.sqm <- Successfully deleted.
C:\Documents and Settings\david\Mes documents\Mes images\Thumbs.db <- Successfully deleted.
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Tracker\Thumbs.db <- Successfully deleted.
C:\Program Files\iTunes\iTunes.Resources\Thumbs.db <- Successfully deleted.
Total space cleaned: 358.36 MB
-=E.O.F=-
RaProducts' PureRa v1.7
Log created at 16:52 on 23/07/2013 (david)
C:\Config.MSI emptied.
C:\Documents and Settings\david\Application Data\Microsoft\CryptNetURLCache\Content emptied.
C:\Documents and Settings\david\Application Data\Microsoft\CryptNetURLCache\MetaData emptied.
C:\WINDOWS\system32\FNTCACHE.DAT <- Successfully deleted.
Recycle bin emptied.
C:\WINDOWS\SoftwareDistribution\DataStore\Logs emptied.
C:\WINDOWS\SoftwareDistribution\Download emptied.
C:\WINDOWS\SoftwareDistribution\SelfUpdate\Default emptied.
C:\WINDOWS\SoftwareDistribution\WuRedir emptied.
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log <- Le processus ne peut pas accéder au fichier car ce fichier est utilisé par un autre processus.
C:\DOCUME~1\david\LOCALS~1\Temp emptied.
C:\WINDOWS\TEMP emptied.
C:\Documents and Settings\All Users\Documents\Mes images\Échantillons d'images\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Microsoft Office\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Bureau\Personnel\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Bureau\Personnel\David\AvantagesCE\JPEG\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Bureau\Personnel\David\Livre d'or\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Bureau\Personnel\Déborah\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Bureau\Personnel\Déborah\Documents Caceis debo\Accords\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Bureau\Personnel\Déborah\Documents Caceis debo\beCaseis\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Bureau\Personnel\Déborah\Documents Caceis debo\CaceisNews\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Bureau\Personnel\Déborah\Documents Caceis debo\Charte\CACEIS_Bank\download\electronic\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Bureau\Personnel\Déborah\Documents Caceis debo\Charte\CACEIS_CorporateTrust\download\electronic\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Bureau\Personnel\Déborah\Documents Caceis debo\Charte\CACEIS_Fastnet\download\electronic\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Bureau\Personnel\Déborah\Documents Caceis debo\Charte\CACEIS_SAS\download\electronic\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Bureau\Personnel\Déborah\Documents Caceis debo\Charte\elements\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Bureau\Personnel\Déborah\Documents Caceis debo\FichesProduits\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Bureau\Personnel\Déborah\Documents Caceis debo\ProcedureBadgeuse\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Bureau\Personnel\Déborah\Documents Caceis debo\RapportsActivite\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Bureau\Personnel\Photos\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Bureau\Personnel\Photos\Appart\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Bureau\Personnel\Photos\Bouffe\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Bureau\Personnel\Photos\Diverses\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Bureau\Personnel\Photos\Grossesse\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Bureau\Personnel\Photos\HINNA\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Bureau\Personnel\Photos\Ima & Aba\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Bureau\Personnel\Photos\iphone debo au 1er janvier 2013\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Bureau\Personnel\Photos\israel 2007\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Bureau\Personnel\Photos\Las Vegas\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Bureau\Personnel\Photos\Lea & Eytan\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Bureau\Personnel\Photos\mariage\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Bureau\Personnel\Photos\mariage\WEDDING\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Bureau\Personnel\Photos\Nanou & Nanou\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Bureau\Personnel\Photos\New York\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Bureau\Personnel\Photos\Noa\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Bureau\Personnel\Photos\Noa\Photos Noa\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Bureau\Personnel\Photos\Photos grands parents israel\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Bureau\Personnel\Photos\photos pour I\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Bureau\Personnel\Photos\Samuel & Ophera & Mikiche\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Bureau\Personnel\Photos\Samuel & Ophera & Mikiche\Fiancailles Sam et Ophéra\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Bureau\Personnel\Photos\Seph & Jeremy & Maayane & Ouriel\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Bureau\Personnel\Photos\Touareg\Thumbs.db <- Successfully deleted.
C:\Documents and Settings\david\Local Settings\Application Data\IconCache.db <- Successfully deleted.
C:\Documents and Settings\david\Local Settings\Application Data\Microsoft\Windows Live Mail\sqmnoopt00.sqm <- Successfully deleted.
C:\Documents and Settings\david\Mes documents\Mes images\Thumbs.db <- Successfully deleted.
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Tracker\Thumbs.db <- Successfully deleted.
C:\Program Files\iTunes\iTunes.Resources\Thumbs.db <- Successfully deleted.
Total space cleaned: 358.36 MB
-=E.O.F=-